From ericm at lne.com Wed Jun 9 10:10:10 2004 From: ericm at lne.com (Eric Murray) Date: Wed, 9 Jun 2004 10:10:10 -0700 Subject: recent brute-force work factor calculations Message-ID: <20040609101010.A31969@slack.lne.com> Does anyone know of a recent brute-force work factor calculation for the various common symmetric ciphers? I.e. it'll take X 3.2gh Xeons Y years to brute cipher Z. I know there's a table of these in Schneier and there's the "Seven Cryptographers" paper but they're both pretty old at this point. I'm just looking for an approximation. Thanks. Eric From brian-slashdotnews at hyperreal.org Thu Jun 10 09:26:05 2004 From: brian-slashdotnews at hyperreal.org (brian-slashdotnews at hyperreal.org) Date: 10 Jun 2004 16:26:05 -0000 Subject: RFID License Plates in the UK Message-ID: Link: http://slashdot.org/article.pl?sid=04/06/10/1434227 Posted by: michael, on 2004-06-10 16:05:00 Topic: privacy, 24 comments from the ubiquitous-surveillance dept. An anonymous reader writes "The UK Government is studying [1]license plates with embedded RFID tags. The plates can be read from 300 feet away and in rapid succession by readers embedded in the road or by 'surveillance vehicles.'" IFRAME: [2]pos6 References 1. http://www.rfidnews.org/news/2004/06/10/rfidenabled-license-plates-to-identif y-uk-vehicles/ 2. http://ads.osdn.com/?ad_id=2936&alloc_id=8587&site_id=1&request_id=648523 ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From emc at artifact.psychedelic.net Fri Jun 11 10:31:07 2004 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Fri, 11 Jun 2004 10:31:07 -0700 (PDT) Subject: Reverse Scamming 419ers Message-ID: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> I visited that 419eaters site, and I must say I have really mixed feelings about what the people are doing there. It's certainly unethical for Nigerians to try and make a living by bilking foreigners with elaborate schemes that promise vast riches in return for an advance fee. But Nigeria is a very poor country, with high unemployment, where people are forced by economic circumstances to do almost anything to try and feed their families. I see no reason to be proud of reverse-scamming a Nigerian out of $80 when it might be his entire family's food money for the month. Only idiots fall for Nigerian Spam. (well, aside from that lady who worked at a bank, and sent some Nigerian $1.3 million of the bank's money) It seems to me the relationship between affluent Americans and poor Nigerians is an example of a dominant class/subordinate class structure, and in such a structure, the subordinate class has rights, and the dominant class has responsibilities. It is beneath the station of those those with the power to define, describe, and profile the world to pick the pocket of some poor black man in Africa, while encouraging him to pose for funny pictures that will be laughed at on some comfortably well off white person's web site. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From emc at artifact.psychedelic.net Fri Jun 11 11:34:53 2004 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Fri, 11 Jun 2004 11:34:53 -0700 (PDT) Subject: Reverse Scamming 419ers In-Reply-To: <40C9F710.2000109@gmx.co.uk> Message-ID: <200406111834.i5BIYrv7025291@artifact.psychedelic.net> David Howe writes: > Presumably these are the Nigerians who have only $80 for food that > month, yet somehow can still afford to bulkspam thousands of inboxes > each day, process bank transactions and take part in international phone > calls. Email is free. That is why we have a spam problem. If email required 37 cent stamps, it would be no more annoying than junk snailmail. I would suspect that after initial contact is made, and a "fee" is transferred, part of that money can be used to fund the appearance of the scam, and still make a profit. > hell, if that sort of internet access and telephony is so cheap it > doesn't make a noticable dent in a $80/month income, I definitely should > move there myself! I think this sort of scamming is a very highly leveraged activity, with an occasional large payoff, like playing a slot machine with the overall odds slightly in your favor. It probably doesn't take too much before these guys are out in the street with nothing. Given the number of people worldwide currently in that situation, I probably won't behave in ways that increase it, even if the person in question is trying to pick my pocket. Visionary Philosophers should have higher moral standards than the scum of the earth. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From emc at artifact.psychedelic.net Fri Jun 11 11:41:06 2004 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Fri, 11 Jun 2004 11:41:06 -0700 (PDT) Subject: Reverse Scamming 419ers In-Reply-To: <40C9F9DA.8020801@rant-central.com> Message-ID: <200406111841.i5BIf6og025574@artifact.psychedelic.net> Roy M. Silvernail wrote: > Think of it as evolution in action. I think we've identified another applicant on the short list for Tim May's old job. :) -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From anmetet at freedom.gmsociety.org Fri Jun 11 11:23:18 2004 From: anmetet at freedom.gmsociety.org (An Metet) Date: Fri, 11 Jun 2004 14:23:18 -0400 Subject: Simplified base64 conversion Message-ID: <65da6fbba574890b2ed3be43a6ec271b@anonymous> I know there are readers here who are good at optimizing code. Here are my attempts to make simple and short versions of base64 encode/decode in C. I'd like to hear suggestions on how to simplify them even more. Base64 encoding is a way of turning arbitrary binary data into printable characters. The idea is to take three consecutive 8-bit bytes, treat this as 24 bits, then cut it into four 6-bit pieces. Each 6-bit value gets converted to a printable character from the strings A-Z, a-z, 0-9, +, /, in that order. That's 26 + 26 + 10 + 2 characters or 64. Every 3 input bytes produces 4 output characters. If the number of input bytes is not a multiple of 3, for the last partial triplet we produce 2 or 3 characters of output using the 6-bit splitting, then pad with 1 or 2 equals signs (=) to make the output a multiple of 4 characters long. Typical base64 implementations look more like http://cool.haxx.se/cvs.cgi/*checkout*/curl/lib/base64.c?rev=1.30 which are more readable, maybe, or at least more obviously correct. These pull out the basic 4-to-3 and 3-to-4 conversion functions, then have a driver that calls these and takes care of end-message padding and such. My approach was to use a read-and-write style. For encoding, read 8 bits, write 6, read 8, write 6, read 8, write 6, write 6. For decoding, read 6, read 6, write 8, read 6, write 8, read 6, write 8. I used a state variable that counted to 3 for encoding (to 4 for decoding) and a switch statement to show how to shift the bits around as needed for the output. Then on further study I noted that there were patterns in the shifts that were very simply related to the state variable, so it was possible to collapse all the cases as far as the shifts, with an if statement for the extra output or input. Given the state variable, doing the end padding was pretty simple, but it would be nice if there were some way to fold that into the main loop. For decoding, I borrowed an idea from http://base64.sourceforge.net/b64.c for doing the ascii to binary conversion of the input characters, and improved it somewhat. The decode function ignores non-base64 characters so you can feed it input with line breaks and such in it. (The encode function doesn't put in line breaks, but this could be added.) One bizarre aspect of the decoder is that = signs are treated as non-b64 data and ignored, yet it still works right for the last 1 or 2 characters, somewhat fortuitously. For example, a 1-character input containing the ascii letter x (0x78) gets encoded as eA==, but you could feed just the string eA into the base64 decoder and get x out. Anyway, here are the two functions. They are released for free use without restriction, although they are so short that they are hardly worth copyright. In exchange I am soliciting suggestions on how to make them even simpler and more elegant. /* Base64 encoding and decoding, concise */ static const char cb64[]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01 23456789+/"; int /* outlen */ enc64 (char *out, unsigned char *in, int inlen) { unsigned char c; unsigned char pc = 0; int st = 0; /* counts 0, 2, 4 */ char *iout = out; while (inlen--) { c = *in++; *out++ = cb64[pc | (c >> (2+st))]; pc = (c << (4-st)) & 0x3f; if ((st+=2) == 6) { *out++ = cb64[pc]; pc = st = 0; } } if (st > 0) { *out++ = cb64[pc]; *out++ = '='; if (st == 2) *out++ = '='; } return out - iout; } static const char cd64[]="|$$$}rstuvwxyz{$$$$$$$>?@ABCDEFGHIJKLMNOPQRSTUVW$$$$$$ XYZ[\\]^_`abcdefghijklmnopq"; int /* outlen */ dec64 (unsigned char *out, char *in, int inlen) { unsigned char c; unsigned char pc = 0; int st = 0; /* Counts 0, 2, 4, 6 */ unsigned char *iout = out; while (inlen--) { c = (unsigned char)*in++; c = (c < '+' || c > 'z') ? '$' : cd64[c - '+']; if( c == '$') continue; c = c - 62; if (st > 0) *out++ = pc | (c >> (6-st)); pc = c << (2+st); if ((st+=2) == 8) pc = st = 0; } /* assert (pc == 0); */ return out - iout; } === 568d4c4230ff851da8cea676a5c69e3e From roy at rant-central.com Fri Jun 11 11:28:42 2004 From: roy at rant-central.com (Roy M. Silvernail) Date: Fri, 11 Jun 2004 14:28:42 -0400 Subject: Reverse Scamming 419ers In-Reply-To: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> References: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> Message-ID: <40C9F9DA.8020801@rant-central.com> Eric Cordian wrote: > It's certainly unethical for Nigerians to try and make a living by bilking > foreigners with elaborate schemes that promise vast riches in return for an > advance fee. Granted. > But Nigeria is a very poor country, with high unemployment, where people are > forced by economic circumstances to do almost anything to try and feed their > families. I see no reason to be proud of reverse-scamming a Nigerian out of > $80 when it might be his entire family's food money for the month. The 419 scam has been going on for the best part of half a century. The advent of the net and email has only allowed it to spread farther and wider, while law enforcement has been unable to stem it significantly. If reverse-scamming some Nigerian fraudster out of the month's food budget incents him to seek out legal means of income, that's one less 419er. If a few of his friends drop their fraud careers after seeing one of them get taken, that's more ex-419ers. > It seems to me the relationship between affluent Americans and poor > Nigerians is an example of a dominant class/subordinate class structure, and > in such a structure, the subordinate class has rights, and the dominant > class has responsibilities. Including the responsibility to tacitly underwrite a massive, national-scale fraud campaign? Somehow, I don't think so. > It is beneath the station of those those with the power to define, describe, > and profile the world to pick the pocket of some poor black man in Africa, > while encouraging him to pose for funny pictures that will be laughed at on > some comfortably well off white person's web site. But it's the proper station of that poor black African to attempt picking the pocket of any number of comfortably well-off white people? 419ers are criminals. They steal money by dint of deception. They break the social contract. I can't get too worked up about turning the tables on them. Think of it as evolution in action. -- Roy M. Silvernail is roy at rant-central.com, and you're not Never Forget: It's Only 1's and 0's! SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com From nightwatch01 at comcast.net Fri Jun 11 15:30:52 2004 From: nightwatch01 at comcast.net (Tim) Date: Fri, 11 Jun 2004 15:30:52 -0700 Subject: Reverse Scamming 419ers In-Reply-To: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> References: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> Message-ID: <40CA329C.5070303@comcast.net> What a bleeding-heart moron you are, Eric! Eric Cordian wrote: >I visited that 419eaters site, and I must say I have really mixed feelings >about what the people are doing there. > >It's certainly unethical for Nigerians to try and make a living by bilking >foreigners with elaborate schemes that promise vast riches in return for an >advance fee. > >But Nigeria is a very poor country, with high unemployment, where people are >forced by economic circumstances to do almost anything to try and feed their >families. I see no reason to be proud of reverse-scamming a Nigerian out of >$80 when it might be his entire family's food money for the month. > >Only idiots fall for Nigerian Spam. (well, aside from that lady who worked >at a bank, and sent some Nigerian $1.3 million of the bank's money) > >It seems to me the relationship between affluent Americans and poor >Nigerians is an example of a dominant class/subordinate class structure, and >in such a structure, the subordinate class has rights, and the dominant >class has responsibilities. > So the savages have a right to try to scam us, and we fat, rich Americans (at least us white ones, maybe the black ones never receive the 419 scams) should either give them some $$, or at least not try to stop the scams... > >It is beneath the station of those those with the power to define, describe, >and profile the world to pick the pocket of some poor black man in Africa, >while encouraging him to pose for funny pictures that will be laughed at on >some comfortably well off white person's web site. > > It's tough to have a fair debate with you, when you resort to using some extrasensory psychic powers which I am lacking. From bjisoldi at acsu.buffalo.edu Fri Jun 11 13:43:03 2004 From: bjisoldi at acsu.buffalo.edu (Brooks Isoldi) Date: Fri, 11 Jun 2004 16:43:03 -0400 Subject: [osint] Department of Homeland Security tightens grip on Message-ID: unclassified information Reply-To: osint at yahoogroups.com Department of Homeland Security tightens grip on unclassified information The Department of Homeland Security (DHS) is imposing extraordinary new access controls on unclassified information that it deems "for official use only" (FOUO). The new information policy, which was spelled out in an internal DHS directive last month, imposes several classification-like access restrictions on information that is "sensitive but unclassified." So, for example, such unclassified information may only be shared with individuals who are determined to have a "need to know" it. Furthermore, DHS employees and contractors must sign a special Non-Disclosure Agreement before receiving access to unclassified FOUO information. As far as could be determined, no other executive branch agency systematically requires a non-disclosure agreement for access to unclassified FOUO information. Secure storage of FOUO information is required, and secure communication by encrypted telephone and fax is encouraged. In some respects, the new restrictions on unclassified FOUO information are not as onerous than those concerning classified information. For example, a security clearance is not required for access. But in other respects, the new FOUO information policy is actually more far-reaching than national security classification policy. Thus, classified information can only be generated by officials who have been authorized by the President, either directly or indirectly by delegation. But any DHS employee or contractor can designate information as FOUO if it falls within eleven broad categories. Moreover, managers and supervisors can also designate additional information as FOUO even if it falls outside of those categories. Further, the classification system provides for an oversight mechanism through the Information Security Oversight Office. No provision for oversight of the new FOUO policy is included. Finally, the classification system, with all of its limitations, has a declassification program built into it; by executive order, classified documents are to be automatically declassified with the passage of time. But at the Department of Homeland Security, the FOUO restriction will never lapse unless and until the originating authority so decides. "Information designated as FOUO will retain its designation until determined otherwise by the originator or a supervisory or management official having program management responsibility over the originator and/or the information." (Sec. 6E). A copy of the new DHS directive (MD 11042) on "Safeguarding Sensitive But Unclassified (For Official Use Only) Information," dated May 11, 2004, was obtained... through the Freedom of Information Act. See: http://www.fas.org/sgp/othergov/dhs-sbu.html (This directive is apparently distinct from the pending DHS procedures for protection of "sensitive homeland security information" [SHSI], which are "at least a month away" from being circulated for external comment, one official said lately.) [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor --------------------~--> Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-osint at yahoogroups.com. -------------------------- Brooks Isoldi, editor bisoldi at intellnet.org http://www.intellnet.org Post message: osint at yahoogroups.com Subscribe: osint-subscribe at yahoogroups.com Unsubscribe: osint-unsubscribe at yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: osint-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From roy at rant-central.com Fri Jun 11 14:24:27 2004 From: roy at rant-central.com (Roy M. Silvernail) Date: Fri, 11 Jun 2004 17:24:27 -0400 Subject: Reverse Scamming 419ers In-Reply-To: <200406111841.i5BIf6og025574@artifact.psychedelic.net> References: <200406111841.i5BIf6og025574@artifact.psychedelic.net> Message-ID: <1086989067.22659.1.camel@localhost> On Fri, 2004-06-11 at 14:41, Eric Cordian wrote: > Roy M. Silvernail wrote: > > > Think of it as evolution in action. > > I think we've identified another applicant on the short list for Tim May's > old job. :) But I didn't come right out and *say* they need killing. :) -- Roy M. Silvernail is roy at rant-central.com, and you're not Never Forget: It's Only 1's and 0's! SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com From nightwatch01 at comcast.net Fri Jun 11 18:13:16 2004 From: nightwatch01 at comcast.net (Tim) Date: Fri, 11 Jun 2004 18:13:16 -0700 Subject: Reverse Scamming 419ers In-Reply-To: References: Message-ID: <40CA58AC.4030500@comcast.net> Tyler Durden wrote: > Well, burn down my unabomber shack! Have we smoked out Tim May? As > much as his one-sided thinking pisses me off sometimes I miss the > sheer "fuck you" of it. > -TD Nope, sorry champ! But look at the bright side -- you've got a good excuse to keep smoking. From DaveHowe at gmx.co.uk Fri Jun 11 11:16:48 2004 From: DaveHowe at gmx.co.uk (Dave Howe) Date: Fri, 11 Jun 2004 19:16:48 +0100 Subject: Reverse Scamming 419ers In-Reply-To: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> References: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> Message-ID: <40C9F710.2000109@gmx.co.uk> Eric Cordian wrote: > But Nigeria is a very poor country, with high unemployment, where > people are forced by economic circumstances to do almost anything to > try and feed their families. I see no reason to be proud of > reverse-scamming a Nigerian out of $80 when it might be his entire > family's food money for the month. Presumably these are the Nigerians who have only $80 for food that month, yet somehow can still afford to bulkspam thousands of inboxes each day, process bank transactions and take part in international phone calls. hell, if that sort of internet access and telephony is so cheap it doesn't make a noticable dent in a $80/month income, I definitely should move there myself! From camera_lumina at hotmail.com Fri Jun 11 17:17:05 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 11 Jun 2004 20:17:05 -0400 Subject: Reverse Scamming 419ers Message-ID: "It is beneath the station of those those with the power to define, describe, and profile the world to pick the pocket of some poor black man in Africa, while encouraging him to pose for funny pictures that will be laughed at on some comfortably well off white person's web site." I gotta admit that made me a little uncomfortable. Made me think twice about pulling a few thou out if it were possible. But then again, it's arguable that if this dude spent more time trying to DO something productive he might make more than the beating he's taking perpetuating his pathetic scam. Actually, among all the African groups I've encountered in the US so far, Nigerians seem to have a lot more drive than other groups, and they seem to excel at technical subjects. So maybe this dude needs a beating or two to set him straight. -TD >From: Eric Cordian >To: cypherpunks at minder.net >Subject: Reverse Scamming 419ers >Date: Fri, 11 Jun 2004 10:31:07 -0700 (PDT) > >I visited that 419eaters site, and I must say I have really mixed feelings >about what the people are doing there. > >It's certainly unethical for Nigerians to try and make a living by bilking >foreigners with elaborate schemes that promise vast riches in return for an >advance fee. > >But Nigeria is a very poor country, with high unemployment, where people >are >forced by economic circumstances to do almost anything to try and feed >their >families. I see no reason to be proud of reverse-scamming a Nigerian out >of >$80 when it might be his entire family's food money for the month. > >Only idiots fall for Nigerian Spam. (well, aside from that lady who worked >at a bank, and sent some Nigerian $1.3 million of the bank's money) > >It seems to me the relationship between affluent Americans and poor >Nigerians is an example of a dominant class/subordinate class structure, >and >in such a structure, the subordinate class has rights, and the dominant >class has responsibilities. > >It is beneath the station of those those with the power to define, >describe, >and profile the world to pick the pocket of some poor black man in Africa, >while encouraging him to pose for funny pictures that will be laughed at on >some comfortably well off white person's web site. > >-- >Eric Michael Cordian 0+ >O:.T:.O:. Mathematical Munitions Division >"Do What Thou Wilt Shall Be The Whole Of The Law" > _________________________________________________________________ MSN 9 Dial-up Internet Access fights spam and pop-ups now 3 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/ From camera_lumina at hotmail.com Fri Jun 11 17:22:33 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 11 Jun 2004 20:22:33 -0400 Subject: Reverse Scamming 419ers Message-ID: Well, burn down my unabomber shack! Have we smoked out Tim May? As much as his one-sided thinking pisses me off sometimes I miss the sheer "fuck you" of it. -TD >From: Tim >To: Eric Cordian >CC: cypherpunks at minder.net >Subject: Re: Reverse Scamming 419ers >Date: Fri, 11 Jun 2004 15:30:52 -0700 > >What a bleeding-heart moron you are, Eric! > >Eric Cordian wrote: > >>I visited that 419eaters site, and I must say I have really mixed feelings >>about what the people are doing there. >> >>It's certainly unethical for Nigerians to try and make a living by bilking >>foreigners with elaborate schemes that promise vast riches in return for >>an >>advance fee. >> >>But Nigeria is a very poor country, with high unemployment, where people >>are forced by economic circumstances to do almost anything to try and feed >>their families. I see no reason to be proud of reverse-scamming a >>Nigerian out of $80 when it might be his entire family's food money for >>the month. >> >>Only idiots fall for Nigerian Spam. (well, aside from that lady who worked >>at a bank, and sent some Nigerian $1.3 million of the bank's money) >> >>It seems to me the relationship between affluent Americans and poor >>Nigerians is an example of a dominant class/subordinate class structure, >>and in such a structure, the subordinate class has rights, and the >>dominant class has responsibilities. >> > > So the savages have a right to try to scam us, and we fat, rich Americans >(at least us white ones, maybe the black ones never receive the >419 scams) should either give them some $$, or at least not try to stop the >scams... > >> >>It is beneath the station of those those with the power to define, >>describe, and profile the world to pick the pocket of some poor black man >>in Africa, while encouraging him to pose for funny pictures that will be >>laughed at on some comfortably well off white person's web site. >> >> > It's tough to have a fair debate with you, when you resort to using some >extrasensory psychic powers which I am lacking. > > > _________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ From bill.stewart at pobox.com Fri Jun 11 20:27:10 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Fri, 11 Jun 2004 20:27:10 -0700 Subject: Reverse Scamming 419ers In-Reply-To: <200406111834.i5BIYrv7025291@artifact.psychedelic.net> References: <40C9F710.2000109@gmx.co.uk> <200406111834.i5BIYrv7025291@artifact.psychedelic.net> Message-ID: <200406120327.i5C3RS6P045626@outlier.minder.net> Troll bait - yum! But this discussion is already partly my fault, so I guess I'll bite. It's true that most of these scammers have chosen a life of non-violent theft that's more moral than some of the things they could have done for money, like being bandits, or joining the armies of the corrupt dictators they're pretending to be the kids of. That's still no excuse, and they're in no position to complain if they get ripped off. Furthermore, some suckers occasionally lose enough money to them that they come to Nigeria looking for it, or come to Nigeria to get their big payoffs, and some of the scammers demonstrate that their non-violence is not based on principle but on opportunity, so the suckers either get kidnapped for ransom, killed, or both. But let's look a bit farther into the victims of these scams. - Ordinary people get their time wasted by the volume of this stuff. -- If scammers don't mind wasting our time, they're in no position to complain if some "sucker" wastes their time by asking for a photograph of them dancing around with a chicken or whatever, and while they're doing that, they're not wasting my time. - ISPs get their money wasted carrying this stuff. -- Scammers are in no position to complain if they occasionally get sued, or if their cybercafes get sued or cut off from the net and go out of business. - Greedy suckers who don't mind accepting a cut of the money from the classic "corrupt murderous dictator" or "corrupt construction company"'s take. There are some people who'd contend that taking these people's money is a _good_ thing, just like taking the scammers' money is, but certainly they deserve whatever happens to them. Their wives and kids may or may not deserve it, but the beauty of the classic 419 scam is that they're unable to go to the police because they're as guilty as the scammers. It's too bad that the only way for these suckers to lose big money is for the scammers to get it, because otherwise it's kind of fun. - Gullible suckers who actually believe the less immoral versions of the scam: "You've won the lottery", "My church needs money", "I'm dying and have no heirs and want to give my money away". Ripping off these people is wrong, and in many cases it's elderly people's life savings that they've got no way to replace, and the lying scum who are trying to rip them off deserve anything that happens to them, especially if it takes them out of action before they succeed and gets them revealed to their friends, families, and business acquaintances as incompetent thieves. It's more likely to succeed than complaining to the Nigerian police, but if the police actually _did_ anything more severe than demanding a cut of the profits, it would be much worse for the scammers and their families than simply losing money and getting laughed out of the cybercafe and Western Union office. One good reason for operating a 419 scam out of a Netherlands cybercafe is that nobody's trying to impose Islamic law and cut your hand off... Evolution in action is certainly a good start here. - There's also a middle ground of suckers, e.g. the ones who aren't accepting money from anything obviously criminal, but who should know bloody well that they probably don't have an uncle Fred prospecting for oil in Nigeria for whom they're the next of kin, and that accepting the money rather than finding the "real" relatives who deserve it is dishonest, though it's ostensibly going to go to somebody who has just as little actual claim on the money, like the local government, so what the heck. The scammers who try this one certainly deserve to get on other spammers' lists, lose a few bucks, and be encouraged to have embarrassing photos of themselves posted on the net. From rah at shipwright.com Fri Jun 11 17:56:15 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 11 Jun 2004 20:56:15 -0400 Subject: Certicom reports first profitable fiscal year Message-ID: Toronto Star Jun. 11, 2004. 01:00 AM Certicom reports first profitable fiscal year Certicom Corp., a specialist in security software, is reporting the first profitable year in its 19-year history, with net income of $17.2 million (U.S.) due largely to a major contract with the U.S. National Security Agency. The profit was good news for Certicom employees, who shared $1.4 million in bonuses for helping to get the Mississauga-based company into the black in the fiscal year ended April 30. But the bonus payouts increased the company's operating expenses and contributed to a $1.7 million loss in Certicom's fiscal fourth quarter, which included a $500,000 bonus expense. The firm reports in U.S. dollars. Certicom chief executive Ian McKinnon, who was hired in March, 2002, to turn around the company, said yesterday the U.S. contract enabled the company to achieve its first profitable year. That deal alone contributed $24.9 million of the $34.5 million in revenue Certicom reported in fiscal 2004. In fiscal 2003, revenue totalled $10.4 million. McKinnon said there is increased market acceptance of elliptic curve cryptography (ECC), the technology at the root of Certicom's products. Following the end of the fourth quarter, Certicom signed major ECC-based licensing agreements with BlackBerry maker Research In Motion Ltd. of Waterloo, and Pennsylvania-based Unisys Corp., a global information technology services company. The structure of the RIM deal is a model for what Certicom hopes to do in other contracts as it seeks to generate an ongoing stream of recurring revenue rather than "lumpy" revenue from one-time sales, McKinnon told analysts. With the RIM contract, Certicom is selling a pre-paid block of licences. "We like this model. I would say it's representative of the financial model for this company going forward," McKinnon said during a conference call. While Certicom's technological strength has long been acknowledged, the company has struggled to turn that acumen into sales and profits since it was founded in 1985. It issued an initial public stock offering in June, 1997. Certicom rose 27 cents (Canadian) to $3.45 yesterday on the Toronto Stock Exchange, up 8.5 per cent. But the stock is well below its 52-week high of $4.99, set in January, and the all-time split-adjusted high of $120.47 set in March, 2000. In the fiscal fourth quarter, Certicom's board approved a new strategy for licensing the company's intellectual property. McKinnon wouldn't provide guidance on future revenue. Earnings for the financial year ended April 30 amounted to 50 cents (U.S.) a share and compared with a loss of $4.9 million, or 15 cents per share, a year earlier. In the fourth quarter, Certicom lost $1.7 million, or 4 cents a share, compared with a loss of $2 million, or 6 cents a share, a year earlier. Revenue rose to $2.6 million from $2.4 million. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Fri Jun 11 19:00:53 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 11 Jun 2004 22:00:53 -0400 Subject: Reverse Scamming 419ers In-Reply-To: <1086989067.22659.1.camel@localhost> References: <200406111841.i5BIf6og025574@artifact.psychedelic.net> <1086989067.22659.1.camel@localhost> Message-ID: At 5:24 PM -0400 6/11/04, Roy M. Silvernail wrote: >But I didn't come right out and *say* they need killing. :) See below... Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful!" --Alan Olsen From justin-cypherpunks at soze.net Fri Jun 11 18:03:49 2004 From: justin-cypherpunks at soze.net (Justin) Date: Sat, 12 Jun 2004 01:03:49 +0000 Subject: Reverse Scamming 419ers In-Reply-To: References: Message-ID: <20040612010349.GA23192@arion.soze.net> On 2004-06-11T20:22:33-0400, Tyler Durden wrote: > > Well, burn down my unabomber shack! Have we smoked out Tim May? As much as > his one-sided thinking pisses me off sometimes I miss the sheer "fuck you" > of it. > > >From: Tim If so, it's quite a clever disguise. User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) -- "Not your decision to make." "Yes. But it's the right decision, and I made it for my daughter." - Bill, Beatrix; Kill Bill Vol. 2 From rah at shipwright.com Sat Jun 12 06:30:21 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 12 Jun 2004 09:30:21 -0400 Subject: [osint] Department of Homeland Security tightens grip on unclassified information Message-ID: --- begin forwarded text From blueeskimo at phreaker.net Sat Jun 12 07:13:02 2004 From: blueeskimo at phreaker.net (Adam) Date: Sat, 12 Jun 2004 10:13:02 -0400 Subject: (SOT) [Full-Disclosure] Possible First Crypto Virus Definitely Discovered! (fwd) In-Reply-To: <20040608122441.W99708@oso.hfpupt1.zsa.bet> References: <20040608122441.W99708@oso.hfpupt1.zsa.bet> Message-ID: <20040612101302.64d85588.blueeskimo@phreaker.net> On Tue, 8 Jun 2004 12:25:36 -0500 (CDT) "J.A. Terranson" wrote: > Submitted primarily for it's entertainment value, but with a crypto > nexus. > > Yours > J.A. Terranson Is this Bilano guy serious? Or is it pulling some inane prank? Notice that he claims to be an 'MSCE' .. Moron I really have to wonder about people like this -- Adam "satyam, shivam, sundaram" From roy at rant-central.com Sat Jun 12 09:07:06 2004 From: roy at rant-central.com (Roy M. Silvernail) Date: Sat, 12 Jun 2004 12:07:06 -0400 Subject: (SOT) [Full-Disclosure] Possible First Crypto Virus Definitely Discovered! (fwd) In-Reply-To: <20040612101302.64d85588.blueeskimo@phreaker.net> References: <20040608122441.W99708@oso.hfpupt1.zsa.bet> <20040612101302.64d85588.blueeskimo@phreaker.net> Message-ID: <1087056426.13142.2.camel@localhost> On Sat, 2004-06-12 at 10:13, Adam wrote: > On Tue, 8 Jun 2004 12:25:36 -0500 (CDT) > "J.A. Terranson" wrote: > > > Submitted primarily for it's entertainment value, but with a crypto > > nexus. > > > > Yours > > J.A. Terranson > > Is this Bilano guy serious? Or is it pulling some inane prank? I vote prank. Looks like BIFF!!1! got hisself a EmCeeEssEE. -- Roy M. Silvernail is roy at rant-central.com, and you're not Never Forget: It's Only 1's and 0's! SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com From DaveHowe at gmx.co.uk Sat Jun 12 08:14:43 2004 From: DaveHowe at gmx.co.uk (Dave Howe) Date: Sat, 12 Jun 2004 16:14:43 +0100 Subject: Reverse Scamming 419ers In-Reply-To: <200406111834.i5BIYrv7025291@artifact.psychedelic.net> References: <200406111834.i5BIYrv7025291@artifact.psychedelic.net> Message-ID: <40CB1DE3.7060308@gmx.co.uk> Eric Cordian wrote: > Email is free. That is why we have a spam problem. If email required 37 > cent stamps, it would be no more annoying than junk snailmail. it might be free in america - but it isn't here in the UK even at low bandwidths - say, 56K. The sort of bandwidth a professional spammer uses doesn't come cheap on any scale, and back when I was on dialup, the amount of spam I get now (expressed in bytes) would probably have been about 1/3 of my *total* traffic back then. These days of course I can be content to watch my filters remove the majority of it - but I still don't appreciate having to waste bandwidth downloading it. > I would suspect that after initial contact is made, and a "fee" is > transferred, part of that money can be used to fund the appearance of the > scam, and still make a profit. True - so what you are saying is that we aren't *actually* taking the spammer's $80, but money they took from some poor sucker who got spammed earlier? > I think this sort of scamming is a very highly leveraged activity, with an > occasional large payoff, like playing a slot machine with the overall odds > slightly in your favor. It probably doesn't take too much before these guys > are out in the street with nothing. I am trying to think of a reason why this would be a bad thing. > Given the number of people worldwide currently in that situation, I probably > won't behave in ways that increase it, even if the person in question is > trying to pick my pocket. I agree that spamming 419'ers don't deserve being out on the streets with nothing - but only because I would prefer to see them (and all spammers) being slowly disembowelled with red hot hooks...... > Visionary Philosophers should have higher moral standards than the scum of > the earth. Ah. ok, that Explains it then - I am not a visionary anything :) From rah at shipwright.com Sun Jun 13 06:52:21 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 09:52:21 -0400 Subject: War ain't beanbag. Irony is conserved. In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 6:11 AM +0000 6/13/04, Carmi Turchick wrote: >Here is more about the connection between the death squads and the >policy of genocide and our own American facility, the School of the >Americas... Yawn. War, to paraphrase a famous American income-redistributionist, ain't beanbag. Yes. We taught soldiers, hell, thugs, even, to kill commies. It was a war. Remember? The commies were killing people too, remember? More to the point, they wanted to kill lots more. Deliberately, or worse, through their own ignorant mismanagement of the lives they would eventually have total control of. All those "innocent" people were either totalitarians or dupes. Lenin's "useful idiots". Even the nuns. Even the bishops. Even the nice Anglo church ladies from El Norte who thought that in a war between Ghandi and, say, Stalin, Ghandi would win. Bambi vs. Godzilla is more like it. Of course, like Lenin himself, ultimately, those "idiots" were like Ghandi joining the war on Stalin's side. [Okay, so, in actuality, Ghandi *was* on Stalin's side, economically and ideologically, at least, the world's most beatified useful idiot in that regard. Certainly Nehru was on Stalin's team, explicitly so, creating the world's second largest command economy after China's, dooming tens of millions of his countrymen to famine, and most of the rest to destitution -- for *decades* -- in the process, because food prices were *calculated* by a committee somewhere instead of discovered in a market like they're supposed to be, and because cheaper, superior, foreign goods and services were legislated out of Indian markets entirely. Except for the elite, of course...] "Liberation" theology, remember that? ["Liberation" being yet another communard verbal expropriation, like what they did to the word "liberal". War is peace. Or, in the case of "liberation", and "liberal", freedom is literally tyranny.] Remember Aristide's little ditty in praise of the "necklace"? Remember Ortega and the people whose property he expropriated, who he jailed, and those small-businessman "counter-revolutionaries" he eventually killed? He would have killed more if we'd let him. If Reagan had let him. Don't think the "innocent" Allende would have been any different, he'd already started the process of expropriation and confiscation of people's livelihoods, and eventually, their lives, when, yes, Pinochet took him out. Life is hard. War sucks. People die. And of course, there's the Sendero Luminoso, the "Shining" Path. Real humanitarians. Oh. That's right. Butchers like the Sendero's Guzman, like Ortega, or, these days, Chavez and Castro, are *heroes* to people like you. "Freedom fighters," or some such emetic nonsense. I'm a functional atheist (okay, a Unitarian; there's some pyroclastic irony for you...), but one of the best things the Pope did -- after helping first Thatcher and then Reagan *free* three-quarters of Eurasia, if you now count India, and start what is an irreversible process in China -- was to kill "liberation" theology in its metaphoric crib, before it literally killed tens of millions of people, much more than centuries of ignorance and cryptofeudal tyranny hadn't done already in South America. (See, speaking of Guzman and Sendero, the works of Hernando de Soto for more on that...) A nation-state, if you remember your first political "science" class, is about force and geographic monopolies thereof. Politics is about who controls and spends the economic rents that a force-monopoly violently expropriates from its citizenry, and about buying non-violent acquiescence in that expropriation through "social" programs and other forms of fraud, thus lowering the transaction cost of what would have been a more violent act of theft. As Mancur Olsen said in "Power and Prosperity", a prince is a bandit who doesn't move. Absent any *physical* brakes on his power -- be they economic or violent -- whoever is in charge of a nation state, and whatever elite he needs to keep himself in power, can do whatever they damn well please. It is only an armed (first) and educated (second), and thus *free* population that prevents them from turning into tyrants. Stalin, the subject of "Power and Prosperity" -- and ultimate model for erst-and-proto-tinpots from Santiago to Managua to Havana to Caracas, from New Delhi to Baghdad, from Phnom Penh to Pyongyang -- being the canonical example. Your heroes, from the "liberation" theology Church Ladies to Castro, were about selling oppression to the masses. My heroes, certainly the people who ran, and, yes, those who graduated from, the School of the Americas, thugs and all, were, ultimately, on the side of good and right. And ultimately, by the count of democracy versus tyranny in this half of the world -- more important, by the count of free versus confiscatory crypto-and-neo-feudal markets -- it looks like they won, so they were on the right side of history as well. War ain't beanbag. Until we solve the problem of force-monopoly with free markets someday, war, and monopolistic violence, is, paradoxically, how we protect free markets, and, through them, freedom itself. Irony, apparently, is abundant in the universe, and, like matter and energy, force and fraud, it is conserved as well. Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQMxbPcPxH8jf3ohaEQIV1QCg3WCvUqbISoWl83PYkCi04IflyJsAoI8p /FuTkpzHwSDUaTG392g2yuB1 =nx0v -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 13 12:36:44 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 15:36:44 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. Message-ID: --- begin forwarded text From rah at shipwright.com Sun Jun 13 12:45:37 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 15:45:37 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ah. Here we go. A "liberal" hides behind the straw man, this time in the shape of a child. How original. At 3:37 PM +0100 6/13/04, Lee James wrote: >I'd like to hear how children who werent old enough to pronounce the >colour were 'reds' who were rightly tortured (apparently) in your >view, as well as the many women raped and tortured at the hands of >SOA graduates. Funny how "liberals" always do the debits and not the credits in these grotesque calculations. Shall we count the several-orders-of-magnitude number of starved (*and* butchered) children in various Marxist "paradises" around the world, too? I thought not. It wouldn't be "fair". >I'd also be keen to see evidence of this free-market success of >which you talk, because it isn't in central america for the >countless millions in poverty. Freedom, market or otherwise, isn't about the fool's errand of forced income redistribution, which is, invariably, what actually causes famine and tragedy. See "children", above. (Not that "for the children", above, isn't the "liberal" canard it has always been.) Freedom, market, and otherwise, is about *choice*. The choice to work hard and make money and do better than you started. Progress, more stuff cheaper now than it used to be, more stuff cheaper tomorrow than it is now, is the result. What you do with that stuff, is your problem. More to the point, it is the very "maldistribution" of that stuff that makes *progress* happen. Marxists have this problem with counting stuff. They deal in lumps of labor, or "missing" jobs, or labor theories of "value", and it all speaks to a basic innumeracy that does them ill in a world where actual math and science are required to achieve things. >Before, a person encourages free-markets elsewhere, how about >encouraging them in the United States in order to really test the >theory and give these nations a chance of economic development. The >three most successful industries in the united states (steel, >agriculture and >techonology/military) Straw man. You're comparing markets and economies that are, for the most part, free, and pulling out subsidies which are, by definition, exceptional, and then comparing them to economies in which private property is, for the most part, criminalized, and saying that the former is worse. Give me a break. Sure. I wish that government didn't control huge tracts of the economy in the US, making them, for the most part, like the very lands that they own -- sometimes to enhance it's take in graft, sometimes to mystify nature for various useful idiots out there -- productivity wastelands. Manufacturing in the US is done in *spite* of, not *because* of, subsidy, not to mention over-regulation and the government-assisted extortionate demands of labor "unions". So too with the political feather-bedding and log-rolling in agriculture, mining, and, even, I would claim, defense -- if it were possible to imagine a world with force-monopoly to begin with, making the whole point moot. >are all state funded and protected in a exceedinly >'socialist' manner. There is no evidence in Europe of development >occuring in industry any other way either. Say no more. :-). In Europe industry is forbidden unless permitted. In the US, where new industries are created (what medium are we talking on, here, for instance) faster than governments can regulate, much less subsidize them, industry is permitted unless forbidden. >The defence of America and by proxy Reagan's crime in Central >America is alarmingly close to Hitler's defence of his Genocide and >also Stalin's killing of counter-revolutionarys (if we hadnt done it >they wou;d have killed more, theyre the threat not us etc). That's it. Go for it. You know you want to: Reagan = Hitler. Somewhere, even Mike Godwin, who probably didn't vote for Reagan, though for different, more valid, reasons than yours, is laughing. Godwin, a casual friend of mine, has another "law", by the way. See my .sig, below, which points to an axiom of mine, which is, "progress, like reality, is not optional". It's entirely appropriate to this discussion of industry being created by government, and not the other way around. > >Exactly at which point does a war (any war) stop being defensive >because according to the history books the US has never fought an >aggressive war. I prefer to think about the McDonald's paradox: No country that has a McDonald's has attacked another. :-). We'll see how long *that* stands up. As for "democracy" somehow being magical, remember that Athens brought on the Peloponnesian war, not Sparta. That Andrew Jackson, the founder of the political spoils system that is one and the same as the "Democratic" party in the US, was one of the great war-mongers of all time. There is a hoary old joke among Republicans in the US that Democrats start wars, and Republicans finish them. Humor that is, in this case, rooted more often than not in reality. >I'm not sure that it is defensive to defend a country against its >own people, when europe did so it was called colonisation. Yawn. When Europe did it it was called "economics". A word you seem to be unfamiliar with. When their economic interests were attacked (First the Portuguese, then the Spanish, then The Dutch, then the English), surprise, they won. See Diamond's "Guns, Germs, and Steel", for details. Eventually, having won all these mostly defensive wars, they owned all this territory, and like other great rent-seekers throughout history, they handed it all over to the government because it was cheaper than hiring their own armies. Life is hard. Sometimes, people with guns come and kick your ass. If you don't have guns, you can't kick their ass. More often in history, though, people with swords and spears came to kick the ass of *traders* with guns, who are there just to make a little dosh buying cheap and selling dear, and, strangely enough, the guys with the swords and spears lost, yielding their territory and, surprise, sovereignty. Force is a geographically monopolistic market. Whadda concept. It would be nice to change, but, like I said before, there it is. Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQMyuysPxH8jf3ohaEQI6awCdFvUFdrn7FssYaPh+OkmcIgf7tMUAn2h3 /L0Kr5caWMa3hcS5uzggzgzN =TPoK -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "...any [network] architecture that can survive a nuclear attack can survive withdrawal of government subsidy..." -- Michael Godwin From rah at shipwright.com Sun Jun 13 13:53:53 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 16:53:53 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. In-Reply-To: <0406132207591.0@somehost.domainz.com> References: <0406132207591.0@somehost.domainz.com> Message-ID: At 10:17 PM +0200 6/13/04, Thomas Shaddack wrote: >Weapons can mean a lot, but they are far from being everything. Tell that to the USSR. An economy produces weapons. Just the prospect of a new battlefield, real or not, coupled with the largest military buildup in history, crushed them. When they signed an agreement saying that nuclear war was unwinnable and should happen, they lost, right then and there. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 13 14:00:17 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 17:00:17 -0400 Subject: [irtheory] Re: War ain't beanbag. Irony is conserved. Message-ID: --- begin forwarded text To: irtheory at yahoogroups.com User-Agent: eGroups-EW/0.82 From: "Carmi Turchick" Mailing-List: list irtheory at yahoogroups.com; contact irtheory-owner at yahoogroups.com Delivered-To: mailing list irtheory at yahoogroups.com Date: Sun, 13 Jun 2004 20:37:43 -0000 Subject: [irtheory] Re: War ain't beanbag. Irony is conserved. Reply-To: irtheory at yahoogroups.com RAH; Thank you for the perfect illustration of pure evil, and the perfect illustration of how ones altruistic nature and desire to do good can lead one to support crimes against humanity so long as they are committed by "your" side. I respond in detail below. --- In irtheory at yahoogroups.com, "R. A. Hettinga" wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > At 6:11 AM +0000 6/13/04, Carmi Turchick wrote: > >Here is more about the connection between the death squads and the > >policy of genocide and our own American facility, the School of the > >Americas... > > Yawn. War, to paraphrase a famous American income- redistributionist, > ain't beanbag. > > Yes. We taught soldiers, hell, thugs, even, to kill commies. Just how is an unborn fetus a commie? I seem to recall your side being really defensive of fetuses, except, I guess, when they are in the bodies of innocent civilians (well, guilty of being born Mayan) who are unfortunate enough to live in mountainous areas that are where guerrilla fighters (naturally) base their operations? It was a > war. Remember? Oh, well I think Stalin and Mao and Pol Pot and Ho Chi Minh were fighting wars too. Remember? So, does your line of reasoning suddenly reverse or were their slaughters OK also? And let us see how this war started...oh yeah, WE OVERTHREW THEIR DEMOCRATICALLY ELECTED GOVERNMENT because we did not like its policies. So we started the war and were the aggressors and the fact that a very few of them may have been "communists" justifies a genocide? > > The commies were killing people too, remember? More to the point, > they wanted to kill lots more. Deliberately, or worse, through their > own ignorant mismanagement of the lives they would eventually have > total control of. Well, the Guatemalan truth commission found that 90% of the violations of human rights, the murder, rape, genocide, was done by government forces. They found that 3% was done by the guerrillas, and the rest they could not be sure. And there is absolutely no evidence, or even accusations, that the democratically elected government we overthrew was killing anyone or had policies that would lead to their deaths. In fact there is no evidence that the government we overthrew was a communist government. There just is no place for you to go on this one, you are supporting genocide and mass murder even of fetuses in the name of profits for one US company. This is pure evil and it comes from you. The government we overthrew was doing nothing more than exercising its rights of eminent domain in exactly the way that our own government does. They paid the company for the land, paid what the company had claimed it was worth. How does the exercise of eminenet domain rights by a sovereign government make them Communists? And does this argument not mean that a violent overthrow of the Communist President Bush would be justified? > > > All those "innocent" people were either totalitarians or dupes. So, little children, fetuses, illiterate peasants who never even heard of Marx (and this makes up the vast majority of the victims), all of them were totalitarians or dupes? Based on their living where their ancestors had lived for millenia? So how do you define totalitarian? Must be a very different meaning than any I am familiar with; seems to me that you think it means "anyone we can profit from the murder of." I also have to point out that this "free enterprise by force" conception of yours is a novel usage of the term "free" and also happens to be exactly what totalitarians do; they profit by force, by controlling the means of production with military might. What do you call yourselves, Totalitarians Against Totalitarianism by Anyone Else? > Lenin's "useful idiots". Even the nuns. Even the bishops. Even the > nice Anglo church ladies from El Norte who thought that in a war > between Ghandi and, say, Stalin, Ghandi would win. Bambi vs. Godzilla > is more like it. Of course, like Lenin himself, ultimately, those > "idiots" were like Ghandi joining the war on Stalin's side. > > [Okay, so, in actuality, Ghandi *was* on Stalin's side, economically > and ideologically, at least, the world's most beatified useful idiot > in that regard. Certainly Nehru was on Stalin's team, explicitly so, > creating the world's second largest command economy after China's, > dooming tens of millions of his countrymen to famine, and most of the > rest to destitution -- for *decades* -- in the process, because food > prices were *calculated* by a committee somewhere instead of > discovered in a market like they're supposed to be, and because > cheaper, superior, foreign goods and services were legislated out of > Indian markets entirely. Except for the elite, of course...] It seems to nme that there are quite a few parts of our economy that the government controls, from food to steel to gasoline the prices are manipulated and supply is limited or enhanced by our governmet. And there are foriegn goods that are kept out or taxed heavily. Those damn Communist Republicans! Why, just recently they made it illegal to import cheaper prescription drugs from Canada, an act that will directly cost some elderly people their lives. So, are the elderly all totalitarians or dupes too? Seems to me that by your own logic we can now justify massacring Republicans, including women, children and the unborn, because they are controlling the economy in a way that kills people. Care to rethink that position before we get started? > > > "Liberation" theology, remember that? ["Liberation" being yet another > communard verbal expropriation, like what they did to the word > "liberal". War is peace. Or, in the case of "liberation", and > "liberal", freedom is literally tyranny.] > > Remember Aristide's little ditty in praise of the "necklace"? Ummm, and Aristide, who we backed, was a communist how? > > Remember Ortega and the people whose property he expropriated, who he > jailed, and those small-businessman "counter-revolutionaries" he > eventually killed? He would have killed more if we'd let him. If > Reagan had let him. > > Don't think the "innocent" Allende would have been any different, > he'd already started the process of expropriation and confiscation of > people's livelihoods, and eventually, their lives, when, yes, > Pinochet took him out. Life is hard. War sucks. People die. Again, the overthrow of a Democracy that was the one stable one in Latin America, by the CIA,...was a blow against Communism? And it is OK because it was a "war" and never mind that we started it? Does it matter that this "war" was against an unarmed population that never even revolted or went into the hills to fight? Does it matter that this "war" meant that ten thousand people we had picked out were put into a soccer stadium and massacred? There was no uprising in Chile and yet somehow you claim there was a "war?" I have to assume that you think it is somehow far worse to leave people unemployed than to massacre them. So then Bush again must be seen by your own argument as a Communist that must be overthrown (for confiscating people's livelihoods by subsidizing the export of their jobs) and Republicans must be rounded up into footbal stadiums and massacred. When do we start? > > And of course, there's the Sendero Luminoso, the "Shining" Path. Real > humanitarians. Ah, back to the "he did it too" argument. Well, then it must be OK, right? Would that argument still hold after we have all of the Republicans rounded up? > > Oh. That's right. Butchers like the Sendero's Guzman, like Ortega, > or, these days, Chavez and Castro, are *heroes* to people like you. > "Freedom fighters," or some such emetic nonsense. I'm a functional > atheist (okay, a Unitarian; there's some pyroclastic irony for > you...), but one of the best things the Pope did -- after helping > first Thatcher and then Reagan *free* three-quarters of Eurasia, if > you now count India, and start what is an irreversible process in > China -- was to kill "liberation" theology in its metaphoric crib, > before it literally killed tens of millions of people, much more than > centuries of ignorance and cryptofeudal tyranny hadn't done already > in South America. (See, speaking of Guzman and Sendero, the works of > Hernando de Soto for more on that...) "See above for completely unsupportable accusations of what might have happened if, if, if, but did not." > > > A nation-state, if you remember your first political "science" class, > is about force and geographic monopolies thereof. Politics is about > who controls and spends the economic rents that a force-monopoly violently expropriates from its citizenry [and in our case from the citizenry of other nations as well] and about buying > non-violent acquiescence in that expropriation through "social" > programs and other forms of fraud, thus lowering the transaction cost > of what would have been a more violent act of theft. > > As Mancur Olsen said in "Power and Prosperity", a prince is a bandit > who doesn't move. > > Absent any *physical* brakes on his power -- be they economic or > violent -- whoever is in charge of a nation state, and whatever elite > he needs to keep himself in power, can do whatever they damn well > please. It is only an armed (first) and educated (second), and thus > *free* population that prevents them from turning into tyrants. An excellent description of America today and how our poorly educated (at the very least in political realms) population has allowed the Republicans and Democrats to loot and pillage at will. Thank you. > Stalin, the subject of "Power and Prosperity" -- and ultimate model > for erst-and-proto-tinpots from Santiago to Managua to Havana to > Caracas, from New Delhi to Baghdad, from Phnom Penh to Pyongyang -- > being the canonical example. > > Your heroes, from the "liberation" theology Church Ladies to Castro, > were about selling oppression to the masses. > > My heroes, certainly the people who ran, and, yes, those who > graduated from, the School of the Americas, thugs and all, were, > ultimately, on the side of good and right. So, by "good and right" you mean what exactly? The policy that any attempt to stop the forced expropriation, "the economic rents that a force-monopoly violently expropriates from its citizenry" when done by us to a foreign population is evil? That any attempt by a foreign population to stop us from ripping them off and controlling their economy by force is justification for mass murder and genocide? How then do you define good and right? And ultimately, by the > count of democracy versus tyranny in this half of the world -- more > important, by the count of free versus confiscatory > crypto-and-neo-feudal markets -- it looks like they won, so they were > on the right side of history as well. Hold on, so I can only conclude that you are saying LESS DEMOCRACY is a win for us? How does the violent overthrow of TWO DEMOCRACIES by the CIA and the USA mean more democracy and less tyranny? How does the installing of a brutal military dictator equal more Democracy? Perhaps I just have never seen the term "Democracy" applied to an unelected military dictator with total unchallenged power before, could you reference this usage for me? > > War ain't beanbag. Until we solve the problem of force-monopoly with > free markets someday, Yes, how will we end the American force-monopoly in the third world? That is indeed one of the keys. war, and monopolistic violence, is, > paradoxically, how we protect free markets, If by "free" you mean "completly controlled for our own interests." and, through them, > freedom itself. If by "freedom" you mean "the right to be massacred by us for disagreeing, or even for just looking like someday you might disagree should we ever allow you to be born alive." > > Irony, apparently, is abundant in the universe, and, like matter and > energy, force and fraud, it is conserved as well. Yes, it is indeed remarkably present in this post of yours where you espouse how good it is that we commit unthinkable evil acts on complete innocents so that they may be "free." None of those you hold to be evil, Hitler, Stalin, etc, would have said anything very much different from what you just did to justify their own horrific acts. How does it feel to be evil? Carmi Turchick > > > Cheers, > RAH > > > -----BEGIN PGP SIGNATURE----- > Version: PGP 8.0.3 > > iQA/AwUBQMxbPcPxH8jf3ohaEQIV1QCg3WCvUqbISoWl83PYkCi04IflyJsAoI8p > /FuTkpzHwSDUaTG392g2yuB1 > =nx0v > -----END PGP SIGNATURE----- > > -- > ----------------- > R. A. Hettinga > The Internet Bearer Underwriting Corporation > 44 Farquhar Street, Boston, MA 02131 USA > "... however it may deserve respect for its usefulness and antiquity, > [predicting the end of the world] has not been found agreeable to > experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/_tgrlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/irtheory/ <*> To unsubscribe from this group, send an email to: irtheory-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 13 14:00:42 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 17:00:42 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. Message-ID: --- begin forwarded text From rah at shipwright.com Sun Jun 13 14:03:03 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 17:03:03 -0400 Subject: [irtheory] Re: War ain't beanbag. Irony is conserved. Message-ID: --- begin forwarded text From rah at shipwright.com Sun Jun 13 14:03:23 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 17:03:23 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. Message-ID: --- begin forwarded text From squid at panix.com Sun Jun 13 14:13:39 2004 From: squid at panix.com (Yeoh Yiu) Date: 13 Jun 2004 17:13:39 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. In-Reply-To: <0406132207591.0@somehost.domainz.com> References: <0406132207591.0@somehost.domainz.com> Message-ID: Thomas Shaddack writes: > > >Exactly at which point does a war (any war) stop being defensive > > >because according to the history books the US has never fought an > > >aggressive war. > > > > I prefer to think about the McDonald's paradox: No country that has a > > McDonald's has attacked another. :-). > > Then either the paradox is dead wrong, or there is something unclear on > the definition of what counts as "attack", as Clinton would say. Attacks before the McDonald's opened don't count. From camera_lumina at hotmail.com Sun Jun 13 14:50:43 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Sun, 13 Jun 2004 17:50:43 -0400 Subject: War ain't beanbag....What the Fuck? Message-ID: RAH wrote... >>I'd like to hear how children who werent old enough to pronounce the >>colour were 'reds' who were rightly tortured (apparently) in your >>view, as well as the many women raped and tortured at the hands of >>SOA graduates. >Funny how "liberals" always do the debits and not the credits in >these grotesque calculations. Shall we count the >several-orders-of-magnitude number of starved (*and* butchered) >children in various Marxist "paradises" around the world, too? I >thought not. It wouldn't be "fair". Holy shit, Hettinga. Most of the time you make some sense. This ain't one of 'em. So, in other words, if Salvador Allende is democractically elected in a foreign country, then it's OK for the US to send agents and train torturers and then assasinate their leader? This is a complete nonsequitur logically. The fact that "The Marxists would have killed even more" is irrelevant. As someone who seems to espouse a more or less deterministic viewpoint vis economics and crypto-anarchy, you yourself should support a notion of letting them figure things out on their own. More than this, this is the exact thinking that has caused us all sorts of problem. The best (and most obvious) examples are Vietnam and China. Both of these countries repeatedly kicked our ass in several theaters and then went through a brief socliaist period. In both cases, socialism is practically gone. Had we instead been smart with Mao and China (who we sent the moron Ambassador Hurley to meet) and Ho Chi Min (who was actually our ally against the Japanese), might the excesses of, say, the cutlural revolution been nearly as bad? Would Mao have felt it necessary to try to move the industrial base to the countryside where things would be much less easily A-Bombed (As MacArthur recommended)? Obviously not. There probably would have been a cultural revolution/cleansing of some sort anyway, but this has always happened periodically in China, and Fa Lun Gong is merely another example. In the end, China ended up being a major capitalist country, and our involvement against the Chicoms only slowed this process down. We're making a similar mistake in Iraq, and we New Yorkers will probably pay for it again (if Tyler Durden stops posting after WTC#2 comes tumbling down, you'll know what happened. I'll try to post one more time from under the rubble if I can sniff a WiFi hotspot.) -TD >From: "R. A. Hettinga" >To: irtheory at yahoogroups.com, cypherpunks at al-qaeda.net >Subject: RE: [irtheory] War ain't beanbag. Irony is conserved. >Date: Sun, 13 Jun 2004 15:45:37 -0400 > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Ah. Here we go. A "liberal" hides behind the straw man, this time in >the shape of a child. How original. > >At 3:37 PM +0100 6/13/04, Lee James wrote: > >I'd like to hear how children who werent old enough to pronounce the > >colour were 'reds' who were rightly tortured (apparently) in your > >view, as well as the many women raped and tortured at the hands of > >SOA graduates. > >Funny how "liberals" always do the debits and not the credits in >these grotesque calculations. Shall we count the >several-orders-of-magnitude number of starved (*and* butchered) >children in various Marxist "paradises" around the world, too? I >thought not. It wouldn't be "fair". > > >I'd also be keen to see evidence of this free-market success of > >which you talk, because it isn't in central america for the > >countless millions in poverty. > >Freedom, market or otherwise, isn't about the fool's errand of forced >income redistribution, which is, invariably, what actually causes >famine and tragedy. See "children", above. (Not that "for the >children", above, isn't the "liberal" canard it has always been.) >Freedom, market, and otherwise, is about *choice*. The choice to work >hard and make money and do better than you started. Progress, more >stuff cheaper now than it used to be, more stuff cheaper tomorrow >than it is now, is the result. What you do with that stuff, is your >problem. More to the point, it is the very "maldistribution" of that >stuff that makes *progress* happen. > >Marxists have this problem with counting stuff. They deal in lumps of >labor, or "missing" jobs, or labor theories of "value", and it all >speaks to a basic innumeracy that does them ill in a world where >actual math and science are required to achieve things. > > >Before, a person encourages free-markets elsewhere, how about > >encouraging them in the United States in order to really test the > >theory and give these nations a chance of economic development. The > >three most successful industries in the united states (steel, > >agriculture and > >techonology/military) > >Straw man. You're comparing markets and economies that are, for the >most part, free, and pulling out subsidies which are, by definition, >exceptional, and then comparing them to economies in which private >property is, for the most part, criminalized, and saying that the >former is worse. > >Give me a break. > >Sure. I wish that government didn't control huge tracts of the >economy in the US, making them, for the most part, like the very >lands that they own -- sometimes to enhance it's take in graft, >sometimes to mystify nature for various useful idiots out there -- >productivity wastelands. > >Manufacturing in the US is done in *spite* of, not *because* of, >subsidy, not to mention over-regulation and the government-assisted >extortionate demands of labor "unions". So too with the political >feather-bedding and log-rolling in agriculture, mining, and, even, I >would claim, defense -- if it were possible to imagine a world with >force-monopoly to begin with, making the whole point moot. > > >are all state funded and protected in a exceedinly > >'socialist' manner. There is no evidence in Europe of development > >occuring in industry any other way either. > >Say no more. :-). In Europe industry is forbidden unless permitted. >In the US, where new industries are created (what medium are we >talking on, here, for instance) faster than governments can regulate, >much less subsidize them, industry is permitted unless forbidden. > > >The defence of America and by proxy Reagan's crime in Central > >America is alarmingly close to Hitler's defence of his Genocide and > >also Stalin's killing of counter-revolutionarys (if we hadnt done it > >they wou;d have killed more, theyre the threat not us etc). > >That's it. Go for it. You know you want to: Reagan = Hitler. > >Somewhere, even Mike Godwin, who probably didn't vote for Reagan, >though for different, more valid, reasons than yours, is laughing. >Godwin, a casual friend of mine, has another "law", by the way. See >my .sig, below, which points to an axiom of mine, which is, >"progress, like reality, is not optional". It's entirely appropriate >to this discussion of industry being created by government, and not >the other way around. > > > > >Exactly at which point does a war (any war) stop being defensive > >because according to the history books the US has never fought an > >aggressive war. > >I prefer to think about the McDonald's paradox: No country that has a >McDonald's has attacked another. :-). We'll see how long *that* >stands up. As for "democracy" somehow being magical, remember that >Athens brought on the Peloponnesian war, not Sparta. That Andrew >Jackson, the founder of the political spoils system that is one and >the same as the "Democratic" party in the US, was one of the great >war-mongers of all time. There is a hoary old joke among Republicans >in the US that Democrats start wars, and Republicans finish them. >Humor that is, in this case, rooted more often than not in reality. > > >I'm not sure that it is defensive to defend a country against its > >own people, when europe did so it was called colonisation. > >Yawn. When Europe did it it was called "economics". A word you seem >to be unfamiliar with. When their economic interests were attacked >(First the Portuguese, then the Spanish, then The Dutch, then the >English), surprise, they won. See Diamond's "Guns, Germs, and Steel", >for details. Eventually, having won all these mostly defensive wars, >they owned all this territory, and like other great rent-seekers >throughout history, they handed it all over to the government because >it was cheaper than hiring their own armies. > >Life is hard. Sometimes, people with guns come and kick your ass. If >you don't have guns, you can't kick their ass. More often in history, >though, people with swords and spears came to kick the ass of >*traders* with guns, who are there just to make a little dosh buying >cheap and selling dear, and, strangely enough, the guys with the >swords and spears lost, yielding their territory and, surprise, >sovereignty. Force is a geographically monopolistic market. Whadda >concept. It would be nice to change, but, like I said before, there >it is. > >Cheers, >RAH > > > >-----BEGIN PGP SIGNATURE----- >Version: PGP 8.0.3 > >iQA/AwUBQMyuysPxH8jf3ohaEQI6awCdFvUFdrn7FssYaPh+OkmcIgf7tMUAn2h3 >/L0Kr5caWMa3hcS5uzggzgzN >=TPoK >-----END PGP SIGNATURE----- > >-- >----------------- >R. A. Hettinga >The Internet Bearer Underwriting Corporation >44 Farquhar Street, Boston, MA 02131 USA >"...any [network] architecture that can survive a nuclear attack can >survive withdrawal of government subsidy..." -- Michael Godwin > _________________________________________________________________ Watch the online reality show Mixed Messages with a friend and enter to win a trip to NY http://www.msnmessenger-download.click-url.com/go/onm00200497ave/direct/01/ From rah at shipwright.com Sun Jun 13 14:58:20 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 17:58:20 -0400 Subject: [irtheory] War ain't beanbag. Irony is conserved. In-Reply-To: References: <0406132207591.0@somehost.domainz.com> Message-ID: At 4:53 PM -0400 6/13/04, R. A. Hettinga wrote: >When they signed an agreement saying that nuclear war was unwinnable and >should happen, they lost, right then and there. ^^^^^^^ I plead excess haste, m'lord. I meant shouldn't happen. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 13 14:59:22 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 17:59:22 -0400 Subject: [Neuclear-general] VERAX Beta Dollar the second NeuClear asset is now live Message-ID: --- begin forwarded text From shaddack at ns.arachne.cz Sun Jun 13 13:17:51 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 13 Jun 2004 22:17:51 +0200 (CEST) Subject: [irtheory] War ain't beanbag. Irony is conserved. In-Reply-To: References: Message-ID: <0406132207591.0@somehost.domainz.com> > >Exactly at which point does a war (any war) stop being defensive > >because according to the history books the US has never fought an > >aggressive war. > > I prefer to think about the McDonald's paradox: No country that has a > McDonald's has attacked another. :-). Then either the paradox is dead wrong, or there is something unclear on the definition of what counts as "attack", as Clinton would say. > Life is hard. Sometimes, people with guns come and kick your ass. If > you don't have guns, you can't kick their ass. You can, but you have to have MUCH more superior strategy, and lots of luck. Weapons can mean a lot, but they are far from being everything. From rah at shipwright.com Sun Jun 13 20:05:58 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 13 Jun 2004 23:05:58 -0400 Subject: Casio's credit card watch Message-ID: - Engadget - www.engadget.com Casio's credit card watch Posted Jun 9, 2004, 8:30 AM ET by Gareth Edwards Related entries: Misc. Gadgets Putting IC chips into things to turn them into electronic wallets is officially the latest Japanese gadget trend. Casio gets in on the act with a watch it has developed with card company JCB that can be swiped over a reader to pay for purchases, or get through security gates in office buildings. It uses the Sony FeliCa chip, which is fast becoming the de facto standard and will start appearing in Japanese cellphones very soon. Casio is very big on the fact that you now don't have to root around in your bag for a credit card or cellphone in order to pay for things or get in and out of the office. We're happier with the latter idea, if only because the standard IC-chip company ID cards are apt to snap in half if you look at them crosseyed; on the other hand, being able to pay for stuff with something that doesn't even look like a credit card sounds like a recipe for disaster, unless they have the hands swing to one minute to midnight when you're about to hit your credit limit. Also, it's worth pointing out that the kidz of Japan don't seem too bothered about watches these days; we recall a survey not so long ago in which the most popular watch brand among teens was "NTT DoCoMo". -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From justin-cypherpunks at soze.net Sun Jun 13 20:30:55 2004 From: justin-cypherpunks at soze.net (Justin) Date: Mon, 14 Jun 2004 03:30:55 +0000 Subject: War ain't beanbag....What the Fuck? In-Reply-To: References: Message-ID: <20040614033055.GE28108@arion.soze.net> On 2004-06-13T17:50:43-0400, Tyler Durden wrote: > > RAH wrote... > > >>I'd like to hear how children who werent old enough to pronounce the > >>colour were 'reds' who were rightly tortured (apparently) in your > >>view, as well as the many women raped and tortured at the hands of > >>SOA graduates. > > >Funny how "liberals" always do the debits and not the credits in > >these grotesque calculations. Shall we count the > >several-orders-of-magnitude number of starved (*and* butchered) > >children in various Marxist "paradises" around the world, too? I > >thought not. It wouldn't be "fair". > > Holy shit, Hettinga. Most of the time you make some sense. This ain't one > of 'em. So, in other words, if Salvador Allende is democractically elected > in a foreign country, then it's OK for the US to send agents and train > torturers and then assasinate their leader? This is a complete nonsequitur He's pro-free-market, not pro-democracy. What Mr. Free Market doesn't want to state outright is that a pure free market economy is anarchy, because every law will impact the way businesses do business. > logically. The fact that "The Marxists would have killed even more" is > irrelevant. As someone who seems to espouse a more or less deterministic > viewpoint vis economics and crypto-anarchy, you yourself should support a > notion of letting them figure things out on their own. A majority screwing up a country is not "letting them figure things out on their own". Maybe we should have let the Japanese figure things out by themselves once they surrendered? Germany? No funds to rebuild France. Oh, I want to live in *that* world, where we may not have won the cold war. > More than this, this is the exact thinking that has caused us all sorts of > problem. The best (and most obvious) examples are Vietnam and China. Both > of these countries repeatedly kicked our ass in several theaters and then > went through a brief socliaist period. In both cases, socialism is > practically gone. Had we instead been smart with Mao and China (who we sent I haven't lived in China, but my impression of the country leads me to believe otherwise. If it's not *quite* socialist, it's fascist. > In the end, China ended up being a major capitalist country, and our As above, this doesn't seem right. Hong Kong might be a major capitalist center of operations, but Hong Kong is not really China, socioeconomically speaking. > involvement against the Chicoms only slowed this process down. We're making > a similar mistake in Iraq, and we New Yorkers will probably pay for it > again (if Tyler Durden stops posting after WTC#2 comes tumbling down, > you'll know what happened. I'll try to post one more time from under the > rubble if I can sniff a WiFi hotspot.) God damned idiots, both the designers/builders and anyone who would work in it without taking precautions. Anyone in WTC2 who cares about living should buy a dozen real climbing ropes or go learn to skydive and then how to BASE jump. And pray 5 times a day that the plane crashes into some *other* floor. I'd imagine it'd be a bit tricky to get a descender past the knots in a chain of ropes, and air currents around buildings make a safe landing improbable for any but the most experienced BASE jumpers. Accordingly, there was some whining in Oct '01 on dropzone.com about how morons would jump with an "executive parachute" whenever they smell burnt toast, but I think that's a great way to clean the pool. Maybe some clever person could change the WTC2 mains frequency to 70 or 80 herz to facilitate that (as well as overheating Tyler's computer to let him know that the End is near). ciel bleu! -- "Not your decision to make." "Yes. But it's the right decision, and I made it for my daughter." - Bill, Beatrix; Kill Bill Vol. 2 From ghicks at cadence.com Mon Jun 14 06:32:25 2004 From: ghicks at cadence.com (Gregory Hicks) Date: June 14, 2004 6:32:25 PM EDT Subject: The Son of Patriot Act Also Rises Message-ID: Dave: For IP if you wish... Regards, Gregory hicks >From the Dartmouth list "Security in the News" http://www.wired.com/news/privacy/0,1848,63800,00.html Elements of a Justice Department draft legislation known as "Patriot Act II", widely criticized when news about it was released in 2003, are making their way into the law books as minor provisions of other bills. For example, the Anti-Terrorism Intelligence Tools Improvement Act of 2003 (HR 3179) contains four sections that appeared in the Patriot II draft, establishing five-year prison terms for anyone who discloses Patriot Act requests for information made by the FBI (Federal Bureau of Investigation). Former Representative Bob Barr (R-Georgia) says the Justice Department has been asking sympathetic lawmakers to slip elements of Patriot II into other legislation. Proponents of HR 3179 says the provisions merely address holes in the original Patriot Act; the Act made it illegal to disclose FBI Patriot Act searches, but specified no penalty. Opponents counter that it strengthens already overly broad search and seizure powers for the government while denying citizens the right to petition for a redress of grievances. ------------------------------------------------------------------- Gregory Hicks | Principal Systems Engineer Cadence Design Systems | Direct: 408.576.3609 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3400 San Jose, CA 95134 | Internet: ghicks at cadence.com I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. "A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision." - Benjamin Franklin "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From rah at shipwright.com Mon Jun 14 05:09:07 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 14 Jun 2004 08:09:07 -0400 Subject: This Spy for Rent Message-ID: The New York Times June 13, 2004 OP-ED CONTRIBUTOR This Spy for Rent By JAMES BAMFORD ASHINGTON Assessing, cultivating and recruiting spies has long been a key job of Central Intelligence Agency officers. But now it is the C.I.A. officers themselves who are being assessed, cultivated and recruited - sometimes right out of the agency's cafeteria. In what is leading to a critical spy drain, private companies are aggressively seeking highly trained employees of our espionage agencies to fill government contracts. With the resignation of George Tenet as director of central intelligence and the final hearings of the 9/11 commission this week, the stage is set for the first major restructuring of the intelligence community in decades. While there has been much discussion of moving agencies and creating an "intelligence czar," the privatization of our spies has been largely overlooked. The C.I.A. is awash in money as a result of post-9/11 budget increases. But because of the general uncertainty over the future, it faces a long delay before it can recruit, train and develop a new generation of spies and analysts. So for now it is building up its staff by turning to the "intelligence-industrial complex." These corporations range from Fortune 500 giants like Booz Allen Hamilton and Northrop Grumman to small companies made up almost entirely of former senior C.I.A. officers, like the Abraxas Corporation in McLean, Va. For example, one Abraxas expert, Mary Nayak, formerly ran the Directorate of Intelligence's South Asia group; now she's been hired as a consultant to the C.I.A.'s review group on 9/11. Private contractors are taking over jobs once reserved for highly trained agency employees: regional desk officers who control clandestine operations around the world; watch officers at the 24-hour crisis center; analysts who sift through reams of intelligence data; counterintelligence officers who oversee clandestine meetings between agency officers and their recruited spies; and reports officers who act as liaisons between officers in the field and analysts back at headquarters. While there is nothing inherently wrong with the intelligence community working closely with private industry, there is the potential for trouble unless the union is closely monitored. Because the issue is hidden under the C.I.A.'s heavy layers of secrecy, it is impossible for even Congress to get accurate figures on just how much money and how many people are involved. But many experts inside and outside the agency feel that we are talking about hundreds of millions of dollars and thousands of contractors. As was made clear by the Abu Ghraib prison scandal, involving private contractors in sensitive intelligence operations can lead to disaster. And the potential for disaster only grows when not just the agents on the ground, but their supervisors and controllers back at headquarters too, are working for some private company. Another problem has been an increased cost to taxpayers. Desperate to fill their contracts, the companies frequently offer to double a federal employee's salary. Because the recruiters have security clearances, they often make their recruiting pitches at the C.I.A.'s headquarters in Langley, Va. And many of those who do sign on end up going right back to their old office - only now working for a private company. Thus, after spending millions of dollars training people to be clandestine officers, taxpayers are having to pay them twice as much to return as rent-a-spies. "The money is incredible," one agency veteran, who handled spies overseas for years, told me. "I doubled my salary to go out and come back in and continue doing what I was doing." But some of these former officers warned me that their talents are being wasted on unsophisticated tasks, and that because of the slap-dash nature of the rush to expand, the quality of intelligence produced has become questionable. "The problem is these jobs are mindless," one officer-turned-contractor with decades of Middle East experience told me. "So we're all just sitting there looking at each other, and we're making a ridiculous amount of money." Another former agency employee told me that he was among a group of contractors assigned to analyze e-mail messages on computer hard drives snatched by operatives in Iraq, Afghanistan and other countries. "A lot of it was in Arabic and none of us spoke Arabic - just a little problem," he said. "None of us really knew what we were doing and we had management who didn't know what they were doing either." As the United States gets more deeply involved in the war on terrorism and the war in Iraq, there will be a corresponding increase in private spies. This isn't all bad: by marrying well-trained federal employees with innovative contractors working in a less structured role, perhaps we can find more effective ways of tackling old problems. But better oversight is critical. If Congress doesn't even know whom the C.I.A. is hiring, how can anyone ensure that what they are doing (and how much they are being paid) is acceptable? As we decide how to remake our intelligence services, we need to find the right balance between the people who make the cloaks and daggers and the people who wear them. James Bamford is the author, most recently, of "A Pretext for War: 9/11, Iraq, and the Abuse of America's Intelligence Agencies." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From camera_lumina at hotmail.com Mon Jun 14 07:44:58 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 14 Jun 2004 10:44:58 -0400 Subject: War ain't beanbag....What the F*ck? Message-ID: Justin wrote... >I haven't lived in China, but my impression of the country leads me to >believe otherwise. If it's not *quite* socialist, it's fascist. >As above, this doesn't seem right. Hong Kong might be a major capitalist >center of operations, but Hong Kong is not really China, socioeconomically >speaking. Mainland China is already a capitalist giant. It's also arguably fascist, at least from an American's point of view. But if you don't f*ck with politicians, you can cut almost whatever deal you want. Start criticisizng Zhong Non Hai and your eyeballs will end up giving sight to some aging businessman or party bigshot (which basically means an aging businessman these days). >A majority screwing up a country is not "letting them figure things out on >their own". Maybe we should have let the Japanese figure things out by >themselves once they surrendered? Germany? No funds to rebuild France. >Oh, I want to live in *that* world, where we may not have won the cold >war. Well, there's a difference here. It's one thing to rebuild a country after we've gone to war with them, but messing with a country's internal politics and destabilising their local governments is a different story. And indeed, none of the countries where we've performed such duties (with our help from our friends in the SOAs) currently have a particularly stable economy, though Argentina is finally showing some dim hope. -TD _________________________________________________________________ Getting married? Find great tips, tools and the latest trends at MSN Life Events. http://lifeevents.msn.com/category.aspx?cid=married From bogus@does.not.exist.com Mon Jun 14 08:56:31 2004 From: bogus@does.not.exist.com () Date: Mon, 14 Jun 2004 11:56:31 -0400 Subject: The Merits in Newdow Message-ID: The collection of concurrences on the merits are quite interesting. The Chief's opinion adopts the SG's argument -- darn-near-preposterous, IMHO (and that of Justice Thomas!) -- that the Pledge is OK in schools because "under God" is "not endorsement of any religion," but instead "a simple recognition of the fact [that] '[f]rom the time of our earliest history our peoples and our institutions have reflected the traditional concept that our Nation was founded on a fundamental belief in God.'" Justice O'Connor joins the Chief's opinion, but writes separately to suggest that the Pledge in schools is ok only because of a confluence of "four factors" that will virtually never again appear in combination in any other case. This result derives directly from pages 24-29 of the amicus brief that Doug Laycock wrote: http://goldsteinhowe.com/blog/files/newdow.laycock.pdf. Justice Thomas concludes -- correctly, in my view, see http://www.goldsteinhowe.com/blog/files/Newdow%20Final%20Brief.pdf -- that if Lee v. Weisman was correctly decided, then public schools may not lead students in daily recitation of the words "under God." Thomas, however, would overrule Lee. > http://supct.law.cornell.edu:8080/supct/html/02-1624.ZS.html ----- End forwarded message ----- From Bruce_Tefft at sra.com Mon Jun 14 11:05:17 2004 From: Bruce_Tefft at sra.com (Tefft, Bruce) Date: Mon, 14 Jun 2004 14:05:17 -0400 Subject: [osint] Assassination Plans Found On Internet Message-ID: http://www.homelandsecurityus.com/ 1 June 2004 - U.K. armed services raise threat level to "severe" According to a report by Air Security, U.K. armed services officials raised the threat level for U.K. military installations to "severe" after receiving intelligence that terrorists with links to al-Qaeda are planning to stage suicide truck bomb attacks against a U.K. military base within the next two months. Military officials stated that terrorists are planning to drive a truck packed with explosives into military headquarters. The intelligence indicated London is a particular target, as are upcoming D-Day celebrations. 1 June 2004 - Assassination Plans Found On Internet ASSASINATION PLANS AGAINST SAUDI ARABIA'S MINISTER OF THE INTERIOR Prince Nayif Bin-Abd-al-Aziz were discovered by Northeast Intelligence Network analysts and submitted to the appropriate authorities. As first reported on The Roth Show, a syndicated radio program based in Spokane, Washington, the highly detailed plans are calling for the operation to take place this Friday, June 4, 2004 using rocket propelled grenades while the Prince is in transit. The plans, authored by Abu Hajar Abdel Aziz al-Moqrin, the leader of al Qaeda in Saudi Arabia and the man who claimed responsibility for the attack on the residential complex in Saudi Arabia last Saturday, outlined Prince Nayif's itinerary, manner and route of travel, personal security, and planned method of attack using rocket propelled grenades. The detailed plans were found in Issue 11 of Camp al Battar, a well known military-style training manual referenced by terrorists and published regularly on an elusive Internet forum. The translated communication can be found at www.homelandsecurityus.com in addition to the audio statement of Abu Hajar Abdel Aziz al-Moqrin claiming responsibility for the attack at APICORP in Khobar, Saudi Arabia. Translated from Arabic: The target: Nayef Bin Abdul Aziz. He will attend a reception of external security personel in a secret visit of the queen at King Khaled International Airport. Specification of the target: Nayef Bin Abd Al-Aziz Al Saud . Personal information: Name: Nayef Bin Abd Al-Aziz Al Saud . Age: 71 years born in 1933. Position: the Saudi Minister of Interior. Residence address: the Gardens - several palaces (the present palace in Arqa, also the Mother's palace, and several other palaces that he frequents). Daily routine: He goes to sleep shortly before dawn, and goes to the ministry some days at 7 o'clock at night until eight thirty, resting in the evenings, and attending parties, and private meetings. Number of guards: 8 persons Typed of armament: light . The guards can be targeted as they descend from the care; they are near but not too close. The movement of the procession: it blocks off the roads, and they drive the target car in the midst of the procession with similar cars possibly to provide a camouflage procession. The guarding crew breaks up any surveillance. The guarding crew varies the route at times.. The number of guarding cars in the procession: (not less than ten cars and their job is to opened the highway). The first car, with the oscillation light, then the cars for personal protection, then the cars in which the targets are found which are probably similar in color and model and without numbers or with similar numbers to the protection cars, then the patrol cars that close the procession. Sometimes there is a smaller procession without the target that moves in side streets. The target changes its car. Mostly uses the same car, which is not easy to approach since the highways are closed. Route information: From Arqa palace to the airport, 40 kilos. Route Description: From Arqa, take the western circular, then the northern circular, then the airport highway, with the probability of moving onto other roads: (Arqa - Khris highway, Jabber Alsabah's highway, the northern circular, the airport highway). (Arqa - Ad Dir Iyah, Alamaria parting, then move in an easterly direction and return to the specialize route to the airport highway ). Schedule The time of departure for the reception: on 15 / 4 / 1425 AH The departure time: at six at night . The arrival time: 25 minutes after 6 . The side streets: many sides streets come from the circular exits ( 4 - 5 - 6 - 7 ) and from them (the western gates of King Saud University) (Prince Abdullah Highway ) . The bridges: the field linking between the northern circular and the circular extension east of the Airport Highway. Places where the cars can park, and deserted places: there are none. There are many turns: Among them the turn of the circular on the western meeting the northern circular, and the turn of the circular northern meeting to the eastern, and there are moderately thick trees and gardens and football playing fields. There is a high building of several floors belonging to the Sabk company, and the Imam University buildings, and there are trees in the moderate island separating between the two ways, which are good for the invisibility and ambushes and at the entrance to the airport highway there is a gate which can be closed. After the target has been specified, the command began issuing orders to the concerned leaders, dividing the operation into several stages: The first stage: the specification of the target. This stage is complete. The second stage: the collection of the information. This stage is complete also. The third stage: Determining the way of killing (the explosives), and it will be with the explosions in the procession during the passing of the procession at the bottom of the bridge linking the northern circular and the eastern one, and on the sides of the highway at the turn, beginning with the emergence of the group of confirmation and the destruction, with the assurance of killing them, or it may be carried out with the use of anti-armament missiles. At this point, it is impossible to determine if this is an actual assassination plan, or some sort of hoax. The fact that it was published in issue 11 of Al Battar, a known Al Qaeda publication that has proved credible in the past, and that it was written by Abu Hajar Abdel Aziz Al Moqrin (see article below) certainly lends a degree of urgency to this information. The level of detail of the information in the "plan" is very high and shows the results of extensive surveilance of the individual named as the target. However, it must also be taken into consideration that Abu Hajar has changed pertinant details prior to publication. It is possible that the target of the attack is a different member of the Saudi royal family. A posting on the Al Qal'ah forum this morning refers to a "big surprise" coming in the next week for Saudi Prince Mohamed Bin Fahd, son of the current Saudi king. The Al Battar article specifies the date of June 4, 2004, for the attack. Since that is just a few days away, we are posting the relevant material in hopes that the attack will be thwarted by authorities. Law enforcement, diplomatic, and other security personnel who need access to the original documents we translated should contact our director at dhagmann at adelphia.net. -------------------------------------------- 1 June 2004 - Who is Abu Hajar Abdel Aziz al Moqrin Throughout the past few months, a new Al Qaeda militant has emerged to the forefront in the Kingdom of Saudi Arabia. Abu Hajar Abdel Aziz al Moqrin is widely recognized as the leader of Al Qaeda operations in Saudi Arabia. He has claimed responsibility for this weekend's attack on the Oasis residential complex in Khobar, and for the attack on the Yanbo petroleum facility a few weeks ago. But little has been published about this militant. What exactly is known about him? Abu Hajar, or Hajar's father, first made his public appearance on the scene in the Badr al Riyadh videos, released by Al Qaeda in the winter of 2004, and commemorating the Ramadan attacks in Riyadh in November of 2003. According to the semi-official biography published by Al Qaeda, Abu Hajar has spent the last 16 years of his life in the service of Al Qaeda. Abu Hajar, who is reportedly 33 years old, has "served" in combat in Bosnia, Algeria, and Somalia, before assuming the reins of the operation in Saudi Arabia. Abu Hajar was sentenced to four years of prison in Saudi Arabia, and was released after 2 years, with the sentence reduced for "good behavior". He assumed control of the Saudi operations after the death of the previous leader in a shootout last year. Moqrin dropped out of school at the age of 17, and went to Afghanistan, purportedly to join in the fight against the Soviet Union. He apparently received his paramilitary jihad training in the Al Qaeda training camps of Afghanistan. According to reports, he was in Afghanistan for four years, from 1990 - 1994. While in Afghanistan, he was responsible for training operations in the "Governor's Camp" near the city of Khost, Afghanistan, and was also involved in numerous combat operations. He left Afghanistan in 1994 to move to Algeria, to help train the Islamic insurgents in that country. After leaving Algeria, Abu Hajar went to Bosnia and Herzegovina, where he again was active in the training of militants as well as in combat operations. He returned to Saudi Arabia, then made his way through Yemen, and on to Somalia where he fought with the militant groups against the Ethiopian forces. He was arrested in Somalia, and extradited to Saudi Arabia, where he was sentenced to four years in prison. He was released after two years on "good behavior". A month after his release, he made his way back to Yemen, and then to Afghanistan in 2001.There he joined combat operations with the Taliban against the American troops. After the fall of the Taliban, he returned to Saudi Arabia, to his home in the Swedish district of Riyadh. He immediately became involved in the establishment of jihad training camps in the middle and western regions of Saudi Arabia. When Khaled Al Bin Al Haj was killed on March 15 in a shootout with the Saudi security forces, Abu Hajar assumed leadership of Al Qaeda in the Arabian Peninsula. Abu Hajar was raised in the city of Riyadh. He is a high school dropout. He was married at the age of 19, and has one child (currently 10 years old) with this wife. According to the biography, Abu Hajar remarried without the knowledge of his family, and had a second child, who died before the age of 2. ------------------------ Yahoo! Groups Sponsor --------------------~--> Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-osint at yahoogroups.com. -------------------------- Brooks Isoldi, editor bisoldi at intellnet.org http://www.intellnet.org Post message: osint at yahoogroups.com Subscribe: osint-subscribe at yahoogroups.com Unsubscribe: osint-unsubscribe at yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: osint-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From alan at clueserver.org Mon Jun 14 15:47:03 2004 From: alan at clueserver.org (alan) Date: Mon, 14 Jun 2004 15:47:03 -0700 (PDT) Subject: [osint] Assassination Plans Found On Internet In-Reply-To: Message-ID: On Mon, 14 Jun 2004, Tyler Durden wrote: > Remember too that terrorism is really a form of PR, rather than (in most > cases) an actual destruction of infrastructure or whatnot. Smart terrorists > will obviously leverage any channel available to cause a population to view > their world as unstable. > > Also remember too that plans such as this may be "fishing"...in other words, > communications in the hope that somebody out there (not directly known to > the issuer of the communique) will take the info and work out his own plans > for attacking the target. > > I'm sure our boys at the School of the Americas (or whatever it's called > now) use these mthods all the time. In fact, they're probably the ones who > taught the Mujahadin (and bin Laden) a lot of these techniques. Also don't forget that by telling people where you "plan" to attack, you get them to spend a bunch of money that they would not have already spent. Give them enough "targets" and they will be chasing shadows all over the place. When they have done this enough, the oposition will not know what to believe. A mind-fuck is a terrible thing to waste. > > -TD > > > >From: "R. A. Hettinga" > >To: Thomas Shaddack > >CC: cypherpunks at al-qaeda.net > >Subject: Re: [osint] Assassination Plans Found On Internet > >Date: Mon, 14 Jun 2004 17:05:53 -0400 > > > >At 10:45 PM +0200 6/14/04, Thomas Shaddack wrote: > > >It may be also a very cheap method of "attack". > > > >True enough. > > > >Cheers, > >RAH > > > >-- > >----------------- > >R. A. Hettinga > >The Internet Bearer Underwriting Corporation > >44 Farquhar Street, Boston, MA 02131 USA > >"... however it may deserve respect for its usefulness and antiquity, > >[predicting the end of the world] has not been found agreeable to > >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' > > > > _________________________________________________________________ > Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! > http://join.msn.click-url.com/go/onm00200362ave/direct/01/ From rah at shipwright.com Mon Jun 14 12:47:53 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 14 Jun 2004 15:47:53 -0400 Subject: [osint] Assassination Plans Found On Internet Message-ID: I can't stop laughing. *This* is why the west will win. They post their plans, in the clear. Cheers, RAH Of course, various idiots out there will call this a reason to censor the internet... -------- --- begin forwarded text From justin-cypherpunks at soze.net Mon Jun 14 09:18:08 2004 From: justin-cypherpunks at soze.net (Justin) Date: Mon, 14 Jun 2004 16:18:08 +0000 Subject: (fwd) The Merits in Newdow Message-ID: <20040614161808.GB29252@arion.soze.net> Christ. The U.S. is now officially a Christian nation. ----- Forwarded message from Marty Lederman ----- From rah at shipwright.com Mon Jun 14 14:05:53 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 14 Jun 2004 17:05:53 -0400 Subject: [osint] Assassination Plans Found On Internet In-Reply-To: <0406142238390.-1135589280@somehost.domainz.com> References: <0406142238390.-1135589280@somehost.domainz.com> Message-ID: At 10:45 PM +0200 6/14/04, Thomas Shaddack wrote: >It may be also a very cheap method of "attack". True enough. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From camera_lumina at hotmail.com Mon Jun 14 14:22:12 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 14 Jun 2004 17:22:12 -0400 Subject: [osint] Assassination Plans Found On Internet Message-ID: Remember too that terrorism is really a form of PR, rather than (in most cases) an actual destruction of infrastructure or whatnot. Smart terrorists will obviously leverage any channel available to cause a population to view their world as unstable. Also remember too that plans such as this may be "fishing"...in other words, communications in the hope that somebody out there (not directly known to the issuer of the communique) will take the info and work out his own plans for attacking the target. I'm sure our boys at the School of the Americas (or whatever it's called now) use these mthods all the time. In fact, they're probably the ones who taught the Mujahadin (and bin Laden) a lot of these techniques. -TD >From: "R. A. Hettinga" >To: Thomas Shaddack >CC: cypherpunks at al-qaeda.net >Subject: Re: [osint] Assassination Plans Found On Internet >Date: Mon, 14 Jun 2004 17:05:53 -0400 > >At 10:45 PM +0200 6/14/04, Thomas Shaddack wrote: > >It may be also a very cheap method of "attack". > >True enough. > >Cheers, >RAH > >-- >----------------- >R. A. Hettinga >The Internet Bearer Underwriting Corporation >44 Farquhar Street, Boston, MA 02131 USA >"... however it may deserve respect for its usefulness and antiquity, >[predicting the end of the world] has not been found agreeable to >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' > _________________________________________________________________ Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! http://join.msn.click-url.com/go/onm00200362ave/direct/01/ From sunder at sunder.net Mon Jun 14 15:12:59 2004 From: sunder at sunder.net (Sunder) Date: Mon, 14 Jun 2004 18:12:59 -0400 (edt) Subject: [osint] Assassination Plans Found On Internet In-Reply-To: References: <0406142238390.-1135589280@somehost.domainz.com> Message-ID: Or it could just be agitprop meant to raise the theat level back up a notch, or provide more funding to the surveillance kitty. On Mon, 14 Jun 2004, R. A. Hettinga wrote: > At 10:45 PM +0200 6/14/04, Thomas Shaddack wrote: > >It may be also a very cheap method of "attack". > > True enough. From rah at shipwright.com Mon Jun 14 15:32:02 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 14 Jun 2004 18:32:02 -0400 Subject: [osint] Assassination Plans Found On Internet In-Reply-To: References: <0406142238390.-1135589280@somehost.domainz.com> Message-ID: At 6:12 PM -0400 6/14/04, Sunder wrote: >Or it could just be agitprop meant to raise the theat level back up a >notch, or provide more funding to the surveillance kitty. > >On Mon, 14 Jun 2004, R. A. Hettinga wrote: > >> At 10:45 PM +0200 6/14/04, Thomas Shaddack wrote: >> >It may be also a very cheap method of "attack". >> >> True enough. I usually apply occam's razor to these things, but, around here, that's cheating... :-) Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From dave at farber.net Mon Jun 14 17:09:56 2004 From: dave at farber.net (David Farber) Date: Mon, 14 Jun 2004 20:09:56 -0400 Subject: [IP] The Son of Patriot Act Also Rises Message-ID: Begin forwarded message: From shaddack at ns.arachne.cz Mon Jun 14 13:45:11 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Mon, 14 Jun 2004 22:45:11 +0200 (CEST) Subject: [osint] Assassination Plans Found On Internet In-Reply-To: References: Message-ID: <0406142238390.-1135589280@somehost.domainz.com> On Mon, 14 Jun 2004, R. A. Hettinga wrote: > I can't stop laughing. *This* is why the west will win. > They post their plans, in the clear. It may be also a very cheap method of "attack". Don't spend any money on material nor people; just send out an attack documentation in the clear and watch the adversary jumping around, wasting their resources, and getting their morale worn out a little bit more with every further false alarm. From rah at shipwright.com Tue Jun 15 06:46:09 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 09:46:09 -0400 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: <4.2.2.20040615040152.01b221a0@127.0.0.1> References: <4.2.2.20040615040152.01b221a0@127.0.0.1> Message-ID: At 4:03 AM -0500 6/15/04, Bruce Schneier wrote: > Breaking Iranian Codes > > > >Ahmed Chalabi is accused of informing the Iranians that the U.S. had >broken its intelligence codes. What exactly did the U.S. break? How >could the Iranians verify Chalabi's claim, and what might they do about it? > >This is an attempt to answer some of those questions. > >Every country has secrets. In the U.S., the National Security Agency >has the job of protecting our secrets while trying to learn the secrets >of other countries. (Actually, the CIA has the job of learning other >countries' secrets in general, while the NSA has the job of >eavesdropping on other countries' electronic communications.) > >To protect their secrets, Iranian intelligence -- like the leaders of >all countries -- communicate in code. These aren't pencil-and-paper >codes, but software-based encryption machines. The Iranians probably >didn't build their own, but bought them from a company like the >Swiss-owned Crypto AG. Some encryption machines protect telephone >calls, others protect fax and Telex messages, and still others protect >computer communications. > >As ordinary citizens without serious security clearances, we don't know >which machines' codes the NSA compromised, nor do we know how. It's >possible that the U.S. broke the mathematical encryption algorithms >that the Iranians used, as the British and Poles did with the German >codes during World War II. It's also possible that the NSA installed a >"back door" into the Iranian machines. This is basically a >deliberately placed flaw in the encryption that allows someone who >knows about it to read the messages. > >There are other possibilities: the NSA might have had someone inside >Iranian intelligence who gave them the encryption settings required to >read the messages. John Walker sold the Soviets this kind of >information about U.S. naval codes for years during the 1980s. Or the >Iranians could have had sloppy procedures that allowed the NSA to break >the encryption. > >Of course, the NSA has to intercept the coded messages in order to >decrypt them, but they have a worldwide array of listening posts that >can do just that. Most communications are in the air-radio, microwave, >etc. -- and can be easily intercepted. Communications via buried cable >are much harder to intercept, and require someone inside Iran to tap >into. But the point of using an encryption machine is to allow sending >messages over insecure and imperceptible channels, so it is very >probable that the NSA had a steady stream of Iranian intelligence >messages to read. > >Whatever the methodology, this would be an enormous intelligence coup >for the NSA. It was also a secret in itself. If the Iranians ever >learned that the NSA was reading their messages, they would stop using >the broken encryption machines, and the NSA's source of Iranian secrets >would dry up. The secret that the NSA could read the Iranian secrets >was more important than any specific Iranian secrets that the NSA could >read. > >The result was that the U.S. would often learn secrets they couldn't >act upon, as action would give away their secret. During World War II, >the Allies would go to great lengths to make sure the Germans never >realized that their codes were broken. The Allies would learn about >U-boat positions, but wouldn't bomb the U-boats until they spotted the >U-boat by some other means...otherwise the Nazis might get suspicious. > >There's a story about Winston Churchill and the bombing of Coventry: >supposedly he knew the city would be bombed but could not warn its >citizens. The story is apocryphal, but is a good indication of the >extreme measures countries take to protect the secret that they can >read an enemy's secrets. > >And there are many stories of slip-ups. In 1986, after the bombing of >a Berlin disco, then-President Reagan said that he had irrefutable >evidence that Qadaffi was behind the attack. Libyan intelligence >realized that their diplomatic codes were broken, and changed >them. The result was an enormous setback for U.S. intelligence, all >for just a slip of the tongue. > >Iranian intelligence supposedly tried to test Chalabi's claim by >sending a message about an Iranian weapons cache. If the U.S. acted on >this information, then the Iranians would know that its codes were >broken. The U.S. didn't, which showed they're very smart about >this. Maybe they knew the Iranians suspected, or maybe they were >waiting to manufacture a plausible fictitious reason for knowing about >the weapons cache. > >So now the NSA's secret is out. The Iranians have undoubtedly changed >their encryption machines, and the NSA has lost its source of Iranian >secrets. But little else is known. Who told Chalabi? Only a few >people would know this important U.S. secret, and the snitch is >certainly guilty of treason. Maybe Chalabi never knew, and never told >the Iranians. Maybe the Iranians figured it out some other way, and >they are pretending that Chalabi told them in order to protect some >other intelligence source of theirs. > >During the 1950s, the Americans dug under East Berlin in order to >eavesdrop on a communications cable. They received all sorts of >intelligence until the East Germans discovered the tunnel. However, >the Soviets knew about the operation from the beginning, because they >had a spy in the British intelligence organization. But they couldn't >stop the digging, because that would expose George Blake as their spy. > >If the Iranians knew that the U.S. knew, why didn't they pretend not to >know and feed the U.S. false information? Or maybe they've been doing >that for years, and the U.S. finally figured out that the Iranians >knew. Maybe the U.S. knew that the Iranians knew, and are using the >fact to discredit Chalabi. > >The really weird twist to this story is that the U.S. has already been >accused of doing that to Iran. In 1992, Iran arrested Hans Buehler, a >Crypto AG employee, on suspicion that Crypto AG had installed back >doors in the encryption machines it sold to Iran -- at the request of >the NSA. He proclaimed his innocence through repeated interrogations, >and was finally released nine months later in 1993 when Crypto AG paid >a million dollars for his freedom -- then promptly fired him and billed >him for the release money. At this point Buehler started asking >inconvenient questions about the relationship between Crypto AG and the >NSA. > >So maybe Chalabi's information is from 1992, and the Iranians changed >their encryption machines a decade ago. > >Or maybe the NSA never broke the Iranian intelligence code, and this is >all one huge bluff. > >In this shadowy world of cat-and-mouse, it's hard to be sure of anything. > > >Hans Buehler's story: > -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 15 08:34:31 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 11:34:31 -0400 Subject: PayPal settles customer suit Message-ID: CNET News http://www.news.com/ PayPal settles customer suit By Paul Festa Staff Writer, CNET News.com http://news.com.com/2100-1038-5233490.html Story last modified June 14, 2004, 4:38 PM PDT PayPal has reached a preliminary settlement with some customers who accused the eBay unit of illegally freezing their funds. The company on Friday said it will pay a total of $9.25 million to settle the federal class-action suit, $3.4 million of which will pay lawyers' fees and costs. PayPal admitted no wrongdoing in settling the claims, which were filed in 2002 as part of two federal class-action suits that also alleged other customer service deficiencies. Those two cases were merged, and a third case, pending in California state court, will be dismissed if the settlement agreement is approved. "In this agreement, PayPal does not acknowledge that any of the allegations in the case are true," PayPal said in an e-mail to customers. The unit "entered into the settlement agreement to avoid further costs of litigation and to devote resources to more productive areas of our business." An attorney for PayPal customers called the settlement a win not only in securing a financial reward, but in changing the way PayPal does business. "I think we got it right," said Daniel Girard, a partner with Girard Gibbs & De Bartolomeo in San Francisco. "The settlement provides for cash recovery and also for a series of changes to the operating procedures at PayPal." Between June and September 2003, while the litigation was still pending, PayPal released $5.1 million in frozen customer funds, Girard said. As part of the settlement, PayPal agreed to change the way it handled dispute resolution. PayPal acknowledged that the settlement included an injunction mandating certain changes to the company's procedures, but maintained that the modifications had come about independent of the litigation. "PayPal has always been looking for ways to improve customer service," said company spokeswoman Amanda Pires. The litigation "didn't really change the way PayPal has been operating. We have improved our customer service as part our normal course of business." PayPal claims 45 million member accounts around the world. The settlement was the product of mediation, begun early last fall, before a court-appointed special master. Within a week, the parties plan to file the preliminary settlement with the U.S. District Court in San Jose, Calif., for approval. The case involves PayPal customers who used the service between Oct. 1, 1999 and Jan. 31, 2004. European Union residents are exluded. PayPal said it will publish the allocation plan in July or August. Customers will be informed of settlement terms within two months of the court's preliminary approval. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Tue Jun 15 02:56:34 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 15 Jun 2004 11:56:34 +0200 Subject: [IP] The Son of Patriot Act Also Rises (fwd from dave@farber.net) Message-ID: <20040615095633.GK12847@leitl.org> ----- Forwarded message from David Farber ----- From lloyd at randombit.net Tue Jun 15 09:05:01 2004 From: lloyd at randombit.net (Jack Lloyd) Date: Tue, 15 Jun 2004 12:05:01 -0400 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: References:

Message-ID: <20040615160501.GA13496@acm.jhu.edu> On Wed, Jun 16, 2004 at 03:37:54AM +1200, Peter Gutmann wrote: > "R. A. Hettinga" forwarded: > > >So now the NSA's secret is out. The Iranians have undoubtedly changed > >their encryption machines, and the NSA has lost its source of Iranian > >secrets. But little else is known. Who told Chalabi? Only a few > >people would know this important U.S. secret, and the snitch is > >certainly guilty of treason. > > Someone (half-)remembered reading the Crypto AG story in the Baltimore Sun > several years ago, bragged to Chalabi that the US had compromised Iranian > crypto, and the story snowballed from there. The story could have started out > with a loquacious (Sun-reading) cab driver for all we know. Some reports have [...] Well, most cabbies in Baltimore that I would encounter were too busy doing drugs or threatening passengers to be reading the Sun regularly, but who knows? -J From rah at shipwright.com Tue Jun 15 09:08:21 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 12:08:21 -0400 Subject: 2 million bank accounts robbed Message-ID: MSNBC Survey: 2 million bank accounts robbed Criminals taking advantage of online banking, Gartner says EXCLUSIVE By Bob Sullivan Technology correspondent MSNBC Updated: 4:25 a.m. ET June 14, 2004 Nearly 2 million Americans have had their checking accounts raided by criminals in the past 12 months, according to a soon-to-be released survey by market research group Gartner. Consumers reported an average loss per incident of $1,200, pushing total losses higher than $2 billion for the year. advertisement Gartner researcher Avivah Litan blamed online banking for most of the problem. "There has been a big increase in the abuse of existing checking accounts," Litan said. "What's really scary about it is right now there are no back-end fraud detection solutions for it." The survey results, extrapolated from a telephone poll of 5,000 consumers conducted in April, offer a rare glimpse at the state of bank fraud: Financial institutions are tight-lipped about fraud losses. But Litan said the study confirms comments she regularly hears from bank investigators. "The results are consistent with what banks are telling me. ... When I talk to them, they all nod their heads that this is the area where they are seeing the most fraud escalation," she said. 'Constant siege' The trend neatly follows a sharp rise in so-called phishing e-mails, which attempt to steal consumers' user names and passwords by imitating e-mail from legitimate financial institutions. A Gartner study released in May showed at least 1.8 million consumers had been tricked into divulging personal information in phishing attacks, most within the past year. Phishing attempts designed specifically to steal bank information began to skyrocket about 10 months ago, according to Dave Jevans, chair of the Anti-Phishing Working Group. Overall, phishing e-mails have jumped 4,000 percent in the past six months, and just last month, Citibank overtook eBay as the most common target. The company faced an average of 16 attacks per day, and 475 separate phishing attacks during April, an increase of nearly 400 percent from March. Citibank didn't immediately return requests for comment. "It's working, there's no doubt about that...There's people who are under constant siege now," Jevans said. "It's like people setting up fake ATMs everywhere." Some days, banks are targeted dozens of times, which not only leads to identity theft, but also jam-packed customer service telephone lines. "Clearly the issues are far more significant than anyone expected they would be. Phishing and spoofing (setting up look-alike bank Web sites) are really getting to people," said Larry Ponemon, founder of privacy think tank Ponemon Institute, and a bank consultant. "It is an epidemic. It's a very big problem." Creative ways to drain accounts But phish isn't the only way criminals gain access to online bank accounts, according to industry experts. Computer criminals are becoming increasingly proficient at writing Trojan horse programs and keyloggers that steal passwords and account information. Such secret malicious programs, which exerts say are more widespread than many realize, could be the cause of up to half the account takeovers, Litan speculated. Such programs can be installed on home users' computers through virus-laden e-mails. People who do their online banking at public computers, such as at Internet cafes, are also at risk from this kind of password swiping. FREE VIDEO * Run at the bank MSNBC.com's Bob Sullivan reports on online banking theft. NBC News The Gartner survey found that more than 4 million consumers reported suffering checking account takeovers at any time during recent years, with half that number saying it had happened in the most recent 12-month span -- indicating a sharp increase in the activity. While consumers who responded to the survey didn't know how the money was moved out of their checking accounts -- fake ATM cards are another possibility, for example -- Litan said she suspects a sharp rise in hackers taking over online bank accounts is the likely cause. Criminals are using creative ways to transfer money out of hijacked accounts, she said. "A couple of banks tell me (the criminals) set up a bill payment account, then pay themselves," she said. Another method, said U.S. Postal Inspector Barry Mew, takes advantage of the images of canceled checks made available to online bankers. Imposters use them to create authentic-looking counterfeit checks; they have an added air of legitimacy, since the check numbers are appropriately in series. Enough safeguards? Online banking, including online bill paying, has spiked in popularity in recent years, particularly as more financial institutions offer the service for free. According to Gartner, 45 percent of the 141 million U.S. adults who use the Internet pay bills online. Consumers like the convenience and banks like the operating savings. But not everyone is comfortable banking online, and Gartner's study confirms some of that group's worst fears: that accounts can be tapped into by criminals. "They should be afraid," Litan said. "The banks should be requiring more than just passwords to use online banking. They all know they have to do something, but they are all afraid to take the first step." Identity theft expert Rob Douglas described the study results as "blockbuster," and said banks may be forced to re-think the way they are giving consumers access to checking accounts online. "They may say it's because customers are not practicing the appropriate safeguards," he said. "But when it comes to online banking, they are not doing a good enough job of educating customers what to watch out for. Someone is making a lot of money." Litan said the industry was reeling in part because there is no software designed to detect unusual checking account withdrawal patterns, outside of software that looks for money laundering, which doesn't catch simple unauthorized withdrawals. Most credit card users are familiar with industry software called Falcon, which alerts issuers when out-of-the-ordinary purchases are attempted. Such software will often cause a card issuer to call a consumer and ask questions like, "Are you really in London buying a diamond necklace right now?" There's no similar product for online banking, Litan said. Still, there are simpler solutions banks could implement to protect themselves and consumers. One idea is a "shared secret" -- a picture that consumers would give to a bank, which would then appear each time the consumer visited the bank's site, confirming it was the authentic corporate Web site and not a "spoof" site controlled by a hacker. "There's a lot at stake here," Litan said. "And there's a lot that banks can do." Limited window for refunds In most cases, analysts say, consumers are eventually refunded the money they lose. Federal regulations governing electronic transfers, known as Regulation E, requires banks to refund the money as long as consumers notify the institution within 60 days of receiving their bank statement. But outside the 60-day window, banks are under no obligation to issue refunds. Fact File Know your rights Regulation E protects consumers when they are hit by electronic financial fraud * What's covered * Consumer liability * What consumers should do * What banks are required to do * For more information Consumers have well-defined rights with respect to fraudulent electronic transfers, and should generally be able to obtain refunds with little hassle. The rights are spelled out in what's known as "Reg-E," or the Federal Reserve Board's Regulation E. The Fed was authorized to draw up the regulation by the Electronic Funds Transfer Act of 1979. The regulation covers all manner of transfers into and out of bank accounts outside of paper checks, including the use of debit cards. It does not cover credit card transactions. * Print this Many banks don't make consumer rights clear enough, said George Tubin, an analyst at Tower Group. He praised Bank of America, Citibank, and Wells Fargo for offering credit-card style "zero liability" policies on their online banking products. "Until a bank is comfortable enough with their product to say you're covered, how can consumers feel comfortable?" he said. Betty Reese, a spokeswoman for Bank of America, said her firm simply requires consumers to report any fraud on "a timely basis." She decline to disclose fraud statistics. Still, getting a refund can be inconvenient, and there are scattered reports of banks not making the process easy. And ultimately, all consumers pay when banks increase fees to recoup their losses. The new Gartner results "are staggering numbers," said Jim Bruene, editor and founder of the Online Banking Report. "If that's true, we are really facing a monster problem," he said. "It's something that could have been anticipated by the banks. ... There should be and will be more controls in place." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From lloyd at randombit.net Tue Jun 15 09:22:46 2004 From: lloyd at randombit.net (Jack Lloyd) Date: Tue, 15 Jun 2004 12:22:46 -0400 Subject: 2 million bank accounts robbed In-Reply-To: References: Message-ID: <20040615162246.GB13496@acm.jhu.edu> So... don't give your account info to organized crime, and don't use Outlook, and your risk is reduced by, what, 90%? And doing online banking from a Net cafe... I mean really. At least some of these numbers seem wrong. If "nearly 2 million" people got ripped off last year, and "at least 1.8 million" people fell for phishing attacks, then why would keyloggers/viruses cause "up to half" of the account compromises? Did nearly a million people fall for phishing attacks and yet were too stupid to even get their account details correct? -J On Tue, Jun 15, 2004 at 12:08:21PM -0400, R. A. Hettinga wrote: > > > MSNBC > > Survey: 2 million bank accounts robbed > Criminals taking advantage of online banking, Gartner says > EXCLUSIVE > By Bob Sullivan > Technology correspondent > MSNBC > Updated: 4:25 a.m. ET June 14, 2004 > > Nearly 2 million Americans have had their checking accounts raided by > criminals in the past 12 months, according to a soon-to-be released survey > by market research group Gartner. Consumers reported an average loss per > incident of $1,200, pushing total losses higher than $2 billion for the > year. > > advertisement > Gartner researcher Avivah Litan blamed online banking for most of the problem. > > "There has been a big increase in the abuse of existing checking accounts," > Litan said. "What's really scary about it is right now there are no > back-end fraud detection solutions for it." > > The survey results, extrapolated from a telephone poll of 5,000 consumers > conducted in April, offer a rare glimpse at the state of bank fraud: > Financial institutions are tight-lipped about fraud losses. But Litan said > the study confirms comments she regularly hears from bank investigators. > > "The results are consistent with what banks are telling me. ... When I talk > to them, they all nod their heads that this is the area where they are > seeing the most fraud escalation," she said. > > 'Constant siege' > The trend neatly follows a sharp rise in so-called phishing e-mails, which > attempt to steal consumers' user names and passwords by imitating e-mail > from legitimate financial institutions. A Gartner study released in May > showed at least 1.8 million consumers had been tricked into divulging > personal information in phishing attacks, most within the past year. > > Phishing attempts designed specifically to steal bank information began to > skyrocket about 10 months ago, according to Dave Jevans, chair of the > Anti-Phishing Working Group. Overall, phishing e-mails have jumped 4,000 > percent in the past six months, and just last month, Citibank overtook eBay > as the most common target. The company faced an average of 16 attacks per > day, and 475 separate phishing attacks during April, an increase of nearly > 400 percent from March. > > Citibank didn't immediately return requests for comment. > > "It's working, there's no doubt about that...There's people who are under > constant siege now," Jevans said. "It's like people setting up fake ATMs > everywhere." > > Some days, banks are targeted dozens of times, which not only leads to > identity theft, but also jam-packed customer service telephone lines. > > "Clearly the issues are far more significant than anyone expected they > would be. Phishing and spoofing (setting up look-alike bank Web sites) are > really getting to people," said Larry Ponemon, founder of privacy think > tank Ponemon Institute, and a bank consultant. "It is an epidemic. It's a > very big problem." > > Creative ways to drain accounts > But phish isn't the only way criminals gain access to online bank accounts, > according to industry experts. Computer criminals are becoming increasingly > proficient at writing Trojan horse programs and keyloggers that steal > passwords and account information. Such secret malicious programs, which > exerts say are more widespread than many realize, could be the cause of up > to half the account takeovers, Litan speculated. > > Such programs can be installed on home users' computers through virus-laden > e-mails. People who do their online banking at public computers, such as at > Internet cafes, are also at risk from this kind of password swiping. > FREE VIDEO * Run at the bank > MSNBC.com's Bob Sullivan reports on online banking theft. > > NBC News > The Gartner survey found that more than 4 million consumers reported > suffering checking account takeovers at any time during recent years, with > half that number saying it had happened in the most recent 12-month span -- > indicating a sharp increase in the activity. > > While consumers who responded to the survey didn't know how the money was > moved out of their checking accounts -- fake ATM cards are another > possibility, for example -- Litan said she suspects a sharp rise in hackers > taking over online bank accounts is the likely cause. > > Criminals are using creative ways to transfer money out of hijacked > accounts, she said. > > "A couple of banks tell me (the criminals) set up a bill payment account, > then pay themselves," she said. > > Another method, said U.S. Postal Inspector Barry Mew, takes advantage of > the images of canceled checks made available to online bankers. Imposters > use them to create authentic-looking counterfeit checks; they have an added > air of legitimacy, since the check numbers are appropriately in series. > > Enough safeguards? > Online banking, including online bill paying, has spiked in popularity in > recent years, particularly as more financial institutions offer the service > for free. According to Gartner, 45 percent of the 141 million U.S. adults > who use the Internet pay bills online. Consumers like the convenience and > banks like the operating savings. > > But not everyone is comfortable banking online, and Gartner's study > confirms some of that group's worst fears: that accounts can be tapped into > by criminals. > > "They should be afraid," Litan said. "The banks should be requiring more > than just passwords to use online banking. They all know they have to do > something, but they are all afraid to take the first step." > > Identity theft expert Rob Douglas described the study results as > "blockbuster," and said banks may be forced to re-think the way they are > giving consumers access to checking accounts online. > > "They may say it's because customers are not practicing the appropriate > safeguards," he said. "But when it comes to online banking, they are not > doing a good enough job of educating customers what to watch out for. > Someone is making a lot of money." > > Litan said the industry was reeling in part because there is no software > designed to detect unusual checking account withdrawal patterns, outside of > software that looks for money laundering, which doesn't catch simple > unauthorized withdrawals. > > Most credit card users are familiar with industry software called Falcon, > which alerts issuers when out-of-the-ordinary purchases are attempted. Such > software will often cause a card issuer to call a consumer and ask > questions like, "Are you really in London buying a diamond necklace right > now?" > > There's no similar product for online banking, Litan said. > > Still, there are simpler solutions banks could implement to protect > themselves and consumers. One idea is a "shared secret" -- a picture that > consumers would give to a bank, which would then appear each time the > consumer visited the bank's site, confirming it was the authentic corporate > Web site and not a "spoof" site controlled by a hacker. > > "There's a lot at stake here," Litan said. "And there's a lot that banks > can do." > > Limited window for refunds > In most cases, analysts say, consumers are eventually refunded the money > they lose. Federal regulations governing electronic transfers, known as > Regulation E, requires banks to refund the money as long as consumers > notify the institution within 60 days of receiving their bank statement. > But outside the 60-day window, banks are under no obligation to issue > refunds. > > Fact File > Know your rights > > Regulation E protects consumers when they are hit by electronic financial fraud > > * > What's covered > > * > Consumer liability > > * > What consumers should do > > * > What banks are required to do > > * > For more information > > Consumers have well-defined rights with respect to fraudulent electronic > transfers, and should generally be able to obtain refunds with little > hassle. The rights are spelled out in what's known as "Reg-E," or the > Federal Reserve Board's Regulation E. The Fed was authorized to draw up the > regulation by the Electronic Funds Transfer Act of 1979. The regulation > covers all manner of transfers into and out of bank accounts outside of > paper checks, including the use of debit cards. It does not cover credit > card transactions. > > * Print this > > Many banks don't make consumer rights clear enough, said George Tubin, an > analyst at Tower Group. He praised Bank of America, Citibank, and Wells > Fargo for offering credit-card style "zero liability" policies on their > online banking products. > > "Until a bank is comfortable enough with their product to say you're > covered, how can consumers feel comfortable?" he said. > > Betty Reese, a spokeswoman for Bank of America, said her firm simply > requires consumers to report any fraud on "a timely basis." She decline to > disclose fraud statistics. > > Still, getting a refund can be inconvenient, and there are scattered > reports of banks not making the process easy. And ultimately, all > consumers pay when banks increase fees to recoup their losses. > > The new Gartner results "are staggering numbers," said Jim Bruene, editor > and founder of the Online Banking Report. > > "If that's true, we are really facing a monster problem," he said. "It's > something that could have been anticipated by the banks. ... There should > be and will be more controls in place." > > -- > ----------------- > R. A. Hettinga > The Internet Bearer Underwriting Corporation > 44 Farquhar Street, Boston, MA 02131 USA > "... however it may deserve respect for its usefulness and antiquity, > [predicting the end of the world] has not been found agreeable to > experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 15 09:34:37 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 12:34:37 -0400 Subject: Post-9/11 laws expand to more than terrorism Message-ID: Times Record News To print this page, select File then Print from your browser URL: http://www.timesrecordnews.com/trn/nw_washington/article/0,1891,TRN_5707_2962597,00.html Post-9/11 laws expand to more than terrorism By LANCE GAY June 14, 2004 Federal and state prosecutors are applying stiff antiterrorism laws adopted after the 9/11 attacks to broad, run-of-the-mill probes of political corruption, financial crimes and immigration frauds. If the government gets its way, even routine transactions of buying or selling American homes could soon come under the scrutiny of money-laundering provisions of the USA Patriot Act. The Treasury Department, which already has caught up financial transactions in casinos, storefront check-cashing stores and auto dealers for scrutiny, wants to expand Patriot Act coverage to home purchases as well. Since 9/11, critics say the greatest effect of new state and federal antiterrorism laws has been on crimes already covered by other laws. Washington-area snipers John Muhammad and Lee Boyd Malvo were both convicted under a post-9/11 Virginia antiterrorism statute making it a death-penalty offense to be involved in more than one murder in a three-year period. Muhammad was sentenced to death, and Malvo was given life imprisonment without parole. The FBI has used Patriot Act provisions in a political corruption probe involving a Las Vegas girlie bar, and the Justice Department reported to the House Judiciary Committee last year that it used the new law in probes of credit-card fraud, theft from a bank account and a kidnapping. In the first action of its kind, the Treasury Department also used the Patriot Act this year to put Syria's largest commercial bank and two commercial banks in Myanmar on blacklists - actions that forbid any U.S. financial institution from doing business with them. Legal experts say they're not surprised that antiterrorism laws are being used for more than just terrorism. Peter Swire, a law professor at Ohio State University, recalled that Congress adopted antiracketeering laws in 1970 with the intent to thwart mobsters, but the punitive laws have since been broadened and put to use in civil cases against corporations, and most recently against the organized campaigns of pro-life protesters against abortion clinics. Swire worked in the Clinton administration and chaired a White House working group looking at issues involved with electronic surveillance. He said many Patriot Act provisions, which sped through Congress within days after 9/11, were proposals that either Congress or the White House had previously rejected. Many provisions are slated to expire next year unless Congress makes the changes permanent. Swire said one little-noted impact of that law on the judicial system is that prosecutors can add more charges against defendants, even when terrorism isn't involved. "Prosecutors like to have more arrows in their quiver - it gives them more leverage in plea bargaining," he said. Plea bargaining is the process where prosecutors offer to drop some charges in return for a defendant's guilty plea in order to avoid costly, time-consuming trials. Swire contends the Patriot Act has been so controversial that the Justice Department has been very cautious in using all of its provisions. "They are careful because they know people are checking to see if it is abused," he said. "Once it becomes permanent, I think it will be used more widely." The American Civil Liberties Union and other civil rights groups are campaigning for Congress to terminate some of the more controversial provisions of the Patriot Act, contending the law unnecessarily expands government powers. The ACLU says the government already has sufficient investigative tools, and the Patriot Act has been used for non-terrorist-related crimes such as seizing stolen funds from bank accounts in Belize. Michael Mello, a law professor at Vermont Law School, disagrees and said the Patriot Act made some needed changes in government procedures, including provisions that tore down barriers that prohibited the FBI and CIA from sharing information. "There's been a sea change by tearing down that wall," said Mello. "To forbid the FBI from getting spooks' (CIA) information that someone in the United States was carrying out a significant criminal enterprise is insane." In spite of the criticism from the ACLU and others, Mello said he doesn't believe the Patriot Act has been misused or has resulted in any expansion of government powers. "In the absence of evidence, the critics lose," he said. Mello agrees that there are some provisions in the Patriot Act that should be allowed to expire. He opposes a controversial provision allowing the Justice Department to use so-called "national security letters" to obtain library records, medical records and banking records of people put under surveillance. The Patriot Act wasn't needed when police searched library records in the hunt for Unabomber Ted Kaczynski or the effort to track New York's Zodiac killer, Mello noted. Many government activities under the Patriot Act remain shrouded in secrecy. One of the provisions not expiring is an expansion of police powers to obtain "sneak-and-peek" warrants allowing surveillances - including break-ins - without notifying the people being watched. The government is being more aggressive in asking courts for surveillance warrants. The Justice Department last year made a record 1,727 requests for wiretap approvals from the secretive Foreign Intelligence Surveillance Court, but does not publicly disclose how many investigations that might involve. Attorney General John Ashcroft told the Senate Judiciary Committee last week that the Patriot Act has been used judiciously, and he urged Congress to give speedy consideration to extending it. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 15 09:36:22 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 12:36:22 -0400 Subject: 2 million bank accounts robbed In-Reply-To: <20040615162246.GB13496@acm.jhu.edu> References: <20040615162246.GB13496@acm.jhu.edu> Message-ID: At 12:22 PM -0400 6/15/04, Jack Lloyd wrote: >I mean really. I'd lay this at the feet of book-entry settlement, but I'm supposed to say that. :-) Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 15 09:44:04 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 12:44:04 -0400 Subject: He Pushed the Hot Button of Touch-Screen Voting Message-ID: The New York Times June 15, 2004 He Pushed the Hot Button of Touch-Screen Voting By KATHARINE Q. SEELYE Kevin Shelley is a big and voluble Irish politician, the son of a former San Francisco mayor, and not the sort you would figure for the heretofore semi-obscure job of California secretary of state. But Mr. Shelley, who was elected to the post in November 2002 after a career as a state legislator, has adapted the job to suit his style, taking the arcane matter of voting machines and turning it into a hobbyhorse that some predict he could ride to the governor's office. Mr. Shelley, a Democrat, has gained national notice for his skepticism toward touch-screen voting and his insistence that voters be able to look at a paper record inside the voting booth to verify their ballots. He says such paper trails are crucial if government wants voters to have confidence that their ballots are being counted correctly. As a result, he has ordered that after July 1, 2005, no county in California can buy a touch-screen system without a paper record that is verifiable by the voter, and as of July 2006, all touch-screen systems here must be equipped with paper trails, regardless of when they were bought. Until the machines have that capability, he wants people who do not trust them to have the option of voting by a traditional paper ballot. Then, on April 30, he banned the use of certain touch screens in 4 counties and decertified them in 10 other counties until additional security measures could be put in place. "Someone said to me, 'The problem with Kevin Shelley is, he's an activist,' " Mr. Shelley recalled in an interview earlier this month in his office here overlooking the black-and-gold dome of City Hall in San Francisco. "I plead guilty. But, oh my God, never has it been more important to be an activist." His directive has national implications because 40 percent of all touch-screen voting machines in use are in California. If vendors start making equipment to the specifications of the huge California market, that market is likely to dictate what is available to the rest of the country. But Mr. Shelley's advocacy of paper trails has set off a fierce and emotional reaction among local election officials in California and elsewhere and has brought the purchase of such systems to a near standstill. Nearly one third of voters nationwide this November will vote on touch screens. Local officials say that despite demonstrations from computer experts that hackers can break into the machines, there is no evidence that anyone has done so. Moreover, voters may expect an actual, individual receipt after they vote; what happens instead is that a paper record, visible to the voter, is created in the machine. Officials have also expressed concern about paper jams. Mr. Shelley's insistence on paper trails has prompted officials in four California counties to sue him. The clash is being repeated in other states and courtrooms and has even roiled the venerable League of Women Voters, where advocates of paper trails tried to overthrow the league's establishment, which has been against them. They settled yesterday on a compromise resolution to support "secure, accurate, recountable and accessible" systems, all code words for paper trails. Conny B. McCormack, the respected registrar of Los Angeles County, the biggest voting jurisdiction in the country, has emerged as one of Mr. Shelley's chief critics. Ms. McCormack said that Mr. Shelley had confounded local officials by handing down directives that require a technology that does not yet exist. Rather than inspire voter confidence, she said, Mr. Shelley has undermined it. (Manufacturers have said that if the technology were required, they could supply it, but not in time for the November elections.) "He put out a report on April 20 saying that touch screens were 100 percent accurate," Ms. McCormack said. "And then two days later he decertified them." She said such actions had "destabilized the entire election process in California and potentially nationwide." In random testing during the March 2 California primary, Mr. Shelley's office found that the machines "recorded the votes as cast with 100 percent accuracy." In an effort to prod the industry, Mr. Shelley yesterday issued standards for the manufacturers in developing paper trails, the first in the country. They include requirements that voters who are disabled be able to vote and verify their vote without assistance, that voters be able to verify their votes before casting them and that the paper records be printed in both English and the voter's preferred language. "I'm insisting, quite unapologetically, on the need to have these appropriate security measures in place to protect the voters, which is my principal charge," Mr. Shelley said. Mr. Shelley, 48, grew up in politics, the son of Jack Shelley, a former mayor of San Francisco. His father also served in Congress and the California Legislature, where, he was one of two lawmakers to vote against the internment of Japanese-Americans in World War II. "My dad's vote seems like a no-brainer now," Mr. Shelley said. "But at the time, it spoke to who he was and what he believed in, and he passed that on to me." (Jack Shelley died of lung cancer in 1974, when his son was 18.) Mr. Shelley began his career as a legislative director in Washington for Representative Phil Burton, a liberal icon in California. He was elected to the San Francisco Board of Supervisors and then the State Assembly, where he served for the allowable limit of three two-year terms and became majority leader. He said he ran for secretary of state because he wanted to counteract the decline in voting, though he has used the office to highlight other issues, like domestic partner rights and corporate responsibility. Mr. Shelley did not deny an interest in the governor's office someday but said his goal for now was "to make policy and set precedent; it has nothing to do with my future." Eric Jaye, a political consultant here and longtime associate of Mr. Shelley, said he had transformed what was essentially an administrative post "into a bully pulpit." Several recent analyses have bolstered Mr. Shelley's view that touch screens need more security. These include a recommendation by the chairman of the federal Election Assistance Commission that every voting jurisdiction that uses touch screens enhance their security, with either paper trails or other methods, by November. A joint report issued yesterday by the Kennedy School of Government at Harvard and the National Science Foundation endorsed touch screens with paper trails as the most effective voting system. Still, many officials who run elections believe the push for paper trails is more window-dressing than a necessary expense. San Bernardino County, which is among those suing Mr. Shelley, plans to ignore his directive to provide separate paper ballots for those uncomfortable with touch screens. "It would be an expression of a lack of confidence in the machines," for which the county just spent $14 million, said David Wert, a spokesman for the county supervisors. In May, the supervisors noted that Mr. Shelley had certified the county's system before the March 2 primary and that "absolutely nothing has occurred since that certification to call the system's performance or reliability into question." To those who say he is only fanning fears, Mr. Shelley laughs. "If a machine breaks down in San Diego, and it breaks down in Georgia, and they break down in Maryland, and they break down in Alameda and we have high schools where they can hack into the systems, the deficiencies are in the machines," he said. "Look," he added, "I believe these machines have a very, very firm place in our future, but I also believe that in responding to the chaos in Florida in 2000 these machines were rushed out before all the kinks were worked out." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 15 09:59:53 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 12:59:53 -0400 Subject: Firms Join Up to Combat Web Fraud Message-ID: The Wall Street Journal June 15, 2004 Firms Join Up to Combat Web Fraud IBM, Other Heavyweights Seek Standards to Block Filching of Personal Data By KEVIN J. DELANEY Staff Reporter of THE WALL STREET JOURNAL June 15, 2004; Page D5 Over a dozen corporate heavyweights are teaming up to fight "phishing," the use of the Internet by crooks to filch personal data such as bank-account numbers and user passwords. The companies, which include International Business Machines Corp., Fidelity Investments and Tenet Healthcare Corp., tomorrow plan to announce the formation of the Trusted Electronic Communications Forum, a trade group that is expected to research and promote technical standards to combat phishing. Research firm Gartner Group estimates that 57 million U.S. Internet users have received e-mail linked to phishing scams and about 1.8 million may have divulged personal information as a result. And the problem is increasing: In research conducted in April, Gartner found that 76% of all known or suspected phishing attacks had taken place in the previous six months. In a typical phishing attack, a consumer receives an e-mail purporting to be from a bank, telecom company, or other institution. The fraudulent e-mails are designed to resemble actual messages from the company, usually by lifting its design and corporate logos. They often direct consumers to a similarly counterfeit Web site and ask them to enter personal information, such as a bank-account number and online-banking password. Crooks use that information to defraud the consumer. Their success at mimicking legitimate e-mails and Web sites has made such scams increasingly effective. Citigroup Inc.'s Citibank unit, eBay Inc. and its PayPal unit were the three organizations targeted most often by phishing scams in April, according to the Anti-Phishing Working Group, another industry association, with 400 members from over 250 organizations. Financial-services institutions represented 15 of the 20 most-targeted organizations in April, according to the group. "The epidemic as a whole has increased so much in size and success rates in the past several months," says Shawn Eldridge, TECF's chairman and director of product and market strategy at PostX Corp. "The problem is very large and no one is immune." Corporations are concerned about phishing because of its potential negative impact on electronic commerce and online services they offer. The TECF aims to promote standard technologies and business practices to combat phishing and assist in prosecuting offenders. Its other founding members include ABN AMRO Bank NV, AT&T Wireless Services Inc., Best Buy Co., Charles Schwab Corp., E*Trade Financial Corp., HSBC Holdings PLC, Royal Bank of Scotland Group PLC, Siebel Systems Inc. and Target Corp. Avivah Litan, a senior analyst at Gartner, Stamford, Conn., says the involvement of many different organizations is important. "They're coming up with solutions that really need to be widespread if they're going to be used and effective," says Ms. Litan, who was briefed ahead of the TECF announcement. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From jya at pipeline.com Tue Jun 15 13:25:13 2004 From: jya at pipeline.com (John Young) Date: Tue, 15 Jun 2004 13:25:13 -0700 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: References: Message-ID: Crypto AG's website denies the allegation of its machines being compromised. Its FAQ claims the false the story got started in 1992 by a disgruntled employee. There, that reassures Iran, Botswana, Nigeria and Uganda. NSA never had those meetings with the machine designers. Now, how about that story of Phil Zimmermann getting out of prosecution by agreeing to a backdoor in PGP after 2.0? A man swears Phil told him that face-to-face, man says he disassembled the source code to see the damning hole. And the one about PK being rigged at birth, not the Brit version, the one made in the USA. A drunk ex-NSA had that on a ready-to-lose laptop bar-lifted by A. Melon. And the uncrackability of crypto-mathematics, need only to worry about faulty implementation and poor passwords and black bag jobs and key loggers and insiders and EM leakage. Heard the one about TEMPEST being a long-running tail-chaser? From lloyd at randombit.net Tue Jun 15 11:09:40 2004 From: lloyd at randombit.net (Jack Lloyd) Date: Tue, 15 Jun 2004 14:09:40 -0400 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: References:

Message-ID: <20040615180940.GA20075@acm.jhu.edu> On Tue, Jun 15, 2004 at 01:25:13PM -0700, John Young wrote: [...] > Now, how about that story of Phil Zimmermann getting out > of prosecution by agreeing to a backdoor in PGP after 2.0? > A man swears Phil told him that face-to-face, man says > he disassembled the source code to see the damning hole. Erm... he disassembled source code? With what? Emacs? Or vim maybe? BTW, I met a guy once who swore you were an fed informer. I mean, he sounded really positive. Said you had told him yourself. -J From mv at cdc.gov Tue Jun 15 15:09:26 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Tue, 15 Jun 2004 15:09:26 -0700 Subject: Low-elevation skymapping at 2.45 Ghz Message-ID: <40CF7396.F6359CB3@cdc.gov> Telescopes are sold for < $200 which include programmable positioning devices (2 axes obvioiusly). I suppose its just a reduction drive and the usual electro-mech-control stuff but it implies a high degree of angular resolution for cheap. Has anyone: 1. ever used the refractor type telescope tube as-is as a super-long pringles directional 802.11 antenna? In fact the front optics may not interfere... 2. ever used the electronically controlled mount on a steady platform and a highly directional antenna (dishes included) to really see what the world really looks like at 2.mumble Ghz passive with an 802.11 decoder? I mean, radio astronomers do detailed sky surveys all the time. Why restrict yourself to the sky? (Yes, I realize our friends at Ft Meade have probably been using scanning-tunnelling-microscope type piezo-servo actuators to keep a steady gaze for some time..) From rah at shipwright.com Tue Jun 15 12:57:08 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 15:57:08 -0400 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: <20040615180940.GA20075@acm.jhu.edu> References:

<20040615180940.GA20075@acm.jhu.edu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 2:09 PM -0400 6/15/04, Jack Lloyd wrote: >Erm... he disassembled source code? With what? Emacs? Or vim maybe? If you look down a bit, you might notice he's pulling your leg. If you're not *real* careful, he'll pull it clean off and beat you over the head with it. Besides, he's an architect, ferchrissakes. The only disassembly he knows about is done with stuff like this: >BTW, I met a guy once who swore you were an fed informer. I mean, he >sounded really positive. Said you had told him yourself. Naw. That was his brother-in-law, or something. The one in Maryland, someplace. A venerated man in his profession, John's still an old lefty from way back. If you squint real hard, maybe you can see him in the crowd here: . ;-) He ain't no spook. His heart would stop, or something. There are lots of people who hate the state from the left. John's one of 'em -- if you can understand what he says. :-) Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQM9UZsPxH8jf3ohaEQIF+ACgwp8+iQCp0ZQvJfQ+tHgd9592IdkAnRvQ JIgNq+x70jzgFNAoWmwKBcRJ =KS9O -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From geer at world.std.com Tue Jun 15 13:30:08 2004 From: geer at world.std.com (geer at world.std.com) Date: Tue, 15 Jun 2004 16:30:08 -0400 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: Your message of "Wed, 16 Jun 2004 03:37:54 EDT." Message-ID: <200406152030.QAA7086050@shell.TheWorld.com> > Maybe Chalabi read the story himself and invented the > snitch to make it seem more important than it was, or to > drive the US security community nuts with an orgy of > internal witch-hunting. Given the lack of further > information, it could have been just about anything. Maybe Chalabi made up a story that turned out to be true and, like the 1965 movie "I saw what you did and I know who you are" where a pair of teenagers make prank calls at random and say that sentence -- which is fun until they ring up a guy who just murdered his wife -- now has to explain that which is impossible to explain. --dan From bbrow07 at students.bbk.ac.uk Tue Jun 15 08:45:42 2004 From: bbrow07 at students.bbk.ac.uk (ken) Date: Tue, 15 Jun 2004 16:45:42 +0100 Subject: Reverse Scamming 419ers In-Reply-To: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> References: <200406111731.i5BHV7MF023729@artifact.psychedelic.net> Message-ID: <40CF19A6.5050707@students.bbk.ac.uk> Eric Cordian wrote: > But Nigeria is a very poor country, with high unemployment, where people are > forced by economic circumstances to do almost anything to try and feed their > families. The 419ers aren't the starving poor - they know exactly what they are doing and have got the resources to do it. And they have no scruples about ripping off fellow Africans either. Getting rid of them might be doing the majority of Nigerians a favour. > It seems to me the relationship between affluent Americans and poor > Nigerians is an example of a dominant class/subordinate class structure, and > in such a structure, the subordinate class has rights, and the dominant > class has responsibilities. Nigeria's a big country. Nearly everyone there is poor. But there are still a great many rich. And not many of them got rich honestly. From rah at shipwright.com Tue Jun 15 14:23:09 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 15 Jun 2004 17:23:09 -0400 Subject: Chip-a-Child: National Scientific Corporation IBUS WiFi Message-ID: National Scientific Announces Wi-Fi Enabled Version of IBUS Technology to Track Children on School Buses Scottsdale, AZ/June 14, 2004/Business Wire/ -- -- U.S. technology firm National Scientific Corporation (OTCBB: NSCT) today announced a new Wi-Fi enabled version to its IBUS school bus passenger authentication system. This latest product offering allows school districts to more effectively track and identify school bus passengers. By adding Wi-Fi capability to National Scientific's IBUS product, school districts can simply and easily track students who are riding on their school buses. This new Wi-Fi enabled GPS data logging unit tracks the location of buses and logs students boarding or disembarking from the bus. A series of strategically located Wi-Fi access points are used to securely move that data from the school bus back to the school's online student database. School districts save time and money while increasing student safety when they utilize a student tracking system such as IBUS. "Wi-Fi capability significantly lowers deployment and maintenance costs by reducing the hardware components needed for the system while streamlining access to student security data," said Graham Clark, National Scientific Corporation's president. "We have a number of initiatives aimed at simplifying Medicaid transportation reimbursement of special needs students and when combined with our Wi-Fi IBUS technology, we believe we have a very strong product offering that should generate a significant return on the investment." IBUS is a student tracking system, which includes an ID card reader and a GPS module for time and location information. Additionally this system interfaces with any standard 802.11x Wi-Fi access points. Complete specifications for this product are available on the Company's website at www.national-scientific.com. National Scientific Corporation designs and builds versatile wireless platforms for location-sensitive applications. The Company is a technology leader in combining systems for indoor and outdoor positioning. For more information about NSC, its people, and its technology please visit the Company's web site at www.national-scientific.com. Certain information and comments contained in this press release may be forward-looking statements (within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934). Factors set forth in the company's Annual Report on Form 10-KSB for the fiscal year ended September 30, 2003, its subsequent Form 10-QSB filings together with other factors that appear in this press release or in the Company's other SEC filings could affect the Company's actual results and could cause the Company's actual results to differ materially from those expressed in any forward-looking statements made by, or on behalf of the company, in this press release. The Company undertakes no obligation to publicly release the results of any revisions to the forward-looking statements made in this press release to reflect events or circumstances after the date hereof, or to reflect the occurrence of unanticipated events. ### -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA 'Maybe we should just brand all babies.' -- Ronald Reagan, sarcastically, on the subject of a national ID card. From eugen at leitl.org Tue Jun 15 08:33:01 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 15 Jun 2004 17:33:01 +0200 Subject: RFID License Plates in the UK (fwd from brian-slashdotnews@hyperreal.org) Message-ID: <20040615153301.GH12847@leitl.org> ----- Forwarded message from brian-slashdotnews at hyperreal.org ----- From johnridgecook at earthlink.net Tue Jun 15 15:48:41 2004 From: johnridgecook at earthlink.net (John Ridge Cook) Date: Tue, 15 Jun 2004 18:48:41 -0400 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) References: Message-ID: <40CF7CC9.2090501@earthlink.net> James Bamford is an author of several books, including some of the first on the National Security Agency, the code breakers and signals intelligence operators. He has written a recent book on intelligence manipulation in the run up to the Iraq war. During a radio interview he was asked about the Iranian code crack. http://freshair.npr.org/day_fa.jhtml;jsessionid=0DIL5REBMCVQPLA5AINSFFA?display=day&todayDate=06/08/2004 His reply, from sources in the NSA- Current cryptosystems are very complex and hard (near impossible) to crack. The way its done now a days (as opposed to WWII Ultra efforts), is to penetrate an embassy (in this instance, Iran's embassy in Baghdad) and bug the hardware, getting the information before its encrypted. Of special interest- bug the keyboard, bug the monitor, bug the power cord. How its gathered by the interested parties was not discussed, Yours- Ridge ---------------------------------- Peter Gutmann wrote: > "R. A. Hettinga" forwarded: > > >>So now the NSA's secret is out. The Iranians have undoubtedly changed >>their encryption machines, and the NSA has lost its source of Iranian >>secrets. But little else is known. Who told Chalabi? Only a few >>people would know this important U.S. secret, and the snitch is >>certainly guilty of treason. > > > Someone (half-)remembered reading the Crypto AG story in the Baltimore Sun > several years ago, bragged to Chalabi that the US had compromised Iranian > crypto, and the story snowballed from there. The story could have started out > with a loquacious (Sun-reading) cab driver for all we know. Some reports have > suggested the source was drunk, so maybe it was a drunk in a bar. Maybe > Chalabi read the story himself and invented the snitch to make it seem more > important than it was, or to drive the US security community nuts with an orgy > of internal witch-hunting. Given the lack of further information, it could > have been just about anything. > > Peter. > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com From eugen at leitl.org Tue Jun 15 09:51:21 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 15 Jun 2004 18:51:21 +0200 Subject: Interview with Glenn Henry, founder of VIA processor subsidiary Centaur Message-ID: <20040615165121.GL12847@leitl.org> http://linuxdevices.com/articles/AT2656883479.html [ker-snip] The third one, is one you haven't asked me about, this is actually my pet hobby, here -- we've added these fully sophisticated and very powerful security instructions into the... Q19: That was my last question! A19: So the classic question is, hey, you built some hardware, who's going to use it? Well, the answer is, six months after we first started shipping our product with encryption in it [story], we have three or four operating systems, including Linux, OpenBSD, and FreeBSD, directly supporting our security features in the kernel. Getting support that quickly can't happen in the Microsoft world. Maybe they'll support it someday, maybe they won't. Quite honestly, if you want to build it, and hope that someone will come, you've got to count on something like the free software world. Free software makes it very easy for people to add functionality. You've got extremely talented, motivated people in the free software world who, if they think it's right to do it, will do it. That was my strategy with security. We didn't have to justify it, because it's my hobby, so we did it. But, it would have been hard to justify these new hardware things without a software plan. My theory was simple: if we do it, and we do it right, it will appeal to the really knowledgeable security guys, most of whom live in the free software world. And those guys, if they like it, and see it's right, then they will support it. And they have the wherewithal to support it, because of the way open software works. So those are my three themes, ignoring the fourth one, that's obvious: that without competition, Windows would cost even more. To summarize, for our business, [Linux is] important because it allows us to build lower-cost PC platforms, it allows people to build new, more sophisticated embedded applications easier, and it allows us, without any software costs, to add new features that we think are important to the world. Our next processor -- I haven't ever told anyone, so I won't say what it is -- but our next processor has even more things in it that I think will be just as quickly adopted by the open source software world, and provide even more value. It's always bothered me that hardware can do so many things relatively easily and fast that aren't done today because there's no software to support it. We just decided to try to break the mold. We were going to do hardware that, literally, had no software support at the start. And now the software is there, in several variations, and people are starting to use it. I actually think that's only going to happen in the open source world. Q20: We'd like a few words from you about your security strategy, how you've been putting security in the chips, and so on. A20: Securing one's information and data is sort of fundamental to the human need -- it's certainly fundamental to business needs. With the current world, in which everyone's attached to the Internet -- with most peoples' machines having back-door holes in them, whether they know it or not -- and with all the wireless stuff going on, people's data, whether they know it or not, is relatively insecure. The people who know that are using secure operating systems, and they're encrypting their data. Encrypting of data's been around for a long time. We believe, though, that this should be a pervasive thing that should appear on all platforms, and should be built into all things. It turns out, though, that security features are all computationally intensive. That's what they do. They take the bits and grind them up using computations, in a way that makes it hard to un-grind them. So, we said, they're a perfect candidate for hardware. They're well-defined, they're not very big, they run much faster in hardware than in software -- 10 to 30 times, in the examples we use. And, they are so fundamental, that we should add the basic primitives to our processor. How did we know what to add? We added government standards. The U.S. government has done extensive work on standardizing the encryption protocols, secure digital signature protocols, secure hash protocols. We used the most modern of government standards, built the basic functions into our chip, and did it in such a way that made it very easy for software to use. Every time you send an email, every time you send a file to someone, that data should be encrypted. It's going out on the Internet, where anyone with half a brain can steal it. Second, if you really care about not letting people have access to certain data that's on your hard drive, it ought to be encrypted, because half the PCs these days have some, I don't know what the right word is, some "spy" built into it, through a virus or worm, that can steal data and pass it back. You'll never get that prevented through operating system upgrades. I do have some background, sort of, in security: it's always been my hobby. The fundamental assumption you should make is, assume that someone else can look at what you're looking at. In other words, don't try to protect your data by assuming that no one's going to come steal your hard drive, or no one can snoop through a backdoor in Windows. You protect your data by saying, "Even if they can see the data, what good is it going to do them?" We think this is going to be a pervasive need. The common if-you-will person's awareness of worms and viruses has gone up a million percent in the last few years, based on all the problems. The awareness of the need to protect data is going to go up substantially, too. We're doing more than encryption, though. There's another need, which is coming, related to message authentication and digital signatures. We're encrypting all the time. Every time you buy something over the Web, your order is encrypted. So there is encryption going on already. But the next major thing -- and this is already done in the high-security circles of banks -- is message authentication through digital signatures. How do you know someone didn't intercept that order, and they're sending in their own orders using your credit card number? How do you know, when you get a message from somebody, that they didn't substitute the word "yes" for "no," things like that? These are very important in the world of security. They're well understood in the government world, or the high-security world, and there are government standards on how you do these things. They are called secure hashes, and things like that. So we've added features for those. To summarize, the things we've added fall into three categories. One is a good hardware random number generator. That was actually the first thing, and that's actually one of the hardest things to do. It sounds trivial, but it's actually very hard to generate randomness, with any kind of process. It needs to be done in hardware. Software cannot generate random numbers that pass the tests that the government and others define. The second thing we did is a significant speedup in the two basic forms of encryption. One's called symmetric key encryption, and the government standard is AES, which is a follow-on to a thing called DES. So we do AES encryption very fast. The other form of encryption that's widely used is public key encryption, and the most common form there is a thing called RSA. That's what's being used, you know, for secure Web transactions. We think we're the only people who've done this: we added instructions in our new processor that's coming to speed up RSA. The third thing we've done is added what's called a secure hash algorithm. Again, it's a government standard. Its used for message authentication and digital signatures. It deals with the issue, if you send me an email, how do I know that the email I got was the one you sent? That it wasn't intercepted and changed? And more fundamentally, how do I know that it actually came from you? Anyone can put their name, in our world, on that email. Things like that. So there's got to be some code in that email that I can look at, and know that only you could have sent it. I can explain this more if you want to know. Q21: That's probably sufficient. We're looking more for the strategy. A21: Okay, let me back up. Our strategy was, assuming that we believe that security is fundamental and ought to be there, to define the primitive operations that need to be done as the building blocks of security. Those we put into hardware. We're not trying to impose a particular, I don't know, protocol or use. We're just making available the tools. We're doing it for free. The tools are in the processors, at no extra price. They don't require any OS support, no kernel support, no device drivers. It's getting into the kernels of BSD and Linux, but applications can directly use the features [even without kernel support], and the hardware takes care of the multitasking aspects. The two guys who worked on it with me are both heavy Linux users. They wrote to friends in the security and Linux communities. Very little marketing money was spent. When the security press release went out, at the Embedded Processor Forum, it had three key quotes, real quotes. Not quotes written by PR managers. My quote was written by a PR manager, but the others weren't. All three were big names in the security world, and all were saying good stuff. Q22: Beyond security, are other cool features planned? A22: The next chip has some tools to do computationally intensive things where hardware provides a big advantage. But I don't want to say yet what they are. Q23: Would they be useful for multimedia? Yes, for multimedia, and for other things. Q24: Like a DSP? A24: Kind of like that. Q25: Okay, we won't push. We appreciate you taking the time to speak with us. We can't imagine getting the president of AMD or Intel to do this. A25: Our whole strategy is so close to the, if you will, the fate of Linux. We identify so much with it. We're low-cost, aimed at the common person, we're aimed at new applications, and we don't have any massive PR or marketing or sales budget, so. Actually, I have a special softness in my heart for Linux. I think without Linux our business would be much less than what it is today. It's just very important to us, so, I wanted to give you guys the time. About the Interviewee Glenn Henry is the founder and president of Centaur Technology. Throughout his career, he has played an integral role in the development of the U.S. computer industry. Prior to founding Centaur in April 1995, Henry served as a consultant to MIPS Technology (SGI) for one year. From 1988 to 1994 he was Chief Technology Officer and Senior Vice President of the Product Group at Dell Computer Corporation. As Senior VP, he was responsible for all product development activities and, at various times, also responsible for product marketing, manufacturing, procurement, information systems, and technical support. Before his tenure at Dell, Henry served 21 years with IBM. He was the instigator, lead architect, and development manager responsible for the IBM System/32, System38 (forerunner of AS/400), and RT/PC (forerunner of Power systems). In 1985, he was appointed an IBM Fellow. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Tue Jun 15 11:35:55 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 15 Jun 2004 20:35:55 +0200 Subject: crypto on *really* cheap hardware Message-ID: <20040615183555.GO12847@leitl.org> I presume most people have by now read Cringely's piece on hacked Linux for Linksys WRT54G (and clones): http://www.pbs.org/cringely/pulpit/pulpit20040527.html http://www.pbs.org/cringely/pulpit/pulpit20040603.html That thing is $70-80, and comes as a 200 MHz MIPS box with 32 MByte RAM, and some 4-8 MByte flash. Stock antennas are crappy, but radios are very good, so long-range suitable with appropriate antennas. Current sveasoft firmware http://www.sveasoft.com/modules/phpBB2/index.php (it's open source, though bleeding edge firmware only available for $20/year subscription). You can build the image yourself on a Linux box with the right build environment (I haven't due to lack of time). It does VoIP, prioritizes traffic, has currently VPN pass-through and will do IPsec on future mesh-supporting firmware. I'm sure resident people can see plenty of intersting uses, and useful hacking projects. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From pgut001 at cs.auckland.ac.nz Tue Jun 15 08:37:54 2004 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Wed, 16 Jun 2004 03:37:54 +1200 Subject: Breaking Iranian Codes (Re: CRYPTO-GRAM, June 15, 2003) In-Reply-To: Message-ID: "R. A. Hettinga" forwarded: >So now the NSA's secret is out. The Iranians have undoubtedly changed >their encryption machines, and the NSA has lost its source of Iranian >secrets. But little else is known. Who told Chalabi? Only a few >people would know this important U.S. secret, and the snitch is >certainly guilty of treason. Someone (half-)remembered reading the Crypto AG story in the Baltimore Sun several years ago, bragged to Chalabi that the US had compromised Iranian crypto, and the story snowballed from there. The story could have started out with a loquacious (Sun-reading) cab driver for all we know. Some reports have suggested the source was drunk, so maybe it was a drunk in a bar. Maybe Chalabi read the story himself and invented the snitch to make it seem more important than it was, or to drive the US security community nuts with an orgy of internal witch-hunting. Given the lack of further information, it could have been just about anything. Peter. From dave at farber.net Wed Jun 16 04:19:28 2004 From: dave at farber.net (David Farber) Date: Wed, 16 Jun 2004 07:19:28 -0400 Subject: [IP] Face-Recognition Passports Message-ID: http://www.cnn.com/2004/TECH/06/15/face.passport/index.html Face recognition passports expected by December Yet hurdles could still delay technology >From Mike M. Ahlers CNN Washington Bureau WASHINGTON (CNN) -- The first U.S. passport to feature facial-recognition technology should be produced by December, but the technology won't be widely distributed until late 2005, a State Department official told Congress on Tuesday. Maura Harty, assistant secretary for consular affairs, said the State Department plans to test the high-tech passports by issuing them first to U.S. officials and diplomats. But citing technological hurdles, she repeated a request that Congress postpone a looming deadline requiring 27 close U.S. allies to have similar passports in place by fall. "Given the time that it has taken to resolve these technical, complex issues ... few of the visa waiver countries, if any, will meet the deadline," she said. "It is not a question of ill will. It is very much a question of difficult science." On Monday, the House of Representatives voted to give visa-waiver countries a one-year extension on the deadline. But Harty and Homeland Security Undersecretary Asa Hutchinson testified at a hearing of the Senate Judiciary Committee on Tuesday that it will take two years to perfect the technology. "We have been told by almost all the countries that they cannot get it done within a year," Harty said. Hutchinson said, "We believe that all countries can be compliant on November 30, 2006, and it should be a hard-and-fast deadline. It's important, I believe, for us to get this process right the first time." Members of Congress, meanwhile, questioned the use of facial recognition technology in the passports, saying fingerprints would be a better identifier. The International Civil Aviation Organization chose facial recognition as the international standard for passports. "Every policeman in America can access the fugitive, anybody, and put their fingerprints in the system and on a short notice determine whether or not a warrant is out for their arrest. You can't do that with a face," said Sen. Jeff Sessions, a Republican of Alabama. Hutchinson said the United States believes that fingerprints "should be a significant part" of the system, but "we don't have a consensus in the international community to do that at this time." The computer chip embedded in the new passports will have the capacity to include fingerprint information, he said. Hutchinson acknowledged the shortcomings of the facial recognition technology. He said it is "sufficient" at making one-on-one matches but cannot adequately match a face on a card to large databases of faces. "We're hopeful that the technology improves as time goes on," he said. Another problem is that the computer chips are not as durable as they need to be, he said. "The chips have a life span currently of three to five years, and as you know in many instances the passports are issued for six to 10 years," Hutchinson said. "So right now you'll be adding a chip on there that has a shorter life span than the life of the passport itself." ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From camera_lumina at hotmail.com Wed Jun 16 07:50:34 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Wed, 16 Jun 2004 10:50:34 -0400 Subject: Low-elevation skymapping at 2.45 Ghz Message-ID: Do optical mirrors still work in the microwave regime? I have no idea. -TD >From: "Major Variola (ret)" >To: "cypherpunks at al-qaeda.net" >Subject: Low-elevation skymapping at 2.45 Ghz >Date: Tue, 15 Jun 2004 15:09:26 -0700 > >Telescopes are sold for < $200 which include >programmable positioning devices (2 axes obvioiusly). I suppose >its just a reduction drive and the usual electro-mech-control stuff but >it implies a high degree of angular resolution for cheap. Has anyone: > >1. ever used the refractor type telescope tube as-is as a super-long >pringles directional >802.11 antenna? In fact the front optics may not interfere... > >2. ever used the electronically controlled mount on a steady platform >and a highly directional antenna (dishes included) to really see >what the world really looks like at 2.mumble Ghz passive with >an 802.11 decoder? I mean, radio astronomers do detailed >sky surveys all the time. Why restrict yourself to the sky? > >(Yes, I realize our friends at Ft Meade have probably been using >scanning-tunnelling-microscope type piezo-servo actuators to >keep a steady gaze for some time..) > > > > _________________________________________________________________ Get fast, reliable Internet access with MSN 9 Dial-up now 3 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/ From mv at cdc.gov Wed Jun 16 11:41:23 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 16 Jun 2004 11:41:23 -0700 Subject: Low-elevation skymapping at 2.45 Ghz Message-ID: <40D09453.A6FB9F64@cdc.gov> At 06:03 PM 6/16/04 +0200, Eugen Leitl wrote: >Aperture is tiny (and expensive, exponentially so). Visible wavelength vs. >microwave is a >complete overkill in terms of mirror precision (lambda/10..100). Exactly. I wasn't suggesting using the optical reflector (front surface Al over glass) but rather merely the tube. >Depending on angular resolution you might want to check >out a small parabolic sat dish (less wind load on the mount -- which better be >not >azimuthal -- use a stepper-driven equatorial platform). Herr Elloi often points out that a dish can be made of wire mesh instead of solid for the wavelengths of concern. This is useful if you're outside dealing with wind, or your motor-drive platform expects a load of a certain mass. However, it should be known that fiberglass (eg van) panels are transparent to uwaves AFAIK and that a van with soft tires is a 0th-order vibration isolation mount. Amateur holographers use heavy granite and low inflation inner tubes as optical benches too. However vans do rock in the wind and I don't believe the cheap telescope drives can compensate. Now if you had 2 802.11 scopes coupled, one pointed at a bright "guide star", then you could do some cool stabilization. At sufficiently good mechanical stabilization and gain, you will encounter perhaps amplifier electronic noise effects, other transmitters, or reflection (ghosting) which then become the lower bound. While not being a HAM, I'm also aware that there are extremely directional antennae fixed-frequency wire & pole antennae which are not dish shaped, but may have less energy-collecting area than a dish. I believe that a horn shaped input may also be useful for coupling the impedence of freespace aether to your circuits. Think trumpet. Perhaps this matters only for transmission; though transmission and reception tend to be equal. A microwave horn can be a truncated pyramid, etc. Merely ideas for America's cryptoscout youth looking to earn another badge from the RF group. From wk at gnupg.org Wed Jun 16 03:26:42 2004 From: wk at gnupg.org (Werner Koch) Date: Wed, 16 Jun 2004 12:26:42 +0200 Subject: Simplified base64 conversion In-Reply-To: <65da6fbba574890b2ed3be43a6ec271b@anonymous> (An Metet's message of "Fri, 11 Jun 2004 14:23:18 -0400") References: <65da6fbba574890b2ed3be43a6ec271b@anonymous> Message-ID: <87wu27x0gt.fsf@vigenere.g10code.de> On Fri, 11 Jun 2004 14:23:18 -0400, An Metet said: > int /* outlen */ > enc64 (char *out, unsigned char *in, int inlen) Please add an argument for the available size of the buffer OUT and check this length while encoding. Over short or long someone will for sure use your function and forget that he has to allocate at least (((inlen+3)/3)*4+1) for OUT. Shalom-Salam, Werner From eugen at leitl.org Wed Jun 16 04:33:26 2004 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 16 Jun 2004 13:33:26 +0200 Subject: [IP] Face-Recognition Passports (fwd from dave@farber.net) Message-ID: <20040616113326.GP12847@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Wed Jun 16 06:29:02 2004 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 16 Jun 2004 15:29:02 +0200 Subject: crypto on *really* cheap hardware In-Reply-To: References: <20040615183555.GO12847@leitl.org> Message-ID: <20040616132902.GU12847@leitl.org> On Thu, Jun 17, 2004 at 01:19:30AM +1200, Peter Gutmann wrote: > You forgot to mention "sometimes it'll stay up for as long as several hours > before crashing/locking up". I guess this is a security feature, if someone > breaks in they'll only be able to use it for a short time before it locks up > or crashes. > > Peter (who doesn't own one, but has heard horror stories from owners). Yes, the stock Cisco/Linksys firmware is plain horrible (especially stability on high P2P load), and has a nasty remote admin security hole (prime candidate for a firmware worm, given that the hole is trivial to exploit, Linux firmware build environments are aplenty, megaunits have been sold, and most users aren't security-literate). The first thing to do before even putting it on the network is to reflash it, with Sveasoft's firmware, or one of the 2-3 alternatives. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From mv at cdc.gov Wed Jun 16 15:51:42 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 16 Jun 2004 15:51:42 -0700 Subject: we are not impressed Message-ID: <40D0CEFE.94508ED4@cdc.gov> http://www.modusdata.net/consultants.html We Will Not Be Impressed By: CISSP Security and other Computer Certifications Security Clearances acheived in the military Illegal and Unethical acts perpetrated by you in the past Illegal defacement and intrusion to our webserver(it is not hosted by us) or other Modus Data computing resources (However, we may provide free access to a lab environment in the future to harness learning similar to http://www.hackerslab.org) From eugen at leitl.org Wed Jun 16 09:03:25 2004 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 16 Jun 2004 18:03:25 +0200 Subject: Low-elevation skymapping at 2.45 Ghz In-Reply-To: References: Message-ID: <20040616160325.GY12847@leitl.org> On Wed, Jun 16, 2004 at 10:50:34AM -0400, Tyler Durden wrote: > Do optical mirrors still work in the microwave regime? I have no idea. Aperture is tiny (and expensive, exponentially so). Visible wavelength vs. microwave is a complete overkill in terms of mirror precision (lambda/10..100). Depending on angular resolution you might want to check out a small parabolic sat dish (less wind load on the mount -- which better be not azimuthal -- use a stepper-driven equatorial platform). If you're just going to scan the horizont, it's just one degree of freedom. 2 1/2 if you wiggle a little up and down. Easy enough to improvise for cheap, especially if you do it with a monster dish, which isn't at all like a truss of a lightweight giant scope. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From jason at lunkwill.org Wed Jun 16 13:28:13 2004 From: jason at lunkwill.org (Jason Holt) Date: Wed, 16 Jun 2004 20:28:13 +0000 (UTC) Subject: Hiawatha's research Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 "Hiawatha's Research" Jason Holt June, 2004, released into the public domain. Dedicated to Eric Rescorla, with apologies to Longfellow. ("E. Rescorla" may be substituted for "Hiawatha" throughout.) Hiawatha, academic, he could start ten research papers, start them with such mighty study, that the last had left his printer, ere the first deadline extended. Then, to serve the greater purpose, he would post these master papers, post them with such speed and swiftness, to gain feedback from his cohorts, for their mighty learned comments. from his printer, Hiawatha took his publication paper, sent it to the preprint archive, sent it out to all the newsgroups Then he waited, watching, listening, for the erudite discussion, for the kudos and the errors, that the others soon would send him. But in this my Hiawatha was most cruelly mistaken, for not one did read his papers, not one got past the simple abstract. Still did they all grab their keyboards, writing with great flaming fury of the folly of his venture, of his paper's great misgiving. Of his obvious omissions, of his great misunderstandings, of his utter lack of vision, of his blatant plagiarism. (This last point he found most galling, found it really quite dumbfounding, since for prior art, he'd listed ninety-three related papers.) Now the mighty Hiawatha, in his office still is sitting, contemplating on his research, thinking on his chosen topic. Wondering, in idle moments, if he had not chosen wrongly, the position he had taken as a research paper author And he thinks, my Hiawatha, if he might not have been better served by a more lowly station, as a cashier at McDonalds, as a washer at the car wash, as a cleaner of the bathrooms. Thus departs my Hiawatha. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFA0K1inwLgjivV2NERAmuuAKCTCxuOBxSTvFpN++ttTjNcOwCFQACg02WV /gYbY6V9JyRJl56DtIGx0vw= =BUXX -----END PGP SIGNATURE----- From morlockelloi at yahoo.com Wed Jun 16 22:40:22 2004 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Wed, 16 Jun 2004 22:40:22 -0700 (PDT) Subject: Low-elevation skymapping at 2.45 Ghz In-Reply-To: <40D09453.A6FB9F64@cdc.gov> Message-ID: <20040617054022.4862.qmail@web40614.mail.yahoo.com> > However, it should be known that fiberglass (eg van) panels are > transparent > to uwaves AFAIK and that a van with soft tires is a 0th-order 0.25" glass will cost you 2-2.5 dB. > At sufficiently good mechanical stabilization and gain, you will > encounter perhaps The best way to do this is to mount the narrow-angle dish *and* video camera on the same mount, then use simple circuitry to superimpose white circle on the center of the image when signal exceeds some threshold (or vary the size with signal level.) The results could be startling. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo From pgut001 at cs.auckland.ac.nz Wed Jun 16 06:19:30 2004 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Thu, 17 Jun 2004 01:19:30 +1200 Subject: crypto on *really* cheap hardware In-Reply-To: <20040615183555.GO12847@leitl.org> Message-ID: >I presume most people have by now read Cringely's piece on hacked Linux for >Linksys WRT54G (and clones): > >[...] > >It does VoIP, prioritizes traffic, has currently VPN pass-through and will do >IPsec on future mesh-supporting firmware. You forgot to mention "sometimes it'll stay up for as long as several hours before crashing/locking up". I guess this is a security feature, if someone breaks in they'll only be able to use it for a short time before it locks up or crashes. Peter (who doesn't own one, but has heard horror stories from owners). From mv at cdc.gov Thu Jun 17 08:20:22 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 17 Jun 2004 08:20:22 -0700 Subject: Low-elevation skymapping at 2.45 Ghz Message-ID: <40D1B6B6.97E06C74@cdc.gov> At 10:40 PM 6/16/04 -0700, Morlock Elloi wrote: > >0.25" glass will cost you 2-2.5 dB. Perhaps there are speciality glasses or polymer sheets which reduce that loss. >> At sufficiently good mechanical stabilization and gain, you will >> encounter perhaps > >The best way to do this is to mount the narrow-angle dish *and* video camera on >the same mount, then use simple circuitry to superimpose white circle on the >center of the image when signal exceeds some threshold (or vary the size with >signal level.) The results could be startling. Nice idea; the radioastronomers do something like this (cross-band correlation) so they can see what their sources might correspond to. From mv at cdc.gov Thu Jun 17 08:23:34 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 17 Jun 2004 08:23:34 -0700 Subject: Low-elevation skymapping at 2.45 Ghz Message-ID: <40D1B776.E47C9D18@cdc.gov> At 12:52 PM 6/17/04 +0200, Thomas Shaddack wrote: >Could it be possible to achieve the same without using a movable antenna? >Eg, by an antenna array and comparing phases of the arriving signals? A phased array will work but few of us have the DSP or Ghz skills or $ to construct one. Whereas a scope drive is cheap and directional antenna are standard ARRL stuff. From gnu at toad.com Thu Jun 17 10:31:06 2004 From: gnu at toad.com (John Gilmore) Date: Thu, 17 Jun 2004 10:31:06 -0700 Subject: A National ID: AAMVA's Unique ID In-Reply-To: Message from "Joseph Ashwood" of "Thu, 03 Jun 2004 01:37:52 PDT." <065701c44946$272f34c0$6401a8c0@JOSEPHAS> References: <065701c44946$272f34c0$6401a8c0@JOSEPHAS> Message-ID: <200406171731.i5HHV6d9020276@new.toad.com> > The solution then is obvious, don't have a big central database. Instead use > a distributed database. Our favorite civil servants, the Departments of Motor Vehicles, are about to do exactly this to us. They call it "Unique ID" and their credo is: "One person, one license, one record". They swear that it isn't national ID, because national ID is disfavored by the public. But it's the same thing in distributed-computing clothes. The reason they say it isn't a national ID is because it's 50 state IDs (plus US territories and Canadian provinces and Mexican states) -- but the new part is that they will all be linked by a continent-wide network. Any official who looks up your record from anywhere on the continent will be able to pull up that record. Anyplace you apply for a state license or ID card, they will search the network, find your old record (if you have one) and "transfer" it to that state. So there's no way to escape your past record, and no way to get two cards (in the absence of successful fraud, either by citizens or DMV employees). This sure smells to me like national ID. This, like the MATRIX program, is the brainchild of the federal Department of inJustice. But those wolves are in the sheepskins of state DMV administrators, who are doing the grassroots politics and the actual administration. It is all coordinated in periodic meetings by "AAMVA", the "American Association of Motor Vehicle Administrators" (http://aamva.org/). Draft bills to join the "Unique ID Compact", the legally binding agreement among the states to do this, are already being circulated in the state legislatures by the heads of state DMVs. The idea is to sneak them past the public, and past the state legislators, before there's any serious public debate on the topic. They have lots of documents about exactly what they're up to. See http://aamva.org/IDSecurity/. Unfortunately for us, the real documents are only available to AAMVA members; the affected public is not invited. Robyn Wagner and I have tried to join AAMVA numerous times, as "freetotravel.org". We think that we have something to say about the imposition of Unique ID on an unsuspecting public. They have rejected our application every time -- does this remind you of the Hollywood copy-prevention "standards committees"? Here is their recent rejection letter: Thank you for submitting an application for associate membership in AAMVA. Unfortunately, the application was denied again. The Board is not clear as to how FreeToTravel will further enhance AAMVA's mission and service to our membership. We will be crediting your American Express for the full amount charged. Please feel free to contact Linda Lewis at (703) 522-4200 if you would like to discuss this further. Dianne Dianne E. Graham Director, Member and Conference Services AAMVA 4301 Wilson Boulevard, Suite 400 Arlington, VA 22203 T: (703) 522-4200 | F: (703) 908-5868 www.aamva.org At the same time, they let in a bunch of vendors of "high security" ID cards as associate members. AAMVA, the 'guardians' of our right to travel and of our identity records, doesn't see how listening to citizens concerned with the erosion of exactly those rights and records would enhance their "mission and service". Their mission appears to be to ram their secret policy down our throats. Their service is to take our tax money, use it to label all of us like cattle with ear-tags, and deny us our constitutional right to travel unless we submit to being tagged. We protest. Do you? John Gilmore From shaddack at ns.arachne.cz Thu Jun 17 03:52:30 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Thu, 17 Jun 2004 12:52:30 +0200 (CEST) Subject: Low-elevation skymapping at 2.45 Ghz In-Reply-To: <20040617054022.4862.qmail@web40614.mail.yahoo.com> References: <20040617054022.4862.qmail@web40614.mail.yahoo.com> Message-ID: <0406171250510.-1300549232@somehost.domainz.com> > The best way to do this is to mount the narrow-angle dish *and* video camera on > the same mount, then use simple circuitry to superimpose white circle on the > center of the image when signal exceeds some threshold (or vary the size with > signal level.) The results could be startling. You could also use a stepper motor connected to the polar mount, and scan the sky (or the city under the hill) automagically. This could be interesting even in other bands. Could create some pretty pictures. :) Could it be possible to achieve the same without using a movable antenna? Eg, by an antenna array and comparing phases of the arriving signals? From mv at cdc.gov Thu Jun 17 15:38:40 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 17 Jun 2004 15:38:40 -0700 Subject: thanks for all the blowfish Message-ID: <40D21D70.58F7C177@cdc.gov> Well after over a decade of learning and teaching on cypherpunks and Perry's cryptography list, and before that comp.risks, reading Cryptogram, scanning bugtraq until I got bored of yet another buffer overflow or MS legacy hack, accumulating a row of crypto books, and zero professional certs or classes, but interacting with a hardcore privacy friend, I'm now employed as a security consultant at a Big Company, at least for a month or two. No govt clearances required, of course. And let me tell you, things are really hilarious out there. Eg the same fixed key in every machine everywhere, and in every driver. And my future boss proposing a million fixed keys to make it harder, where you send the index. A million times more hilarious. One day interviewing, wearing a visitor badge, I hear two building-security people yell a building-access password to each other. Furthermore its a lame password. My future boss was amused at that bit of accidental social engineering and he pointed out that the security company manages several other companies, so the regexp (based on the company name) used for this building was probably extrapolatable to other companies. Humans are such silly critters. Anyway, to everyone who's contributed to my informal education, thanks. I'm not going away, but neither will I have "Il dulce far niente" (The sweetness of doing nothing -S Schear's elegant unemployment motto) Major Variola (ret) From adam at cypherspace.org Thu Jun 17 14:36:34 2004 From: adam at cypherspace.org (adam at cypherspace.org) Date: Thu, 17 Jun 2004 16:36:34 -0500 Subject: Hello Message-ID: Please, have a look at the attached file. Password - [cid:otykglabjs.bmp] [demime 1.01d removed an attachment of type image/bmp which had a name of otykglabjs.bmp] [demime 1.01d removed an attachment of type application/octet-stream which had a name of Info.zip] From measl at mfn.org Thu Jun 17 15:51:56 2004 From: measl at mfn.org (Alif Terranson) Date: Thu, 17 Jun 2004 17:51:56 -0500 (CDT) Subject: International conference targets Internet hate speech In-Reply-To: References: Message-ID: <20040617174930.T23623@mx1.mfn.org> On Thu, 17 Jun 2004, R. A. Hettinga wrote: > Rabbi Abraham Cooper, associate dean of the Simon Wiesenthal Center, a > Jewish human rights group based in Los Angeles, said one strategy is for > Internet service providers in the United States to honor anti-racism > language in their own contracts. When my upstream agrees to block the hate speech of the JDL equally with the hate speech of the KKK and George W. Midget, I'll be all about endorsing this. Until then - bugger off. "Hate speech" is only hate speech when it hates the wrong side. //Alif From rah at shipwright.com Thu Jun 17 15:30:39 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 17 Jun 2004 18:30:39 -0400 Subject: International conference targets Internet hate speech Message-ID: CNN International conference targets Internet hate speech Thursday, June 17, 2004 Posted: 10:14 AM EDT (1414 GMT) International delegates are meeting for two days in Paris. PARIS, France (AP) -- European neo-Nazis post online pictures of paint-smeared mosques. Web sites of Islamic radicals call for holy war on the West. Aliases like "Jew Killer" pop up on Internet game sites. International experts met Wednesday in Paris to tackle the tricky task of fighting anti-Semitic, racist and xenophobic propaganda on the Internet -- seen as a chief factor in a rise in hate crime. Purveyors of hate have found a potent tool in the Internet, spreading fear with such grisly images as the beheading of Wall Street Journal reporter Daniel Pearl in 2002. The new technology has proven to be a boon for hatreds of old, many experts say. "Our responsibility is to underline that by its own characteristics -- notably, immediacy and anonymity -- the Internet has seduced the networks of intolerance," French Foreign Minister Michel Barnier said in opening remarks at the two-day conference. France, which is spearheading the effort, has faced a surge in anti-Semitic violence in the last two years. Some fault the growth of Internet use among hate groups. But differing views about the limits of free speech and the ease of public access to the nebulous, anonymous Web largely stymied officials hoping to find common ground in Wednesday's talks. A sticking point was whether the United States, which has championed nearly unfettered free speech, would line up with European countries that have banned racist or anti-Semitic speech in public. The dilemma is all the more acute because the Internet is global, easy to use and tough to regulate -- as shown by widespread sharing of music online, an illegal practice that has confounded record companies. Terror groups have also used the Internet to plot attacks. American approach differs There are no easy solutions, delegates said. Many urged more youth education, better cooperation between governments and Internet service providers, or new studies on links between Web racism and hate crimes. The Organization for Security and Cooperation in Europe, a 55-country body that promotes security and human rights, organized the conference with the backing of the French government. Six countries in the Middle East and North Africa also sent envoys. The meeting is one of three OSCE conferences on anti-Semitism and racism this year. U.S. Assistant Attorney General Dan Bryant acknowledged the American approach differs from that of other countries. "We believe that government efforts to regulate bias-motivated speech on the Internet are fundamentally mistaken," Bryant said. "At the same time, however, the United States has not stood and will not stand idly by, when individuals cross the line from protected speech to criminal conduct." He said the United States believes the best way to reduce hate speech is to confront it, by promoting tolerance, understanding and other ideas that enlighten. Robert Badinter, a former French justice minister, said that of 4,000 "racist sites" counted worldwide in 2002, some 2,500 were based in the United States. Growing problem There are signs that online hate is getting worse. The French foreign minister cited a recent report in Britain that showed the number of "violent and extremist sites" had ballooned by 300 percent in the last four years in 15 OSCE countries surveyed. France last year banned a Web site responsible for thousands of daily racist messages, one of which claimed responsibility for dousing mosques with paint in the colors of the French flag, the International Network Against Cyber Hate wrote in a report released Wednesday. Christopher Wolf, chairman of the Internet Task Force of the U.S. Anti-Defamation League, pointed out how one student on a blog site at Brandeis University described playing an Internet video game against a rival who had nicknamed himself "Jew Killer." In Egypt, some sites have shown pictures of American soldiers in Iraq to dredge up anti-U.S. feeling; one purportedly showed the June 8 killing of American civilian Robert Jacobs in Saudi Arabia. Rabbi Abraham Cooper, associate dean of the Simon Wiesenthal Center, a Jewish human rights group based in Los Angeles, said one strategy is for Internet service providers in the United States to honor anti-racism language in their own contracts. But even that won't stamp out Internet hate, he said. "Will this put the (Ku Klux Klan) out of business? No. They will be able to find some way of getting their messages back online," he said. "But it will put a crimp in that subculture on the Internet." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From emc at artifact.psychedelic.net Thu Jun 17 23:48:47 2004 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Thu, 17 Jun 2004 23:48:47 -0700 (PDT) Subject: AOL and Ellison Kiss and Make Up Message-ID: <200406180648.i5I6mlnR000382@artifact.psychedelic.net> You may remember back in 2000, former literary icon turned copyright pest Harlan Ellison sued AOL because people were able to access a couple of his short stories in the Usenet newsgroup alt.binaries.e-book, prompting AOL to block the newsgroup on its servers. This earned Ellison a Big Brother award, which he no doubt keeps next to his Hugo for ""'Repent, Harlequin!' Said the Ticktockman," a story about slavery to punctuality and mindless conformity. At the time, I said that if Harlan would send me an address, I would be more than happy to send him money everytime I read one of his stories on the Internet for free. AOL originally got a summary judgment dismissing Harlan's claims, but Harlan appealed, and the summary judgment was partially reversed, leaving open the possibility of a trial in which AOL would have to defend its role as a "passive conduit" for Internet data. Well, it now appears the parties have reached a settlement, and a joint press release has been issued, in which Ellison opines... <<"Through this litigation, I have come to realize that AOL respects the rights of authors and artists, and has a comprehensive system for addressing the complaints of copyright holders. I would not have settled this case if I were not sure that AOL is doing what it can do to fight online piracy. Because not all Internet service providers are as responsible as AOL, and because individual acts of online piracy continue, I am glad to have called attention to the problem of online piracy through this litigation. As promised, I will be repaying every cent of the monies contributed to the KICK Internet Piracy Fund by writers and readers.">> You can read the whole blurb at... http://media.aoltimewarner.com/media/cb_press_view.cfm?release_num=55254033 Harlan still doesn't get that it was not a useful thing to get an entire newsgroup blocked over four of his stories, and that like the xeroxing of paperback books, his unhappiness is best addressed not by jackbooted persecution of copyright violators, but by making the works widely available at a reasonable price so people will not have an incentive to reproduce them by other means. Perhaps we can all donate to a fund to buy Harlan a clue. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From rsw at jfet.org Fri Jun 18 05:03:04 2004 From: rsw at jfet.org (Riad S. Wahby) Date: Fri, 18 Jun 2004 07:03:04 -0500 Subject: AOL and Ellison Kiss and Make Up In-Reply-To: <200406180648.i5I6mlnR000382@artifact.psychedelic.net> References: <200406180648.i5I6mlnR000382@artifact.psychedelic.net> Message-ID: <20040618120304.GA11918@jfet.org> Eric Cordian wrote: > Perhaps we can all donate to a fund to buy Harlan a clue. Or a fund for a certain "prediction" ? -- Riad S. Wahby rsw at jfet.org From rah at shipwright.com Fri Jun 18 10:02:48 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 18 Jun 2004 13:02:48 -0400 Subject: Feds: VoIP a potential haven for terrorists Message-ID: VOIP operators: The fifth horsemen of the infocalypse? Cheers, RAH ------- Feds: VoIP a potential haven for terrorists By Declan McCullagh CNET News.com June 16, 2004, 10:54 AM PT URL: http://zdnet.com.com/2100-1105-5236233.html WASHINGTON--The U.S. Department of Justice on Wednesday lashed out at Internet telephony, saying the fast-growing technology could foster "drug trafficking, organized crime and terrorism." Laura Parsky, a deputy assistant attorney general in the Justice Department, told a Senate panel that law enforcement bodies are deeply worried about their ability to wiretap conversations that use voice over Internet Protocol (VoIP) services. Get Up to Speed on... VoIP? Get the latest headlines and company-specific news in our expanded GUTS section.?"I am here to underscore how very important it is that this type of telephone service not become a haven for criminals, terrorists and spies," Parsky said. "Access to telephone service, regardless of how it is transmitted, is a highly valuable law enforcement tool." Police been able to conduct Internet wiretaps for at least a decade, and the FBI's controversial Carnivore (also called DCS1000) system was designed to facilitate online surveillance. But Parsky said that discerning "what the specific (VoIP) protocols are and how law enforcement can extract just the specific information" are difficult problems that could be solved by Congress requiring all VoIP providers to build in backdoors for police surveillance. The Bush administration's request was met with some skepticism from members of the Senate Commerce committee, who suggested that it was too soon to impose such weighty regulations on the fledgling VoIP industry. Such rules already apply to old-fashioned telephone networks, thanks to a 1994 law called the Communications Assistance for Law Enforcement Act (CALEA). "What you need to do is convince us first on a bipartisan basis that there's a problem here," said Sen. Ron Wyden, D-Ore. "I would like to hear specific examples of what you can't do now and where the law falls short. You're looking now for a remedy for a problem that has not been documented." Wednesday's hearing was the first to focus on a bill called the VoIP Regulatory Freedom Act, sponsored by Sen. John Sununu, R-N.H. It would ban state governments from regulating or taxing VoIP connections. It also says that VoIP companies that connect to the public telephone network may be required to follow CALEA rules, which would make it easier for agencies to wiretap such phone calls. The Justice Department's objection to the bill is twofold: Its wording leaves too much discretion with the Federal Communications Commission, Parsky argued, and it does not impose wiretapping requirements on Internet-only VoIP networks that do not touch the existing phone network, such as Pulver.com's Free World Dialup. "It is even more critical today than (when CALEA was enacted in 1994) that advances in communications technology not provide a haven for criminal activity and an undetectable means of death and destruction," Parsky said. Sen. Frank Lautenberg, D-N.J., wondered if it was too early to order VoIP firms to be wiretap-friendly by extending CALEA's rules. "Are we premature in trying to tie all of this down?" he asked. "The technology shift is so rapid and so vast." The Senate's action comes as the FCC considers a request submitted in March by the FBI. If the request is approved, all broadband Internet providers--including companies using cable and digital subscriber line technology--will be required to rewire their networks to support easy wiretapping by police. Wednesday's hearing also touched on which regulations covering 911 and "universal service" should apply to VoIP providers. The Sununu bill would require the FCC to levy universal service fees on Internet phone calls, with the proceeds to be redirected to provide discounted analog phone service to low-income and rural American households. One point of contention was whether states and counties could levy taxes on VoIP connections to support services such as 911 emergency calling. Because of that concern, "I would not support the bill as drafted and I hope we would not mark up legislation at this point," said Sen. Byron Dorgan, D-N.D. Sen. Conrad Burns, R-Mont., added: "The marketplace does not always provide for critical services such as emergency response, particularly in rural America. We must give Americans the peace of mind they deserve." Some VoIP companies, however, have announced plans to support 911 calling. In addition, Internet-based phone networks have the potential to offer far more useful information about people who make an emergency call than analog systems do. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From ashwood at msn.com Fri Jun 18 13:57:42 2004 From: ashwood at msn.com (Joseph Ashwood) Date: Fri, 18 Jun 2004 13:57:42 -0700 Subject: A National ID: AAMVA's Unique ID References: <065701c44946$272f34c0$6401a8c0@JOSEPHAS> <200406171731.i5HHV6d9020276@new.toad.com> Message-ID: <010001c45578$7d3e7c20$6401a8c0@JOSEPHAS> ----- Original Message ----- From: "John Gilmore" ; Sent: Thursday, June 17, 2004 10:31 AM Subject: Re: A National ID: AAMVA's Unique ID > > The solution then is obvious, don't have a big central database. Instead use > > a distributed database. > > Our favorite civil servants, the Departments of Motor Vehicles, are about > to do exactly this to us. > > They call it "Unique ID" and their credo is: "One person, one license, > one record". They swear that it isn't national ID, because national > ID is disfavored by the public. But it's the same thing in > distributed-computing clothes. I think you misunderstood my point. My point was that it is actually _easier_, _cheaper_, and more _secure_ to eliminate all the silos. There is no reason for the various silos, and there is less reason to tie them together. My entire point was to put my entire record on my card, this allows faster look-up (O(1) time versus O(lg(n))), greater security (I control access to my record), it's cheaper (the cards have to be bought anyway), it's easier (I've already done most of the work on defining them), and administration is easier (no one has to care about duplication). > This sure smells to me like national ID. I think they are drawing the line a bit finer than either of us would like. They don't call it a national ID because it being a national ID means that it would be run by the federal government, being instead run by state governments, it is a state ID, linked nationally. As I said in the prior one, I disagree with any efforts to create forced ID. > This, like the MATRIX program, is the brainchild of the federal > Department of inJustice. But those wolves are in the sheepskins of > state DMV administrators, who are doing the grassroots politics and > the actual administration. It is all coordinated in periodic meetings > by "AAMVA", the "American Association of Motor Vehicle Administrators" > (http://aamva.org/). Draft bills to join the "Unique ID Compact", the > legally binding agreement among the states to do this, are already > being circulated in the state legislatures by the heads of state DMVs. > The idea is to sneak them past the public, and past the state > legislators, before there's any serious public debate on the topic. > > They have lots of documents about exactly what they're up to. See > http://aamva.org/IDSecurity/. Unfortunately for us, the real > documents are only available to AAMVA members; the affected public is > not invited. > > Robyn Wagner and I have tried to join AAMVA numerous times, as > "freetotravel.org". We think that we have something to say about the > imposition of Unique ID on an unsuspecting public. They have rejected > our application every time -- does this remind you of the Hollywood > copy-prevention "standards committees"? Here is their recent > rejection letter: > > Thank you for submitting an application for associate membership in AAMVA. > Unfortunately, the application was denied again. The Board is not clear as > to how FreeToTravel will further enhance AAMVA's mission and service to our > membership. We will be crediting your American Express for the full amount > charged. > > Please feel free to contact Linda Lewis at (703) 522-4200 if you would like > to discuss this further. > > Dianne > Dianne E. Graham > Director, Member and Conference Services > AAMVA > 4301 Wilson Boulevard, Suite 400 > Arlington, VA 22203 > T: (703) 522-4200 | F: (703) 908-5868 > www.aamva.org > > At the same time, they let in a bunch of vendors of "high security" ID > cards as associate members. Well then create a High-Security ID card company, build it on the technology I've talked about. It's fairly simple, file the paperwork to create an LLC with you and Robyn, the LLC acquires a website, it can be co-located at your current office location, the website talks about my technology, how it allows the unique and secure identification of every individual, blah, blah, blah, get a credit card issued in the correct name. They'll almost certainly let you in, you'll look and smell like a valid alternative (without lying because you could certainly offer the technology), if you really want to make it look really good I'm even willing to work with you on filing a patent, something that they'd almost certainly appreciate. > AAMVA, the 'guardians' of our right to travel and of our identity > records, doesn't see how listening to citizens concerned with the > erosion of exactly those rights and records would enhance their > "mission and service". Of course it won't, their "mission and service" is to offer the strongest identity link possible in the ID cards issued nation-wide, as such the citizen's course of action has to be to govern the states issuing these identication papers. However, if you offer them technology to actually make their "mission and service" cheaper, more effective, and as a side-benefit better for their voters. Besides, if you can't beat them (you won't stop them, no matter what you do) at least improve the situation, you could easily become a far wealthier individual and improve our general security versus the alternatives. > We protest. Do you? Very much so, but I also realize that there are far more people who are more than willing to be "ear-tagged" than those of us willing to fight, as such what we need to do is fight on a fundamental basis, the most fundamental benefit offered by good technology in doing this is the cost savings (regardless of the improved security). As such we need to wage a war on two fronts, on one front we work to destroy the basis on which they can enstate these measures, this will work to scale-back the deployment. The second front is to make it more secure as it does get rolled out, and to build the technology in such a way that their invasive tactics can be thrown out by the voting population without destroying the core usefulness of the system (e.g. it can still be a driver's license). Such a two-front war is complex and difficult, but if the first front is completely successful we have gained our desires, the second-front is only there to erode the invasiveness and provide an abort-path for getting rid of the technology. I guess my further point is that sometimes disruptive activities only results in them hiding from you while they work, but delicate adjustments can result in real changes. Joe From rah at shipwright.com Fri Jun 18 15:08:00 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 18 Jun 2004 18:08:00 -0400 Subject: Antipiracy bill targets technology Message-ID: CNET News Antipiracy bill targets technology By Declan McCullagh Staff Writer, CNET News.com http://news.com.com/2100-1028-5238140.html Story last modified June 17, 2004, 5:32 PM PDT A forthcoming bill in the U.S. Senate would, if passed, dramatically reshape copyright law by prohibiting file-trading networks and some consumer electronics devices on the grounds that they could be used for unlawful purposes. News.context What's new: A bill called the Induce Act is scheduled to come before the Senate sometime next week. If passed, it would make whoever "aids, abets, induces (or) counsels" copyright violations liable for those violations. Bottom line:If passed, the bill could dramatically reshape copyright law by prohibiting file-trading networks and some consumer electronics devices on the grounds that they could be used for unlawful purposes. More stories on this topic The proposal, called the Induce Act, says "whoever intentionally induces any violation" of copyright law would be legally liable for those violations, a prohibition that would effectively ban file-swapping networks like Kazaa and Morpheus. In the draft bill seen by CNET News.com, inducement is defined as "aids, abets, induces, counsels, or procures" and can be punished with civil fines and, in some circumstances, lengthy prison terms. The bill represents the latest legislative attempt by influential copyright holders to address what they view as the growing threat of peer-to-peer networks rife with pirated music, movies and software. As file-swapping networks grow in popularity, copyright lobbyists are becoming increasingly creative in their legal responses, which include proposals for Justice Department lawsuits against infringers and action at the state level. Originally, the Induce Act was scheduled to be introduced Thursday by Sen. Orrin Hatch, R-Utah, but the Senate Judiciary Committee confirmed at the end of the day that the bill had been delayed. A representative of Senate Majority Leader Bill Frist, a probable co-sponsor of the legislation, said the Induce Act would be introduced "sometime next week," a delay that one technology lobbyist attributed to opposition to the measure. Though the Induce Act is not yet public, critics are already attacking it as an unjustified expansion of copyright law that seeks to regulate new technologies out of existence. "They're trying to make it legally risky to introduce technologies that could be used for copyright infringement," said Jessica Litman, a professor at Wayne State University who specializes in copyright law. "That's why it's worded so broadly." Litman said that under the Induce Act, products like ReplayTV, peer-to-peer networks and even the humble VCR could be outlawed because they can potentially be used to infringe copyrights. Web sites such as Tucows that host peer-to-peer clients like the Morpheus software are also at risk for "inducing" infringement, Litman warned. Jonathan Lamy, a spokesman for the Recording Industry Association of America, declined to comment until the proposal was officially introduced. "It's simple and it's deadly," said Philip Corwin, a lobbyist for Sharman Networks, which distributes the Kazaa client. "If you make a product that has dual uses, infringing and not infringing, and you know there's infringement, you're liable." The Induce Act stands for "Inducement Devolves into Unlawful Child Exploitation Act," a reference to Capitol Hill's frequently stated concern that file-trading networks are a source of unlawful pornography. Hatch is a conservative Mormon who has denounced pornography in the past and who suggested last year that copyright holders should be allowed to remotely destroy the computers of music pirates. Foes of the Induce Act said that it would effectively overturn the Supreme Court's 1984 decision in the Sony Corp. v. Universal City Studios case, often referred to as the "Betamax" lawsuit. In that 5-4 opinion, the majority said VCRs were legal to sell because they were "capable of substantial noninfringing uses." But the majority stressed that Congress had the power to enact a law that would lead to a different outcome. "At a minimum (the Induce Act) invites a re-examination of Betamax," said Jeff Joseph, vice president for communications at the Consumer Electronics Association. "It's designed to have this fuzzy feel around protecting children from pornography, but it's pretty clearly a backdoor way to eliminate and make illegal peer-to-peer services. Our concern is that you're attacking the technology." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Fri Jun 18 09:12:35 2004 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 18 Jun 2004 18:12:35 +0200 Subject: Declan talks to Zennstrom about Skype Message-ID: <20040618161235.GE12847@leitl.org> http://gizmodo-cnet.com.com/2008-7352_3-5112783.html Skype's VoIP ambitions By Declan McCullagh Staff Writer, CNET News.com http://news.com.com/2008-7352-5112783.html Story last modified December 2, 2003, 1:30 PM PST Niklas Zennstrom may be Sweden's most famous serial entrepreneur. The 37-year-old Stockholm resident co-authored the legendary software used in the Kazaa file-sharing network. After he and his partners sold the rights to Kazaa last year, Zennstrom turned his attention to Joltid, which sells a caching technology to help network providers deal with the growing amount of peer-to-peer traffic. Now Zennstrom and Kazaa co-creator Janus Friis have launched their most ambitious effort so far: Skype, a start-up that hopes to convince people to use voice over Internet Protocol (VoIP) technology instead of the traditional phone system. CNET News.com recently spoke to Zennstrom, Skype's chief executive, in Stockholm about VoIP, privacy, security, and the lessons he's learned from his other start-ups. Q: What's different about Skype? Lots of instant-messaging clients already offer voice communications. A: We don't see them as competitors. We see our competitors as being Deutsche Telecom, British Telecom, AT&T and Verizon. We think there's going to be a migration from circuit-switched telephony services to Internet telephony. This is a second kind of driver for broadband. P2P file sharing has been driving broadband adoption. I've been meeting a lot of Internet operators in Europe and they say users aren't getting broadband to check their e-mail. Broadband penetration in Europe is around 10 percent to 12 percent. The U.K. is only around 4 percent. It has a long way to go to reach dial-up. One way to do that is to make it more useful. Are you hoping to sign distribution deals with Internet providers? Absolutely. We're speaking to a few broadband operators right now. They're quite interested in offering Skype to their users. Will Skype continue to be free? Now it's free--it's free in the beta phase. When we launch it'll continue to be free. We think it's very, very important that people can use it for free and for the momentum to grow. We want people to spread it around. We have to be very good in up-selling users to premium services like voice mail and conference calling. That's what people are asking for. One of the great things about P2P for this product is that we don't have any incremental cost for a new user. There's no marketing because we don't run marketing campaigns. It's being spread virally by users. We don't have any operational costs because they make calls peer-to-peer. It doesn't cost us any more. You permit mirror sites? Yes. We're encouraging people to spread this to each other. Then we have an established base of users. If we can encourage a few percent of people to get premium services, that's an advantage to us. What we're saying is that telephony is just an application. You can use this software application that does all the call setup and routing, which traditionally has been done by big company switches. Telephony is software. It's not big software in a centralized system. It's software that people run on their laptops at home. What we're saying is that telephony is just an application. How do you keep track of who's logged in and able to receive voice calls? We have a distributed database on the P2P network that keeps track of your IP address, firewall condition, and so on. We've taken (Kazaa's) FastTrack concept of supernodes and taken it one step further. Are there any privacy implications to this public database approach? There would be a privacy consideration if you and I are talking to each other and it's being proxied through John. That's why calls are being end-to-end encrypted. I can check my e-mail from anywhere in the world and senders don't know where I am. I can answer my cell phone from any GSM country and callers don't know where I am. But when I connect to Skype to receive phone calls, my IP address becomes public, which tends to reveal details about my physical location. The way for me to find your IP address would be when I set up a phone call to you, I see your IP address if it's a direct connection. If you're using a proxy server, I won't. Let's say I'm trying to track someone--in a divorce case, I want to prove that a spouse is in Stockholm when he or she is supposed to be in New York City. If I monitor the public Skype database over time, I can roughly follow their movements secretly. It's not an "anonymized" system. For some people it could be labeled as a privacy issue. That has never been any design goal. Your advice for divorcees? I would recommend that you set up all your Internet connections through a proxy server. How many downloads have you had? We've had 1.6 million downloads. That's not 1.6 million people. I think there are around 900,000 registered users. People are downloading multiple versions? This is the same ratio that you see at Download.com (Download.com is owned by CNET Networks, publisher of News.com). There are usually about twice as many downloads as users. People are either downloading multiple versions or initiating the download again. Compare that to Free World Dialup. It's growing considerably faster than that. When will you have a gateway to the telephone network? We're working on it...It's something that's going to be much later on. When? The interesting thing is that in the feedback we get from users this is not the highest priority. They're more interested in conference calling and voice mail. People are much more comfortable with using the Internet for communications. People are being much more mature with the Internet. They say, "This is my primary way to communicate. The people that I'm calling I'm encouraging them to get on Skype." People are quite happy with that. If you had to set a date? Next year. How much have you received in seed funding? We haven't disclosed how much we raised. But it's the normal seed funding. We haven't raised tens of millions. Are you funding any of this yourself? No. Just hard labor and things like that. We had the Draper family--Bill Draper--as investors from the beginning. You said Skype is different from IM voice clients. How about P2P voice clients, such as PGPfone, which is encrypted, free, open source, and has been available for years? When we're talking about peer to peer it's much more today. It's a self-organizing network that can adapt itself to different firewall configurations and network address translation boxes. You cannot set up a direct connection in most cases. The problem is that there are a lot of different configurations. Some routers allow outgoing connections but not incoming. Some others allow UDP (User Datagram Protocol) connections. Others allow TCP (Transmission Control Protocol). Most existing Internet telephony applications don't work that well in consumer environments. How does Skype get around that? We're setting up hot standby connections. We set up four, maybe five standby paths. When both parties are behind NATs (Network Address Translation), they can't actually set up a connection between each other. It's being synchronized. It works sometimes. Sometimes? It only works sometimes. It depends on the routers. What lessons have you learned from your experience with Kazaa and FastTrack? It's quite amazing that when you do something that catches on over the Internet you get people all over the world to use it. Several lessons. One thing is that the whole viral effect--when you do something that works virally you can get a lot of people using it. It's quite amazing that when you do something that catches on over the Internet you get people all over the world to use it. You should not try to do things that are artificially viral like an "Invite a friend to use this service" feature. Those don't really work. We've had that feature on Skype but it doesn't really bring in the users. The product has to be fundamentally viral in itself. How many supernodes share the Skype database? It grows. There are a few hundred clients per supernode. How do you become one? You have to qualify to be a supernode. You have to have enough memory, bandwidth, and a good uptime. Then you're connected to supernodes. If they feel that they're getting too much load they tell the other clients around them, "Can you help me out?" It's a distributed process which is not centrally run. What happens if someone sets up a malicious supernode with false "phone number" data? First of all, the data is populated by the users themselves. What we do in Skype is have all users' identities protected in a public key infrastructure. In order to avoid malicious supernodes or people saying, "I am Nicholas," they have to do a challenge response saying that the keys are correct. What you want to avoid is identity theft. What happens if someone creates and distributes, say, Skype Lite, which recognizes user IDs "minted" by someone else? That's so much fun. On Slashdot, people are saying, "I'm not going to touch this," saying they don't want the advertisements (on Skype) and will wait for Skype Lite. But there are no advertisements. OK, say someone makes a hacked version. You and I wouldn't be able to set up calls with each other. We'd both need the hacked version. Are you afraid of intruders targeting your server that signs user ID keys? The signing server is like Fort Knox. Where's it located? I won't tell you. That's kind of a sensitive part of (the company). It's very, very secure. Will we ever see a Skype telephone? We have a phone that plugs into the USB port that's working now. How about an 802.11 Wi-Fi phone running Skype? That's a natural step to take later on. On cell phones too? The cellular phone is a relatively closed platform. I have a Nokia phone with Java but it doesn't give you access to the IP stack. (For competitive reasons) they're going to make sure that the telephone is very, very closed--though 802.11 phones are eventually going to be affordable in the next year or so. Where do you hope to make money from Skype users? This is software. Our business model is to sell value-added services. It doesn't matter what client you're going to use--whether it's a Windows client or a PDA client or an embedded client. Any plans for Macintosh or 'nix versions? That's one of the things we have on our wish list. We don't have any release date planned. Are you targeting business users as well as individuals? We're starting with individuals. We're doing this bottom up. It's grassroots for businesses too. It's being used by business clients already but not through the IT departments. News.com ran an article a few months ago talking about how the FBI wants to force VoIP providers to make their networks subject to wiretaps. If it gets adopted, what would this proposal mean for you? The landscape is changing. In the old world you had issues like lawful interception of telephone calls. In Sweden the police can get a court order and wiretap a telephone call if the crime would lead to six years in jail or something like that. And if the Swedish police came to you? We cannot do anything because we don't have access to the data stream. The old way of thinking was easy. You'd go to the local telephone company and they'd get a wiretap. That's not a problem because the telephone service owns the infrastructure, provides the service, and operates in one country. The Internet is a bit different. What you would have to do is to go to the Internet service provider. Assume the police can get a court order and conduct the tap. But the Skype conversation is encrypted and they only can hear gibberish. I'm just trying to say in general what the issues are. I don't have a solution. In general it's not as clear cut as it was in old POTS (plain old telephone service) days. My point is that it's not as easy as it was before. Have you been contacted by any law enforcement or national security agency? No. What if we got contacted by the Chinese government, or the U.S. government, or North Korea, or the Swedish? If you're operating something that's only available in one country it's an easy clear-cut case. But if it's available worldwide, that's different. Even Phil Zimmermann, inventor of PGP (Pretty Good Privacy), has said he's concerned about terrorists using his software to plot crimes. He concluded, though, that the benefits outweigh the negatives. How about you? The Internet is great. There's a lot of bad things happening on it but it's still great. If you were a sophisticated criminal and you really wanted to hide away, then you should probably not use something that is a commercially closed source system such as Skype. I don't think this is an issue. If the FBI or Europol came to you and said, "We order you to include a secret backdoor for unencrypted wiretapping in the next version of Skype," what would you do? I don't have the answer to that. Obviously we would work with authorities in whatever jurisdiction we would be subject to. Sure, we would sit down and talk to them. But we would not just say here's the backdoor and just bluntly do it. Currently Skype is not subject to telecommunications regulation, therefore we do not have any legal obligation to provide any means for interception. This is software that's not any different from e-mail or chat. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From sunder at sunder.net Fri Jun 18 16:55:43 2004 From: sunder at sunder.net (Sunder) Date: Fri, 18 Jun 2004 19:55:43 -0400 (edt) Subject: Antipiracy bill targets technology In-Reply-To: References: Message-ID: On Fri, 18 Jun 2004, R. A. Hettinga wrote: > > > CNET News > > Antipiracy bill targets technology > A forthcoming bill in the U.S. Senate would, if passed, dramatically > reshape copyright law by prohibiting file-trading networks and some > consumer electronics devices on the grounds that they could be used for > unlawful purposes. What was that old saw that went "Well, you're equipped to be a whore, but you're not?" again? how about banning chainsaws, they can kill or main people too and yes, cars, and trains, and airplanes, plastic shopping bags without holes, belts, rope, wire, electricity, etc. they can all be used to kill. all of which is unlawful. > The Induce Act stands for "Inducement Devolves into Unlawful Child > Exploitation Act," a reference to Capitol Hill's frequently stated concern Um, remind me again, when exactly is it lawful to exploit children? Oh, wait, that's right! When they're in other countries, then, you can make them work in sweatshops producing Nike's, Levi's, GAP, etc. products... oh, sorry, I forgot. > Foes of the Induce Act said that it would effectively overturn the Supreme > Court's 1984 decision in the Sony Corp. v. Universal City Studios case, > often referred to as the "Betamax" lawsuit. In that 5-4 opinion, the > majority said VCRs were legal to sell because they were "capable of > substantial noninfringing uses." But the majority stressed that Congress > had the power to enact a law that would lead to a different outcome. so how soon before we ban paper and pencil? or keyboards, hands - because they can hold pencils or type, and eyeballs and ears, because they can see video and hear music? From bill.stewart at pobox.com Sat Jun 19 11:40:29 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Sat, 19 Jun 2004 11:40:29 -0700 Subject: A National ID: AAMVA's Unique ID In-Reply-To: <200406171731.i5HHV6d9020276@new.toad.com> References: <065701c44946$272f34c0$6401a8c0@JOSEPHAS> <200406171731.i5HHV6d9020276@new.toad.com> Message-ID: <6.0.3.0.0.20040619113603.03642b80@pop.idiom.com> At 10:31 AM 6/17/2004, John Gilmore wrote: >Our favorite civil servants, the Departments of Motor Vehicles, are about >to do exactly this to us. Many states have sunshine laws that affect meetings their policymakers attend, at least if they attend them in official capacity. Could this be used here? >Robyn Wagner and I have tried to join AAMVA numerous times, as >"freetotravel.org". We think that we have something to say about the >imposition of Unique ID on an unsuspecting public. They have rejected >our application every time -- does this remind you of the Hollywood >copy-prevention "standards committees"? Here is their recent >rejection letter: >... >At the same time, they let in a bunch of vendors of "high security" ID >cards as associate members. Perhaps the "Independent Smartcard Developer Association" that Lucky ran for a while would be a useful front? From brian-slashdotnews at hyperreal.org Sat Jun 19 21:26:01 2004 From: brian-slashdotnews at hyperreal.org (brian-slashdotnews at hyperreal.org) Date: 20 Jun 2004 04:26:01 -0000 Subject: Novell-SUSE Sponsors Openswan Message-ID: Link: http://slashdot.org/article.pl?sid=04/06/20/0124214 Posted by: timothy, on 2004-06-20 03:03:00 Topic: security, 37 comments from the they're-building-a-behemoth dept. [1]hsjones writes "Concerned about the demise of FreeS/WAN? Well, looks like Openswan is going to be a good, strong open source IPsec project going forward. Novell and SUSE have jumped in with Astaro to back the project and move it along. [2]See the press release. The Openswan project is at [3]http://www.openswan.org. SUSE Linux and Astaro Security Linux both use FreeS/WAN in their current releases. It will be very interesting to watch what they do now with Openswan!" IFRAME: [4]pos6 References 1. mailto:hsjones at sisna.com 2. http://www.novell.com/news/press/archive/2004/06/pr04040.html 3. http://www.openswan.org/ 4. http://ads.osdn.com/?ad_id=2936&alloc_id=8587&site_id=1&request_id=584565 ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From gabe at seul.org Sun Jun 20 03:24:35 2004 From: gabe at seul.org (Gabriel Rocha) Date: Sun, 20 Jun 2004 06:24:35 -0400 Subject: Linksys WRT54G (and clones) In-Reply-To: <20040620100331.GP12847@leitl.org> References: <20040620100331.GP12847@leitl.org> Message-ID: <20040620102435.GB3169@moria.seul.org> On Jun 20 2004, Eugen Leitl wrote: | Anyone here using that device? With Sveasoft's firmware? Building the | firmware yourself, or using VPNs/IPsec? I have one here at work. Works wonders. I didn't build it myself though. I actually paid the subscription too. The $20 seemed worthile to me. I don't see anywhere in this thing that allows me to make it a vpn endpoint, but I do have ipsec passthrough enabled and it works fine. | Sveasoft's forums contain lots of info, but are difficult to access. | If you're looking for same information we could mutually help each other by | starting a Wiki, or using a mailing list (WRT54G at yahoogroups.com is largely | silent on crypto matters). I don't know what you have in mind, but I'm all for it. If this thing becomes a vpn endpoint that helps me out some, though the 200mhz proc might not handle as much as I'd like... From lloyd at randombit.net Sun Jun 20 04:04:48 2004 From: lloyd at randombit.net (Jack Lloyd) Date: Sun, 20 Jun 2004 07:04:48 -0400 Subject: Linksys WRT54G (and clones) In-Reply-To: <20040620104514.GS12847@leitl.org> References: <20040620100331.GP12847@leitl.org> <20040620102435.GB3169@moria.seul.org> <20040620104514.GS12847@leitl.org> Message-ID: <20040620110448.GA24524@acm.jhu.edu> > The WRT54G clones are largely useful as very cheap Linux boxes with radio, > for individual homes and small scall meshes. They should be able to support a > few VPNs over typical ADSL/cable modem link bitrate, but for more serious > work I'd go with VIA's C5 family (1 GHz fanless, and hardware crypto support > as well as on-die entropy source). Anyone know where you can actually purchase a C5J in the US? I have utterly failed to find anyplace that sells them online (with Google and pricewatch). I would very much like to play with their Montgomery multiply support. -J From eugen at leitl.org Sun Jun 20 01:17:54 2004 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 20 Jun 2004 10:17:54 +0200 Subject: Novell-SUSE Sponsors Openswan (fwd from brian-slashdotnews@hyperreal.org) Message-ID: <20040620081754.GK12847@leitl.org> ----- Forwarded message from brian-slashdotnews at hyperreal.org ----- From eugen at leitl.org Sun Jun 20 03:03:31 2004 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 20 Jun 2004 12:03:31 +0200 Subject: Linksys WRT54G (and clones) Message-ID: <20040620100331.GP12847@leitl.org> Anyone here using that device? With Sveasoft's firmware? Building the firmware yourself, or using VPNs/IPsec? Sveasoft's forums contain lots of info, but are difficult to access. If you're looking for same information we could mutually help each other by starting a Wiki, or using a mailing list (WRT54G at yahoogroups.com is largely silent on crypto matters). -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Sun Jun 20 03:45:14 2004 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 20 Jun 2004 12:45:14 +0200 Subject: Linksys WRT54G (and clones) In-Reply-To: <20040620102435.GB3169@moria.seul.org> References: <20040620100331.GP12847@leitl.org> <20040620102435.GB3169@moria.seul.org> Message-ID: <20040620104514.GS12847@leitl.org> On Sun, Jun 20, 2004 at 06:24:35AM -0400, Gabriel Rocha wrote: > On Jun 20 2004, Eugen Leitl wrote: > | Anyone here using that device? With Sveasoft's firmware? Building the > | firmware yourself, or using VPNs/IPsec? > > I have one here at work. Works wonders. I didn't build it myself though. > I actually paid the subscription too. The $20 seemed worthile to me. I Yes, I thought that as well, and bought the subscription for a year. I'm very pleased with what I've seen so far, and intend to prolong it. > don't see anywhere in this thing that allows me to make it a vpn > endpoint, but I do have ipsec passthrough enabled and it works fine. Alchemy (the next bleeding edge after Satori) is supposed to have IPsec. It would be very good indeed to have opportunistic IPsec in there. WRT54GS is about to be released in the EU as well, and with twice the flash and the RAM it should have space for some interesting functionality. > | Sveasoft's forums contain lots of info, but are difficult to access. > | If you're looking for same information we could mutually help each other by > | starting a Wiki, or using a mailing list (WRT54G at yahoogroups.com is largely > | silent on crypto matters). > > I don't know what you have in mind, but I'm all for it. If this thing > becomes a vpn endpoint that helps me out some, though the 200mhz proc > might not handle as much as I'd like... The WRT54G clones are largely useful as very cheap Linux boxes with radio, for individual homes and small scall meshes. They should be able to support a few VPNs over typical ADSL/cable modem link bitrate, but for more serious work I'd go with VIA's C5 family (1 GHz fanless, and hardware crypto support as well as on-die entropy source). -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From bill.stewart at pobox.com Sun Jun 20 18:52:56 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 20 Jun 2004 18:52:56 -0700 Subject: Linksys WRT54G (and clones) In-Reply-To: <20040620102435.GB3169@moria.seul.org> References: <20040620100331.GP12847@leitl.org> <20040620102435.GB3169@moria.seul.org> Message-ID: <6.0.3.0.0.20040620184733.0a23c430@pop.idiom.com> At 03:24 AM 6/20/2004, Gabriel Rocha wrote: >I don't know what you have in mind, but I'm all for it. >If this thing becomes a vpn endpoint that helps me out some, >though the 200mhz proc might not handle as much as I'd like... 200 MHz ought to be plenty for a typical home connection. The FreeSWAN folks found that a 150 MHz Pentium Doorstop was enough to keep a T1 line busy with 3DES - presumably AES is much faster. So either one should be good enough for most US DSL or cable modem connections, and they'll at least handle an 802.11b 2 MHz channel (yeah, the stuff says 10 Mbps, but you either need 802.11g or .11a or really good tuning to actually get that), and they'll probably go faster. ---- Bill Stewart bill.stewart at pobox.com From gr at eclipsed.net Sun Jun 20 18:52:55 2004 From: gr at eclipsed.net (gabriel rosenkoetter) Date: Sun, 20 Jun 2004 21:52:55 -0400 Subject: Novell-SUSE Sponsors Openswan (fwd from brian-slashdotnews@hyperreal.org) In-Reply-To: <20040620081754.GK12847@leitl.org> References: <20040620081754.GK12847@leitl.org> Message-ID: <20040621015255.GM4503@uriel.eclipsed.net> On Sun, Jun 20, 2004 at 10:17:54AM +0200, Eugen Leitl wrote: > From: brian-slashdotnews at hyperreal.org > Date: 20 Jun 2004 04:26:01 -0000 > To: slashdotnews at hyperreal.org > Subject: Novell-SUSE Sponsors Openswan > User-Agent: SlashdotNewsScooper/0.0.3 > > Link: http://slashdot.org/article.pl?sid=04/06/20/0124214 > Posted by: timothy, on 2004-06-20 03:03:00 > Topic: security, 37 comments > > from the they're-building-a-behemoth dept. > [1]hsjones writes "Concerned about the demise of FreeS/WAN? Well, > looks like Openswan is going to be a good, strong open source IPsec > project going forward. What, precisely, is broken about KAME? What is it about the Linux crowd that, if it's two years old, it's apparently time to reimplement it. (Firewall code, software RAID, libc, you know, whatever. Bonus points if it means a kernel A{B,P}I modification...) How 'bout just importing the reference implementation which Works, something FreeS/WAN was never actualy able to say? Oh well. -- gabriel rosenkoetter gr at eclipsed.net [demime 1.01d removed an attachment of type application/pgp-signature] From rah at shipwright.com Sun Jun 20 18:53:11 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 20 Jun 2004 21:53:11 -0400 Subject: Gross Minus Net Equals Zero: Repeal the Sixteenth Amendment Message-ID: Gross Minus Net Equals Zero: Repeal the Sixteenth Amendment by Michael Marriott (June 20, 2004) Article website address: http://www.capmag.com/article.asp?ID=3745 Summary: Let us together repeal the sixteenth amendment to the Constitution by the year 2013. [CAPMAG.COM] When I worked in Saudi Arabia as a technical consultant in the 1990s, my coworkers and I were astounded upon receiving our first paycheck: we actually were paid the full amount we had earned. Gross pay minus net pay equaled zero. Never before or since in my lifetime has such a thing happened. Since every working person in the United States deserves such a delightful, fulfilling experience I would like to submit the following proposition. Let us together repeal the sixteenth amendment to the Constitution by the year 2013. This infamous income tax amendment was passed in 1909 by "progressive" Republicans as the best method to collect government revenue, ensure "fairness" and get around the pesky Supreme Court. The latter had the gall to rule in the late 19th century that such levies on income were unconstitutional. Undaunted, the politicians of the era decided that an income tax amendment was necessary. It required four years for the states to ratify the amendment, which became part of the Constitution in 1913. Hence 2013 presents a nice target date for the amendment's repeal (rather then a year of mournful reminders, 2013 could become a jubilee year that strikes a majestic blow in favor of individual rights). Further, we all can participate in the nine year debate to determine if our country is to be truly free. Repeal of the 16th amendment would be a real and symbolic reaffirmation that our government is truly limited; no other single act we could possibly perform would so effectively reinforce the idea that America is a country dedicated to individual happiness. Consider some of the travesties the 16th amendment has spawned in the last one hundred years. The power to tax has become the ultimate politician plaything. The so-called "progressive" nature of the tax code allows permutations uncountable as politicos raise, then lower, individual tax rates. The tax code can tailored to benefit specific special interest groups to garner bloc votes. As seventy five percent of government revenue is made possible by this insidious amendment, great sums become available to wage war, pay premium prices for toilet seats and allow certain folks to sit and do nothing for a living. Upon approval of the 16th amendment, a new agency was sired to "help" reticent citizens "volunteer" personal, private income data, the Internal Revenue Service. And such a "service" it provides! If the IRS suspects tax cheating it can: garnish wages, freeze bank accounts, seize assets and in general make life hell for its "customers". Over the amendment's existence, citizens of the United States have been harassed, hounded, and in some cases, driven to suicide for failing to pay their "fair" share to the government. Never mind due process, innocent until proven guilty or other such tripe. The 16th amendment horribly contradicts other parts of the Constitution, such as depriving citizens of property without a trial. These things make one yearn for the good old days of taxation without representation under Great Britain. The diminution of individual rights is sordid enough but by no means the only effect of the 16th amendment. The income tax has served to raise costs on the very people made poorer by paying the taxes in the first place. The government is able to finance great agencies that cause prices to increase artificially: milk subsidies raise the price of dairy products as do a whole host of similar subsidies in other industries; medical care costs have spiraled since the inception of Medicare and Medicaid; housing costs have ballooned astronomically, in part due to government support of unions, underwriting of loans and special tax write-offs for mortgage interest. I could mention OSHA, EPA, minimum wage and a thousand other regulations but you get the point. The tax system often makes us pay twice. Lest we overlook another point regarding taxpayers: they pay taxes so that others can have material things that the taxpayer himself may not be able to afford. Housing instantly springs to mind. Poor folks (i.e., unproductive folks) move into government subsidized housing while the hapless taxpayer struggles to save for a down payment, a process made more difficult by the act of paying taxes. Many persons work but have no health care coverage. Not so with those refusing to work at all. Still other taxpayers struggle to capitalize a business while their fellow citizens stop at the Small Business Administration for government financing of their start-up costs. Poor mom and pop farmers feed at the government trough to save their acres of land while a struggling taxpayer in the big city lives on a sliver of land called an apartment. At the philosophic level there is something morally repugnant in forcing people who get off their butt and work for a living to pay for that privilege. Life can be trying to say the least but when one works, prospers and finally succeeds it is a travesty to levy a tax on that person's "good fortune". No working person should have to look over their shoulder to see where the taxman is hiding. The income tax system makes citizens angry at their government, and distrustful to boot. It makes enemies of people who vie to place tax burdens on their fellow countrymen. It divides the nation into permanent classes of the "haves" versus the "have-nots", divisions that accentuate envy and ill will among the populace. Finally I note that taxing income is hardly fair as it fails miserably as a barometer of who should pay what. With great envy (see above paragraph) I calculate that for the year 2003 I paid a higher income tax rate than ketchup nabob Theresa "Heinz Inheritance" Kerry (me, 20% average rate on income of 200k, Ms. Kerry, 11.5%, on income of 5.1M). Her fabulous wealth immune from government pillage, she smugly endorses taxation on others so that all below her can be equally poor. I marvel continuously that such a system would ever employ the term "fair" as an adjective. Of course the income tax system is not fair, has never been fair, and indeed can never be fair. As the Ms. Kerry example demonstrates, our tax system is based on the faulty premise that a person's income can be arbitrarily classified to produce a tax that affects all taxpayers equitably. A person making $200,000 in San Francisco may be worse off financially than a rustic living in Idaho on an income of $30,000. Net worth is the true measure of wealth, not income. The solution to these systemic injustices is not to tweak the tax code so that Ms. Kerry pays more. The solution is to scrap the entire system. Anything that has had one hundred years to prove itself and fails to do so is, well, a failure. Dismally so. The efforts of our great people must be directed toward invention, business and improving life rather than filling tax forms, hiring accountants and fighting the government. Work must always be rewarded. So let us begin the fight against freedom's enemies by finally making gross -minus net-pay equal to zero. About the Author: Mr. Michael Marriott has been in the information technology field for nineteen years. He has worked for some large companies in the capacity of consultant including Allstate insurance, Transamerica Financial and Saudi Aramco. Mr. Michael Marriott writes for Capitalism Magazine. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 20 18:54:06 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 20 Jun 2004 21:54:06 -0400 Subject: Let the Patriot Act Die Message-ID: Let the Patriot Act Die by Tom DeWeese (June 17, 2004) Article website address: http://www.capmag.com/article.asp?ID=3739 Summary: Repealing our liberties in the name of fighting terrorism will not lead to peace. [CAPMAG.COM]President Bush has hit the campaign trail to save the Patriot Act, which will expire in 2005. In calling for its continuation, the President said, "we can no longer rely on false hope." Which false hope is that? The hope that America's free society will protect us like it has for more than 200 years? We who love American liberty have great fear of the Patriot Act. Its aim, according to the Justice Department, is to give federal law enforcement agencies the surveillance and investigative tools they need to deter future terror attacks, but the quick, emotional passage of the Patriot Act only weeks after the September 11th attacks allowed little time for scrutiny of its measures. In fact, most members of Congress did not read it before voting. Congressman Ron Paul said he couldn't even get a copy before the vote. As a result, provisions of the Act offer major opportunities for government abuses of law-abiding private citizens. The Act says that the government does not need to have a suspect or to even be conducting an investigation related to terrorism to monitor your visits into web sites on the Internet. The Patriot Act changes the definition of terrorism, allowing even legitimate protestors, such as pro-life activists, to be at risk of being labeled "terrorists" if violence erupted at their events. The Act expands the capability to obtain warrants and conduct searches without disclosing them immediately. Under the Act, law enforcement can walk into your home and take records without your knowing they were there. Of course a warrant must be obtained. But you may never know about it. It doesn't even require a real judge to obtain one anymore. The Act requires fuller identification of bank customers. A year before 9-11 more than 150,000 Americans protested these very provisions in a scheme by the FDIC called "Know Your Customer." But now, special software will help firms in 25 finance-related industries, covered by the law, to compare millions of customer records with thousands of entries on federal blacklists. Businesses such as car dealers, insurance companies, investment brokers, lenders and real estate firms will be required to file "Suspicious Activity Reports" to the Treasury Department. Here's an interesting fact. The Patriot Act only mentions protecting our northern border. It says not a word about the southern one. Our southern border remains, absolutely wide open, allowing anyone to literally walk into this country. In the name of fighting terrorism, we are witnessing a new kind of government "urban sprawl" oozing out of Washington, D.C. into every back alley, bedroom, and underwear drawer in America. The Government Electronics and Information Technology Association (GEIA) reports that there are more than 100 federal entities involved in forging the largest conglomeration of government/private contractor interests since the creation of the Pentagon. GEIA represents hundreds of corporate members seeking to cash in on the Homeland Security-citizen-surveillance-spending spree. In September 2002, dozens of major high-tech companies formed the "Homeland Security Industries Association." A key objective of the association is to win a piece of the action for the creation of national ID cards for travelers. Business Week reports that the SAS Institute is among many corporations scrambling to launch a whole new line of anti-money laundering software designed to help insurance companies, investment banks and brokerage firms spy on their clients' financial activities on behalf of the government in compliance with the Patriot Act. According to Bert Ely, the head of a consulting company for financial institutions, the new anti-money laundering provisions of the Patriot Act will do nothing to stop the financing of international terrorists. At best, he says, the new provisions will actually provide evildoers with a road map to avoid detection. What the new Patriot Act provisions are really about, says Ely, is to have the United States fall into line with an international campaign being waged by the Organization for Economic Cooperation and Development and the Financial Action Task Force against countries that serve as tax havens. It's all about tax collection! Business Week also reported that private-sector software makers are racing to develop programs to zero in on gambling. Business Week noted that, "the feds have put casinos on notice that they're next in the line of security." Now, how many terrorists have actually raised their funds in Las Vegas? In mid-September 2002, the U.S. Department of Commerce and the Office of Homeland Security held an expo in Washington. Medium and small firms from across the nation were invited in to showcase the very latest in citizen surveillance wares. The US Chamber of Commerce has hired the former deputy assistant to the Joint Chiefs of Staff to act as a liaison between the chamber and businesses seeking homeland security contracts. PoliticalMoneyline says that 444 groups and individuals have registered as lobbyists to deal with "terror" and "security" issues. IBM has opened a "Government Solutions Center" in Vienna, Virginia. The high-tech Unisys Corporation has established a similar exhibition for inspection by federal surveillance planners, called the "Homeland Security Center for Excellence." Both corporations are racing to cash in on billions of dollars for facial recognition systems at airports and, in anticipation of "trusted traveler" cards, a high-tech ID tied to extensive background checks and biometric identification. And finally this: with all of its new data banks, the Department of Justice announced last March (2003) that accuracy is no longer a concern for the building of one of the world's largest databases called the National Crime Information Center (NCIC). The NCIC has been exempted from the Privacy Act of 1974 that requires information entered into government databases be timely, relevant, complete and accurate. Also exempt are two other Department of Justice databases, the Central Records System and the National Center for Analysis of Violent Crime. The rational for exempting some of the nation's largest databases is that law-enforcement officers need bad data entered into NCIC in order to hurry in solving cases. The "false hope," Mr. President, is that repealing our liberties in the name of fighting terrorism will somehow lead to peace. Let the Patriot Act die and keep the American dream alive. About the Author: Tom DeWeese is the publisher/editor of The DeWeese Report and president of the American Policy Center: www.americanpolicy.org -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From emc at artifact.psychedelic.net Mon Jun 21 09:52:44 2004 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Mon, 21 Jun 2004 09:52:44 -0700 (PDT) Subject: Citizen Units Must Give Names Message-ID: <200406211652.i5LGqiR0031121@artifact.psychedelic.net> One used to have the right to be known by any name one wished, as long as one did not do so for the purpose of committing fraud, or impersonating someone else. One certainly has an absolute right to refuse to speak to a government employee when accosted. So it is difficult to understand the Court's "reasoning" in this case. http://www.reuters.com/newsArticle.jhtml?type=domesticNews&storyID=5473543 ----- WASHINGTON (Reuters) - A divided U.S. Supreme Court ruled on Monday that people are required to identify themselves when asked to do so by police, and rejected arguments that it violates their constitutional rights to privacy and to remain silent. ... -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From alan at clueserver.org Mon Jun 21 12:53:07 2004 From: alan at clueserver.org (alan) Date: Mon, 21 Jun 2004 12:53:07 -0700 (PDT) Subject: Citizen Chics Must Put Out In-Reply-To: <20040621195730.GA22474@localhost.localdomain> Message-ID: On Mon, 21 Jun 2004, Jay Goodman Tamboli wrote: > On Mon, Jun 21, 2004 at 01:45:19PM -0400, Tyler Durden wrote: > > OK...so say an officer is at the beach and spots some hot chick in a > > bathing suit, with obviously no ID on her person. And let's say this > > officer "believes" that this chick has a bag of pot at home. Can he just go > > and arrest her? > > That doesn't sound like "reasonable suspicion" to me. Police need > reasonable suspicion to stop the person and ask their name. Not anymore... From bill.stewart at pobox.com Mon Jun 21 12:58:54 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Mon, 21 Jun 2004 12:58:54 -0700 Subject: Papersplease Decision In-Reply-To: References: Message-ID: <6.0.3.0.0.20040621124318.0a28ce50@pop.idiom.com> At 10:45 AM 6/21/2004, Tyler Durden wrote: >OK...so say an officer is at the beach and spots some hot chick in a >bathing suit, with obviously no ID on her person. And let's say this >officer "believes" that this chick has a bag of pot at home. Can he just >go and arrest her? >-TD As the Reuters article says, "Kennedy said the Nevada law was narrow and precise, requiring only that a suspect disclose his or her name. It does not require the suspect to produce a driver's license or any other document." A great source for Supreme Court decisions is http://supct.law.cornell.edu/supct/ and this case is at http://supct.law.cornell.edu/supct/html/03-5554.ZS.html Kennedy does acknowledge, more or less, that their decision is increasing state powers and decreasing the rights of individuals. My reading of the opinions is that we probably had a better 4th Amendment argument and that the 5th Amendment one was a bit weaker. However, this doesn't mean that any cop anywhere can simply stop you and demand ID. Nevada _does_ have a law requiring that you identify yourself. However, in the Hiibel case, the cop demanded that he produce papers, which the Nevada law does _not_ require. In many states, the drivers license laws require you to produce your license when asked, if you're carrying it, though I'm not sure how many of them require that you produce it if you weren't driving. ... of course, _next_ month they'll address "Homeland Security vs. 260 Million John Does", or whatever other case the Feds decide to trump up proactively. http://freetotravel.org is Gilmore & Noise's site, but it hasn't been updated to reflect the verdict. From camera_lumina at hotmail.com Mon Jun 21 10:45:19 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 21 Jun 2004 13:45:19 -0400 Subject: Citizen Chics Must Put Out Message-ID: OK...so say an officer is at the beach and spots some hot chick in a bathing suit, with obviously no ID on her person. And let's say this officer "believes" that this chick has a bag of pot at home. Can he just go and arrest her? -TD >From: Eric Cordian >To: cypherpunks at minder.net >Subject: Citizen Units Must Give Names >Date: Mon, 21 Jun 2004 09:52:44 -0700 (PDT) > >One used to have the right to be known by any name one wished, as long as >one did not do so for the purpose of committing fraud, or impersonating >someone else. > >One certainly has an absolute right to refuse to speak to a government >employee when accosted. > >So it is difficult to understand the Court's "reasoning" in this case. > >http://www.reuters.com/newsArticle.jhtml?type=domesticNews&storyID=5473543 > >----- > >WASHINGTON (Reuters) - A divided U.S. Supreme Court ruled on Monday that >people are required to identify themselves when asked to do so by police, >and rejected arguments that it violates their constitutional rights to >privacy and to remain silent. > >... > >-- >Eric Michael Cordian 0+ >O:.T:.O:. Mathematical Munitions Division >"Do What Thou Wilt Shall Be The Whole Of The Law" > _________________________________________________________________ Watch the online reality show Mixed Messages with a friend and enter to win a trip to NY http://www.msnmessenger-download.click-url.com/go/onm00200497ave/direct/01/ From jay at tamboli.cx Mon Jun 21 12:57:30 2004 From: jay at tamboli.cx (Jay Goodman Tamboli) Date: Mon, 21 Jun 2004 15:57:30 -0400 Subject: Citizen Chics Must Put Out In-Reply-To: References: Message-ID: <20040621195730.GA22474@localhost.localdomain> On Mon, Jun 21, 2004 at 01:45:19PM -0400, Tyler Durden wrote: > OK...so say an officer is at the beach and spots some hot chick in a > bathing suit, with obviously no ID on her person. And let's say this > officer "believes" that this chick has a bag of pot at home. Can he just go > and arrest her? That doesn't sound like "reasonable suspicion" to me. Police need reasonable suspicion to stop the person and ask their name. /jgt [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Mon Jun 21 07:50:01 2004 From: eugen at leitl.org (Eugen Leitl) Date: Mon, 21 Jun 2004 16:50:01 +0200 Subject: Skype for Linux released Message-ID: <20040621145001.GD12847@leitl.org> http://www.skype.com/download_linux.html FYI. Binary-only, of course. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From hseaver at cybershamanix.com Mon Jun 21 18:19:21 2004 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Mon, 21 Jun 2004 20:19:21 -0500 Subject: Citizen Chics Must Put Out In-Reply-To: References: Message-ID: <20040622011921.GC19551@cybershamanix.com> This last Memorial Day weekend, I was heading off to work at my fun historical reinactor job at a state historic site (I get to run a 150 year old sawmill) and dressed appropriately. My wife's car was parked behind mine in the driveway, so I pulled hers out and into the neigbor's, pulled mine out onto the street, where there is no parking -- but hey, FedEx and UPS stop there all the time, so do contractors who are working on homes in the area and can't get their vehicles in the driveways, this is a historic district afterall and driveways are pretty damn small -- so just as I was about to get into my pickup and drive away, an Oshkosh pig pulls up behind me, lights on. He says, "Is that your truck?" and I say yes, I was just switching cars in the driveway. He says, as he gets out of his car, "Step over here, please." Asks for my license, "You can't park there." And I answer, "I'm not, I'm just switching cars." Then things get more serious -- "I smell marijuana, do you know marijuana is illegal?", which is total BS since it's been far too long. Then he says, "Do you mind if I search you?", to which of course, I replied, "Yes I do, you have no right to search me." I started to say, "Yeah, and I smell pigshit." but then realized that if I did, I wouldn't probably wouldn't make it to my job. Normally I would have escalated the scene as much as possible by bad mouthing him and his mother as much as possible, but I really do enjoy playing at the historic site and getting hauled to the jail for a few hours, even as much fun as that would have been being as obnoxious as possible and giving them continual lectures about how evil they are, how evil dubbya and asskruft are, how much I think that people like them need to be rounded up and put into re-education centers and given lobotomys so they can never bother decent people again -- still, I really wanted to make it to the job. So we were standing there at a bit of an impass, me saying "no, you cannot search me." Then he says, "Well, for my own safety, I have a right to search you for a weapon." I really, really, wish it had been some other time, so I could have forced the issue and made him call for reinforcements, because it would have been obvious to all and sundry that what this was really all about was the big 3 foot tall lighted 24/7 peace sign on the roof of my house and the bumper stickers on my truck and perhaps my hair, but -- ah well, maybe I'm getting old -- so I let him do it. And, of course, instead of just patting me down, he went thru all my pockets. Then he went over to the truck with my keys, and I thought he was going to search that too, but then he must have realized he was stepping into some real shit, with and stopped, put my keys on top of the truck, and got back into his car and told me I could go. So what am I ranting about? I'm not sure -- mostly, I guess, about how far things have gone. That some young skinhead pig thinks he can do something like this and get away with it. And it pisses me off more that it was such an in-opportune time, because I really do love so much going off on them and watching their stupid little faces get so flustered, watch their hands twitch nervously toward their guns. I really envy all those Iragis with their easy access to RPGs -- that's probably the only real answer. You know, there really are a lot of useless eaters, far too many oxygen thieves, in this country. But it's not the welfare mothers and poor that Tim always ranted about -- it's the pigs and those morons with the flags on their cars and imprinted on their brains. On the good side, I went to the Midwest Renewable Energy Fair this weekend, and sat just a few feet away from the stage where John Stauber and then Amy Goodman spoke, primarily about the media sellout in this country. On Mon, Jun 21, 2004 at 01:45:19PM -0400, Tyler Durden wrote: > > OK...so say an officer is at the beach and spots some hot chick in a > bathing suit, with obviously no ID on her person. And let's say this > officer "believes" that this chick has a bag of pot at home. Can he just go > and arrest her? > -TD > > > >From: Eric Cordian > >To: cypherpunks at minder.net > >Subject: Citizen Units Must Give Names > >Date: Mon, 21 Jun 2004 09:52:44 -0700 (PDT) > > > >One used to have the right to be known by any name one wished, as long as > >one did not do so for the purpose of committing fraud, or impersonating > >someone else. > > > >One certainly has an absolute right to refuse to speak to a government > >employee when accosted. > > > >So it is difficult to understand the Court's "reasoning" in this case. > > > >http://www.reuters.com/newsArticle.jhtml?type=domesticNews&storyID=5473543 > > > >----- > > > >WASHINGTON (Reuters) - A divided U.S. Supreme Court ruled on Monday that > >people are required to identify themselves when asked to do so by police, > >and rejected arguments that it violates their constitutional rights to > >privacy and to remain silent. > > > >... > > > >-- > >Eric Michael Cordian 0+ > >O:.T:.O:. Mathematical Munitions Division > >"Do What Thou Wilt Shall Be The Whole Of The Law" > > > > _________________________________________________________________ > Watch the online reality show Mixed Messages with a friend and enter to win > a trip to NY > http://www.msnmessenger-download.click-url.com/go/onm00200497ave/direct/01/ -- Harmon Seaver CyberShamanix http://www.cybershamanix.com Hoka hey! From measl at mfn.org Mon Jun 21 18:39:05 2004 From: measl at mfn.org (J.A. Terranson) Date: Mon, 21 Jun 2004 20:39:05 -0500 (CDT) Subject: Citizen Chics Must Put Out In-Reply-To: <20040622011921.GC19551@cybershamanix.com> References: <20040622011921.GC19551@cybershamanix.com> Message-ID: <20040621203627.J4552@ubzr.zsa.bet> On Mon, 21 Jun 2004, Harmon Seaver wrote: > So we were standing there at a bit of an impass, me saying "no, you cannot > search me." Then he says, "Well, for my own safety, I have a right to search you > for a weapon." I really, really, wish it had been some other time, so I could > have forced the issue and made him call for reinforcements, because it would > have been obvious to all and sundry that what this was really all about was the > big 3 foot tall lighted 24/7 peace sign on the roof of my house and the bumper > stickers on my truck and perhaps my hair, but -- ah well, maybe I'm getting old > -- so I let him do it. And, of course, instead of just patting me down, he went > thru all my pockets. Then he went over to the truck with my keys, and I thought > he was going to search that too, but then he must have realized he was stepping > into some real shit, FYI: Under the SCOTUS ruling of a few weeks ago, that guy *can* search your parked car, "for his own safety", of course :-( > So what am I ranting about? I'm not sure -- mostly, I guess, about how far > things have gone. That some young skinhead pig thinks he can do something like > this and get away with it. No, he doesn't "think he can do something like this and get away with it", he *KNOWS* he can do this and get away with it. > You know, there really are a lot of useless eaters, far too many oxygen > thieves, in this country. But it's not the welfare mothers and poor that Tim > always ranted about -- it's the pigs and those morons with the flags on their > cars and imprinted on their brains. Amen Lord! Pass the Zyklon! -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From dave at farber.net Mon Jun 21 18:19:00 2004 From: dave at farber.net (dave at farber.net) Date: Mon, 21 Jun 2004 21:19 -0400 Subject: [IP] When police ask your name, you must give it, Supreme Court says Message-ID: ___ Dave Farber +1 412 726 9889 ...... Forwarded Message ....... From: Kurt Albershardt To: dave at farber.net Date: Mon, 21 Jun 2004 16:44:00 -0700 Subj: When police ask your name, you must give it, Supreme Court says By GINA HOLLAND, Associated Press Writer WASHINGTON - A sharply divided Supreme Court ruled Monday that people who refuse to give their names to police can be arrested, even if they've done nothing wrong. The court previously had said police may briefly detain people they suspect of wrongdoing, without any proof. But until now, the justices had never held that during those encounters a person must reveal their identity. The court's 5-4 decision upholds laws in at least 21 states giving police the right to ask people their name and jail those who don't cooperate. Law enforcement officials say identification requests are a routine part of detective work. Privacy advocates say the decision gives police too much power. Once officers have a name, they can use computer databases to learn all kinds of personal information about the person. The loser in Monday's decision was Nevada cattle rancher Larry "Dudley" Hiibel, who was arrested and convicted of a misdemeanor after he told a deputy that he didn't have to give out his name or show an ID. The encounter happened after someone called police to report arguing between Hiibel and his daughter in a truck parked along a road. An officer asked him 11 times for his identification or his name. Hiibel repeatedly refused, at one point saying, "If you've got something, take me to jail" and "I don't want to talk. I've done nothing. I've broken no laws." In fighting the arrest, Hiibel became an unlikely constitutional privacy rights crusader. He wore a cowboy hat, boots and a bolo tie to the court this year when justices heard arguments in his appeal. "A Nevada cowboy courageously fought for his right to be left alone, but lost," said his attorney, Harriet Cummings. The court ruled that forcing someone to give police their name does not violate their Fourth Amendment protection from unreasonable searches. The court also said name requests do not violate the Fifth Amendment right against self-incrimination, except in rare cases. "One's identity is, by definition, unique; yet it is, in another sense, a universal characteristic. Answering a request to disclose a name is likely to be so insignificant in the scheme of things as to be incriminating only in unusual circumstances," Justice Anthony M. Kennedy wrote for the majority. "A name can provide the key to a broad array of information about the person, particularly in the hands of a police officer with access to a range of law enforcement databases," he wrote in a dissent. Justices David H. Souter, Ruth Bader Ginsburg (news - web sites) and Stephen Breyer (news - web sites) also disagreed with the ruling. Crime-fighting and justice groups had argued that a ruling the other way would have protected terrorists and encouraged people to refuse to cooperate with police. "The constant danger of renewed terrorist activity places enormous pressure on law enforcement to identify suspected terrorists before they strike," said Charles Hobson, an attorney with the Sacramento-based Criminal Justice Legal Foundation. But Tim Lynch, an attorney with the libertarian-oriented think tank Cato Institute, said the court "ruled that the government can turn a person's silence into a criminal offense." "Ordinary Americans will be hopelessly confused about when they can assert their right to remain silent without being jailed like Mr. Hiibel," said Lynch, who expects the ruling will lead more cities and states, and possibly Congress, to consider laws like the one in Nevada. Justices had been told that at least 20 states have similar laws to the Nevada statute: Alabama, Arkansas, California, Colorado, Delaware, Florida, Georgia, Illinois, Kansas, Louisiana, Massachusetts, Montana, Nebraska, New Hampshire, New Mexico, New York, North Dakota, Rhode Island, Utah, Vermont, and Wisconsin. The ruling was a follow up to a 1968 decision that said police may briefly detain someone on reasonable suspicion of wrongdoing, without the stronger standard of probable cause, to get more information. Justices said that during such brief detentions, known as Terry stops after the 1968 ruling, people must answer questions about their identities. Marc Rotenberg, head of the Electronic Privacy Information Center, said America is different 36 years after the Terry decision. "In a modern era, when the police get your identification, they are getting an extraordinary look at your private life." The case is Hiibel v. Sixth Judicial District Court of the state of Nevada, 03-5554. ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From s.schear at comcast.net Mon Jun 21 22:38:01 2004 From: s.schear at comcast.net (Steve Schear) Date: Mon, 21 Jun 2004 22:38:01 -0700 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <20040622031624.GY12847@leitl.org> References: <20040622031624.GY12847@leitl.org> Message-ID: <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> >WASHINGTON - A sharply divided Supreme Court ruled Monday that people who >refuse to give their names to police can be arrested, even if they've done >nothing wrong. > > >The court previously had said police may briefly detain people they suspect >of wrongdoing, without any proof. But until now, the justices had never held >that during those encounters a person must reveal their identity. > >The court's 5-4 decision upholds laws in at least 21 states giving police >the right to ask people their name and jail those who don't cooperate. Law >enforcement officials say identification requests are a routine part of >detective work. Not a problem. Its legal to use any name you wish, including those that use gyphs and sounds which cannot be represented by standard Roman and non-Roman alphabets (as is common in some African tribes). So, those that wish to avoid this data base nightmare can legally adopt name which does not conform. Steve From gabe at seul.org Mon Jun 21 23:52:15 2004 From: gabe at seul.org (Gabriel Rocha) Date: Tue, 22 Jun 2004 02:52:15 -0400 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> References: <20040622031624.GY12847@leitl.org> <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> Message-ID: <20040622065215.GC3169@moria.seul.org> On Jun 21 2004, Steve Schear wrote: | Not a problem. Its legal to use any name you wish, including those that | use gyphs and sounds which cannot be represented by standard Roman and | non-Roman alphabets (as is common in some African tribes). So, those that | wish to avoid this data base nightmare can legally adopt name which does | not conform. Well, in principle this is a nice "screw you" method. But in practice... well, if you have to write down your name because the sound doesn't exist or can't be pronounced, you're that much more singled out eh... And for those of us who wish to travel, well, passports become difficult to manage I suspect. I am quite surprised with this ruling actually (I haven't yet read the specifics) but the first impression of it says that this does not bode well for opponents of the "War on Terrorism" (tm) or for anyone who doesn't like the great big database in the sky... From eugen at leitl.org Mon Jun 21 20:16:25 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 22 Jun 2004 05:16:25 +0200 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) Message-ID: <20040622031624.GY12847@leitl.org> ----- Forwarded message from dave at farber.net ----- From justin-cypherpunks at soze.net Tue Jun 22 00:04:00 2004 From: justin-cypherpunks at soze.net (Justin) Date: Tue, 22 Jun 2004 07:04:00 +0000 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> References: <20040622031624.GY12847@leitl.org> <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> Message-ID: <20040622070400.GA32070@arion.soze.net> On 2004-06-21T22:38:01-0700, Steve Schear wrote: > Not a problem. Its legal to use any name you wish, including those that > use gyphs and sounds which cannot be represented by standard Roman and > non-Roman alphabets (as is common in some African tribes). So, those that > wish to avoid this data base nightmare can legally adopt name which does > not conform. Don't citizens have to have an english-alphabet transliteration of their name to use for legal purposes (birth certificate, green card, social security record)? Everyone should change their legal names to Agent Smith. Is there a list of the other 20 states with stop-and-identify laws? The DMV differentiates same-name people by SSN, right? Is it very far-fetched to imagine that state courts and federal appeals courts will uphold state laws requiring SSN disclosure for identification purposes? After all, the Supreme Court didn't rule this way for fun; they ruled this way because they think that citizen have a duty to reveal their identity to police. If a name isn't enough to do so, I would think a SSN would be required. Maybe the 9th circuit will be safe from mandatory SSN disclosure during Terry stops, but I doubt any other circuits will be. The Supremes can't want to hear another case of this sort in the near future. They just cranked up the temperature; if they crank it up again too soon the frogs may notice they're about to boil. -- "Once you knew, you'd claim her, and I didn't want that." "Not your decision to make." "Yes, but it's the right decision, and I made it for my daughter." - Beatrix; Bill ...Kill Bill Vol. 2 From justin-cypherpunks at soze.net Tue Jun 22 00:09:23 2004 From: justin-cypherpunks at soze.net (Justin) Date: Tue, 22 Jun 2004 07:09:23 +0000 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <20040622065215.GC3169@moria.seul.org> References: <20040622031624.GY12847@leitl.org> <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> <20040622065215.GC3169@moria.seul.org> Message-ID: <20040622070923.GB32070@arion.soze.net> On 2004-06-22T02:52:15-0400, Gabriel Rocha wrote: > > On Jun 21 2004, Steve Schear wrote: > | Not a problem. Its legal to use any name you wish, including those that > | use gyphs and sounds which cannot be represented by standard Roman and > | non-Roman alphabets (as is common in some African tribes). So, those that > | wish to avoid this data base nightmare can legally adopt name which does > | not conform. > > Well, in principle this is a nice "screw you" method. But in practice... > well, if you have to write down your name because the sound doesn't > exist or can't be pronounced, you're that much more singled out eh... > And for those of us who wish to travel, well, passports become difficult > to manage I suspect. I am quite surprised with this ruling actually (I > haven't yet read the specifics) but the first impression of it says that > this does not bode well for opponents of the "War on Terrorism" (tm) or > for anyone who doesn't like the great big database in the sky... Yes, we're screwed, but not because of the name requirement. Soon we will have to recite our citizenship number whenever a police officer, I mean pig, is "investigating an investigation" and asks us to identify ourselves. The supreme court will uphold that requirement for the same reason they just upheld the NV law. The number itself is not incriminating, and the State has a substantial interest in knowing who you are -- you may need medicating, or you may owe the government money, or you may have violated any number of illegitimate laws and therefore need reeducating in a federal prison. -- "Once you knew, you'd claim her, and I didn't want that." "Not your decision to make." "Yes, but it's the right decision, and I made it for my daughter." - Beatrix; Bill ...Kill Bill Vol. 2 From rah at shipwright.com Tue Jun 22 07:42:30 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 22 Jun 2004 10:42:30 -0400 Subject: Police fudge on ID theft: expert Message-ID: Australian IT Police fudge on ID theft: expert Kelly Mills JUNE 22, 2004 REPORTS of increasing identity fraud attacks have been exaggerated by law enforcement agencies seeking to maintain budgets, according to a former Scotland Yard detective. Identity fraud attacks, such as phishing, have increased in the past year as international syndicates target Australian financial institutions. However, SAS Institute fraud and anti-money laundering solutions director Rowan Bosworth-Davies, a former Scotland Yard detective and lawyer, says identity theft is relatively rare. "I would need more evidence from law enforcement agencies of identity theft before I got too excited about it," he says. "It is a sexy subject and you can say what you like and no-one will say that you are wrong." Bosworth-Davies says there is a lot of hype around identity theft and a great deal of misinformation, which he attributes partly to some police agencies that want to increase funding. "If someone was living the life of Riley on your credit card, wouldn't you know within a month, when you got your credit card statement?" Bosworth-Davies says genuine cases of identity fraud, using stolen credit card details and other identity documents, are relatively few. Speaking at the SAS International Forum 2004 in Copenhagen, Bosworth-Davies was also critical of banks' ability to deal with money laundering. Prior to September 11, 2001, there was debate about money laundering, and if banks had software it was largely developed internally, he says. In the past three or four years, however, large banks had installed anti-money-laundering software to comply with new international regulations. "Leading banks in the UK have adopted new solutions, but it would be less true in Australia, which has different regulatory drivers." Kelly Mills attended SAS Forum International 2004 in Copenhagen as a guest of SAS Australia. This report appears on australianIT.com.au. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From morlockelloi at yahoo.com Tue Jun 22 11:22:55 2004 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Tue, 22 Jun 2004 11:22:55 -0700 (PDT) Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <20040622070923.GB32070@arion.soze.net> Message-ID: <20040622182256.61855.qmail@web40609.mail.yahoo.com> > incriminating, and the State has a substantial interest in knowing who you > are -- you may need medicating, or you may owe the government money, or Exactly ... and maybe you are on this "consumer" list: http://bmj.bmjjournals.com/cgi/content/full/328/7454/1458 >The president's commission found that "despite their prevalence, mental >disorders often go undiagnosed" and recommended comprehensive mental >health screening for "consumers of all ages," including preschool >children. According to the commission, "Each year, young children are >expelled from preschools and childcare facilities for severely >disruptive behaviours and emotional disorders." Schools, wrote the >commission, are in a "key position" to screen the 52 million students >and 6 million adults who work at the schools. > >The commission also recommended "Linkage [of screening] with treatment >and supports" including "state-of-the-art treatments" using "specific >medications for specific conditions." The commission commended the Texas >Medication Algorithm Project (TMAP) as a "model" medication treatment >plan that "illustrates an evidence-based practice that results in better >consumer outcomes." BTW, looks like designation "citizen" has been obsoleted by "consumer". ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail From eugen at leitl.org Tue Jun 22 04:16:20 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 22 Jun 2004 13:16:20 +0200 Subject: geographic MACs Message-ID: <20040622111619.GI12847@leitl.org> MAC address space is enough for roughly one device/square meter of Earth surface. This is about enough for wireless MAC (24 bit for longitude/latitude each) assigment from, say, WGS 84. Not enough for elevation, but given that it's rough coordinates, injecting some noise should remove potential (rare) address collisions. Pluses are the MACs can be assigned by the system (negotiating how to back off of potential collisions). Lacking relativistic pings, signal strength is useful for rough distance estimates of internode distance. Obviously, WiFi boxes which can directly parse NMEA input can compute the MAC directly, otherwise it's a one-time (for immobile nodes) operation at setup. This is obviously of use for geographic routing in wireless meshes, geographically constrained queries/broadcast, etc. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From bill.stewart at pobox.com Tue Jun 22 14:27:49 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 22 Jun 2004 14:27:49 -0700 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <20040622070400.GA32070@arion.soze.net> References: <20040622031624.GY12847@leitl.org> <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> <20040622070400.GA32070@arion.soze.net> Message-ID: <6.0.3.0.0.20040622140658.0a2312a0@pop.idiom.com> At 12:04 AM 6/22/2004, Justin wrote: >On 2004-06-21T22:38:01-0700, Steve Schear wrote: > > Not a problem. Its legal to use any name you wish, including those that > > use gyphs and sounds which cannot be represented by standard Roman and > > non-Roman alphabets (as is common in some African tribes). So, those that > > wish to avoid this data base nightmare can legally adopt name which does > > not conform. It's legal to _have_ any name you wish, but in some states you can just use the name you want, and in other states you have to legally change your name. California's DMV changed their policies five or ten years ago - this used to be one of the places where changing your name on a whim was not only freely accepted, but just about mandatory in Hollywood, but at least the DMV now requires you to legally change your name (not sure if the rest of the law requires it.) >Don't citizens have to have an english-alphabet transliteration of their >name to use for legal purposes (birth certificate, green card, social >security record)? No legal requirement that I'm aware of, nor is literacy mandatory. Some individual types of paperwork may require that (wouldn't surprise me if the INS thugs did, for instance, though their standard rule in the past was that they'd assign you an inaccurate transliteration...) but that doesn't mean they all need the same. You're not required to get a birth certificate, though if your kid's born in a hospital they'll tend to issue one whether you ask for it or not. I never applied for a social security number, so I haven't seen the forms (my parents had already done that for me, and I assume that the number I memorized in ~2nd grade was correct, though I've long since lost the paper.) >Is there a list of the other 20 states with stop-and-identify laws? Go read the Supreme Court majority opinion - the states are mentioned there, though the opinion doesn't say exactly what each state requires. California, BTW, isn't on the list. >The DMV differentiates same-name people by SSN, right? It tries :-) It also tries to differentiate by address. Most DMVs aren't very good at record-keeping, and the last two states I've lived in have each spent ~$50 million on huge computer modernization processes that have failed miserably... >Is it very far-fetched to imagine that state courts and >federal appeals courts will uphold state laws requiring >SSN disclosure for identification purposes? State laws requiring SSN disclosure for driver's licenses were illegal under the Privacy Act of 1974, and then legalized for limited uses in ~1986, and the Feds have made them all but mandatory. They're also mandatory for income-taxable business, except when you can use a Taxpayer ID Number instead. >After all, the Supreme Court didn't rule this way for fun; You're overestimating the morals of the more conservative members of the Court, though "fun" requires a sense of humor which may be lacking in Rehnquist's case..... (Some of them do have fun - Scalia recently went hunting with Cheney, for instance, and Thomas got raked over the coals at his acceptance hearings because of the fun he'd had harassing Anita Hill. And one or two of the liberals are a bit on the odd side as well.) >Maybe the 9th circuit will be safe from mandatory SSN disclosure during >Terry stops, but I doubt any other circuits will be. The Supremes can't >want to hear another case of this sort in the near future. They just >cranked up the temperature; if they crank it up again too soon the frogs >may notice they're about to boil. They didn't take this case just because they wanted it to - they took it because Gilmore and Noise and friends helped Hiibel and the Nevada Public Defender get it there. They aren't likely to hear another case soon that isn't edgy like this, but the FBI, Homeland Security thugs and their antecedents have been pushing for more and more government control over citizens, so any available edge is likely to get pushed. Bill Stewart bill.stewart at pobox.com From roy at rant-central.com Tue Jun 22 12:43:27 2004 From: roy at rant-central.com (Roy M. Silvernail) Date: Tue, 22 Jun 2004 15:43:27 -0400 Subject: [IP] When police ask your name, you must give it, Supreme Court says (fwd from dave@farber.net) In-Reply-To: <20040622182256.61855.qmail@web40609.mail.yahoo.com> References: <20040622182256.61855.qmail@web40609.mail.yahoo.com> Message-ID: <40D88BDF.1030607@rant-central.com> Morlock Elloi wrote: >>incriminating, and the State has a substantial interest in knowing who you >>are -- you may need medicating, or you may owe the government money, or >> >> > >Exactly ... and maybe you are on this "consumer" list: > > >http://bmj.bmjjournals.com/cgi/content/full/328/7454/1458 > > Thanks for ruining my day! Now I'm going to go home and watch Equilibrium again. -- Roy M. Silvernail is roy at rant-central.com, and you're not "It's just this little chromium switch, here." - TFS SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com From bill.stewart at pobox.com Tue Jun 22 16:53:57 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 22 Jun 2004 16:53:57 -0700 Subject: Genetically Engineered Virus Reduces Cocaine Cravings Message-ID: <6.0.3.0.0.20040622164347.0a274f10@pop.idiom.com> http://news.bbc.co.uk/2/hi/health/3825177.stm The Beeb's got a story about a virus that reduces the effects of cocaine in rats, being better at getting appropriate proteins to appropriate parts of the brain. The news story talks about the potential for use in treatment (says it's way too early to tell, and says that addictive behaviours are psychologically complex so they can't predict if addicts would just switch to other drugs if the virus makes coke not work for them, but that's the kind of thing people in the treatment biz say), but the parts of the story that talk about what the virus actually does talk about reduction in the direct effects of cocaine on rat behaviour, not the effects on withdrawal. Meanwhile, Dept of Homeland Security is pricing syringes... ---- Bill Stewart bill.stewart at pobox.com From jbone at place.org Tue Jun 22 16:12:15 2004 From: jbone at place.org (Contempt for Meatheads) Date: Tue, 22 Jun 2004 18:12:15 -0500 Subject: [FoRK] Operation See-No-Evil Message-ID: Did anybody catch the bit from the Daily Show last night w/ the Cheney interview --- "in his secret lair?" Dude, WTF? He looked like he was in some kind of darkened mad scientist's lab prepping for doomsday. Seriously, the room was full of all this unidentifiable and slightly ominous-looking (in half-second glimpses) equipment, and was lit like the set where Luke fights the Emperor. Bizarre stuff. I always thought the sets for the Pres and friends in 24 were kind of bizarre, but apparently our upper echelon's real digs are even weirder. (Aside: great bit from JS last night, where he cuts directly from claims Cheney made about not saying something to footage that directly contradicts this. Fucking liars. I'd have a lot more respect for them if they respected their public's intelligence more themselves.) Well, not content to merely be in the undisclosed location, apparently he's gunning to be removed from essential public documents as well. I didn't know whether to entitle this one "Operation See-No-Evil" or "Operation No Legacy." ;-) -- http://www.salon.com/politics/war_room/2004/06/22/cheney_cia/? source=RSS Cheney may disappear from intel report Will Dick Cheney's name get scrubbed from the Senate Intelligence Committee report that by all accounts is highly critical of prewar intelligence -- which he played a big role in? This Time magazine piece says the CIA is pressing to have even titles removed from the report to make the actors in the prewar intelligence drama, including Cheney, unrecognizable. "To suggestions that the redaction request could be interpreted as an effort to provide political cover for Cheney, a CIA official responds that 'the purpose of declassification review is to protect intelligence sources, methods and other classified matters which, if disclosed, could be helpful to adversaries, like weapons proliferators and terrorists. It is not to stifle criticism.' Leaders of the Senate panel don't see it the same way. 'The Committee is extremely disappointed by the CIA?s excessive redactions to the report,' Chairman Pat Roberts, a Kansas Republican, and Vice Chairman Jay Rockefeller, and West Virginia Democrat, said in a statement last week, without mentioning any specific CIA-proposed edits." -- Geraldine Sealey [08:25 PDT, June 22, 2004] _______________________________________________ FoRK mailing list http://xent.com/mailman/listinfo/fork ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From s.schear at comcast.net Tue Jun 22 19:30:27 2004 From: s.schear at comcast.net (Steve Schear) Date: Tue, 22 Jun 2004 19:30:27 -0700 Subject: =?iso-8859-1?Q?There=92s_No_Such_Thing_As_an_"Illegal_Alien"?= In-Reply-To: <6.0.3.0.0.20040622140658.0a2312a0@pop.idiom.com> References: <20040622031624.GY12847@leitl.org> <6.0.1.1.0.20040621223318.050363e8@mail.comcast.net> <20040622070400.GA32070@arion.soze.net> <6.0.3.0.0.20040622140658.0a2312a0@pop.idiom.com> Message-ID: <6.0.1.1.0.20040622192909.04d67518@mail.comcast.net> Written by Marc Stevens Theres an incredible amount of energy expended on the subject of so-called "illegal aliens." These are men, women and children who allegedly are not in the "country" "legally." People who think theyre "citizens" believe physical force may be used against "illegal aliens" to cage them and send them back to their "country." This use of physical violence is called "deportation." One of the biggest complaints about these so-called "illegals" is how much they cost "citizens" and "taxpayers" in welfare and other "social programs." However, just as its a myth theres a "country" or "nation" called the "United States," theres no such thing as an "illegal alien." Theyre all part of the government hoax. To prove theres no such thing as an "illegal alien," one needs to examine what a "nation" or "country" is. A "nation," such as the pretended "United States," is supposed to be a "voluntary association of individuals." The mere fact physical violence is used to "deport" so-called "illegals" contradicts the professed "voluntary" nature of a "nation." A "nation" is composed of "citizens," and a "citizen" is supposed to be a member of a political body ("nation") who owes a duty of allegiance in return for a duty of protection. These two "duties" are the only things separating men who are "citizens" from men who are "illegal aliens." Do these alleged "duties" exist and if so, exactly how were they created? Is the "protection" offered by the "United States government" offered on a take-it-or-leave-it basis like other services? No, of course not. "Citizen" is not synonymous with customer. Customers, unlike "citizens," have the choice to say no to a particular service or product without being threatened and killed. You accept and pay for the services provided by men and women doing business as a "state" or be murdered: "The only idea they have ever manifested as to what is a government of consent, is thisthat it is one to which everybody must consent, or be shot." No Treason: The Constitution of No Authority - Lysander Spooner. Its fundamental no "duty" or obligation is created by threats of violence and violence. This is one of the fatal flaws in statist theology. Men and women calling themselves "government" violently impose themselves on victims called "citizens," and "ordain" scriptures called "laws" that define the way "government" does business as a crime. I love the following example of this quoted in my article The Government Hoax: "racketeer. The organized use of threats, coercion, intimidation, and violence to compel the payment for actual or alleged services of arbitrary or excessive charges under the guise of membership dues, protection fees, royalties, or service rates. United States v McGlone (DC Pa) 19 F Supp 285, 286." Ballentines Law Dictionary, page 1051. This describes exactly how men and women calling themselves a "state," "nation" and "government" operate. Now if "duties" and obligations are not created by violence, then theres no "duty" to protect anyone and there is no "duty" of allegiance. These are the only two things separating men who are "citizens" from men who are "illegal aliens" and neither one exists. Because neither "duty" exists there are no "citizens" and no "nation." It then follows there is no such thing as an "illegal alien." The only "officially recognized" "legal" status with any existence is called "res nullius" meaning: "The property of no one." Ballentines Law Dictionary, page 1105. This is why the very idea of a "free government" is ridiculous. Because human beings are not property there can be no valid "government" as "govern" means control and control implies ownership: "The right of absolute and irresponsible dominion is the right of property, and the right of property is the right of absolute, irresponsible dominion. The two are identical; the one necessarily implying the other." No Treason: The Constitution of No Authority - Lysander Spooner. The "illegal" problem is classic diversion: instead of focusing on the real problem, viz., men and women violently controlling other men and women ("government," slavery etc.), the focus is diverted to non-existent "illegal aliens." Men and women pretending to be a "state" steal money from their victims (pretended "citizens") and give it to other men, women and children (pretended "illegals"). Instead of refusing to be victims and not permitting their money to be stolen, the victims only complain the people stealing their money shouldnt give it away. Focusing on the non-existent "illegals" instead of the robbery only gives the violent men and women pretending to be a "state" legitimacy. It is tantamount to a bank being robbed and the bank managers only complaint is the robber buys crack with the money. "Hey, dont buy crack! Thats stupid. You should buy more guns and soldiers so you can steal more money." It seems irrational to complain how stolen money is being used. When money is stolen the only relevant issue is that it was stolen, not what the anti-social parasite is doing with it. While "illegal aliens" are not real, violent anti-social men and women pretending to be "states" are. Buying into the illusion there are "states" and "nations" only diverts attention from what these professional parasites are doing i.e., killing, stealing and lying. Marc Stevens is the author of Adventures in Legal Land, the controversial and humorous book exposing the government hoax, order your copy today at www.adventuresinlegalland.com. From bill.stewart at pobox.com Tue Jun 22 22:57:19 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 22 Jun 2004 22:57:19 -0700 Subject: Hiibel case on NPR Talk Of The Nation Wednesday 11am PDT Message-ID: <6.0.3.0.0.20040622225658.03775b20@pop.idiom.com> I heard an announcement on NPR tonight that tomorrow's Talk Of The Nation program will be discussing the "Papers Please" case. http://www.npr.org/programs/totn/ . Mark Rotenberg of EPIC will be on. Wed, June 23, 2004 -- 11:00am PDT KQED.ORG Refusing to give your name to a police officer could get you arrested. That's what the Supreme Court ruled this week. Guests: Bill Johnson, executive director and legal counsel of the National Association of Police Organizations; and Marc Rotenberg, president of Electronic Privacy Information Center. From measl at mfn.org Wed Jun 23 02:57:53 2004 From: measl at mfn.org (J.A. Terranson) Date: Wed, 23 Jun 2004 04:57:53 -0500 (CDT) Subject: my name is Doe, John Doe In-Reply-To: <20040623095319.GS12847@leitl.org> References: <20040623095319.GS12847@leitl.org> Message-ID: <20040623045643.P6233@ubzr.zsa.bet> On Wed, 23 Jun 2004, Eugen Leitl wrote: > Has anyone ever legally changed his name to John Doe, and documented the > results, if any? I don't know about that one, but some of the others are likely to have caused critical system failures :-) "The schmuck formally known as Prince" "Internet Guy" "7" etc.. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From rforno at infowarrior.org Wed Jun 23 09:38:34 2004 From: rforno at infowarrior.org (Richard Forno) Date: June 23, 2004 9:38:34 PM EDT Subject: Update on the INDUCE Act (now renamed the "IICA") Message-ID: Two updates to last week's note on the so-called INDUCE ACT to stiffen copyright enforcement activities. I will also note that the bill title has been changed to something a bit more rational than its prior proposed title -- it's now known as the "Inducing Infringement of Copyrights Act (IICA)." I wonder if the OS vendors will be considered as inducing infringement by allowing their systems to connect to the internet. Or how about for providing protocols such as ftp, scp, smtp, etc. that facilitate P2P sharing? Are the inmates running the asylum? No, wait -- don?t answer that. - rick Infowarrior.org UPDATE (1): Some quick thoughts on the revised bill and its broader goals TechLaw Advisor Susan Crawford also reports that "counsels" - an overly abusive term used here - has been dropped from the bill. Unfortunately there is no copy of the bill available at the moment. Susan also hears that the bill is fast-tracked to the Senate floor after a quick hearing either Thursday or Friday of this week. Susan's tech-law blog is located at: http://techlawadvisor.com/blog/ 2004_06_13_archive.html#108744622389089703 Susan also links to a discussion document at the Senate Judiciary Committee's website that shows the desire to make P2P equated as software that's illegal, illicit, immoral, etc. The Senate document is found at: http://judiciary.senate.gov/special/content_protection.pdf UPDATE (2): More in-depth information from News.Com Senate bill bans P2P networks By Declan McCullagh The Inducing Infringement of Copyrights Act, which was made public Wednesday, represents the latest legislative attempt by large copyright holders to address what they see as the growing threat of peer-to-peer networks rife with pirated music, movies and software. Violations of the IICA would be punished with civil fines and, in some circumstances, lengthy prison terms. < snip > The IICA is designed to overturn an April 2003 ruling from a federal judge in Los Angeles that said file-swapping services StreamCast Networks and Grokster were legal to operate. In that decision, which the entertainment industry has appealed to the 9th Circuit, U.S. District Judge Stephen Wilson wrote that "Grokster and (Morpheus operator) StreamCast are not significantly different from companies that sell home video recorders or copy machines, both of which can be and are used to infringe copyrights." Wilson said those networks were not as centralized as Napster, which the 9th Circuit declared to be illegal in 2001, and could continue to exist. < snip> http://news.com.com/Senate%20bill%20bans%20P2P%20networks/2100-1027_3 -524479 6.html?tag=techdirt ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From sunder at sunder.net Wed Jun 23 07:25:05 2004 From: sunder at sunder.net (Sunder) Date: Wed, 23 Jun 2004 10:25:05 -0400 (edt) Subject: my name is Doe, John Doe In-Reply-To: <20040623045643.P6233@ubzr.zsa.bet> References: <20040623095319.GS12847@leitl.org> <20040623045643.P6233@ubzr.zsa.bet> Message-ID: How about "rm -rf /" First name is "rm" middle is "-rf" last is "/" :) From eugen at leitl.org Wed Jun 23 02:39:08 2004 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 23 Jun 2004 11:39:08 +0200 Subject: [FoRK] Operation See-No-Evil (fwd from jbone@place.org) Message-ID: <20040623093908.GL12847@leitl.org> ----- Forwarded message from Contempt for Meatheads ----- From eugen at leitl.org Wed Jun 23 02:53:19 2004 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 23 Jun 2004 11:53:19 +0200 Subject: my name is Doe, John Doe Message-ID: <20040623095319.GS12847@leitl.org> Has anyone ever legally changed his name to John Doe, and documented the results, if any? -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From Bruce_Tefft at sra.com Wed Jun 23 20:20:08 2004 From: Bruce_Tefft at sra.com (Tefft, Bruce) Date: Wed, 23 Jun 2004 23:20:08 -0400 Subject: [osint] Saudi cracks down on tailors dressing terrorists Message-ID: http://in.news.yahoo.com/040623/137/2dzln.html Wednesday June 23, 11:40 PM Saudi cracks down on tailors dressing militants By Heba Kandil RIYADH (Reuters) - Saudi authorities have increased inspections at tailor shops in a bid to stop the illegal production of military uniforms used by al Qaeda militants bent on toppling the pro-U.S. monarchy. Above the clatter of sewing machines, many tailors told Reuters on Wednesday that inspectors had warned them against selling uniforms to people without a military identification card. "Every two weeks there is a police inspection at our shops," Indian tailor Ulom said in his tiny shop, one of several lining Riyadh's al-Wazir street where the bulk of uniforms are made. "If I don't ask for IDs, I could be arrested," he says, holding his hands in a cuffed position. The government began restricting access to uniforms after al Qaeda militants, in military or police gear, escalated their battle against the government and the Western residents they regard as "infidels". In one of the bloodiest attacks by Osama bin Laden's group, militants masquerading as security men killed 22 civilians in a May shooting and hostage-taking spree in the oil city of Khobar. In November 2003, suicide bombers also got into a Riyadh housing compound by dressing up as security forces. At least 18 people, mainly Arabs and Muslims, were killed in that attack. And repeating a frequent claim, al Qaeda said in an Internet publication that some policemen had helped them kidnap U.S. engineer Paul Johnson -- whom they beheaded last week -- by providing uniforms and cars. The government denied the report. At least 85 civilians and police have been killed by al Qaeda, blamed for the September 2001 attacks on U.S. cities. DEVIANTS The Saudi authorities say the militants often copy military costumes and paint cars in police colours. But some militants used to serve in the security forces and diplomats said they often use their IDs and contacts to legally obtain props. Saleh al-Awfi, tipped to be the new al Qaeda leader in the kingdom, was a former Interior Ministry employee. Mohammed, another Indian tailor, said he was happy to comply with the government regulations because he wants to make sure he is outfitting the "good guys" and not the "deviant faction". "By God, it's a crime what's happening," he said as he carefully measured green camouflage cloth. "But we only service people with military ID cards," he added, rising from his seat to greet a customer inspecting the boots, pistol holsters and name badges in the window display. Saudi forces won a major battle against the group on Friday when they shot and killed four prominent militants, including Saudi's al Qaeda leader Abdulaziz al-Muqrin. Despite the government's efforts, some Saudis say anybody can buy the costumes without the mandatory documents. The shop's provide uniforms for cadets at military school and officers. "Yes, there are restrictions but a trader will often forgo IDs for a profit," said one Saudi journalist. "Buying a military outfit is as easy as buying a can of soft drink." ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-osint at yahoogroups.com. -------------------------- Brooks Isoldi, editor bisoldi at intellnet.org http://www.intellnet.org Post message: osint at yahoogroups.com Subscribe: osint-subscribe at yahoogroups.com Unsubscribe: osint-unsubscribe at yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: osint-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Thu Jun 24 04:13:30 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 24 Jun 2004 07:13:30 -0400 Subject: Sewing Machine Escrow... Message-ID: --- begin forwarded text From dave at farber.net Thu Jun 24 05:48:05 2004 From: dave at farber.net (David Farber) Date: Thu, 24 Jun 2004 08:48:05 -0400 Subject: [IP] Update on the INDUCE Act (now renamed the "IICA") Message-ID: Begin forwarded message: From vab at cryptnet.net Thu Jun 24 06:24:56 2004 From: vab at cryptnet.net (V. Alex Brennen) Date: Thu, 24 Jun 2004 09:24:56 -0400 Subject: [p2p-hackers] The Fifth HOPE in NYC Message-ID: At The Fifth HOPE a talk will be given on how to break anonymity networks. Some commonly used p2p code such as Tor and the remailers will be covered. I cannot attend the conference. Is anyone on the list going who could report back? I'm interested to hear if anything other than what's already been widely published is covered in this talk. I'm working on a p2p anonymity project. Thanks, - VAB The Fifth HOPE, NYC July 9-11th, 2004 http://www.the-fifth-hope.org/ How To Break Anonymity Networks Nick Mathewson Today's anonymous communication software (such as Mixmaster, Mixminion, Nymservers, JAP, Tor, Anonymizer, etc.) allows people to communicate while concealing their identities from each other and from external attackers. But no deployed system is strong enough to protect every pattern of user behavior against a sufficiently resourceful adversary, and many of them fall to far simpler attacks. In this talk, Nick will discuss working attacks against today's anonymity networks, drawing from past technical and social attacks on deployed networks and from recent academic research in traffic analysis, stylometry, and mix-net design. He will present defenses to these attacks when such defenses are known to exist. Saturday 2300 Area "B" _______________________________________________ p2p-hackers mailing list p2p-hackers at zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From emc at artifact.psychedelic.net Thu Jun 24 09:57:10 2004 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Thu, 24 Jun 2004 09:57:10 -0700 (PDT) Subject: Respect for the Judiciary Message-ID: <200406241657.i5OGvAnp018424@artifact.psychedelic.net> I wonder if any such noises were heard during the Jim Bell trial. http://www.thesmokinggun.com/archive/0624041pump1.html ----- JUNE 24--While seated on the bench, an Oklahoma judge used a male enhancement pump, shaved and oiled his nether region, and pleasured himself, state officials charged yesterday in a petition to remove the jurist. ... Visitors to Thompson's Creek County courtroom reported hearing a "swooshing" sound coming from the bench, a noise the court reporter said "sounded like a blood pressure cuff being pumped up." ... -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From camera_lumina at hotmail.com Thu Jun 24 08:05:54 2004 From: camera_lumina at hotmail.com (Tyler Durden) Date: Thu, 24 Jun 2004 11:05:54 -0400 Subject: Citizen Chics Must Put Out Message-ID: I gotta say I'm still disturbed by this. Got no real point to make, but the ID thing may mean that even the "no parking" pretense wasn't needed. Is it sufficient or a cop to suspect marijuana based on the fact that HS might look like a "hippie"? Requesting the ID is all that is needed for an encounter, and then that encounter can lead to frisking or whatever else just because some inbread useless eater Bubba felt like it. Seems my hot chick in swimsuit scenario is not farfetched at all. Hum...perhaps some oregano needs to be laced with cy*n*de or something. Let that piece of shit sniff THAT....he did, after all, literally ask for it. You could even say, "Uh, you don't want to sniff that..." -TD >From: Harmon Seaver >To: Tyler Durden >CC: emc at artifact.psychedelic.net, cypherpunks at al-qaeda.net >Subject: Re: Citizen Chics Must Put Out >Date: Mon, 21 Jun 2004 20:19:21 -0500 > > This last Memorial Day weekend, I was heading off to work at my fun >historical >reinactor job at a state historic site (I get to run a 150 year old >sawmill) and >dressed appropriately. My wife's car was parked behind mine in the >driveway, so >I pulled hers out and into the neigbor's, pulled mine out onto the street, >where >there is no parking -- but hey, FedEx and UPS stop there all the time, so >do >contractors who are working on homes in the area and can't get their >vehicles in >the driveways, this is a historic district afterall and driveways are >pretty >damn small -- so just as I was about to get into my pickup and drive away, >an >Oshkosh pig pulls up behind me, lights on. He says, "Is that your truck?" >and I >say yes, I was just switching cars in the driveway. He says, as he gets out >of >his car, "Step over here, please." Asks for my license, "You can't park >there." And I answer, "I'm not, I'm just switching cars." > Then things get more serious -- "I smell marijuana, do you know >marijuana is >illegal?", which is total BS since it's been far too long. Then he says, >"Do >you mind if I search you?", to which of course, I replied, "Yes I do, you >have >no right to search me." I started to say, "Yeah, and I smell pigshit." but >then >realized that if I did, I wouldn't probably wouldn't make it to my job. >Normally >I would have escalated the scene as much as possible by bad mouthing him >and his >mother as much as possible, but I really do enjoy playing at the historic >site >and getting hauled to the jail for a few hours, even as much fun as that >would >have been being as obnoxious as possible and giving them continual lectures >about how evil they are, how evil dubbya and asskruft are, how much I think >that >people like them need to be rounded up and put into re-education centers >and >given lobotomys so they can never bother decent people again -- still, I >really >wanted to make it to the job. > So we were standing there at a bit of an impass, me saying "no, you >cannot >search me." Then he says, "Well, for my own safety, I have a right to >search you >for a weapon." I really, really, wish it had been some other time, so I >could >have forced the issue and made him call for reinforcements, because it >would >have been obvious to all and sundry that what this was really all about was >the >big 3 foot tall lighted 24/7 peace sign on the roof of my house and the >bumper >stickers on my truck and perhaps my hair, but -- ah well, maybe I'm getting >old >-- so I let him do it. And, of course, instead of just patting me down, he >went >thru all my pockets. Then he went over to the truck with my keys, and I >thought >he was going to search that too, but then he must have realized he was >stepping >into some real shit, with and stopped, put my keys on top of the truck, and >got >back into his car and told me I could go. > So what am I ranting about? I'm not sure -- mostly, I guess, about how >far >things have gone. That some young skinhead pig thinks he can do something >like >this and get away with it. And it pisses me off more that it was such an >in-opportune time, because I really do love so much going off on them and >watching their stupid little faces get so flustered, watch their hands >twitch >nervously toward their guns. I really envy all those Iragis with their easy >access to RPGs -- that's probably the only real answer. > You know, there really are a lot of useless eaters, far too many >oxygen >thieves, in this country. But it's not the welfare mothers and poor that >Tim >always ranted about -- it's the pigs and those morons with the flags on >their >cars and imprinted on their brains. > On the good side, I went to the Midwest Renewable Energy Fair this >weekend, >and sat just a few feet away from the stage where John Stauber and then Amy >Goodman spoke, primarily about the media sellout in this country. > > > >On Mon, Jun 21, 2004 at 01:45:19PM -0400, Tyler Durden wrote: > > > > OK...so say an officer is at the beach and spots some hot chick in a > > bathing suit, with obviously no ID on her person. And let's say this > > officer "believes" that this chick has a bag of pot at home. Can he just >go > > and arrest her? > > -TD > > > > > > >From: Eric Cordian > > >To: cypherpunks at minder.net > > >Subject: Citizen Units Must Give Names > > >Date: Mon, 21 Jun 2004 09:52:44 -0700 (PDT) > > > > > >One used to have the right to be known by any name one wished, as long >as > > >one did not do so for the purpose of committing fraud, or impersonating > > >someone else. > > > > > >One certainly has an absolute right to refuse to speak to a government > > >employee when accosted. > > > > > >So it is difficult to understand the Court's "reasoning" in this case. > > > > > > >http://www.reuters.com/newsArticle.jhtml?type=domesticNews&storyID=5473543 > > > > > >----- > > > > > >WASHINGTON (Reuters) - A divided U.S. Supreme Court ruled on Monday >that > > >people are required to identify themselves when asked to do so by >police, > > >and rejected arguments that it violates their constitutional rights to > > >privacy and to remain silent. > > > > > >... > > > > > >-- > > >Eric Michael Cordian 0+ > > >O:.T:.O:. Mathematical Munitions Division > > >"Do What Thou Wilt Shall Be The Whole Of The Law" > > > > > > > _________________________________________________________________ > > Watch the online reality show Mixed Messages with a friend and enter to >win > > a trip to NY > > >http://www.msnmessenger-download.click-url.com/go/onm00200497ave/direct/01/ > >-- >Harmon Seaver >CyberShamanix >http://www.cybershamanix.com >Hoka hey! > _________________________________________________________________ MSN 9 Dial-up Internet Access fights spam and pop-ups now 3 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/ From dave at farber.net Thu Jun 24 08:07:35 2004 From: dave at farber.net (David Farber) Date: Thu, 24 Jun 2004 11:07:35 -0400 Subject: [IP] Bruce Schneier: Unchecked police and military power is a Message-ID: security threat X-Mailer: Apple Mail (2.618) Reply-To: dave at farber.net Bruce Schneier: Unchecked police and military power is a security threat Bruce Schneier June 24, 2004 SCHNEIER0624 As the U.S. Supreme Court decides three legal challenges to the Bush administration's legal maneuverings against terrorism, it is important to keep in mind how critical these cases are to our nation's security. Security is multifaceted; there are many threats from many different directions. It includes the security of people against terrorism, and also the security of people against tyrannical government. The three challenges are all similar, but vary slightly. In one case, the families of 12 Kuwaiti and two Australian men imprisoned in Guantanamo Bay argue that their detention is an illegal one under U.S. law. In the other two cases, lawyers argue whether U.S. citizens -- one captured in the United States and the other in Afghanistan -- can be detained indefinitely without charge, trial or access to an attorney. In all these cases, the administration argues that these detentions are lawful, based on the current "war on terrorism." The complainants argue that these people have rights under the U.S. Constitution, rights that cannot be stripped away. Legal details aside, I see very broad security issues at work here. The Constitution and the Bill of Rights were designed to ensure the security of people: American citizens and visitors. Their limitations of governmental power are a security measure. Their enshrinement of human rights is a security measure. These measures were developed in response to colonial tyranny by Britain, and have been extended in response to abuses of power in our own country. Laws mandating speedy trial by jury, laws prohibiting detention without charge, laws regulating police behavior -- these are all laws that make us more secure. Without them, government and police power remains unchecked. The case of Jose Padilla is a good illustration. Arrested in Chicago in May 2002, he has never been charged with a crime. John Ashcroft held a press conference accusing him of trying to build a "dirty bomb," but no court has ever seen any evidence to support this accusation. If he's guilty, he deserves punishment; there's no doubt about that. But the way to determine guilt or innocence is by a trial on a specific indictment (charge or accusation of a crime). Without an indictment, there can be no trial, and the prisoner is held in limbo. Surely none of us wants to live under a government with the right to arrest anyone at any time for any reason, and to hold them without trial indefinitely. The Bush administration has countered that it cannot try these people in public because that would compromise its methods and intelligence. Our government has made this claim before, and invariably it turned out to be a red herring. In 1985, retired Naval officer John Walker was caught spying for the Soviet Union; the evidence given by the National Security Agency was enough to convict him without giving away military secrets. More recently, John Walker Lindh -- the "American Taliban" captured in Afghanistan -- was processed by the justice system, and received a 20-year prison sentence. Even during World War II, German spies captured in the United States were given attorneys and tried in public court. We need to carry on these principles of fair and open justice, both because it is the right thing to do and because it makes us all more secure. The United States is admired throughout the world because of our freedoms and our liberties. The very rights that are being discussed within the halls of the Supreme Court are the rights that keep us all safe and secure. The more our fight against terrorism is conducted within the confines of law, the more it gives consideration to the principles of fair and open trial, due process and "innocent until proven guilty," the safer we all are. Unchecked police and military power is a security threat -- just as important a threat as unchecked terrorism. There is no reason to sacrifice the former to obtain the latter, and there are very good reasons not to. Bruce Schneier, Minneapolis, is chief technology officer of Counterpane Internet Security Inc. and the author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain World." ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From checker at panix.com Thu Jun 24 11:37:46 2004 From: checker at panix.com (Premise Checker) Date: Thu, 24 Jun 2004 14:37:46 -0400 (EDT) Subject: [>Htech] Infoshop News: Surveillance and Domestication Message-ID: Surveillance and Domestication http://www.infoshop.org/inews/print.php?story=04/06/21/3538869 posted by [1]Anon on Monday June 21 2004 @ 03:25AM PDT [2]Spying and Spooks SURVEILLANCE AND DOMESTICATION John Connor on the rise of surveillance and our acquiescence in it Surveillance is sold to us on the grounds that 'the innocent have nothing to hide', but the reluctance of the watchers to also become the watched--the police will plead 'operational security' to excuse themselves from disclosing even the most trivial points of detail about themselves, such as canteen menus, etc--shows this as both a transparent excuse to extend surveillance way beyond the point where it should be socially acceptable and a disguising of what is in the interests of the powerful with reference to what is supposedly 'in the interest of all'. THE WORM IN ADAM'S APPLE By way of excusing current levels of surveillance, where there is now one camera / four people in UK alone, it is possible to present the first band societies 'where everyone knew everyone else's business' as the most surveilled societies of all. This totally misses the point, however, as people then felt they were 'everyone else's business'. Although individual's 'right' to 'do their own thing' in negotiation with the band regardless of traditional custom was highly respected,1 there were not the firm boundaries of selfhood that characterise capitalism's atomised individualism, not least because personal and societal survival were so intimately interrelated. Part of your identity was your relationship to the rest of the band and you would not be complete without this, nor think of withholding something from them as you would from yourself. These were free, equal societies where an unevenness of knowledge, where it was hoarded to advantage one over another, was an entirely alien, civilised concept except possibly between genders and then not always. In fact, continuous sharing of news and skills were as much part of the fabric of daily life in hunter-gatherer societies as the sharing of tools (usufruct) and resources. With the rise of class society, where it became in the interests of the labouring majority to conceal resources and information about them, work rates etc ,from the non-labouring minority overseeing them, it equally became in the interests of the latter to try to find out what was being concealed from them. This, in truth, was the birth of the surveillance society, it's limited effectiveness still pretty much restricted to what could be seen directly by overseers and residual 'group think' that led people to disclosure information they really wouldn't in modern, individualistic societies. Alvarez's Centuries of Childhood is very good in pointing this up in the Medieval era, when any idea of an 'internal dialogue' was the privilege of a literate monastic minority. Others would say what they thought, their expression being limited to the presence of others with whom it could be shared - possibly getting back to the ears of feudal law enforcers and tax collectors. The most radical significance of the book in terms of shaping the human psyche was that it allowed private thoughts and expression in 'dialogue' (for surely the relationship is not mutual in the way conversation is) with the page. The first diaries--typically records of spiritual exercises by cloistered divines--are thus Medieval. The self-enclosure facilitated by writing led, of ruling class necessity, to the elaboration of more sophisticated techniques of surveillance - the spy networks engendered by Elizabeth I's courtier Sir Francis Walsingham, for example, still celebrated as original in Establishment spook circles today. They would solicit disloyal comment through infiltration techniques, pretending to be who they were not to suspects, as well as incidentally engaging pretty comprehensively in mail interception and attempting to crack counter-measures such as concealment and cipher. They were still largely dependant on the word, however, often words procured by duress (torture) and misrepresentation (forgery or 'over-reading' of intercepted correspondence). Of course, this was also the era of the witch hunts with their 'spectral evidence' (the testimony of 'victims of witchcraft'), but this dependence reached its apex in the reign of Charles II and the baseless conspiricising of the Protestant fanatic Titus Oates and his 'Popish Plot'. Simply on the basis of tortured 'confession' and guilt by association, an anti-Catholic pogrom was whipped up, though its only true substance was Oate's own paranoid fantasy. THE ALL-SEEING EYE This sort of thing may have been adequate as an instrument of terror befitting the majesty of absolute kings, but increased rationalism and individualism associated with the ascendance of Protestantism, with its claims of the believer's unmediated relationship with the Divine, meant consequent increased demands for physical evidence as a break on the arbitrary power of courts (both kingly and judicial), especially in matters concerning the 'sanctity' of private property. Paradoxically, as well as demanding more explicit legislative regulation, the bourgeoisie's pet religion also demanded greater self-regulation, the self now being bounded by contract- and financial relationships rather than intimate, social relationships. Thus we have the commonplace appearence2 of the divine 'all-seeing eye', as seen miserably decorating Protestant homes and chapels to this day, as well as topping the Masonic pyramid Washington and Jefferson incorporated into the design of every dollar bill. This idea of 'the Lord sees all' meant that even the individualistic Protestant clung on to the vestige of community, of public being,, in the sense of being in a community of two, s/he and the ever-watchful God, even if real community--typically more reciprocal, less judgmental of 'sin' and 'slackness'--was sacrificed to such an unremitting moralistic code in consequence.. As well as insisting that the worshipper be hard-working and thrifty, the Protestant faith self-imposed harsh standards of personal behaviour when it came to the body and bodily interaction with others. As Norbert Elias classic study of the rise of 'good manners', The Civilising Process, graphically documents, food became problematic, no longer to be indulged in gluttonously or passed from mouth to mouth but rather, like sexual or excretory functions, to be seen as a shameful concession to physicality to be controlled and bounded by taboos, best a private thing the better to avoid public shame. Such etiquette was literally domesticating, confined to the home, and homes too became more elaborate, with particular concessions to the body confined to particular rooms - a dining room for eating, a toilet for excretion (the corners of rooms having previously been preferred, even at Louis XIV's Versailles!), and the bedroom for sex behind curtained, canopied beds. The point of all this specialised architecture--of privacy--was that as few people saw it as possible. And so lose respect for someone shamefully indulging their body, as if we all don't It was mainly something between a wo/man and the all-seeing Lord. SEEING BY NUMBERS A combination of capital accumulation secured by resultant fixed, abstract laws and 18th century innovations in food production and transportation made the mega-cities that characterised the Industrial Revolution possible. This, then, was when surveillance came of age. On one level, faced with cities inhabited by millions, many born and raised undocumented or newly immigrated from the countryside and forming tight village / ghetto communities closed to casual investigation by outsiders, it was impossible to surveil them using the old techniques of gossip gathering On the other hand, this redoubled the need for self-surveillance as a curb on the spontaneous, riotous street mob behaviour of previous centuries as the only practical guarantor of social order. On a general level, the inculcation of a self-denying moral code into the poor was the responsibility of charismatic Methodism--as in the ruling class dilemma of the early-1800s, 'Wesleyism or revolution?'--and later 'do-gooders' dispensing unwanted advice about thrift, temperance and other supposedly good domestic practice. For those who wouldn't accept social inequality as a problem to be resolved by behaviour adjustment on their part, there was the hero of bourgeois rational social calculation, Jeremy Bentham, and his panoptican, a prisonhouse designed to do this architecurally.3 It's two key features were (1) individual cells, a rule of silence and the hooding of inmates outside their cells to enforce complete isolation from their community and force them to fall back on the Protestant 'God and I' 'community' instead and (2) a central tower from which guards could watch each cell unobserved, much like the Protestant God. Whether actually watched or not, the prisoner had to assume the worst for fear of harsher punishment, also inculcating a feeling of permanent surveillance and thus self-regulation. Needless to say, in practice this brutal, unnatural treatment amounted to sensory deprivation and whilst it made some suggestible enough to be effectively brainwashed, it broke others entirely, yielding horrifying hallucinations and self-harm. As recidivists could expect many more years in such a system than first offenders, there was naturally an attempt to evade such treatment by increased anonymity and impersonation of identities amongst the urban poor. Of course, Michel Foucalt dealt with this extensively in his Discipline and Punish, but it is often forgotten that the first concern of the new generation of surveillants was not to control crime but rather to contain disease, a much more widespread and deadly threat to the rich living in close geographic proximity to the poor. High walls, sturdy footmen in livery and a mastiff would no way keep cholera from their doors, so we find as early as the 1830s the first epidemiologists descending into the unplumbed depths of 'darkest London' o identify sources of disease and its carriers. This was rightly seen as social control being imposed on areas that typically rioted before admitting even one of Robert Peel's newly-minted 'blue devils' (police). The proletariat typically refused to acknowledge the reality of epidemic crowd diseases such as cholera (uniquely deadly in the early megalopolises and once a key check on their development) and to destroy cholera carts intruding into their space as a conspiracy to confine the poor to 'houses of death' (as they reckoned hospitals, not without justification) for the sadistic amusement of surgeons, during and after life.4 And, of course, the poor only had to look to the panoptican to see with what degree of humanity they would be treated by the new impersonal total institutions we seem so disturbingly accepting of today. A combination of a bureaucracy not sophisticated enough for individual documentation of entire populations before that developed out of regimented military practice during the American Civil War, and widespread illiteracy and resistance by its intended target population meant that the issuing of identification documents to the poor for voluntary presentation was not practical. In fact, it was so impractical that the threat of epidemic disease wasn't resolved by way of identifying and confining individual carriers (typically bourgeois moralistic 'blaming the victim') but rather by anonymous sanitation measures such as the building of London's sewers in reaction to the 'Great Stink' of the 1850s, even though the idea of the state assuming responsibility for such massive, tax-eating public works would have previously been anathema to bourgeois sensibilities. The breakthrough came in Paris as late as 1870 when a Surete clerk Alphonse Bertillon developed biometrics from a 14th century Chinese model. Bertillonage considered of individually identifying anonymous individuals by a 20 minute examination when many key features of their body--their height, the length of their limbs, the spacing of their facial features--were systematically measured and then recorded to card indexes. Potential recidivists were typically uncooperative during these examinations, later (1903) augmented by 'mug shots', so called by the subject 'mugging' (pulling faces) at the camera in an (often amusingly successful) effort to make themselves less identifiable in future. It should be noted that Bertillon was heavily influenced by the imperial anthropology of its day, with its emphasis on the physical classification of 'types'. Like the absurd Italian criminologist Lombroso, he attributed mental and moral characteristics to these physical signs, typically in a classist and racist manner than only served to reinforce such ideologies in future. Bertillonage finally failed and fell out of police use not because it was racist or unwieldy or even because it was felt to be an excessive intrusion on individual privacy ('sir, my statistics are my own') but rather because it couldn't do it's job. In 1903, a man called Will West was confined to Leavenworth jail for murder on the basis of biometric measurements actually appropriate to another man, coincidentally also called William West, despite a supposed 243m-to-one chance against this happening (not counting any slips of the police tape measure!). Besides, by then they had something quicker to collect and easier to file, which didn't require the perp's physical presence to identify him. It is probably no surprise that fingerprinting arose from a colonial context, that other great 'submerged mass' that caused the Victorian elite such worry. A chief magistrate in Jigupoot, Sir William Herschel first noticed in 1856 that Indians either illiterate or otherwise unfamiliar with English script signed themselves with thumb prints instead of writing, an administrative procedure for unique identification he adopted himself. From there, it was a short step to Darwin's pal Sir Francis Galton writing this up in the scientific journal Nature and a former supremo of Bombay's colonial police, Richard Henry introducing fingerprinting to Scotland Yard's repertoire of crime detection procedures in 1896. LEARNING TO LOVE BIG BROTHER Although the state had a technique for distinguishing one anonymous individual from another with unerring accuracy,5 this was fairly useless if that individual could disappear into the anonymous urban mass. As former Resistance fighter Jacques Ellul noted in his Technological Society, an immediate consequence of seeking to surveil particular individuals is that the whole society in which they might conceal themselves has to be surveilled also, the 'innocent' majority as intensively as the 'guilty' few. Perhaps more surprisingly, by the time fingerprinting was initiated, the resolute resistance to classification of the early-19th century was crumbling. There were a number for factors accounting for this, but key was the inducements offered the majority not to remain anonymous. Mass education on a monitor system--much like that adopted by Napoleon's Grand Armee, the basis of Bentham's panoptican--not only provided a more literate, technically sophisticated workshop with a greater chance of individual socio-economic betterment, it also meant the young came to accept such treatment as normal--both classification by name and number and harsh restrictions on personal behaviour in class ('no talking, no fidgeting')--and could be systematically documented, generation by generation. This was augmented by the centralisation of registers of births, deaths and marriages in places like Somerset House instead of scattered through disparate parishes, the taking of censuses to facilitate national planning,, and the creation of employment-based taxation which meant both bosses and workers (unless inclined to fraud) had to declare their identities along with their earnings if they were to make a living at all. Even systematic mapping, such as carried out initially for military reasons by the Ordnance Survey, meant that space in which people could exist anonymously evaporated ('everyone in their place'). This process was only accelerated by the Liberal welfare reforms of the early-1910s and the post-World War 2 creation of the welfare state, both of which had disclosure of identity as prerequisite requirements of receiving their services. It was a citizen's 'right' (the 'carrot') and 'duty (the legislatively-enforced 'stick') to enter into all this, without realising that my surrendering their anonymity to the state, they were also surrounding a key check on its otherwise unlimited power. I could rehearse at great length the elaboration of technological means that now exist to strip us of any possibility of anonymity, but this is done elsewhere this issue and besides, there is always Privacy International to consult. I will note that when a text like The Technology of Political Control was written in the supposedly paranoid 1970s, the suggestion that a comprehensive database could be linked with face recognition programmes and cameras blanketing every public space in the country was regarded as pure science fiction, something out of George Orwell's dystopian 1984. But today this is, of course, a reality and augmented by overgrown police and internal security agencies, parallel services like social workers and market researchers that want to know everything from the value of your home through to your children's eating and TV watching habits the better to predict and manipulate you, easily surveilled e-communications (ECHELON) and card transactions, 'predictive' databases and profiling,, and any other amount of technical intelligence. No - the point of this section is to explore why people have come to accept that quarter of a century ago would've been thought totalitarian ('like Russia') and nightmarish. We've already had the homo Economicus version above - that people gained in terms of access to education, employment and healthcare by bringing themselves to the attention of the state and lost in terms of prosecution if they failed to do so. However, I think there is more to it than this. A phenomenon like mass observation in the inter-War years was popularly and eagerly supported in its detailed documentation of everyday life - and what do you make of the dating rituals in Chile where, after years of state-orchestrated surveillance to the nastiest of ends, courting couples now trail each other round with video cameras, 'romantically' building files on each other? The point is that with all the mass institutions that came out of Bentham's panoptican, the traditional role of the community in providing education, employment and neighbourly care has been replaced by these. Community has been replaced by institutionalised specialisation and so people feel it only natural that such specialists look out for them now there is no meaningful community to. They have been given no reason to get to know other people and so have no reason to trust them. Far from it - as society atomised, anyone can be a criminal under the rubric of surveillance and lacking any social feeling except fear of punishment under the eye of the camera only encourages selfish behaviour. Of course, the cameras are sold on the grounds not that we are the criminals, but that they are there to protect us from everyone else who potentially is. The old Wesleyans were right that give someone a penny in their pocket and the slightest whiff of a chance of advancement and they'll see everyone else around them as a threat to that, either as potential thieves or as temptations to be repudiated with the zeal of the tempted. 'Terrorists' are currently flavour of the month threat. Before that it was 'paedophiles', meaning kids had to be microchipped and cameras installed in every family home while a generation of kids turned into scared, whiny couch potatoes alongside their parents. Not many years ago it was witches, for fucksakes, absurd social workers seeing cracking the local coven of 'satanic abusers' as their next step up the career ladder. If this doesn't convince you what nonsense it all is, it's agreed that now surveillance is so ubiquitous it can't displace crime anywhere else (itself surely an exercise in imposed policing), it's not actually reducing crime rates. Offences of violence people fear most--irrationally, as they're still rare--are committed spontaneously by people too drunk or angry to be deterred by a camera or too cunning to get filmed by one. Why do people still welcome surveillance despite this? Well, the reliance on experts and definition of ourselves that comes through identification with their institutions and their representations of us--qualifications, income, birth and marriage certificates, conformity to consumer trends, and all the rest of that inane kit and caboodle--continually serves to emphasise our insignificance, an eight digit number in their overwhelming megamachine. It is this that leads people to love Big Brother, essentially a show where we pass tabloid-like judgement on intensively surveilled wannabe nonentities undergoing months of sexual frustration in the hope of getting to be childrens' TV presenters at the end, Endemol's even more sinister Shattered where people were subjected to voluntary sleep deprivation in the manner of victims of Stalin's Cheka, and even lower on the totem pole, searching for themselves in crowd shots (be it big sporting events, pseudo-archaic spectacles typically orchestrated by the royals, or futile 'crawl round London' marches) or 5 second slots on clip shows using RL footage the police or whoever have cobbled together as an extra earner. ONE IN THE ELECTRONIC EYE! How do we put an end to the reign of surveillance - assuming you don't want to lead over-controlled lives like shadows until you die of boredom and insignificance, that is? Well, firstly don't take advice from me and start thinking for yourself, but a few suggestions include: * First realising that there is not a quip pro quo between you and those surveilling you, that they are not accountable to you, that they have no right to do to you what they would not tolerate done to themselves, and potentially these voyeuristic parasites have the power to make quite a mess of your life from as little motivation as boredom-induced whim. They are the enemies of a free society, not its guarantors, a further concentration of state power that prevents any injustice being righted. * Unplugging yourself from all the BS images surrounding you--the clowns in the Big Brother house, the endlessly banal biogs of the lives of the rich and famous, the five day fashions, all that irrelevant crap--and learning to laugh at them and (with consequent increased self-confidence) yourself and your past folly * Unplugging others through irreverent satire and sheer indifference to the manufactured dreams they undoubtedly hold so dear. You'll probably start with the people you know best (typically a tiny number now people have careers, not friends) but best try to broaden it out a bit more than that, as a key factor for sustaining a surveillance society is intolerance and fear of anyone at all different. The new / old you will have better things to do and talk about, maybe even the recreation of authentic, trusting human connections without constant manufactured electronic babble and distraction, of baseless paranoia. * Disconnection and direct action of a more 'hands on' kind, a refusal to fill in tax returns and other official or quasi-official requests for information--the census, market research, card applications--.or responding to them in absurd, misleading ways to gradually fill their databases with (even more) useless shit. Believe me - when up against it, you'll find it's really possible to live without that credit card and all the form-filling bureaucratic BS, especially with a few mates on board with you too. Reformists please note: denying paperwotk and opportunities to surveil the public cuts the lifeblood of the dozens of agencies that exist principly for that purpose, so they can start being laid off as irrelevant too. And the campaign against speed cameras is way to go for all intrusive surveillance and related records, the creation of genuine unmonitored space (at risk of sounding bogus: 'liberated zones') and the return of the lawless, deprogrammed 18th century King Mob! In conclusion, I'd like to say that I am not arguing for 'privacy', a thoroughly bourgeois concept based on self-disgust and shame. No, let yourself go and do what comes naturally - fuck in the streets, I say! I am arguing for the revolutionary re-creation of original, genuine community where there are no secrets, no shame and no surveillance of the powerful as a tool to rule over the powerless. NOTES 1 In his Human Cycle (Touchstone, 1983), Colin Turnbull cites a Mbutu (Pygmy) lad taking a nanny goat as his 'wife', something his band members discourage not with the horror of taboos against inter-species sex being violated you might expect in this society (they have none, though the situation was unusual) but because, as a domesticated village animal, the she-goat could not be expected to cope adequately in their beloved forest. The Mbutu typically extend refusal of the distinction between self and other to that between human and other. 2 It had its origins in the early individualism of monasticism, of course. We have not missed the irony that though denouncing 'monkery', Protestants bought monastic practice outside its traditional confines, universalising its body-loathing codes of behaviour. 3 The first such panoptican was HMP Pentonville, London, where I was myself confined in 1988. 3 Ruth Richardson's Death, Dissection and the Destitute (Routledge & Kegan Paul, 1987) is excellent on this. See also my forthcoming essay, 'When Doctors Were Hated'. 5 In fact they did not. As with Bertillonage, there is an outside statistical chance of accidental correlation of fingerprints from otherwise dissimilar individuals--and there have been documented miscarriages of 'justice' arising from this--and twins always have identical fingerprints. As de facto clones, even DNA doesn't distinguish twins, only retinal scans as the pattern of blood vessels at the back of the eye develops post-natum. The latest issue of Green Anarchist (UK) #71/72 is out now. Availble for #1 from BCM 1715, London, WC1N 3XX. Or in the US from Black and Green distribution, P.O. Box 835, Greensburg, PA 15601, USA. This issues core focusses on Surveillance and the Big Brother society. References 1. http://www.infoshop.org/inews/profiles.php?Author=Anon&AuthorEmail=vasb at terra nanepuvfg.bet&AuthorURL=http%3A%2F%2Fwww.greenanarchist.org 2. http://www.infoshop.org/inews/stories.php?topic=18 ------------------------ Yahoo! Groups Sponsor --------------------~--> Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/PMYolB/TM --------------------------------------------------------------------~-> -----BEGIN TRANSHUMANTECH SIGNATURE----- Post message: transhumantech at yahoogroups.com Subscribe: transhumantech-subscribe at yahoogroups.com Unsubscribe: transhumantech-unsubscribe at yahoogroups.com List owner: transhumantech-owner at yahoogroups.com List home: http://www.yahoogroups.com/group/transhumantech/ -----END TRANSHUMANTECH SIGNATURE----- Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/transhumantech/ <*> To unsubscribe from this group, send an email to: transhumantech-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Thu Jun 24 05:54:38 2004 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 24 Jun 2004 14:54:38 +0200 Subject: [IP] Update on the INDUCE Act (now renamed the "IICA") (fwd from dave@farber.net) Message-ID: <20040624125438.GC12847@leitl.org> If this thing goes through I'm going to laugh, and laugh, and laugh. ----- Forwarded message from David Farber ----- From eugen at leitl.org Thu Jun 24 08:18:02 2004 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 24 Jun 2004 17:18:02 +0200 Subject: [IP] Bruce Schneier: Unchecked police and military power is a security threat (fwd from dave@farber.net) Message-ID: <20040624151802.GD12847@leitl.org> ----- Forwarded message from David Farber ----- From mv at cdc.gov Thu Jun 24 21:45:09 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 24 Jun 2004 21:45:09 -0700 Subject: [IP] When police ask your name, Message-ID: <40DBADD5.66148E2@cdc.gov> At 05:16 AM 6/22/04 +0200, Eugen Leitl wrote: >----- Forwarded message from dave at farber.net ----- >The court's 5-4 decision upholds laws in at least 21 states giving police >the right to ask people their name and jail those who don't cooperate. I'm out of it for a few weeks and this is what happens. How many names can a person have? Anyone can change their name any number of times if not for fraudulent purposes. My brother changed his middle name from something normal to Cariboo. My dad's a lawyer so the fees were zero. Can I use Major Variola (ret) as a nym since I use it? Must I spell my last (real) name which is hard to write as its from another language? Can I abbreviate? Can I have a religious exemption (We do not identify our religion to nonbelievers, nor do we speak to government officials, in my faith). Can I use cyrillic or mandarin to write it, a temporary bout of elective mutism? Of course lying to a pig is illegal (but not vice versa) but lying is subject to interpretation. My name is yahway, ie I am. Yours is go away, ie fuck off. Go for the head shot, they're wearing body armor. Suicide by police is a noble cause, if you take one of them out. From mv at cdc.gov Thu Jun 24 21:47:20 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 24 Jun 2004 21:47:20 -0700 Subject: My name is ! Message-ID: <40DBAE57.FF149C6E@cdc.gov> clicks are rare now but may have been common when humans hunted as they are more discrete. they are notated by modern linguists as !. Vietnamese has punctuation marks up the kazoo. Futurist types often pick new names for themselves. Is ESPN a name? Can I use unicode on my son's birth cert? From mv at cdc.gov Thu Jun 24 21:50:02 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 24 Jun 2004 21:50:02 -0700 Subject: Agent Smith Message-ID: <40DBAEFA.2267791A@cdc.gov> >Don't citizens have to have an english-alphabet transliteration of their >name to use for legal purposes (birth certificate, green card, social >security record)? Not in the US. In Japan and some nordic countries, only established names can be registered. >The DMV differentiates same-name people by SSN, right? Is it very >far-fetched to imagine that state courts and federal appeals courts will >uphold state laws requiring SSN disclosure for identification purposes? I'm sorry, I only have a memory capacity of 7 plus or minus 2. I can deny my memory, particulary under stress of interrogation. Or I could use J. Edgar Hoovers which I sometimes mistake for mine. From mv at cdc.gov Thu Jun 24 22:19:57 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 24 Jun 2004 22:19:57 -0700 Subject: my name is Doe, John Doe Message-ID: <40DBB5FD.F5E0D24E@cdc.gov> How about Mr. Null Void? That should be plenty of fun for data-entry clerks and the like.. From mv at cdc.gov Thu Jun 24 22:27:11 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 24 Jun 2004 22:27:11 -0700 Subject: tastes like... Message-ID: <40DBB7AF.49F3C113@cdc.gov> At 11:05 AM 6/24/04 -0400, Tyler Durden wrote: >Hum...perhaps some oregano needs to be laced with cy*n*de or something. Let >that piece of shit sniff THAT....he did, after all, literally ask for it. >You could even say, "Uh, you don't want to sniff that..." LD50 for KCN is about 3mg/Kg. Not only a good way to eliminate homeless people (leave a packet around) but if the cops still do gum-numbing tests you'd want to crush some Castor seeds and extract the water soluable protein. A few days later his ribosomes stop working, no more proteins mean no more fascism. Also a good plan if you are a vendor to the children of D.C. fascists. From bill.stewart at pobox.com Thu Jun 24 23:01:58 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Thu, 24 Jun 2004 23:01:58 -0700 Subject: My name is ! In-Reply-To: <40DBAE57.FF149C6E@cdc.gov> References: <40DBAE57.FF149C6E@cdc.gov> Message-ID: <6.0.3.0.0.20040624225637.048276a8@pop.idiom.com> At 09:47 PM 6/24/2004, Major Variola (ret) wrote: > Subject: My name is ! I had parsed the Major's Subject line diffently, and was expecting this to be followed by My name is ! My name is ! My name is ! Slim Shady I'm Slim Shady! I'm the _real_ Slim Shady! All you other Slim Shady's are just imitatin! etc. etc. and while a cop might not expect you to break out into song when asked a straightforward question, cops these days who aren't doing extortion are mostly doing political theater, so why not a bit of musical theater, at least as long as you convince the RIAA that what you're doing is _advertising_, not plagiarism... From gbnewby at pglaf.org Fri Jun 25 01:08:58 2004 From: gbnewby at pglaf.org (Greg Newby) Date: Fri, 25 Jun 2004 01:08:58 -0700 Subject: [p2p-hackers] The Fifth HOPE in NYC (fwd from vab@cryptnet.net) In-Reply-To: <20040625080238.GT12847@leitl.org> References: <20040625080238.GT12847@leitl.org> Message-ID: <20040625080858.GB15161@pglaf.org> On Fri, Jun 25, 2004 at 10:02:40AM +0200, Eugen Leitl wrote: > ----- Forwarded message from "V. Alex Brennen" ----- > > From: "V. Alex Brennen" > Date: Thu, 24 Jun 2004 09:24:56 -0400 > To: "Peer-to-peer development." > Subject: [p2p-hackers] The Fifth HOPE in NYC > User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040616 > Reply-To: "Peer-to-peer development." > > At The Fifth HOPE a talk will be given on how to break > anonymity networks. Some commonly used p2p code such as > Tor and the remailers will be covered. > > I cannot attend the conference. Is anyone on the list going > who could report back? I'm interested to hear if anything > other than what's already been widely published is covered > in this talk. Yes, I'm one of the 5H organizers. We'll be audio & videotaping, so eventually you'll be able to get the full story. I'll try to write something up afterwards, or email me directly. From the description, it's hard to tell whether this will be something revealing, or just a review of the well-known. -- Greg > I'm working on a p2p anonymity project. > > > Thanks, > > - VAB > > > The Fifth HOPE, NYC July 9-11th, 2004 > http://www.the-fifth-hope.org/ > How To Break Anonymity Networks > Nick Mathewson > > Today's anonymous communication software (such as Mixmaster, Mixminion, > Nymservers, JAP, Tor, Anonymizer, etc.) allows people to communicate > while concealing their identities from each other and from external > attackers. But no deployed system is strong enough to protect every > pattern of user behavior against a sufficiently resourceful adversary, > and many of them fall to far simpler attacks. In this talk, Nick will > discuss working attacks against today's anonymity networks, drawing from > past technical and social attacks on deployed networks and from recent > academic research in traffic analysis, stylometry, and mix-net design. > He will present defenses to these attacks when such defenses are known > to exist. > > Saturday 2300 > Area "B" > _______________________________________________ > p2p-hackers mailing list > p2p-hackers at zgp.org > http://zgp.org/mailman/listinfo/p2p-hackers > _______________________________________________ > Here is a web page listing P2P Conferences: > http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences > > ----- End forwarded message ----- > -- > Eugen* Leitl leitl > ______________________________________________________________ > ICBM: 48.07078, 11.61144 http://www.leitl.org > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > http://moleculardevices.org http://nanomachines.net From Bruce_Tefft at sra.com Fri Jun 25 04:58:50 2004 From: Bruce_Tefft at sra.com (Tefft, Bruce) Date: Fri, 25 Jun 2004 07:58:50 -0400 Subject: [osint] Your License, Your Urine Message-ID: http://www.alternet.org/story/19008/ Posted on June 21, 2004 Your License, Your Urine By Paul Armentano Imagine if it were against the law to drive home after consuming a single glass of wine at dinner. Now imagine it is illegal to drive after having consumed a single glass of wine two weeks ago. Guess what? If you smoke pot, it's time to stop imagining. Legislation weaving its way through the US Congress demands all 50 states pass laws granting police the power to drug test drivers and arrest anyone found to have "any detectable amount of a controlled substance ... present in the person's body, as measured in the person's blood, urine, saliva, or other bodily substance." Though the expressed purpose of the law is to target and remove drug-impaired drivers from US roadways, the proposal would do nothing of the sort. Most troubling, the proposed law -- H.R. 3922 -- does not require motorists to be identifiably impaired or intoxicated in order to be criminally charged with the crime of "drugged driving." Rather, police have only to demonstrate that the driver has detectable levels of illicit drugs or inactive drug metabolites in their blood, sweat, saliva or urine. As many pot smokers know, marijuana metabolites are fat soluble, and remain identifiable in the urine for days and sometimes even weeks after past use. Consequently someone who smoked a joint on Monday could conceivably be arrested on Friday and charged with "drugged driving," even though they are perfectly sober! Here's how the law would work. Police, at their discretion, could order motorists during a traffic stop to undergo a drug test, most likely a urine test. If the driver's urine tests positive for prior pot use then he or she would automatically be charged and eventually found guilty of the criminal offense of driving under the influence of drugs -- even if the pot in question was consumed weeks earlier. Under the law, the fact that the driver is not impaired is irrelevant; the only "evidence" necessary is the positive test result. So Who's Behind This? Over the past five years, a small cabal of prohibitionists, drug testing proponents and toxicologists have pushed for legislation criminalizing drivers who operate a vehicle with inert drug metabolites present in their system. To date, their efforts have persuaded ten states -- Arizona, Georgia, Iowa, Illinois, Indiana, Minnesota, Pennsylvania, Rhode Island, Utah and Wisconsin -- to pass such "drugged driving" laws, known as zero-tolerance per se laws. Leading this charge is the Walsh Group, a federally funded organization that develops drug testing technology and lobbies for rigid workplace drug testing programs. Walsh Group President, Michael Walsh, is the former Director of the Division of Applied Research at the US National Institute on Drug Abuse (NIDA) and formerly served as the Associate Director of the Office of National Drug Control Policy (ONDCP), informally known as the Drug Czar's office In November 2002, the group partnered with the ONDCP to lobby state legislatures to amend their drugged driving laws. Every state has laws on the books prohibiting motorists from driving "under the influence" of a controlled substance. Like drunk driving laws, virtually all of these laws require the motorists to be impaired by their drug use in order to be charged with "drugged driving." Nevertheless, the Walsh Group argued that these existing laws are too lax on illicit drug users. To bolster their claim, they argued -- without explanation -- that actually linking illicit drug use to impaired driving is a "technically complicated and difficult task." Their solution? States should enact zero tolerance per se laws redefining "drugged drivers" as any motorist who tests positives for any level of illicit drugs or drug metabolites, regardless of whether their driving is impaired. "There is clearly a need for national leadership at the federal level to develop model statutes and to strongly encourage the states to modify their laws," the organization concluded in a widely disseminated report. Notably, the authors failed to mention that the widespread enactment of such a policy would be a political and financial windfall for the Walsh Group's drug testing technology and consulting services. The Walsh Group is hardly the only organization with something to gain from the Bush administration's proposed "drugged driving" crackdown. Speaking at a White House-sponsored symposium in February, former 1970s Drug Czar Robert Dupont -- another ex-NIDA director who now heads the workplace drug testing consultation firm Bensinger, Dupont & Associates (BDA) -- also demanded the federal government mandate zero-tolerance drugged driving laws. "Workplace drug testing has prepared us for drugged driving testing," Dupont told attendees, arguing that just as many public and private employees are subjected to random drug screening, so should be motorists. Those drivers who test positive, says Dupont, should then be monitored through regularly scheduled drug tests, including hair testing, for a period of two to five years. "The benefits of this approach will be improved highway safety," he concluded, failing to explain how punishing sober drivers while simultaneously lining BDA's pockets would make America's roadways any safer. Cruising on Cannabis: What's the Problem? "Driving under the influence of, or after having used, illegal drugs has become a significant problem worldwide," states the preamble to H.R. 3922. However, despite the government's claim, epidemiological evidence on the number of motorists who drive under the influence of illicit drugs is scarce. Further, among the limited evidence that does exist, much of it finds that pot's measurable yet relatively mild effects on psychomotor skills do not appear to play a significant role in vehicular crashes, particularly when compared to alcohol. "Crash culpability studies have failed to demonstrate that drivers with cannabinoids in the blood are significantly more likely than drug-free drivers to be culpable in road crashes," summarized researchers Gregory Chesher and Marie Longo in the recent book Cannabis and Cannabinoids: Pharmacology, Toxicology, and Therapeutic Potential. A 2002 Canadian Senate report was even more succinct, stating, "Cannabis alone, particularly in low doses, has little effect on the skills involved in automobile driving." Nonetheless, Congress' proposed bill specifically and disproportionately targets motorists who may occasionally smoke pot because marijuana's metabolites exit the body more slowly than other drug metabolites, often remaining detectable in urine for several weeks at a time. Equally troubling, there currently exists no technology that can accurately correlate drug metabolite concentration to impairment of performance. Of course, such concerns are no bother to those in Congress who intend to ride this latest wave of drug war rhetoric to reelection. Nor are they of much worry to those in the drug testing industry who stand to make a fortune prosecuting and jailing sober pot smokers. As for everybody else, be afraid; be very afraid. And be sure to keep a fresh sample of urine in the glove compartment. This article originally appeared in Heads Magazine in Canada. (c) 2004 Independent Media Institute. ------------------------ Yahoo! Groups Sponsor --------------------~--> Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-osint at yahoogroups.com. -------------------------- Brooks Isoldi, editor bisoldi at intellnet.org http://www.intellnet.org Post message: osint at yahoogroups.com Subscribe: osint-subscribe at yahoogroups.com Unsubscribe: osint-unsubscribe at yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: osint-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Fri Jun 25 05:23:21 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 25 Jun 2004 08:23:21 -0400 Subject: Sites unseen Message-ID: Townhall.com Sites unseen Jacob Sullum (back to web version) | Send June 25, 2004 A few months ago, China Daily published a letter on its Web site from "D.H.," a reader who reported being both "extremely frustrated" and "pleasantly surprised" while surfing the Web in China. Although certain sites, such as Time magazine's, remained blocked, he said, others that seem at least as subversive, such as the online version of the pro-independence Taipei Times, were accessible. "Overall," D.H. said, "the general trend has been clear -- the list of websites blocked in China has been getting shorter and shorter." He concluded by offering "kudos to China for continuing to grant more and more freedom to the people within her borders!" I'm not sure "kudos," let alone exclamation points, are in order when a repressive government decides to be a little less repressive. But my experience during two weeks in Beijing, Changsha and Guangzhou jibes with D.H.'s impression in the sense that I encountered a puzzling mixture of sites that seemed to be blocked for political reasons and sites that were accessible even though they offered essentially the same information. Internet connections are notoriously unreliable in China, and you never see a screen that announces "This Page Blocked by the Bureau of Censorship," so caution is appropriate when discussing the government's filtering. A page that does not come up the first nine times you try to connect may finally load after the 10th attempt. But when you're unable to visit a site from different locations at different times on different days, even while other sites load with no problem, it's reasonable to surmise that the government is blocking it. Although D.H.'s letter claimed the government's BBC News block had been lifted, for instance, I was unable to open any pages from news.bbc.co.uk. Even when articles from that address showed up in Google searches, when I tried to read them all I got was "The page cannot be displayed." Likewise, as D.H. mentioned, Time was consistently inaccessible. Yet many other news sources were available, including CNN, Newsweek, The Washington Post and The New York Times. I suppose it's possible that the BBC and Time provide damning information about the Chinese regime you just can't get elsewhere, but it seems unlikely. Trying to understand the source of Chinese censors' grudges against the BBC and Time may be a fruitless endeavor. But it does seem that the government's choices about which sites to block are more a matter of retaliating for perceived offenses than limiting the flow of information in any meaningful way. Last year, the Web site of Reporters Sans Frontieres was blocked shortly after the group issued a statement criticizing the imprisonment of Chinese dissident Liu Di. Yet while in China, I was able to visit the sites of other organizations that support press freedom, including pages discussing the government's Internet censorship. Similarly, the Web sites of Amnesty International, Human Rights Watch and Freedom House appeared to be blocked, although their pages were listed in Google results. At the same time, numerous less conspicuous critics, including blogs operated by people in China, were accessible. Google itself was at one time blocked, but I used it extensively in China, where it's available in Chinese as well as English. Then again, I had trouble with certain searches. I could never get results for "Falun Gong," the banned religious group, even when searches on less sensitive topics worked fine. This sort of censorship (assuming that's what it was) is more insidious than simply blocking a Web site. Even so, a Chinese Web-surfer could still get information about Falun Gong from one of the many news and commentary sites that have not met the hazy criteria for blocking. The strange, half-free condition of Chinese Internet-users was reflected in the response to D.H.'s China Daily letter. The comments included several supporting greater freedom and one saying the BBC and Time sites should be blocked, given these news outlets' "extreme right wing views." But the most interesting comment came from D.H. himself, who warned that his letter as published did not accurately reflect his views. "I wrote an article praising less censorship in China," he said, "and it got censored. I hereby retract my praise." Whether because China's censors are sloppy or because they want to feign openness, D.H.'s complaint is still available online, even in China. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Fri Jun 25 01:02:40 2004 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 25 Jun 2004 10:02:40 +0200 Subject: [p2p-hackers] The Fifth HOPE in NYC (fwd from vab@cryptnet.net) Message-ID: <20040625080238.GT12847@leitl.org> ----- Forwarded message from "V. Alex Brennen" ----- From rah at shipwright.com Fri Jun 25 07:52:33 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 25 Jun 2004 10:52:33 -0400 Subject: Spam sender sentenced in Russia for the first time Message-ID: Spam sender sentenced in Russia for the first time - 06/23/2004 19:32 On June 22 student Dmitry Anosov from the city of Chelybinsk was sentenced forcreating software causing uncontrolled blocking computers and copying information?. His crime was about sending unsolicited messages to the owners of GSM-telephones, that is spam. The student was put on probation for one year and required to pay fine of 3,000 roubles ($100), the Kommersant reported. In the summer of 2003 the employees of cell operator companyUralsky GSM?, the subsidiary of Megafon company, complained to the police that more than 15,000 cell phone owners were receiving unquotable SMS-messages on May 23-24. The suspect was detected, his apartment was searched, and the police confiscated the material evidence the computer having the software for sending SMS-messages. According to the police, the student created the software for sending SMS-messages to the customers of Uralsky GSM company. In February, 2003 Androsov tested his software by sending several SMS-messages to a company customer. In the end of May, 2003 Androsov used somebody else?s data to connect to the Internet, and uploaded his software to the server hosted in St. Petersburg to avoid being detected, and started the software. As a result, the customers received unquotable SMS-message discrediting the image of cell phone operator Megafon company. SMS-spam sender pleaded guilty. This case can create precedent and help Russian law-enforcers and legal system to safeguard Russian society people from spam. There is a special law on spam in the USA, but Russia lacks such a law. The legal regulating of the Internet is only being discussed in Russia. Internet companies do not try to lobby special anti-spam laws. Therefore, this court verdict was unique for Russia. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Fri Jun 25 01:53:51 2004 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 25 Jun 2004 10:53:51 +0200 Subject: [IP] When police ask your name, In-Reply-To: <40DBADD5.66148E2@cdc.gov> References: <40DBADD5.66148E2@cdc.gov> Message-ID: <20040625085351.GW12847@leitl.org> On Thu, Jun 24, 2004 at 09:45:09PM -0700, Major Variola (ret) wrote: > How many names can a person have? Anyone can change > their name any number of times if not for fraudulent > purposes. My brother changed his middle name from It is precisely for these reasons that changing your name in Germany is a major undertaking (costs money, too), and is associated with a background check (clean rap sheet requried). The transcription rules for furriner names are strict, too. No Phn'glui M'gl wna'f, Cthulhu R'lyeh Wgha Nagl Ftaghn for you. Such legislation, of course, is easy to introduce in the U.S. as well. I'd be really surprised of you US cpunks didn't have a national ID cum biometrics issued (er, make that rammed down your throat) a few years downstream. Unless the general populace wakes up to the fact what's been going on since the 1970s. Fat chance. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Fri Jun 25 02:01:43 2004 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 25 Jun 2004 11:01:43 +0200 Subject: [>Htech] Infoshop News: Surveillance and Domestication (fwd from checker@panix.com) Message-ID: <20040625090142.GX12847@leitl.org> ----- Forwarded message from Premise Checker ----- From brian-slashdotnews at hyperreal.org Fri Jun 25 09:26:08 2004 From: brian-slashdotnews at hyperreal.org (brian-slashdotnews at hyperreal.org) Date: 25 Jun 2004 16:26:08 -0000 Subject: Fingerprint Scanners Still Easy to Fool Message-ID: Link: http://slashdot.org/article.pl?sid=04/06/25/1315254 Posted by: michael, on 2004-06-25 14:11:00 Topic: security, 237 comments from the mission-possible dept. [1]Anlan writes "A Swedish student wrote her [2]Master's thesis about current fingerprint technology. After a thorough literature study some live testing took place. Simple DIY fingerprint copies were used (detailed how-to in the thesis). Have current commercial products improved as much as proponents claim? Well, this qoute from the abstract says it all: 'The experiments focus on making artificial fingerprints in gelatin from a latent fingerprint. Nine different systems were tested at the CeBIT trade fair in Germany and all were deceived. Three other different systems were put up against more extensive tests with three different subjects. All systems were circumvented with all subjects' artificial fingerprints, but with varying results.' You can guess how happy the sales people at CeBIT were - most systems claim to be spoof proof..." IFRAME: [3]pos6 References 1. mailto:slashdot1 at lange.cx 2. http://www.ep.liu.se/exjobb/isy/2004/3557/ 3. http://ads.osdn.com/?ad_id=2936&alloc_id=8587&site_id=1&request_id=3363465 ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Fri Jun 25 10:31:26 2004 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 25 Jun 2004 19:31:26 +0200 Subject: Fingerprint Scanners Still Easy to Fool (fwd from brian-slashdotnews@hyperreal.org) Message-ID: <20040625173126.GB12847@leitl.org> ----- Forwarded message from brian-slashdotnews at hyperreal.org ----- From rah at shipwright.com Fri Jun 25 18:22:01 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 25 Jun 2004 21:22:01 -0400 Subject: [osint] Your License, Your Urine Message-ID: --- begin forwarded text From bill.stewart at pobox.com Sat Jun 26 00:27:47 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Sat, 26 Jun 2004 00:27:47 -0700 Subject: [IP] When police ask your name, In-Reply-To: <20040625085351.GW12847@leitl.org> References: <40DBADD5.66148E2@cdc.gov> <20040625085351.GW12847@leitl.org> Message-ID: <6.0.3.0.0.20040626002607.04110ea0@pop.idiom.com> At 01:53 AM 6/25/2004, Eugen Leitl wrote: >The transcription rules for furriner names are strict, too. >No Phn'glui M'gl wna'f, Cthulhu R'lyeh Wgha Nagl Ftaghn for you. Just as well. They'd probably make you fill the form out in triplicate, and that could be .... unwise .... From rah at shipwright.com Sat Jun 26 04:21:29 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 26 Jun 2004 07:21:29 -0400 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: The New York Times June 26, 2004 For Liars and Loafers, Cellphones Offer an Alibi By MATT RICHTEL AN FRANCISCO, June 25 - Cellphones are chock-full of features like built-in cameras, personalized ring tones and text messaging. They also gave a real boost to Kenny Hall's effort to cheat on his girlfriend. Mr. Hall, a 20-year-old college student in Denver, decided in March to spend a weekend in nearby Boulder with another woman. He turned to his cellphone for help, sending out a text message to hundreds of other cellphone users in an "alibi and excuse club," a network of 3,400 strangers who help each other skip work, get out of dates or give a loved one the slip. Assistance came instantly. A club member, on receiving Mr. Hall's message, agreed to call the girlfriend. He pretended to be the soccer coach from the University of Colorado at Boulder and said that Mr. Hall was needed in town for a tryout. "It worked out pretty good," said Mr. Hall, who signed up for the network on www.sms.ac, a Web site that offers access to hundreds of mobile chat rooms. Cellphones are usually used to help people keep track of each other and stay in easy contact. But they are also starting to take on quite a different function - helping users hide their whereabouts, create alibis and generally excuse their bad behavior. There is nothing new about making excuses or telling fibs. But the lure of alibi networks, their members say, lies partly with the anonymity of the Internet, which lets people find collaborators who disappear as quickly as they appeared. Engaging a freelance deceiver is also less risky than dragging a friend into a ruse. Cellphone-based alibi clubs, which have sprung up in the United States, Europe and Asia, allow people to send out mass text messages to thousands of potential collaborators asking for help. When a willing helper responds, the sender and the helper devise a lie, and the helper then calls the victim with the excuse - not unlike having a friend forge a doctor's note for a teacher in the pre-digital age. Another new tactic is the use of audio recordings that can be played in the background during a phone conversation to falsify the caller's whereabouts. Phones can be equipped to play, at the press of a button, the sounds of honking horns, ambulance sirens or a dentist's drill. An employee who is actually sitting at the beach might be able to call his boss, play the blaring tones of a traffic jam, and explain why it has been impossible to get to work on time. "It lets you control your environment," said Harry Kargman, chief executive of Kargo, a New York company that plans to begin selling in July a variety of cellphone sounds for $2.99, including the rasp of a hacking cough to simulate lung infection. "It's not necessarily malicious or nefarious," Mr. Kargman said. Whatever the moral implications of these functions, they show that the cellphone, with its increasing computing power, is taking on complicated functions once associated with computers. And the advanced technology that makes it possible to keep closer tabs on people, said James E. Katz, a professor of communications at Rutgers University, also gives them a potent tool for deception. Mr. Katz said there was practically an arms race between the technology used to locate people and track behavior - global positioning systems, for instance, and caller ID on phones - and technologies intended to deflect surveillance, like audio for fake background noises. At the same time, constant surveillance may have increased the desire to get off the radar, even if that means using underhanded tricks. Text messaging, for example, a popular cellphone function that lets people send short e-mail messages to and from phones, has been adopted as the most efficient means of contacting potential alibi abettors. According to the Yankee Group, a market research firm, some 1.7 billion text messages were sent in the United States during the third quarter of 2003, up from 1.2 billion during the first quarter. Text messaging can be a major source of revenue for mobile phone companies, who charge up to 10 cents to send or receive a message, said Linda Barrabee, an analyst with the Yankee Group. Ms. Barrabee said the technology was particularly popular among teenagers and 20-somethings, like Michelle Logan, a 26-year-old San Diego resident who works for an airline. Ms. Logan was traveling in Europe last year when she learned about a network of several thousand mobile phone users who, through text messaging, help one another establish alibis and make excuses. In April, Ms. Logan returned to the United States and started an American version of the club, which Mr. Hall later used and which charges users for receiving e-mails. Through the site, phone users can sign on to mobile chat rooms to send messages to each other over the Internet or by phone. There are hundreds of such clubs focusing on subjects large and small, ranging from animal rights to the question of whether pirates or ninjas are tougher. In Ms. Logan's case, she promptly used the alibi club she had started to get out of a blind date. She sent out a text message asking for help, and in came a response from a stranger in San Jose, Calif., who agreed to call the blind date, pretend to be Ms. Logan's boss, and explain that she had to go to Europe for a training seminar. These days, Ms. Logan spends much of her time overseeing the e-mail traffic and watching her club grow. It now has 3,400 members, with hundreds of new members signing up each week. One member recently used the club to fool his wife so he could stay at a sports bar to watch the N.B.A. finals. Another member - the wife of a soldier stationed in Iraq - sent out a message asking for help to conjure up an excuse after becoming pregnant by another man. But in that case, many responders urged the woman to tell her husband the truth, according to club members. The European alibi club which inspired Ms. Logan grew to 4,000 members, but was shut down late last year by its founder, Kayle Hanson, 21. "I got a new girl and she wasn't too keen on it," said Mr. Hanson, who lives in Hamburg, Germany. "She thought it was immoral. Imagine that!" Ms. Logan said she was not terribly concerned about lying. Still, she said one reason she preferred counting on strangers to help her was that she did not want her friends to know what she was doing. "You wouldn't really want your friends to know you're sparing people's feelings with these white lies," she said, laughing. Another problem, which even alibi club members admit, is that other members may not be entirely trustworthy. Mr. Hall, the student in Denver, said that when he gave away his girlfriend's phone number to a stranger, he worried that the stranger might do more than make an excuse. "I didn't want him hitting on her or telling her what I was up to," Mr. Hall said. But now he is a believer in the power of the cellphone-assisted alibi. "It worked out good, actually." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From mv at cdc.gov Sat Jun 26 16:09:44 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 16:09:44 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE0238.CC42F118@cdc.gov> At 07:21 AM 6/26/04 -0400, R. A. Hettinga wrote: > > >The New York Times > >June 26, 2004 > >For Liars and Loafers, Cellphones Offer an Alibi >By MATT RICHTEL Eventually the cellphones will be able to tell another phone approx where they are. Remember the 911-locator fascism? So the 'victim' would ask the 'liar' to press a button authorizing disclosure of the approx location. The marketing reason would be to help people find others geographically. But it can also be used to evidence (or not) your location. "Look mom, I'm *not* at the mall or Cheech's house, I'm at the library." Of course all these locations will be in a database which performs a kind of latitude/longitude Name Service so Mom won't have to fire up a browser and go to a mapping page. GPS/911 services + wireless + inet bridging. I wouldn't be surprised if DoCoMo wasn't working on it now.. From measl at mfn.org Sat Jun 26 16:27:22 2004 From: measl at mfn.org (J.A. Terranson) Date: Sat, 26 Jun 2004 18:27:22 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE0238.CC42F118@cdc.gov> References: <40DE0238.CC42F118@cdc.gov> Message-ID: <20040626182544.W124@ubzr.zsa.bet> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > At 07:21 AM 6/26/04 -0400, R. A. Hettinga wrote: > > > > > > >The New York Times > > > >June 26, 2004 > > > >For Liars and Loafers, Cellphones Offer an Alibi > >By MATT RICHTEL > > Eventually the cellphones will be able to tell another phone approx > where they are. Remember the 911-locator fascism? I hate to break the news to you Major, but GPS enabled phones cannot be instructed to turn off the GPS feature for law enforcement queries (e.g., 911). Turn it on or turn it off, makes no matter. > I wouldn't be surprised if DoCoMo wasn't working on it now.. Already complete. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From mv at cdc.gov Sat Jun 26 21:19:28 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 21:19:28 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE4AD0.64E23DD0@cdc.gov> At 06:27 PM 6/26/04 -0500, J.A. Terranson wrote: >On Sat, 26 Jun 2004, Major Variola (ret) wrote: >> >> Eventually the cellphones will be able to tell another phone approx >> where they are. Remember the 911-locator fascism? > >I hate to break the news to you Major, but GPS enabled phones cannot be >instructed to turn off the GPS feature for law enforcement queries (e.g., >911). Turn it on or turn it off, makes no matter. Sir, I do not own a cellphone. Do any models let YOU decide to send your location to ANOTHER phone? Do any models even let YOU know your OWN approx location (to within that 100m Fedfascist standard)? I'm fully aware the pigs track you unless the battery is removed or you have a TEMPEST case. I'm suggesting that regular citizens will have access to that, if (in my cluelessness) they don't already. From mv at cdc.gov Sat Jun 26 21:21:16 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 21:21:16 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE4B3C.C305894C@cdc.gov> At 02:02 AM 6/27/04 +0200, Thomas Shaddack wrote: > >Can it be disabled by hardware hack of the phone, a mikropower jammer, or >using an "unofficial" firmware? It would be hard to verify/test that you had in fact cut the correct trace, and it would depend on the phone, and you would void your warrantee. Firmware hacks are of course the free man's last refuge. From mv at cdc.gov Sat Jun 26 21:25:43 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 21:25:43 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE4C47.E4A556E2@cdc.gov> At 02:02 AM 6/27/04 +0200, Thomas Shaddack wrote: > >Can it be disabled by hardware hack of the phone, a mikropower jammer, or >using an "unofficial" firmware? I wrote: It would be hard to verify/test that you had in fact cut the correct trace, and it would depend on the phone, and you would void your warrantee. Firmware hacks are of course the free man's last refuge. Of course disabling your GPS unit will not prevent the fascists from doing triangulation with signal strength, ie the alternative (and cheaper and less precise alternative). That's merely physics and geometry. To counter that, you need to hack the antennae and and can only displace yourself a few miles. ---- Go for the head shot, they're wearing body armor From mv at cdc.gov Sat Jun 26 21:43:42 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 21:43:42 -0700 Subject: Meshing, Onions, and Liars Message-ID: <40DE507E.1BACBE4C@cdc.gov> At 09:25 PM 6/26/04 -0700, Major Variola (ret) wrote: > >I wrote: > It would be hard to verify/test that you had in fact cut the correct >trace, > and it would depend on the phone, and you would void your warrantee. > > Firmware hacks are of course the free man's last refuge. > >Of course disabling your GPS unit will not prevent the fascists from >doing triangulation with signal strength, ie the alternative (and >cheaper >and less precise alternative). That's merely physics and >geometry. To counter that, you need to hack the antennae and and >can only displace yourself a few miles. Ok, so I'm commenting on an errata to my own post. Sosume. What you need is an Onion network linking cells to POTS or even other cells. Ie, you cellcall a number which routes the call to your desired apparent location. So you call the service, say you'd like to appear to be in Moscow, and a real phone in Moscow connects to your endpoint. Phone could be landline or cell; both are geo-tracable. Sorta like bookies in the 70's had POTS phone hacks to bridge endpoints. Which one could use today to mislead caller ID. This is of course vulnerable to eg satellites listening for your cellphone in the first place, so its not Osama level telecom rerouting. But it *would* let you appear to be at the library if you're at Cheech's place, unless there's a sytemwide Fedtap on your cell phone. (Which used to require a real thinking judge to approve, BTW; now thinking has been replaced by mere respiration.) ------- In the non-heterosexual sense, fuck bush. From mv at cdc.gov Sat Jun 26 21:56:49 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 21:56:49 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE5391.54C238D1@cdc.gov> At 06:38 AM 6/27/04 +0200, Thomas Shaddack wrote: >If the phone is shielded, it can't transmit/receive, which makes it rather >useless. :( When you don't want to use it, why should it not be useless? >There is one potential landmine as well; the inherent ability of any >device containing resonators to behave like a crude RFID tag. I heard >somewhere, and my memory may be failing, that it is possible to irradiate >the phone with the frequency of the cellular band, and it faintly >resonates and returns back its own echo, which has minute variations given >by type, manufacturing tolerances, and possibly age of the phone, giving >it a kind of unique signature. (This could potentially apply also to >radios and transceivers. Does anybody have any idea if it is possible to >do such kind of "active fingerprinting" of rf devices? This way it should >be possible to detect even powered-off devices like hidden transceivers or >body wires; take a transmitter, sweep the spectrum, and watch echoes on >the receiver - there could be peaks on the frequencies of the tuned >circuits inside the examined device.) Your "second order effect" physics is on target. Nonlinear devices generate harmonics when tickled. All devices vary and have characteristic RF signatures. I read something about that recently somewhere, but memory fails. >Question to RF heads here: could it work? I'm not an Elmer but I pretend to be one on the internet. From mv at cdc.gov Sat Jun 26 22:01:46 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:01:46 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE54BA.C45164EA@cdc.gov> At 11:53 PM 6/26/04 -0500, J.A. Terranson wrote: > >Yes, I suppose that the more technical amongst us could selctively jam >only the one signal, however, cellular phones are mighty low power >devices, They can put half (?) a watt out, some of it absorbed by your brain and hand BTW. and I would not hazard a guess as to whether it would be possible >not to overpower the wanted signals on something like this. Even if this >is doable, it is out of reach of Jane Citizen. Any signal you put out is trackable to you geographically, whether its a cell or GPS frequency. I think the onion-routing phone scheme is best, albeit if they're watching your cellphone that UAV will be Hellfiring in your direction soon enough. Best to be in crowds of innocents in that case, my PSYOP consultants suggest. ------ How many Zionist Hellfires does it take to fry a quadroplegic priest in a wheelchair BTW? From mv at cdc.gov Sat Jun 26 22:13:00 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:13:00 -0700 Subject: My name is Jyyneh Do'ughh Message-ID: <40DE575C.79EF71ED@cdc.gov> Gaelic looks like 7-ASCII-bit line noise to me. A Gaelic name could be created which clueless fascists would assume the spelling of, but the correct spelling would be fairly far (in some linguistic Hamming metric) from the assumed spelling. How do you spell John Smith in Gaelic? Just a thought. From mv at cdc.gov Sat Jun 26 22:15:56 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:15:56 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE580B.655BF028@cdc.gov> At 11:56 PM 6/26/04 -0500, J.A. Terranson wrote: > >Hrmmm... Cell Phone. TEMPEST Case. > >What's wrong with this picture??? 1. You can't receive calls. Only make outgoing, from a location which is known to fascists. 2. Use it for your toll-road-transponder too. From mv at cdc.gov Sat Jun 26 22:32:31 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:32:31 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE5BEF.9DD88D97@cdc.gov> At 12:01 AM 6/27/04 -0500, J.A. Terranson wrote: >Interestingly, some [early] models had external antenna jacks built in to >them. Again I am a few Moore's generations behind. (Does that make me a semi-Amish atheist? Or a reformed Luddite?) Where I vacation sometimes, I would need a metallized umbrella (or better) and tripod to find a cell basestation. And that rules out valleys leaving ridges, although a few hundred feet of RF cable isn't so expensive. I am aware of the need for non-fixed antennae for 802.11blah fun; I did not realize that modern cells don't have RF connectors. I have also heard of folks war-flying with a simple (tilted) dipole thus pointing part of the donut-shaped receptive region (orthogonal to the dipole) at the ground. >> Go for the head shot, they're wearing body armor > >If at close range, it is far easier to simply throw water at them prior to >firing. For one, the water acts as apowerful lubricant, effectively >removing the armor, huh? Wet kevlar is still strong, no? >and for two, it distracts the hell out of them ;-) The fundamental problem is the head is more agile than the C.G. However if you don't hit a seam, or aren't using something better than a handgun, only a rapid bit of ballistic neurosurgery will disable the target. Best to have enabled the claymores when your cameras notice a change. And as Mr. Burns says, to let the hounds loose. -------- A free people ought not only to be armed and disciplined, but they should have sufficient arms and ammunition to maintain a status of independence from any who might attempt to abuse them, which would include their own government. --George Washington From mv at cdc.gov Sat Jun 26 22:37:47 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:37:47 -0700 Subject: Instant dissemination of cracks, biz models, etc Message-ID: <40DE5D2B.CBA9C021@cdc.gov> At 07:04 AM 6/27/04 +0200, Thomas Shaddack wrote: >On Sat, 26 Jun 2004, J.A. Terranson wrote: > >> Yes, I suppose that the more technical amongst us could selctively jam >> only the one signal, however, cellular phones are mighty low power >> devices, and I would not hazard a guess as to whether it would be possible >> not to overpower the wanted signals on something like this. > You still deal with triangulation and phone-tracking sats as a threat model. >> Even if this is doable, it is out of reach of Jane Citizen. > >If a J. Random Hacker with the necessary capabilities is within her reach, >the countermeasure is available to her regardless of her own tech skills. Yes, the internet effect, as described by Schneir amongst others. Cracks spreak instantly. >With continuing outsourcing, there should be enough out of work engineers >available who are sufficiently hungry to risk working for the underground >market. Their *employers* need a viable biz model. Many of us (quasi academics or engineers) forget this. The rest is just earning a living as an engineer building something, ideally something cool and challenging under a reasonable schedule for decent pay. ----------- "Il dulce far niente" The sweetness of doing nothing My unemployment motto -S Schear From mv at cdc.gov Sat Jun 26 22:46:53 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:46:53 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE5F4D.2F5A564D@cdc.gov> At 12:25 AM 6/27/04 -0500, Riad S. Wahby wrote: >Triangluating on a non-isotropic antenna should be quite a bit harder... > Bingo. Watch your sidelobes, baby. From mv at cdc.gov Sat Jun 26 22:52:20 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 26 Jun 2004 22:52:20 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi Message-ID: <40DE6094.4AA72B5E@cdc.gov> At 12:41 AM 6/27/04 -0500, J.A. Terranson wrote: >On Sat, 26 Jun 2004, Major Variola (ret) wrote: > >> At 11:56 PM 6/26/04 -0500, J.A. Terranson wrote: >> > >> >Hrmmm... Cell Phone. TEMPEST Case. >> > >> >What's wrong with this picture??? >> >> 1. You can't receive calls. Only make outgoing, from a location >> which is known to fascists. > >Let's try again. TEMPEST sheilding and outgoing calls are not >compatible. Of course outgoing is impossible inside the TEMPEST box. But you don't reveal the intermediate locations you drove through to get to where you broadcast. I drove to Cheech's with my phone unpowered and my toll-road-transponder boxed. Then I drove to the library and unboxed my gizmos. Simple. The gap must have been a "glitch" to the semiclued Big Bro. >> 2. Use it for your toll-road-transponder too. > >And you own one, why? I don't, because I'm a cheapo and professional paranoid. But in my 'hood, there are many tollroad which use them. Otherwise you have to stop and toss coins. Of course your license and face are video'd anyway. If I had one, I would box it unless I was driving on a toll road. From measl at mfn.org Sat Jun 26 21:02:44 2004 From: measl at mfn.org (J.A. Terranson) Date: Sat, 26 Jun 2004 23:02:44 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <0406270155130.0@somehost.domainz.com> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> Message-ID: <20040626230108.V3017@ubzr.zsa.bet> On Sun, 27 Jun 2004, Thomas Shaddack wrote: > On Sat, 26 Jun 2004, J.A. Terranson wrote: > > > > Eventually the cellphones will be able to tell another phone approx > > > where they are. Remember the 911-locator fascism? > > > > I hate to break the news to you Major, but GPS enabled phones cannot be > > instructed to turn off the GPS feature for law enforcement queries (e.g., > > 911). Turn it on or turn it off, makes no matter. > > Can it be disabled by hardware hack of the phone, Likely > a mikropower jammer, Only if you are willing to forego the phone as well, in which case, just remove the battery pack :-) > or using an "unofficial" firmware? Almost certainly, although I do not have expertise in cellular firmware, so I am just making an educated assessment. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From measl at mfn.org Sat Jun 26 21:53:26 2004 From: measl at mfn.org (J.A. Terranson) Date: Sat, 26 Jun 2004 23:53:26 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <0406270627060.0@somehost.domainz.com> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040626230108.V3017@ubzr.zsa.bet> <0406270627060.0@somehost.domainz.com> Message-ID: <20040626234239.K3017@ubzr.zsa.bet> On Sun, 27 Jun 2004, Thomas Shaddack wrote: > On Sat, 26 Jun 2004, J.A. Terranson wrote: > > > > a mikropower jammer, > > > > Only if you are willing to forego the phone as well, in which case, just > > remove the battery pack :-) > > I am assuming here that the phone has a dual receiver, one of the GPS > signal and one of the cellular service itself. As both operate on > different frequencies, it should be possible to jam one while keep the > other's service intact. Ahhh... My bad: I had not considered my audience when I replied :-) Yes, I suppose that the more technical amongst us could selctively jam only the one signal, however, cellular phones are mighty low power devices, and I would not hazard a guess as to whether it would be possible not to overpower the wanted signals on something like this. Even if this is doable, it is out of reach of Jane Citizen. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From measl at mfn.org Sat Jun 26 21:56:58 2004 From: measl at mfn.org (J.A. Terranson) Date: Sat, 26 Jun 2004 23:56:58 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE4AD0.64E23DD0@cdc.gov> References: <40DE4AD0.64E23DD0@cdc.gov> Message-ID: <20040626235359.R3017@ubzr.zsa.bet> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > >> Eventually the cellphones will be able to tell another phone approx > >> where they are. Remember the 911-locator fascism? > Do any models let YOU decide to send your location to ANOTHER > phone? Mine, an Samsung I330 PDA/Phone (actually a rebranded Handspring) allows you to selectively *disable* non-lea queries. Based upon this, I do not believe that the system is broadcast-based, but rather operates solely upon a query-response model. > Do any models even let YOU know your OWN approx location > (to within that 100m Fedfascist standard)? Mine does not, but I understand that there are models now coming into the market which do. > I'm fully aware the pigs track you unless the battery is removed or you > have a TEMPEST case. Hrmmm... Cell Phone. TEMPEST Case. What's wrong with this picture??? -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From measl at mfn.org Sat Jun 26 22:01:05 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 00:01:05 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE4C47.E4A556E2@cdc.gov> References: <40DE4C47.E4A556E2@cdc.gov> Message-ID: <20040626235749.K3017@ubzr.zsa.bet> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > Of course disabling your GPS unit will not prevent the fascists from > doing triangulation with signal strength, ie the alternative (and > cheaper > and less precise alternative). That's merely physics and > geometry. To counter that, you need to hack the antennae and and > can only displace yourself a few miles. Interestingly, some [early] models had external antenna jacks built in to them. New life for old cell phones! > ---- > Go for the head shot, they're wearing body armor If at close range, it is far easier to simply throw water at them prior to firing. For one, the water acts as apowerful lubricant, effectively removing the armor, and for two, it distracts the hell out of them ;-) -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From rsw at jfet.org Sat Jun 26 22:25:22 2004 From: rsw at jfet.org (Riad S. Wahby) Date: Sun, 27 Jun 2004 00:25:22 -0500 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040626235749.K3017@ubzr.zsa.bet> References: <40DE4C47.E4A556E2@cdc.gov> <20040626235749.K3017@ubzr.zsa.bet> Message-ID: <20040627052521.GB29005@jfet.org> "J.A. Terranson" wrote: > Interestingly, some [early] models had external antenna jacks built in to > them. Many still have test jacks on them. Both my old Samsung A500 and my current Sanyo SCP-8100 have a connector (either MC or SMA, IIRC) on the back hidden under a rubber plug. My guess is that with an appropriate connector you could use, e.g., a pringles can to make your antenna much more directional. Triangluating on a non-isotropic antenna should be quite a bit harder... -- Riad S. Wahby rsw at jfet.org From measl at mfn.org Sat Jun 26 22:40:17 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 00:40:17 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <0406270656590.0@somehost.domainz.com> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040626230108.V3017@ubzr.zsa.bet> <0406270627060.0@somehost.domainz.com> <20040626234239.K3017@ubzr.zsa.bet> <0406270656590.0@somehost.domainz.com> Message-ID: <20040627003640.L3017@ubzr.zsa.bet> On Sun, 27 Jun 2004, Thomas Shaddack wrote: > On Sat, 26 Jun 2004, J.A. Terranson wrote: > > > Yes, I suppose that the more technical amongst us could selctively jam > > only the one signal, however, cellular phones are mighty low power > > devices, and I would not hazard a guess as to whether it would be possible > > not to overpower the wanted signals on something like this. > > Not that low power. (Though we maybe just disagree on the definition of > "low" here. I guess I'm a little old fashioned. To me, ~250-300mw is low power. > > Even if this is doable, it is out of reach of Jane Citizen. > > If a J. Random Hacker with the necessary capabilities is within her reach, > the countermeasure is available to her regardless of her own tech skills. You assume that Jane's only problem is equipment procurement. Alas, Jane's biggest problem has not changed much in the last 100 years: knowledge. Jane doesn't know this is an issue that she might need help with. > With continuing outsourcing, there should be enough out of work engineers > available who are sufficiently hungry to risk working for the underground > market. I've wondered over the last several years why such a market has not been more openly extant. This thought has occurred to me many times since the last 70's - the stuff you want is available, but barely, even if "legal". -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From measl at mfn.org Sat Jun 26 22:41:17 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 00:41:17 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE580B.655BF028@cdc.gov> References: <40DE580B.655BF028@cdc.gov> Message-ID: <20040627004029.E3017@ubzr.zsa.bet> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > At 11:56 PM 6/26/04 -0500, J.A. Terranson wrote: > > > >Hrmmm... Cell Phone. TEMPEST Case. > > > >What's wrong with this picture??? > > 1. You can't receive calls. Only make outgoing, from a location > which is known to fascists. Let's try again. TEMPEST sheilding and outgoing calls are not compatible. > 2. Use it for your toll-road-transponder too. And you own one, why? -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From measl at mfn.org Sat Jun 26 22:51:38 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 00:51:38 -0500 (CDT) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE5BEF.9DD88D97@cdc.gov> References: <40DE5BEF.9DD88D97@cdc.gov> Message-ID: <20040627004321.H3017@ubzr.zsa.bet> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > >> Go for the head shot, they're wearing body armor > > > >If at close range, it is far easier to simply throw water at them prior > to > >firing. For one, the water acts as apowerful lubricant, effectively > >removing the armor, > > huh? Wet kevlar is still strong, no? Strong, yes, but it does not react the same way. I have had an opportunity to acquire body armor and receive "formal instruction" in proper use, yada yada, and it was repeated over and over again that in order to provide a reliable barrier to high speed projectiles, it had to be kept *dry*. The instructor went as far as making the "half joking" recommendation that approaches to persons with obvious liquids (coffe cups, soda cans, etc.) should be considered potentially lethal. We were repeatedly warned that searches and questionings of persons "armed with fluids" should be delayed until such time as the potential lubricants were properly neutralized. The lubricant effect is what makes teflon tipped hydrashocks so effective in spite of big heavy kevlar armor - water may not be as good as teflon, but I am not willing to bet my life on it. As to raw strength, what makes Kevlar so good is that it will stretch. It is relatively useless against sharp objects such as knives which do not present a wide surface. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From rsw at jfet.org Sat Jun 26 22:52:11 2004 From: rsw at jfet.org (Riad S. Wahby) Date: Sun, 27 Jun 2004 00:52:11 -0500 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627003640.L3017@ubzr.zsa.bet> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040626230108.V3017@ubzr.zsa.bet> <0406270627060.0@somehost.domainz.com> <20040626234239.K3017@ubzr.zsa.bet> <0406270656590.0@somehost.domainz.com> <20040627003640.L3017@ubzr.zsa.bet> Message-ID: <20040627055211.GD29005@jfet.org> "J.A. Terranson" wrote: > You assume that Jane's only problem is equipment procurement. Alas, > Jane's biggest problem has not changed much in the last 100 years: > knowledge. Jane doesn't know this is an issue that she might need help > with. People who don't know they need such help don't. If you're ignorant you're not paranoid. -- Riad S. Wahby rsw at jfet.org From measl at mfn.org Sat Jun 26 23:08:54 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 01:08:54 -0500 (CDT) Subject: Body Armor (was Re: For Liars and Loafers, Cellphones Offer an Alibi) In-Reply-To: <40DE6094.4AA72B5E@cdc.gov> References: <40DE6094.4AA72B5E@cdc.gov> Message-ID: <20040627010622.J3017@ubzr.zsa.bet> Just for the record, after writing that last missive, which reflects an experience almost 25 years old, I did some quick googling on current body armor. My experience *probably* does not hold with the latest (post 1999) fiber systems. But I still wouldn't bet my life on it. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From shaddack at ns.arachne.cz Sat Jun 26 17:02:24 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 02:02:24 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040626182544.W124@ubzr.zsa.bet> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> Message-ID: <0406270155130.0@somehost.domainz.com> On Sat, 26 Jun 2004, J.A. Terranson wrote: > > Eventually the cellphones will be able to tell another phone approx > > where they are. Remember the 911-locator fascism? > > I hate to break the news to you Major, but GPS enabled phones cannot be > instructed to turn off the GPS feature for law enforcement queries (e.g., > 911). Turn it on or turn it off, makes no matter. Can it be disabled by hardware hack of the phone, a mikropower jammer, or using an "unofficial" firmware? From shaddack at ns.arachne.cz Sat Jun 26 21:29:44 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 06:29:44 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040626230108.V3017@ubzr.zsa.bet> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040626230108.V3017@ubzr.zsa.bet> Message-ID: <0406270627060.0@somehost.domainz.com> On Sat, 26 Jun 2004, J.A. Terranson wrote: > > a mikropower jammer, > > Only if you are willing to forego the phone as well, in which case, just > remove the battery pack :-) I am assuming here that the phone has a dual receiver, one of the GPS signal and one of the cellular service itself. As both operate on different frequencies, it should be possible to jam one while keep the other's service intact. As we can feed the jamming signal right into the antenna of the receiver which we can physically access, we can use very very small powers, which lowers the chance of the jammer to interfere with other devices we perhaps would like to keep in operation, and makes us less susceptible to be annoyed by the FCC goons. From shaddack at ns.arachne.cz Sat Jun 26 21:38:38 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 06:38:38 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE4AD0.64E23DD0@cdc.gov> References: <40DE4AD0.64E23DD0@cdc.gov> Message-ID: <0406270631120.-1274055456@somehost.domainz.com> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > I'm fully aware the pigs track you unless the battery is removed or you > have a TEMPEST case. I'm suggesting that regular citizens will have > access to that, if (in my cluelessness) they don't already. If the phone is shielded, it can't transmit/receive, which makes it rather useless. :( There is one potential landmine as well; the inherent ability of any device containing resonators to behave like a crude RFID tag. I heard somewhere, and my memory may be failing, that it is possible to irradiate the phone with the frequency of the cellular band, and it faintly resonates and returns back its own echo, which has minute variations given by type, manufacturing tolerances, and possibly age of the phone, giving it a kind of unique signature. (This could potentially apply also to radios and transceivers. Does anybody have any idea if it is possible to do such kind of "active fingerprinting" of rf devices? This way it should be possible to detect even powered-off devices like hidden transceivers or body wires; take a transmitter, sweep the spectrum, and watch echoes on the receiver - there could be peaks on the frequencies of the tuned circuits inside the examined device.) Question to RF heads here: could it work? From shaddack at ns.arachne.cz Sat Jun 26 22:04:57 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 07:04:57 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040626234239.K3017@ubzr.zsa.bet> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040626230108.V3017@ubzr.zsa.bet> <0406270627060.0@somehost.domainz.com> <20040626234239.K3017@ubzr.zsa.bet> Message-ID: <0406270656590.0@somehost.domainz.com> On Sat, 26 Jun 2004, J.A. Terranson wrote: > Yes, I suppose that the more technical amongst us could selctively jam > only the one signal, however, cellular phones are mighty low power > devices, and I would not hazard a guess as to whether it would be possible > not to overpower the wanted signals on something like this. Not that low power. (Though we maybe just disagree on the definition of "low" here. But even then it's still pretty strong, when we compare a several watts transmitter on a "cancer tower" half-mile away with a transmitter of similar size, but couple hundreds miles away on the low orbit. Which is largely compensated with the correlation methods used to retrieve the GPS signal from under the noise floor, which is something necessary to keep in mind when considering advanced jamming approaches; mere output power comparisons don't have to be a reliable way when such factors are in the game.) > Even if this is doable, it is out of reach of Jane Citizen. If a J. Random Hacker with the necessary capabilities is within her reach, the countermeasure is available to her regardless of her own tech skills. With continuing outsourcing, there should be enough out of work engineers available who are sufficiently hungry to risk working for the underground market. From dave at farber.net Sun Jun 27 04:46:50 2004 From: dave at farber.net (David Farber) Date: Sun, 27 Jun 2004 07:46:50 -0400 Subject: [IP] NYTimes.com Article: In an Age of Terror, Safety Is Relative Message-ID: In an Age of Terror, Safety Is Relative June 27, 2004 By GREGG EASTERBROOK WASHINGTON - On the subway a few weeks after the Madrid bombings, I noticed a parcel under a seat. I asked other passengers, but no one claimed the object. I looked inside the parcel and saw some papers and an elaborately wrapped object the size of a grapefruit. The train pulled into Metro Center, the main station of the Washington subway. I contemplated that I might be about to pick up a bomb, but then I'd already been stupid enough to look inside, so I carried out the package, put it on a bench and told the station manager. Officers appeared quickly, though trains continued running and people kept milling past. When I first saw the package, should I have used the emergency intercom to alert the motorman? Should he have stopped the train and evacuated everyone? When I alerted the manager, should she have closed the station, bringing the entire system to a halt? Had it turned out to be a bomb, pundits second-guessing the disaster that followed might have said the station manager and I were fools for not pushing the panic button. But what if a trainload of frantic people had been evacuated into a dark tunnel with a high-voltage rail, all because of an elaborately wrapped grapefruit? This is an example of the practical limits to security in the post-9/11 world. With the introduction of sophisticated airport inspections, bomb-screening of checked bags, security stops at building entrances, better passport controls, "smart borders" with improved computers and identity scanners, and hundreds of radiation and bioweapon detectors installed in urban areas, security has significantly improved in just three years. This summer, residents of New York and Boston are seeing lots of extra patrols, bomb-sniffing dogs and police drills, in preparation for the political conventions. But some of what's being done is primarily psychological: to make people feel more safe, regardless of whether they really are. And though the government must try any reasonable idea to counter terrorism, in the next round of security improvements to come there will be serious limits to practicality and affordability. Consider train safety. Recently the Transportation Security Administration tested screening of Amtrak passengers at the New Carrollton, Md., stop. Riders walked one by one through a device that sniffs the air for molecules associated with explosives. Probably anyone carrying a bomb would have been detected. But Amtrak has about 500 stations, half unstaffed whistle-stops. To add bomb-sniffers, plus personnel, to every station would be a significant expense. The New Carrollton stop is a quiet suburban station handling roughly 1,000 passengers a day. The Washington subway system carries half a million passengers a day. Many enter at downtown stations that are mob scenes; to make everyone walk through sniffer machines would be incredibly cumbersome. The New York subway system carries 3.8 million passengers a day, boarding at 468 stations. Screening all those riders would be a logistical nightmare, even if cost were no object. Many New York stations would need extensive re-engineering, and the lines would stretch up the stairs. And cost is an object. An estimated $11 billion has been spent to improve American airline security since Sept. 11, 2001. The airlines board about 1.5 million passengers a day. With the New York subway system alone carrying more than twice that, screening might cost about twice as much as has been spent on airline security. Maybe there's a way to avoid subway passenger screening. Starting in July, Boston transit police will hand-search the packages of travelers on the storied T subway system. Riders will continue to board unscreened. Officers, some with explosives-sniffing dogs, will wander through cars and demand that passengers open packages, briefcases or backpacks. Already there is an excruciating legal dispute about whether the officers should be scanning for those who fit terrorist profiles, or making random searches: that is, ordering grandma to show what's in her purse while ignoring the Middle Eastern-looking young man with the backpack. Set aside the legalities and concentrate on the practical. The Boston system has 247 transit officers, only a fraction of whom will be on trains at any particular time. What are the odds officers will stumble onto the one person, among hundreds of thousands, who is carrying something dangerous? People will feel safer knowing that officers are there, and making people feel safer may be the next best thing to actual safety. In the months after 9/11, National Guard units in battle fatigues patrolled airports: those camouflage outfits would hardly have helped Guard members blend in against a backdrop of vacationers and Chick-Fil-A stands. Officers with assault rifles now walk Times Square, though the chances an assault rifle will be needed are slim. Amtrak now demands that ticket buyers show a driver's license or similar identification. Maybe this will catch a lone deranged person, but the 9/11 attackers made sure their paperwork was in order. Many office buildings now require visitors to show a driver's license, which a low-wage desk worker glances at perfunctorily. During the Democratic National Convention in July, the police will close much of the highway system of downtown Boston. How much has been spent on real action? Steven M. Kosiak, an analyst at the Center for Strategic and Budgetary Assessments, a Washington research group, estimates that since Sept. 11, 2001, about $26 billion has been invested in improving the security of critical infrastructure in the United States. Domestic security over all (personnel and preparedness as well as infrastructure) is a $41.3 billion line in the current federal budget, and President Bush has requested $47.4 billion in fiscal 2005, a request that includes allotments like $3.6 billion to stockpile vaccines and antidotes. Domestic antiterrorism spending is now at nearly 10 times the level of President Bill Clinton's final budget for it. Nonetheless, last year a Council on Foreign Relations report said domestic security was drastically underfinanced. Senator John Kerry, the presumptive Democratic presidential nominee, says he wants still higher spending. He advocates 100,000 more firefighters, 5,000 new police officers trained specifically for antiterrorism, special funds for states and cities whenever an orange-level security alert is issued and other new investments. But money for more security must be weighed against other priorities. The Council on Foreign Relations study, for example, noted, "Only 10 percent of fire departments in the United States have the personnel and equipment to respond to a building collapse." Yet should most fire departments have millions of dollars' worth of equipment to handle a building collapse, when the chances of this happening in any one place, even any one big city, are tiny? Further improvements in security may prove impractical, or threats to liberty. Should bus passengers be screened? Israel, that most security-conscious of nations, has found bus attacks nearly impossible to stop. Should all cars be inspected before entering parking garages? The first World Trade Center attack involved a van bomb in the parking garage. (Cars entering the parking lots at many federal buildings are now inspected; this is not done at most commercial lots under private skyscrapers.) Should everyone carry an identity card with "biometric" data coded into it? The economic considerations are just as daunting. Mr. Kosiak estimates $407 billion has been spent in the wake of 9/11, a figure that includes military operations in Afghanistan and Iraq. If the estimate is correct, then more than 1 percent of the gross domestic product since 9/11 has gone to security improvements and to the wars in Iraq and Afghanistan. National prosperity has declined slightly as a result. Extra security layers also burden the economy. Roadblocks slow the movement of goods; complex inspections of shipments add to processing costs; restricting entry to the United States of the 99.9999 percent of foreign citizens who mean no harm is bad for tourism, for movement of intellectual capital and other aspects of the economy. One reason America has prospered is that it invested heavily in removing friction from the economy by making trade, travel and transactions as convenient as possible. Since 9/11, "we've been putting the friction back in," Brian Michael Jenkins of the RAND Corporation has noted. Consider movement of shipping. Some 20,000 shipping containers a day arrive at United States ports, with perhaps 1 percent inspected. An estimated 250 million shipping containers are in motion around the world. The Central Intelligence Agency is believed to have concluded that a crude atomic bomb or other terror weapon is far more likely to arrive in the United States via shipping container than on a missile from a rogue state. But 20,000 shipping containers per day cannot be fully inspected without significantly slowing the economy. The Department of Homeland Security has a program to place American inspectors overseas at ports like Rotterdam and Singapore. But there's a practical limit to how secure shipping can be, just as there are practical limits to many ideas to improve security. In a world of six billion souls, all it takes is one person a day willing to commit suicide to cause harm and sustain the sense of civilization in jeopardy. Governments will keep trying to improve public safety, but no matter how much is spent, there may be a limit to buying security against that one person. Gregg Easterbrook, a senior editor at The New Republic and a visiting fellow at the Brookings Institution, is the author of "The Progress Paradox." http://www.nytimes.com/2004/06/27/weekinreview/27east.html? ex=1089331778&ei=1&en=3586873e3bb49d79 --------------------------------- Get Home Delivery of The New York Times Newspaper. Imagine reading The New York Times any time & anywhere you like! Leisurely catch up on events & expand your horizons. Enjoy now for 50% off Home Delivery! Click here: http://homedelivery.nytimes.com/HDS/SubscriptionT1.do? mode=SubscriptionT1&ExternalMediaCode=W24AF HOW TO ADVERTISE --------------------------------- For information on advertising in e-mail newsletters or other creative advertising opportunities with The New York Times on the Web, please contact onlinesales at nytimes.com or visit our online media kit at http://www.nytimes.com/adinfo For general information about NYTimes.com, write to help at nytimes.com. Copyright 2004 The New York Times Company ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From rah at shipwright.com Sun Jun 27 05:00:27 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 27 Jun 2004 08:00:27 -0400 Subject: Border skirmish: Tancredo Proposes Remittance Taxes Message-ID: The Denver Post Border skirmish Rep. Tancredo's proposals for immigrant remittances draw First Data Corp. into public policy debate By Aldo Svaldi Denver Post Staff Writer Sunday, June 27, 2004 - First Data Corp. chief executive Charlie Fote and Rep. Tom Tancredo, R-Colo., are both the grandsons of Italian immigrants and consider immigration a critical public policy issue. Their views just happen to be polar opposites. First Data, based in Greenwood Village, earns billions of dollars a year from its international Western Union money transfer business. Tancredo, a Littleton Republican who represents the 6th Congressional District in which First Data has its headquarters, has built his political career on ideas to control immigration. He recently proposed taxing remittances - the billions of dollars that workers send each year from the United States to their families and friends in Mexico and other countries. Such a move could have hurt First Data's business. Tancredo quickly backed off the trial balloon of remittance taxation and now recommends that U.S. foreign aid be offset by the money that workers in the U.S. send abroad. Fote and First Data oppose that proposal, as well. Meanwhile, First Data employees have formed a political action committee that is funding pro-immigration candidates, including Tancredo's Democratic opponent in the fall election. The political action highlights how First Data, once content to remain a behind- the-scenes player, is strategically and openly inserting itself into the immigration debate. "In the end, political support is a matter of choice, and we will support the individual who we believe best reflects the interests of our business and this district," Fote said in an e-mail to The Denver Post. Tancredo counters that his intent with the remittance tax proposal was not to harm First Data, which employs 2,700 people locally and expects to pull down $10 billion in revenues this year. "Really and truly, it had nothing to do with them," Tancredo said. "I did not purposely do anything to hurt their bottom line. Nobody was talking about taxing Western Union or First Data." "Voices weren't being heard" The skirmish with Tancredo is just one in a series of moves by First Data to shape the country's ongoing public policy debate over immigration. "We selected immigration reform as our jumping-off point because it's an issue that's important to a very large customer group, and we felt their voices weren't being heard," Fote said. First Data is Colorado's biggest company by market capitalization, valued at $38.5 billion. It provides back-end transaction processing for more than 3.5 million merchants and has the country's largest ATM and debit-card network. It's the world's largest provider of money transfers - through its Western Union subsidiary - with 188,000 agent locations in 195 countries. In March, Fote spoke at the National Press Club and unveiled a new $10 million First Data Empowerment Fund to help immigrant communities and foster an "enlightened" discussion of immigration. Fote argued at the time for more humane treatment of immigrants and for eliminating the backlog in families wanting to move to the U.S. legally. Fote is personally hosting a series of immigration reform forums across the country, including sessions in Chicago on July 21 and in Denver on July 22. The company is testing a Business Information Clearinghouse in Denver to assist Latino entrepreneurs and is working on initiatives to teach families in developing countries how to leverage the funds they receive from relatives abroad. STATE OF REMITTANCES About 10 million Latin American- born workers in the U.S. send a total of $30 billion back to relatives each year. Here's how much is sent from the top 10 states. California: $9.6 billion New York: $3.6 billion Texas: $3.2 billion Florida: $2.5 billion Illinois: $1.5 billion Georgia: $947 million North Carolina: $833 million Arizona: $606 million Virginia: $586 million Colorado: $544 million Sources: Bendixen & Associates, Inter-American Development Bank The moves have earned accolades from immigrant groups, who point to First Data as the only Fortune 500 company willing to take a public stand on the subject. "First Data is very courageous and proving to be a gallant leader in our community," said Polly Baca, executive director of the Latin American Research and Service Agency in Denver. "They are addressing one of the most critical issues in our state and nation." Baca said that First Data has brought various sides of the immigration debate together without trying to push the dialogue in a predetermined direction. But one direction that First Data's side of the dialogue will most likely never go is toward Tancredo's position of stronger limits on immigration to the U.S. Tancredo proposed placing a 5 percent tax on remittances last month after reading a Washington Post article detailing how individuals in the U.S. send $30 billion a year in remittances to Latin America. "If the report is correct, even a small levy on remittances could generate millions or even billions of dollars for things like better border enforcement," Tancredo said in May. Fred Niehaus, First Data's senior vice president of public affairs, said Tancredo's tax proposal surprised the company and challenged its interests. Tancredo said that he doesn't design policy based on the interest of any single company, even if that company is the largest in his district. "We don't do business that way," he said. "We don't go to corporations first and say I am thinking about this. You try to think about what is best for the country." However, Tancredo has shelved that plan in favor of a legislative proposal that would reduce U.S. foreign aid by the money a country receives in remittances. A blessing or a curse? More than 60 percent of the 16.5 million Latin American-born adults living in the U.S. send money back to their home countries about once a month, averaging about $240 per disbursement, said Sergio Bendixen, a Florida pollster who researched the topic for the Inter-American Development Bank. Of the $30 billion total estimated to be sent by those individuals annually, about $544 million comes from Colorado, Bendixen said. By comparison, USAID, the agency responsible for directing foreign assistance, requested $805 million in next year's budget for the entire region. Bendixen argues that remittances benefit both the countries receiving them and the U.S., a position that First Data supports. "The only way you are going to curb illegal immigration to the U.S. is to foster the economic development of Latin America," he said. Tancredo disagrees, and argues that remittances actually encourage illegal immigration. There are an estimated 8 million illegal immigrants in the U.S., according to the U.S. Census Bureau. In some countries, money transfers represent the largest or second-largest source of national income - even ahead of tourism, Tancredo said. Nations that get large flows of money from abroad have less motivation to address high unemployment rates and to foster economic self-sufficiency, Tancredo said. As a result, he says, those foreign governments encourage workers to cross the U.S. border illegally and drain billions of dollars from the U.S. economy. Executives at First Data's Western Union, which transferred 14 percent of the $151 billion in global remittances last year, see it differently. It's a key reason why First Data Corporation Employees for Responsible Government, the political action committee, was launched a month ago, Niehaus said. The committee has raised $22,500 so far, with contributions given to candidates including President Bush; Rep. Chris Cannon, R-Utah; Sen. Ted Kennedy, D-Mass.; and $2,000 to Tancredo's Democratic opponent this fall - Joanna Conti. Conti calls First Data's support "very significant" and criticized Tancredo's stance on immigration issues. "This is his crusade, not the district's crusade," Conti said. "Our immigration policy is broken. Most people would agree that we need to return to a more sensible policy." Conti most likely stands little chance of winning a district where 46 percent of voters are registered Republicans and just 23 percent are registered Democrats. Tancredo handily beat his Democratic opponent Lance Wright in the 2002 election, winning two-thirds of the vote. That may be why Tancredo doesn't view Conti as a threat to his serving a fourth term and takes First Data's overt opposition in stride. "I live in a live-and-let-live world," Tancredo said. "I want them to do what they need to do. I have to do what I have to do." A risky endeavor Niehaus admits that First Data's reputation could suffer if the immigration reforms backed by the company fail. While corporations may take public policy positions that serve their interests, they don't often confront public officials in the open. "It is rare that you hear about these things coming out and happening," said Katie Kimberling, director of operations at Wilson Research Strategies in Oklahoma City. Larry Sabato, director of the nonpartisan University of Virginia Center for Politics, said a company wouldn't challenge a sitting member of Congress lightly. "When you challenge a politician who has significant power in the majority caucus, which Tancredo does, you are taking a chance," he said. Shareholders could balk at the company's activist position, and so could people who agree with Tancredo's stance. Corporate America isn't behind enforcing existing immigration policies, said Craig Nelsen, director of ProjectUSA, a group opposed to accepting foreign identification cards to open bank accounts in the United States. "There is no money in enforcing immigration law," Nelsen said. "It is all in the other side, in circumventing it, increasing it or turning a blind eye to it." Fote counters that immigrants strengthen the U.S. economy, diversify the social fabric of society and must be treated fairly. In the past, First Data has focused primarily on growing its business, but it now is in a position where it can advocate for its customers, who often have no one to take their side, Fote said. "Sure, we risk criticism from those people who disagree with our work in the area of immigration reform," Fote said. "We're prepared to face that criticism, but the fact is we believe what we're doing is the right thing to do." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 27 05:10:19 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 27 Jun 2004 08:10:19 -0400 Subject: Despite an Act of Leniency, China Has Its Eye on the Web Message-ID: The New York Times June 27, 2004 Despite an Act of Leniency, China Has Its Eye on the Web By HOWARD W. FRENCH HANGHAI, June 26 - A Chinese court recently announced that an Internet democracy advocate charged with subversion would get a suspended sentence instead of a long prison term, with the case drawing criticism from human rights groups and serving as a rallying cry for this country's growing number of online commentators. Both in China and abroad, some commentators quickly applauded what seemed like an official show of leniency toward the accused man, Du Daobin, a prolific author of online essays on issues of democracy and free speech. But many among China's rapidly growing group of Internet commentators are warning that what appears to be government magnanimity in this high-profile case conceals a quiet but concerted push to tighten controls of the Internet and surveillance of its users even though China's restrictions on the medium are already among the broadest and most invasive anywhere. Internet cafe users in China have long been subject to an extraordinary range of controls. They include cameras placed discreetly throughout the establishments to monitor and identify users and Web masters, and Internet cafe managers who keep an eye on user activity, whether electronically or by patrolling the premises. The average Internet user, meanwhile, neither sees nor, in many cases, suspects the activities of a force widely estimated to number as many as 30,000 Internet police officers. Experts on China's Internet say the officers are constantly engaged in a cat-and-mouse game with equally determined Web surfers, blocking access to sites that the government considers politically offensive, monitoring users who visit other politically sensitive sites and killing off discussion threads on Internet bulletin boards. The Chinese government has also established a Web site where people are able to report fellow Web users for suspicious or provocative behavior. Web surfers who try to visit sites being blocked by the government receive messages announcing a page is no longer accessible, or their computer screen may simply go blank, or they may be redirected to unrelated sites. Similarly, people who participate in Web-based discussions on certain subjects may be warned that in order to log on to a discussion group, real names must be used, along with genuine e-mail addresses and even telephone numbers. As its first line of defense against what in another era China's Communist leadership might have called ideological pollution, Beijing controls the Internet by insisting that all Web traffic pass through government-controlled servers. Now, coming on top of these measures, which are all deployed at the national level, China's provincial governments are getting into the act, introducing regulations of their own that critics say severely impinge on privacy and freedom of speech. In recent weeks, Shanghai, China's largest and most Internet-connected city, has quietly introduced a series of controls, arguably the country's most far-reaching yet, and critics fear, a model eventually to be used nationwide. Described by city officials as a measure intended to combat pornography and to bar entry for minors to Internet bars, the Shanghai regulations require customers to use swipe cards that would allow administrators or others to record their national identity numbers and track their Internet use. The regulations have kicked up little public debate, in part because they have received little publicity here during the planning stage. But fierce protests have appeared online, where many active Internet users are interpreting the new regulations as an extension of the police state. "We will hold press conferences during each step of the implementation, and the public can express their own opinions and the media could discuss and question it,'' said an official with the Shanghai Municipal Administration of Culture, Radio, Film and Television, who spoke on the condition of anonymity. "And we have made a priority of making sure that our actions are not against the law. That's our bottom line.'' Asked if the privacy of Internet users could be infringed, the official said that the Shanghai government had noted the issue, but added that "Internet bars are public areas, and some experts say that what one says in a public area should not be considered private.'' Speaking in an interview, one online commentator rejected out of hand the idea that invasive Internet controls had any legitimacy. "I can see that China's progress in the area of law is going very slowly,'' said Su Zhenghua, an economist who frequently posts his thoughts online. "This is a situation that I really must regret, and I hope the Chinese government will follow the spirit of the Constitution and protect freedom of speech and the individual's right to privacy.'' Some experts on China's Internet censorship say that in releasing Mr. Du recently, the government may have been making a subtle bow to China's own domestic public opinion, as expressed through online communication and debate. International analysts who follow China's Internet scene say that the government has been particularly taken aback by the explosion in a new form of online communication for China - the Weblog, or blog. It started last year with a celebrated case of a young woman who made a running online commentary about her own sex life, and now hundreds of thousands of people take enthusiastically to this form. Indeed, Mr. Du himself earned the government's wrath in this way when he wrote to condemn the jailing last year of another well-known Web commentator, Liu Di, whose online moniker was "stainless steel mouse.'' In turn, at least 1,000 people signed a petition in support of Mr. Du that urged the government to stop using antisubversion laws to hinder free speech. According to the analysts, the country's censors, always eager to contain waves of public opinion before they get out of hand, particularly in matters of politics, have become alarmed that despite their intense efforts, Internet technology is quickly making free expression far harder to control. "With the Du case, the government is saying, 'Look, our actions may be nicer than in the past, but fundamentally, the judgment of the crime is unchanged, so don't be fooled, we are also willing to be harsh,' '' said Xiao Qiang, director of the China Internet Project at the University of California at Berkeley. "No matter how hard they try, though, it is a fact that the volume of online information is increasing vastly, and there's nothing the government can do about that. You can monitor hundreds of bulletin boards, but controlling hundreds of thousands of bloggers is very different.'' -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rsw at jfet.org Sun Jun 27 08:15:55 2004 From: rsw at jfet.org (Riad S. Wahby) Date: Sun, 27 Jun 2004 10:15:55 -0500 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627105610.GK12847@leitl.org> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040627105610.GK12847@leitl.org> Message-ID: <20040627151555.GA10799@jfet.org> Eugen Leitl wrote: > Jamming GPS is no problem, but then they'll just triangulate you within the > cell. The only way to prevent that would be to switch off, andn to pull the > battery (unless the firmware is open source, and peer-reviewed). A little poking around on google reveals that all but the most recent Sprint phones don't support GPS at all. They rely for location on AFLT, advanced forward link trilateration. That is, they look for multiple towers, then report their delay readings to the network, allowing triangulation. More recent phones from Sprint must support real GPS, since Qualcomm offers chipsets with GPS support, which they wouldn't do unless their only customers (Sprint phone manufacturers) wanted it. -- Riad S. Wahby rsw at jfet.org From eugen at leitl.org Sun Jun 27 03:56:10 2004 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 27 Jun 2004 12:56:10 +0200 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <0406270155130.0@somehost.domainz.com> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> Message-ID: <20040627105610.GK12847@leitl.org> On Sun, Jun 27, 2004 at 02:02:24AM +0200, Thomas Shaddack wrote: > Can it be disabled by hardware hack of the phone, a mikropower jammer, or > using an "unofficial" firmware? Jamming GPS is no problem, but then they'll just triangulate you within the cell. The only way to prevent that would be to switch off, andn to pull the battery (unless the firmware is open source, and peer-reviewed). -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From bill.stewart at pobox.com Sun Jun 27 13:01:53 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 27 Jun 2004 13:01:53 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627192806.GD6973@acm.jhu.edu> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040627105610.GK12847@leitl.org> <20040627151555.GA10799@jfet.org> <20040627192806.GD6973@acm.jhu.edu> Message-ID: <6.0.3.0.0.20040627130038.0378e670@pop.idiom.com> At 12:28 PM 6/27/2004, Jack Lloyd wrote: > > More recent phones from Sprint must support real GPS, since Qualcomm > > offers chipsets with GPS support, which they wouldn't do unless their > > only customers (Sprint phone manufacturers) wanted it. > >I was looking at getting a Sprint phone last week - every model I looked >at had >a GPS chip. Do any of them let _you_ see the GPS results (which would be useful), or are they only available to Big Brother and maybe advertisers? From bill.stewart at pobox.com Sun Jun 27 13:21:46 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 27 Jun 2004 13:21:46 -0700 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627201354.GE6973@acm.jhu.edu> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040627105610.GK12847@leitl.org> <20040627151555.GA10799@jfet.org> <20040627192806.GD6973@acm.jhu.edu> <6.0.3.0.0.20040627130038.0378e670@pop.idiom.com> <20040627201354.GE6973@acm.jhu.edu> Message-ID: <6.0.3.0.0.20040627131642.041b8640@pop.idiom.com> At 01:13 PM 6/27/2004, Jack Lloyd wrote: >On Sun, Jun 27, 2004 at 01:01:53PM -0700, Bill Stewart wrote: > > Do any of them let _you_ see the GPS results (which would be useful), > > or are they only available to Big Brother and maybe advertisers? > >Not as far as I know. The cheaper ones certainly don't, >it's possible the more expensive ($300+) models do allow this >but I have seen nothing advertising such a feature. Sigh. It probably doesn't even cost them anything - it's just another user interface menu item. (I suppose that's not strictly true - if I were trying to build a GPS Big Brother feature into cellphones for minimum cost, I guess I'd probably look at having the phone just take satellite readings and forward them to a central site for calculations, to avoid having to put any extra computing support into the machine. Don't know if that's a win or loss cost-wise.) >I think the best bet for something like that is to get a Treo (which don't >have >GPS built in), then get a GPS card for it. I've already got a GPS, but I seldom carry it around unless I'm camping - it's old, so it's too clunky. From eugen at leitl.org Sun Jun 27 04:37:02 2004 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 27 Jun 2004 13:37:02 +0200 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE5F4D.2F5A564D@cdc.gov> References: <40DE5F4D.2F5A564D@cdc.gov> Message-ID: <20040627113702.GQ12847@leitl.org> On Sat, Jun 26, 2004 at 10:46:53PM -0700, Major Variola (ret) wrote: > At 12:25 AM 6/27/04 -0500, Riad S. Wahby wrote: > >Triangluating on a non-isotropic antenna should be quite a bit > harder... > > > > Bingo. Watch your sidelobes, baby. Triangulation by signal strength is one thing, triangulation by relativistic ToF (time of flight) -- while still not present in consumer gadgets -- is far more difficult to fool. Especially if it's tied into the protocol, that you're getting position fixes along with your sent packets. UWB has such large power and spectrum usage advantages is that I expect most mobile wireless, especialy short-range, would be UWB within a decade, or less. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From eugen at leitl.org Sun Jun 27 04:51:21 2004 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 27 Jun 2004 13:51:21 +0200 Subject: [IP] NYTimes.com Article: In an Age of Terror, Safety Is Relative (fwd from dave@farber.net) Message-ID: <20040627115120.GS12847@leitl.org> ----- Forwarded message from David Farber ----- From apb at cequrux.com Sun Jun 27 06:23:14 2004 From: apb at cequrux.com (Alan Barrett) Date: Sun, 27 Jun 2004 15:23:14 +0200 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE0238.CC42F118@cdc.gov> References: <40DE0238.CC42F118@cdc.gov> Message-ID: <20040627132313.GA1816@apb-laptoy.apb.alt.za> On Sat, 26 Jun 2004, Major Variola (ret) wrote: > Eventually the cellphones will be able to tell another phone approx > where they are. [...] The marketing reason would be to help people > find others geographically. At least with GSM, the base station always knows the approximate distance to the phone (this is needed by the GSM protocol, for reasons related to time slot management in the presence of finite speed of light, but it might be possible to hack the phone's firmware to fool it, or to register with fewer base stations than usual). The GSM network's database knows the exact locations of all the base stations. Add a little software to do triangulation from multiple base stations, and the GSM network knows the location of the phone, to an accuracy that depends chiefly on the base station density. Add a layer of user interface software, and you're done. No cooperation from the phone is necessary, except what the phone would normally do in order to register itself with base stations so that it can receive calls. No GPS or other non-GSM protocols are necessary. This is already offered as an extra cost service (branded "Look for me") by Vodacom in South Africa. It's targeted at parents who want to know where their children are, and the phrase "with their permission" is included in current advertising. As the seeker, you send an SMS (text message) to a special number to "register" your phone as a user of the locator service, and to ask for the location of another phone. The network sends a message to the target phone, and the user must reply to give permission to be located. Then the network sends a text message to the seeker, telling them the location of the target. I don't know whether the target's permission is asked every time, or just once per seeker; I do know that it's not just once globally. In any case, the "permission" is just a flag in a database, and is not really needed by anybody with back-door access to the GSM provider. --apb (Alan Barrett) From lloyd at randombit.net Sun Jun 27 12:28:06 2004 From: lloyd at randombit.net (Jack Lloyd) Date: Sun, 27 Jun 2004 15:28:06 -0400 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627151555.GA10799@jfet.org> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040627105610.GK12847@leitl.org> <20040627151555.GA10799@jfet.org> Message-ID: <20040627192806.GD6973@acm.jhu.edu> > More recent phones from Sprint must support real GPS, since Qualcomm > offers chipsets with GPS support, which they wouldn't do unless their > only customers (Sprint phone manufacturers) wanted it. I was looking at getting a Sprint phone last week - every model I looked at had a GPS chip. -J From shaddack at ns.arachne.cz Sun Jun 27 06:58:33 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 15:58:33 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627113702.GQ12847@leitl.org> References: <40DE5F4D.2F5A564D@cdc.gov> <20040627113702.GQ12847@leitl.org> Message-ID: <0406271555250.0@somehost.domainz.com> On Sun, 27 Jun 2004, Eugen Leitl wrote: > Triangulation by signal strength is one thing, triangulation by relativistic > ToF (time of flight) -- while still not present in consumer gadgets -- is far > more difficult to fool. Especially if it's tied into the protocol, that > you're getting position fixes along with your sent packets. You may cheat and use the geography, if suitable, to your advantage. Use a high-gain antenna and bounce the signal off a suitable cliff or building. Multipaths don't have to be enemies; pick a suitable one and use it as a cover. The added advantage is fooling both the direction and the distance. From shaddack at ns.arachne.cz Sun Jun 27 07:51:26 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 16:51:26 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627052521.GB29005@jfet.org> References: <40DE4C47.E4A556E2@cdc.gov> <20040626235749.K3017@ubzr.zsa.bet> <20040627052521.GB29005@jfet.org> Message-ID: <0406271649300.0@somehost.domainz.com> On Sun, 27 Jun 2004, Riad S. Wahby wrote: > "J.A. Terranson" wrote: > > Interestingly, some [early] models had external antenna jacks built in to > > them. > > Many still have test jacks on them. Both my old Samsung A500 and my > current Sanyo SCP-8100 have a connector (either MC or SMA, IIRC) on the > back hidden under a rubber plug. My guess is that with an appropriate > connector you could use, e.g., a pringles can to make your antenna much > more directional. Many phones have such connectors used by car handsfree holders, in order to use an antenna mounted externally on the vehicle instead of transmitting from the handset into the partially open Faraday cage of the car. RF-skilled people should have no problems adding such connectors to their phones even if they aren't there from the factory. From shaddack at ns.arachne.cz Sun Jun 27 08:08:51 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 27 Jun 2004 17:08:51 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <40DE6094.4AA72B5E@cdc.gov> References: <40DE6094.4AA72B5E@cdc.gov> Message-ID: <0406271657490.-1274055456@somehost.domainz.com> > At 12:41 AM 6/27/04 -0500, J.A. Terranson wrote: > >On Sat, 26 Jun 2004, Major Variola (ret) wrote: > > > >> At 11:56 PM 6/26/04 -0500, J.A. Terranson wrote: > >> > > >> >Hrmmm... Cell Phone. TEMPEST Case. > >> > > >> >What's wrong with this picture??? > >> > >> 1. You can't receive calls. Only make outgoing, from a location > >> which is known to fascists. > > > >Let's try again. TEMPEST sheilding and outgoing calls are not > >compatible. > > Of course outgoing is impossible inside the TEMPEST box. > But you don't reveal the intermediate locations you drove > through to get to where you broadcast. For this purpose, plain power-off should be enough. The "RF fingerprinting" I mentioned earlier is a different grade of threat though; against that, shielding is necessary. > >> 2. Use it for your toll-road-transponder too. > > > >And you own one, why? > > I don't, because I'm a cheapo and professional paranoid. But in my > 'hood, there are many tollroad which use them. Otherwise you have > to stop and toss coins. Of course your license and face are video'd > anyway. > > If I had one, I would box it unless I was driving on a toll road. There are two kinds of tags, active and passive. Active ones have their own power supply on board and transmit on their own, passive ones need external field to feed them with power. A good thing could be a detector of the passive tag readers; similar to car radar detectors, just on different frequencies. A detector of active tag readers should be possible to design as well; the receivers are usually designed on the superheterodyne principle, and the leaks of their oscillators can be detected from distance. In some countries/states police uses detectors of radar detectors working on this principle, and there is also some project of advertisement corps to receive the leaks from the car radios and figure out the major demography of the population using a given road and set the "most suitable" face of the billboards on that road for that particular target group. So the technology is already out there, just has to be opensourced for public benefit. Shame on my lack of RF skills necessary to do this :((( From pgut001 at cs.auckland.ac.nz Sat Jun 26 22:19:29 2004 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Sun, 27 Jun 2004 17:19:29 +1200 Subject: [IP] When police ask your name, In-Reply-To: <6.0.3.0.0.20040626002607.04110ea0@pop.idiom.com> Message-ID: >At 01:53 AM 6/25/2004, Eugen Leitl wrote: >>The transcription rules for furriner names are strict, too. >>No Phn'glui M'gl wna'f, Cthulhu R'lyeh Wgha Nagl Ftaghn for you. > >Just as well. They'd probably make you fill the form out in triplicate, In his house at R'lyeh, dead Cthulhu waits knitting? I think a few typos may have crept into that one. >and that could be .... unwise .... No, you're thinking of Hast(&%#^& Error: No route to host. From rah at shipwright.com Sun Jun 27 14:31:32 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 27 Jun 2004 17:31:32 -0400 Subject: Florida to Tax Home Networks Message-ID: Wired News Florida to Tax Home Networks By Michelle Delio? Story location: http://www.wired.com/news/business/0,1367,63962,00.html 02:00 AM Jun. 24, 2004 PT Florida state officials are considering taxing home networks that have more than one computer, under a modified 1985 state law that was intended to tax the few businesses that used internal communication networks instead of the local telephone company. Officials from Florida's Department of Revenue held a meeting on Tuesday to see whether the law would apply to wired households, and exactly who would be taxed. About 200 people attended, including community and business representatives. In 1985 the state passed a law to tax businesses using their own communications networks, because otherwise the state could not collect tax revenue on the businesses' local telephone service. In 2001, that law was expanded to make "any system that is used for voice or data that connects multiple users with the use of switching or routing technology" taxable up to 16 percent. The law is so broad that it would apply to networked computers, wireless services, two-way radios and even fax machines -- or "substitute communications systems," as the state calls them. The tax would be applicable (PDF) to the costs of operating such a substitute communications system, not to the purchase of the system's components. In some cases, it appears the tax would be collected by the providers of communications services such as wireless companies or voice-over-IP firms. The tax would be added to the user's bill and then turned over to the Department of Revenue. But some substitute communications services don't require a service plan. For those, the state could take the tax from the amount deducted on business, and perhaps personal, tax filings. "According to my accountant, the way the law is written, if my tax filing includes deductions for the repair or maintenance of my two computer and one printer network, those costs will be subject to state communication taxes," said graphic artist Linda Kellman, who works from home. "Self-employed people get slammed with insane taxes everywhere, and I've sadly but grudgingly accepted that. But this tax, if they ever try to collect it, would be the last straw. Can I outsource my network to a more sensible state, do you think?" Florida businesses and residents -- and even some officials in the Florida Department of Revenue -- agree that the wording of the law is too broad. In May, the Florida Senate unanimously passed a bill that would have prevented collection of the tax until 2006, during which time the law could be carefully reviewed. The bill was then sent to the House, but wasn't voted on before the summer break, clearing the way for officials to begin collecting the tax. As a result, the Florida Department of Revenue, which, according to local newspaper reports, was in favor of the bill to delay the collection of the tax, must now begin to address how the tax should be implemented. "The tax language is so broad that virtually any communication technologies in your home or office could be subject to this tax," said Chris Hart, spokesman for ITFlorida, a not-for-profit industry organization for the state's technology professionals. "It's difficult to imagine a more anti-technology, anti-business tax. It directly attacks the efficient use of information technology." Florida businesses aren't in favor of the tax. It also could tax almost any Florida resident who uses any sort of modern communications technology, something that Florida's battalions of retirees on fixed incomes have just begun to become aware of, according to Hart. "Information on this issue is starting to reach the general public, and it probably isn't widely understood just yet," he said. "However, once people do realize how this tax could impact them on a personal level, they wake up very fast." "All my life, I've willingly paid my fair share of taxes in exchange for community services," said 73-year-old George Fedoro, a retired engineer who now lives in Boca Raton. "But this tax is not fair and could turn senior citizens into criminals, because no one that I know can or will pay it." Florida Gov. Jeb Bush would have to approve any rule the tax department suggests. Bush has said he isn't in favor of the tax, but many fear he may be swayed by city and county government officials. The tax would go, in part, toward school construction and other projects. Additional meetings on the proposed rules for the tax will be held in other locations around the state later in the year, Department of Revenue officials said. If the law is implemented, Florida would have the most wide-reaching state tax on technology. But it may not be the last -- state officials estimate enforcement of the tax could bring in more than $1 billion a year in revenue for the state. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jun 27 14:53:05 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 27 Jun 2004 17:53:05 -0400 Subject: Shuffling to the sound of the Morlocks' dinner bell Message-ID: Sunday, June 27, 2004 Las Vegas Review-Journal VIN SUPRYNOWICZ: Shuffling to the sound of the Morlocks' dinner bell In Atlanta over the May 29 weekend, former movie producer, Bette Midler manager/paramour and Nevada gubernatorial candidate Aaron Russo -- who entered the Libertarian Party's national convention as the front-runner for the presidential nomination -- was doing himself no favors on the convention floor. The Libertarian Party has more than its share of dorks and dweebs, who given the chance will corner you and seek a debate on the most arcane details of anything from private space exploration to the Federal Reserve. I can understand Russo's reluctance to waste too much time on this stuff (though in fact, the Federal Reserve seems to have become one of his own favorite topics, of late). But eyewitnesses report Russo's response was to call such gadflies "idiots," sometimes throwing in a few extra modifiers which I can't print in a family newspaper. On the floor, Russo "had a style that some delegates from the South and Midwest fretted would not sell back home -- brash New York ethnic," comments Brian Doherty of Reason magazine (). Doherty observed Russo "throwing around the word `baby,' cracking jokes, grabbing floating balloons and nuzzling them, then mock-complaining that one of his vocal opponents would probably call that sexual harassment ... segueing from a mention of orgasms to introducing his wife." If this is the degree of delicacy with which Aaron treated the 808 voting delegates at the very convention whose nomination he sought, who can guess what level of gravitas and aplomb he might bring to a set of tense diplomatic negotiations with, say, Jacques Chirac? I've met Aaron Russo. I believe he's sincerely concerned about the direction this country is headed. But when Aaron ran for governor of Nevada a few years back, he did so from a rented house with rented furniture. On the weekends he commuted back to visit his immediate family in Southern California -- in a fancy car with Vermont license plates. Even in a state where native-born residents are a rarity, Aaron Russo gave carpetbaggers a bad name. The majority of the LP's delegates in Atlanta concluded Aaron Russo might inject some money and some drama, but that he was a loose cannon. "The delegates voted for the man who was the most like them, who presented in the most professional way the modal opinions and views and style of a Libertarian Party activist -- quiet, intense, no deviation from the catechism, more concerned with eternal ideological and philosophical verities than the political events of the day," summarizes Doherty. Michael Badnarik is no table-pounder. But the political maneuverings that landed Badnarik the LP nomination -- a tense, edge-of-your-seat process conducted in the light of day -- produced the best candidate. Michael Badnarik won the nomination, on the issues, because he won the candidates' debate. How close was it? On the first ballot, the delegates split Russo 258, Michael Badnarik 256, and 246 for syndicated radio host Gary Nolan. Then it started to get interesting. Properly covered and explained, it could have made great live television -- but of course no network but C-SPAN will cover such real political drama, any more. Too much chance the voting public might get exposed to some radical new common-sense ideas. Come November, I with perhaps 1 or 2 percent of the populace will cast my lonely vote for Michael Badnarik, an articulate, reasonable, personable freedom fighter of modest means, who lacks any discernible pathological need or expectation for brass bands, snapping flashbulbs or public adulation. I will vote for a candidate who -- if he had his way -- would end the insane war on drugs; end the income tax; restore my God-given and constitutionally guaranteed firearms rights; protect the rights of all Americans to medical privacy; end the noxious daily trampling of our Bill of Rights in the nation's airports; pull us out of the deadly, illegal and unconstitutional war in Iraq; and put the U.S. military back to work tracking down the real culprits of Sept. 11. "At which point, if we can find them, you think it would be OK to just kill them?" I asked the candidate last week. "Sure," Badnarik said. Sounds about right to me. I will cast that vote on Nov. 2, and get my ass whupped (politically speaking), and go to bed proud and justified. In contrast, 95 percent of you (if you bother going to the polls at all -- and who can blame you for your increasing sense of mortification? You must start to feel like the Eloi, shuffling in to the sound of the Morlocks' dinner bell in H.G. Wells' "The Time Machine") will vote for a lying politician who you know to be a lying politician -- one of two interchangeable Skull & Bonesmen without any discernible political principles, who (no matter which wins) will proceed to raise your taxes, take away more of your freedoms, and continue frittering away whatever remains of America's reputation for decency by continuing the violent military occupation of scores of foreign countries that have never attacked nor declared war upon us. All this in hopes of temporarily propping up the bottom lines of sundry well-heeled banks, oil companies and federally subsidized engineering and construction firms. All because you don't want to "throw away your vote" -- and register your disapproval with that state of affairs -- by voting for a guy who would make you feel decent and clean. Because he's going to lose. So, I don't get it: Let's say you flip a coin and manage to pick the winner. What do you win? Vin Suprynowicz is assistant editorial page editor of the Review-Journal and author of the books "Send in the Waco Killers" and "The Ballad of Carl Drega." His Web site is www.privacyalert.us. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From measl at mfn.org Sun Jun 27 16:26:05 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 18:26:05 -0500 (CDT) Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: References: Message-ID: <20040627182316.S3017@ubzr.zsa.bet> On Sun, 27 Jun 2004, R. A. Hettinga wrote: > In contrast, 95 percent of you (if you bother going to the polls at all -- > and who can blame you for your increasing sense of mortification? You must > start to feel like the Eloi, shuffling in to the sound of the Morlocks' > dinner bell in H.G. Wells' "The Time Machine") will vote for a lying > politician who you know to be a lying politician -- one of two > interchangeable Skull & Bonesmen without any discernible political > principles, who (no matter which wins) will proceed to raise your taxes, > take away more of your freedoms, and continue frittering away whatever > remains of America's reputation for decency by continuing the violent > military occupation of scores of foreign countries that have never attacked > nor declared war upon us. All this in hopes of temporarily propping up the > bottom lines of sundry well-heeled banks, oil companies and federally > subsidized engineering and construction firms. > > All because you don't want to "throw away your vote" -- and register your > disapproval with that state of affairs -- by voting for a guy who would > make you feel decent and clean. In *any* election other than the one we face this November, I would agree with this 100%. But this time, I just can't. I fear the re-appointment of Bush more than any other political event. That the author of this is willing to overlook that he is knowingly helping to keep Bush in office, trampling those rights he claims to so cherish, totally negates his argument. Bush has never won an election. Let's keep it that way. -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From hseaver at cybershamanix.com Sun Jun 27 17:09:47 2004 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sun, 27 Jun 2004 19:09:47 -0500 Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: <20040627182316.S3017@ubzr.zsa.bet> References: <20040627182316.S3017@ubzr.zsa.bet> Message-ID: <20040628000947.GB12584@cybershamanix.com> On Sun, Jun 27, 2004 at 06:26:05PM -0500, J.A. Terranson wrote: > > On Sun, 27 Jun 2004, R. A. Hettinga wrote: > > > > In contrast, 95 percent of you (if you bother going to the polls at all -- > > and who can blame you for your increasing sense of mortification? You must > > start to feel like the Eloi, shuffling in to the sound of the Morlocks' > > dinner bell in H.G. Wells' "The Time Machine") will vote for a lying > > politician who you know to be a lying politician -- one of two > > interchangeable Skull & Bonesmen without any discernible political > > principles, who (no matter which wins) will proceed to raise your taxes, > > take away more of your freedoms, and continue frittering away whatever > > remains of America's reputation for decency by continuing the violent > > military occupation of scores of foreign countries that have never attacked > > nor declared war upon us. All this in hopes of temporarily propping up the > > bottom lines of sundry well-heeled banks, oil companies and federally > > subsidized engineering and construction firms. > > > > All because you don't want to "throw away your vote" -- and register your > > disapproval with that state of affairs -- by voting for a guy who would > > make you feel decent and clean. > > In *any* election other than the one we face this November, I would agree > with this 100%. But this time, I just can't. I fear the re-appointment > of Bush more than any other political event. That the author of this is > willing to overlook that he is knowingly helping to keep Bush in office, > trampling those rights he claims to so cherish, totally negates his > argument. > > Bush has never won an election. > > Let's keep it that way. My feeling is that Kerry won't be really any different, except possibly in the areas of environment and education. He'll be about like Klinton, maybe worse. And like Klinton, he's a lot smarter, so a lot more people will be fooled. One thing about Dubbya, et al, is they make a lot of really dumb mistakes. Look at Cheney telling Sen. Leahy to fuck himself -- these morons even turn off a lot of Republicans. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com Hoka hey! From rsw at jfet.org Sun Jun 27 17:37:16 2004 From: rsw at jfet.org (Riad S. Wahby) Date: Sun, 27 Jun 2004 19:37:16 -0500 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627192806.GD6973@acm.jhu.edu> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040627105610.GK12847@leitl.org> <20040627151555.GA10799@jfet.org> <20040627192806.GD6973@acm.jhu.edu> Message-ID: <20040628003716.GA21005@jfet.org> Jack Lloyd wrote: > I was looking at getting a Sprint phone last week - every model I > looked at had a GPS chip. Try the Sanyo SCP-8100. It does network-assisted location only. It also has a much more sensitive frontend than anything from Samsung, has a reasonably nice-looking screen, and isn't too big. It's old enough that it should be cheap, too. -- Riad S. Wahby rsw at jfet.org From measl at mfn.org Sun Jun 27 17:38:23 2004 From: measl at mfn.org (J.A. Terranson) Date: Sun, 27 Jun 2004 19:38:23 -0500 (CDT) Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: <20040628000947.GB12584@cybershamanix.com> References: <20040627182316.S3017@ubzr.zsa.bet> <20040628000947.GB12584@cybershamanix.com> Message-ID: <20040627193435.C3017@ubzr.zsa.bet> On Sun, 27 Jun 2004, Harmon Seaver wrote: > > Bush has never won an election. > > > > Let's keep it that way. > > My feeling is that Kerry won't be really any different, Accepted. Kerry is possibly the single worst candidate the dems had to offer - and I don't think it's any accident that he made it through. Nevertheless, I'll take the evil untested over the evil well known and thoroughly despised at this point. BTW - I just got back from F9/11: good movie, regardless of your stance on shrub. I find it interesting that (a) Although it is raking in money like crazy (my performance was close to 100% full, no passes are being accepted, etc.), (b) only a single theater within 50 miles of St. Louis, yes, you saw that right, a major city, has booked this show, and, (c) the movie plays only through tonight - a three day run. You close a movie thats making money? -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From roy at rant-central.com Sun Jun 27 18:06:57 2004 From: roy at rant-central.com (Roy M. Silvernail) Date: Sun, 27 Jun 2004 21:06:57 -0400 Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: <20040627193435.C3017@ubzr.zsa.bet> References: <20040627182316.S3017@ubzr.zsa.bet> <20040628000947.GB12584@cybershamanix.com> <20040627193435.C3017@ubzr.zsa.bet> Message-ID: <1088384817.28846.3.camel@localhost> On Sun, 2004-06-27 at 20:38, J.A. Terranson wrote: > BTW - I just got back from F9/11: good movie, regardless of your stance on > shrub. I just saw it, as well, and I have to agree with you. > I find it interesting that (a) Although it is raking in money like crazy > (my performance was close to 100% full, no passes are being accepted, > etc.), (b) only a single theater within 50 miles of St. Louis, yes, you > saw that right, a major city, has booked this show, and, (c) the movie > plays only through tonight - a three day run. You close a movie thats > making money? There are three theaters around Cincinnati running it, which considering the Republican slant of the state I found interesting. Don't know how long it's scheduled to play, though. I didn't see any "final performance" posters (and of course. moviefone.com doesn't show closing dates). -- Roy M. Silvernail is roy at rant-central.com, and you're not "Progress, like reality, is not optional." - R. A. Hettinga SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com From rah at shipwright.com Sun Jun 27 19:14:24 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 27 Jun 2004 22:14:24 -0400 Subject: SciAm: The Mystery of the Voynich Manuscript Message-ID: Scientific American: June 21, 2004 The Mystery of the Voynich Manuscript New analysis of a famously cryptic medieval document suggests that it contains nothing but gibberish By Gordon Rugg In 1912 Wilfrid Voynich, an American rare-book dealer, made the find of a lifetime in the library of a Jesuit college near Rome: a manuscript some 230 pages long, written in an unusual script and richly illustrated with bizarre images of plants, heavenly spheres and bathing women. Voynich immediately recognized the importance of his new acquisition. Although it superficially resembled the handbook of a medieval alchemist or herbalist, the manuscript appeared to be written entirely in code. Features in the illustrations, such as hairstyles, suggested that the book was produced sometime between 1470 and 1500, and a 17th-century letter accompanying the manuscript stated that it had been purchased by Rudolph II, the Holy Roman Emperor, in 1586. During the 1600s, at least two scholars apparently tried to decipher the manuscript, and then it disappeared for nearly 250 years until Voynich unearthed it. Voynich asked the leading cryptographers of his day to decode the odd script, which did not match that of any known language. But despite 90 years of effort by some of the world's best code breakers, no one has been able to decipher Voynichese, as the script has become known. The nature and origin of the manuscript remain a mystery. The failure of the code-breaking attempts has raised the suspicion that there may not be any cipher to crack. Voynichese may contain no message at all, and the manuscript may simply be an elaborate hoax. Critics of this hypothesis have argued that Voynichese is too complex to be nonsense. How could a medieval hoaxer produce 230 pages of script with so many subtle regularities in the structure and distribution of the words? But I have recently discovered that one can replicate many of the remarkable features of Voynichese using a simple coding tool that was available in the 16th century. The text generated by this technique looks much like Voynichese, but it is merely gibberish, with no hidden message. This finding does not prove that the Voynich manuscript is a hoax, but it does bolster the long-held theory that an English adventurer named Edward Kelley may have concocted the document to defraud Rudolph II. (The emperor reportedly paid a sum of 600 ducats--equivalent to about $50,000 today--for the manuscript.) Perhaps more important, I believe that the methods used in this analysis of the Voynich mystery can be applied to difficult questions in other areas. Tackling this hoary puzzle requires expertise in several fields, including cryptography, linguistics and medieval history. As a researcher into expert reasoning--the study of the processes used to solve complex problems--I saw my work on the Voynich manuscript as an informal test of an approach that could be used to identify new ways of tackling long-standing scientific questions. The key step is determining the strengths and weaknesses of the expertise in the relevant fields. Baby God's Eye? The first purported decryption of the Voynich manuscript came in 1921. William R. Newbold, a professor of philosophy at the University of Pennsylvania, claimed that each character in the Voynich script contained tiny pen strokes that could be seen only under magnification and that these strokes formed an ancient Greek shorthand. Based on his reading of the code, Newbold declared that the Voynich manuscript had been written by 13th-century philosopher-scientist Roger Bacon and described discoveries such as the invention of the microscope. Within a decade, however, critics debunked Newbold's solution by showing that the alleged microscopic features of the letters were actually natural cracks in the ink. The Voynich manuscript appeared to be either an unusual code, an unknown language or a sophisticated hoax. Newbold's attempt was just the start of a string of failures. In the 1940s amateur code breakers Joseph M. Feely and Leonell C. Strong used substitution ciphers that assigned Roman letters to the characters in Voynichese, but the purported translations made little sense. At the end of World War II the U.S. military cryptographers who cracked the Japanese Imperial Navy's codes passed some spare time tackling ciphertexts--encrypted texts--from antiquity. The team deciphered every one except the Voynich manuscript. In 1978 amateur philologist John Stojko claimed that the text was written in Ukrainian with the vowels removed, but his translation--which included sentences such as "Emptiness is that what Baby God's Eye is fighting for"--did not jibe with the manuscript's illustrations nor with Ukrainian history. In 1987 a physician named Leo Levitov asserted that the document had been produced by the Cathars, a heretical sect that flourished in medieval France, and was written in a pidgin composed of words from various languages. Levitov's translation, though, was at odds with the Cathars' well-documented theology. Furthermore, all these schemes used mechanisms that allowed the same Voynichese word to be translated one way in one part of the manuscript and a different way in another part. For example, one step in Newbold's solution involved the deciphering of anagrams, which is notoriously imprecise: the anagram ADER, for instance, can be interpreted as READ, DARE or DEAR. Most scholars agree that all the attempted decodings of the Voynich manuscript are tainted by an unacceptable degree of ambiguity. Moreover, none of these methods could encode plaintext--that is, a readable message--into a ciphertext with the striking properties of Voynichese. If the manuscript is not a code, could it be an unidentified language? Even though we cannot decipher the text, we know that it shows an extraordinary amount of regularity. For instance, the most common words often occur two or more times in a row. To represent the words, I will use the European Voynich Alphabet (EVA), a convention for transliterating the characters of Voynichese into Roman letters. An example from folio 78R of the manuscript reads: qokedy qokedy dal qokedy qokedy. This degree of repetition is not found in any known language. Conversely, Voynichese contains very few phrases where two or three different words regularly occur together. These characteristics make it unlikely that Voynichese is a human language--it is simply too different from all other languages. The third possibility is that the manuscript was a hoax devised for monetary gain or that it is some mad alchemist's meaningless ramblings. The linguistic complexity of the manuscript seems to argue against this theory. In addition to the repetition of words, there are numerous regularities in the internal structure of the words. The common syllable qo, for instance, occurs only at the start of words. The syllable chek may appear at the start of a word, but if it occurs in the same word as qo, then qo always comes before chek. The common syllable dy usually appears at the end of a word and occasionally at the start but never in the middle. A simple "pick and mix" hoax that combines the syllables at random could not produce a text with so many regularities. Voynichese is also much more complex than anything found in pathological speech caused by brain damage or psychological disorders. Even if a mad alchemist did construct a grammar for an invented language and then spent years writing a script that employed this grammar, the resulting text would not share the various statistical features of the Voynich manuscript. For example, the word lengths of Voynichese form a binomial distribution--that is, the most common words have five or six characters, and the occurrence of words with greater or fewer characters falls off steeply from that peak in a symmetric bell curve. This kind of distribution is extremely unusual in a human language. In almost all human languages, the distribution of word lengths is broader and asymmetric, with a higher occurrence of relatively long words. It is very unlikely that the binomial distribution of Voynichese could have been a deliberate part of a hoax, because this statistical concept was not invented until centuries after the manuscript was written. Expert Reasoning In summary, the Voynich manuscript appeared to be either an extremely unusual code, a strange unknown language or a sophisticated hoax, and there was no obvious way to resolve the impasse. It so happened that my colleague Joanne Hyde and I were looking for just such a puzzle a few years ago. We had been developing a method for critically reevaluating the expertise and reasoning used in the investigation of difficult research problems. As a preliminary test, I applied this method to the research on the Voynich manuscript. I started by determining the types of expertise that had previously been applied to the problem. The assessment that the features of Voynichese are inconsistent with any human language was based on substantial relevant expertise from linguistics. This conclusion appeared sound, so I proceeded to the hoax hypothesis. Most people who have studied the Voynich manuscript agreed that Voynichese was too complex to be a hoax. I found, however, that this assessment was based on opinion rather than firm evidence. There is no body of expertise on how to mimic a long medieval ciphertext, because there are hardly any examples of such texts, let alone hoaxes of this genre. Several researchers, such as Jorge Stolfi of the University of Campinas in Brazil, had wondered whether the Voynich manuscript was produced using random text-generation tables. These tables have cells that contain characters or syllables; the user selects a sequence of cells--perhaps by throwing dice--and combines them to form a word. This technique could generate some of the regularities within Voynichese words. Under Stolfi's method, the table's first column could contain prefix syllables, such as qo, that occur only at the start of words; the second column could contain midfixes (syllables appearing in the middle of words) such as chek, and the third column could contain suffix syllables such as y. Choosing a syllable from each column in sequence would produce words with the characteristic structure of Voynichese. Some of the cells might be empty, so that one could create words lacking a prefix, midfix or suffix. English adventurer Edward Kelley may have concocted the document to defraud Rudolph II, the Holy Roman Emperor. Other features of Voynichese, however, are not so easily reproduced. For instance, some characters are individually common but rarely occur next to each other. The characters transcribed as a, e and l are common, as is the combination al, but the combination el is very rare. This effect cannot be produced by randomly mixing characters from a table, so Stolfi and others rejected this approach. The key term here, though, is "randomly." To modern researchers, randomness is an invaluable concept. Yet it is a concept developed long after the manuscript was created. A medieval hoaxer probably would have used a different way of combining syllables that might not have been random in the strict statistical sense. I began to wonder whether some of the features of Voynichese might be side effects of a long-obsolete device. The Cardan Grille It looked as if the hoax hypothesis deserved further investigation. My next step was to attempt to produce a hoax document to see what side effects emerged. The first question was, Which techniques to use? The answer depended on the date when the manuscript was produced. Having worked in archaeology, a field in which dating artifacts is an important concern, I was wary of the general consensus among Voynich researchers that the manuscript was created before 1500. It was illustrated in the style of the late 1400s, but this attribute did not conclusively pin down the date of its origin; artistic works are often produced in the style of an earlier period, either innocently or to make the document look older. I therefore searched for a coding technique that was available during the widest possible range of origin dates--between 1470 and 1608. A promising possibility was the Cardan grille, which was introduced by Italian mathematician Girolamo Cardano in 1550. It consists of a card with slots cut in it. When the grille is laid over an apparently innocuous text produced with another copy of the same card, the slots reveal the words of the hidden message. I realized that a Cardan grille with three slots could be used to select permutations of prefixes, midfixes and suffixes from a table to generate Voynichese-style words. A typical page of the Voynich manuscript contains about 10 to 40 lines, each consisting of about eight to 12 words. Using the three-syllable model of Voynichese, a single table of 36 columns and 40 rows would contain enough syllables to produce an entire manuscript page with a single grille. The first column would list prefixes, the second midfixes and the third suffixes; the following columns would repeat that pattern. You can align the grille to the upper left corner of the table to create the first word of Voynichese and then move it three columns to the right to make the next word. Or you can move the grille to a column farther to the right or to a lower row. By successively positioning the grille over different parts of the table, you can create hundreds of Voynichese words. And the same table could then be used with a different grille to make the words of the next page. I drew up three tables by hand, which took two or three hours per table. Each grille took two or three minutes to cut out. (I made about 10.) After that, I could generate text as fast as I could transcribe it. In all, I produced between 1,000 and 2,000 words this way. I found that this method could easily reproduce most of the features of Voynichese. For example, you can ensure that some characters never occur together by carefully designing the tables and grilles. If successive grille slots are always on different rows, then the syllables in horizontally adjacent cells in the table will never occur together, even though they may be very common individually. The binomial distribution of word lengths can be generated by mixing short, medium-length and long syllables in the table. Another characteristic of Voynichese--that the first words in a line tend to be longer than later ones--can be reproduced simply by putting most of the longer syllables on the left side of the table. The Cardan grille method therefore appears to be a mechanism by which the Voynich manuscript could have been created. My reconstructions suggest that one person could have produced the manuscript, including the illustrations, in just three or four months. But a crucial question remains: Does the manuscript contain only meaningless gibberish or a coded message? I found two ways to employ the grilles and tables to encode and decode plaintext. The first was a substitution cipher that converted plaintext characters to midfix syllables that are then embedded within meaningless prefixes and suffixes using the method described above. The second encoding technique assigned a number to each plaintext character and then used these numbers to specify the placement of the Cardan grille on the table. Both techniques, however, produce scripts with much less repetition of words than Voynichese. This finding indicates that if the Cardan grille was indeed used to make the Voynich manuscript, the author was probably creating cleverly designed nonsense rather than a ciphertext. I found no evidence that the manuscript contains a coded message. This absence of evidence does not prove that the manuscript was a hoax, but my work shows that the construction of a hoax as complex as the Voynich manuscript was indeed feasible. This explanation dovetails with several intriguing historical facts: Elizabethan scholar John Dee and his disreputable associate Edward Kelley visited the court of Rudolf II during the 1580s. Kelley was a notorious forger, mystic and alchemist who was familiar with Cardan grilles. Some experts on the Voynich manuscript have long suspected that Kelley was the author. My undergraduate student Laura Aylward is currently investigating whether more complex statistical features of the manuscript can be reproduced using the Cardan grille technique. Answering this question will require producing large amounts of text using different table and grille layouts, so we are writing software to automate the method. This study yielded valuable insights into the process of reexamining difficult problems to determine whether any possible solutions have been overlooked. A good example of such a problem is the question of what causes Alzheimer's disease. We plan to examine whether our approach could be used to reevaluate previous research into this brain disorder. Our questions will include: Have the investigators neglected any field of relevant expertise? Have the key assumptions been tested sufficiently? And are there subtle misunderstandings between the different disciplines that are involved in this work? If we can use this process to help Alzheimer's researchers find promising new directions, then a medieval manuscript that looks like an alchemist's handbook may actually prove to be a boon to modern medicine. GORDON RUGG became interested in the Voynich manuscript about four years ago. At first he viewed it as merely an intriguing puzzle, but later he saw it as a test case for reexamining complex problems. He earned his Ph.D. in psychology at the University of Reading in 1987. Now a senior lecturer in the School of Computing and Mathematics at Keele University in England, Rugg is editor in chief of Expert Systems: The International Journal of Knowledge Engineering and Neural Networks. His research interests include the nature of expertise and the modeling of information, knowledge and beliefs. ) 1996-2004 Scientific American, Inc. All rights reserved. Reproduction in whole or in part without permission is prohibited. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From justin-cypherpunks at soze.net Sun Jun 27 17:18:47 2004 From: justin-cypherpunks at soze.net (Justin) Date: Mon, 28 Jun 2004 00:18:47 +0000 Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: <20040627182316.S3017@ubzr.zsa.bet> References: <20040627182316.S3017@ubzr.zsa.bet> Message-ID: <20040628001847.GA13736@arion.soze.net> On 2004-06-27T18:26:05-0500, J.A. Terranson wrote: > On Sun, 27 Jun 2004, R. A. Hettinga wrote: > > > All because you don't want to "throw away your vote" -- and register your > > disapproval with that state of affairs -- by voting for a guy who would > > make you feel decent and clean. > > In *any* election other than the one we face this November, I would agree > with this 100%. But this time, I just can't. I fear the re-appointment > of Bush more than any other political event. That the author of this is > willing to overlook that he is knowingly helping to keep Bush in office, > trampling those rights he claims to so cherish, totally negates his > argument. But your vote will never make a difference in a presidential election. No such election has ever turned on one vote in any state, and it's not likely to. Trying to convince everyone to vote for Kerry is your prerogative, but if _you_ vote for Kerry in November while believing Badnarik is the best choice, you are wasting your vote. When it comes down to you and the ballot, vote your conscience. There's no quantum entanglement between your ballot and anyone else's. Obviously you may already believe all that and you may be agitating for Kerry precisely for those reasons. However, I don't like either Kerry or Bush so I have no problem explaining why you're stated position is wrong. -- "Once you knew, you'd claim her, and I didn't want that." "Not your decision to make." "Yes, but it's the right decision, and I made it for my daughter. She deserved to be born with a clean slate." - Beatrix; Bill; Kill Bill V.2 From bill.stewart at pobox.com Mon Jun 28 00:25:02 2004 From: bill.stewart at pobox.com (Bill Stewart) Date: Mon, 28 Jun 2004 00:25:02 -0700 Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: <20040627193435.C3017@ubzr.zsa.bet> References: <20040627182316.S3017@ubzr.zsa.bet> <20040628000947.GB12584@cybershamanix.com> <20040627193435.C3017@ubzr.zsa.bet> Message-ID: <6.0.3.0.0.20040628001048.0414f238@pop.idiom.com> > Bush is so evil I'll have to vote for the lesser evil I felt that way about Reagan in 1984, and the Libertarians were too disorganized to convince me otherwise. Too bad the Democrats couldn't find a better candidate than Mondale. My vote didn't change that landslide any, but it seems to have helped the Democrats come up with a strategy for 1988, which was to find the lamest available candidate and run against someone other than Reagan, but voting for Dukakis seemed to be throwing away my vote compared to voting for Ron Paul. Fortunately, California will presumably be voting solidly Democrat, though they'll probably still be using untrustable computerized voting machines which only Republicans know how to steal instead of the traditional Democrat-friendly versions. At 05:38 PM 6/27/2004, J.A. Terranson wrote: >On Sun, 27 Jun 2004, Harmon Seaver wrote: > > My feeling is that Kerry won't be really any different, > >Accepted. Kerry is possibly the single worst candidate the dems had to >offer - and I don't think it's any accident that he made it through. >Nevertheless, I'll take the evil untested over the evil well known and >thoroughly despised at this point. I'd say Jonathan Edwards was marginally worse, but he'll probably be the VP candidate. Howard Dean threatened to turn the Democrats back into an actual political party again, so the Democrats, Republicans, and so-called liberal pro-establishment press made sure to stomp on him (and if that didn't look well-coordinated, you weren't paying attention.) Joe Lieberman was the best Republican running, but he's out too. But yeah, Kerry's best feature is that he's mostly evil on his own, rather than Bush who had his father's old cronies pushing him, who are frankly a lot more creatively evil than Kerry or Bush. Also, while I don't understand the reality distortion effect that makes Republicans and conservatives believe everything Bush says deep down in their reptile brains even when their eyes are telling them something different, I don't think Kerry has it, and that's a Good Thing. From justin-cypherpunks at soze.net Sun Jun 27 17:31:37 2004 From: justin-cypherpunks at soze.net (Justin) Date: Mon, 28 Jun 2004 00:31:37 +0000 Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: References: Message-ID: <20040628003137.GB13736@arion.soze.net> On 2004-06-27T17:53:05-0400, R. A. Hettinga wrote: > > > I will vote for a candidate who -- if he had his way -- would [...] > pull us out of the deadly, illegal and unconstitutional war in Iraq; > and put the U.S. military back to work tracking down the real culprits > of Sept. 11. Just because it's a "deadly" (what war isn't?) and "illegal" (Bush's lawyers would take issue with that) doesn't mean the proper course of action is to leave. Right or wrong, we created this mess. We now bear some responsibility for cleaning it up. Once everything is cleaned up, he's right: we should leave immediately. Have we yet fixed the pipelines that "terrorists" have blown up because of our presence in Iraq? > "At which point, if we can find them, you think it would be OK to just > kill them?" I asked the candidate last week. > > "Sure," Badnarik said. > > Sounds about right to me. For some strange value of "real culprits," perhaps. 19 of the "real culprits" are already dead, and who knows how many with some knowledge of the attacks are already in prison. From what I've heard about the way the cells operated, Atta had primary control over the details of the plan. Osama just had to approve it. Osama probably deserves to die for his role in various attacks, but is he a "real culprit" of 9/11? -- "Once you knew, you'd claim her, and I didn't want that." "Not your decision to make." "Yes, but it's the right decision, and I made it for my daughter." - Beatrix; Bill ...Kill Bill Vol. 2 From darke at indigo.net.au Sun Jun 27 16:06:35 2004 From: darke at indigo.net.au (Padraig MacIain) Date: Mon, 28 Jun 2004 07:06:35 +0800 Subject: My name is Jyyneh Do'ughh In-Reply-To: <40DE575C.79EF71ED@cdc.gov> References: <40DE575C.79EF71ED@cdc.gov> Message-ID: <20040627230635.GJ23576@ishtar.mbox.com.au> On Sat, Jun 26, 2004 at 10:13:00PM -0700, Major Variola (ret) wrote: > > Gaelic looks like 7-ASCII-bit line noise to me. A Gaelic name could be > created > which clueless fascists would assume the spelling of, but the > correct spelling would be fairly far (in some linguistic Hamming metric) > > from the assumed spelling. How do you spell John Smith in Gaelic? > > Just a thought. In G`idhlig (Scottish Gaelic) it'd be at least starting as 'Iain' (which is the Gaelized John). -- P`draig MacIain. From hseaver at cybershamanix.com Mon Jun 28 05:18:59 2004 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Mon, 28 Jun 2004 07:18:59 -0500 Subject: Shuffling to the sound of the Morlocks' dinner bell In-Reply-To: <6.0.3.0.0.20040628001048.0414f238@pop.idiom.com> References: <20040627182316.S3017@ubzr.zsa.bet> <20040628000947.GB12584@cybershamanix.com> <20040627193435.C3017@ubzr.zsa.bet> <6.0.3.0.0.20040628001048.0414f238@pop.idiom.com> Message-ID: <20040628121859.GA13201@cybershamanix.com> On Mon, Jun 28, 2004 at 12:25:02AM -0700, Bill Stewart wrote: (snip) > Howard Dean threatened to turn the Democrats back into an > actual political party again, so the Democrats, Republicans, > and so-called liberal pro-establishment press made sure to > stomp on him (and if that didn't look well-coordinated, > you weren't paying attention.) John Stauber spoke at the Midwest Renewable Energy Fair this last Solstice weekend, and talked a good bit about the myth of "liberal media" -- there is none. At least not in the corporate media world, and not even at NPR. He had a pretty good rant. http://www.prwatch.org/ So did Amy Goodman of Democracy Now. http://democracynow.org/ -- Harmon Seaver CyberShamanix http://www.cybershamanix.com Hoka hey! From rah at shipwright.com Mon Jun 28 06:55:54 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 28 Jun 2004 09:55:54 -0400 Subject: Cryptography Research's Nate Lawson to Speak at USENIX '04 Message-ID: Yahoo! Finance Press Release Source: Cryptography Research, Inc. Cryptography Research's Nate Lawson to Speak at USENIX '04 Monday June 28, 9:05 am ET Presents Lessons Learned in Secure Storage for Digital Cinema SAN FRANCISCO, June 28 /PRNewswire/ -- Digital cinema transforms the protection and physical transport of film cans into an outsourced storage security problem, but security expert Nate Lawson believes that conventional IT solutions are not up to the task. Lawson, senior security engineer at Cryptography Research, Inc., has used open source software to rapidly prototype digital cinema storage solutions and will offer advice on how to maintain security throughout the entire cinema life cycle, from filming and production to projection, at the USENIX '04 Annual Technical Conference. ADVERTISEMENT Lawson's presentation, "Building a Secure Digital Cinema Server Using FreeBSD," is scheduled for 3:30 p.m. on Tuesday, June 29 in the Boston Marriott Copley Place Hotel. "Traditional storage security solutions are designed to operate within a data center under the data owner's physical management and control, but in digital cinema, the data representing the film passes through multiple parties with different incentives and levels of security," said Lawson. "While encryption is important, it is not sufficient to ensure data integrity or provide the evidence needed to ensure accountability and mitigate leaks at critical junctures in film production and distribution." According to Lawson, the projection booth at the local cinema is rapidly taking on many of the aspects of a traditional IT data center, with racks of computers and storage devices, high-bandwidth LANs and SANs, and other equipment. Digital cinema is still in an embryonic stage, with about 90 digital cinema-ready theaters across the U.S. Lawson's talk will present new criteria for evaluating storage security solutions, from disk encryption or file system encryption to other storage security products, and show how open source software supported the rapid development of a prototype digital cinema server in a proprietary environment. Lawson will also discuss the importance of standardization efforts, including the Digital Cinema Initiative. Nate Lawson, senior security engineer at Cryptography Research, is focused on the design and analysis of platform and network security. Previously, he was the original developer of ISS RealSecure and various products for digital cinema, storage security, network mapping, and IPSEC. Nate has evaluated cryptographic systems for FIPS 140 and other secure standards. He is a FreeBSD developer in his spare time, contributing a SCSI target driver and working on ACPI and CAM. Nate holds a B.S. computer science degree from Cal Poly and is a member of USENIX and SMPTE. USENIX, the Advanced Computing Systems Association, supports and disseminates practical research, provides a neutral forum for discussion of technical issues and encourages computing outreach into the community at large. USENIX conferences have become essential meeting grounds for the presentation and discussion of advanced developments in all aspects of computing systems. About Cryptography Research, Inc. Cryptography Research, Inc. provides consulting services and technology to solve complex security problems. In addition to security evaluation and applied engineering work, CRI is actively involved in long-term research in areas including tamper resistance, content protection, network security, and financial services. This year, security systems designed by Cryptography Research engineers will protect more than $60 billion of commerce for wireless, telecommunications, financial, digital television, and Internet industries. For additional information or to arrange a consultation with a member of our technical staff, please contact Jennifer Craft at 415-397-0329 or visit www.cryptography.com. Source: Cryptography Research, Inc. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rsw at jfet.org Mon Jun 28 07:56:14 2004 From: rsw at jfet.org (Riad S. Wahby) Date: Mon, 28 Jun 2004 09:56:14 -0500 Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <233c689af9d86095ecb2aca69d96e34f@dizum.com> References: <233c689af9d86095ecb2aca69d96e34f@dizum.com> Message-ID: <20040628145614.GA3602@jfet.org> Nomen Nescio wrote: > There is no such thing as a GPS frequency. Well, clearly there's the frequency on which the satellites broadcast (~1500MHz). I think his point was that to jam the GPS you've got to put out RF energy on the appropriate frequency, which would then be traceable to you. Of course, you can do a bit better by using the external antenna jack and feeding the signal straight into the phone. Make sure in this case that you're using low enough power that you don't blow up the front end. -- Riad S. Wahby rsw at jfet.org From rah at shipwright.com Mon Jun 28 06:56:47 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 28 Jun 2004 09:56:47 -0400 Subject: Senate OKs antipiracy plan Message-ID: CNET News http://www.news.com/ Senate OKs antipiracy plan By Declan McCullagh Staff Writer, CNET News.com http://news.com.com/2100-1027-5248333.html Story last modified June 25, 2004, 2:09 PM PDT The U.S. Senate on Friday overwhelmingly approved a controversial proposal that would let federal prosecutors file civil lawsuits against suspected copyright infringers, with fines reaching tens or even hundreds of thousands of dollars. The so-called Pirate Act has raised alarms among copyright lawyers and lobbyists for peer-to-peer companies, who have been eyeing the recording industry's lawsuits against thousands of peer-to-peer users with trepidation. They worry that the Department of Justice could be even more ambitious. Senate leaders scheduled Friday's vote under a procedure that required the unanimous consent of all members present. Now the Pirate Act, along with a related bill that criminalizes using camcorders in movie theaters, will be forwarded to the House of Representatives for approval. "These acts will provide federal prosecutors with the flexibility and discretion to bring copyright infringement cases that best correspond to the nature of the crime and will assure that valuable works that are pirated before their public release date are protected," said Mitch Bainwol, chairman of the Recording Industry Association of America. Counting a new round of lawsuits filed this week, the RIAA has sued 3,429 people so far. Friday's unanimous vote represents a key legislative victory for the entertainment industry, which has been lobbying fiercely for ways to halt the ever-growing popularity of file-swapping networks. Their reasoning: If civil lawsuits brought by the music industry haven't been enough of a deterrence, perhaps federal suits brought by the Justice Department will be. One influential backer of the Pirate Act has been urging an avalanche of civil suits. "Tens of thousands of continuing civil enforcement actions might be needed to generate the necessary deterrence," Sen. Orrin Hatch, a Utah Republican, said when announcing his support for the bill. "I doubt that any nongovernmental organization has the resources or moral authority to pursue such a campaign." "This turns the Department of Justice into a civil law firm for the industry's benefit," said Adam Eisgrau, the executive director of P2P United. Its members include BearShare, Blubster, Grokster, Morpehus and eDonkey. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Mon Jun 28 06:57:13 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 28 Jun 2004 09:57:13 -0400 Subject: Senate Passes Two Measures To Combat Piracy on the Web Message-ID: The Wall Street Journal June 28, 2004 E-COMMERCE/MEDIA Senate Passes Two Measures To Combat Piracy on the Web By NICK WINGFIELD Staff Reporter of THE WALL STREET JOURNAL June 28, 2004; Page B3 The Senate passed two pieces of legislation designed to help crack down on individuals who trade pirated music and other material over the Internet. But another Senate proposal is causing a growing uproar among technology companies, which are afraid it could stifle innovation and make devices such as Apple Computer Inc.'s iPod a possible target of entertainment-industry lawsuits. The Senate on Friday passed the Protecting Intellectual Rights Against Theft and Expropriation, or Pirate, Act, introduced by Senators Patrick Leahy and Orrin Hatch, under which the Department of Justice will be able to bring civil copyright-infringement cases against people who download unauthorized copies of music, movies and other works using Internet file-sharing programs such as Kazaa. Under current law, the Justice Department can bring only criminal prosecutions, making copyright-infringement cases more difficult to prove in court. The Senate on Friday also passed a bill introduced by Sens. John Cornyn (R., Texas) and Dianne Feinstein (D., Calif.) that would increase penalties for distributing pre-release copyrighted works and create a federal law against use of camcorders in movie theaters. Comparable bills still need to be passed by the House of Representatives. While the bills were praised by the entertainment industry and criticized by technology-advocacy groups, the greatest controversy stemmed from a proposal introduced in the Senate Judiciary Committee last week by Sen. Hatch (R., Utah), called the Inducing Infringement of Copyrights Act. The bill, co-sponsored by a powerful bipartisan group including Senators Bill Frist (R., Tenn.), Tom Daschle (D., S.D.) and Barbara Boxer (D., Calif.), would allow entertainment companies to bring lawsuits against any company that "intentionally induces" individuals to violate copyrights by making unauthorized copies of songs, movies and other works. High-tech companies have often been at loggerheads with legislation backed by the entertainment industry, but the latest proposal seems to have struck an especially sensitive nerve in the tech world. The fear: that the proposal could effectively invalidate a key 1984 Supreme Court ruling in a lawsuit between Sony Corp. and the movie industry over the video cassette recorder. The ruling protected the VCR, which allowed users to make bootleg copies of movies, because it also had "substantial noninfringing uses." Critics of the Hatch proposal say it could go far beyond penalizing the file-sharing programs that allow users to swap music and movies. Indeed, they said, it could make targets of manufacturers of DVD and CD recorders, personal computers and other hardware. "We are concerned it will have an immediate chilling effect on the introduction of new technologies," says Jeff Joseph, a spokesman for the Consumer Electronics Association. Cindy Cohn, an attorney for the Electronic Frontier Foundation, an online civil-liberties group, said that under the Hatch proposal it could be argued, for instance, that the huge song storage capacity of Apple's iPod audio player induces copyright violations since it enhances the appeal of file-sharing programs and the piracy therein. Similarly, Toshiba Corp., maker of the iPod's hard drive, and CNET Networks Inc., which has explained how to use music on the iPod, might be considered inducers, the EFF said. Supporters of the bill insisted that such examples are unrealistic and that the proposal is aimed at a more a narrow group of companies, such as makers of file-sharing programs. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From sunder at sunder.net Mon Jun 28 08:37:52 2004 From: sunder at sunder.net (Sunder) Date: Mon, 28 Jun 2004 11:37:52 -0400 (edt) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040628003716.GA21005@jfet.org> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040627105610.GK12847@leitl.org> <20040627151555.GA10799@jfet.org> <20040627192806.GD6973@acm.jhu.edu> <20040628003716.GA21005@jfet.org> Message-ID: One phone I'd like to recommend against is the SideKick. I've no idea if it's got a GPS receiver or not - likely it doesn't need one since it's GPRS and can use tower timing as discussed before. I'm recommending against it, because while I love the phone and its features, it's too big brotherish. Example: if you write an email while it's out of range of a cell tower, and hit send, it will store the email into the Send folder. If you then try to delete that email from the Send folder it will give you an error saying "I can't do this right now because I need to first synchronize with the server." Which means even emails you want to erase will be first sent to the server! It does have an ssh client, a web browser, and an AIM client, but I use these with caution, especially the SSH client. It's also got a USB 2.0 plug and an IR transceiver, but I've not been able to make any use of either, nor seen any options to enable/disable them. For all I know the IRDA could always on and will talk to anyone, etc. You don't "own" anything on this phone despite the appearance to the contrary. I was also considering Palm phones, but Palm OS is piss poor at memory protection so any application can clobber/read/spy on any other, so if there's spyware in the code that talks to cell towers, you're at its mercy, and it can read anything you've got in it. From rah at shipwright.com Mon Jun 28 08:47:19 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 28 Jun 2004 11:47:19 -0400 Subject: And now, USA Today Presents a Word from Horseman #2 Message-ID: USA Today Internet's many layers give terrorists room to post, then hide Terrorists are increasingly using the Internet to spread shocking images and state their demands. In the past month, video and photos of the beheadings of American Paul Johnson Jr. and South Korean Kim Sun Il were posted on Web sites sympathetic to Islamic terrorists. Last week, a Saudi Web site posted a statement from alleged terrorist leader Abu Musab al-Zarqawi claiming responsibility for attacks across Iraq. Weimann says the Web offers terrorists "anonymity, easy access ... and the ability to disappear." By Stephen J. Boitano, AP The sites are often shut down by the governments of the countries in which they're based, but new ones quickly appear. USA TODAY's Mark Memmott talked with an expert on terrorists' use of the Internet, Gabriel Weimann, a senior fellow at the federally funded U.S. Institute of Peace. Their conversation has been edited for length and clarity. Q: Can't terrorists be caught by tracing who posts their messages? A: You can track it. ... The question is, how deep can you go and how far can you go? Let me explain the layers. ... The first layer will be to look at the Web site and see the address. With the address, you can track the server (host computer) that is used - you can see where the Web site is based. That can be done in seconds. It's not a problem. ... That is being done by security agencies and counterterrorism forces all over the world. Q: What's the next layer? A: To know where the message or the video or the announcement or the picture or whatever was sent from. ... If I try to post something on a Web site, I'm using a server, too. There are two servers connected: the server that I'm using and the server that posts it on your Web site. Q: Sounds simple to trace. A: But there are many options. You can access different servers from different domains, which are public. It can be a university library. You go to a public library or a university library or an Internet cafe. Q: So, physically, there's little evidence to find if investigators get to that library or cafe? A: Now we're getting to the third level: the user. Let's say that I find the server that you used. I still didn't get to the individual user. I can say, 'This was sent from a computer in Jakarta' ... or from wherever. It was in a library or a computer network. ... But the user may disappear seconds after posting the message. Usually they do. So the deeper you go, the harder it is to find the user. This is one of the most important advantages of the Internet for terrorists. Anonymity, easy access, free access and the ability to disappear. Q: And if the person who sat at the computer and sent the video out is ever found, who is he likely to be? A: The guy who's posting the messages for the terrorists, or doing the downloading, is like the smallest of actors in the theater. You won't find the scriptwriters. I'm sure modern terrorists are quite aware of the possibility to track them down. So the chains (in their organizations) will be very long, and probably nobody knows who's the third link from him. Q: How do you, and investigators, monitor terrorists' use of the Web? A: It takes time. ... Al-Qaeda right now is moving among 50 different Web addresses. ... You have to follow the psychology of terrorists, the publicity-seeking mind of terrorists. They want you to find (information they put on the Web). They want people who are supporters or potential supporters, and journalists, to find them. To do so they have to publicize the new (Web addresses). They will go into Internet chat rooms and notify people. Q: So you monitor the chat rooms, watching for messages? A: We call it lurking. You sit quietly in a chat room. You do nothing. Just join it and sit quietly in the dark. This is what I do and what my research assistants are doing. You find very important information. (Relevant chat rooms can be found, for example, by performing a Google "groups" search using key words such as al-Qaeda or jihad.) Q: What are the messages like? A: Someone might ask, "Where can I find video of a Chechen slitting the throat of a Russian?" A few lines later, someone will answer, "Go to this Web site, and you'll see it." Q: People are looking for such things, then? A: Yes, and now we're coming to the speed at which things move. Once (terrorists' messages or video) appears somewhere, especially after an execution or dramatic event, within seconds it will be diffused and posted on other Web sites. You can find it within seconds all over the Internet. Even the beheading of Mr. Johnson. It was posted first on an Arab (Web) forum in England. But within seconds, it was also posted on American servers and American Web sites and then worldwide. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From measl at mfn.org Mon Jun 28 10:28:48 2004 From: measl at mfn.org (J.A. Terranson) Date: Mon, 28 Jun 2004 12:28:48 -0500 (CDT) Subject: And now, USA Today Presents a Word from Horseman #2 In-Reply-To: References: Message-ID: <20040628122326.R4702@ubzr.zsa.bet> On Mon, 28 Jun 2004, R. A. Hettinga wrote: > Q: Can't terrorists be caught by tracing who posts their messages? > > A: You can track it. ... The question is, how deep can you go and how far > can you go? Let me explain the layers. ... The first layer will be to look > at the Web site and see the address. With the address, you can track the > server (host computer) that is used - you can see where the Web site is > based. Hrmmmm... Never heard of anycast I see... > A: Someone might ask, "Where can I find video of a Chechen slitting the > throat of a Russian?" A few lines later, someone will answer, "Go to this > Web site, and you'll see it." > > Q: People are looking for such things, then? Yeah. Even though this damn video is 4 years old, has made it through Stile Project, Ogrish, etc., there are still newbies who can't find their internet shoelaces. This, of course, makes them potential terrorists (for asking in the wrong place at the wrong time). > A: Yes, and now we're coming to the speed at which things move. Once > (terrorists' messages or video) appears somewhere, especially after an > execution or dramatic event, within seconds it will be diffused and posted > on other Web sites. You can find it within seconds all over the Internet. > Even the beheading of Mr. Johnson. It was posted first on an Arab (Web) > forum in England. But within seconds, it was also posted on American > servers and American Web sites and then worldwide. Survivability baby! Lock, load, and jack in!! -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From nobody at dizum.com Mon Jun 28 07:20:06 2004 From: nobody at dizum.com (Nomen Nescio) Date: Mon, 28 Jun 2004 16:20:06 +0200 (CEST) Subject: Type III Anonymous message Message-ID: <233c689af9d86095ecb2aca69d96e34f@dizum.com> -----BEGIN TYPE III ANONYMOUS MESSAGE----- Message-type: plaintext From mv at cdc.gov Mon Jun 28 18:40:17 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 28 Jun 2004 18:40:17 -0700 Subject: Silicon carbide in the machine Message-ID: <40E0C881.314331E5@cdc.gov> At 04:20 PM 6/28/04 +0200, Nomen Nescio wrote: >From: a.melon@ >Major Variola (ret) (mv at cdc.gov) wrote on 2004-06-27: >> Any signal you put out is trackable to you geographically, whether its >> a cell or GPS frequency. > >A GPS receiver doesn't broadcast its location. GPS works purely by >analyzing the signals received from satellites. This is probably a design >goal for military use, as well as a consequence of power requirements. Yes. But a jammer will draw a Hellfire. >There is no such thing as a GPS frequency. I beg to differ, there are (perhaps >1) RF freq assigned to the Constellation. It seems that for CDMA or >WCDMA phones the location service is defined in terms of messages on the >normal network layer, see a Google search for "position determination service >order". Yes its cheaper and allowed (for now) to triangulate (to what, 100m?) using physics; but GPS will become cheaper and cheaper. From rah at shipwright.com Mon Jun 28 15:54:38 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 28 Jun 2004 18:54:38 -0400 Subject: GeoEcon: Fahrenheit 9/11 -- Sticking the Motorcycle's Irony Gauge Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fahrenheit 9/11 -- Sticking the Motorcycle's Irony Guage The Geodesic Economy Robert Hettinga 6/28/04 Roslindale, MA -- I went to see Fahrenheit 9/11 last weekend -- after extensive promises of good behavior beforehand -- with my wife, who is, as most people know by now, a very liberal Democrat. As a congenital Republican, of course, I felt like a Jew going to see Leni Riefenstahl's "Triumph of the Will", but, like a Jew going to "Triumph", or Churchill reading "Mein Kampf", or Reagan and Thatcher reading "Das Kapital", I suppose I went there in the spirit of knowing one's enemies, like Sun Tsu says. Knowing most of the scene-by-scene refutations long before I saw them on the screen, the movie quickly became a stupor of anti-climacticism as the usual chestnuts reeled by: Saddam a creature of the CIA, the Bushes creatures of the Awl Bidness and the Saudis. War for Oil, House of Saudi-Bush, and the Afghan Pipeline, oh my... I kept looking for new stuff, but, in requiem for my ability to suspend disbelief, there was nothing there that I hadn't seen on Free Republic, much less on the cypherpunks list, many times before. Michael Moore does make a great buffoon, obviously, or they wouldn't give him money to make his otherwise obtuse epics. Reprising the usual troll through his union-and-government-"program"-decimated -- and, for him, fictional -- "hometown" of Flint, MI, cataloging the evils of capitalism on same, same as it ever was, just didn't do it for me the third time around after "Roger and Me", and "Bowling for Columbine". It's probably why we didn't get so much Mike-jinks in front of the camera this time either. Even in his own editing-room, Michael surely can see himself that he's just not funny anymore, a bit of an old hat, or, in his case, an old UCLA Film School gimmie cap. However, I must say his ritual cinematic abuse of a "conservative democrat" welfare queen turned "job outreach worker" turned fobber-of-one's-firstborn-son's-upbringing-onto-the-Army turned grieving war-mother was considerably above par for his propagandistic oeuvre, and he's to be commended for upping his game so considerably in light of his lofty target. Speaking of which, who's next, one wonders? First a hack Auto-Bureaucrat in the form of Roger Smith, then a pre-Alzheimer Moses-Clutching-a-Brown-Bess in the form of Charleton Heston, now an Andover-Softball-Commissioner stealth-Bonesman fighter-pilot MBA turned aw-shucks Nuke-ular President in the form of George not-Herbert Walker Bush. Should we expect an attack on the Pope next, if he's still alive? Thatcher? Or, better, after they both go, how about a post-mortem Marxist trifecta of John-Paul, Thatcher, and Reagan? I can't wait for the resulting -- with apologies to Limbaugh - -- Moore-Gorebasm: "See, it really *was* Mikhail Gorbachev that ended the Cold War..." Restrained mirth, indeed. Don't bring that Cherry Icee into the theater and plan to drink it there on peril of your sinuses, is all I have to say. Seeing the discussion about this movie and the forthcoming election on the cypherpunks list and elsewhere reminds me of something that occurred to me during the 2000 Florida recount: it's as if, like all political/economic schema, crypto-anarchy, anarchocapitalism, whatever we end up calling it, requires a certain energy state (higher or lower, again-whatever) than existed in its once-and-future status quo ante. In the inverse of the way that gravity overcomes degenerate electron pressure to collapse atoms and molecules into the neutronium of a neutron star, or degenerate neutron pressure is overcome to collapse very atoms themselves into a black hole, when something in the "real" world shows us just how far from our goal of freedom from government we really are, we all get dragged back to our previous political states, grasping for what we used to believe, like a bunch of deathbed-reconverted ex-atheists. I figure if monopolies on force weren't possible, and the state wasn't our sole-source war contractor, then, by very definition, nation-states would hold the same role that religion, or aristocracy, or sports teams or, of course, movie-stars, do today -- a rooting interest, and nothing more. Fix the cause, inefficient markets and excessive transaction cost, and whatever undesired effects, like uninitiated force by kleptocracies, theocracies, whatever, will stop. To be replaced, preferably, by the use of force in free markets, at probably lower gross "transaction costs" in violence, since it costs less to buy in fact. Violence is conserved, it always is, but it would be spread out into more, less violent, events, most of them, hopefully, financial instead of physical. Take your fight to the market, boys, or you'll *really* piss us off, and all that. However, in the short term, I'm *very* realistic. In other words, the state *still* owns the roads. :-). Since someone came over here and proved that they can kill me, personally, because of who I am, and what I believe, because of what I have that they don't have -- or, in the case of freedom, apparently, what I have that they don't even appear to want -- they, frankly, deserve to die before I do. If that means hiring a bunch of volunteers to go over and kill them in their beds before they try to kill me in mine, cool. The fact that those volunteers are paid for with money extorted from me at the point of a gun is just a happy coincidence, since most of that extorted money gets used for stuff I could really give a damn about otherwise. Which brings us to Mr. Moore himself. He is, as most people probably know, not really from his putative "home town" of Flint. He's actually from Davison, a richer, lily-white bedroom suburb, raised as "petit-bourgeois" as they come, and raised, go figure, just like most "liberal"/commies have been through the ages, from Lenin to Mao, from Guevara to Castro. I'm sure he fancies himself quite the revolutionary, now, having gone from one-man "alternative" newspaper publisher/editor/reporter/ad-salesman to Cannes Palm d'Or presumptive deca-millionaire in less than two decades. I agree with the idea that most people have already made up their minds even this early, and they aren't going to change their vote because of a so-called "documentary". However, as for Mr. Moore's intended audience, I think the first "coming attractions" trailer that morning in the movie theater said it all. It was for a movie version of, wait for it now... Che Guevara's "Motorcycle Diaries" . So, there I was, in yet another lily-white suburb, Randolph, Massachusetts, in a stadium-seating megaplex, watching this trailer with more than a few erst-and-proto "revolutionaries" of the Moore stripe, all of us, revolutionary or not, watching this trailer for a sort of Young-Hero-of-the-Revolution-Before-the-Revolution crypto-homo-erotic biopic, the red-diaper-baby of all Road Pictures, all of us with straight faces, as if it were just an ordinary movie trailer. White titles on, I kid you not, comrade, red background, and all. Okay, truth be told, *I* had the most evil grin on *my* face, my mirth being severely constrained from actual outright laughter by the aforementioned promise to my wife about remaining, uh, decorous. And yet, and yet, I *do* consider it a measure of progress that as late as a few years ago, in lily-white, yes, liberal, Randolph, Massachusetts, that trailer might have even gotten a smattering of *cheers* from the odd true believer out there. Maybe they aren't cheering for the revolution this time, because, game-faced, they hated Bush so much, but I'd rather err on the side of common sense, even in Massachusetts, and think that actual, uncut, explicit Marxism isn't fun, much less funny, anymore. Or so one would hope. So, invoking the spirit of cypherpunks gone on to other things, and probably over their objection in light of my congenital political belief anyway, I actually *do* hope Moore & Co. make a *pile* of money on this. The motorcycle's irony gauge will get stuck on "full", and us "Republican" anarcho-capitalists will have a good laugh at the stupendous concatenation of idiocy it represents, what a brave new world it is to have such statist monsters in it, and all that. The only thing that would make me laugh harder, of course, would be if Kerry gets elected because of Moore's logico-cinematic prestidigitation at political three-card monte, further declaring itself some kind of "Uncle Mike's Cabin" in leftist self-congratulation thereof. Then, at least, the "Republican", if you will, anarcho-capitalists out there, like me, will go back to work for a change, after 4-plus years of inattention to the point of it all. No, better, thrall. Thrall to the fact that, thank God, Al Gore's not in charge right now, that we can still, so far, kick the living shit out of anybody who dares mess with our stuff, much less kill our friends and neighbors. Certainly our "Democrat" anarcho-capitalist bretheren haven't gotten much done, either, for all their Bush-hating. At least when a Democrat was president, even the "liberals" wanted to smash the state, in their own fashion, and actually worked on it. And even made money, for a while. So. Let's have a competition, shall we? The blind signature patent is almost defunct. Whatever we need, code-wise, is laying around on the floor to be used. We have *lots* of book-entry internet transaction systems to plug into as as depositories, reserves for issues of bearer certificates on the net. Kerry gets elected, Michael Moore gets all the credit, and starts on his Marxist trifecta of trash-movies. And, with a Democrat in charge, we've got at least four years of financial decontrol for ostensible enemies of the state, like say, hawala, because, of course, that would be racist, not to mention there'd be no way for the Chinese to pay the Democratic Party, otherwise. :-). First one to the most money wins. Ready, set... No? I thought not... Cheers, RAH - ------- -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQOCcK8PxH8jf3ohaEQJu3ACeOHP1fqembZi5WG412cDnHEsDvfwAn08y CwvcyvgOntaJUfB2qgCaH1eH =0EFe -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From shaddack at ns.arachne.cz Mon Jun 28 11:41:28 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Mon, 28 Jun 2004 20:41:28 +0200 (CEST) Subject: For Liars and Loafers, Cellphones Offer an Alibi In-Reply-To: <20040627003640.L3017@ubzr.zsa.bet> References: <40DE0238.CC42F118@cdc.gov> <20040626182544.W124@ubzr.zsa.bet> <0406270155130.0@somehost.domainz.com> <20040626230108.V3017@ubzr.zsa.bet> <0406270627060.0@somehost.domainz.com> <20040626234239.K3017@ubzr.zsa.bet> <0406270656590.0@somehost.domainz.com> <20040627003640.L3017@ubzr.zsa.bet> Message-ID: <0406282022180.0@somehost.domainz.com> On Sun, 27 Jun 2004, J.A. Terranson wrote: > > > Even if this is doable, it is out of reach of Jane Citizen. > > > > If a J. Random Hacker with the necessary capabilities is within her reach, > > the countermeasure is available to her regardless of her own tech skills. > > You assume that Jane's only problem is equipment procurement. Alas, > Jane's biggest problem has not changed much in the last 100 years: > knowledge. Jane doesn't know this is an issue that she might need help > with. We have a large unwitting helpmate: the Media. Their primary motivation is the eyeballs, the Nielsen ratings; which can be exploited for Spreading The Word. Technology, while difficult to understand for mere mortals, together with its handlers, has its appeal - not entirely dissimilar to witchcraft of the Medieval Times; see the popularity of the topic of computer security breaches between journalists. They will get it wrong. But Jane can be corrected; the important task for the Media is to make her aware about the possibility and get her to ask. At that stage, the incorrectness in the media reporting can be corrected. If Jane becomes aware about at least a subset of the possibilities, the Media did their job. > > With continuing outsourcing, there should be enough out of work engineers > > available who are sufficiently hungry to risk working for the underground > > market. > > I've wondered over the last several years why such a market has not been > more openly extant. This thought has occurred to me many times since the > last 70's - the stuff you want is available, but barely, even if "legal". It's not as wide as it should be. However, it's far from nonexistant; there are eg. alternative firmwares for DVD drives, with stripped zoning, firmwares for cellphones with removed operator lock, and many other goodies. I suppose the fundamental problem here is the lack of skilled-enough people, combined with closed technology; it's rather difficult to disassemble a program from binary, takes a lot of time and in many cases is impractical. Another problem is the technology the electronics is being manufactured now: everybody can work with 2.54mm DIL chips, not everybody can work with 0.125mm SMD chips, and only a selected few have access to technology necessary for BGA chips. :( This could be partially offset by some hypothetical new generation of visual disassemblers, showing code not as an endless stream of instructions but as a graphical representation of the execution flow, perhaps using some tricks from atomic-level visualisation of huge and complex biochemical structures, eg. proteins and intracellular structures. Another hope, closer and more realistic one, is in the emergence of smaller manufacturers, voluntarily opening their devices in the hope for market advantage (the Linksys box mentioned here may be a good example). The remaining problem is the hardware level. Hopefully somebody with enough skills and a good idea appears (or perhaps already appeared) and designs a way how to make work with the tiny chips easier for a garage workshop; there are trends along this direction already, I saw a mention of a reflow oven for SMD boards, made of a toaster. Never lose hope, and never stop doing things. If you can't solder, code. If you can't code cryptosystems, code tools. If you can't code at all, write articles and spread awareness. If you can't even write, talk with friends. If you don't have any suitable friends, at least read and learn yourself. Even an otherwise meaningless act may mean a lot if it comes at the "wrong" place and the "wrong" time. See the "Patriot Ants" approach I mentioned couple weeks ago in the Zombie Patriots thread. From mv at cdc.gov Mon Jun 28 21:18:08 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 28 Jun 2004 21:18:08 -0700 Subject: We're jamming, we hope you like jammin' too Message-ID: <40E0ED80.72157547@cdc.gov> At 05:51 AM 6/29/04 +0200, Thomas Shaddack wrote: >On Mon, 28 Jun 2004, Major Variola (ret) wrote: >> Yes. But a jammer will draw a Hellfire. > >A $50 jammer for a $500,000 missile. Sounds like a fair trade to me. ;) During the Yugo colonization, microwave ovens with their doorlocks disabled were used as spoof targets. >Which is good, because once the adversary starts relying exclusively on >GPS and lets the other monitoring systems decay, we have easier way to >"deny that service" from our handhelds. Physics is more difficult to cheat >than chips. Agreed, single points of failure are Allah's gift to mankind. From mv at cdc.gov Mon Jun 28 21:20:58 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 28 Jun 2004 21:20:58 -0700 Subject: [Politech] Privacy Villain: No-fly stonewallers at FBI, TSA [priv] Message-ID: <40E0EE2A.909694D7@cdc.gov> At 01:44 PM 6/24/04 -0400, Declan McCullagh wrote: >Subject: [NCCP] Privacy Villain: No-fly stonewallers >Date: Fri, 18 Jun 2004 16:59:12 -0400 >From: J Plummer > > >Privacy Hero of the Week: >No-fly stonewallers > >By James Plummer > >US District Court Judge Charles Breyer for Northern California ruled this >week that the FBI and the Transportation Security Agency have been >illegally stonewalling Freedom of Information Act requests by travelers >demanding details on the so-called "no-fly" list which grounded them. > > >The action was brought by two antiwar activists and journalists who were >detained at San Francisco International Airport because their names were on >the list. Rebecca Gordon and Janet Adams demanded information about the >list, including how many people are on it, and how travelers get added or >removed. > >Both agencies repeatedly claimed such information was classified and >"sensitive." Judge Breyer ruled such claims were "frivolous" and said the >government "has not come close" to meeting its legal obligations. Gordon, Adams, and Breyer are American Heroes. For the rest, I'll bring the rope. From mv at cdc.gov Mon Jun 28 21:26:10 2004 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 28 Jun 2004 21:26:10 -0700 Subject: your papers please Message-ID: <40E0EF62.5774763E@cdc.gov> >Date: Fri, 25 Jun 2004 01:23:43 -0400 >From: Declan McCullagh >To: politech at politechbot.com >Subject: [Politech] More on open letter to PFIR on "Whois" privacy [priv] >My own views, for what they're worth, are in a column here: >http://news.com.com/Privacy+reduction's+next+act/2010-1028_3-5155054.html > >An excerpt: >If you buy a domain name, current regulations created by the Internet >Corporation for Assigned Names and Numbers (ICANN) say you must make >public "accurate and reliable contact details and promptly correct and >update them during the term of the...registration, including: the full >name, postal address, e-mail address, voice telephone number, and fax >number." >Who wants to make that kind of personal information public for the >benefit of spammers, direct marketers and snoops? You shouldn't have to >publish your home address--and other personal details--to everyone in >the world just to own a domain name. And if you decide to lie by typing >in "1 Nowhere Road," I don't see why you should be punished for >attempting to protect your and your family's privacy. >There are plenty of legitimate reasons why domain name holders might >leave their address blank. [...] >These rights to anonymity are enshrined in the Bill of Rights, both in >the First Amendment, which guarantees freedom of speech, and in the >Ninth Amendment, which was intended to curb government's power. [...] > >-Declan D McC is right on the mark, as usual. D McC is a national treasure, in the Nip sense. You rape the constitution, we go for head shots. Any questions, punk? From shaddack at ns.arachne.cz Mon Jun 28 20:51:42 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Tue, 29 Jun 2004 05:51:42 +0200 (CEST) Subject: Silicon carbide in the machine In-Reply-To: <40E0C881.314331E5@cdc.gov> References: <40E0C881.314331E5@cdc.gov> Message-ID: <0406290547570.9562@somehost.domainz.com> On Mon, 28 Jun 2004, Major Variola (ret) wrote: > >A GPS receiver doesn't broadcast its location. GPS works purely by > >analyzing the signals received from satellites. This is probably a > >design goal for military use, as well as a consequence of power > >requirements. > > Yes. But a jammer will draw a Hellfire. A $50 jammer for a $500,000 missile. Sounds like a fair trade to me. ;) > >It seems that for CDMA or WCDMA phones the location service is defined > >in terms of messages on the normal network layer, see a Google search > >for "position determination service order". > > Yes its cheaper and allowed (for now) to triangulate (to what, 100m?) > using physics; but GPS will become cheaper and cheaper. Which is good, because once the adversary starts relying exclusively on GPS and lets the other monitoring systems decay, we have easier way to "deny that service" from our handhelds. Physics is more difficult to cheat than chips. From s.schear at comcast.net Tue Jun 29 07:53:47 2004 From: s.schear at comcast.net (Steve Schear) Date: Tue, 29 Jun 2004 07:53:47 -0700 Subject: my name is Doe, John Doe In-Reply-To: <20040623095319.GS12847@leitl.org> References: <20040623095319.GS12847@leitl.org> Message-ID: <6.0.1.1.0.20040629075152.04f4fee0@mail.comcast.net> After a hard day, I'm safe at home Foolin' with my baby on the telephone Out of nowhere somebody cuts in and Says, 'Hmm, you in some trouble boy, we know where you're been.' I'm out on the border I thought this was a private line Don't you tell me 'bout your law and order I'm try'n' to change this water to wine Never mind your name, just give us your number, mm Never mind your face, just show us your card, mm And we wanna know whose wing are you under You better step to the right or we can make it hard I'm stuck on the border All I wanted was some peace of mind Don't you tell me 'bout your law and order I'm try'n' to change this water to wine From "On the Boarder," The Eagles From eugen at leitl.org Tue Jun 29 01:08:48 2004 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 29 Jun 2004 10:08:48 +0200 Subject: Silicon carbide in the machine In-Reply-To: <0406290547570.9562@somehost.domainz.com> References: <40E0C881.314331E5@cdc.gov> <0406290547570.9562@somehost.domainz.com> Message-ID: <20040629080848.GX12847@leitl.org> On Tue, Jun 29, 2004 at 05:51:42AM +0200, Thomas Shaddack wrote: > > Yes. But a jammer will draw a Hellfire. A very local jammer won't. You underestimate how weak GPS signals are http://www.globallocate.com/resources_main.shtml > Which is good, because once the adversary starts relying exclusively on > GPS and lets the other monitoring systems decay, we have easier way to GPS will be obsolete in urban environments in less than a decade. Jamming UWB is much more difficult, since being local -- especially if the target doesn't cooperate (you don't know the PRNG state). And of course you can't send without revealing your position if location services are locked into the protocol. Use onion routing, then. > "deny that service" from our handhelds. Physics is more difficult to cheat > than chips. -- Eugen* Leitl leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature] From measl at mfn.org Tue Jun 29 09:42:32 2004 From: measl at mfn.org (J.A. Terranson) Date: Tue, 29 Jun 2004 11:42:32 -0500 (CDT) Subject: VeriSign service takes on spam In-Reply-To: References: Message-ID: <20040629114204.G4702@ubzr.zsa.bet> Oh, the irony! A spammer selling anti-spam services! //Alif On Tue, 29 Jun 2004, R. A. Hettinga wrote: > Date: Tue, 29 Jun 2004 11:56:28 -0400 > From: R. A. Hettinga > To: cryptography at metzdowd.com, cypherpunks at al-qaeda.net > Subject: VeriSign service takes on spam > > > ...A whitelist for my friends... > > Cheers, > RAH > ------- > > > > CNET News > > VeriSign service takes on spam > > By Dinesh C. Sharma > Special to CNET News.com > http://news.com.com/2100-7355-5250010.html > > Story last modified June 28, 2004, 8:11 AM PDT > > > VeriSign on Monday announced a new e-mail security service designed to stop > viruses and spam. > > The service uses custom blacklists, fingerprinting and heuristic tools, > which calculate the probability that a particular e-mail message is spam by > examining a pattern of characteristics in the message. VeriSign's heuristic > tools use more than 10,000 rules to determine whether a message is spam, > the company said. > > For blocking malicious mail, the service deploys three antivirus engines. > For policy enforcement, customers can use domain-level filtering to scan > inbound and outbound e-mail. And a disaster recovery feature allows for > automatic switchover to VeriSign's network to provide SMTP connections that > queue e-mail, if a company's e-mail server is not available. > > > The company has begun free trials of the service, which will be available > on July 12. Pricing details were not announced. > > VeriSign said it plans to add more functions, such as verification of > sender identity and domain authentication. Domain names of all incoming > mail will be checked against the company's list of verified domains. This > list will be made available free to antispam software and service providers. > > Although e-mail has become a critical tool for business communication, it > is often saddled with problems caused by spam, viruses and worms. > > Last week, malicious software infected some Web sites, redirecting > visitors to a Russian server that downloaded software onto surfers' > computers. Some have speculated that the purpose of this malicious plan was > spam distribution. Recently, IBM introduced a security management service > to help businesses stop viruses and spam before they enter their networks. > > "The introduction of this service will help enterprises restore the > productivity gains from e-mail communication that are now under threat from > spam and viruses," Judy Lin, executive vice president at VeriSign, said in > a statement. "With a service-oriented approach, enterprises can easily > obtain comprehensive e-mail protection in a matter of hours, without > deploying any software or hardware. This service will enable customers to > rely on VeriSign's highly available and scalable infrastructure for > mission-critical functions." > > > -- Yours, J.A. Terranson sysadmin at mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden From rah at shipwright.com Tue Jun 29 08:56:28 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 29 Jun 2004 11:56:28 -0400 Subject: VeriSign service takes on spam Message-ID: ...A whitelist for my friends... Cheers, RAH ------- CNET News VeriSign service takes on spam By Dinesh C. Sharma Special to CNET News.com http://news.com.com/2100-7355-5250010.html Story last modified June 28, 2004, 8:11 AM PDT VeriSign on Monday announced a new e-mail security service designed to stop viruses and spam. The service uses custom blacklists, fingerprinting and heuristic tools, which calculate the probability that a particular e-mail message is spam by examining a pattern of characteristics in the message. VeriSign's heuristic tools use more than 10,000 rules to determine whether a message is spam, the company said. For blocking malicious mail, the service deploys three antivirus engines. For policy enforcement, customers can use domain-level filtering to scan inbound and outbound e-mail. And a disaster recovery feature allows for automatic switchover to VeriSign's network to provide SMTP connections that queue e-mail, if a company's e-mail server is not available. The company has begun free trials of the service, which will be available on July 12. Pricing details were not announced. VeriSign said it plans to add more functions, such as verification of sender identity and domain authentication. Domain names of all incoming mail will be checked against the company's list of verified domains. This list will be made available free to antispam software and service providers. Although e-mail has become a critical tool for business communication, it is often saddled with problems caused by spam, viruses and worms. Last week, malicious software infected some Web sites, redirecting visitors to a Russian server that downloaded software onto surfers' computers. Some have speculated that the purpose of this malicious plan was spam distribution. Recently, IBM introduced a security management service to help businesses stop viruses and spam before they enter their networks. "The introduction of this service will help enterprises restore the productivity gains from e-mail communication that are now under threat from spam and viruses," Judy Lin, executive vice president at VeriSign, said in a statement. "With a service-oriented approach, enterprises can easily obtain comprehensive e-mail protection in a matter of hours, without deploying any software or hardware. This service will enable customers to rely on VeriSign's highly available and scalable infrastructure for mission-critical functions." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 29 08:58:06 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 29 Jun 2004 11:58:06 -0400 Subject: Privacy fears on welfare offensive Message-ID: Try not to laugh too hard, now, boys and girls... Cheers, RAH ------- Australian IT Privacy fears on welfare offensive Karen Dearne JUNE 29, 2004 THE crackdown on welfare cheats is hotting up as more federal police are assigned to help Centrelink track social security fraud identified by data matching. Centrelink gained access to AusTRAC's financial transactions database earlier this year and took on 46 specialists to deal with the increased cross-matching and analysis workload. Centrelink also does online matching with Australian Tax Office and Immigration Department databases. Justice Minister Chris Ellison and Children and Youth Affairs Minister Larry Anthony have agreed to more than double, from four to 10, the number of AFP agents posted to Centrelink's fraud investigation teams. They expect the move to result in 1200 extra investigations this year, rising to 3000 in 2006-07 with projected net savings of $60 million over four years. Centrelink's access to AusTRAC resources was aimed at cracking down on "high-end welfare cheats", they said. According to AusTRAC data, about 5 per cent of suspicious transaction reports concern social security fraud - about 400 cases a year. The Child Support Agency and the Department of Veterans' Affairs were also given access to AusTRAC data. "As techniques to perpetrate fraud against the social security system are becoming more sophisticated, the AFP and Centrelink are working more closely to put law enforcement one step ahead of criminals trying to defraud the system," Senator Ellison and Mr Anthony said. "Australia has a generous welfare system and the Government recognises that most people are honest. "However, there are always some people who take more than their share. "Taxpayers can rest assured that Centrelink and the Australian Federal Police (AFP) are making sure people are only paid their correct entitlement - no more, no less." The Australian Privacy Foundation has expressed concern about the large expansion of citizens' data-matching occurring between AusTRAC and other agencies, at a time when AusTRAC is taking on increased responsibilities for international money laundering and terrorist financing reform. "We objected very strongly to the extension of access to Centrelink, Child Support and Veterans' Affairs when the legislation went through late last year," APF convenor Nigel Waters said. "It was a major extension of the scheme. "We've also put in a very strong submission about the proposed extension of AusTRAC's operations under changes to the Financial Transactions Reporting Act. "We believe this is one of the most dangerous developments yet, because it basically extends that sort of spying routine that banks already do on their customers to other people, like real estate agents." Australian Consumers Association IT policy spokesman Charles Britton said AusTRAC appeared to be positioning itself as a manager of citizens' identity data, rather than a cash transactions manager. "It's a subtle change, but AusTRAC appears to be taking on that identity manager role, particularly as far as government agencies are concerned," Mr Britton said. "I'm sure it's within their charter, I'm not suggesting it's not, but they seem to be emphasising an aspect to their work that isn't exactly what springs to people's minds in relation to AusTRAC." Mr Waters said the APF was concerned that there was no independent oversight of AusTRAC's activities. "Part of the problem is that they don't claim to be exercising any independent judgment," he said. "AusTRAC says it is just a clearing house, so it can't be blamed for the way information is used. "That comes down to the law enforcement agencies, the Australian Tax office (ATO) and Centrelink. "We think that's totally inadequate." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From anmetet at freedom.gmsociety.org Tue Jun 29 13:18:38 2004 From: anmetet at freedom.gmsociety.org (An Metet) Date: Tue, 29 Jun 2004 16:18:38 -0400 Subject: TCG(TCPA) anonymity and Lucky Green Message-ID: On August 6, 2002, Lucky Green wrote a reply to Anonymous (whom I will now come clean and admit was none other than me), about the suggestion that TCPA (now called TCG) could incorporate anonymous cryptographic credentials to protect users' privacy, rather than the cumbersome "privacy CA" mechanism they actually adopted. I had written: > In any case, I agree that something like this would be an > excellent enhancement to the technology. IMO it is very much > in the spirit of TCPA. I suspect they would be very open to > this suggestion. Lucky Green replied: > Though routinely professing otherwise, evidently Anonymous knows nothing > of the spirit of the TCPA: I proposed the use of blinding schemes to the > TCPA as far back as 2 years ago as a substitute to the Privacy CAs > schemes which are subject to potential collusion. I believe > "unreceptive", rather than "very much open to this suggestion" would > more accurately describe the TCPA's spirit Anonymous holds so high. However, it now turns out that TCG has in fact incorporated exactly the kind of mechanism which Lucky predicted they would be unreceptive to. The new TCG 1.2 spec includes "Direct Anonymous Attestation" based on Camenisch credentials. See it described at http://www.hpl.hp.com/techreports/2004/HPL-2004-93.pdf. Here is the abstract: This paper describes the direct anonymous attestation scheme (DAA). This scheme was adopted by the Trusted Computing Group as the method for remote authentication of a hardware module, called trusted platform module (TPM), while preserving the privacy of the user of the platform that contains the module. Direct anonymous attestation can be seen as a group signature without the feature that a signature can be opened, i.e., the anonymity is not revocable. Moreover, DAA allows for pseudonyms, i.e., for each signature a user (in agreement with the recipient of the signature) can decide whether or not the signature should be linkable to another signature. DAA furthermore allows for detection of "known" keys: if the DAA secret keys are extracted from a TPM and published, a verifier can detect that a signature was produced using these secret keys. The scheme is provably secure in the random oracle model under the strong RSA and the decisional Diffie-Hellman assumption. This is a real cryptographic tour de force. It protects privacy, includes irrevocable anonymity, and yet if keys get pulled out of the system and published, they can be invalidated, even while fully protecting the anonymity of users of valid keys! It sounds impossible, but these guys are wizards. We haven't heard much from Lucky on TCG/TCPA lately. It would be interesting to get his reaction to the latest moves. One ironic trend is that although TCPA was claimed to be designed to kill open source, in fact all the work on the technology is happening on Linux! See enforcer.sourceforge.net for an example of using TCG to validate a Linux kernel and executables. IBM's work on tcgLinux is another project along these lines. Pretty exciting stuff. From rah at shipwright.com Tue Jun 29 13:36:10 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 29 Jun 2004 16:36:10 -0400 Subject: TCG(TCPA) anonymity and Lucky Green In-Reply-To: References: Message-ID: At 4:18 PM -0400 6/29/04, An Metet wrote: >On August 6, 2002, Lucky Green wrote a reply to Anonymous (whom I will >now come clean and admit was none other than me) Prove it. ;-) Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jun 29 14:50:24 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 29 Jun 2004 17:50:24 -0400 Subject: Third announcement ECC 2004 Message-ID: --- begin forwarded text From bbrow07 at students.bbk.ac.uk Tue Jun 29 10:06:54 2004 From: bbrow07 at students.bbk.ac.uk (ken) Date: Tue, 29 Jun 2004 18:06:54 +0100 Subject: My name is Jyyneh Do'ughh In-Reply-To: <20040627230635.GJ23576@ishtar.mbox.com.au> References: <40DE575C.79EF71ED@cdc.gov> <20040627230635.GJ23576@ishtar.mbox.com.au> Message-ID: <40E1A1AE.5070903@students.bbk.ac.uk> Padraig MacIain wrote: > On Sat, Jun 26, 2004 at 10:13:00PM -0700, Major Variola (ret) wrote: >> How do you spell John Smith in Gaelic? > > In G`idhlig (Scottish Gaelic) it'd be at least starting as 'Iain' (which is the > Gaelized John). The modern Scottish equivalent to John Smith would be Iain Gow. (There was a British politican with that name.) An older or more Irish form might be something like Eoin MacGowan. From shaddack at ns.arachne.cz Tue Jun 29 09:08:10 2004 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Tue, 29 Jun 2004 18:08:10 +0200 (CEST) Subject: Unregistered Message-ID: <0406291802580.-1275484700@somehost.domainz.com> Found this on the Net couple years ago. Then it vanished. In the light of the INDUCE Act, or whatever it's called now, it is becoming quite relevant... Question for the crowd: In the setting described below, how could one perform a successful long-term disobedience? Original URL: www.keshet.f2s.com/unregistered.html Downloaded Sep 1 2001 ------------------------------------------------------------------------ Unregistered Dark and drizzle, we pulled up in front of the living block; we had a an AC tip on one of the residents -- nothing concrete, maybe trafficking in illegal copies, maybe just pron, we weren't sure. "Can I help you?" our suspect asked, innocently enough, as he opened the door. "Yah, we got a warrant - need to scan your disk." I held up the warrant in one hand while the other reflexively went for the scanner. "What seems to be the problem officers?" he says... boy if this guy is hiding something he sure can act it. This is the point when I watch the suspect most closely -- looking not just for fear or guilt, but any kind of movement which may trigger an erase mechanism. "Nothing special," I try to smooth him over, "just a routine search, maybe we just got a bad tip." "Well, okay.." he didn't seem too sure of his ground. I didn't like it, he should be outraged, or afraid or something. My partner printed up a receipt while I activated the scanner. 3 seconds later I'm looking at the output, scratching my head- no contraband on the disk but the scanner flagged some unusual files. "What's this?" I ask the guy, showing him the readout. "Oh, those are mine," he said with such an innocent look I was caught off balance. I connect to Central and send the digital signatures for look-up & verify.. Central drew a blank. "Unknown registry authority" was the response for each one of the signed executables. "Where did you get these?" I ask the suspect while copying the binaries into quarantined flash for later dissection. "Those? I made them." Again that look of pure innocence. I was getting a creepy feeling at the back of my neck. "Whadd'ya mean, you made them? Look, we're gonna find out where those execs came from and what they do.. it's gonna start getting real unpleasant in here real fast if you don't start coming up with answers quick!" I don't like coming down heavy so fast on a guy, but these files were starting to give me the creeps. "Look man, I'm a programmer - that's what I do. I can show you the source & compile it for you if you like..." Stunned, I look at the guy, my partner's already going for a tackle with the cuffs. "You got a compiler in here!?" I shout at him. "Jesus HC," I'm swearing at myself for being so slow. "Call Central!" I'm yelling at my partner while I signal for backup, "tell 'em to put a packet freeze on the whole damn block! Tell 'em we got an unregistered compiler!" I swear to God, even while they were hauling him away & forensics were scanning the building, he still had that innocent look on his face -- like he didn't even know what was going on. All Text and Art Original Material Copyright © 2001 keshet From jdd at dixons.org Tue Jun 29 11:02:50 2004 From: jdd at dixons.org (Jim Dixon) Date: Tue, 29 Jun 2004 19:02:50 +0100 (BST) Subject: SciAm: The Mystery of the Voynich Manuscript In-Reply-To: References: Message-ID: On Sun, 27 Jun 2004, R. A. Hettinga wrote: > characters of Voynichese into Roman letters. An example from folio 78R of > the manuscript reads: qokedy qokedy dal qokedy qokedy. This degree of > repetition is not found in any known language. Arabic (my transliteration of what I was taught, may actually be Dari): "lah ilahah ilahlah muhammed ur rasul allah" (There is but one God and Muhammaed is his prophet.) English, Gertrude Stein: "a rose is a rose is a rose". 7,320 hits on Google, some with more roses. -- Jim Dixon jdd at dixons.org tel +44 117 982 0786 mobile +44 797 373 7881 http://jxcl.sourceforge.net Java unit test coverage http://xlattice.sourceforge.net p2p communications infrastructure From ecc at crypto.rub.de Tue Jun 29 14:21:56 2004 From: ecc at crypto.rub.de (ECC 2004) Date: Tue, 29 Jun 2004 23:21:56 +0200 Subject: Third announcement ECC 2004 Message-ID: =================================================================== THE 8TH WORKSHOP ON ELLIPTIC CURVE CRYPTOGRAPHY (ECC 2004) Ruhr-University Bochum, Germany September 20, 21 & 22, 2004 THIRD ANNOUNCEMENT June 29, 2004 ECC 2004 is the eighth in a series of annual workshops dedicated to the study of elliptic curve cryptography and related areas. The main themes of ECC 2004 will be: - The discrete logarithm problem. - Efficient parameter generation and point counting. - Provably secure cryptographic protocols. - Efficient software and hardware implementation. - Side-channel attacks. - Deployment of elliptic curve cryptography. It is hoped that the meeting will continue to encourage and stimulate further research on the security and implementation of elliptic curve cryptosystems and related areas, and encourage collaboration between mathematicians, computer scientists and engineers in the academic, industry and government sectors. There will be approximately 15 invited lectures (and no contributed talks), with the remaining time used for informal discussions. There will be both survey lectures as well as lectures on latest research developments. SPONSORS: BSI - Bundesamt f|r Sicherheit in der Informationstechnik Bundesdruckerei GmbH DFG-Graduate School on Cryptography ECRYPT - European Network of Excellence in Cryptography escrypt - Embedded Security GmbH Ruhr-University Bochum University of Waterloo ORGANIZERS: Gerhard Frey (University of Duisburg-Essen) Tanja Lange (Ruhr-University Bochum) Alfred Menezes (University of Waterloo) Christof Paar (Ruhr-University Bochum) Scott Vanstone (University of Waterloo) CONFIRMED SPEAKERS: Roberto Avanzi (University of Duisburg-Essen, Germany) The state of HEC efficient implementation Paulo Barreto (Scopus Tecnologia, Brazil) The Well-Tempered Pairing Ming-Deh Huang (University of Southern California, USA) Global methods for discrete logarithm problems Pierrick Gaudry (LIX Paris, France) Discrete logarithm in elliptic curves over extension fields of small degree Marc Joye (Gemplus, France) Secure Implementation of Elliptic Curve Cryptography Norbert Luetkenhaus (University of Erlangen, Germany) Quantum Key Distribution - Chances and Restrictions Kim Nguyen (Bundesdruckerei, Germany) Cryptography & Travel documents Alexander May (University of Paderborn, Germany) New RSA Vulnerabilities using Coppersmith's Method Wayne Raskind (University of Southern California, USA) (see Ming-Deh Huang) Matt Robshaw (Royal Holloway University of London, UK) The Advanced Encryption Standard: A Four Year Anniversary Werner Schindler (BSI, Germany) Optimizing the Efficiency of Side-Channel Attacks with Advanced Stochastical Methods Jasper Scholten (KU Leuven, Belgium) Cover attacks on trace-zero groups Hovav Shacham (Stanford University, USA) A New Life for Group Signatures Igor Shparlinski (Macquarie University, Australia) Pseudorandom Points on Elliptic Curves Nigel Smart (University of Bristol, UK) The link between ECDHP and ECDLP revisited Thomas Wollinger (Ruhr-University Bochum, Germany) Hardware Implementation of Hyperelliptic Curve Cryptosystems SUMMER SCHOOL ON ELLIPTIC CURVE CRYPTOGRAPHY: For the first time the ECC workshop will be held together with a summer school on elliptic curve cryptography. This summer school is organized by VAMPIRE, the Virtual Application and Implementation Research Lab within the European project ECRYPT www.ecrypt.eu.org The school will take place September 13-17, 2004, in the Ruhr-University Bochum. Our target audience are students, PhD students and practitioners with background in applications and industry. More information about the summer school can be found at: www.rub.de/itsc/tanja/summerschool ---------------------------------------------------------------------- LOCAL ARRANGEMENTS AND REGISTRATION: Bochum is situated approximately 50 km from Dusseldorf Airport (DUS), about 100 km from Cologne Airport (CGN) and about 300 km from Frankfurt Airport. All three airports have excellent train connections to Bochum. Participants should plan to arrive on September 19 to be able to attend the lectures on Monday morning. If you did would like to be added to the mailing list for the third announcement, please send a brief email to ecc at crypto.rub.de. The announcements are also available from the web site www.cacr.math.uwaterloo.ca/conferences/2004/ecc2004/announcement.html ----------------------------------------------------------------------- REGISTRATION: The website for registration is open and can be found at: http://www.ruhr-uni-bochum.de/hgi/tanja.html For this year the full conference fee is 170 EUR, we offer a reduced fee of 80 EUR for students. Please register as soon as possible as the number of participants is limited. ---------------------------------------------------------------------- ACCOMMODATIONS: We set aside a number of rooms on a first-come first-serve basis at following hotels. To get the prices listed below include the respective quotations when making your reservation Hotel Acora http://www.acora.de/html/bochum.html Tel.: (+49)234 68 96 0 Fax: (+49)234 68 96 700 Nordring 44-50 (center of Bochum) single 66,50 EUR double 80,50 EUR both including breakfast mention "ECC-Workshop" These rooms are set aside till 30.07.2004. Hotel Haus Oekey http://www.oekey.de/ Tel.: (+49)234 388 13 0 Fax: (+49)234 388 13 88 Auf dem Alten Kamp 10 (halfway between university and city center) single 52 EUR double 70 EUR both including breakfast mention "Ruhr-University, Lange" These rooms are set aside till 10.08.2004. Hotel IBIS am Hauptbahnhof http://www.ibishotel.com/ Tel.: (+49)234/91430 Fax : (+49)234/680778 Kurt- Schumacher- Platz 13-15 (next to main station) single 49 EUR breakfast is available for 9 EUR. The fee includes free public transport in Bochum mention "ECC" These rooms are set aside till 12.08.2004. Hotel Kolpinghaus http://www.kolpinghaus-bochum.de/html/hotel.html Maximilian-Kolbe-Str. 14-18 (close to main station, center) single 46 EUR double 24 EUR including breakfast. Facilities include linen and have communal bathrooms on each floor. Please make your booking via Tanja Lange lange at itsc.rub.de and mention with whom you would like to share a room. These rooms are available till 09.08.2004. Other hotels can be found at http://www.bochum.de/english/ http://www.bochum.de/bochum/bohotel.htm (The hotel page is available in German only) ================================================================== FURTHER INFORMATION: For further information, please contact: Tanja Lange Information Security and Cryptography Ruhr-University Bochum e-mail: ecc at crpyto.rub.de Fax: +49 234 32 14430 Tel: +49 234 32 23260 ================================================================== ------------------------------------------------------- --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Wed Jun 30 10:14:30 2004 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 30 Jun 2004 13:14:30 -0400 Subject: Govt explores bonds to tap black money Message-ID: Rediff.com Govt explores bonds to tap black money P Vaidyanathan Iyer in New Delhi | June 30, 2004 | 08:13 IST The finance ministry is exploring the option of launching long-tenure bearer bonds or infrastructure bonds to unearth unaccounted money and use it to fund the country's development needs.? According to government sources, unlike the Voluntary Disclosure of Income Scheme, 1999, the bearer bonds will not provide amnesty to tax evaders. While the revenue department would not seek any details on the origin of funds being invested in bearer bonds, it would be free to go after money launderers in the future, they said.? The funds raised through the bearer bonds could be locked in for a long tenure, say 10 years, the sources said. Tax experts noted that the Centre could offer a nominal interest on the bonds.? "Such a scheme can partially suck out the unaccounted money in circulation and simultaneously help the government fund its development programmes," a source said.? While the ministry possesses only dated information on the quantum of black money in the country based on a study by the National Institute of Public Finance and Policy in the early 1980s, independent estimates put the figure at as much as 40 per cent of the gross national product.? Tax experts said except for VDIS 1997, other amnesty schemes failed to generate a response.? Five amnesty schemes in the past have yielded not more than Rs 700 crore (Rs 7 billion), they pointed out, adding that Yashwant Sinha's Kar Vivad Samadhan Scheme, too, came in for severe criticism from the Comptroller and Auditor General.? The experts noted that a bearer bond scheme was last launched in 1980-81 when R Venkataraman was finance minister. The scheme offered an interest rate of 2 per cent and the money was locked in for 10 years.? The Congress government under Indira Gandhi had raised almost Rs 1,000 crore (Rs 10 billion) then, equivalent to Rs 10,000 crore (Rs 100 billion) at today's prices.? The National Democratic Alliance government, too, had discussed a bond scheme two years ago to raise funds for the infrastructure sector.? Preliminary discussions were held with some financial institutions but the idea was dropped later due to lack of consensus.? The United Progressive Alliance's Common Minimum Programme unveiled in May too had called for introduction of special schemes to unearth black money and assets. This was being seen as an additional measure to increase tax revenues. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From brian-slashdotnews at hyperreal.org Wed Jun 30 15:26:03 2004 From: brian-slashdotnews at hyperreal.org (brian-slashdotnews at hyperreal.org) Date: 30 Jun 2004 22:26:03 -0000 Subject: Appeals Circuit Ruling: ISPs Can Read E-Mail Message-ID: Link: http://slashdot.org/article.pl?sid=04/06/30/2014242 Posted by: timothy, on 2004-06-30 20:54:00 Topic: privacy, 248 comments from the odd-distinctions dept. leviramsey writes "The US Court of Appeals for the First Circuit (covering Massachusetts, Maine, New Hampshire, and Rhode Island) has ruled that [1]e-mail providers are not violating the law by reading users' e-mail without the user's consent. The [2]decision finds that the Wiretap Act does not cover interception of communications where the communications are being stored, not transmitted. Perhaps OSDN should send the defendant, accused in 2001 of reading users emails in order to find out what they were interested in purchasing from Amazon, a [3]T-shirt from ThinkGeek?" References 1. http://www.wired.com/news/politics/0,1283,64043,00.html?tw=wn_tophead_1 2. http://www.ca1.uscourts.gov/pdf.opinions/03-1383-01A.pdf 3. http://www.thinkgeek.com/tshirts/frustrations/31fb/ ----- End forwarded message ----- -- Eugen* Leitl ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]