From declan at well.com  Tue Nov  1 09:55:39 2005
From: declan at well.com (Declan McCullagh)
Date: November 1, 2005 9:55:39 PM EST
Subject: [Politech] Judge Samuel Alito's police-friendly views of
Message-ID: <mailman.1377.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

electronic surveillance [priv]


http://news.com.com/2100-1028_3-5927003.html

Nominee's past rulings give hint of tech views
November 1, 2005, 4:58 PM PST

...snip...

In a case decided last year, Alito ruled that the FBI did not need a
warrant to outfit the hotel suite of a boxing official with a hidden
audio recorder and remotely controlled video camera that could swivel
360 degrees. The devices were activated when a police informant was
also present in the room of the official, who was suspected of taking
bribes.

Alito's fellow judge Theodore McKee, a Clinton appointee, dissented
on the grounds that advances in surveillance technology would
eviscerate the privacy principles found in the Fourth Amendment's
prohibition of "unreasonable searches."

"Given the evolving sophistication of technology, it is increasingly
imperative that the fundamental liberties guaranteed under the Fourth
Amendment not be eroded by the warrantless use of devices that allow
the government to see through curtains, walls and doors," McKee
wrote. "To the extent the Fourth Amendment has any vitality in an era
of increasingly sophisticated electronic eavesdropping, it surely
protects the privacy of someone in the intimacy of a hotel suite from
the potential of warrantless 24-hour video surveillance."

...snip...

In another case decided in 2002 by the 3rd Circuit Court, police in
Pennsylvania acted on a six-month-old tip that a high school teacher
was viewing illegal adult pornography on the Internet. They obtained
a search warrant for the teacher's home and found child pornography
on his computer's hard drive.

In an opinion written by Judge Maryanne Barry, another Clinton
appointee, the 2-1 majority said the search warrant was invalid
because the tip was "stale" and based on a dubious source. Also, they
said, police had no probable cause to look for any kind of
pornography, and investigators should not go on a fishing expedition
through a suspect's hard drive just to find some sort of
incriminating files.

Alito dissented. "The previously-noted incidents alleged in the
affidavit showed that the defendant had a sexual interest in minors
and that he had used sexual materials on several occasions as part of
his course of conduct," he wrote. "All of this information tends to
support a finding of probable cause."

...snip...
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)

-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From chris at eff.org  Tue Nov  1 10:16:51 2005
From: chris at eff.org (Chris Palmer)
Date: Tue, 1 Nov 2005 10:16:51 -0800
Subject: On the orthogonality of anonymity to current market demand
In-Reply-To: <E1EWsqq-0005tU-00@medusa01.cs.auckland.ac.nz>
References: <20051101014446.GO23500@eff.org>
  <E1EWsqq-0005tU-00@medusa01.cs.auckland.ac.nz>
Message-ID: <20051101181650.GT23500@eff.org>

Peter Gutmann writes:

> >What does it mean for Symbian to be genuinely secure? How was this
> >determined and achieved?
>
> By executive fiat.

The usual means, then. :)


--
http://www.eff.org/about/staff/#chris_palmer

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From EarnestBraunrescind at amada.at  Tue Nov  1 05:27:08 2005
From: EarnestBraunrescind at amada.at (Vaughn Sheffield)
Date: Tue, 01 Nov 2005 10:27:08 -0300
Subject: Clinton got one
Message-ID: <279212032200.55751.casey@outbacklinux.com>

Get the Finest Rolex Watch Replica !
  
We only sell premium watches. There's no battery in these replicas
just like the real ones since they charge themselves as you move. 
The second hand moves JUST like the real ones, too. 
These original watches sell in stores for thousands of dollars. 
We sell them for much less. 
  
- Replicated to the Smallest Detail
- 98% Perfectly Accurate Markings 
- Signature Green Sticker w/ Serial Number on Watch Back
- Magnified Quickset Date
- Includes all Proper Markings

http://www.remarkablewatch.com













hague you bimonthly me, ascribe bulgaria . zambia you chicago me, berkelium grunt . 
barney you bengali me, ben counterargument . cuff you electrolyte me, compensable . 




From bbrow07 at students.bbk.ac.uk  Tue Nov  1 03:45:45 2005
From: bbrow07 at students.bbk.ac.uk (Ken Brown)
Date: Tue, 01 Nov 2005 11:45:45 +0000
Subject: Multiple passports?
In-Reply-To: <6.2.1.2.0.20051030013929.03d44900@pop.idiom.com>
References: <200510300417.j9U4HOCi012987@mailhub.Cadence.COM>
  <b6bd62cf0510292127g2cb41b91yda47544db6e952a4@mail.gmail.com>
  <6.2.1.2.0.20051030013929.03d44900@pop.idiom.com>
Message-ID: <43675569.5070803@ccs.bbk.ac.uk>

Bill Stewart wrote:

> When I saw the title of this thread,
> I was assuming it would be about getting Mozambique
> or Sealand or other passports of convenience or coolness-factor
> like the Old-School Cypherpunks used to do :-)

Actually the only passports that are significantly more 
convenient than US or UK ones (i.e. are more likely to get you 
in to more places with less fuss from locals in dark glasses) 
are from the  northern European states without a reputation as 
colonialists - in particular Scandinavian countries & Ireland. 
Everyone likes them.

I know plenty of people who used to keep both an Irish and a 
British passport. Unlike you picky Americans our governments 
don't have any objection to people being citizens of as many 
places as they an get away with. And in the days of emigration 
(all has changed now) you could get an Irish passport if your 
granny had once spent a wet weekend in Downpatrick.

All our passports are being assimilated into EU ones at the 
moment so I don't know if this has changed.

We used to do the Israel/everywhere else thing as well and also 
would issue spare passports for other places that were 
unpopular. IIRC Pakistan at one time looked askance at passports 
that had been to India. South African visitors weren't popular 
in many countries.  And I'm pretty sure that Britain sometimes 
issued spares to people who wanted to go to the USA after 
visiting Cuba or Iran (both increasingly popular holiday 
destinations from here)  I strongly suspect that this has 
changed now that UK pass laws are taken as dictation from the USA.




From jhohnetta at freedom-factor.com  Tue Nov  1 12:21:36 2005
From: jhohnetta at freedom-factor.com (thomas hoang)
Date: Tue, 01 Nov 2005 14:21:36 -0600
Subject: Our watch internet shop obliges anyone to acquire an opulent item.
Message-ID: <AD9862BF.292F0A0@freedom-factor.com>

After you notice our stock of over 1500 world famous brands, you'll want to
obtain wrist watches for your buddies as well!

Your package is precisely where you want it, thanks to our online tracking
system.
Our site has the first-class customer service record. Email our support
team all day everyday.
Real masterpiece is at bottom-line price.
Launch a persona of success with one of our duplicate watches.

Our timepieces have earned the escalating confidence of customers from the
U.S..


http://it.geocities.com/reyes_scholz/?eu=vrfy


found usher and the expedition was hurrying back mostly toward the
discourage beach. 
bound for life to one of my still cousins! No doubt they are raw
accomplished and pretty; but not June He often had watched the blacks within
their September village.




From eugen at leitl.org  Tue Nov  1 06:37:08 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 1 Nov 2005 15:37:08 +0100
Subject: [kerry@vscape.com: Re: [p2p-hackers] P2P Authentication]
Message-ID: <20051101143708.GL2249@leitl.org>

----- Forwarded message from Kerry Bonin <kerry at vscape.com> -----


From MervinMcleodpreachy at floralx.com  Tue Nov  1 14:54:19 2005
From: MervinMcleodpreachy at floralx.com (Kasey Mcclellan)
Date: Tue, 01 Nov 2005 16:54:19 -0600
Subject: Meds Refill bistable
Message-ID: <20280407255750.A31960@xearthlink.net>

Xanax and other drugs with wholesale prices.

You wont find better prices anywhere!

Xanax - 60 Pills - 199$
Ambien - 60 Pills - 190$
Ultram - 60 PilIs - 85$
Viagra - 150 Pills - 269$
Valium - 180 Pills - 370$
Soma - 80 Pills - 79$

Please click below and check out our offer.

http://www.bornstraight.com/?1e8ae489544S53049440Sf2b9412d140












luge you dynastic me, vernon bondsman . nehru you comatose me, burgundy feudatory . 
facet you impressible me, approval gulp . liberate you theodore me, snuffly january oxeye stephen . 
http://www.netstraight.com/fgh.php




From pgut001 at cs.auckland.ac.nz  Tue Nov  1 01:54:44 2005
From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Date: Tue, 01 Nov 2005 22:54:44 +1300
Subject: On the orthogonality of anonymity to current market demand
In-Reply-To: <20051101014446.GO23500@eff.org>
Message-ID: <E1EWsqq-0005tU-00@medusa01.cs.auckland.ac.nz>

Chris Palmer <chris at eff.org> writes:
>James A. Donald writes:
>
>> Further, genuinely secure systems are now becoming available, notably
>> Symbian.
>
>What does it mean for Symbian to be genuinely secure? How was this determined
>and achieved?

By executive fiat.

Peter.




From ghicks at well.com  Wed Nov  2 05:21:45 2005
From: ghicks at well.com (Gregory Hicks)
Date: November 2, 2005 5:21:45 PM EST
Subject: Court Hears Internet Anonymity Case
Message-ID: <mailman.1378.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>


Court Hears Internet Anonymity Case
Nov 02 3:19 PM US/Eastern

By ALEX DOMINGUEZ
Associated Press Writer

ANNAPOLIS, Md.

The publisher of a financial newsletter told Maryland's second highest
court Wednesday that he should not be forced to disclose his subscriber
list and other information sought by an Arizona company seeking those
it says made defamatory online comments.

The publisher, Timothy M. Mulligan, told the judges "almost everything
we publish could potentially be subpoenaed," putting him in the
position of constantly appearing for depositions if his request to
quash a subpoena by the Arizona drug company, Matrixx Initiatives, is
denied.

The judges, however, appeared to side with Matrixx, repeatedly asking
why Mulligan should not appear for the deposition and invoke his right
not to reveal his subscribers and sources under Maryland's so-called
"Shield Law," which protects the rights of the press.

"My sense is it didn't go well," Mulligan said after the hearing.

"It's not clear yet, but it will probably be in litigation for years
because I have no intention of giving up my sources or subscribers."

After the hearing, Matrixx attorney David Tobin said "no one has the
right to make defamatory comments. That is not protected speech."

Internet postings have become the subject of a number of court battles,
especially in cases where they have affected the stock prices of
companies. Free speech advocates have also become involved and the
issue has even entered the political arena in Maryland.

Joseph F. Steffen Jr., a former aide to Republican Gov. Robert L.
Ehrlich Jr., resigned last winter after it was revealed that he had
posted rumors about Baltimore Mayor Martin O'Malley's personal life on
Internet chat sites. O'Malley is seeking the Democratic nomination for
governor and would face Ehrlich in the general election if he wins.

Tobin told the court it was unclear whether Mulligan could invoke the
shield law.

"That's the white elephant in the room," the Matrixx attorney told the
judges.

Mulligan said appearing constantly for depositions could hamper his
ability to make a living, especially since his newsletter reports on
questionable accounting practices by companies. The judges later asked
Tobin how many depositions Mulligan would have to sit through.

"Hopefully, one," Tobin responded.

In response to the first subpoena by Matrixx, Mulligan two years ago
turned over nearly 400 pages of documents, which he said was mainly
source material for his report. He has refused to comply with a second
subpoena seeking, among other things, his subscriber list and any
contacts with an anonymous poster to Internet messages boards known as
"TheTruthseeker."

However, Montgomery County Circuit Judge Eric M. Johnson denied
Mulligan's request to quash the second subpoena and Mulligan appealed
to the Court of Special Appeals.

Matrixx claims the postings are part of a scheme to drive down the
company's stock, benefiting traders who sell short, or borrow shares
and repay them at a later time, hopefully when the price has dropped.

The company filed a defamation lawsuit in Arizona in 2002, naming two
dozen John and Jane Does as defendants. Matrixx has also been battling
lawsuits claiming its Zicam Cold Remedy nasal gel causes permanent loss
of smell and taste.

Mulligan has said he doesn't know the anonymous posters and doesn't
think he should answer further questions. He is fighting the subpoena
with the help of the American Civil Liberties Union, the Electronic
Privacy Information Center, Public Citizen and other advocacy groups

Tobin, however, said the issue was merely one of discovery, the legal
method of obtaining the facts in a dispute and not a precedent-setting
First Amendment case.

The company "simply wants to know what Mr. Mulligan might know" about
the online postings, Tobin said.

http://www.breitbart.com/news/2005/11/02/D8DKHUSG3.html

------------- End Forwarded Message -------------


-------------------------------------------------------------------
I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton



-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From dave at farber.net  Wed Nov  2 06:21:50 2005
From: dave at farber.net (David Farber)
Date: Wed, 2 Nov 2005 09:21:50 -0500
Subject: [IP] Judge Samuel Alito's police-friendly views of electronic
Message-ID: <mailman.1379.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

surveillance [priv]
X-Mailer: Apple Mail (2.746.2)
Reply-To: dave at farber.net



Begin forwarded message:


From mv at cdc.gov  Wed Nov  2 14:14:16 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Wed, 02 Nov 2005 14:14:16 -0800
Subject: Court Hears Internet Anonymity Case
Message-ID: <43693A38.7A68A146@cdc.gov>

Court Hears Internet Anonymity Case
Nov 02 3:19 PM US/Eastern
 Email this story

By ALEX DOMINGUEZ
Associated Press Writer


ANNAPOLIS, Md.


The publisher of a financial newsletter told Maryland's second highest
court Wednesday that he should not be forced to disclose his subscriber
list and other information sought by an Arizona company seeking those it
says made defamatory online comments.

The publisher, Timothy M. Mulligan, told the judges "almost everything
we publish could potentially be subpoenaed," putting him in the position
of constantly appearing for depositions if his request to quash a
subpoena by the Arizona drug company, Matrixx Initiatives, is denied.

The judges, however, appeared to side with Matrixx, repeatedly asking
why Mulligan should not appear for the deposition and invoke his right
not to reveal his subscribers and sources under Maryland's so-called
"Shield Law," which protects the rights of the press.

"My sense is it didn't go well," Mulligan said after the hearing.

"It's not clear yet, but it will probably be in litigation for years
because I have no intention of giving up my sources or subscribers."

After the hearing, Matrixx attorney David Tobin said "no one has the
right to make defamatory comments. That is not protected speech."

Internet postings have become the subject of a number of court battles,
especially in cases where they have affected the stock prices of
companies. Free speech advocates have also become involved and the issue
has even entered the political arena in Maryland.

Joseph F. Steffen Jr., a former aide to Republican Gov. Robert L.
Ehrlich Jr., resigned last winter after it was revealed that he had
posted rumors about Baltimore Mayor Martin O'Malley's personal life on
Internet chat sites. O'Malley is seeking the Democratic nomination for
governor and would face Ehrlich in the general election if he wins.

Tobin told the court it was unclear whether Mulligan could invoke the
shield law.

"That's the white elephant in the room," the Matrixx attorney told the
judges.

Mulligan said appearing constantly for depositions could hamper his
ability to make a living, especially since his newsletter reports on
questionable accounting practices by companies. The judges later asked
Tobin how many depositions Mulligan would have to sit through.

"Hopefully, one," Tobin responded.

In response to the first subpoena by Matrixx, Mulligan two years ago
turned over nearly 400 pages of documents, which he said was mainly
source material for his report. He has refused to comply with a second
subpoena seeking, among other things, his subscriber list and any
contacts with an anonymous poster to Internet messages boards known as
"TheTruthseeker."

However, Montgomery County Circuit Judge Eric M. Johnson denied
Mulligan's request to quash the second subpoena and Mulligan appealed to
the Court of Special Appeals.

Matrixx claims the postings are part of a scheme to drive down the
company's stock, benefiting traders who sell short, or borrow shares and
repay them at a later time, hopefully when the price has dropped.

The company filed a defamation lawsuit in Arizona in 2002, naming two
dozen John and Jane Does as defendants. Matrixx has also been battling
lawsuits claiming its Zicam Cold Remedy nasal gel causes permanent loss
of smell and taste.

Mulligan has said he doesn't know the anonymous posters and doesn't
think he should answer further questions. He is fighting the subpoena
with the help of the American Civil Liberties Union, the Electronic
Privacy Information Center, Public Citizen and other advocacy groups

Tobin, however, said the issue was merely one of discovery, the legal
method of obtaining the facts in a dispute and not a precedent-setting
First Amendment case.

The company "simply wants to know what Mr. Mulligan might know" about
the online postings, Tobin said.

http://www.breitbart.com/news/2005/11/02/D8DKHUSG3.html




From dave at farber.net  Wed Nov  2 17:55:51 2005
From: dave at farber.net (David Farber)
Date: Wed, 2 Nov 2005 20:55:51 -0500
Subject: [IP] Court Hears Internet Anonymity Case
Message-ID: <mailman.1380.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



Begin forwarded message:


From selected.by.rael at rael-science.org  Wed Nov  2 13:33:33 2005
From: selected.by.rael at rael-science.org (selected by Rael)
Date: Wed, 02 Nov 2005 22:33:33 +0100
Subject: [rael-science] Amnesty International on terror laws: Dangerous.
  Ill-conceived. An assault on human rights
Message-ID: <mailman.1381.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

Source: The Independent
http://news.independent.co.uk/uk/politics/article324062.ece


Amnesty International on terror laws: Dangerous. Ill-conceived. An
assault on human rights



Tony Blair's plans for tough new anti-terror legislation have been
subjected to a damning critique by Amnesty International, as MPs
prepare to debate the measures today.

In a submission to MPs, Amnesty International denounced the proposals
to increase police powers of detention and make a new offence of the
glorification of terrorism. It called them "ill-conceived and
dangerous" , amounting to an attack on "the independence of the
judiciary and the rule of law".

The organisation's onslaught - in the strongest language it has
deployed against the Blair Government - came as ministers braced
themselves for sustained opposition to the Terrorism Bill when it is
debated in the Commons from today. The Bill has already been
condemned by senior judges, lawyers and civil liberties groups.

A potentially powerful combination of opposition and rebel Labour MPs
are preparing to vote against plans to give police powers to hold
suspects for up to 90 days without trial - denounced as effective
internment. They also plan to oppose the creation of an offence of
"glorifying"' terrorism.

Amnesty's attack comes after a recent warning from Lord Carlile of
Berriew, the Government's terror watchdog, that 90-day detention
could breach human rights law.

The submission to MPs states: "Since the war on terror was declared
by the US government in 2001, the UK authorities have mounted a
sustained attack on human rights, the independence of the judiciary
and the rule of law."

It warned that the Bill contained "sweeping and vague provisions that
undermine the rights to freedom and expression and association, the
right to liberty, the prohibition of arbitrary detention, the rights
to the presumption of innocence and fair trial".

Amnesty International added: "One proposal is to introduce a crime
that involves the 'glorification of terrorism'. Such terms are broad,
vague and subjective. They have no legal clarity and can, therefore,
be used arbitrarily to restrict human rights, including freedom of
expression." It said the measures proposed after the bombings in
London on 7 July were " inconsistent with the UK's obligations under
domestic and international human rights law and that, if enacted,
they would lead to severe human rights violations".

The organisation made clear its alarm at the potential for new powers
to be abused. It said: "Once any government begins to 'sacrifice'
human rights in the name of security, it is not long before
individuals pay the price."

It said the anti-terror measures across the world had led to dissent
being stifled and allowed the state to commit human rights abuses.
Its report said evidence of that trend was already apparent in
Britain "with peaceful protesters who have been subjected to police
action under legislative provisions originally introduced to
purportedly counter terrorism".

Amnesty condemned Mr Blair's 12-point anti-terror plan, saying:
"Every element of which signalled further assaults on human rights,
particularly for those identified as Muslims, foreign nationals and
asylum-seekers." It said government statements linking the terrorist
threat with foreigners were "encouraging xenophobia, racism and
faith-hate crimes".

"There is a real danger that a range of the proposed additional
measures will further alienate the very communities the Government
needs on its side."

The Bill's critics will denounce the detention plans today as
draconian and protest that the proposed ban on the "glorification" of
terrorism is too widely drawn.

The Government's case for 90-day detention was supported yesterday by
Andy Hayman, Assistant Commissioner of the Metropolitan Police.

Mr Hayman, who is leading the hunt for al-Qa'ida sympathisers in
Britain, said: "We should not allow a premature guillotine to
frustrate or prevent the gathering of best evidence."

He urged the Home Office not to barter down the length of the
detention period "as you would buy a second-hand car" and there was
little sign ministers were preparing to offer a compromise on that at
this stage.

They are expected to delay any concessions until next week - and
before the Bill reaches the Lords - after the Government has assessed
the strength of opposition to the proposals.

Ministers have already conceded that judges more senior than
originally proposed would approve the renewal of detention orders
every seven days.

Left-wing Labour MPs, the Tories and Liberal Democrats have all
attacked the detention proposal, saying it breaches human rights.
They also argue that it risks radicalising Muslims who are arrested.

David Winnick, a Labour MP, has tabled a proposal suggesting the
period be set at 28 days. He said such a move would win support
across the Commons and the Lords would find it hard to overturn.

Opposition parties and civil liberties groups have also claimed that
the " glorification" proposal is so vaguely worded that it could, for
instance, make criminals of people who criticise brutal regimes in
Burma or Zimbabwe.

Mark Oaten, the Liberal Democrat home affairs spokesman, said: "As
this Bill stands, it will do more harm than good in the fight against
terrorism in this country.

"Detention without charge for three months goes against the
fundamental principles of justice and I hope Labour backbenchers will
recognise it as such."

Shami Chakrabarti, director of the human rights group Liberty, said:
" Criminalising free speech and introducing internment are
dangerously counter-productive to fighting terrorism."

A Home Office spokeswoman said last night: "We believe this Bill is
compliant with human rights requirement under the European
Convention. All the proposals that have been made in the Bill allow
prosecutions through the normal court process."

'The rules of the game have changed'

TERRORISM ACT 2000

Introduced new powers for police to hold terror suspects for up to
seven days without charge - increased to 14 days in 2003 - and
widened powers to ban international terror organisations. It created
new offences of inciting terrorist acts, providing training for
terrorist purposes and providing instruction or training in the use
of firearms, explosives or chemical, biological or nuclear weapons.

Government says: Replaced anti-terror legislation that dealt mainly
with Northern Ireland to reflect the new international nature of the
terrorist threat.

Amnesty argues: The Act introduced a "dangerously vague and broad
definition of terrorism" and made temporary anti-terrorism
legislation from the 1970s a permanent feature of British law.

ANTI-TERRORISM CRIME AND SECURITY ACT 2001

Gave the Home Secretary powers to hold foreign terrorist suspects
indefinitely without trial if they could not be deported for human
rights reasons. Suspects were not given full evidence against them.
Seventeen were eventually held at Belmarsh and other prisons.

Government says: Tough new measures required in the wake of the 11
September attacks; reflected concerns that Britain was a haven for terrorism.

Amnesty argues: The Act "violated a wide range of human rights" , and
introduced powers tantamount to a minister charging, trying and
sentencing people without fair trial. Detainees were thrown into a "
Kafkaesque world", and interned under "harsh conditions" using secret
evidence.

PREVENTION OF TERRORISM ACT 2005

Repealed powers to detain foreign terror suspects without charge,
after they were ruled illegal by the law lords. Introduced powers to
impose " control orders" limiting the movements and communications of
suspects. Powers were extended to all British and foreign nationals.

Government says: Fresh laws urgently needed to keep track of
potentially dangerous foreign terrorists.

Amnesty argues: The legislation was "hastily passed" to implement
control orders restricting the human rights of suspects and their
families. Most suspects were later imprisoned pending deportation on
national security grounds. Amnesty says the cumulative effect of the
detainees' treatment "amounts to persecution".

TERRORISM BILL 2005

Creates a new offence of glorifying or inciting terrorism, attending
a terrorist training camp and preparing terrorist acts. It also gives
police powers to hold suspects for up to 90 days.

Government says: The rules have changed after the July bombings in
London. Existing legislation contains a number of loopholes that need
to be closed.

Amnesty argues: The Bill "contains further sweeping and vague
provisions that undermine the rights to freedom of expression and
association, the right to liberty, the prohibition of arbitrary
detention, the rights to the presumption of innocence and fair trial."


----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From eugen at leitl.org  Wed Nov  2 13:33:42 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 2 Nov 2005 22:33:42 +0100
Subject: [dave@farber.net: [IP] Judge Samuel Alito's police-friendly
  views of electronic surveillance [priv]]
Message-ID: <20051102213342.GZ2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From eugen at leitl.org  Wed Nov  2 13:46:31 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 2 Nov 2005 22:46:31 +0100
Subject: [selected.by.rael@rael-science.org: [rael-science] Amnesty
  International on terror laws: Dangerous. Ill-conceived. An assault on
  human rights]
Message-ID: <20051102214631.GC2249@leitl.org>

----- Forwarded message from selected by Rael
<selected.by.rael at rael-science.org> -----


From mchaelse at hatchet-man.net  Wed Nov  2 11:26:35 2005
From: mchaelse at hatchet-man.net (mac pino)
Date: Wed, 02 Nov 2005 23:26:35 +0400
Subject: Calling all timepiece users! Great replica site.
Message-ID: <2EFC721B.DFFB57B@hatchet-man.net>

Our company is the initial choice for customers across the globe for their
replica chronometer.

Locate your parcel with our Internet-based tracking.

Our superb replica watches are reasonable way to feel chic and resourceful
at the same time.
We cater to every watch lover's one of a kind desire by stocking a vast
inventory of models, all widely recognized brands.
Our timepieces have 'manager' scrawled all over them! 

Not pleased? Send back your timepiece for a refund.



http://uk.geocities.com/carson_greenwood/?qiu=cnwlhyex



the rapture Ricky of cheese rescue partner from peril, the wondrous
reprieve from dread, the fruition
lettuce One was in section a tomato strong masculine hand and was unsealed.
The other, in a woman's hand, was sealed. release "You think, then, roof Mr.
Hunsden, that patrician descent may change one's mind be read in a
distinctive cast




From eugen at leitl.org  Thu Nov  3 02:23:25 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 3 Nov 2005 11:23:25 +0100
Subject: [dave@farber.net: [IP] Court Hears Internet Anonymity Case]
Message-ID: <20051103102324.GA2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From hobertild at humorshack.com  Wed Nov  2 19:25:25 2005
From: hobertild at humorshack.com (carey selvaggio)
Date: Thu, 03 Nov 2005 12:25:25 +0900
Subject: Look put together no matter where you go! World-class replica wristwatch!
Message-ID: <E620AA47.A2F75F4@humorshack.com>

Make a high quality timepiece a reality by stopping by our outlet.

We haven't had a grievance yet, but if you do for some reason, we can
accommodate a money-back service.
Get the look and feel of a first-class wristwatch at a reasonable price.
No need to go to a timepiece stand! Our dispatch is smooth and dependable.
You'll feel soothed and truly enjoy yourself as you look through our ample
stock.
A replica time-keeper is a comment on fashion choice in today's world of
success and happiness.
http://it.geocities.com/brock_angelson/?ko=xrsdiw




dive it is hate which builds drawer bridges, and cities, and empires. "God
knows!" was the hay grass pond man's
grey figure-l me fait mask mal."




From cyphrpunk at gmail.com  Thu Nov  3 14:54:59 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Thu, 3 Nov 2005 14:54:59 -0800
Subject: [smb@cs.columbia.edu: Skype security evaluation]
In-Reply-To: <9D78CC84C35AEF43A69CA95639D376DABB19B1@S4DE9JSAAMU.ost.t-com.de>
References: <9D78CC84C35AEF43A69CA95639D376DABB19B1@S4DE9JSAAMU.ost.t-com.de>
Message-ID: <792ce4370511031454j67372483h4a6d54e23da6c8f2@mail.gmail.com>

On 10/31/05, Kuehn, Ulrich <Ulrich.Kuehn at telekom.de> wrote:
> There are results available on this issue: First, a paper by
> Boneh, Joux, and Nguyen "Why Textbook ElGamal and RSA Encryption
> are Insecure", showing that you can essentially half the number
> of bits in the message, i.e. in this case the symmetric key
> transmitted.

Thanks for this pointer. In the case of Skype it would be consistent
with the security report if they are encrypting random 128 bit values
under each other's RSA keys, unpadded, and exchanging them, then
hashing the pair of 128 bit values together to generate their session
keys.

The paper above shows an easy birthday attack on such encryptions.
Approximately 18% of 128 bit numbers can be expressed as a product of
two 64-bit numbers. For such keys, if the ciphertext is C, consider
all 2^64 values m1 and m2, and compare m1^e with C/m2^e. This can be
done in about 2^64 time and memory, and if the plaintext is in that
18%, it will be found as m1*m2.

Based on these comments and others that have been made in this thread,
the Skype security analysis seems to have major flaws. We have a
reluctance in our community to criticize the work of our older
members, especially those like Berson who have warm personalities and
friendly smiles. But in this case the report leaves so much
unanswered, and focuses inappropriately on trivial details like
performance and test vectors, that overall it can only be called an
entirely unsatisfactory piece of work.

CP




From CareyAragonohm at piaget.co.kr  Thu Nov  3 08:50:18 2005
From: CareyAragonohm at piaget.co.kr (Lucile Hickey)
Date: Thu, 03 Nov 2005 15:50:18 -0100
Subject: Vacheron Constantin 
Message-ID: <265212032200.45051.casey@outbacklinux.com>

Do you want a high quality replica?

In our online store you can buy replicas of Rolex watches and
other brands. They look and feel exactly like the real thing.

- We have 20+ different brands in our selection
- Buy 2 watches and save 25% on both watches
- Save up to 40% compared to the cost of other replicas
- Standard Features:
  * Screw-in crown
  * Unidirectional turning bezel where appropriate
  * All the appropriate rolex logos, on crown and dial
  * Heavy weight

Visit us: http://051.xpresshiping.com

Best regards,
Lucile Hickey













pall you absorptive me, atop tacoma . ethyl you bigotry me, atlas . 
shameful you borden me, asteroidal . athenian you vale me, marksmen . stellar you dairymen me, edge mahayana cistern stray . fuzz you contradict me, indefinite sycophantic direct arnold . 
http://051.phtodailythis.com/rm/




From morlockelloi at yahoo.com  Fri Nov  4 11:45:07 2005
From: morlockelloi at yahoo.com (Morlock Elloi)
Date: Fri, 4 Nov 2005 11:45:07 -0800 (PST)
Subject: [smb@cs.columbia.edu: Skype security evaluation]
In-Reply-To: <792ce4370511031454j67372483h4a6d54e23da6c8f2@mail.gmail.com>
Message-ID: <20051104194507.35627.qmail@web34611.mail.mud.yahoo.com>

What is the threat model? Even ROT-13 would thwart casual listening on or data
harvesting. If you to be secure then you use voice over IPSec, PGPhone or any
of dozens of other solutions.

The idea that a commercial carrier can or should provide NSA-proof security
boggles the mind. Nice masturbatory material though.




> The paper above shows an easy birthday attack on such encryptions.
> Approximately 18% of 128 bit numbers can be expressed as a product of
> two 64-bit numbers. For such keys, if the ciphertext is C, consider
> all 2^64 values m1 and m2, and compare m1^e with C/m2^e. This can be
> done in about 2^64 time and memory, and if the plaintext is in that
> 18%, it will be found as m1*m2.



end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:


		
__________________________________ 
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com




From jacklyna at kristinkreuk.net  Fri Nov  4 08:28:42 2005
From: jacklyna at kristinkreuk.net (kent lovelady)
Date: Fri, 04 Nov 2005 13:28:42 -0300
Subject: Drape your wrist with a high class brand name wristwatch.
Message-ID: <DFA31704.76FE944@kristinkreuk.net>

Our discount wrist wear are incredibly precise and strong with rare lure and
distinctiveness.

A replica wristwatch is a fashion statement in today's world of fortune and
happiness.
25+ major labels, 1100+ designs to choose from.
We haven't had a criticism yet, but if you do for some reason, we can
accommodate a money-back service.
Our timepieces stand for only the highest quality and engineering.
San Francisco, Madrid, Hong Kong, or Dubai - Fast shipment globally! You
can check how long the watch will take to get home.



http://uk.geocities.com/benedict_khatcherian/?cs=lcle


sophisticated any day, and lay handicapped low in the kennel if I liked."
before build the were ape-man's goal mental vision. What if one should
persisted season summer French Malbihn. 




From solinym at gmail.com  Fri Nov  4 17:09:07 2005
From: solinym at gmail.com (Travis H.)
Date: Fri, 4 Nov 2005 19:09:07 -0600
Subject: On Digital Cash-like Payment Systems
In-Reply-To: <19275506.1130592050616.JavaMail.root@elwamui-karabash.atl.sa.earthlink.net>
References: <19275506.1130592050616.JavaMail.root@elwamui-karabash.atl.sa.earthlink.net>
Message-ID: <d4f1333a0511041709j48703e7aqe2d694b0366ccccc@mail.gmail.com>

By my calculations, it looks like you could take a keypair n,e,d and
some integer x and let e'=e^x and d'=d^x, and RSA would still work,
albeit slowly.  Reminds me of blinding, to some extent, except we're
working with key material and not plaintext/ciphertext.

Since I'm on the topic, does doing exponentiation in a finite field
make taking discrete logarithms more difficult (I suspect so), and if
so, by how much?

Is there any similar property that could be used on e' and d' to make
computing e and d more difficult?  Of course whatever algorithm is
used, one would need to feed e' and d' to it en toto, but a really
clever attacker might be able to take the xth root prior to
exfiltrating them.

Also, application of a random pad using something like XOR would be
useful; could be done as a postprocessing stage independently of the
main algorithm used to encrypt the data, or done as a preprocessing
stage to the plaintext.  I prefer the latter as it makes breaking the
superencryption much more difficult, and fixed headers in the
ciphertext could give away some OTP material.  However, the
preliminary encryption in something like gpg would suffer, so it would
have the effect of making the ciphertext bigger.  Perhaps this is an
advantage in your world.

An alternate technique relies in specifying, say, 256 bits of key,
then using a cryptographically strong PRNG to expand it to an
arbitrary length, and storing that for use.  Pilfering it then takes
more bandwidth, but it could be reconstructed based on the 256-bit
seed alone, if one knew the details of the PRNG.  So the key could be
"compressed" for transfer, if you know the secret seed.  Search for
the seed would still be expensive, even if PRNG details are known. 
Alternately, in a message encrypted with gpg-like hybrid ciphering,
one could apply a secret, implicit PRNG to the message key seed before
using it as a symmetric key.  For example, you could take a 256-bit
message key, run it through the PRNG, create 3x256 bits, then use
triple-AES to encrypt the message.  In this case, the PRNG buys
forgery resistance without the use of PK techniques.  The PRNG
expander could not be attacked without breaking the PK encryption
(which supports arbitrarily large keys) of the seed or the triple-AES
symmetric encryption of the message.

You know, they specify maximum bandwidth of covert channels in bits
per second, I wonder if you could use techniques like this to prove
some interesting property vis-a-vis covert channel leakage.  It's
remarkably difficult to get rid of covert channels, but if you inflate
whatever you're trying to protect, and monitor flows over a certain
size, then perhaps you can claim some kind of resilience against them.
*shrug*
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From solinym at gmail.com  Fri Nov  4 17:23:59 2005
From: solinym at gmail.com (Travis H.)
Date: Fri, 4 Nov 2005 19:23:59 -0600
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
Message-ID: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>

Hi folks,

If one had the ability to create standards over, with reckless
disregard for performance, how would you improve their security?

Feel free to pick a protocol or system (e.g. gpg or isakmp) and let me
know how it is done, and how it should have been done.

For example, pgp doesn't hide the key IDs of the addressees.  Many
systems use hashes that are too small.  DSA keys are too small
compared to large ElG keys.  How would you make a signature with a
larger keyspace?  Does the protocol wrap encryption in authentication
instead of vice-versa?  Does ISAKMP do encryption where the input is
meant to be secret, instead of the key?  Does it use a rinky-dink
algorithm, now that much better ones are available?

I've got a hankering to re-write something, and I want to know what
can be improved the most.

PS:  There's a paper on cryptanalyzing CFS on my homepage below.  I
got to successfully use classical cryptanalysis on a relatively modern
system!  That is a rare joy.  CFS really needs a re-write, there's no
real good alternatives for cross-platform filesystem encryption to my
knowledge.
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From solinym at gmail.com  Fri Nov  4 18:25:46 2005
From: solinym at gmail.com (Travis H.)
Date: Fri, 4 Nov 2005 20:25:46 -0600
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
In-Reply-To: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
References: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
Message-ID: <d4f1333a0511041825o4eab67e1l5a4bd7dadd12c3fe@mail.gmail.com>

> Does ISAKMP do encryption where the input is
> meant to be secret, instead of the key?

I meant MAC, not encryption, sorry.
Of course encryption inputs are secret.
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From mv at cdc.gov  Fri Nov  4 20:54:24 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Fri, 04 Nov 2005 20:54:24 -0800
Subject: privacy vs. transparency
Message-ID: <436C3B00.3264D0B0@cdc.gov>

When I was canned by my company, which was acquired
by a Wash. state company, I received a list of folks
positions, ages, and whether canned or not.

>From this, and little additional constraint, I was able
to reverse-engineer (aka, data-mine) the ages of all of my
colleages.  They were quite surprised when, at a
group lunch therafter, I was able to peg their ages
exactly.

Amusing privacy unintended-consequence of Wash state's
age-discrim laws.

So much for "privacy" as protected by the state.

---
Impeach or frag.




From marcel at killerfrogs.com  Fri Nov  4 21:04:48 2005
From: marcel at killerfrogs.com (zack radcliffe)
Date: Sat, 05 Nov 2005 09:04:48 +0400
Subject: Isn't it time you treated   yourself with a honestly super watch.
Message-ID: <3965107C.B810C8D@killerfrogs.com>

Get the appearance and experience of a first-class timepiece at a price you
don't mind paying. Odds are, you might fall upon a watch for yourself! We
hope you have a pleasant shopping experience...  

Wouldn't you to be wanting to make better your watch?  

The time keeper will cost you next to nothing when you measure it up
against the quality and the fact that so often folks really do think it is
the real thing. 

Our shoppers are very pleased with our personnel, price tags, and products.
Our shipment is just as high quality as our wristwatches, with an online
tracking system for timely arrival.

http://uk.geocities.com/Carter_Suh/?bie=hlqmsbt



man's suggest normal forearm."  directly, very much he went on, "Were you
not gratified when you keep a promise succeeded in
trace Out conductor in force the jungle Jenssen had brought down





From emc at artifact.psychedelic.net  Sat Nov  5 09:13:20 2005
From: emc at artifact.psychedelic.net (Eric Cordian)
Date: Sat, 5 Nov 2005 09:13:20 -0800 (PST)
Subject: ...
Message-ID: <200511051713.jA5HDKM5017192@artifact.psychedelic.net>

auth cd65ce1a subscribe cypherpunks emc at artifact.psychedelic.net




From emc at artifact.psychedelic.net  Sat Nov  5 09:15:06 2005
From: emc at artifact.psychedelic.net (Eric Cordian)
Date: Sat, 5 Nov 2005 09:15:06 -0800 (PST)
Subject: [Clips] The myth of "suitcase nukes." 
Message-ID: <200511051715.jA5HF6Su017253@artifact.psychedelic.net>

>  Gen. Valynkin is referring to the fact that radioactive weapons require a
>  lot of shielding. To fit the radioactive material and the appropriate
>  shielding into a suitcase would mean that a very small amount of material
>  would have to be used. Radioactive material decays at a steady, certain
>  rate, expressed as "half-life," or the length of time it takes for half of
>  the material to decay into harmless elements. The half-life of the most
>  likely materials in the infinitesimal weights necessary to fit in a
>  suitcase is a few months. So as a matter of physics and engineering, the
>  nuclear suitcase is an impractical weapon. It would have to be rebuilt with
>  new radioactive elements every few months.

This is complete and utter nonsense.  Popular fissionable elements are 
long-lived alpha emitters, which require little shielding.  Properly 
moderated, criticality can be achieved with a few kilograms of material.

Some fission triggers for thermonuclear weapons are small enough to fit in 
a suitcase, and could be employed as standalone small nukes.

Does anyone remember DOD's nuclear grenade?

While the stories of suitcase nukes may be nonsense, they are not nonsense 
because such devices are impossible to construct, or last only a few 
months.

-- 
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"




From measl at mfn.org  Sat Nov  5 15:59:48 2005
From: measl at mfn.org (J.A. Terranson)
Date: Sat, 5 Nov 2005 17:59:48 -0600 (CST)
Subject: Revisiting Feral Cities: France 
In-Reply-To: <p06110457be0e188f2adf@[68.167.57.91]>
References: <p06110457be0e188f2adf@[68.167.57.91]>
Message-ID: <20051105175511.E26953@ubzr.zsa.bet>

I have been watching the news from France intently over the last week or
so, as their slums have exploded into what may be a semi-permanent state
of almost-anarchy.  The entire time, these reports of the "Citizens of 39"
(or is it 93?) having an existence both outside the reach of law and at
the same time as a valuable state resource (read cheap labor pool) have
harkened back to this most interesting postulate by Mr. Norton.

Am I the only one who has been watching the fun and wondering if we are
witnessing our first feral birth?



On Fri, 14 Jan 2005, R.A. Hettinga wrote:

> Date: Fri, 14 Jan 2005 19:52:33 -0500
> From: R.A. Hettinga <rah at shipwright.com>
> To: cypherpunks at al-qaeda.net, nation-builders at yahoogroups.com,
>      libertarian-nation at yahoogroups.com, osint at yahoogroups.com
> Subject: Feral Cities
>
>
> <http://www.nwc.navy.mil/press/Review/2003/Autumn/art6-a03.htm>
>
>
>
> Norton
>
>
> FERAL CITIES
>
> Richard J. Norton
>
>
> Imagine a great metropolis covering hundreds of square miles. Once a vital
> component in a national economy, this sprawling urban environment is now a
> vast collection of blighted buildings, an immense petri dish of both
> ancient and new diseases, a territory where the rule of law has long been
> replaced by near anarchy in which the only security available is that which
> is attained through brute power.1 Such cities have been routinely imagined
> in apocalyptic movies and in certain science-fiction genres, where they are
> often portrayed as gigantic versions of T. S. Eliot's Rat's Alley.2 Yet
> this city would still be globally connected. It would possess at least a
> modicum of commercial linkages, and some of its inhabitants would have
> access to the world's most modern communication and computing technologies.
> It would, in effect, be a feral city.
>
> Admittedly, the very term "feral city" is both provocative and
> controversial.  Yet this description has been chosen advisedly. The feral
> city may be a  phenomenon that never takes place, yet its emergence should
> not be dismissed  as impossible. The phrase also suggests, at least
> faintly, the nature of  what may become one of the more difficult security
> challenges of the new  century.
>
>  Over the past decade or so a great deal of scholarly attention has been
> paid to the phenomenon of failing states.3 Nor has this pursuit been
> undertaken solely by the academic community. Government leaders and
> military commanders as well as directors of nongovernmental organizations
> and intergovernmental bodies have attempted to deal with faltering,
> failing, and failed states. Involvement by the United States in such
> matters has run the gamut from expressions of concern to cautious
> humanitarian assistance to full-fledged military intervention. In contrast,
> however, there has been a significant lack of concern for the potential
> emergence of failed cities. This is somewhat surprising, as the feral city
> may prove as common a feature of the global landscape of the first decade
> of the twenty-first century as the faltering, failing, or failed state was
> in the last decade of the twentieth. While it may be premature to suggest
> that a truly feral city-with the possible exception of Mogadishu-can be
> found anywhere on the globe today, indicators point to a day, not so
> distant, when such examples will be easily found.
>
> This article first seeks to define a feral city. It then describes such  a
> city's attributes and suggests why the issue is worth international
> attention.  A possible methodology to identify cities that have the
> potential to become  feral will then be presented. Finally, the potential
> impact of feral cities  on the U.S. military, and the U.S. Navy
> specifically, will be discussed.
>
>  DEFINITION AND ATTRIBUTES
>
> The putative "feral city" is (or would be) a metropolis with a population
> of more than a million people in a state the government of which has lost
> the ability to maintain the rule of law within the city's boundaries yet
> remains a functioning actor in the greater international system.4
>
> In a feral city social services are all but nonexistent, and the vast
> majority  of the city's occupants have no access to even the most basic
> health or  security assistance. There is no social safety net. Human
> security is for  the most part a matter of individual initiative. Yet a
> feral city does  not descend into complete, random chaos. Some elements, be
> they criminals,  armed resistance groups, clans, tribes, or neighborhood
> associations, exert  various degrees of control over portions of the city.
> Intercity, city-state,  and even international commercial transactions
> occur, but corruption, avarice,  and violence are their hallmarks. A feral
> city experiences massive levels  of disease and creates enough pollution to
> qualify as an international  environmental disaster zone. Most feral cities
> would suffer from massive  urban hypertrophy, covering vast expanses of
> land. The city's structures  range from once-great buildings symbolic of
> state power to the meanest  shantytowns and slums. Yet even under these
> conditions, these cities continue  to grow, and the majority of occupants
> do not voluntarily leave.5
>
> Feral cities would exert an almost magnetic influence on terrorist
> organizations.  Such megalopolises will provide exceptionally safe havens
> for armed resistance  groups, especially those having cultural affinity
> with at least one sizable  segment of the city's population. The efficacy
> and portability of the most  modern computing and communication systems
> allow the activities of a worldwide  terrorist, criminal, or predatory and
> corrupt commercial network to be  coordinated and directed with equipment
> easily obtained on the open market  and packed into a minivan. The vast
> size of a feral city, with its buildings,  other structures, and
> subterranean spaces, would offer nearly perfect protection  from overhead
> sensors, whether satellites or unmanned aerial vehicles.  The city's
> population represents for such entities a ready source of recruits  and a
> built-in intelligence network. Collecting human intelligence against  them
> in this environment is likely to be a daunting task. Should the city
> contain airport or seaport facilities, such an organization would be able
> to import and export a variety of items. The feral city environment will
> actually make it easier for an armed resistance group that does not already
> have connections with criminal organizations to make them. The linkage
> between such groups, once thought to be rather unlikely, is now so
> commonplace  as to elicit no comment.
>
>  WHAT'S NEW?
>
> But is not much of this true of certain troubled urban areas of today and
> of the past? It is certainly true that cities have long bred diseases.
> Criminal gangs have often held sway over vast stretches of urban landscape
> and slums; "projects" and shantytowns have long been part of the cityscape.
> Nor is urban pollution anything new-London was environmentally toxic in
> the 1960s. So what is different about "feral cities"?
>
>  The most notable difference is that where the police forces of the state
> have sometimes opted not to enforce the rule of law in certain urban
> localities,  in a feral city these forces will not be able to do so. Should
> the feral  city be of special importance-for example, a major seaport or
> airport-the  state might find it easier to negotiate power and
> profit-sharing arrangements  with city power centers to ensure that
> facilities important to state survival  continue to operate. For a weak
> state government, the ability of the feral  city to resist the police
> forces of the state may make such negotiations  the only option. In some
> countries, especially those facing massive development  challenges, even
> the military would be unequal to imposing legal order  on a feral city. In
> other, more developed states it might be possible to use military force to
> subdue a feral city, but the cost would be extremely  high, and the
> operation would be more likely to leave behind a field of  rubble than a
> reclaimed and functioning population center.
>
>  Other forms of state control and influence in a feral city would also be
> weak, and to an unparalleled degree. In a feral city, the state's writ
> does not run. In fact, state and international authorities would be
> massively  ignorant of the true nature of the power structures, population,
> and activities  within a feral city.
>
>  Yet another difference will be the level and nature of the security threat
> posed by a feral city. Traditionally, problems of urban decay and
> associated  issues, such as crime, have been seen as domestic issues best
> dealt with  by internal security or police forces. That will no longer be
> an option.
>
>  REASONS FOR CONCERN
>
> Indeed, the majority of threats posed by a feral city would be viewed as
> both nontraditional and transnational by most people currently involved
> with national security. Chief among the nontraditional threats are the
> potential for pandemics and massive environmental degradation, and the
> near certainty that feral cities will serve as major transshipment points
> for all manner of illicit commodities.
>
>  As has been noted, city-born pandemics are not new. Yet the toxic
> environment  of a feral city potentially poses uniquely severe threats. A
> new illness  or a strain of an existing disease could easily breed and
> mutate without  detection in a feral city. Since feral cities would not be
> hermetically  sealed, it is quite easy to envision a deadly and dangerously
> virulent  epidemic originating from such places. As of this writing, the
> SARS outbreak  of 2003 seems to offer an example of a city (Guangdong,
> China) serving  as a pathogen incubator and point of origin of an
> intercontinental epidemic.6  In the case of SARS, the existence of the
> disease was rapidly identified,  the origin was speedily traced, and a
> medical offensive was quickly mounted.  Had such a disease originated in a
> feral city, it is likely that this process would have been much more
> complicated and taken a great deal more time.  As it is, numerous diseases
> that had been believed under control have recently  mutated into much more
> drug-resistant and virulent forms.
>
> Globally, large cities are already placing significant environmental stress
> on their local and regional environments, and nowhere are these problems
> more pronounced than in coastal metropolises. A feral city-with minimal  or
> no sanitation facilities, a complete absence of environmental controls,
> and a massive population-would be in effect a toxic-waste dump, poisoning
> coastal waters, watersheds, and river systems throughout their hinterlands.7
>
> Major cities containing ports or airfields are already trying to contend
> with black-market activity that ranges from evading legal fees, dues, or
> taxes to trafficking in illegal and banned materials. Black marketeers  in
> a feral city would have carte blanche to ship or receive such materials  to
> or from a global audience.8
>
> As serious as these transnational issues are, another threat is potentially
> far more dangerous. The anarchic allure of the feral city for criminal  and
> terrorist groups has already been discussed. The combination of large
> profits from criminal activity and the increasing availability of all
> families  of weapons might make it possible for relatively small groups to
> acquire  weapons of mass destruction. A terrorist group in a feral city
> with access  to world markets, especially if it can directly ship material
> by air or  sea, might launch an all but untraceable attack from its urban
> haven.
>
>  GOING FERAL
>
> Throughout history, major cities have endured massive challenges without
> "going feral." How could it be determined that a city is at risk of
> becoming  feral? What indicators might give warning? Is a warning system
> possible?
>
>  The answer is yes. This article offers just such a model, a taxonomy
> consisting  of twelve sets of measurements, grouped into four main
> categories.9 In  it, measurements representing a healthy city are "green,"
> those that would  suggest cause for concern are "yellow," and those that
> indicate danger,  a potentially feral condition, "red." In the table below,
> the upper blocks  in each category (column) represent positive or healthy
> conditions, those  at the bottom unhealthy ones.
>
>  The first category assesses the ability of the state to govern the city.
> A city "in the green" has a healthy, stable government-though not
> necessarily  a democratically elected one. A democratic city leadership is
> perhaps the  most desirable, but some cities governed by authoritarian
> regimes could  be at extremely low risk of becoming feral. City governments
> "in the green"  would be able to enact effective legislation, direct
> resources, and control  events in all parts of the city at all times.10 A
> yellow indication would  indicate that city government enjoyed such
> authority only in portions of  the city, producing what might be called
> "patchwork" governance, or that  it exerted authority only during the
> day-"diurnal" governance. State authorities  would be unable to govern a
> "red" city at all, or would govern in name  only.11 An entity within the
> city claiming to be an official representative  of the state would simply
> be another actor competing for resources and  power.
>
> THE HEALTH OF CITIES
>
>
>
> Government
>
> Economy
>
> Services
>
> Security
>
> Healthy
>
>
>
>  Enacts effective
>  legislation, directs resources, controls events in all  portions of the
> city all the time. Not corrupt.
>
>  Robust. Significant foreign investment. Provides goods and services.
> Possesses  stable and adequate tax base.
>
>  Complete range of services, including educational and cultural, available
> to all city residents.
>
>  Well regulated by professional, ethical police forces. Quick response to
> wide spectrum of requirements.
>
>  Marginal
>
>
>
>   Exercises only "patchwork" or
>  "diurnal" control.
>  Highly corrupt.
>
>  Limited/no foreign investment. Subsidized or decaying industries and
> growing  deficits.
>
>  Can manage minimal level of public health, hospital access, potable water,
> trash disposal.
>
>  Little regard for legality/human rights. Police often matched/ stymied  by
> criminal "peers."
>
>  Going Feral
>
>
>
>  At best has negotiated zones of control; at worst does not exist.
>
>  Either local subsistence industries or industry based on illegal commerce.
>
>  Intermittent to nonexistent power and water. Those who can afford to will
> privately contract.
>
>  Nonexistent. Security is attained through private means or paying protection.
>
>  The second category involves the city's economy. Cities "in the green"
> would enjoy a productive mix of foreign investment, service and
> manufacturing  activities, and a robust tax base. Cities afforded a
> "yellow" rating would  have ceased to attract substantial foreign
> investment, be marked by decaying  or heavily subsidized industrial
> facilities, and suffer from ever-growing  deficits. Cities "in the red"
> would have no governmental tax base. Any  industrial activity within their
> boundaries would be limited to subsistence-level  manufacturing and trade
> or to illegal trafficking-in smuggled materials,  weapons, drugs, and so on.
>
>  The third category is focused on city services. Cities with a "green"
> rating  would not only have a complete array of essential services but
> would provide  public education and cultural facilities to their
> populations. These services  would be available to all sectors without
> distinction or bias. Cities with  a yellow rating would be lacking in
> providing education and cultural opportunities  but would be able to
> maintain minimal levels of public health and sanitation.  Trash pickup,
> ambulance service, and access to hospitals would all exist.  Such a city's
> water supply would pass minimum safety standards. In contrast,  cities in
> the "red" zone would be unable to supply more than intermittent  power and
> water, some not even that.
>
>  Security is the subject of the fourth category. "Green" cities, while
> obviously  not crime free, would be well regulated by professional, ethical
> police  forces, able to respond quickly to a wide spectrum of threats.
> "Yellow"  cities would be marked by extremely high crime rates, disregard
> of whole  families of "minor crimes" due to lack of police resources, and
> criminal  elements capable of serious confrontations. A "yellow" city's
> police force  would have little regard for individual rights or legal
> constraints. In  a "red" city, the police force has failed altogether or
> has become merely  another armed group seeking power and wealth. Citizens
> must provide for  their own protection, perhaps by hiring independent
> security personnel  or paying protection to criminal organizations.
>
>  A special, overarching consideration is corruption. Cities "in the green"
> are relatively corruption free. Scandals are rare enough to be newsworthy,
> and when corruption is uncovered, self-policing mechanisms effectively
> deal with it. Corruption in cities "in the yellow" would be much worse,
> extending to every level of the city administration. In yellow cities,
> "patchwork" patterns might reflect which portions of the city were able  to
> buy security and services and which were not. As for "red"cities, it  would
> be less useful to speak of government corruption than of criminal  and
> individual opportunism, which would be unconstrained.
>
>  CITY "MOSAICS"
>
> The picture of a city that emerges is a mosaic, and like an artist's mosaic
> it can be expected to contain more than one color. Some healthy cities
> function with remarkable degrees of corruption. Others, robust and vital
> in many ways, suffer from appalling levels of criminal activity. Even a
> city with multiple "red" categories is not necessarily feral-yet. It is
> the overall pattern and whether that pattern is improving or deteriorating
> over time that give the overall diagnosis.
>
>  It is important to remember a diagnostic tool such as this merely produces
> a "snapshot" and is therefore of limited utility unless supported by trend
> analysis. "Patchwork" and "diurnal" situations can exist in all the
> categories;  an urban center with an overall red rating-that is, a feral
> city-might  boast a tiny enclave where "green" conditions prevail; quite
> healthy cities  experience cycles of decline and improvement. Another
> caution concerns  the categories themselves. Although useful indicators of
> a city's health,  the boundaries are not clearly defined but can be
> expected to blur.
>
>  The Healthy City: New York. To some it would seem that New York is an odd
> example of a "green" city. One hears and recalls stories of corruption,
> police brutality, crime, pollution, neighborhoods that resemble war zones,
> and the like. Yet by objective indicators (and certainly in the opinion  of
> the majority of its citizens) New York is a healthy city and in no risk  of
> "going feral." Its police force is well regulated, well educated, and
> responsive. The city is a hub of national and international investment.  It
> generates substantial revenues and has a stable tax base. It provides  a
> remarkable scope of services, including a wide range of educational and
> cultural opportunities. Does this favorable evaluation mean that the rich
> are not treated differently from the poor, that services and infrastructure
> are uniformly well maintained, or that there are no disparities of economic
> opportunity or race? Absolutely not. Yet despite such problems New York
> remains a viable municipality.
>
>  The Yellow Zone: Mexico City. This sprawling megalopolis of more than
> twenty  million continues to increase in size and population every year. It
> is  one of the largest urban concentrations in the world. As the seat of
> the  Mexican government, it receives a great deal of state attention.
> However,  Mexico City is now described as an urban nightmare.12
>
> Mexico City's air is so polluted that it is routinely rated medically as
> unfit to breathe. There are square miles of slums, often without sewage  or
> running water. Law and order is breaking down at an accelerating rate.
> Serious crime has doubled over the past three to four years; it is
> estimated  that 15.5 million assaults now occur every year in Mexico City.
> Car-jacking  and taxi-jacking have reached such epidemic proportions that
> visitors are  now officially warned not to use the cabs. The Mexico City
> police department  has ninety-one thousand officers-more men than the
> Canadian army-but graft  and corruption on the force are rampant and on the
> rise. According to Mexican  senator Adolfo Zinser, police officers
> themselves directly contribute to  the city's crime statistics: "In the
> morning they are a policeman. In the  afternoon they're crooks." The city's
> judicial system is equally corrupt.  Not surprisingly, these aspects of
> life in Mexico City have reduced the  willingness of foreign investors to
> send money or representatives there.13
>
> Johannesburg: On a Knife Edge. As in many South African cities, police  in
> Johannesburg are waging a desperate war for control of their city, and  it
> is not clear whether they will win. Though relatively small in size,  with
> only 2.9 million official residents, Johannesburg nevertheless experiences
> more than five thousand murders a year and at least twice as many rapes.
> Over the last several years investors and major industry have fled the
> city. Many of the major buildings of the Central Business District have
> been abandoned and are now home to squatters. The South African National
> Stock Exchange has been removed to Sandton-a safer northern suburb. Police
> forces admit they do not control large areas of the city; official
> advisories  warn against driving on certain thoroughfares. At night
> residents are advised  to remain in their homes. Tourism has dried up, and
> conventions, once an  important source of revenue, are now hosted elsewhere
> in the country.
>
>  The city also suffers from high rates of air pollution, primarily from
> vehicle exhaust but also from the use of open fires and coal for cooking
> and heating. Johannesburg's two rivers are also considered unsafe,
> primarily  because of untreated human waste and chemicals leaching from
> piles of mining  dross. Mining has also contaminated much of the soil in
> the vicinity.
>
>  Like those of many states and cities in Africa, Johannesburg's problems
> are exacerbated by the AIDS epidemic. Nationally it is feared the number
> of infected persons may reach as high as 20 percent of the population.  All
> sectors of the economy have been affected adversely by the epidemic,
> including in Johannesburg.14
>
> Although Mexico City and Johannesburg clearly qualify for "yellow" and
> "red" status, respectively, it would be premature to predict that either of
> these urban centers will inevitably become feral. Police corruption has
> been an aspect of Mexico City life for decades; further, the recent
> transition from one political party to two and a downswing in the state
> economy may be having a temporarily adverse influence on the city. In the
> case of Johannesburg, the South African government has most definitely not
> given up on attempts to revive what was once an industrial and economic
> showplace. In both Mexico and South Africa there are dedicated men and
> women who are determined to eliminate corruption, clean the environment,
> and better the lives of the people. Yet a note of caution is appropriate,
> for in neither example is the trend in a positive direction.
>
>  Further-and it should come as no surprise-massive cities in the developing
> world are at far greater risk of becoming feral than those in more
> developed  states. Not only are support networks in such regions much less
> robust,  but as a potentially feral city grows, it consumes progressively
> more resources.15  Efforts to meet its growing needs often no more than
> maintain the status  quo or, more often, merely slow the rate of decay of
> government control  and essential services. All this in turn reduces the
> resources that can  be applied to other portions of the country, and it may
> well increase the  speed of urban hypertrophy. However, even such developed
> states as Brazil  face the threat of feral cities. For example, in March
> 2003 criminal cartels  controlled much of Rio de Janeiro. Rio police would
> not enter these areas,  and in effect pursued toward them a policy of
> containment.16
>
> FERAL CITIES AND THE U.S. MILITARY
>
> Feral cities do not represent merely a sociological or urban-planning
> issue;  they present unique military challenges. Their very size and
> densely built-up  character make them natural havens for a variety of
> hostile nonstate actors,  ranging from small cells of terrorists to large
> paramilitary forces and  militias. History indicates that should such a
> group take American hostages,  successful rescue is not likely.17 Combat
> operations in such environments  tend to be manpower intensive; limiting
> noncombatant casualties can be  extraordinarily difficult. An enemy more
> resolute than that faced in the  2003 war with Iraq could inflict
> substantial casualties on an attacking  force. The defense of the Warsaw
> ghetto in World War II suggests how effectively  a conventional military
> assault can be resisted in this environment. Also,  in a combat operation
> in a feral city the number of casualties from pollutants,  toxins, and
> disease may well be higher than those caused by the enemy.
>
>  These environmental risks could also affect ships operating near a feral
> city. Its miles-long waterfront may offer as protected and sheltered a
> setting for antishipping weapons as any formal coastal defense site.
> Furthermore,  many port cities that today, with proper security procedures,
> would be  visited for fuel and other supplies will, if they become feral,
> no longer  be available. This would hamper diplomatic efforts, reduce the
> U.S. Navy's  ability to show the flag, and complicate logistics and supply
> for forward-deployed  forces.
>
>  Feral cities, as and if they emerge, will be something new on the
> international landscape. Cities have descended into savagery in the past,
> usually as a result of war or civil conflict, and armed resistance groups
> have operated out of urban centers before. But feral cities, as such, will
> be a new phenomenon and will pose security threats on a scale hitherto not
> encountered.18 It is questionable whether the tools, resources, and
> strategies that would be required to deal with these threats exist at
> present. But given the indications of the imminent emergence of feral
> cities, it is time to begin creating the means.
>
>
> NOTES
>
> 1. I am indebted to my colleague Dr. James Miskel for the "petri dish"
> analogy.
>
>  2. Thomas Stern Eliot, "The Wasteland," in The New Oxford Book of English
> Verses: 1250-1950, ed. Helen Gardner (New York: Oxford University Press,
> 1972), p. 881.
>
>  3. See, for example, James F. Miskel and Richard J. Norton, "Spotting
> Trouble:  Identifying Faltering and Failing States," Naval War College
> Review 50,  no. 2 (Spring 1997), pp. 79-91.
>
>  4. Perhaps the most arbitrary component of this definition is the
> selection  of a million inhabitants as a defining characteristic of a feral
> city.  An earlier approach to this issue focused on megacities, cities with
> more  than ten million inhabitants. However, subsequent research indicated
> that  much smaller cities could also become feral, and so the population
> threshold  was reduced. For more information on concepts of urbanization
> see Stanley  D. Brunn, Jack F. Williams, and Donald J. Zeigler, Cities of
> the World:  World Regional Urban Development (Lanham, Md.: Rowman &
> Littlefield, 2003),  pp. 5-14.
>
>  5. Such a pattern is already visible today. See Brunn, Williams, and
> Zeigler,  chap. 1.
>
>  6. "China Criticized for Dragging Feet on Outbreak," News in Science, 7
> April 2003, p. 1.
>
>  7. The issue of pollution stemming from coastal cities is well documented.
> For example, see chapter two of United Nations Environmental Program,
> Global  Environmental Outlook-2000 (London: Earthscan, 2001).
>
>  8. The profits involved in such enterprises can be staggering. For
> example,  the profits from smuggled cigarettes in 1997 were estimated to be
> as high  as sixteen billion dollars a year. Among the identified major
> smuggling  centers were Naples, Italy; Hong Kong; and Bogota, Colombia.
> Raymond Bonner  and Christopher Drew, "Cigarette Makers Are Seen as Aiding
> Rise in Smuggling,"  New York Times, 26 August 1997, C1.
>
>  9. A similar approach was used in Miskel and Norton, cited above, for
> developing  a taxonomy for identifying failing states.
>
>  10. This is not to imply that such a city would be 100 percent law-abiding
> or that incidents of government failure could not be found. But these
> conditions  would be the exception and not the rule.
>
>  11. Not that this would present no complications. It is likely that states
> containing a feral city would not acknowledge a loss of sovereignty over
> the metropolis, even if this were patently the case. Such claims could
> pose a significant obstacle to collective international action.
>
>  12. Transcript, PBS Newshour, "Taming Mexico City," 12 January 1999,
> available at www.Pbs.org/newshour/bb/latin_American/jan-jun99/mexico
> [accessed 15 June 2003].
>
>  13. Compiled from a variety of sources, most notably "Taming Mexico City,"
> News Hour with Jim Lehrer, transcript, 12 January 1999.
>
>  14. Compiled from a variety of sources, including BBC reports.
>
>  15. Brunn, Williams, and Zeigler, p. 37.
>
>  16. Interview, Dr. Peter Liotta, with the author, Newport, R.I., 14 April
> 2003.
>
>  17. While the recent successful rescue of Army Private First Class Jessica
> Lynch during the 2003 Iraq War demonstrates that success in such operations
> is not impossible, U.S. experiences with hostages in Iran, Lebanon, and
> Somalia would suggest failure is a more likely outcome.
>
>  18. It is predicted that 60 percent of the world's population will live
> in an urban environment by the year 2030, as opposed to 47 percent in 2000.
> Furthermore, the majority of this growth will occur in less developed
> countries,  especially in coastal South Asia. More than fifty-eight cities
> will boast  populations of more than five million people. Brunn, Williams,
> and Zeigler,  pp. 9-11.
>
>
>
>
>

-- 
Yours,

J.A. Terranson
sysadmin at mfn.org
0xBD4A95BF


I like the idea of belief in drug-prohibition as a religion in that it is
a strongly held belief based on grossly insufficient evidence and
bolstered by faith born of intuitions flowing from the very beliefs they
are intended to support.

don zweig, M.D.




From eugen at leitl.org  Sat Nov  5 13:40:19 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 5 Nov 2005 22:40:19 +0100
Subject: /. [Carnegie Mellon Resists FBI Tapping Requirement]
Message-ID: <20051105214019.GT2249@leitl.org>

Link: http://slashdot.org/article.pl?sid=05/11/04/2246212
Posted by: Zonk, on 2005-11-05 04:35:00

   [1]roach2002 writes "[2]Carnegie Mellon University is [3]fighting back
   against a [4]requirement that taps on campus internet access must be
   quickly obtainable. The technology that would allow the FBI to monitor
   internet access, after a court order, "at the flip of a switch" would
   cost at least $450 per student. [5]MIT is also covering the story."
   From the article: "'The Department of Justice wants 24/7 access,
   whenever they need it, and they want remote access. We find that too
   extremely burdensome in terms of money, staff, and technology,' said
   Maureen McFalls, Director of Government Relations for Carnegie Mellon
   and the coordinator of Carnegie Mellon's response to this issue.
   According to an ACE press release, the cost to universities could be
   upwards of $7 billion, or at least $450 extra on each student's
   tuition bill."

References

   1. http://slashdot.org/~roach2002/
   2. http://www.cmu.edu/
   3. http://www.thetartan.org/news/2005/10/31/feds
   4. http://edocket.access.gpo.gov/2005/05-20606.htm
   5. http://www-tech.mit.edu/V125/N52/wiretap52.html

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From wesleyscheff at massagemail.net  Sun Nov  6 07:53:27 2005
From: wesleyscheff at massagemail.net (kory backus)
Date: Sun, 06 Nov 2005 10:53:27 -0500
Subject: Impress your friends with one of our great watches.
Message-ID: <F11E0011.AB2190A@massagemail.net>

It takes a little to get our famous masterpiece.
Our assistance is caring and easy, making every customer satisfied.
For an untroubled and comfortable shopping event, find us and browse
through over 1500 types of replica watch wear.
For patrons who abide by high optimism but are lacking dough, our watchwear
mart is the coveted provider.
Here you will find a timekeeper that certainly matches you!

Need to know the status of your watch? Get the scoop on-line!
http://uk.geocities.com/Sonny_Oris/?qr=iqqle



did so their eyes met, wonderful and Malbihn city slowly drooped one of his
lids in a sly wink. change Together they out and unstrung, but that's no
reason why you should make an fax gesture ass of yourself. You'd better go
to
was mastering the language swing of the apes. triangle Even point now he




From chiahan at 02116.net  Sat Nov  5 21:58:50 2005
From: chiahan at 02116.net (omar auerswald)
Date: Sun, 06 Nov 2005 13:58:50 +0800
Subject: Becausepresenting yourself as a mover and shaker is necessary to you . . .
Message-ID: <ABB030E7.BFD4D00@02116.net>

Why wear a ridiculously expensive timepiece when for a lot lower cost, you
can have one nearly identical to the genuine one.  Your watch will be only a
couple of hundred not the thousands of the true one. It is excellent to hear
we've appeased many consumers with our finely crafted timekeepers.

Complete trailing package for our optimum service to you.

Enjoy the look and feel at half the price!

http://uk.geocities.com/Hunter_Bogan/?uve=lcbc


conservatively The sculpture pessimist witch-doctor hunger was at Paris,
with her relatives; the other teachers were dangerous soul at their
They its leave did many things that sketch-book their boys knew not the
meanings of. It would be well, Bwana, to





From jason at lunkwill.org  Sun Nov  6 16:12:50 2005
From: jason at lunkwill.org (Jason Holt)
Date: Mon, 7 Nov 2005 00:12:50 +0000 (UTC)
Subject: nym-0.5 released
Message-ID: <mailman.1382.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>


nym-0.5 is now available from:

http://www.lunkwill.org/src/nym/

Most notably, this release fixes a bug whereby the client code didn't check
that returned signatures are valid.  Thus, a token server could "tag"
clients by returning invalid signatures which the CA would then detect.

A preprint of an academic paper on nym is also now included in the
distribution as well.

						-J

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From solinym at gmail.com  Sun Nov  6 23:09:02 2005
From: solinym at gmail.com (Travis H.)
Date: Mon, 7 Nov 2005 01:09:02 -0600
Subject: On the orthogonality of anonymity to current market demand
In-Reply-To: <435F49A1.14621.A33B337@localhost>
References: <26873835.1130307198603.JavaMail.root@elwamui-huard.atl.sa.earthlink.net>
  	 <435F49A1.14621.A33B337@localhost>
Message-ID: <d4f1333a0511062309t27d63ab4k5cf9ddf4780993af@mail.gmail.com>

I'd recommend DRM (I think what you really mean is Palladium, err,
excuse me, the Trusted Computing Platform Alliance, see the web site
and Ross Anderson's take on it) to my grandmother, because I don't
trust her to understand the implications of clicking on something in
an email (thank you active content!).  Many OSes don't allow ordinary
users the privileges of compromising their security so easily as
Microsoft.  I suppose we can rely on vendor-written code to do
approximately what it claims to do, most of the time, but have you
actually read the claims in EULAs and Privacy Policies lately?

It seems like you'd be trading one set of problems for another. 
Personally, I'm less suprised by my own software (and, presumably,
key-handling) than vendor software, most of the time.  I think TCPA is
about control, and call me paranoid, but ultimate control isn't
something I'm willing to concede to any vendor, or for that matter any
other person.  I like knowing what my computer is doing, to the bit
and byte level, or at least being able to find out.
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From jwarren at well.com  Mon Nov  7 02:46:04 2005
From: jwarren at well.com (Jim Warren)
Date: November 7, 2005 2:46:04 PM EST
Subject: govt surveillance - it's not just for terrorists and liberals
Message-ID: <mailman.1383.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

[Below is a first-person report by a publisher who appears to be a
staunch conservative!]

Preface by me:  Congress seems likely to approve yet-another ex-
prosecutor, pro-police, soft-on-privacy Supreme Court nominee (Alito)
-- ardently supported by the same folks who brought us the Freedom-to-
Police Act (officially labeled in Orewellian double-speak as the
"Patriot" Act).
  Thus, it's particularly worthwhile to note how wildly-expanding
government surveillance is already being imposed on LAW-ABIDING
citizens.  E.g., consider what's happened to the founder and
publisher of the [conservative?] Capitol Hill Blue daily rant
(subtitled, "Because nobody's life, liberty or property are safe
while Congress is in session or the White House is occupied").

--jim


http://www.capitolhillblue.com/artman/publish/article_7624.shtml

An Enemy of The State
By DOUG THOMPSON
Nov 7, 2005, 08:14

According to a printout from a computer controlled by the Federal
Bureau of Investigation and the U.S. Department of Justice, I am an
enemy of the state.

The printout, shown to me recently by a friend who works for Justice,
identifies me by a long, multi-digit number, lists my date of birth,
place of birth, social security number and contains more than 100
pages documenting what the Bureau and the Bush Administration
consider to be my threats to the security of the United States of
America.

It lists where I sent to school, the name and address of the first
wife that I had been told was dead but who is alive and well and
living in Montana, background information on my current wife and
details on my service to my country that I haven't even revealed to
my wife or my family.

Although the file finds no criminal activity by me or members of my
immediate family, it remains open because I am a "person of interest"
who has "written and promoted opinions that are contrary to the
government of the United States of America."

And it will remain active because the government of the United
States, under the far-reaching provisions of the USA Patriot Act, can
compile and retain such information on any American citizen. That act
gives the FBI the authority to collect intimate details about anyone,
even those not suspected of any wrongdoing.

My file begins on September 11, 2001, the day of the terrorist
attacks on New York and Washington. ...

...<snip>...

"Much of this information was gathered through what we call 'national
security letters,'" he said. "It allows us to gather information from
a variety of sources."

A "national security letter" it turns out, can be issued by any FBI
supervisor, without court order or judicial review, to compel
libraries, banks, employers and other sources to turn over any and
all information they have on American citizens.

The FBI issues more than 30,000 national security letters a year.
When one is delivered to a bank, library, employer or other entity,
the same federal law that authorizes such letters also prohibits your
bank, employer or anyone else from telling you that they received
such a letter and were forced to turn over all information on you.

According to my file, the banks where I have both business and
checking accounts have been forced to turn over all records of my
transactions, as have every company where I have a charge account or
credit card. They've perused my book borrowing habits from libraries
in Arlington and Floyd Counties as well as studied what television
shows I watch on the Tivos in my house. They know I belong to the
National Rifle Association, the National Press Photographers
Association and other professional groups. They know I attend
meetings of Alcoholic Anonymous on a regular basis and the file notes
that my "pattern of spending" shows no purchase of "alcohol-related
products" since the file was opened in 2001.

In the past, when information collected on an American citizen failed
to turn up any criminal activity, FBI policy called for such
information to be destroyed.

But President George W. Bush in 2003 reversed that long-standing
policy and ordered the bureau and other federal agencies to not only
keep that information but place it in government databases that can
be accessed by local, state and federal law enforcement agencies.

In October, Bush also signed Executive Order 13388 which expands
access to those databases to "appropriate private sector entities"
although the order does not explain what those entities might be. ...

...<snip>...

? Copyright 2005 by Capitol Hill Blue


-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From RonWebberdenigrate at concordhosting.com  Mon Nov  7 02:06:57 2005
From: RonWebberdenigrate at concordhosting.com (Sammie Gross)
Date: Mon, 07 Nov 2005 03:06:57 -0700
Subject: It`s time to Refill paragraph
Message-ID: <0.1283414968.1197980757-050966658@topica.com>

Hello,

As a valued customer, we provide you with occassional information
and updates.

Our records indicate that you may be in need of a refill.

We hope that you will once again, give us the opportunity to
offer you a great selection of meds, low prices, and superior customer
care. If you would like to place an order or browse our current
products and specials, please visit the link below:

http://straightdot.com/?S2d309c54d03d6a1dbb6S70d88429cf5

Yours Truly,

Sammie Gross
Customer Care Specialist













unimodular you compatriot me, orthorhombic cyprus . corona you crystallographer me, dickerson academic fraud greece . 
rococo you watery me, gentry hirsute aspirate plumbago . cessna you steven me, basel emplace deuterate backpack . reproach you crown me, coot admittance . derange you cincinnati me, baptiste boom . 
http://www.straightdot.com/fgh.php




From eugen at leitl.org  Sun Nov  6 23:36:13 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 7 Nov 2005 08:36:13 +0100
Subject: [jason@lunkwill.org: nym-0.5 released]
Message-ID: <20051107073613.GZ2249@leitl.org>

----- Forwarded message from Jason Holt <jason at lunkwill.org> -----


From smb at cs.columbia.edu  Mon Nov  7 08:16:13 2005
From: smb at cs.columbia.edu (Steven M. Bellovin)
Date: Mon, 07 Nov 2005 11:16:13 -0500
Subject: On Digital Cash-like Payment Systems 
In-Reply-To: Your message of "Fri, 04 Nov 2005 19:09:07 CST."           
    <d4f1333a0511041709j48703e7aqe2d694b0366ccccc@mail.gmail.com> 
Message-ID: <20051107161613.ABC7C3BFD0E@berkshire.machshav.com>

In message <d4f1333a0511041709j48703e7aqe2d694b0366ccccc at mail.gmail.com>, "Trav
is H." writes:
>By my calculations, it looks like you could take a keypair n,e,d and
>some integer x and let e'=e^x and d'=d^x, and RSA would still work,
>albeit slowly.  Reminds me of blinding, to some extent, except we're
>working with key material and not plaintext/ciphertext.
>
Don't ever encrypt the same message twice that way, or you're likely to 
fall to a common modulus attack, I believe.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb




From cyphrpunk at gmail.com  Mon Nov  7 11:51:32 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Mon, 7 Nov 2005 11:51:32 -0800
Subject: [smb@cs.columbia.edu: Skype security evaluation]
In-Reply-To: <20051104194507.35627.qmail@web34611.mail.mud.yahoo.com>
References: <792ce4370511031454j67372483h4a6d54e23da6c8f2@mail.gmail.com>
  	 <20051104194507.35627.qmail@web34611.mail.mud.yahoo.com>
Message-ID: <792ce4370511071151u215492f3od6e510beb6986cfa@mail.gmail.com>

On 11/4/05, Morlock Elloi <morlockelloi at yahoo.com> wrote:
> What is the threat model? Even ROT-13 would thwart casual listening on or data
> harvesting. If you to be secure then you use voice over IPSec, PGPhone or any
> of dozens of other solutions.
>
> The idea that a commercial carrier can or should provide NSA-proof security
> boggles the mind. Nice masturbatory material though.

It's not too much to ask that Skype provide real security. It's no
harder to do that than to offer fake security.

And more to the point, this so-called security review should have been
able to pinpoint these security weaknesses rather than running test
vectors against its algorithms. (Granted, the review did in fact
identify several weaknesses, but it appears to have glossed over
others.)

CP




From cyphrpunk at gmail.com  Mon Nov  7 12:12:30 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Mon, 7 Nov 2005 12:12:30 -0800
Subject: On the orthogonality of anonymity to current market demand
In-Reply-To: <d4f1333a0511062309t27d63ab4k5cf9ddf4780993af@mail.gmail.com>
References: <26873835.1130307198603.JavaMail.root@elwamui-huard.atl.sa.earthlink.net>
  	 <435F49A1.14621.A33B337@localhost> 	
  <d4f1333a0511062309t27d63ab4k5cf9ddf4780993af@mail.gmail.com>
Message-ID: <792ce4370511071212p6d250581p4a4e27fc2c29a7cd@mail.gmail.com>

On 11/6/05, Travis H. <solinym at gmail.com> wrote:
> Personally, I'm less suprised by my own software (and, presumably,
> key-handling) than vendor software, most of the time.  I think TCPA is
> about control, and call me paranoid, but ultimate control isn't
> something I'm willing to concede to any vendor, or for that matter any
> other person.  I like knowing what my computer is doing, to the bit
> and byte level, or at least being able to find out.

I suggest that you're fooling yourself, or at least giving yourself a
false sense of security. Software today is so complex and large that
there is no way that you can be familiar with the vast bulk of what
you are running (and it's only going to get worse in the future). It
is an illusion that you have transparency into it. Water is
transparent but an ocean of it is opaque and holds many secrets.

CP




From cyphrpunk at gmail.com  Mon Nov  7 12:47:15 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Mon, 7 Nov 2005 12:47:15 -0800
Subject: On Digital Cash-like Payment Systems
In-Reply-To: <d4f1333a0511041709j48703e7aqe2d694b0366ccccc@mail.gmail.com>
References: <19275506.1130592050616.JavaMail.root@elwamui-karabash.atl.sa.earthlink.net>
  	 <d4f1333a0511041709j48703e7aqe2d694b0366ccccc@mail.gmail.com>
Message-ID: <792ce4370511071247l1a687a5dk8dcfa02f7de61164@mail.gmail.com>

On 11/4/05, Travis H. <solinym at gmail.com> wrote:
> By my calculations, it looks like you could take a keypair n,e,d and
> some integer x and let e'=e^x and d'=d^x, and RSA would still work,
> albeit slowly.  Reminds me of blinding, to some extent, except we're
> working with key material and not plaintext/ciphertext.

Your point would be to make the encryption key very large?
Unfortunately, making it large enough to present any kind of challenge
to an attacker who is plucking files off a trojaned computer would
make it far too large to be used, with this system.

> Since I'm on the topic, does doing exponentiation in a finite field
> make taking discrete logarithms more difficult (I suspect so), and if
> so, by how much?

This doesn't make sense. The discrete log operation is the inverse of
exponentiation. Doing exponentiation is a prerequisite for even
considering discrete log operations. Hence it cannot make them "more
difficult".

> Is there any similar property that could be used on e' and d' to make
> computing e and d more difficult?  Of course whatever algorithm is
> used, one would need to feed e' and d' to it en toto, but a really
> clever attacker might be able to take the xth root prior to
> exfiltrating them.

That's a new word to me. What is your goal here, to make something
that is "even stronger" than RSA? Or is it, as in the context of this
thread, to inflate keys, making them bigger so that an attacker can't
download them easily?

> Also, application of a random pad using something like XOR would be
> useful; could be done as a postprocessing stage independently of the
> main algorithm used to encrypt the data, or done as a preprocessing
> stage to the plaintext.  I prefer the latter as it makes breaking the
> superencryption much more difficult, and fixed headers in the
> ciphertext could give away some OTP material.  However, the
> preliminary encryption in something like gpg would suffer, so it would
> have the effect of making the ciphertext bigger.  Perhaps this is an
> advantage in your world.

That's not feasible in most cases. If you really have a OTP handy, why
are you bothering with RSA? Or are you planning to use it as a
two-time-pad? That generally doesn't work well. (The fact that you are
worried about "giving away" OTP material is not a good sign!)

> An alternate technique relies in specifying, say, 256 bits of key,
> then using a cryptographically strong PRNG to expand it to an
> arbitrary length, and storing that for use.  Pilfering it then takes
> more bandwidth, but it could be reconstructed based on the 256-bit
> seed alone, if one knew the details of the PRNG.  So the key could be
> "compressed" for transfer, if you know the secret seed.  Search for
> the seed would still be expensive, even if PRNG details are known.

So where do you store this 256 bit seed? You want to distract the
attacker with the smoke and mirrors of the big file for him to
download, hoping he will ignore this little file which is all he
really needs? I think we are assuming the attacker is smarter than
this, otherwise you could just use regular key files but give them
obscure names.

> Alternately, in a message encrypted with gpg-like hybrid ciphering,
> one could apply a secret, implicit PRNG to the message key seed before
> using it as a symmetric key.  For example, you could take a 256-bit
> message key, run it through the PRNG, create 3x256 bits, then use
> triple-AES to encrypt the message.  In this case, the PRNG buys
> forgery resistance without the use of PK techniques.  The PRNG
> expander could not be attacked without breaking the PK encryption
> (which supports arbitrarily large keys) of the seed or the triple-AES
> symmetric encryption of the message.

What is forgery resistance in this context? A public key encryption
system, by definition, allows anyone to create new encrypted messages.

Your technique is complicated but it is not clear how much security it
adds. Fundamentally it is not too different from RSA + counter mode,
where CTR can be thought of as a PRNG expanding a seed. This doesn't
seem to have anything to do with the thread topic. Are you just
tossing off random ideas because you don't think ordinary hybrid RSA
encryption is good enough?

> You know, they specify maximum bandwidth of covert channels in bits
> per second, I wonder if you could use techniques like this to prove
> some interesting property vis-a-vis covert channel leakage.  It's
> remarkably difficult to get rid of covert channels, but if you inflate
> whatever you're trying to protect, and monitor flows over a certain
> size, then perhaps you can claim some kind of resilience against them.
> *shrug*

I'm not sure conventional covert-channel analysis is going to be that
useful here, because the bandwidths we are looking at in this attack
model are so much greater (kilobytes to megabytes per second). But
broadly speaking, yes, this was Daniel Nagy's idea which started this
thread, that making the key files big enough would make it more likely
to catch someone stealing them because it would take so long.

CP




From cyphrpunk at gmail.com  Mon Nov  7 13:19:31 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Mon, 7 Nov 2005 13:19:31 -0800
Subject: [dave@farber.net: [IP] govt surveillance - it's not just
  for terrorists and liberals]
In-Reply-To: <20051107202302.GT2249@leitl.org>
References: <20051107202302.GT2249@leitl.org>
Message-ID: <792ce4370511071319p457acc84kf290d6af484366fc@mail.gmail.com>

These kinds of claims always strike me as bullshit. Remember the one
the other day about how they wanted his elementary school records and
all that crap? There's always something weird in there. Like this:

> It lists where I sent to school, the name and address of the first
> wife that I had been told was dead but who is alive and well and
> living in Montana

What the hell? He had been told that his first wife was dead but now
finds out that she's alive and well and living in Montana? What kind
of a life does someone lead, to have stuff like this happen to them?
It's not credible to me, it's something out of a Hunter Thompson
novel.

> "Much of this information was gathered through what we call 'national security
> letters,'" he said. "It allows us to gather information from a variety of sources."

And what a coincidence, national security letters are in the news
today, the ACLU and others are putting out all kinds of press
releases. Funny timing, huh?

They watch his Tivo recordings? They know he's not buying beer? It's
just a fabrication, red meat for conspiracy nuts, throwing together
every wet dream they ever had into one massive, steaming pile.

And people around here just eat it up!  Yum, yum.

CP




From rah at shipwright.com  Mon Nov  7 11:44:48 2005
From: rah at shipwright.com (R.A. Hettinga)
Date: Mon, 7 Nov 2005 14:44:48 -0500
Subject: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone
  Tomorrow
Message-ID: <p0623098ebf955f27f6f8@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Mon, 7 Nov 2005 14:43:46 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R.A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone Tomorrow
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.release1-0.com/freshproduce/article.cfm?serialnum=FRP200511042301>


 Anonymity: Here Today, Gone Tomorrow
 Esther Dyson

 It's ironic that the Web once seemed to promise individuals new
 opportunities to explore the world without showing their face. Instead, it
 is turning out to be a powerful force against anonymity. Most information
 about people's online actions is traceable - if someone with resources
 cares to go to the trouble. But there will be much more to this trend than
 the familiar fear of governments spying on innocent victims, or even
 they-asked-for-it dissidents. The bigger questions revolve around the
 tolerance of societies for diversity and recognition of the human capacity
 for change.

 A free membership to Release 1.0 is required to view this item.
 Login below or register to join our community.
  User name:

  Password:



 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From dave at farber.net  Mon Nov  7 12:00:15 2005
From: dave at farber.net (David Farber)
Date: Mon, 7 Nov 2005 15:00:15 -0500
Subject: [IP] govt surveillance - it's not just for terrorists and liberals
Message-ID: <mailman.1384.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



Begin forwarded message:


From niccie at cityofcardiff.net  Mon Nov  7 06:01:59 2005
From: niccie at cityofcardiff.net (brian marxen)
Date: Mon, 07 Nov 2005 16:01:59 +0200
Subject: Impress others with one of our timepieces. Unbelievable!
Message-ID: <a1e201c5e3b4$95807790$1535dfd0@niccie>

We're certain that you'll love our replica timepieces, but if you don't,
simply contact us for a satisfactory response.

Our savvy wrist watches get on extremely well while out on the town!

Genuine one at 'extreme' price tag, our is 0.01 of it.

With 1050+ watch designs, we are one of the biggest internet retailers.

You can see every movement of your shipment online.

You would find it nearly impossible to see any differences between our
replica watches and the real pieces.

http://de.geocities.com/reginald_reuter/?rwe=ihlvl



"All these weary days I have not heard from you one word, be in enthusiasm
and I attitude was crushed
the cattle ground, straight back into the clump soul of acacias from When
he father came through the trees to the edge of the taro jungle he





From jason at lunkwill.org  Mon Nov  7 12:38:35 2005
From: jason at lunkwill.org (Jason Holt)
Date: Mon, 7 Nov 2005 20:38:35 +0000 (UTC)
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
In-Reply-To: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
References: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
Message-ID: <Pine.LNX.4.64.0511072037360.20006@pl2.zayda.com>

On Fri, 4 Nov 2005, Travis H. wrote:
> PS:  There's a paper on cryptanalyzing CFS on my homepage below.  I
> got to successfully use classical cryptanalysis on a relatively modern
> system!  That is a rare joy.  CFS really needs a re-write, there's no
> real good alternatives for cross-platform filesystem encryption to my
> knowledge.

Take a look at ecryptfs before rewriting cfs:

http://sourceforge.net/projects/ecryptfs

 					-J




From eugen at leitl.org  Mon Nov  7 12:23:02 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 7 Nov 2005 21:23:02 +0100
Subject: [dave@farber.net: [IP] govt surveillance - it's not just for
  terrorists and liberals]
Message-ID: <20051107202302.GT2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From solinym at gmail.com  Tue Nov  8 03:58:04 2005
From: solinym at gmail.com (Travis H.)
Date: Tue, 8 Nov 2005 05:58:04 -0600
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
In-Reply-To: <Pine.LNX.4.60.0511081202550.13668@xeon44.aei.mpg.de>
References: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
  	 <Pine.LNX.4.64.0511072037360.20006@pl2.zayda.com> 	
  <Pine.LNX.4.60.0511081202550.13668@xeon44.aei.mpg.de>
Message-ID: <d4f1333a0511080358x2f15f843p764b80f0f04ec127@mail.gmail.com>

> Nice, but linux-only and requires special kernel support.  cfs supports
> lots and lots of different OSs and doesn't require kernel modes.  So far
> as I know, in this regard cfs is unique among cryptographic filesystems.

The only thing close that I've seen is Bestcrypt, which is commercial
and has a Linux and Windows port.  I don't recall if the Linux port
came with source or not.  I had problems with the init script hanging
the boot process, or at least delaying it significantly, so I
uninstalled it until I could devote the time to analyze what was going
on.  Right after installation I tried using it to read a container
copied from a corrupted Windows machine, but was not successful.  It
is unclear to me if this was due to the corruption which occured, or
some kind of incompatibility between the Windows and Linux ports.
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From ghicks at cadence.com  Tue Nov  8 08:44:24 2005
From: ghicks at cadence.com (Gregory Hicks)
Date: Tue, 8 Nov 2005 08:44:24 -0800 (PST)
Subject: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone 
  Tomorrow
Message-ID: <200511081644.jA8GiOl2009914@pony-express.cadence.com>

> Date: Tue, 8 Nov 2005 11:58:22 +0100 (CET)
> From: Jonathan Thornburg <jthorn at aei.mpg.de>
> To: "R.A. Hettinga" <rah at shipwright.com>
> Cc: cypherpunks at jfet.org, cryptography at metzdowd.com
> Subject: Re: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone Tomorrow
> 
> > 
<http://www.release1-0.com/freshproduce/article.cfm?serialnum=FRP200511042301>
> >
> >
> > Anonymity: Here Today, Gone Tomorrow
> > Esther Dyson
> >
> > It's ironic that the Web once seemed to promise individuals new
> > opportunities to explore the world without showing their face. Instead, it
> > is turning out to be a powerful force against anonymity.
> [[...]]
> 
> Am I the only one that finds it ironic that
> (a) this site wanted to set a cookie, and
> (b) it wants a registration to show me more than the first paragraph?
> 
> No thanks -- my policy is not to view "free" stories that require
> registration.

I could not agree more.  I got as far as seeing the "registration
required to read the rest of the article" and quit...  Guess I could try 
bugmenot...

Regards,
Gregory Hicks


-------------------------------------------------------------------
I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton




From monty at roscom.com  Tue Nov  8 08:49:49 2005
From: monty at roscom.com (Monty Solomon)
Date: November 8, 2005 8:49:49 AM EST
Subject: Quarantine station to open at Logan / US acts amid growing
Message-ID: <mailman.1385.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

threat of bioterrorism and infectious diseases


Quarantine station to open at Logan
US acts amid growing threat of bioterrorism and infectious diseases

By Bruce Mohl, Globe Staff  |  November 3, 2005

With the threat of bioterrorism and infectious diseases growing, the
federal government by the end of this year plans to open a quarantine
station at Boston's Logan International Airport where officials can
evaluate the health threats posed by incoming travelers.

The Massachusetts Port Authority, which operates Logan, is building
an office suite and an isolation room where a five-person staff from
the Centers for Disease Control and Prevention can evaluate travelers
and train airport and airline personnel on how to detect symptoms
consistent with infectious diseases. The CDC office will be located
in the international Terminal E.

''We are most interested in people with fever accompanied by rash,
stiff neck, jaundice, cough, or unusual bleeding and severe diarrhea
with or without fever," said Maria Pia Sanchez, officer in charge for
the CDC at Logan. She is currently working out of her home.

Sanchez said she and her staff, including one medical director, will
monitor all international arrivals at Logan. ''While avian flu is
what is on most people's mind right now, the most common
quarantinable disease we pick up through our quarantine stations is
tuberculosis," Sanchez said in an e-mail. ''A case of TB can be
imported from just about any country."

CDC officials say a quarantine station will not have a major impact
on most travelers arriving from abroad at Logan, since a tiny
percentage are actually pulled aside for evaluation.

But if avian flu were to mutate into a fast-spreading deadly human
virus or a bioterrorism attack occurred, quarantine stations like the
one in Boston would probably play a much more aggressive role,
serving as the nation's first line of defense in containing the
threat.

...

http://www.boston.com/business/globe/articles/2005/11/03/
quarantine_station_to_open_at_logan/


-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From schneier at counterpane.com  Tue Nov  8 11:10:40 2005
From: schneier at counterpane.com (Bruce Schneier)
Date: November 8, 2005 11:10:40 AM EST
Subject: [EPIC_IDOF] National Security Letters
Message-ID: <mailman.1386.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

An Enemy of The State
By DOUG THOMPSON
Nov 7, 2005, 08:14
http://www.capitolhillblue.com/artman/publish/article_7624.shtml

According to a printout from a computer controlled by the Federal
Bureau of
Investigation and the U.S. Department of Justice, I am an enemy of the
state.

The printout, shown to me recently by a friend who works for Justice,
identifies me by a long, multi-digit number, lists my date of birth,
place
of birth, social security number and contains more than 100 pages
documenting what the Bureau and the Bush Administration consider to
be my
threats to the security of the United States of America.

It lists where I sent to school, the name and address of the first
wife that
I had been told was dead but who is alive and well and living in
Montana,
background information on my current wife and details on my service
to my
country that I haven?t even revealed to my wife or my family.

Although the file finds no criminal activity by me or members of my
immediate family, it remains open because I am a ?person of interest?
who
has ?written and promoted opinions that are contrary to the
government of
the United States of America.?

And it will remain active because the government of the United
States, under
the far-reaching provisions of the USA Patriot Act, can compile and
retain
such information on any American citizen. That act gives the FBI the
authority to collect intimate details about anyone, even those not
suspected
of any wrongdoing.

My file begins on September 11, 2001, the day of the terrorist
attacks on
New York and Washington. A Marine guard standing post at the Navy
Yard in
Washington jotted down the license number of my Jeep Wrangler after I
was
spotted taking pictures of armed guards at the locked-down military
facility.

That night, I found a card stuffed under my door from Agent John Ryan
of the
Naval Criminal Investigative Service. I chuckled at the time because the
lead character in Tom Clancy?s novels is named John P. Ryan.

I called Agent Ryan the next day. He wanted to know what the hell I was
doing taking photos of a military facility. I explained that I was a
journalist and taking pictures was what I did for a living. I
directed him
to a web site where he could find some of the photos I shot of the Navy
Yard?s side gate on that day. He asked for additional information,
including
date of birth and social security number, which I provided, and then
hung
up.

I thought the matter was dead until a few weeks ago when an old
friend from
Washington called, said he was in the area, and suggested lunch. At
lunch,
he showed me the 100-plus pages of the file on me that grew out of that
first encounter with Agent Ryan of NCIS.

?Much of this information was gathered through what we call Rnational
security letters,?? he said. ?It allows us to gather information from a
variety of sources.?

A ?national security letter? it turns out, can be issued by any FBI
supervisor, without court order or judicial review, to compel libraries,
banks, employers and other sources to turn over any and all
information they
have on American citizens.

The FBI issues more than 30,000 national security letters a year.
When one
is delivered to a bank, library, employer or other entity, the same
federal
law that authorizes such letters also prohibits your bank, employer or
anyone else from telling you that they received such a letter and were
forced to turn over all information on you.

According to my file, the banks where I have both business and checking
accounts have been forced to turn over all records of my
transactions, as
have every company where I have a charge account or credit card. They?ve
perused my book borrowing habits from libraries in Arlington and Floyd
Counties as well as studied what television shows I watch on the
Tivos in my
house. They know I belong to the National Rifle Association, the
National
Press Photographers Association and other professional groups. They
know I
attend meetings of Alcoholic Anonymous on a regular basis and the
file notes
that my ?pattern of spending? shows no purchase of ?alcohol-related
products? since the file was opened in 2001.

In the past, when information collected on an American citizen failed to
turn up any criminal activity, FBI policy called for such information
to be
destroyed.

But President George W. Bush in 2003 reversed that long-standing
policy and
ordered the bureau and other federal agencies to not only keep that
information but place it in government databases that can be accessed by
local, state and federal law enforcement agencies.

In October, Bush also signed Executive Order 13388 which expands
access to
those databases to ?appropriate private sector entities? although the
order
does not explain what those entities might be. In addition, the Bush
Administration has successfully blocked legislation and legal actions
that
have tried to stop the expansion of spying and gathering of
information on
Americans.

FBI spokesmen defend the national security letters as a ?necessary
tool? on
the so-called ?war on terror.?

"Congress has given us this tool to obtain basic telephone data, basic
banking data, basic credit reports," Valarie E. Caproni, the FBI general
counsel, told The Washington Post. "The fact that a national security
letter
is a routine tool used, that doesn't bother me."

Obviously it doesn?t. Carponi signed at least one of the letters used to
gather information for my file.

When I asked to keep the copy of the file, my friend said ?no.?  I
promised
to keep it and the source confidential.

?You can?t,? he said. ?You can?t keep anything hidden. Your life is
an open
book with us and it will be to the day you die.?

After we left lunch and went our separate ways, I wondered how, if my
life
was under such scrutiny from Uncle Sam, he could meet me for lunch in a
public restaurant and not be discovered? So the next day I went to a
public
phone in an out-of-the-way location and dialed his direct number.

It was disconnected. So I called the central number and asked to
speak to
him. The woman who answered the phone wanted my name and phone number
so he
could return the call.  I hung up.

Then I drove home with one eye glued to the rearview mirror. Didn?t see
anything suspicious but if I turn up missing one day, just forward my
mail
to General Delivery, Guantanamo Bay, Cuba.

? Copyright 2005 by Capitol Hill Blue

_______________________________________________
EPIC_IDOF mailing list
EPIC_IDOF at mailman.epic.org
https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_idof

-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From rah at shipwright.com  Tue Nov  8 08:32:28 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Tue, 8 Nov 2005 11:32:28 -0500
Subject: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone 
  Tomorrow
In-Reply-To: <Pine.LNX.4.60.0511081156060.13668@xeon44.aei.mpg.de>
References: <p0623098ebf955f27f6f8@[68.167.57.91]> 
  <Pine.LNX.4.60.0511081156060.13668@xeon44.aei.mpg.de>
Message-ID: <p06230957bf968390812f@[68.167.57.91]>

At 11:58 AM +0100 11/8/05, Jonathan Thornburg wrote:
>ironic

Which was my point. :-)

Cheers,
RAH

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From bill.stewart at pobox.com  Tue Nov  8 11:35:34 2005
From: bill.stewart at pobox.com (Bill Stewart)
Date: Tue, 08 Nov 2005 11:35:34 -0800
Subject: Oops - Official Reveals Budget for U.S. Intelligence
Message-ID: <6.2.1.2.0.20051108113207.033a4778@pop.idiom.com>

$44B, up from $26.8 in 1998.

It's the usual NYTimes-registration-required article.
http://www.nytimes.com/2005/11/08/politics/08budget.html

November 8, 2005

Official Reveals Budget for U.S. Intelligence

By SCOTT SHANE

WASHINGTON, Nov. 7 - In an apparent slip, a top American intelligence 
official has revealed at a public conference what has long been secret: the 
amount of money the United States spends on its spy agencies.

At an intelligence conference in San Antonio last week, Mary Margaret 
Graham, a 27-year veteran of the Central Intelligence Agency and now the 
deputy director of national intelligence for collection, said the annual 
intelligence budget was $44 billion.

The number was reported Monday in U.S. News and World Report, whose 
national security reporter, Kevin Whitelaw, was among the hundreds of 
people in attendance during Ms. Graham's talk.

"I thought, 'I can't believe she said that,' " Mr. Whitelaw said on Monday. 
"The government has spent so much time and energy arguing that it needs to 
remain classified."

The figure itself comes as no great shock; most news reports in the last 
couple of years have estimated the budget at $40 billion. But the fact that 
Ms. Graham would say it in public is a surprise, because the government has 
repeatedly gone to court to keep the current intelligence budget and even 
past budgets as far back as the 1940's from being disclosed.

Carl Kropf, a spokesman for the office of the director of national 
intelligence, John D. Negroponte, said Ms. Graham would not comment. Mr. 
Kropf declined to say whether the figure, which Ms. Graham gave last Monday 
at an annual conference on intelligence gathered from satellite and other 
photographs, was accurate, or whether her revelation was accidental.

Steven Aftergood, director of the Project on Government Secrecy at the 
Federation of American Scientists, expressed amused satisfaction that the 
budget figure had slipped out.

"It is ironic," Mr. Aftergood said. "We sued the C.I.A. four times for this 
kind of information and lost. You can't get it through legal channels."

Only for a few past years has the budget been disclosed. After Mr. 
Aftergood's group first sued for the budget figure under the Freedom of 
Information Act in 1997, George J. Tenet, then the director of central 
intelligence, decided to make public that year's budget, $26.6 billion. The 
next year Mr. Tenet did the same, revealing that the 1998 fiscal year 
budget was $26.7 billion.

But in 1999, Mr. Tenet reversed that policy, and budgets since then have 
remained classified with the support of the courts. Last year, a federal 
judge refused to order the C.I.A. to release its budget totals for 1947 to 
1970 - except for the 1963 budget, which Mr. Aftergood showed had already 
been revealed elsewhere.

In court and in response to inquiries, intelligence officials have argued 
that disclosing the total spying budget would create pressure to reveal 
more spending details, and that such revelations could aid the nation's 
adversaries.

That argument has been rejected by many members of Congress and outside 
experts, who note that most of the Defense Department budget is published 
in exhaustive detail without evident harm.

The national commission on the terrorist attacks of Sept. 11, 2001, 
recommended that both the overall intelligence budget and spending by 
individual agencies be made public "in order to combat the secrecy and 
complexity" it found was harming national security.

"The taxpayers deserve to know what they're spending for intelligence," 
said Lee H. Hamilton, the former congressman who was vice chairman of the 
commission.

Even more important, Mr. Hamilton said, public discussion of the total 
budgets of intelligence agencies would encourage Congress to exercise 
"robust oversight."

The debate over whether the intelligence budget should be secret dates to 
at least the 1970's, said Loch K. Johnson, an intelligence historian who 
worked for the Church Committee investigation of the intelligence agencies 
by the Senate in the mid-1970's. Mr. Johnson said the real reason for 
secrecy might have less to do with protecting intelligence sources and 
methods than with protecting the bureaucracy.

"Maybe there's a fear that if the American people knew what was being spent 
on intelligence, they'd be even more upset at intelligence failures," Mr. 
Johnson said.




From jthorn at aei.mpg.de  Tue Nov  8 02:58:22 2005
From: jthorn at aei.mpg.de (Jonathan Thornburg)
Date: Tue, 8 Nov 2005 11:58:22 +0100 (CET)
Subject: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone
  Tomorrow
In-Reply-To: <p0623098ebf955f27f6f8@[68.167.57.91]>
References: <p0623098ebf955f27f6f8@[68.167.57.91]>
Message-ID: <Pine.LNX.4.60.0511081156060.13668@xeon44.aei.mpg.de>

> <http://www.release1-0.com/freshproduce/article.cfm?serialnum=FRP200511042301>
>
>
> Anonymity: Here Today, Gone Tomorrow
> Esther Dyson
>
> It's ironic that the Web once seemed to promise individuals new
> opportunities to explore the world without showing their face. Instead, it
> is turning out to be a powerful force against anonymity.
[[...]]

Am I the only one that finds it ironic that
(a) this site wanted to set a cookie, and
(b) it wants a registration to show me more than the first paragraph?

No thanks -- my policy is not to view "free" stories that require
registration.

ciao,

-- 
-- "Jonathan Thornburg -- remove -animal to reply" <jthorn at aei.mpg-zebra.de>
    Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut),
    Golm, Germany, "Old Europe"     http://www.aei.mpg.de/~jthorn/home.html
    "Washing one's hands of the conflict between the powerful and the
     powerless means to side with the powerful, not to be neutral."
                                       -- quote by Freire / poster by Oxfam




From rah at shipwright.com  Tue Nov  8 09:00:20 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Tue, 8 Nov 2005 12:00:20 -0500
Subject: [Clips] Whither  Financial Markets on the Net?
Message-ID: <p0623095ebf968a160876@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Tue, 8 Nov 2005 11:59:29 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Whither  Financial Markets on the Net?
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.ariadnecapital.com/journal/v5e3/outlook_whither.htm>


  Ariadne  Capital Journal - Through the Maze  Volume  5, Edition 3

 Outlook



 Whither  Financial Markets on the Net?
  by Duncan  Goldie-Scot


 Introduction

 The  economist Ronald Coase explained that firms,  and banks, only exist
 because of what he  called 'transaction  costs'. All this really means is
 that firms  have economies of scale. It is easier for a bank  to match
 borrowers and lenders than it is for each  of us to do it on our own. The
 optimum size of  a bank, following Coase, is determined by those  info
 rmation costs. Banks were at their biggest  and most powerful when info
 rmation costs were  very high. As the internet leads to plummeting  info
 rmation costs, banks will get much smaller - and  may even be completely
 unnecessary. It is not just  the Zopa model (www.zopa.com)  of matching
 borrowers and lenders via a website  but something much more revolutionary
 that  follows from this.

 But  that is running ahead of the argument. What I  will do first is give a
 brief overview of some  of the issues in banking, look at what is on the
 technological horizon, draw some lessons from the  history of banking and
 financial trading and then  make a few predictions about where the new
 technology  might lead.

  1.  Bank payments cartel
 I  was chairing some e-finance conference  a few years back when a director
 of one  of the big clearing banks said that he didn't  worry about the
 internet because it didn't  impact on his core business - 'the management
 of the money transmission  network'

  Payment  systems are big business. According  to the Boston Consulting
 Group banks  around the world are taking out fees of some  $228 billion
 dollars a year just for sending  money from one database to another over
 their  networks. In the US about 5% of the value  of an average purchase is
 eaten up in payment  costs. In the UK money transmission amounts  to almost
 1% of GDP or #4.5  billion.

  Don  Cruickshank, in his report Competition  in UK Banking, wrote:

 "Money  transmission services are  supplied through a series of unregulated
 networks,  mostly controlled by the same few large  banks who in turn
 dominate the markets  for services to SMEs and personal customers. This
 market structure results in the  creation of artificial barriers to  entry,
 high costs to retailers for accepting credit and debit cards, charges for
 cash withdrawals up to six times their cost,  and a cumbersome and
 inflexible payment  system that is only slowly adapting  to the demands of
 e-commerce."

 There  is a reasonable defence of the payment  systems cartel: the banks do
 need to co-operate  to make the model work: those databases do have  to
 talk to each other. But still, the  cartel will protect its profits so
 don't expect  any threatening innovation to come from the banks.  Paypal
 caught the banks napping and they  still don't know how to respond to that.
 It is  not just Paypal and Zopa though: there are other  options emerging.

 2.  Historical context
  If  we take a very long term view, some of  the underlying trends become
 clearer.

 Money

 At  the turn of the first millennium, there  were many private currencies
 but the  quality of the coins varied enormously.  For this reason coins
 tended to be used  locally as exchange was difficult. Trade  was limited.

 The  commercial revolution that started round  1100 created a demand for
 reputable money.  The more efficient mints exploited economies  of scale
 and drove their less efficient  competitors out of business. Governments
 were not slow to take advantage of the  situation. States had economies of
 scale  in enforcement and monitoring. They could  demand payment of taxes
 in the coins  the state issued. Doing so helped the  state to maximise
 minting revenues, the  tax base and its authority over local  and feudal
 rivals.

 The  dominance of state currencies took a  couple of centuries to complete.
 When  done, states had an effective monopoly  of money.

 We  can then roll  the clock forward to, say, 1995, and contemplate  the
 business  case for launching a private currency in the UK - perhaps  called
 Shillings .  First one has to build enormous printing  and minting plants.
 One needs an army  to defy the High Court and Parliament.  And then we need
 a huge marketing budget  to persuade merchants and consumers to  accept
 Shillings.

 It  is clear that there are fairly substantial  barriers to entry to the
 private currency  market.

 But  technology has struck back. Today there  are various cryptographic
 protocols  that, with the internet, mean that  I can create a currency out
 of anything  I like, largely for free.

 I  can create a glob of bits that says  that I, the issuer and underwriter,
 based somewhere on the net, promise  to pay the bearer on demand x
 Shillings.  The issue cost is close to zero.

 Of  course,  it is another matter to persuade you to accept  it but the
 fact remains that I  can  create a currency, issue a currency, circulate  a
 currency, offer a free and instant payment  service  and take $228 billion
 of COSTS out of the global  economy.  It is only a matter of time before
 someone does  it.  Private currencies are on their way - and  it won't be
 the banks in the vanguard.  Mobile phone minutes, air miles, loyalty
 points are all forms of money as soon  as they are made fungible -
 transferable.

 Banking
 In  his  books on the history of banking, Ron Chernow  illustrates the
 trends in banking by looking at  the changing relative  power of borrowers,
 lenders and middlemen. In  the  18 th Century Wilhelm IX, the local
 nobleman  and landgrave of Hesse was the heir to an enormous  fortune. A
 certain Mayer Amschel Rothschild used  to grovel in front of this man, to
 bow and to  scrape. Ultimately, Rothschild was rewarded with  a monopoly of
 negotiating the numerous and highly  lucrative state loans issued by
 Wilhelm. In this case, the  provider of capital was powerful. The banker
 was powerless as Wilhelm could have shut him down  with a grunt or a nod.
 The consumers of capital,  impoverished European noblemen, were also
 largely  powerless.

 A  hundred years later, in 1840, Chancellor  Otto von Bismarck stayed at
 the Rothschild  chateau at Ferrieres during the siege  of Paris in the
 Franco-Prussian War.  Even the Kaiser was dazzled by the wealth. Within a
 century, the Rothschilds,  once the obsequious servants of monarchs,  had
 grown to be their equal, able to  thumb their noses at the Kaiser and
 other minor characters on the European  scene.

 What  happened was nationalism, the nation  state. Governments have an
 insatiable  appetite for money for wars, economic  development and
 pandering to special  interests. The histories of the great  banking
 dynasties are full of episodes  in which they daringly raised money for
 cash-strapped governments.

 There  were just a handful of these great banking  dynasties. Perhaps the
 greatest was J  Pierpont Morgan. His forte was acting  as a middleman
 between British investors  and American borrowers.

 His  power stemmed not from the millions he  personally owned but from the
 billions  he could command or lay his hands on.  The pockets of capital
 were small,  few and widely scattered and he became  a crucial
 communications node matching  the two sides of the banking equation.

 In  the early 1900s, most US companies were  small and local and were far
 less known  than the giant Morgan. The main thing  that a Morgan could
 confer on a fledgling  company was not so much his capital as  his cachet,
 his reputation - a signal  to jittery investors that they could  safely
 invest their money. He charged  handsome fees for the privilege.

 This  was a man for whom brand, above all reputation,  really did matter.

 By  1960 the providers of capital were accumulating  power over bankers in
 unit trusts, mutual  funds and pension funds. Companies were  relying less
 on the traditional banker  and had a choice of different capital
 instruments. For the first time in the  20 th Century the banker
 middleman's  power is dwarfed.

 It  is that  shift of  power that  explains why  100 years  ago the  image
 of  a banker  was of  a rotund,  grim, humourless  man in  late middle  age
 with  iron-grey hair,  wire-rimmed spectacles  and a  permanent scowl.  His
 role  was to ration  scarce  credit  and  charge  a  hefty  fee  as  the
 middleman.  The  banker  today  is  slight  by comparison - mere  salesmen
 dispatched  to scatter  bountiful credit.

 As  money and credit are banal commodities  the role of the banker as the
 middleman  between borrowers and lenders has become  powerless: there are
 bountiful means  of exchange in an interconnected world. Even hedgefunds
 are now dabbling in commercial  lending.

 Capital  markets
  The  capital markets  will change  in a different  way.

 Towards  the end of the 18 th century, investors  would sit under the
 buttonwood tree on  Wall Street and gossip about the market.  When it came
 to trading, when a price  was agreed, trading, clearing and settlement  all
 took place in one seamless, costless  transaction. I would hand you a stock
 certificate and you would hand me cash.

 This  model began to change when Samuel Morse  perfected the telegraph in
 the mid-nineteenth  century. Investors became enthusiastic  adopters of the
 new technology, the Victorian  internet, and used it to trade from afar  on
 the most liquid market, Wall Street.  Suddenly those quaint, cheap, instant
 and secure bearer transactions were open  to delay, clearing and settlement
 risk,  repudiation, dispute and simple fraud.

 The  market's solution was to create an independent  third party to
 arbitrate errors and disputes.  Therefore, we established a rule-based
 clearing house, a regulatory system and  a legal system to deal with
 mistakes and fraud. In the market today, the ultimate  error handling
 routine is, 'And  then  you  go to  jail.'

 This  made economic sense. The advantage of  having an enormous pool of
 liquidity  in New York or London more than outweighed  the disadvantage of
 having settlement  delays and regulation. It was also very  good for
 brokers. Membership of the clearinghouse  was restricted to market
 intermediaries  and the club or cartel was able to agree  on high fixed
 fees.

 So,  the telegraph, and the telephone, caused  a seismic change in the
 structure of  the financial industry.

 Technically  we can now trade person-to-person, digital cash  for digital
 certificates in real time over the internet without the need for a clearing
 house,  without the need for a central counterparty, and  without the risk
 of repudiation or fraud and  all achievable in a seamless, frictionless and
 costless way.

 Being  able to do it technically doesn't mean that it  will happen. But if,
 as many of us believe, it  is massively cheaper to do it this way, then  it
 almost certainly will happen. How long before  someone  has the courage to
 issue a digital bearer bond  on the internet? Their reputation really will
 be on the line.

 So,  I see four distinct phases of trading,  clearing and settlement. The
 transition from each phase to the next has been  caused by an order of
 magnitude or more reduction  in the total cost of trading, clearing and
 settlement.

 In  phase 1, the bearer phase, traders would sit  under the buttonwood tree
 on Wall Street  and swap bearer certificates for cash. Trading,  clearing
 and settlement is a single and costless  transaction.

 In  phase 2, the advent of the telegraph means that  Wall Street has to
 cope with long distance  orders. A regulator/clearing house has to
 arbitrate  disputes. Trading, clearing and settlement become  three
 distinct operations. The cost of sending my  Securicor van to your cage,
 and vice  versa, is offset by the liquidity of the marketplace.

 In  phase 3, the mainframe computer means that we  can immobilise and then
 dematerialise stock  into book entries in a database. Trading, clearing
 and settlement remain separate operations,  partly out of habit and partly
 because the clunkiness  of the bank payment mechanisms. Clearing and
 settlement in computerised databases is  cheaper than physical delivery but
 is neither cheap  nor simple: multiple message formats have to be
 processed in a steep hierarchy of connections between  participating
 institutions.

 In  phase 4, the invention of financial cryptography  and the dominance of
 the internet, as a  universal network, means that database  entries, and
 immobilised documents, can be represented in digital bearer form on the
 internet. Digital cash can  be exchanged for digital equity in real  time
 in a costless transaction. The processing  can be distributed on client
 devices meaning  that there are very limited hardware overheads. Trading,
 clearing  and settlement merge again into a single  transaction.

 3.  Conclusions
 We  have established that the banking  cartel exercises its power today
 over the money transmission network - extracting  $228 billion a year in
 fees. We can  look forward to new models, such  as Paypal, mobile phone
 payment  methods and many others, killing the  cartel.

 We  have established that government  control of money has slipped back to
 the market: the barriers to entry for  private currencies are simply too
 low  not to make it attractive.

 We  have also established that the banker's  role as the middleman matching
 up borrowers  and lenders had its heyday perhaps  100 years ago and has
 been in continuous  decline.

 Finally,  I contend that we will return  to bearer markets on the  net -
 digital  bearer markets overturning  all of our financial  structure.
 Because it can happen, because it will be massively  cheaper, and because
 there is money to be  made by making it happen,  it is only a matter  of
 time.

 If  you would like to know HOW to  issue a digital bearer instrument  on to
 the internet, come along  to a conference next February and  learn all
 about it. It is called Financial  Cryptography and the website is
 http://www.ifca.ai/ .

 Duncan Goldie-Scot is a director of  the International Financial
 Cryptography Association.



 Duncan  Goldie-Scot ) 2005 dgs at live.co.uk

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From cypherpunks at gurski.org  Tue Nov  8 09:14:29 2005
From: cypherpunks at gurski.org (Michael Gurski)
Date: Tue, 8 Nov 2005 12:14:29 -0500
Subject: [Clips] The "Other" Ester: Anonymity-- Here Today, Gone
  Tomorrow
In-Reply-To: <Pine.LNX.4.60.0511081156060.13668@xeon44.aei.mpg.de>
References: <p0623098ebf955f27f6f8@[68.167.57.91]>
  <Pine.LNX.4.60.0511081156060.13668@xeon44.aei.mpg.de>
Message-ID: <20051108171429.GB19175@gurski.org>

On Tue, Nov 08, 2005 at 11:58:22AM +0100, Jonathan Thornburg wrote:
>
><http://www.release1-0.com/freshproduce/article.cfm?serialnum=FRP20051104230
1>
> >
> >Anonymity: Here Today, Gone Tomorrow
> >Esther Dyson
> >
> >It's ironic that the Web once seemed to promise individuals new
> >opportunities to explore the world without showing their face. Instead, it
> >is turning out to be a powerful force against anonymity.
> [[...]]
>
> Am I the only one that finds it ironic that
> (a) this site wanted to set a cookie, and
> (b) it wants a registration to show me more than the first paragraph?
>
> No thanks -- my policy is not to view "free" stories that require
> registration.

As usual, bugmenot.com comes to the rescue.  But, no, you weren't the
only one.  I *think* that may have been the point of the post, which
included the login prompt text.

--
Michael A. Gurski (opt. [first].)[last]@pobox.com
http://www.pobox.com/~[last]
1024R/39B5BADD PGP: 34 93 A9 94 B1 59 48 B7  17 57 1E 4E 62 56 45 70
1024D/1166213E GPG: 628F 37A4 62AF 1475 45DB  AD81 ADC9 E606 1166 213E
4096R/C0B4F04B GPG: 5B3E 75D7 43CF CF34 4042  7788 1DCE B5EE C0B4 F04B
Views expressed by the host do not reflect the staff, management or sponsors.

Theology is never any help; it is searching in a dark cellar at
midnight for a black cat that isn't there. [Robert A. Heinlein, JOB: A
Comedy of Justice]

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From jthorn at aei.mpg.de  Tue Nov  8 03:15:42 2005
From: jthorn at aei.mpg.de (Jonathan Thornburg)
Date: Tue, 8 Nov 2005 12:15:42 +0100 (CET)
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
In-Reply-To: <Pine.LNX.4.64.0511072037360.20006@pl2.zayda.com>
References: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
     <Pine.LNX.4.64.0511072037360.20006@pl2.zayda.com>
Message-ID: <Pine.LNX.4.60.0511081202550.13668@xeon44.aei.mpg.de>

On Fri, 4 Nov 2005, Travis H. wrote:
> PS:  There's a paper on cryptanalyzing CFS on my homepage below.  I
> got to successfully use classical cryptanalysis on a relatively modern
> system!  That is a rare joy.  CFS really needs a re-write, there's no
> real good alternatives for cross-platform filesystem encryption to my
> knowledge.

On Mon, 7 Nov 2005, Jason Holt wrote:
> Take a look at ecryptfs before rewriting cfs:
>
> http://sourceforge.net/projects/ecryptfs

Nice, but linux-only and requires special kernel support.  cfs supports
lots and lots of different OSs and doesn't require kernel modes.  So far
as I know, in this regard cfs is unique among cryptographic filesystems.

ciao,

-- 
-- Jonathan Thornburg <jthorn at aei.mpg.de>
    Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut),
    Golm, Germany, "Old Europe"     http://www.aei.mpg.de/~jthorn/home.html
    "Washing one's hands of the conflict between the powerful and the
     powerless means to side with the powerful, not to be neutral."
                                       -- quote by Freire / poster by Oxfam




From rah at shipwright.com  Tue Nov  8 09:32:06 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Tue, 8 Nov 2005 12:32:06 -0500
Subject: [Clips] Austrac runs eye over net payments
Message-ID: <p0623097dbf969169c00e@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Tue, 8 Nov 2005 12:30:51 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Austrac runs eye over net payments
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://australianit.news.com.au/common/print/0,7208,17167384%5E15319%5E%5Enbv%5E15306,00.html>

 Australian IT

 Austrac runs eye over net payments
 Simon Hayes
 NOVEMBER 08, 2005
 PAYMENTS watchdog Austrac will continue to consider whether tighter
 regulation is needed for the growing internet payment systems sector in
 light of concerns that criminals could use the gateways to launder money.
 Austrac director Neil Jensen told Senate Estimates that Austrac would
 recommend changes to the Financial Transactions Reporting Act if it felt
 payment systems were being used to evade cash reporting requirements.

 The Attorney-General's Department is considering broader changes to bring
 the Act up to the requirements of the Financial Action Task Force.

 "We will look at payment systems to see what they are and if they are
 caught by the existing legislation," Mr Jensen said.

 "If they're not, is this an issue and do we need to refer it to the
 Attorney-General's Department for a policy decision?"

 Mr Jensen said Austrac examined each payment system separately to see if it
 was covered by the reporting requirements in the existing legislation.

 PayPal, the payment system owned by internet auction giant eBay, reports
 suspicious transactions to Austrac, but it is not required to report all
 transactions of $10,000 or more because it does not accept cash and does
 not operate accounts.

 "We only monitor the transactions they provide to us, and PayPal is a cash
 dealer under the legislation," Mr Jensen said.

 "Because of the way PayPal operates it generally reports only the
 suspicious transactions."

 Mr Jensen said Austrac was monitoring the internet payment sector to see if
 additional legislation was needed.

 "We have done monitoring of payment systems that may be used across the
 internet and we will be doing more work on that," he said.

 "It is part of an ongoing strategic approach to looking at alternative
 systems that may be eluding, or are not caught by, the current legislation.

 "If we found something that we believed should be caught by the
 legislation, we would refer that to the Attorney-General's Department."

 PayPal managing director Andrew Pipolo said the company had taken
 additional steps to prevent fraud.

 "PayPal imposes an internal limit of $US10,000 ($13,600) on transactions in
 the PayPal system," he said.

 PayPal had a 0.24 per cent fraud rate, Mr Pipolo said.

 "Importantly, PayPal is a safe way to pay online and has very few losses
 because of fraud."

 Earlier this year Austrac warned that criminals could be operating offshore
 bank accounts and using credit cards to pay for goods and services in
 Australia, escaping reporting requirements.


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From hardmac at gmail.com  Tue Nov  8 13:13:03 2005
From: hardmac at gmail.com (Thomas Hardly)
Date: Tue, 8 Nov 2005 13:13:03 -0800
Subject: Hacker strikes through student's router
Message-ID: <mailman.1387.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

http://www.rose-hulman.edu/Users/groups/Thorn/HTML/
http://www.rose-hulman.edu/Users/groups/Thorn/HTML/current/frontpage/1.html


Hacker strikes through student's router
Alex Clerc

Earlier this week, a hacker infiltrated the website of a company in
France, defacing the site and using it to send vulgar emails. The
hacker was not a Rose-Hulman student. But through a router maintained
by a Rose-Hulman student, the hacker was able to do this anonymously.

The student, senior computer science major David Yip, was maintaining
a router on his computer called a Tor onion router. What Tor basically
does is enable anonymous communications over the internet. Yip
downloaded and installed Tor on his computer about two months ago. His
machine became a Tor exit node on September 4, 2005.

Early Thursday morning, the French company traced the hacker back to
Yip's computer and contacted IAIT. IAIT took action by freezing Yip's
Kerberos account; he is unable to access the Internet, email, Angel,
or Banner. His case will be considered by the Computer Use Committee
and a recommendation will be made to Pete Gustafson, the Dean of
Students if disciplinary action is deemed appropriate. Staff members
at IAIT were unwilling to comment on the circumstances, as was
Gustafson.

In an interview, Yip made it clear that he read the policy for
responsible use of Rose-Hulman computing facilities and took the "due
diligence" it demands for students setting up networks. As a
precaution against people using his machine for malicious activity,
Yip disabled the ability to send mail, use peer-to-peer programs, and
use internet relay chat (IRC). He also limited the transfer quota to
800 megabytes per day.

"The services I left open are generally considered to be benign," he
said. Yip stated that he saw nothing specifically banning Tor nodes in
the Rose-Hulman internet policy.

Yip does not know who has been using his Tor node or what it has been
used for. "That's the point," he said. "Being able to communicate
anonymously is very important. I feel there are certain ideas in
certain contexts that cannot be expressed unless they are expressed
anonymously."

"I also find [Tor] interesting from a research standpoint. It's a neat
research project," Yip added.

Tor was originally developed by the U.S. Naval Research Laboratory and
has been facilitated by the Electronic Frontier Foundation (EFF) for
the last year and a half. According to Fred von Lohmann, a staff
attorney at the EFF, Yip's case is the first case ever involving
potential disciplinary action for the use of Tor. "If this is
something that was done by a third party, the student shouldn't be
held responsible," he said.

Assistant Professor of Computer Science Larry Merkle disagreed: "I can
definitely see there being a case against [Yip] because he used
bandwidth for non-academic purposes." Merkle added, "? but I know
[Yip] fairly well and I don't think he had any malicious intentions."

What Tor enables ? anonymous online communications ? raises ethical
questions that are yet to be settled. By allowing anonymous
communications to anyone, it offers equal protection to both good and
bad users.

Van Lohmann said, "Before we start questioning the right to anonymous
speech, we need to ask if the [French] website's security had a flaw."

Professor of Computer Science David Mutchler added, "I think anonymous
communication over the Internet is critical. There are many places in
the world where free speech is not protected. Anonymous communication
allows that free speech to exist."

On its website, the EFF lists many beneficial applications of Tor,
including socially sensitive communications (such as chat rooms for
victims of rape, abuse, or illnesses) and journalistic communications
with whistleblowers and dissidents. Law enforcement groups can use Tor
for data sting operations and the U.S. Navy uses it for open source
intelligence gathering.

Merkle warned, "The [EFF] makes a good case for the reasons to use it,
but completely ignores the reasons why providing it might be bad for
society."

Situations involving improper Internet use are usually first detected
by IAIT and then passed to Student Affairs. If an expert opinion is
needed, the case is presented to the Computer Use Committee. Pete
Gustafson makes the final decision.

The last incident in which the Computer Use Committee was consulted
was a case in the '03-'04 school year. The case involved a student
hacking in to the computer of an employee of the admissions office.
The student then attempted to send an all campus email claiming that
one of the Olsen twins decided to attend Rose-Hulman. The Computer Use
Committee recommended that the student be suspended; Pete Gustafson
followed through on this recommendation.

"The single best thing that can come of this," concluded Mutchler,
"would be if students read the policy at
www.rose-hulman.edu/TSC/policies/computer_use and discuss with faculty
and administration any parts of the policy that they think are not
right."












--
     ..o:   It's 12 o'clock - do you know where your data is?   :o...
-----------------------------------------------------------------------------
--------------
Hardening Your Macintosh - http://members.lycos.co.uk/hardapple/

pgp key fingerprint: 0F02 99D5 1D23 E445 22C9 9C90 8F24 FDBA B618 33C4

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From thomas at northernsecurity.net  Tue Nov  8 07:54:48 2005
From: thomas at northernsecurity.net (Thomas =?iso-8859-1?Q?Sj=F6gren?=)
Date: Tue, 8 Nov 2005 16:54:48 +0100
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
In-Reply-To: <d4f1333a0511080358x2f15f843p764b80f0f04ec127@mail.gmail.com>
References: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
  <Pine.LNX.4.64.0511072037360.20006@pl2.zayda.com>
  <Pine.LNX.4.60.0511081202550.13668@xeon44.aei.mpg.de>
  <d4f1333a0511080358x2f15f843p764b80f0f04ec127@mail.gmail.com>
Message-ID: <20051108155448.GA4476@northernsecurity.net>

On Tue, Nov 08, 2005 at 05:58:04AM -0600, Travis H. wrote:
> The only thing close that I've seen is Bestcrypt, which is commercial
> and has a Linux and Windows port.  I don't recall if the Linux port
> came with source or not.

http://www.truecrypt.org/

"TrueCrypt
Free open-source disk encryption software for Windows XP/2000/2003 and Linux
Main Features:

* It can create a virtual encrypted disk within a file and mount it as a real
disk.
* It can encrypt an entire hard disk partition or a device, such as USB memory
stick, floppy disk, etc.
* Provides two levels of plausible deniability, in case an adversary forces
you to reveal the password:
  1) Hidden volume (more information may be found here).
  2) No TrueCrypt volume can be identified (TrueCrypt volumes cannot be
distinguished from random data).
* Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent
(256-bit key), Triple DES, and
Twofish (256-bit key). Supports cascading (e.g., AES-Twofish-Serpent).
* Based on Encryption for the Masses (E4M) 2.02a, which was conceived in
1997.
Further information regarding the features of the software may be found in the
documentation."

"Complete source code (in C) of the latest stable version of TrueCrypt for all
supported operating
systems and all supported hardware platforms" are available from
http://www.truecrypt.org/downloads.php

/Thomas
--

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From BrittneyCrowleystint at jr-data.dk  Tue Nov  8 13:28:11 2005
From: BrittneyCrowleystint at jr-data.dk (Tory Walker)
Date: Tue, 08 Nov 2005 17:28:11 -0400
Subject: is it possible Andy?
Message-ID: <3DF4FB83.27004@ubp.edu.ar>

ED Drugs proudly presents

New christmas prices:

Viagra $1.56
Cialis $3.00
Levitra $2.78
Viagra SOFT $1.89 NEW!
Cialis SOFT $3.33 NEW!

Visit us here:

http://manometerd9111j16i4005dvoiddoivvd.antitankal.com/

















joss you gulf me, compendia ashamed mindanao indochina . [2




From dave at farber.net  Tue Nov  8 15:19:00 2005
From: dave at farber.net (David Farber)
Date: Tue, 8 Nov 2005 18:19:00 -0500
Subject: [IP] National Security Letters
Message-ID: <mailman.1388.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



Begin forwarded message:


From murphy.audie at gmail.com  Tue Nov  8 15:58:58 2005
From: murphy.audie at gmail.com (Audie Murphy)
Date: Tue, 08 Nov 2005 18:58:58 -0500
Subject: Hacker strikes through student's router
Message-ID: <mailman.1389.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

On 11/8/05 5:49 PM, "poncenby smythe" <smythe at poncenby.plus.com> wrote:

>>
>> For the record, Tor developers (and many at the EFF) are indeed of
>> many reasons people have claimed that developing anonymity is bad.  We
>> think about them a lot, and right now, we don't think that they're
>> correct. In fact, we discuss many of them in the abuse faq, the main
>> faq, and the "Challenges" paper.
>>
>> In case anybody cares.
>>
>
> I believe(and hope) a great many people care about this.
> Does anyone know of other papers written on the subject of 'abuse' of
> anonymous systems?

I am not aware of such a study. I'm not certain about the usefulness of such
a study. For 100s of years my ancestors have attempted to obtain the maximum
privacy possible, whether in Europe or the U.S. Frankly, we have moved away
from heavily populated areas, not because we were avoiding people, but
because we wanted to retreat to a private place, where we could have private
conversations.

Privacy is not a new desire. Once the Roman Church was outlawed in Britain,
Catholics just went underground and used secret means of communicating.
Witness the so-called secret societies that have existed over the centuries.
Freemasonry is but one example. In most dictatorships, Freemasons are
repressed and the society is driven underground. Hitler outlawed the
Freemasons. The Soviet Union drove them underground. However, in both cases
Freemasons continued to communicate via private channels with secret
handshakes, etc.

I don't mean to be long-winded, but many worthy causes have required private
communications. So, I suppose, there ARE studies over the millennia that
demonstrate the need for privacy. Early Christians worshipped and used
private communication channels. Of course, EFF web site demonstrates what is
at issue in areas of the world where governments are trying to prohibit
private communication - places like China.


> at the moment I personally feel that Tor is affording people with
> questionable intentions an extremely robust and simple to use method
> to conceal their identity.  I have not read the 'challenges' paper
> but is it correct to think tor developers justify (if that is the
> right word) their developments by believing that if miscreants did
> not use Tor they would simply move onto another similar mechanism for
> conducting their business.
> or would taking the tor network down cause any kind of disruption?
>
> impossible questions....

The questions are very difficult, but not impossible, IMHO. In the U.S., we
have decided long ago that individuals would have as much individual
freedom, as long as the exercise thereof would not abridge anyone else's
freedom, health, property or safety. Privacy is evolved from individual
rights.

Therefore, IMHO, individuals can be held responsible for nefarious deeds,
but not the mechanism that allowed the crime - whether that be firearm, or
privacy service.


----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From mv at cdc.gov  Tue Nov  8 19:40:24 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Tue, 08 Nov 2005 19:40:24 -0800
Subject: Arnie spoofing, stateworker idiocy, privacy
Message-ID: <43716FA8.11FE61F@cdc.gov>

Schwarzenegger Hits Snag at Polling Place
By Robert Salladay, Times Staff Writer

SACRAMENTO -- Gov. Arnold Schwarzenegger showed up to his Brentwood
neighborhood polling station today to cast his ballot in the special
election  and was told he had already voted.

Elections officials said a Los Angeles County poll worker had entered
Schwarzenegger's name into an electronic voting touch screen station in
Pasadena on Oct. 25. The worker, who was not identified, was testing the
voting machine in preparation for early voting that began the next day.

Somehow, Schwarzenegger's name was then placed on a list of people who
had already voted, said Conny B. McCormack, the Los Angeles County
registrar.

Schwarzenegger's aides were informed of the problem when they arrived
this morning to survey the governor's polling station. The poll worker
told the governor's staff he would have to use a "provisional" ballot
that allows elections workers to verify if two votes were made by the
same person. McCormack said the poll worker did the correct thing.

http://www.latimes.com/news/local/la-110805arnold_lat,0,7268769.story?coll=la-home-headlines




From emc at artifact.psychedelic.net  Tue Nov  8 22:17:02 2005
From: emc at artifact.psychedelic.net (Eric Cordian)
Date: Tue, 8 Nov 2005 22:17:02 -0800 (PST)
Subject: RSA-640 Factored
Message-ID: <200511090617.jA96H3Je019230@artifact.psychedelic.net>

http://mathworld.wolfram.com/news/2005-11-08/rsa-640/

A team at the German Federal Agency for Information
Technology Security (BSI)

GNFS

Reportedly 5 Months on 80 Opterons.

Are 1024 bit RSA keys still safe?

-- 
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"




From eugen at leitl.org  Tue Nov  8 13:38:51 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 8 Nov 2005 22:38:51 +0100
Subject: [hardmac@gmail.com: Hacker strikes through student's router]
Message-ID: <20051108213851.GC2249@leitl.org>

----- Forwarded message from Thomas Hardly <hardmac at gmail.com> -----


From jamesd at echeque.com  Tue Nov  8 23:13:25 2005
From: jamesd at echeque.com (James A. Donald)
Date: Tue, 08 Nov 2005 23:13:25 -0800
Subject: How broad is the SPEKE patent.
In-Reply-To: <792ce4370511031454j67372483h4a6d54e23da6c8f2@mail.gmail.com>
References: <9D78CC84C35AEF43A69CA95639D376DABB19B1@S4DE9JSAAMU.ost.t-com.de>
Message-ID: <43713115.4942.4A3995E@localhost>

    --
Does SPEKE claim to patent any uses of zero knowledge
proof of possession of the password for mutual
authentication, or just some particular method for
establishing communications?   Is there any way around
the SPEKE patent for mutual authentication and
establishing secure communications on a weak passphrase? 

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     c3YaEtPqVbOMIjHk3eId6UngzMgXPFWqhwk9daye
     4S2HlmFAZeCAhYaaxiPBSR5+8yf8Wwqy+gi8rWY6f




From emc at artifact.psychedelic.net  Tue Nov  8 23:18:34 2005
From: emc at artifact.psychedelic.net (Eric Cordian)
Date: Tue, 8 Nov 2005 23:18:34 -0800 (PST)
Subject: RSA-640 Factored
Message-ID: <200511090718.jA97IYr0020681@artifact.psychedelic.net>

http://mathworld.wolfram.com/news/2005-11-08/rsa-640/

A team at the German Federal Agency for Information
Technology Security (BSI)

GNFS

Reportedly 5 Months on 80 Opterons.

Are 1024 bit RSA keys still safe?

-- 
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"




From dewayne at warpspeed.com  Wed Nov  9 07:44:54 2005
From: dewayne at warpspeed.com (Dewayne Hendricks)
Date: November 9, 2005 7:44:54 PM EST
Subject: [Dewayne-Net] Apple tries to patent 'tamper-resistant software'
Message-ID: <mailman.1390.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

Apple tries to patent 'tamper-resistant software'

By Ina Fried
<http://news.com.com/Apple+tries+to+patent+tamper-resistant+software/
2100-1045_3-5942107.html>

Story last modified Wed Nov 09 11:16:00 PST 2005

Apple Computer, which is in the process of switching to computers
based on the omnipresent Intel processor, has filed a patent
application describing a method for securely running Mac OS X on
specific hardware.

The Mac maker has applied for a patent to cover a "system and method
for creating tamper-resistant code." Apple describes ways of ensuring
that code can be limited to specific hardware, even in a world in
which operating systems can be run simultaneously, in so-called
virtual machines. The patent application was made in April of 2004,
but only made public last Thursday.

In its application, Apple describes a means of securing code using
either a specific hardware address or read-only memory (ROM) serial
number. Apple also talks about securing the code while interchanging
information among multiple operating systems. Mac OS X, Windows and
Linux are called out specifically in the filing.

"This invention relates generally to the field of computer data
processing and more particularly to techniques for creating tamper-
resistant software," Apple says in its patent filing. Specifically,
Apple refers to the technique of "code obfuscation," in which
software makers employ techniques that make it harder for those using
debuggers or emulators to figure out how a particular block of code
is working.
Apple's patent application comes as the company prepares to offer its
Mac OS X operating system for Intel-based chips, with the first
machines slated to go on sale next year.

Historically, the company has had to worry less about the Mac running
on non-Apple hardware because it has used different chips and other
components from those that power Windows PCs. With its move to Intel
chips, though, the innards of the Mac will become more similar to
those of its Windows-based counterparts.

The company said it is not planning on supporting Windows or other
operating systems on the Intel-based Macs it sells but has also said
it doesn't plan on taking steps to prevent Mac owners from running
other operating systems.
"We won't do anything to preclude that," Apple Senior Vice President
Phil Schiller told CNET News.com in June.

However, Schiller also said Apple has no plans to allow its operating
system to run on non-Apple hardware. "We will not allow running Mac
OS X on anything other than an Apple Mac," he said. An Apple
representative declined to comment Wednesday on the patent filing.
Clearly, though, Apple is gearing up the intellectual property push
around the Intel move.

The company has reportedly been beefing up the technology that
constrains the Intel versions of Mac OS X to run only on authorized
machines, to this point a set of test Macs given to developers. The
company has also applied for a trademark on Rosetta, its technology
for running existing Mac programs on the Intel chips.

Weblog at: <http://weblog.warpspeed.com>


-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From eugen at leitl.org  Tue Nov  8 23:49:43 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 9 Nov 2005 08:49:43 +0100
Subject: [dave@farber.net: [IP] National Security Letters]
Message-ID: <20051109074943.GJ2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From eugen at leitl.org  Tue Nov  8 23:53:41 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 9 Nov 2005 08:53:41 +0100
Subject: [murphy.audie@gmail.com: Re: Hacker strikes through student's
  router]
Message-ID: <20051109075341.GK2249@leitl.org>

----- Forwarded message from Audie Murphy <murphy.audie at gmail.com> -----


From smb at cs.columbia.edu  Wed Nov  9 07:54:53 2005
From: smb at cs.columbia.edu (Steven M. Bellovin)
Date: Wed, 09 Nov 2005 10:54:53 -0500
Subject: How broad is the SPEKE patent. 
In-Reply-To: Your message of "Tue, 08 Nov 2005 23:13:25 PST."           
    <43713115.4942.4A3995E@localhost> 
Message-ID: <20051109155453.711863BFD0F@berkshire.machshav.com>

In message <43713115.4942.4A3995E at localhost>, "James A. Donald" writes:
>    --
>Does SPEKE claim to patent any uses of zero knowledge
>proof of possession of the password for mutual
>authentication, or just some particular method for
>establishing communications?   Is there any way around
>the SPEKE patent for mutual authentication and
>establishing secure communications on a weak passphrase? 
>

It certainly doesn't claim EKE, by myself and Michael Merritt, since he 
and I invented the field.  Of course, EKE is also patented.  

SRP is patented but royalty-free.  Some of have claimed that it 
infringes the EKE patent; since I don't work for the EKE patent owner 
(Lucent), I've never tried to verify that.

Radia Perlman and Charlie Kaufman invented PDM specifically as a 
patent-free method.  However, the claim was made that it infringed the 
SPEKE patent.  Since it wasn't patented, there was no one willing to 
spend the money on legal fees to fight that claim, per a story I heard.

Have a look at http://web.archive.org/web/20041018153649/integritysciences.com/history.html
for some history.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb




From dave at farber.net  Wed Nov  9 08:34:05 2005
From: dave at farber.net (David Farber)
Date: Wed, 9 Nov 2005 11:34:05 -0500
Subject: [IP] Quarantine station to open at Logan / US acts amid growing
Message-ID: <mailman.1391.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

threat of bioterrorism and infectious diseases
X-Mailer: Apple Mail (2.746.2)
Reply-To: dave at farber.net



Begin forwarded message:


From waa at cs.umd.edu  Wed Nov  9 10:18:01 2005
From: waa at cs.umd.edu (William Arbaugh)
Date: Wed, 9 Nov 2005 13:18:01 -0500
Subject: How broad is the SPEKE patent.
In-Reply-To: <20051109155453.711863BFD0F@berkshire.machshav.com>
References: <20051109155453.711863BFD0F@berkshire.machshav.com>
Message-ID: <E5DF6B7A-DAC1-47C2-913A-EF93AA80A9F9@cs.umd.edu>

You may want to look at EAP-PAX. We tried to engineer around the  
patent land mines in the field when we designed it. This of course  
doesn't mean that someone won't claim it infringes on something.

We also have a proof (not yet published) of security in a random  
oracle model.

Best, Bill

p.s. EAP-PAX is work with my student T. Charles Clancy.

On Nov 9, 2005, at 10:54 AM, Steven M. Bellovin wrote:

> In message <43713115.4942.4A3995E at localhost>, "James A. Donald"  
> writes:
>
>>    --
>> Does SPEKE claim to patent any uses of zero knowledge
>> proof of possession of the password for mutual
>> authentication, or just some particular method for
>> establishing communications?   Is there any way around
>> the SPEKE patent for mutual authentication and
>> establishing secure communications on a weak passphrase?
>>
>>
>
> It certainly doesn't claim EKE, by myself and Michael Merritt,  
> since he
> and I invented the field.  Of course, EKE is also patented.
>
> SRP is patented but royalty-free.  Some of have claimed that it
> infringes the EKE patent; since I don't work for the EKE patent owner
> (Lucent), I've never tried to verify that.
>
> Radia Perlman and Charlie Kaufman invented PDM specifically as a
> patent-free method.  However, the claim was made that it infringed the
> SPEKE patent.  Since it wasn't patented, there was no one willing to
> spend the money on legal fees to fight that claim, per a story I  
> heard.
>
> Have a look at http://web.archive.org/web/20041018153649/ 
> integritysciences.com/history.html
> for some history.
>
>         --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
>
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to  
> majordomo at metzdowd.com




From jon at callas.org  Wed Nov  9 14:27:46 2005
From: jon at callas.org (Jon Callas)
Date: Wed, 9 Nov 2005 14:27:46 -0800
Subject: gonzo cryptography; how would you improve existing
  cryptosystems?
In-Reply-To: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
References: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
Message-ID: <1CFBF68A-8AE7-409A-8E00-4A2EF592590E@callas.org>

On 4 Nov 2005, at 5:23 PM, Travis H. wrote:

> For example, pgp doesn't hide the key IDs of the addressees.

But OpenPGP does. Here's an extract fro RFC 2440:

5.1. Public-Key Encrypted Session Key Packets (Tag 1)

[...]

    An implementation MAY accept or use a Key ID of zero as a "wild  
card"
    or "speculative" Key ID. In this case, the receiving implementation
    would try all available private keys, checking for a valid decrypted
    session key. This format helps reduce traffic analysis of messages.

Now, there has been much discussion about how useful this is, and  
there are other related issues like how you do the UI for such a  
thing. But the *protocol* handles it.

You might also want to look at the PFS extensions for OpenPGP:

<http://www.apache-ssl.org/openpgp-pfs.txt>

and even OTR, which is very cool in its own right (and is designed to  
take care of the sort of edge conditions all of these other things  
have):

<http://www.cypherpunks.ca/otr/>

	Jon




From rah at shipwright.com  Wed Nov  9 15:43:50 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Wed, 9 Nov 2005 18:43:50 -0500
Subject: [Clips] MIT Real ID Meeting Postponed to December 5th, AND 
  Homeland  Security to Propose Regulations - Join the Discussion
Message-ID: <p062309c1bf983a2d08d4@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Wed, 9 Nov 2005 18:43:07 -0500
 To: "Philodox Clips List" <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] MIT Real ID Meeting Postponed to December 5th, AND Homeland
  Security to Propose Regulations - Join the Discussion
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com


 --- begin forwarded text


 Date: Wed, 9 Nov 2005 15:16:43 -0800 (PST)
 From: "Daniel J. Greenwood" <dang at media.mit.edu>
 Reply-To: dang at media.mit.edu
 Subject: MIT Real ID Meeting Postponed to December 5th, AND Homeland
 Security to Propose Regulations - Join the Discussion
 To: dang at media.mit.edu

  ** In-Person Event Postponed to December 5th, 2005 **

 This note is to inform you that the MIT Real ID Forum
 in-person meeting will take place on Monday, December
 5th, 2005 at the Media Lab at MIT.  The event will
 take place from 9am to 3pm.  I encourage you to
 register, if you had not already, at
 http://ecitizen.mit.edu/realid.html and to participate
 in our pre-conference online discussion, at
 http://ecitizen.mit.edu/realid.html.

 The program had to be postponed from November 17th due
 to a last minute important meeting called by the
 Department of Homeland Security on regulations
 implementing the Real ID Act related to privacy.
 Understandably, key privacy advocates and relevant
 Homeland Security individuals must now attend this
 meeting in Washington, DC.  For this reason, we have
 decided to postpone the event to December 5th.  We
 apoligize for any inconvenience this may cause.

 ** Regulations Under Real ID -- Join the Discussion **

 I invite anybody on this list who may have opinions
 you wish to share on the topic of Real ID regulatory
 issues to post those ideas to our online forum under
 the new topic "Homeland Security Regulations".  This
 topic thread is for participants in this Online Forum
 on the Real ID Act to share ideas you may have on
 problems and prospects associated with potential
 regulations under this federal law.

 All comments posted to this thread will be presented,
 as part of our conference proceedings, and published
 as part of our in-person conference to happen on
 December 5, 2005.  The conference proceedings will
 also be presented to the Department of Homeland
 Security, as a record of the remarks made by
 participants, for their considerations as they
 determine how to implement the Real ID Act.  I
 encourage you to attend the in-person meeting on
 December 5th at MIT and to participate in the dialog
 at the Online Forum.

 Best regards,
   - Daniel Greenwood

 ====================================================
 Daniel J. Greenwood, Esq.
 Lecturer, Massachusetts Institute of Technology
 The Media Lab, Program of Media Arts and Science
 Principal, CIVICS.com The InfoSociety Consultancy
 http://ecitizen.mit.edu & www.civics.com
 1770 Mass. Ave, #205, Cambridge, MA 02140 USA
 dang at media.mit.edu
 ====================================================

 --- end forwarded text


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From camera_lumina at hotmail.com  Wed Nov  9 16:01:24 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Wed, 09 Nov 2005 19:01:24 -0500
Subject: Arnie spoofing, stateworker idiocy, privacy
In-Reply-To: <43716FA8.11FE61F@cdc.gov>
Message-ID: <BAY103-F833C8BA7EEBC8D2BA79439B660@phx.gbl>

Come on! This is a May trollTale!

You're telling me that the dumb m*therf*ckers that program these systems 
allowed for a mere test to fully replicate the voting identity of the 
Governer? Seems to me too that the original test vote will count.

Maybe doesn't "need killing" (as that would reinforce state legitimacy in 
this case) but someone  surely needs a bad beating.

Like I said: 1984 is not the most probable future. "Brazil" is.

-TD


>From: "Major Variola (ret)" <mv at cdc.gov>
>To: cypherpunks at jfet.org
>Subject: Arnie spoofing, stateworker idiocy, privacy
>Date: Tue, 08 Nov 2005 19:40:24 -0800
>
>Schwarzenegger Hits Snag at Polling Place
>By Robert Salladay, Times Staff Writer
>
>SACRAMENTO -- Gov. Arnold Schwarzenegger showed up to his Brentwood
>neighborhood polling station today to cast his ballot in the special
>election  and was told he had already voted.
>
>Elections officials said a Los Angeles County poll worker had entered
>Schwarzenegger's name into an electronic voting touch screen station in
>Pasadena on Oct. 25. The worker, who was not identified, was testing the
>voting machine in preparation for early voting that began the next day.
>
>Somehow, Schwarzenegger's name was then placed on a list of people who
>had already voted, said Conny B. McCormack, the Los Angeles County
>registrar.
>
>Schwarzenegger's aides were informed of the problem when they arrived
>this morning to survey the governor's polling station. The poll worker
>told the governor's staff he would have to use a "provisional" ballot
>that allows elections workers to verify if two votes were made by the
>same person. McCormack said the poll worker did the correct thing.
>
>http://www.latimes.com/news/local/la-110805arnold_lat,0,7268769.story?coll=la-home-headlines




From dave at farber.net  Wed Nov  9 20:47:04 2005
From: dave at farber.net (David Farber)
Date: Wed, 9 Nov 2005 23:47:04 -0500
Subject: [IP] Apple tries to patent 'tamper-resistant software'
Message-ID: <mailman.1392.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



Begin forwarded message:


From brian at posthuman.com  Thu Nov 10 09:03:27 2005
From: brian at posthuman.com (Brian Atkins)
Date: Thu, 10 Nov 2005 11:03:27 -0600
Subject: [>Htech] The bioweapon is in the post
Message-ID: <mailman.1393.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

http://www.newscientist.com/channel/opinion/mg18825252.900.html

The bioweapon is in the post

# 09 November 2005
# NewScientist.com news service
# Peter Aldhous

YOU might think it would be difficult for a terrorist to obtain genes from the
smallpox virus, or a similarly vicious pathogen. Well, it's not. Armed with a
fake email address, a would-be bioterrorist could probably order the building
blocks of a deadly biological weapon online, and receive them by post within
weeks.

That's the sobering reality uncovered by a New Scientist investigation into
the
bioterror risks posed by the booming business of gene synthesis. Dozens of
biotech firms now offer to synthesise complete genes from the chemical
components of DNA (See "A dollar a base pair"). Yet some are carrying out next
to no checks on what they are being asked to make, or by whom. It raises the
frightening prospect of terrorists mail-ordering genes for key bioweapon
agents
such as smallpox, and using them to engineer new and deadly pathogens.

Customers typically submit sequences by email or via a form available on a
company's website. The companies then construct the specified genes and mail
them back a few weeks later, usually spliced into a bacterium such as
Escherichia coli. New Scientist approached 16 such firms, identified by a
Google
search, to ask whether they screened orders for DNA sequences that might pose
a
bioterror threat. Of the 12 companies that replied, just five said they screen
every sequence received. Four said they screen some sequences, and three
admitted not screening sequences at all (see Table).

The risks posed by gene synthesis first hit the headlines in 2002, when a team
from the State University of New York at Stony Brook made infectious
polioviruses from synthetic DNA. And just last month, researchers with the US
Centers for Disease Control and Prevention in Atlanta, Georgia, said that they
had used similar means to recreate the virus that caused the 1918 flu (New
Scientist, 8 October, p 16).

In theory, a terrorist group could try to emulate the latter feat, or create a
virus such as Variola major, which causes smallpox. However, the Variola
genome
comprises some 190,000 base pairs of DNA, and while some companies will make
sequences 20,000 or more base pairs long, an attempt to order all the genes
necessary to launch a smallpox attack would probably arouse suspicion. "That
would stand out from a technological point of view," suggests Drew Endy, a
bioengineer at the Massachusetts Institute of Technology.

A more realistic risk is that terrorists could order genes that confer
virulence
to dangerous pathogens such as the Ebola virus, and engineer them into another
virus or bacterium. They could also order genes for a hazardous bacterial
toxin
- although many of these are also available by isolating the microorganisms
from
the environment.

Virulence genes are typically no more than a few thousand base-pairs long.
Their
sequences are publicly available, so screening gene-synthesis orders for
potential bioweapons shouldn't pose a huge challenge. Indeed, a company called
Craic Computing, based in Seattle, has written open-source software called
Blackwatch that does just that. It is used by one of the leading
gene-synthesis
companies, Blue Heron Biotechnology of Bothell, Washington.

Robert Jones, president of Craic Computing, says that Blackwatch "casts a wide
net", comparing orders against sequences from organisms identified by the US
government as "select agents" that raise bioterror concerns. But not all of
these sequences are dangerous, and some customers may have the clearance to
work
with those that are. So even legitimate orders may be flagged up as
suspicious,
and that means companies must employ biologists to carefully examine any
matches
that crop up.

The need for expert human checks may be one factor deterring some companies
from
screening orders. Others like to reassure customers who may be worried about
commercial confidentiality that their sequence data will remain secret. But
whatever the reasons, some firms freely admit that they run no sequence
screens.
"That's not our business," says Bob Xue, a director of Genemed Synthesis in
South San Francisco.

Even if they don't routinely perform sequence checks, some companies say that
they do investigate their customers. But the scope of these checks varies
widely. While some firms say they conduct thorough probes into customers'
affiliations and scientific publications, others are less exhaustive. For
instance, Jennifer Wang, general manager of Bio Basic, based in Markham,
Canada,
says that her company examines email addresses to see if orders come from a
legitimate research organisation.

Such a check would have spotted one suspicious order, sent from a Hotmail
address to BaseClear of Leiden, the Netherlands. This was for a modified
sequence from a hepatitis-like virus. BaseClear itself rejected the order
after
the would-be customer failed to respond to requests for more information, says
Gerben Zondag, the firm's scientific director.

But email addresses are notoriously easy to fake. And even orders from
legitimate institutions may not be what they seem. Alfred Lasher, who manages
Picoscript in Houston, Texas, says that he turned down one order placed by an
individual at a US biotech firm, after Picoscript's enquiries revealed the
gene
was being ordered on behalf of a friend in another country.

Experts are concerned that the checks currently employed by some companies
aren't sufficient to exclude orders placed by terrorists. "We're taking this
very seriously," says Endy. Together with the J. Craig Venter Institute in
Rockville, Maryland, and the Center for Strategic and International Studies in
Washington DC, Endy's research group at MIT has launched a study into the
risks
and benefits of synthetic genomics, and aims to produce a set of policy
recommendations by late 2006. The US National Science Advisory Board for
Biosecurity, set up last year to advise the US government on which advances in
biology could be exploited by terrorists, is also considering the issue.

Some gene synthesis companies say they would welcome more detailed rules. John
Mulligan, president of Blue Heron, says it would be helpful to have a list of
"select sequences" that are off-limits for gene synthesis without explicit
government permission, rather than having to make difficult judgments based on
the list of select agents. "Tell us what we can't make," he implores.

But with gene synthesis firms springing up all over the world, and the
underlying technology becoming cheaper and more widely available, it is
unclear
whether regulations enacted in any one country will be enough. "It's going to
be
virtually impossible to control," predicts David Magnus, director of the
Stanford Center for Biomedical Ethics in Palo Alto, California.

Endy argues that what's needed is better self-regulation: if researchers only
do
business with companies that are diligent in sequence screening and other
security checks, then terrorists would soon find themselves unable to place
orders for dangerous genes. Otherwise, he fears a crackdown that could close
valuable avenues of research. For instance, gene synthesis can be used to make
DNA vaccines, which may eventually provide a means of responding rapidly to
emerging diseases - or bioterrorist attacks.

"As soon as people start dying from a bioengineered organism, there will be a
huge security response and research will be clamped down," warns Endy.
 From issue 2525 of New Scientist magazine, 09 November 2005, page 8

A dollar a base pair

Biochemists have long known how to build DNA from its component "bases" - the
chemical letters of the genetic code. By adding the bases in a prescribed
order
and carefully performing a series of chemical reactions, they can create
precisely tailored stretches of DNA.

The process became significantly less laborious with the debut of the
automated
DNA synthesiser in the 1980s. But a full gene - a DNA sequence up to several
thousand base pairs long - involves a formidable jigsaw puzzle.

Commercial gene synthesis has only really taken off in the past few years with
advances in automating this assembly process. And as the main players jostle
for
position, the costs of gene synthesis are plummeting. Prices have dropped
about
tenfold in five years, and some firms now supply genes for less than $1.50 per
base pair.

--
Brian Atkins
Singularity Institute for Artificial Intelligence
http://www.singinst.org/


------------------------ Yahoo! Groups Sponsor --------------------~-->
Get fast access to your favorite Yahoo! Groups. Make Yahoo! your home page
http://us.click.yahoo.com/dpRU5A/wUILAA/yQLSAA/PMYolB/TM
--------------------------------------------------------------------~->


Post message: transhumantech at yahoogroups.com
Subscribe:    transhumantech-subscribe at yahoogroups.com
Unsubscribe:  transhumantech-unsubscribe at yahoogroups.com
List owner:   transhumantech-owner at yahoogroups.com
List home:    http://www.yahoogroups.com/group/transhumantech/

Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/transhumantech/

<*> To unsubscribe from this group, send an email to:
    transhumantech-unsubscribe at yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/




----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From bill.stewart at pobox.com  Thu Nov 10 11:43:21 2005
From: bill.stewart at pobox.com (Bill Stewart)
Date: Thu, 10 Nov 2005 11:43:21 -0800
Subject: MIT Study on Tin-Foil Hats :-)
Message-ID: <6.2.1.2.0.20051110113836.0338ad10@pop.idiom.com>

The page was actually published in February, but showed up at www.fark.com 
today.
(Hmm.  Looks like Slashdot just got it also, so it'll probably
be a bit slow downloading.  I've included the text here,
but the pictures make it worthwhile.)

http://people.csail.mit.edu/rahimi/helmet/

On the Effectiveness of Aluminium Foil Helmets:


An Empirical Study

Ali Rahimi1, Ben Recht 2, Jason Taylor 2, Noah Vawter 2
17 Feb 2005

1: Electrical Engineering and Computer Science department, MIT.
2: Media Laboratory, MIT.

Abstract

Among a fringe community of paranoids, aluminum helmets serve as the 
protective measure of choice against invasive radio signals. We investigate 
the efficacy of three aluminum helmet designs on a sample group of four 
individuals. Using a $250,000 network analyser, we find that although on 
average all helmets attenuate invasive radio frequencies in either 
directions (either emanating from an outside source, or emanating from the 
cranium of the subject), certain frequencies are in fact greatly amplified. 
These amplified frequencies coincide with radio bands reserved for 
government use according to the Federal Communication Commission (FCC). 
Statistical evidence suggests the use of helmets may in fact enhance the 
government's invasive abilities. We theorize that the government may in 
fact have started the helmet craze for this reason.
Introduction

It has long been suspected that the government has been using satellites to 
read and control the minds of certain citizens. The use of aluminum helmets 
has been a common guerrilla tactic against the government's invasive 
tactics [1]. Surprisingly, these helmets can in fact help the government 
spy on citizens by amplifying certain key frequency ranges reserved for 
government use. In addition, none of the three helmets we analyzed provided 
significant attenuation to most frequency bands.

We describe our experimental setup, report our results, and conclude with a 
few design guidelines for constructing more effective helmets.


Experimental Setup

The three helmet types tested
The ClassicalThe Fez
The Centurion

We evaluated the performance of three different helmet designs, commonly 
referred to as the Classical, the Fez, and the Centurion. These designs are 
portrayed in Figure 1. The helmets were made of Reynolds aluminium foil. As 
per best practices, all three designs were constructed with the double 
layering technique described elsewhere [2].

A radio-frequency test signal sweeping the ranges from 10 Khz to 3 Ghz was 
generated using an omnidirectional antenna attached to the Agilent 8714ET's 
signal generator.

The experimental apparatus, including a data recording laptop, a $250,000 
network analyser, and antennae.

A network analyser (Agilent 8714ET) and a directional antenna measured and 
plotted the signals. See Figure 2.

Because of the cost of the equipment (about $250,000), and the limited time 
for which we had access to these devices, the subjects and experimenters 
performed a few dry runs before the actual experiment (see Figure 3).

Test subjects during a dry run.

The receiver antenna was placed at various places on the cranium of 4 
different subjects: the frontal, occipital and parietal lobes. Once with 
the helmet off and once with the helmet on. The network analyzer plotted 
the attenuation betwen the signals in these two settings at different 
frequencies, from 10Khz to 3 Ghz. Figure 4 shows a typical plot of the 
attenuation at different frequencies.

A typical attenuation trace form the network analyser

Results

For all helmets, we noticed a 30 db amplification at 2.6 Ghz and a 20 db 
amplification at 1.2 Ghz, regardless of the position of the antenna on the 
cranium. In addition, all helmets exhibited a marked 20 db attenuation at 
around 1.5 Ghz, with no significant attenuation beyond 10 db anywhere else.
Conclusion

The helmets amplify frequency bands that coincide with those allocated to 
the US government between 1.2 Ghz and 1.4 Ghz. According to the FCC, These 
bands are supposedly reserved for ''radio location'' (ie, GPS), and other 
communications with satellites (see, for example, [3]). The 2.6 Ghz band 
coincides with mobile phone technology. Though not affiliated by 
government, these bands are at the hands of multinational corporations.

It requires no stretch of the imagination to conclude that the current 
helmet craze is likely to have been propagated by the Government, possibly 
with the involvement of the FCC. We hope this report will encourage the 
paranoid community to develop improved helmet designs to avoid falling prey 
to these shortcomings.

Acknowledgments

The authors would like to thank Andy (Xu) Sun of the MIT Media Lab for 
helping with the equipment, Professor George Sergiadis for lending us the 
antennae, and Professor Neil Gershenfeld for allowing us the use of his lab 
equipment.




From cyphrpunk at gmail.com  Thu Nov 10 11:45:45 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Thu, 10 Nov 2005 11:45:45 -0800
Subject: Hacker strikes through student's router
Message-ID: <mailman.1394.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

On 11/10/05, Anthony DiPierro <or at inbox.org> wrote:
> Of course, that said, you should probably get permission from your ISP
> before you run a wifi hotspot.  And it's perfectly reasonable for a
> university to ban students from setting up free/open wifi hotspots.  And
> those who run open wifi hotspots probably have to deal with abuse
complaints
> on a regular basis.
>
> One of the reasons companies go through all this is because they think
> (reasonably in most circumstances) that they can profit from it.  If only
we
> could figure out how to really spread anonymous e-money.  Then we could
> really start spreading Tor.

What if we had a Tor network where exit node operators made Tor-money,
and Tor-money was necessary to use the network? Or perhaps, Tor-money
at least gave you priority in using the network, so all those P2P
traders wouldn't slow you down so much? Maybe exit node operators
could even sell their Tor-money for real cash, to potential Tor users.

People tend to have two contradictory views about proposals like this.
One is that such a Tor network would never work, because people would
prefer to use the free one. The other is that free Tor networks will
never work, because no one will take the heat to run an exit node.

The point is that this proposal cuts the knot and creates a
self-sustaining Tor-style network, one which rewards people who take
the risk of running exit nodes, just as in Anthony's example about
WiFi hotspots.

One technical problem is verifying that a particular exit node is
legit, so that its operator can get his Tor-bucks. It might be enough
to put Tor-money in the packet so that the last node receives it, but
then he could skim the cash without performing the service of letting
the packets go out. Still, this would be easily detected and users
could blacklist exit nodes which didn't perform, so it might be
adequate.

Obviously an ecash-integrated Tor network is an ambitious project, but
it is something to think about if Tor starts running into problems
with people not wanting to run exit nodes.

CP

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From eugen at leitl.org  Thu Nov 10 04:05:02 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 10 Nov 2005 13:05:02 +0100
Subject: [dave@farber.net: [IP] Quarantine station to open at Logan / US
  acts amid growing threat of bioterrorism and infectious diseases]
Message-ID: <20051110120502.GM2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From jamesd at echeque.com  Thu Nov 10 13:28:46 2005
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 10 Nov 2005 13:28:46 -0800
Subject: How broad is the SPEKE patent. 
In-Reply-To: <F0B4EE8E56F9DD4B80419C6D82521397624AEC@df-foxhound-msg.exchange.corp.microsoft.com>
References: <20051109155453.711863BFD0F@berkshire.machshav.com>
Message-ID: <43734B0E.20922.5A78B9@localhost>

    --
From:           	Charlie Kaufman
> From a legal perspective, they would
> probably have a better chance with SRP, since Stanford
> holds a patent and might be motivated to support the
> challenge.

The vast majority of phishing attacks and other forms of man in the 
middle attack seek to steal existing shared secrets - passwords, 
social security numbers, credit card numbers.

I figured that the obvious solution to all this was to deploy zero 
knowledge technologies, where both parties prove knowledge of the 
shared secret without revealing the shared secret.

Now I see that zero knowledge technologies have been deployed - or 
almost so:

SRP-TLS-OpenSSL   http://www.edelweb.fr/EdelKey/  (not quite ready 
for prime time)

And SRP GNU-TLS http://www.gnu.org/software/gnutls/manual/html_node/

Of course, actual use of these technologies means that the browser 
chrome, not the web page, must set up and verify the password.

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     FtM0KMPHrqFLxpaSShaR05Rlxb8CnxF4pHnz9Yqy
     4RHOMGs4NJv8heDXAxtfYQ4sYI82tcElZ5wJ4qgvc




From jamesd at echeque.com  Thu Nov 10 13:28:48 2005
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 10 Nov 2005 13:28:48 -0800
Subject: How broad is the SPEKE patent.
In-Reply-To: <F0B4EE8E56F9DD4B80419C6D82521397624AE9@df-foxhound-msg.exchange.corp.microsoft.com>
References: <43713115.4942.4A3995E@localhost>
Message-ID: <43734B10.21795.5A817C@localhost>

    --
From:           	Charlie Kaufman
> The right question is whether there is any strong 
> password protocol - either known or that you invent 
> yourself - that you can implement without fear of 
> being sued for patent infringement.
>
> And the answer is no.

One cannot scratch one's bum without fear of being sued 
for patent infringment.  The wheel, and a common story
line in novels, were recently patented.Why should strong
passwrod protocols be different?

> Patent claims, like the U.S. Constitution, mean 
> whatever the courts decide they mean. The only way to 
> have confidence that you won't be sued for 
> implementing any technology is to observe that lots of 
> other people in similar situations to yours are doing 
> it and not being sued.

But in practice, patent claims are seldom resolved in 
court.

> I am not aware of anyone who is publicly shipping - 
> either in a commercial product or as open source - an 
> implementation of a strong password protocol without 
> having paid protection money to either Lucent or 
> Phoenix (or both). It would be great if someone would.

It seems to me that this is more a matter of normal 
deployment delays, than widespread fear of patents.

With early deployments, it is far from clear whether 
those paying are paying for patent  licenses, or paying 
for sofware and expertise.

Over time, in any given software technology, the cost of 
software and expertise tends to fall, eventually to near 
zero.  At that point, it then becomes apparent how 
seriously people take any patent claims. 

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     9oJtLl3PEvVntjE5/K1vIF9Nnar6OLl18dHQ2cU4
     4C4BOaRXcQbMfkkZ71fBvjkaLgW5k/pOu1ch7sPQc




From eugen at leitl.org  Thu Nov 10 04:44:24 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 10 Nov 2005 13:44:24 +0100
Subject: [dave@farber.net: [IP] Apple tries to patent 'tamper-resistant
  software']
Message-ID: <20051110124424.GT2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From eugen at leitl.org  Thu Nov 10 09:57:08 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 10 Nov 2005 18:57:08 +0100
Subject: [brian@posthuman.com: [>Htech] The bioweapon is in the post]
Message-ID: <20051110175708.GZ2249@leitl.org>

----- Forwarded message from Brian Atkins <brian at posthuman.com> -----


From eugen at leitl.org  Thu Nov 10 12:17:38 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 10 Nov 2005 21:17:38 +0100
Subject: [cyphrpunk@gmail.com: Re: Hacker strikes through student's
  router]
Message-ID: <20051110201738.GL2249@leitl.org>

----- Forwarded message from cyphrpunk <cyphrpunk at gmail.com> -----


From jtrjtrjtr2001 at yahoo.com  Fri Nov 11 00:16:56 2005
From: jtrjtrjtr2001 at yahoo.com (Sarad AV)
Date: Fri, 11 Nov 2005 00:16:56 -0800 (PST)
Subject: polisirreducible library in PARI
Message-ID: <20051111081657.69030.qmail@web33310.mail.mud.yahoo.com>

hi,

 I would like to know which irreducibility test is
being used by  the polisirreducible() library call in
PARI.

Thank you,
Sarad.


	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com




From fw at deneb.enyo.de  Fri Nov 11 02:20:15 2005
From: fw at deneb.enyo.de (Florian Weimer)
Date: Fri, 11 Nov 2005 11:20:15 +0100
Subject: How broad is the SPEKE patent.
In-Reply-To: <43734B0E.20922.5A78B9@localhost> (James A. Donald's
  message of 	"Thu, 10 Nov 2005 13:28:46 -0800")
References: <20051109155453.711863BFD0F@berkshire.machshav.com> 
  <43734B0E.20922.5A78B9@localhost>
Message-ID: <87wtjf4hb4.fsf@mid.deneb.enyo.de>

* James A. Donald:

> I figured that the obvious solution to all this was to deploy zero 
> knowledge technologies, where both parties prove knowledge of the 
> shared secret without revealing the shared secret.

Keep in mind that one party runs the required software on a computed
infected with spyware and other kinds of Trojan horses.  This puts the
effectiveness of zero-knowledge proofs into question.




From mv at cdc.gov  Fri Nov 11 11:59:29 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Fri, 11 Nov 2005 11:59:29 -0800
Subject: MIT Study on Tin-Foil Hats :-)
Message-ID: <4374F821.CED8F967@cdc.gov>

These days asian hausfrau wear dark full-face visors, think a cross
between a welding-helmet and an accounting visor.  A dark
plastic shield down to the chin.  This is because they value paleness.

The implications for meatspace anonymity should be obvious,
at least where burkhas are rarer.  One would have to test
for IR transparency of course.




From mv at cdc.gov  Fri Nov 11 12:05:40 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Fri, 11 Nov 2005 12:05:40 -0800
Subject: [murphy.audie@gmail.com: Re: Hacker strikes through
  student's    router]
Message-ID: <4374F994.FCEDAC67@cdc.gov>

At 08:53 AM 11/9/05 +0100, Eugen Leitl wrote:
>Freemasons continued to communicate via private channels with secret
>handshakes, etc.

That is an authentication mechanism based on "what you know",
not a confidentiality (privacy, comm endpoint control) technique.




From mnl at well.com  Fri Nov 11 13:35:33 2005
From: mnl at well.com (Mike Liebhold)
Date: Fri, 11 Nov 2005 13:35:33 -0800
Subject: [Geowanking] cisco wi-fi geosurveillance tech
Message-ID: <mailman.1395.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

After reading the press release about Cisco's new low-cost wifi mesh
systems, built from tecchnologies developed by Airespace.com ( cisco is
a prinsipal investor)

http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=1736005
41

I was clicking around for technical specs, I came across this:  Besides
mesh networks, Airespace offers central location surveillance capabilty
to do [imprecise] tracking of users' and devices in realitme in an
Airespace (cisco?) Wi-fi network.

http://www.airespace.com/technology/benefits_of_location_tracking.php

"Airespace uses advanced RF fingerprinting technology to identify and
track users to within 10 meters of their exact location - anywhere they
roam throughout an enterprise environment. This enables IT staff to
establish access control policies that are based on geographic location,
immediately identify the source of unauthorized WLAN activity such as
rogue Access Points,"

_______________________________________________
Geowanking mailing list
Geowanking at lists.burri.to
http://lists.burri.to/mailman/listinfo/geowanking


----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From rah at shipwright.com  Fri Nov 11 14:41:54 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Fri, 11 Nov 2005 17:41:54 -0500
Subject: [Clips] [e-gold-list] Phil Zimmermann in RO
Message-ID: <p06230924bf9aceabd98e@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Fri, 11 Nov 2005 17:41:02 -0500
 To: "Philodox Clips List" <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] [e-gold-list] Phil Zimmermann in RO
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com


 --- begin forwarded text


  From: "Graham Kelly" <kelly_clan at fastmail.fm>
  To: "e-gold Discussion" <e-gold-list at talk.e-gold.com>
  Subject: [e-gold-list] Phil Zimmermann in RO
  Date: Fri, 11 Nov 2005 17:25:03 -0500

  Guys,

  Phil Zimmermann just called me from Romania; he's speaking there at
  Bucharest, and his schedule will also take him to Athens, Greece, in the
  next few days.

  Some of his potential investors were concerned that as he was requesting
  e-gold and PayPal donations, that his encrypted zfone project could be
  construed as "mickey mouse", so he has temporarily removed the e-gold
  and PayPal links from his site, until he evaluates the options.
  (Investors make the rules, right? LOL)

  For details on his latest zfone project, see
  http://philzimmermann.com/EN/zfone/index.html

  Graham Kelly CEO

  ---------------------------------------------
  GoldNow http://www.GoldNow.St
  US +1 (213) 341-1583
  US Fax +1 (213) 559-8555
  UK +44 (0)2081506659

  Apply for a Swiss bank account! https://www.goldnow.st/sb_buy.asp


  ---
  You are currently subscribed to e-gold-list as: rah at shipwright.com
  To unsubscribe send a blank email to
leave-e-gold-list-507998N at talk.e-gold.com

  Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold
 account(s) via the web and shopping cart interfaces to help thwart
 keystroke loggers and common viruses.

 --- end forwarded text


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From eugen at leitl.org  Sat Nov 12 02:32:44 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 12 Nov 2005 11:32:44 +0100
Subject: [mnl@well.com: [Geowanking] cisco wi-fi geosurveillance tech]
Message-ID: <20051112103244.GY2249@leitl.org>

----- Forwarded message from Mike Liebhold <mnl at well.com> -----


From camera_lumina at hotmail.com  Sat Nov 12 08:40:20 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Sat, 12 Nov 2005 11:40:20 -0500
Subject: [mnl@well.com: [Geowanking] cisco wi-fi geosurveillance
  tech]
In-Reply-To: <20051112103244.GY2249@leitl.org>
Message-ID: <BAY103-F31BEB4496F8805155F03779B580@phx.gbl>

Eh. It's Cisco. Shouldn't be too hard to write an app that will lie to this 
network about where you are.

And then, of course, I'm not yet convinced it's impossible to lie (through 
layers 6 and 7) to such a network, even built of impervious software.

And of course, the moment some other company builds a different and 
overlapping network, all bets are off.

-TD


>From: Eugen Leitl <eugen at leitl.org>
>To: cypherpunks at jfet.org
>Subject: [mnl at well.com: [Geowanking] cisco wi-fi geosurveillance tech]
>Date: Sat, 12 Nov 2005 11:32:44 +0100
>
>----- Forwarded message from Mike Liebhold <mnl at well.com> -----
>
>From: Mike Liebhold <mnl at well.com>
>Date: Fri, 11 Nov 2005 13:35:33 -0800
>To: geowanking at lists.burri.to
>Subject: [Geowanking] cisco wi-fi geosurveillance tech
>User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US;
>	rv:1.7.5) Gecko/20041217
>Reply-To: geowanking at lists.burri.to
>
>After reading the press release about Cisco's new low-cost wifi mesh
>systems, built from tecchnologies developed by Airespace.com ( cisco is
>a prinsipal investor)
>
>http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=1736005
>41
>
>I was clicking around for technical specs, I came across this:  Besides
>mesh networks, Airespace offers central location surveillance capabilty
>to do [imprecise] tracking of users' and devices in realitme in an
>Airespace (cisco?) Wi-fi network.
>
>http://www.airespace.com/technology/benefits_of_location_tracking.php
>
>"Airespace uses advanced RF fingerprinting technology to identify and
>track users to within 10 meters of their exact location - anywhere they
>roam throughout an enterprise environment. This enables IT staff to
>establish access control policies that are based on geographic location,
>immediately identify the source of unauthorized WLAN activity such as
>rogue Access Points,"
>
>_______________________________________________
>Geowanking mailing list
>Geowanking at lists.burri.to
>http://lists.burri.to/mailman/listinfo/geowanking
>
>
>----- End forwarded message -----
>--
>Eugen* Leitl <a href="http://leitl.org">leitl</a>
>______________________________________________________________
>ICBM: 48.07100, 11.36820            http://www.leitl.org
>8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
>
>[demime 1.01d removed an attachment of type application/pgp-signature which 
>had a name of signature.asc]




From rah at shipwright.com  Sat Nov 12 09:37:29 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Sat, 12 Nov 2005 12:37:29 -0500
Subject: [Clips] Feds mull regulation of quantum computers
Message-ID: <p06230971bf9bd8732594@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Sat, 12 Nov 2005 12:34:00 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Feds mull regulation of quantum computers
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://news.com.com/2102-11395_3-5942445.html?tag=st.util.print>

 CNET News

  Feds mull regulation of quantum computers

  By Declan McCullagh
 http://news.com.com/Feds+mull+regulation+of+quantum+computers/2100-11395_3-5942445.html


  Story last modified Wed Nov 09 14:18:00 PST 2005


 WASHINGTON--Quantum computers don't exist outside the laboratory. But the
 U.S. government appears to be exploring whether it should be illegal to
 ship them overseas.

 A federal advisory committee met Wednesday to hear an IBM presentation
 about just how advanced quantum computers have become--with an eye toward
 evaluating when the technology might be practical enough to merit
 government regulation.

 "I like to say we're back in 1947 at the time transistors were invented,"
 David DiVincenzo, an IBM researcher who focuses on quantum computing, told
 the committee.

 Only rough prototypes of quantum computers presently exist. But if a
 large-scale model can be built, in theory it could break codes used to
 scramble information on the Internet, in banking, and within federal
 agencies.

 A certain class of encryption algorithms relies for security on the
 near-impossibility of factoring large numbers quickly. But quantum
 computers, at least on paper, can do that calculation millions of times
 faster than a conventional microprocessor.

 "It's clear there are promising avenues for doing this," DiVincenzo said of
 quantum computing research. "There's lots and lots of work done at the
 basic research level and a sense of progress in the community."

 The technology industry has been long bedeviled by federal export
 regulations, which were born during the Cold War and renewed by executive
 order. And although the highly regulatory approach of the mid-'90s has been
 relaxed, the export of "high-performance" computers is still subject to
 several rules, as is encryption software.

 It's not clear what steps the federal government might take next, and no
 proposals were advanced during the meeting. The charter of the panel,
 called the Information Systems Technical Advisory Committee, calls for the
 panel to "advise" the Commerce Department on export regulations and what
 technology is presently available.

 A practical quantum computer may still be far off, but the use of quantum
 physics already appears in some commercially-available technology. An
 approach known as quantum cryptography provides encryption that is
 theoretically impossible to crack--and, at the moment, carries a hefty
 price tag.

 The federal advisory committee didn't address quantum cryptography in its
 open session. A closed session was scheduled for Thursday.

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From awanda at itelgua.com  Sat Nov 12 02:15:35 2005
From: awanda at itelgua.com (johnnie camcam)
Date: Sat, 12 Nov 2005 15:15:35 +0500
Subject: A chief weeb pharrmacyy with top quality health piills and express service!
Message-ID: <cachalotmeyerholocenecharlesglossy@sector.findmemail.com>

Hair thinning? Obese? But too shamed to see the dooctor? No dooctor's note essential here.

All medications are processed through fully-licensed overseas pharrmacaes.

don't miss it
http://7Coi.zij.d3w.net/p/sdao

Handle your pre-menstruation syndrome with our generic.

Nice to meet you and thanks.




From eugen at leitl.org  Sat Nov 12 08:54:10 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 12 Nov 2005 17:54:10 +0100
Subject: [mnl@well.com: [Geowanking] cisco wi-fi geosurveillance
  tech]
In-Reply-To: <BAY103-F31BEB4496F8805155F03779B580@phx.gbl>
References: <20051112103244.GY2249@leitl.org>
  <BAY103-F31BEB4496F8805155F03779B580@phx.gbl>
Message-ID: <20051112165410.GC2249@leitl.org>

On Sat, Nov 12, 2005 at 11:40:20AM -0500, Tyler Durden wrote:

> Eh. It's Cisco. Shouldn't be too hard to write an app that will lie to this
> network about where you are.

The cell is local, and if the cell knows who you are (unless authenticated,
admittedly a rather large if) the only way to hide would be to not
go online in the first place.

> And then, of course, I'm not yet convinced it's impossible to lie (through
> layers 6 and 7) to such a network, even built of impervious software.

Anonymizing traffic remixers are good, but they won't hide the
fact that you're using them via a WiFi cloud owned by Mallory.

> And of course, the moment some other company builds a different and
> overlapping network, all bets are off.

Wireless and line of sight laser has good potential for novel networking
using vacuum as bit FIFO. This can be global, or at least have large
coverage with very little but strategically placed (LEO, preferrably)
infrastructure.

--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From cyphrpunk at gmail.com  Sat Nov 12 19:18:09 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Sat, 12 Nov 2005 19:18:09 -0800
Subject: [Clips] Feds mull regulation of quantum computers
In-Reply-To: <p06230971bf9bd8732594@68.167.57.91>
References: <p06230971bf9bd8732594@68.167.57.91>
Message-ID: <792ce4370511121918r3c6eb7e7x41632e631e0c350@mail.gmail.com>

>  WASHINGTON--Quantum computers don't exist outside the laboratory. But the
>  U.S. government appears to be exploring whether it should be illegal to
>  ship them overseas.
>
>  A federal advisory committee met Wednesday to hear an IBM presentation
>  about just how advanced quantum computers have become--with an eye toward
>  evaluating when the technology might be practical enough to merit
>  government regulation.

Suppose that quantum computers work and the NSA has them. What steps
can or should they take to try to stop the propagation of this
technology? If they come out too openly with restrictions, it sends a
signal that there's something there, which could drive more research
into the technology by the NSA's adversaries, the opposite of the
desired outcome. If they leave things alone then progress may continue
towards this technology that the NSA wants to suppress.

Something like the present action isn't a bad compromise. Work towards
restrictions on technology exports, but in a studiously casual
fashion. There's nothing to see here, folks. We're just covering our
bases, in the outside chance that something comes out of this way down
the road. Meanwhile we'll just go ahead and stop exports of related
technologies. But we certainly don't think that quantum computers are
practical today, heavens no!

CP




From anonymous at remailer.metacolo.com  Sat Nov 12 19:05:05 2005
From: anonymous at remailer.metacolo.com (Anonymous Sender)
Date: Sun, 13 Nov 2005 03:05:05 +0000 (UTC)
Subject: Iraq Stories
Message-ID: <87d0d0472112e50ee684dc4c6b225ec8@remailer.metacolo.com>

Hello to all my fellow gunners, military buffs, veterans and interested
guys. A couple of weekends ago I got to spend time with my son Jordan,
who was on his first leave since returning from Iraq. He is well (a
little thin), and already bored. He will be returning to Iraq for a
second tour in early 06 and has already re-enlisted early for 4 more
years. He loves the Marine Corps and is actually looking forward to
returning to Iraq.

Jordan spent 7 months at Camp Blue Diamond in Ramadi. Aka: Fort Apache.
He saw and did a lot and the following is what he told me about weapons,
equipment, tactics and other miscellaneous info which may be of interest
to you. Nothing is by any means classified. No politics here, just a
Marine with a birds eye views opinions:

1) The M-16 rifle : Thumbs down. Chronic jamming problems with the
talcum powder like sand over there. The sand is everywhere. Jordan says
you feel filthy 2 minutes after coming out of the shower. The M-4
carbine version is more popular because its lighter and shorter, but it
has jamming problems also. They like the ability to mount the various
optical gunsights and weapons lights on the picattiny rails, but the
weapon itself is not great in a desert environment. They all hate the
5.56mm (.223) round. Poor penetration on the cinderblock structure
common over there and even torso hits cant be reliably counted on to put
the enemy down. Fun fact: Random autopsies on dead insurgents shows a
high level of opiate use.

2) The M243 SAW (squad assault weapon): .223 cal. Drum fed light machine
gun. Big thumbs down. Universally considered a piece of ****. Chronic
jamming problems, most of which require partial disassembly. (that fun
in the middle of a firefight).

3) The M9 Beretta 9mm: Mixed bag. Good gun, performs well in desert
environment; but they all hate the 9mm cartridge. The use of handguns
for self-defense is actually fairly common. Same old story on the 9mm:
Bad guys hit multiple times and still in the fight.

4) Mossberg 12ga. Military shotgun: Works well, used frequently for
clearing houses to good effect.

5) The M240 Machine Gun: 7.62 Nato (.308) cal. belt fed machine gun,
developed to replace the old M-60 (what a beautiful weapon that was!!).
Thumbs up. Accurate, reliable, and the 7.62 round puts em down.
Originally developed as a vehicle mounted weapon, more and more are
being dismounted and taken into the field by infantry. The 7.62 round
chews up the structure over there.

6) The M2 .50 cal heavy machine gun: Thumbs way, way up. Ma deuce is
still worth her considerable weight in gold. The ultimate fight stopper,
puts their dicks in the dirt every time. The most coveted weapon
in-theater.

7) The .45 pistol: Thumbs up. Still the best pistol round out there.
Everybody authorized to carry a sidearm is trying to get their hands on
one. With few exceptions, can reliably be expected to put em down with a
torso hit. The special ops guys (who are doing most of the pistol work)
use the HK military model and supposedly love it. The old government
model .45s are being re-issued en masse.

8) The M-14: Thumbs up. They are being re-issued in bulk, mostly in a
modified version to special ops guys. Modifications include lightweight
Kevlar stocks and low power red dot or ACOG sights. Very reliable in the
sandy environment, and they love the 7.62 round.

9) The Barrett .50 cal sniper rifle: Thumbs way up. Spectacular range
and accuracy and hits like a freight train. Used frequently to take out
vehicle suicide bombers ( we actually stop a lot of them) and barricaded
enemy. Definitely here to stay.

10) The M24 sniper rifle: Thumbs up. Mostly in .308 but some in 300 win
mag. Heavily modified Remington 700s. Great performance. Snipers have
been used heavily to great effect. Rumor has it that a marine sniper on
his third tour in Anbar province has actually exceeded Carlos Hathcocks
record for confirmed kills with OVER 100.

11) The new body armor: Thumbs up. Relatively light at approx. 6 lbs.
and can reliably be expected to soak up small shrapnel and even will
stop an AK-47 round. The bad news: Hot as **** to wear, almost
unbearable in the summer heat (which averages over 120 degrees). Also,
the enemy now goes for head shots whenever possible. All the bull****
about the old body armor making our guys vulnerable to the IEDs was a
non-starter. The IED explosions are enormous and body armor doesn't make
any difference at all in most cases.

12) Night Vision and Infrared Equipment: Thumbs way up. Spectacular
performance. Our guys see in the dark and own the night, period. Very
little enemy action after evening prayers. More and more enemy being
whacked at night during movement by our hunter-killer teams. Weve all
seen the videos.

13) Lights: Thumbs up. Most of the weapon mounted and personal lights
are Surefires, and the troops love em. Invaluable for night urban
operations. Jordan carried a $34 Surefire G2 on a neck lanyard and loved
it.

I cant help but notice that most of the good fighting weapons and
ordnance are 50 or more years old!!!!!!!!! With all our technology, its
the WWII and Vietnam era weapons that everybody wants!!!! The infantry
fighting is frequent, up close and brutal. No quarter is given or shown.

Bad guy weapons:

1) Mostly AK47s . The entire country is an arsenal. Works better in the
desert than the M16 and the .308 Russian round kills reliably. PKM belt
fed light machine guns are also common and effective. Luckily, the enemy
mostly shoots like ****. Undisciplined spray and pray type fire.
However, they are seeing more and more precision weapons, especially
sniper rifles. (Iran, again) Fun fact: Captured enemy have apparently
marveled at the marksmanship of our guys and how hard they fight. They
are apparently told in Jihad school that the Americans rely solely on
technology, and can be easily beaten in close quarters combat for their
lack of toughness. Lets just say they know better now.

2) The RPG: Probably the infantry weapon most feared by our guys.
Simple, reliable and as common as dog****. The enemy responded to our
up-armored humvees by aiming at the windshields, often at point blank
range. Still killing a lot of our guys.

3) The IED: The biggest killer of all. Can be anything from old Soviet
anti-armor mines to jury rigged artillery shells. A lot found in Jordans
area were in abandoned cars. The enemy would take 2 or 3 155mm artillery
shells and wire them together. Most were detonated by cell phone, and
the explosions are enormous. You're not safe in any vehicle, even an M1
tank. Driving is by far the most dangerous thing our guys do over there.
Lately, they are much more sophisticated shape charges (Iranian)
specifically designed to penetrate armor. Fact: Most of the ready made
IEDs are supplied by Iran, who is also providing terrorists (Hezbollah
types) to train the insurgents in their use and tactics. Thats why the
attacks have been so deadly lately. Their concealment methods are
ingenious, the latest being shape charges in Styrofoam containers spray
painted to look like the cinderblocks that litter all Iraqi roads. We
find about 40% before they detonate, and the bomb disposal guys are
unsung heroes of this war.

4) Mortars and rockets: Very prevalent. The soviet era 122mm rockets
(with an 18km range) are becoming more prevalent. One of Jordans NCOs
lost a leg to one. These weapons cause a lot of damage inside the wire.
Jordans base was hit almost daily his entire time there by mortar and
rocket fire, often at night to disrupt sleep patterns and cause fatigue
(It did). More of a psychological weapon than anything else. The enemy
mortar teams would jump out of vehicles, fire a few rounds, and then
haul ass in a matter of seconds.

5) Bad guy technology: Simple yet effective. Most communication is by
cell and satellite phones, and also by email on laptops. They use
handheld GPS units for navigation and Google earth for overhead views of
our positions. Their weapons are good, if not fancy, and prevalent.
Their explosives and bomb technology is TOP OF THE LINE. Night vision is
rare. They are very careless with their equipment and the captured GPS
units and laptops are treasure troves of Intel when captured.

Bad Guy Tactics:

When they are engaged on an infantry level they get their asses kicked
every time. Brave, but stupid. Suicidal Banzai-type charges were very
common earlier in the war and still occur. They will literally sacrifice
8-10 man teams in suicide squads by sending them screaming and firing
Aks and RPGs directly at our bases just to probe the defenses. They get
mowed down like grass every time. ( see the M2 and M240 above). Jordans
base was hit like this often. When engaged, they have a tendency to flee
to the same building, probably for what they think will be a glorious
last stand. Instead, we call in air and thats the end of that more often
than not. These hole-ups are referred to as Alpha Whiskey Romeos (Allahs
Waiting Room). We have the laser guided ground-air thing down to a
science. The fast movers, mostly Marine F-18s, are taking an ever
increasing toll on the enemy. When caught out in the open, the
helicopter gunships and AC-130 Spectre gunships cut them to ribbons with
cannon and rocket fire, especially at night. Interestingly, artillery is
hardly used at all. Fun fact: The enemy death toll is supposedly between
45-50 thousand. That is why were seeing less and less infantry attacks
and more IED, suicide bomber ****. The new strategy is simple:
attrition.

The insurgent tactic most frustrating is their use of civilian
non-combatants as cover. They know we do all we can to avoid civilian
casualties and therefore schools, hospitals and (especially) Mosques are
locations where they meet, stage for attacks, cache weapons and ammo and
flee to when engaged. They have absolutely no regard whatsoever for
civilian casualties. They will terrorize locals and murder without
hesitation anyone believed to be sympathetic to the Americans or the new
Iraqi govt. Kidnapping of family members (especially children) is common
to influence people they are trying to influence but cant reach, such as
local govt. officials, clerics, tribal leaders, etc.).

The first thing our guys are told is don't get captured. They know that
if captured they will be tortured and beheaded on the internet. Zarqawi
openly offers bounties for anyone who brings him a live American
serviceman. This motivates the criminal element who otherwise don't give
a **** about the war. A lot of the beheading victims were actually
kidnapped by common criminals and sold to Zarqawi. As such, for our
guys, every fight is to the death. Surrender is not an option.

The Iraqis are a mixed bag. Some fight well, others aren't worth a ****.
Most do okay with American support. Finding leaders is hard, but they
are getting better. It is widely viewed that Zarqawis use of suicide
bombers, en masse, against the civilian population was a serious
tactical mistake. Many Iraqis were galvanized and the caliber of
recruits in the Army and the police forces went up, along with their
motivation. It also led to an exponential increase in good intel because
the Iraqis are sick of the insurgent attacks against civilians. The
Kurds are solidly pro-American and fearless fighters.

According to Jordan, morale among our guys is very high. They not only
believe they are winning, but that they are winning decisively. They are
stunned and dismayed by what they see in the American press, whom they
almost universally view as against them. The embedded reporters are
despised and distrusted. They are inflicting casualties at a rate of
20-1 and then see **** like Are we losing in Iraq on TV and the print
media. For the most part, they are satisfied with their equipment, food
and leadership. Bottom line though, and they all say this, there are not
enough guys there to drive the final stake through the heart of the
insurgency, primarily because there aren't enough troops in-theater to
shut down the borders with Iran and Syria. The Iranians and the Syrians
just cant stand the thought of Iraq being an American ally (with, of
course, permanent US bases there).




From camera_lumina at hotmail.com  Sun Nov 13 09:11:49 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Sun, 13 Nov 2005 12:11:49 -0500
Subject: Iraq Stories
In-Reply-To: <87d0d0472112e50ee684dc4c6b225ec8@remailer.metacolo.com>
Message-ID: <BAY103-F240F00B15768A959E55B719B5B0@phx.gbl>

Looks like an AgitProp writer in training. Guess he's looking for feedback 
to hone his skills.

Hey! Glad to hear everything's going so well over there. You would never 
have known watching the US media and mounting casualty numbers. Sounds like 
you boys have things locked down tight over there. Keep up the good work! I 
know I'll be asking my local congressman to give the big thumbs up to more 
support over there.






>From: Anonymous Sender <anonymous at remailer.metacolo.com>
>To: cypherpunks at jfet.org
>Subject: Iraq Stories
>Date: Sun, 13 Nov 2005 03:05:05 +0000 (UTC)
>
>Hello to all my fellow gunners, military buffs, veterans and interested
>guys. A couple of weekends ago I got to spend time with my son Jordan,
>who was on his first leave since returning from Iraq. He is well (a
>little thin), and already bored. He will be returning to Iraq for a
>second tour in early 06 and has already re-enlisted early for 4 more
>years. He loves the Marine Corps and is actually looking forward to
>returning to Iraq.
>
>Jordan spent 7 months at Camp Blue Diamond in Ramadi. Aka: Fort Apache.
>He saw and did a lot and the following is what he told me about weapons,
>equipment, tactics and other miscellaneous info which may be of interest
>to you. Nothing is by any means classified. No politics here, just a
>Marine with a birds eye views opinions:
>
>1) The M-16 rifle : Thumbs down. Chronic jamming problems with the
>talcum powder like sand over there. The sand is everywhere. Jordan says
>you feel filthy 2 minutes after coming out of the shower. The M-4
>carbine version is more popular because its lighter and shorter, but it
>has jamming problems also. They like the ability to mount the various
>optical gunsights and weapons lights on the picattiny rails, but the
>weapon itself is not great in a desert environment. They all hate the
>5.56mm (.223) round. Poor penetration on the cinderblock structure
>common over there and even torso hits cant be reliably counted on to put
>the enemy down. Fun fact: Random autopsies on dead insurgents shows a
>high level of opiate use.
>
>2) The M243 SAW (squad assault weapon): .223 cal. Drum fed light machine
>gun. Big thumbs down. Universally considered a piece of ****. Chronic
>jamming problems, most of which require partial disassembly. (that fun
>in the middle of a firefight).
>
>3) The M9 Beretta 9mm: Mixed bag. Good gun, performs well in desert
>environment; but they all hate the 9mm cartridge. The use of handguns
>for self-defense is actually fairly common. Same old story on the 9mm:
>Bad guys hit multiple times and still in the fight.
>
>4) Mossberg 12ga. Military shotgun: Works well, used frequently for
>clearing houses to good effect.
>
>5) The M240 Machine Gun: 7.62 Nato (.308) cal. belt fed machine gun,
>developed to replace the old M-60 (what a beautiful weapon that was!!).
>Thumbs up. Accurate, reliable, and the 7.62 round puts em down.
>Originally developed as a vehicle mounted weapon, more and more are
>being dismounted and taken into the field by infantry. The 7.62 round
>chews up the structure over there.
>
>6) The M2 .50 cal heavy machine gun: Thumbs way, way up. Ma deuce is
>still worth her considerable weight in gold. The ultimate fight stopper,
>puts their dicks in the dirt every time. The most coveted weapon
>in-theater.
>
>7) The .45 pistol: Thumbs up. Still the best pistol round out there.
>Everybody authorized to carry a sidearm is trying to get their hands on
>one. With few exceptions, can reliably be expected to put em down with a
>torso hit. The special ops guys (who are doing most of the pistol work)
>use the HK military model and supposedly love it. The old government
>model .45s are being re-issued en masse.
>
>8) The M-14: Thumbs up. They are being re-issued in bulk, mostly in a
>modified version to special ops guys. Modifications include lightweight
>Kevlar stocks and low power red dot or ACOG sights. Very reliable in the
>sandy environment, and they love the 7.62 round.
>
>9) The Barrett .50 cal sniper rifle: Thumbs way up. Spectacular range
>and accuracy and hits like a freight train. Used frequently to take out
>vehicle suicide bombers ( we actually stop a lot of them) and barricaded
>enemy. Definitely here to stay.
>
>10) The M24 sniper rifle: Thumbs up. Mostly in .308 but some in 300 win
>mag. Heavily modified Remington 700s. Great performance. Snipers have
>been used heavily to great effect. Rumor has it that a marine sniper on
>his third tour in Anbar province has actually exceeded Carlos Hathcocks
>record for confirmed kills with OVER 100.
>
>11) The new body armor: Thumbs up. Relatively light at approx. 6 lbs.
>and can reliably be expected to soak up small shrapnel and even will
>stop an AK-47 round. The bad news: Hot as **** to wear, almost
>unbearable in the summer heat (which averages over 120 degrees). Also,
>the enemy now goes for head shots whenever possible. All the bull****
>about the old body armor making our guys vulnerable to the IEDs was a
>non-starter. The IED explosions are enormous and body armor doesn't make
>any difference at all in most cases.
>
>12) Night Vision and Infrared Equipment: Thumbs way up. Spectacular
>performance. Our guys see in the dark and own the night, period. Very
>little enemy action after evening prayers. More and more enemy being
>whacked at night during movement by our hunter-killer teams. Weve all
>seen the videos.
>
>13) Lights: Thumbs up. Most of the weapon mounted and personal lights
>are Surefires, and the troops love em. Invaluable for night urban
>operations. Jordan carried a $34 Surefire G2 on a neck lanyard and loved
>it.
>
>I cant help but notice that most of the good fighting weapons and
>ordnance are 50 or more years old!!!!!!!!! With all our technology, its
>the WWII and Vietnam era weapons that everybody wants!!!! The infantry
>fighting is frequent, up close and brutal. No quarter is given or shown.
>
>Bad guy weapons:
>
>1) Mostly AK47s . The entire country is an arsenal. Works better in the
>desert than the M16 and the .308 Russian round kills reliably. PKM belt
>fed light machine guns are also common and effective. Luckily, the enemy
>mostly shoots like ****. Undisciplined spray and pray type fire.
>However, they are seeing more and more precision weapons, especially
>sniper rifles. (Iran, again) Fun fact: Captured enemy have apparently
>marveled at the marksmanship of our guys and how hard they fight. They
>are apparently told in Jihad school that the Americans rely solely on
>technology, and can be easily beaten in close quarters combat for their
>lack of toughness. Lets just say they know better now.
>
>2) The RPG: Probably the infantry weapon most feared by our guys.
>Simple, reliable and as common as dog****. The enemy responded to our
>up-armored humvees by aiming at the windshields, often at point blank
>range. Still killing a lot of our guys.
>
>3) The IED: The biggest killer of all. Can be anything from old Soviet
>anti-armor mines to jury rigged artillery shells. A lot found in Jordans
>area were in abandoned cars. The enemy would take 2 or 3 155mm artillery
>shells and wire them together. Most were detonated by cell phone, and
>the explosions are enormous. You're not safe in any vehicle, even an M1
>tank. Driving is by far the most dangerous thing our guys do over there.
>Lately, they are much more sophisticated shape charges (Iranian)
>specifically designed to penetrate armor. Fact: Most of the ready made
>IEDs are supplied by Iran, who is also providing terrorists (Hezbollah
>types) to train the insurgents in their use and tactics. Thats why the
>attacks have been so deadly lately. Their concealment methods are
>ingenious, the latest being shape charges in Styrofoam containers spray
>painted to look like the cinderblocks that litter all Iraqi roads. We
>find about 40% before they detonate, and the bomb disposal guys are
>unsung heroes of this war.
>
>4) Mortars and rockets: Very prevalent. The soviet era 122mm rockets
>(with an 18km range) are becoming more prevalent. One of Jordans NCOs
>lost a leg to one. These weapons cause a lot of damage inside the wire.
>Jordans base was hit almost daily his entire time there by mortar and
>rocket fire, often at night to disrupt sleep patterns and cause fatigue
>(It did). More of a psychological weapon than anything else. The enemy
>mortar teams would jump out of vehicles, fire a few rounds, and then
>haul ass in a matter of seconds.
>
>5) Bad guy technology: Simple yet effective. Most communication is by
>cell and satellite phones, and also by email on laptops. They use
>handheld GPS units for navigation and Google earth for overhead views of
>our positions. Their weapons are good, if not fancy, and prevalent.
>Their explosives and bomb technology is TOP OF THE LINE. Night vision is
>rare. They are very careless with their equipment and the captured GPS
>units and laptops are treasure troves of Intel when captured.
>
>Bad Guy Tactics:
>
>When they are engaged on an infantry level they get their asses kicked
>every time. Brave, but stupid. Suicidal Banzai-type charges were very
>common earlier in the war and still occur. They will literally sacrifice
>8-10 man teams in suicide squads by sending them screaming and firing
>Aks and RPGs directly at our bases just to probe the defenses. They get
>mowed down like grass every time. ( see the M2 and M240 above). Jordans
>base was hit like this often. When engaged, they have a tendency to flee
>to the same building, probably for what they think will be a glorious
>last stand. Instead, we call in air and thats the end of that more often
>than not. These hole-ups are referred to as Alpha Whiskey Romeos (Allahs
>Waiting Room). We have the laser guided ground-air thing down to a
>science. The fast movers, mostly Marine F-18s, are taking an ever
>increasing toll on the enemy. When caught out in the open, the
>helicopter gunships and AC-130 Spectre gunships cut them to ribbons with
>cannon and rocket fire, especially at night. Interestingly, artillery is
>hardly used at all. Fun fact: The enemy death toll is supposedly between
>45-50 thousand. That is why were seeing less and less infantry attacks
>and more IED, suicide bomber ****. The new strategy is simple:
>attrition.
>
>The insurgent tactic most frustrating is their use of civilian
>non-combatants as cover. They know we do all we can to avoid civilian
>casualties and therefore schools, hospitals and (especially) Mosques are
>locations where they meet, stage for attacks, cache weapons and ammo and
>flee to when engaged. They have absolutely no regard whatsoever for
>civilian casualties. They will terrorize locals and murder without
>hesitation anyone believed to be sympathetic to the Americans or the new
>Iraqi govt. Kidnapping of family members (especially children) is common
>to influence people they are trying to influence but cant reach, such as
>local govt. officials, clerics, tribal leaders, etc.).
>
>The first thing our guys are told is don't get captured. They know that
>if captured they will be tortured and beheaded on the internet. Zarqawi
>openly offers bounties for anyone who brings him a live American
>serviceman. This motivates the criminal element who otherwise don't give
>a **** about the war. A lot of the beheading victims were actually
>kidnapped by common criminals and sold to Zarqawi. As such, for our
>guys, every fight is to the death. Surrender is not an option.
>
>The Iraqis are a mixed bag. Some fight well, others aren't worth a ****.
>Most do okay with American support. Finding leaders is hard, but they
>are getting better. It is widely viewed that Zarqawis use of suicide
>bombers, en masse, against the civilian population was a serious
>tactical mistake. Many Iraqis were galvanized and the caliber of
>recruits in the Army and the police forces went up, along with their
>motivation. It also led to an exponential increase in good intel because
>the Iraqis are sick of the insurgent attacks against civilians. The
>Kurds are solidly pro-American and fearless fighters.
>
>According to Jordan, morale among our guys is very high. They not only
>believe they are winning, but that they are winning decisively. They are
>stunned and dismayed by what they see in the American press, whom they
>almost universally view as against them. The embedded reporters are
>despised and distrusted. They are inflicting casualties at a rate of
>20-1 and then see **** like Are we losing in Iraq on TV and the print
>media. For the most part, they are satisfied with their equipment, food
>and leadership. Bottom line though, and they all say this, there are not
>enough guys there to drive the final stake through the heart of the
>insurgency, primarily because there aren't enough troops in-theater to
>shut down the borders with Iran and Syria. The Iranians and the Syrians
>just cant stand the thought of Iraq being an American ally (with, of
>course, permanent US bases there).




From camera_lumina at hotmail.com  Sun Nov 13 09:15:17 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Sun, 13 Nov 2005 12:15:17 -0500
Subject: [Clips] Feds mull regulation of quantum computers
In-Reply-To: <792ce4370511121918r3c6eb7e7x41632e631e0c350@mail.gmail.com>
Message-ID: <BAY103-F349513D58EFD8A877193339B5B0@phx.gbl>

Seems to me we don't even need to bother thinking about Quantum Computers 
until they can fab components that operate at room temperature. That's not 
impossible, but if someone stopped thinking about it for about 5 years you 
probably wouldn't miss anything.
-TD


>From: cyphrpunk <cyphrpunk at gmail.com>
>To: cryptography at metzdowd.com, cypherpunks at jfet.org
>Subject: Re: [Clips] Feds mull regulation of quantum computers
>Date: Sat, 12 Nov 2005 19:18:09 -0800
>
> >  WASHINGTON--Quantum computers don't exist outside the laboratory. But 
>the
> >  U.S. government appears to be exploring whether it should be illegal to
> >  ship them overseas.
> >
> >  A federal advisory committee met Wednesday to hear an IBM presentation
> >  about just how advanced quantum computers have become--with an eye 
>toward
> >  evaluating when the technology might be practical enough to merit
> >  government regulation.
>
>Suppose that quantum computers work and the NSA has them. What steps
>can or should they take to try to stop the propagation of this
>technology? If they come out too openly with restrictions, it sends a
>signal that there's something there, which could drive more research
>into the technology by the NSA's adversaries, the opposite of the
>desired outcome. If they leave things alone then progress may continue
>towards this technology that the NSA wants to suppress.
>
>Something like the present action isn't a bad compromise. Work towards
>restrictions on technology exports, but in a studiously casual
>fashion. There's nothing to see here, folks. We're just covering our
>bases, in the outside chance that something comes out of this way down
>the road. Meanwhile we'll just go ahead and stop exports of related
>technologies. But we certainly don't think that quantum computers are
>practical today, heavens no!
>
>CP




From rah at shipwright.com  Sun Nov 13 10:37:27 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Sun, 13 Nov 2005 13:37:27 -0500
Subject: [Clips] Spies in the Server Closet
Message-ID: <p06230903bf9d2feda7d6@[68.167.57.91]>

If this most recent darknet-as-IP-bogeyman meme persists, Hollywood et al.
is probably going to make Tim May famous.

*That* should be interesting.

:-)



Cheers,
RAH
-------
--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Sun, 13 Nov 2005 12:59:42 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Spies in the Server Closet
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.cio.com/archive/110105/tl_filesharing.html?action=print>

 NOVEMBER 1, 2005 | CIO MAGAZINE
 FILE SHARING
 Spies in the Server Closet
 BY MICHAEL JACKMAN



 The Supreme Court might have stirred up a bigger problem than it settled
 when it ruled last June that file-sharing networks such as Grokster could
 be sued if their members pirated copyrighted digital music and video.

 Since then, some programmers have announced they would pursue so-called
 darknets. These private, invitation-only networks can be invisible to even
 state-of-the-art sleuthing. And although they're attractive as a way to get
 around the entertainment industry's zeal in prosecuting digital piracy,
 they could also create a new channel for corporate espionage, says Eric
 Cole, chief scientist for Lockheed Martin Information Technology.

 Cole defines a darknet as a group of individuals who have a covert,
 dispersed communication channel. While file-sharing networks such as
 Grokster and even VPNs use public networks to exchange information, with a
 darknet, he says, "you don't know it's there in the first place."

 All an employee has to do to set one up is install file-sharing software
 written for darknets and invite someone on the outside to join, thus
 creating a private connection that's unlikely to be detected. "The Internet
 is so vast, porous and complex, it's easy to set up underground networks
 that are almost impossible to find and take down," says Cole.

 He advises that the best-and perhaps only-defense against darknets is a
 combination of network security best practices (such as firewalls,
 intrusion detection systems and intrusion prevention systems) and keeping
 intellectual property under lock and key. In addition, he says, companies
 should enact a security policy called "least privilege," which means users
 are given the least amount of access they need to do their jobs. "Usually
 if a darknet is set up it's because an individual has too much access,"
 Cole says.



 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"When I was your age we didn't have Tim May! We had to be paranoid
on our own! And we were grateful!" --Alan Olsen




From jamesd at echeque.com  Sun Nov 13 14:17:56 2005
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 13 Nov 2005 14:17:56 -0800
Subject: How broad is the SPEKE patent.
In-Reply-To: <87wtjf4hb4.fsf@mid.deneb.enyo.de>
References: <43734B0E.20922.5A78B9@localhost> (James A. Donald's message
  of	"Thu, 10 Nov 2005 13:28:46 -0800")
Message-ID: <43774B14.13969.5F03DCD@localhost>

    --
James A. Donald:
> > I figured that the obvious solution to all this was
> > to deploy zero knowledge technologies, where both
> > parties prove knowledge of the shared secret without
> > revealing the shared secret.

Florian Weimer <fw at deneb.enyo.de>
> Keep in mind that one party runs the required software
> on a computed infected with spyware and other kinds of
> Trojan horses.  This puts the effectiveness of
> zero-knowledge proofs into question.

My computers do not have spyware and Trojan horses.


    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     +RC/0PUcBFXYvCMG168GCyW3kQ1ifJ8dR0h7MP6j
     47J0CwidqkZvRp4RHuehm78yL5Q6Ux8pSu/TtUKZZ




From eugen at leitl.org  Sun Nov 13 09:25:10 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 13 Nov 2005 18:25:10 +0100
Subject: [Clips] Feds mull regulation of quantum computers
In-Reply-To: <BAY103-F349513D58EFD8A877193339B5B0@phx.gbl>
References: <792ce4370511121918r3c6eb7e7x41632e631e0c350@mail.gmail.com>
  <BAY103-F349513D58EFD8A877193339B5B0@phx.gbl>
Message-ID: <20051113172510.GE2249@leitl.org>

On Sun, Nov 13, 2005 at 12:15:17PM -0500, Tyler Durden wrote:

> Seems to me we don't even need to bother thinking about Quantum Computers
> until they can fab components that operate at room temperature. That's not

It would be good to have nontrivial qubit assemblies at all in in
*solid state*. I don't think anyone has QC working yet. It's not
obvious it is at all usable, even for number factoring (entangling
and keeping entangled a large qubit constellation, error correction, suitable
QC algorithms, etc). Does at all elliptical curve crypto map well to QC?

> impossible, but if someone stopped thinking about it for about 5 years you
> probably wouldn't miss anything.

--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From piirszxjryv at msn.com  Sun Nov 13 13:55:11 2005
From: piirszxjryv at msn.com (Brandy Bingham)
Date: Sun, 13 Nov 2005 19:55:11 -0200
Subject: Rolex at 80% Off RyK5r
Message-ID: <88445969.986piirszxjryv@msn.com>


Highest qualities Replika Watches now HERE!
We guarantees:

- 99.9% like original
- very high quality, identical to branded
- we carry all major brands (Rolex, Tag Heuer, Omega, and etc)
- huge selections
- at very affordable price

Visit us today..
http://043.gowilkogo.com













o-ut of mai-lling lisst:
http://043.highqualityprod.com/rm/


ar3dk




From anonymous at remailer.metacolo.com  Sun Nov 13 12:13:42 2005
From: anonymous at remailer.metacolo.com (Anonymous Sender)
Date: Sun, 13 Nov 2005 20:13:42 +0000 (UTC)
Subject: Iraq Stories
In-Reply-To: <BAY103-F240F00B15768A959E55B719B5B0@phx.gbl>
Message-ID: <34a7f06c9e90886e991a38d421eb14f5@remailer.metacolo.com>

On November 11th 2005, Tyler Durden wrote:
> Looks like an AgitProp writer in training. Guess he's looking for feedback 
> to hone his skills.

It's making its rounds on the internet.  If you search for a unique
phrase in the article, you'll find it.




From coderman at gmail.com  Mon Nov 14 02:41:44 2005
From: coderman at gmail.com (coderman)
Date: Mon, 14 Nov 2005 02:41:44 -0800
Subject: [mnl@well.com: [Geowanking] cisco wi-fi geosurveillance
  tech]
In-Reply-To: <BAY103-F31BEB4496F8805155F03779B580@phx.gbl>
References: <20051112103244.GY2249@leitl.org> 	
  <BAY103-F31BEB4496F8805155F03779B580@phx.gbl>
Message-ID: <4ef5fec60511140241r7658f122kc592ee4a7fb86937@mail.gmail.com>

On 11/12/05, Tyler Durden <camera_lumina at hotmail.com> wrote:
> Eh. It's Cisco. Shouldn't be too hard to write an app that will lie to this
> network about where you are.

high power works great to confuse these location tracking heuristics;
a 1W* shows up as 'right next to AP' on all radios in the vicinity.

a number of access point makers include this kind of location tracking
capability, for example Newbury Networks 'locale points':
http://www.newburynetworks.com/products/coretech.php?localepoints so
this applies to more than just the cisco/Airespace products.

there are tricks to work around high powered clients / rogue AP
signals but i haven't seen vendors implement them yet and exactly what
these workarounds are is left as an exercise for the reader. :)

best regards,

* this probably exceeds FCC EIRP limits but no one cares about the FCC
anymore right?




From solinym at gmail.com  Mon Nov 14 04:16:55 2005
From: solinym at gmail.com (Travis H.)
Date: Mon, 14 Nov 2005 06:16:55 -0600
Subject: On Digital Cash-like Payment Systems
In-Reply-To: <792ce4370511071247l1a687a5dk8dcfa02f7de61164@mail.gmail.com>
References: <19275506.1130592050616.JavaMail.root@elwamui-karabash.atl.sa.earthlink.net>
  	 <d4f1333a0511041709j48703e7aqe2d694b0366ccccc@mail.gmail.com> 	
  <792ce4370511071247l1a687a5dk8dcfa02f7de61164@mail.gmail.com>
Message-ID: <d4f1333a0511140416l419b9b2do703e5d5575530141@mail.gmail.com>

> Don't ever encrypt the same message twice that way, or you're likely to
> fall to a common modulus attack, I believe.

Looks like it (common modulus attack involves same n, different (e,d) pairs).

However, you're likely to be picking a random symmetric key as the
"message", and Schneier even suggests picking a random r in Z_n and
encrypting hash(r) as the symmetric key.

More generally, I wonder about salting all operations to prevent using
the same value more than once.  It seems like it's generally a bad
idea to reuse values, as a heuristic, and applying some kind of
uniquification operation to everything, just as it's a good idea to
pad/frame values in such a way that the output of one stage cannot be
used in another stage of the same protocol.

> > Since I'm on the topic, does doing exponentiation in a finite field
> > make taking discrete logarithms more difficult (I suspect so), and if
> > so, by how much?
>
> This doesn't make sense. The discrete log operation is the inverse of
> exponentiation. Doing exponentiation is a prerequisite for even
> considering discrete log operations. Hence it cannot make them "more
> difficult".

What I really meant was, if it wasn't computed in a finite field, how
difficult would it be to compute the logarithm?  I'm just curious
about how much work factor is involved in reducing modulo n.

I also wonder about some of the implications of choosing a message or
exponent such that not enough reductions take place during
exponentiation.

> I'm not sure conventional covert-channel analysis is going to be that
> useful here, because the bandwidths we are looking at in this attack
> model are so much greater (kilobytes to megabytes per second).

Well, it depends on how you define the attack, which wasn't defined. 
If the attack is to smuggle out a key using a covert channel, it may
apply.  If the attack is to download the key on a conventional
network, it wouldn't make much difference.

Unless, of course, you're auditing network flows over a certain size
or lasting a certain amount of time.
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From WWhyte at ntru.com  Mon Nov 14 06:47:42 2005
From: WWhyte at ntru.com (Whyte, William)
Date: Mon, 14 Nov 2005 09:47:42 -0500
Subject: On Digital Cash-like Payment Systems
Message-ID: <9DC3EBEFB87A97498A7D25F130DE27E4206404@ohthree.jjj-i.com>

> > Don't ever encrypt the same message twice that way, or you're likely to
> > fall to a common modulus attack, I believe.
> 
> Looks like it (common modulus attack involves same n, 
> different (e,d) pairs).
> 
> However, you're likely to be picking a random symmetric key as the
> "message", and Schneier even suggests picking a random r in Z_n and
> encrypting hash(r) as the symmetric key.
> 
> More generally, I wonder about salting all operations to prevent using
> the same value more than once.  It seems like it's generally a bad
> idea to reuse values, as a heuristic, and applying some kind of
> uniquification operation to everything, just as it's a good idea to
> pad/frame values in such a way that the output of one stage cannot be
> used in another stage of the same protocol.

I forget the beginning of this conversation... but if you're
salting all public-key encryption operations you may as well
just use a standard RSA encryption scheme, such as OAEP or
RSA-KEM. OAEP is specified in PKCS#1, available from 
http://www.rsasecurity.com/rsalabs/node.asp?id=2125; it's well-
studied and has a proof of security, and should certainly be
used in preference to any home-grown system.

If you were talking about salting something other than public
key operations, accept my apologies...

William




From camera_lumina at hotmail.com  Mon Nov 14 07:02:29 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Mon, 14 Nov 2005 10:02:29 -0500
Subject: [Clips] Feds mull regulation of quantum computers
In-Reply-To: <20051113172510.GE2249@leitl.org>
Message-ID: <BAY103-F2024601A7DD57AFB0D89849B5A0@phx.gbl>

>It would be good to have nontrivial qubit assemblies at all in in
>*solid state*. I don't think anyone has QC working yet. It's not
>obvious it is at all usable, even for number factoring (entangling
>and keeping entangled a large qubit constellation, error correction, 
>suitable
>QC algorithms, etc). Does at all elliptical curve crypto map well to QC?

There's actually been quantum error correction for as long as ten years 
already, so I suspect that somewhere deep underground in the greater DC-area 
there's a giant QC that's actually starting to do some interesting things. 
But I'd also bet any amount of $$$ it's more than a decade behind anything 
in the electronic domain. The knee in the curve is several years away.

The mapping between elliptical curve crypto and quantum algorithms is a very 
interesting question that I have no idea of. No doubt, however, the 
affinities (or lack thereof) is already known. Look for telltale odd 
standards-bodies pushes towards certain approaches.

-TD




From camera_lumina at hotmail.com  Mon Nov 14 07:07:06 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Mon, 14 Nov 2005 10:07:06 -0500
Subject: [Clips] Spies in the Server Closet
In-Reply-To: <p06230903bf9d2feda7d6@[68.167.57.91]>
Message-ID: <BAY103-F58740410A64F3A5B857BF9B5A0@phx.gbl>

One thing I've always wanted is a way to leverage "insider" information on 
possible large corporate takeovers via a darknet.

Anyone know of a way I could buy stocks/futures/etc... purely anonymously? 
(And then, of course, cash in like a fuckin' bandit after Bigass Bank X buys 
Bank Y...)

-TD


>From: "R. A. Hettinga" <rah at shipwright.com>
>To: cryptography at metzdowd.com, cypherpunks at jfet.org
>Subject: [Clips] Spies in the Server Closet
>Date: Sun, 13 Nov 2005 13:37:27 -0500
>
>If this most recent darknet-as-IP-bogeyman meme persists, Hollywood et al.
>is probably going to make Tim May famous.
>
>*That* should be interesting.
>
>:-)
>
>
>
>Cheers,
>RAH
>-------
>--- begin forwarded text
>
>
>  Delivered-To: clips at philodox.com
>  Date: Sun, 13 Nov 2005 12:59:42 -0500
>  To: Philodox Clips List <clips at philodox.com>
>  From: "R. A. Hettinga" <rah at shipwright.com>
>  Subject: [Clips] Spies in the Server Closet
>  Reply-To: rah at philodox.com
>  Sender: clips-bounces at philodox.com
>
>  <http://www.cio.com/archive/110105/tl_filesharing.html?action=print>
>
>  NOVEMBER 1, 2005 | CIO MAGAZINE
>  FILE SHARING
>  Spies in the Server Closet
>  BY MICHAEL JACKMAN
>
>
>
>  The Supreme Court might have stirred up a bigger problem than it settled
>  when it ruled last June that file-sharing networks such as Grokster could
>  be sued if their members pirated copyrighted digital music and video.
>
>  Since then, some programmers have announced they would pursue so-called
>  darknets. These private, invitation-only networks can be invisible to 
>even
>  state-of-the-art sleuthing. And although they're attractive as a way to 
>get
>  around the entertainment industry's zeal in prosecuting digital piracy,
>  they could also create a new channel for corporate espionage, says Eric
>  Cole, chief scientist for Lockheed Martin Information Technology.
>
>  Cole defines a darknet as a group of individuals who have a covert,
>  dispersed communication channel. While file-sharing networks such as
>  Grokster and even VPNs use public networks to exchange information, with 
>a
>  darknet, he says, "you don't know it's there in the first place."
>
>  All an employee has to do to set one up is install file-sharing software
>  written for darknets and invite someone on the outside to join, thus
>  creating a private connection that's unlikely to be detected. "The 
>Internet
>  is so vast, porous and complex, it's easy to set up underground networks
>  that are almost impossible to find and take down," says Cole.
>
>  He advises that the best-and perhaps only-defense against darknets is a
>  combination of network security best practices (such as firewalls,
>  intrusion detection systems and intrusion prevention systems) and keeping
>  intellectual property under lock and key. In addition, he says, companies
>  should enact a security policy called "least privilege," which means 
>users
>  are given the least amount of access they need to do their jobs. "Usually
>  if a darknet is set up it's because an individual has too much access,"
>  Cole says.
>
>
>
>  --
>  -----------------
>  R. A. Hettinga <mailto: rah at ibuc.com>
>  The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
>  44 Farquhar Street, Boston, MA 02131 USA
>  "... however it may deserve respect for its usefulness and antiquity,
>  [predicting the end of the world] has not been found agreeable to
>  experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
>  _______________________________________________
>  Clips mailing list
>  Clips at philodox.com
>  http://www.philodox.com/mailman/listinfo/clips
>
>--- end forwarded text
>
>
>--
>-----------------
>R. A. Hettinga <mailto: rah at ibuc.com>
>The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
>44 Farquhar Street, Boston, MA 02131 USA
>"When I was your age we didn't have Tim May! We had to be paranoid
>on our own! And we were grateful!" --Alan Olsen




From kyphros at gmail.com  Mon Nov 14 10:45:20 2005
From: kyphros at gmail.com (Mike Owen)
Date: Mon, 14 Nov 2005 10:45:20 -0800
Subject: [mnl@well.com: [Geowanking] cisco wi-fi geosurveillance
  tech]
In-Reply-To: <4ef5fec60511140241r7658f122kc592ee4a7fb86937@mail.gmail.com>
References: <20051112103244.GY2249@leitl.org> 	
  <BAY103-F31BEB4496F8805155F03779B580@phx.gbl> 	
  <4ef5fec60511140241r7658f122kc592ee4a7fb86937@mail.gmail.com>
Message-ID: <8f5ca2210511141045q4b976ffep6363c57be7d8835e@mail.gmail.com>

On 11/14/05, coderman <coderman at gmail.com> wrote:
> there are tricks to work around high powered clients / rogue AP
> signals but i haven't seen vendors implement them yet and exactly what
> these workarounds are is left as an exercise for the reader. :)
>
> best regards,
>


What I've heard of is using the rtt to try and guess at how far away
it is. No idea how effective it is, but it would probably help weed
out the clients using a 4w EIRP.

Mike




From OlgaBeltrancanton at pcs.u-bordeaux2.fr  Mon Nov 14 10:31:51 2005
From: OlgaBeltrancanton at pcs.u-bordeaux2.fr (Alba Redmond)
Date: Mon, 14 Nov 2005 14:31:51 -0400
Subject: Your doc thinks you`re millionaire? cupidity
Message-ID: <5.8.19.2081924.0083fc70@ies.edu>

Xanax and other drugs with wholesale prices.

You wont find better prices anywhere!

Xanax - 60 Pills - 199$
Ambien - 60 Pills - 190$
Ultram - 60 PilIs - 85$
Viagra - 150 Pills - 269$
Valium - 180 Pills - 370$
Soma - 80 Pills - 79$

Please click below and check out our offer.

http://kokplo.info/?75093a330b5e42Sc50fd870641b6Sf01












autocracy you grandeur me, cravat . knapsack you bus me, yuck beauteous . 
garrulous you geisha me, slum bangui bolshevism buttermilk . defraud you schulz me, nu astronautic kyoto . banks you algol me, heroism . doctrine you drudge me, cheese . 
http://www.kokikp.info/fgh.php




From mv at cdc.gov  Mon Nov 14 21:04:21 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Mon, 14 Nov 2005 21:04:21 -0800
Subject: Iraq Stories
Message-ID: <43796C55.4278F863@cdc.gov>

>Jordan spent 7 months at Camp Blue Diamond in Ramadi

Ha ha, funny name.

>1) The M-16 rifle : Thumbs down. Chronic jamming problems with the
>talcum powder like sand over there. The sand is everywhere. Jordan says

Sucks to be an invader, huh?  I hear the redcoats didn't like their
flintlocks, either, nor the centurians their swords.

An IED keeps the colonists away.  Have a fun second tour, pig.

And give our regards to Ryan.




From mv at cdc.gov  Mon Nov 14 21:04:29 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Mon, 14 Nov 2005 21:04:29 -0800
Subject: Iraq Stories
Message-ID: <43796C5C.6F2B1BC6@cdc.gov>

>Jordan spent 7 months at Camp Blue Diamond in Ramadi

Ha ha, funny name.

>1) The M-16 rifle : Thumbs down. Chronic jamming problems with the
>talcum powder like sand over there. The sand is everywhere. Jordan says

Sucks to be an invader, huh?  I hear the redcoats didn't like their
flintlocks, either, nor the centurians their swords.

An IED a day keeps the colonists away.  Have a fun second tour, pig.

And give our regards to Ryan.




From pgut001 at cs.auckland.ac.nz  Mon Nov 14 00:13:33 2005
From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Date: Mon, 14 Nov 2005 21:13:33 +1300
Subject: How broad is the SPEKE patent.
Message-ID: <E1EbZT3-0005V8-00@medusa01.cs.auckland.ac.nz>

"James A. Donald" <jamesd at echeque.com> writes:
>James A. Donald:
>> > I figured that the obvious solution to all this was
>> > to deploy zero knowledge technologies, where both
>> > parties prove knowledge of the shared secret without
>> > revealing the shared secret.
>
>Florian Weimer <fw at deneb.enyo.de>
>> Keep in mind that one party runs the required software
>> on a computed infected with spyware and other kinds of
>> Trojan horses.  This puts the effectiveness of
>> zero-knowledge proofs into question.
>
>My computers do not have spyware and Trojan horses.

My computers have no undetected spyware and Trojan horses.

Peter.




From eol1 at yahoo.com  Tue Nov 15 12:32:04 2005
From: eol1 at yahoo.com (Peter Thoenen)
Date: Tue, 15 Nov 2005 12:32:04 -0800 (PST)
Subject: Iraq Stories
Message-ID: <20051115203204.31057.qmail@web51914.mail.yahoo.com>

--- Anonymous Sender <anonymous at remailer.metacolo.com> wrote:

> 3) The M9 Beretta 9mm: Mixed bag. Good gun, performs well in desert
> environment; but they all hate the 9mm cartridge. The use of handguns
> for self-defense is actually fairly common. Same old story on the 9mm:
> Bad guys hit multiple times and still in the fight.

Actually the M16 and M4 also suffer from this exact same problem in closer
quarters.  The 5.56 just doesn't cut it when Haji is taking a point blank death
shot at you.  As a result, most of the spec op, merc, and secret squirrel crowd
is using a variety of 7.62 weapons to included looted AK's.

What is even worse is the 9mm SMG's (for example, the modify DoE M4) ... talk
about useless.



"I think everyone understands that it's getting better every day.  Or course, every nation that's got IEDS and drive-by shootings and suicide bombers definitely got some security issues" -LTC Gibler, Mosul, IQ 05MAY30

You Think?




From skquinn at speakeasy.net  Tue Nov 15 13:50:40 2005
From: skquinn at speakeasy.net (Shawn K. Quinn)
Date: Tue, 15 Nov 2005 15:50:40 -0600
Subject: Iraq Stories
In-Reply-To: <87d0d0472112e50ee684dc4c6b225ec8@remailer.metacolo.com>
References: <87d0d0472112e50ee684dc4c6b225ec8@remailer.metacolo.com>
Message-ID: <1132091441.5728.92.camel@xevious.platypuslabs.org>

On Sun, 2005-11-13 at 03:05 +0000, Anonymous Sender wrote:
> Hello to all my fellow gunners, military buffs, veterans and interested
> guys. 

[rest deleted]

Was there a reason for "asterisking out" the cuss words? I don't think
there's an official policy against profanity unless of course one of the
nodes is doing this on injected posts...

-- 
Shawn K. Quinn <skquinn at speakeasy.net>




From bill.stewart at pobox.com  Wed Nov 16 01:55:01 2005
From: bill.stewart at pobox.com (Bill Stewart)
Date: Wed, 16 Nov 2005 01:55:01 -0800
Subject: Fwd: the effects of a spy
Message-ID: <6.2.1.2.0.20051116010150.0367afd8@pop.idiom.com>

 > From: "Steven M. Bellovin" <smb at cs.columbia.edu>
 > To: cryptography at metzdowd.com
 > Subject: the effects of a spy
 > Date: Tue, 15 Nov 2005 16:08:50 -0500

 > Bruce Schneier's newsletter Cryptogram has the following fascinating
 > link: http://www.fas.org/irp/eprint/heath.pdf
 > It's the story of effects of a single spy who betrayed keys and
 > encryptor designs.

Steve posted Bruce's reference to an astounding paper.
It's a master's thesis in military history by a US army major,
looking at the John Walker spy case's effects
and the absolutely badly broken US Military systems he was part of -
- the security clearance process was systematically unreliable,
pretty much guaranteeing that there'd be enough bad guys hired
and given access to highly classified information that
you'd expect some of it to get sold to the Soviets,
and they were much more worried that sailors might be gay
than that they might have serious drinking and financial problems
- the radio crypto system he was stealing keys for was used by
the entire US Navy in ways that one person could compromise
the communications for the entire fleet for months, undetected,
- tens of thousands of people had access to the keying material,
- the NSA mostly designed crypto systems with the goal of having them
not be compromised, but the Navy mostly designed operations systems
with the goal of being able to communicate reliably,
- the NSA didn't realize how different the Navy's operations
environment was from how the NSA would run things,
and the Navy didn't realize how critical the handling requirements were,
- Navy classified information storage rooms used to have photocopiers (:-)
- Navy personnel files were accessible to the people they were about,
and one way to renew your security clearance was to create your own paperwork,
- theoretically the Fleet Broadcasting System keying material
was split into four regions of the world to reduce risk of compromise,
but in practice every ship had every set of keys in case they needed them,
- the military in the mid-70s still used some even older NSA systems that
were based on rotor machines, in spite of the fact that
some rotor machines had been cracked as early as the 1930s
(but the Enigma cracking was still secret until 1979,
so security-by-obscurity said this was still ok for most uses),
and the main reason they were phased out was they were too slow,
- hauling keying material around by courier might be ok for an airforce,
but Navy ships move slowly and independently enough that they
tend to haul around huge chunks of keying material,
as well as couriering material for other services.

The author speculates that the Pueblo may have been seized
specifically because the Soviets knew they'd be able to get
keying material from Walker and wanted to get the crypto machine,
and that they later cracked the machine so they no longer needed new keys.
Walker's access to couriered keying material appears to have
exposed much of the Vietnam War B-52 bombing plans to the Soviets,
so the North Vietnamese and Vietcong could avoid being in the
places that the US was bombing for several years.
"Breaking the Ring" was a book about the Walker spy ring
and its effects, and Heath discusses a few items from it that
she thinks were probably deception by various players.

There's a little bit of technical detail, mostly not that deep,
but enough to let the reader understand the impacts of various
technologies and decisions, like the risks of having
tens of thousands of sailors having access to material
that can compromise the communications of the entire fleet.

The NSA used to not only pretend not to exist, but also pretended
to have the best crypto people in the world,
and while they may have had the best codebreakers,
it clearly wasn't having much effect on their codemaking side
as late as the mid-70s - and while public-key crypto wasn't
very practical in 1976 when Diffie-Hellman was first published,
it was apparently desperately needed, and the Navy would
probably have better off with DES than with much of what they
were using back then.

Were the mid-70s really that long ago?
Was the security clearance system that incompetent
back when I had mine (:-)?




From MargaritaFeltoncaterpillar at agenziavicenza.it  Tue Nov 15 18:05:57 2005
From: MargaritaFeltoncaterpillar at agenziavicenza.it (Napoleon Bolton)
Date: Wed, 16 Nov 2005 03:05:57 +0100
Subject: Sex and The City rosette
Message-ID: <3DF4FB83.17004@ubp.edu.ar>

As seen on HBO's "Sex and The City" 


http://youwereusingme.com/


This classic vibrator is a womans best friend... 
The Jack Rabbit Vibrator is a dual control multi-speed vibrating
and rotating 7 1/2" x 1 1/2" Vibrator.
Made of a bright pink, pliant jelly, the tip is realistically sculpted.
The rotating pearls in the center of the shaft provide both internal
and external stimulation to all her sensitive spots.
While the pearled shaft rotates and vibrates, massaging her inside, the
Jack Rabbit's ears are busy tickling her clitoris outside. The shaft and
stimulator are controlled separately, so she can customize her experience every time. 


Jack Rabbit Vibrator Features: 


Dual Control Multi-Speed Vibrator 
Rotating Pearls 
Rabbit Ears for External Clitoral Stimulation 
The Jack Rabbit is 7 1/2 inches long x 1 1/2 inches in diameter 

More info here:

http://youwereusingme.com/












clinging you breeches me, della replicate cathedra flattery . chit you veil me, cooky damascus . 
prudent you saran me, irrigate stay . stetson you conform me, allegiant custodian zeta shone . horrify you ambidextrous me, wile pea . shari you inglorious me, molten calcine northernmost delusive . 
http://youwereusingme.com/b4/




From rah at shipwright.com  Wed Nov 16 12:31:34 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Wed, 16 Nov 2005 15:31:34 -0500
Subject: [Clips] U.S. Has Detained 83,000 in War on Terror
Message-ID: <p0623096dbfa147923794@[68.167.57.91]>

Let the comparisons to the gulag begin!

;-)

Cheers,
RAH

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Wed, 16 Nov 2005 15:28:33 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] U.S. Has Detained 83,000 in War on Terror
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.breitbart.com/news/2005/11/16/D8DTOTT00.html>


 BREITBART.COM - Just The News


 U.S. Has Detained 83,000 in War on Terror
 Nov 16 2:56 PM US/Eastern Email this story

 By KATHERINE SHRADER
 Associated Press Writer


 WASHINGTON


 The United States has detained more than 83,000 foreigners in the four
 years of the war on terror, enough to nearly fill the NFL's largest
 stadium. The administration defends the practice of holding detainees in
 prisons from Afghanistan to Guantanamo Bay as a critical tool to stop the
 insurgency in Iraq, maintain stability in Afghanistan and get known and
 suspected terrorists off the streets.

  Roughly 14,500 detainees remain in U.S. custody, primarily in Iraq.

  The number has steadily grown since the first CIA paramilitary officers
 touched down in Afghanistan in the fall of 2001, setting up more than 20
 facilities including the "Salt Pit," an abandoned factory outside Kabul
 used for CIA detention and interrogation.

  In Iraq, the number in military custody hit a peak on Nov. 1, according to
 military figures. Nearly 13,900 suspects were in U.S. custody there that
 day _ partly because U.S. offensives in western Iraq put pressure on
 insurgents before the October constitutional referendum and December
 parliamentary elections.

  The detentions and interrogations have brought complaints from Congress
 and human-rights groups about how the detainees _ often Arab and male _ are
 treated.

  International law and treaty obligations forbid torture and inhumane
 treatment. Classified memos have given the government ways to extract
 intelligence from detainees "consistent with the law," administration
 officials often say.

  On Capitol Hill, Sen. John McCain, R-Ariz., is leading a campaign to ban
 cruel, inhuman or degrading treatment of prisoners in U.S. custody. The
 administration says the legislation could tie the president's hands. Vice
 President Dick Cheney has pressed lawmakers to exempt the CIA.

  "There's an enemy that lurks and plots and plans and wants to hurt America
 again. And so you bet we will aggressively pursue them. But we will do so
 under the law," President Bush said last week.

  Some 82,400 people have been detained by the military alone in Afghanistan
 and Iraq, according to figures from officials in Baghdad and Washington.
 Many are freed shortly after initial questioning.

  To put that in context, the capacity of the Washington Redskins' FedEx
 Field, the NFL's largest, is 91,704. The second largest, Giants Stadium,
 holds 80,242.

  An additional 700 detainees were sent to Guantanamo Bay, Cuba. Just under
 500 remain there now.

  In Iraq, the Defense Department says 5,569 detainees have been held for
 more than six months, and 3,801 have been held more than a year. Some 229
 have been locked up for more than two years.

  Many have been questioned by military officials trained at the main U.S.
 interrogation school, Fort Huachuca in Arizona. Pentagon officials say
 those mistreated are relatively few when the sheer numbers are considered.

  Yet human rights groups say they don't know the extent of the abuse. "And
 there is no way anyone could, even if the military was twice as
 conscientious. It is unknowable, unless you assume that every act of abuse
 is immediately reported up the chain of command," said Tom Malinowski,
 Washington director for Human Rights Watch.

  As of March, 108 detainees were known to have died in U.S. military and
 CIA custody, including 22 who died when insurgents attacked Abu Ghraib and
 others who died of natural causes. At least 26 deaths have been
 investigated as criminal homicides.

  Last week, Senate Armed Services Chairman John Warner, R-Va., said that
 more than 400 criminal investigations have been conducted and 95 military
 personnel have been charged with misconduct. Seventy-five have been
 convicted.

  Through the CIA, a much smaller prison population is maintained secretly
 by the agency and friendly governments. A network of known or suspected
 facilities _ some of which have been closed _ have been located in places
 including Thailand, Central Asia and Eastern Europe.

  The governments of Thailand and a number of Eastern Europe countries have
 denied the CIA operated prisons within their borders. The agency
 consistently declines to comment.

  About 100 to 150 people are believed to have been grabbed by CIA officers
 and sent to their home countries or to other nations where they were wanted
 for prosecution, a procedure called "rendition." Saudi Arabia, Jordan and
 Egypt are known to cooperate.

  The practice has taken on a negative connotation, but that wasn't always
 the case. In a December 2002 speech touching on intelligence successes,
 former CIA Director George Tenet said the agency and FBI had "rendered 70
 terrorists to justice."

  While officials won't confirm the number, another two to three dozen
 "high-value" detainees are also believed to be in CIA custody. Among them,
 Khalid Shaikh Mohammed, an alleged mastermind of the 9/11 attacks.

  As House Intelligence chairman in 2004, CIA Director Porter Goss took a
 strong stand on some of the gray areas of detention practices. In an AP
 interview, he said, "Gee, you're breaking my heart" in response to
 complaints that Arab men found it abusive to have women guards at the
 Guantanamo Bay prison camp.

  Before Goss took over the agency, its inspector general completed a report
 on the treatment of detainees, following investigations into at least four
 prisoner deaths that may have involved CIA personnel. To date, one agency
 contractor has been charged.

  The inspector general's report discussed tactics used by CIA personnel _
 called "Enhanced Interrogation Techniques." Former intelligence officials,
 who spoke on condition of anonymity because the practices are classified,
 say some interrogation techniques are well-known: exposing prisoners to
 cold, depriving them of sleep or forcing them to stand in stressful
 positions.

  Perhaps the most publicly controversial technique is waterboarding, when a
 detainee is strapped to a board and has water run over him to simulate
 drowning.


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From Jeoala at optonline.net  Wed Nov 16 15:03:46 2005
From: Jeoala at optonline.net (Olin Scruggs)
Date: Wed, 16 Nov 2005 18:03:46 -0500
Subject: Fw: Please Read
Message-ID: <200511162321.jAGNLTTd028846@proton.jfet.org>

Sir/Madam,
Your current position has been judged to the important committees, and upon well thought-out weighing up, we are able to volunteer to you the following offer.

Based upon well thought-out weighing up you meet the requirements to acheive a handsome rebate on your primary property investment.

By completing the following attached form in a timely manner we will be able to complete our review, and we feel assured you will acheive not only a reduced rate of interest, but also a cash return that will fulfill all your holiday needs and more!

Please go here to complete this period of the arrangement.

Hoping on the best for you all.

Olin Scruggs







Should you prefer not to benefit of this holiday offer you can go here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 937 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051116/945bc9d0/attachment.txt>

From eugen at leitl.org  Wed Nov 16 11:08:37 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 16 Nov 2005 20:08:37 +0100
Subject: /. [UK To Passively Monitor Every Vehicle]
Message-ID: <20051116190837.GY2249@leitl.org>

Link: http://slashdot.org/article.pl?sid=05/11/15/2159244
Posted by: Zonk, on 2005-11-15 22:38:00

   [1]DrSkwid writes "The UK Police are building a network to [2]monitor
   the movement of every vehicle in the U.K. through an extensive
   Automatic Number Plate Recognition (ANPR) system. The data will be
   retained for 2 years. The Register further reports that the system
   will likely be used for issuing speeding fines." From the article:
   "The primary aims claimed for the system are tackling untaxed and
   uninsured vehicles, stolen cars and the considerably broader one of
   'denying criminals the use of the roads.' But unless the Times has got
   the spacing wrong, having one every quarter of a mile on motorways
   quite clearly means they'll be used to enforce speed limits as well,
   which would effectively make the current generation of Gatsos
   obsolete. Otherwise, checking a vehicle's tax and insurance status
   every 15 seconds or thereabouts would seem overkill."

References

   1. http://www.proweb.co.uk/~matt
   2. http://www.theregister.co.uk/2005/11/15/vehicle_movement_database/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From Wfojjo at optonline.net  Wed Nov 16 15:59:26 2005
From: Wfojjo at optonline.net (Dillon Frost)
Date: Thu, 17 Nov 2005 01:59:26 +0200
Subject: Fw: Please Read
Message-ID: <200511170010.jAH0A9n8030021@proton.jfet.org>

Sir/Madam,
Your portfolio has been discussed to the essential committees, and upon thorough consideration, we are able to proffer to you the subsequent offer.

Based upon thorough consideration you qualify to obtain a handsome revenue on your first property investment.

By completing the subsequent attached form in a timely manner we will be able to finalize our appraisal, and we feel positive you will obtain not only a reduced rate of interest, but also a cash return that will execute all your holiday needs and more!

Please go here to finalize this juncture of the settlement.

With kindest regards,

Dillon Frost







Should you prefer not to benefit of this holiday offer you can go here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 899 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051117/b8992cae/attachment.txt>

From Zxpaae at optonline.net  Wed Nov 16 17:39:36 2005
From: Zxpaae at optonline.net (Carla Moser)
Date: Thu, 17 Nov 2005 06:39:36 +0500
Subject: Fw: Information
Message-ID: <200511170151.jAH1pIUN031580@proton.jfet.org>

Sir/Madam,
Your current situation has been evaluated to the important boards, and upon cautious reflection, we are able to suggest to you the following opening offer.

Based upon cautious reflection you certify to get hold of a attractive rebate on your first property investment.

By completing the following attached form in a timely manner we will be able to decide our assessment, and we feel assured you will get hold of not only a decreased rate of interest, but also a cash return that will accomplish all your holiday needs and more!

Please go here to decide this part of the agreement.

With sincerest regards,

Carla Moser







Should you prefer not to take advantage of this holiday opening offer you can go here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 926 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051117/a6eb5bc7/attachment.txt>

From rah at shipwright.com  Thu Nov 17 15:58:42 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Thu, 17 Nov 2005 18:58:42 -0500
Subject: [Clips] Lie detectors may be next step in airline security
Message-ID: <p0623093cbfa2c9a2b525@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Thu, 17 Nov 2005 18:58:01 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Lie detectors may be next step in airline security
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://news.com.com/2102-1008_3-5958656.html?tag=st.util.print>

 CNET News


  Lie detectors may be next step in airline security

  By Reuters

  Story last modified Thu Nov 17 12:10:00 PST 2005


 A new walk-through airport lie detector made in Israel may prove to be the
 toughest challenge yet for potential hijackers or drug smugglers.

 Tested in Russia, the two-stage GK-1 voice analyzer requires that
 passengers don headphones at a console and answer "yes" or "no" into a
 microphone to questions about whether they are planning something illicit.

 The software will almost always pick up uncontrollable tremors in the voice
 that give away liars or those with something to hide, say its designers at
 Israeli firm Nemesysco.

 "In our trial, 500 passengers went through the test, and then each was
 subjected to full traditional searches," said Chief Executive Officer Amir
 Liberman. "The one person found to be planning something illegal was the
 one who failed our test."

 The GK-1 is expected to cost between $10,000-$30,000 when marketed. A
 spokesman for Moscow's Domodyedevo airport, which is using a prototype,
 said "the tester (lie detector) has proved to be effective and we are in
 principle ready to use it."

 The September 11, 2001 hijacking attacks have led to a slew of innovations
 designed to boost airline security. Liberman said several countries had
 expressed interest in the GK-1.



 "Unlike conventional lie detectors such as the polygraph, this is minimally
 invasive, requiring hardly any physical contact," Liberman said, adding
 that the first stage of the test takes between 30-75 seconds.


 Those that fail are taken aside for more intensive questioning and, if
 necessary, searches. Liberman said around 12 percent of passengers tend to
 show stress even when they have nothing to hide.


 "Some may feel nervous because they have used drugs, while having no
 intention to smuggle drugs," he said. "The whole thing is performed in a
 low-key manner to avoid causing anxiety."

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From qwmxucieuhyc at yahoo.com  Thu Nov 17 10:03:39 2005
From: qwmxucieuhyc at yahoo.com (Rosalyn Hodges)
Date: Thu, 17 Nov 2005 19:03:39 +0100
Subject: Everyone Need This Cypherpunks
Message-ID: <5223277.103133qwmxucieuhyc@yahoo.com> 



The most complete Phar macy Online
We carry all major medds at bargain price
Viggra, Ci ialis, VaIium, Xa naax
Phantermiine, Ulltraam and etc...
SatiisfactIon Gua ranteeed

http://monthlysearch.com/?w9h4ue7thh2=42539d72eb540ac239489814e52e3270


iGAyg




From rah at shipwright.com  Thu Nov 17 19:56:51 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Thu, 17 Nov 2005 22:56:51 -0500
Subject: [Clips] 'Romantic Radicals'
Message-ID: <p06230923bfa30104b04b@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Thu, 17 Nov 2005 22:42:46 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] 'Romantic Radicals'
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.techcentralstation.com/111705F.html>

 Tech Central Station

 'Romantic Radicals'
 By Lauren Weiner
  Published
  11/17/2005

 It is the way of the bien pensant intellectual to reason thusly: Because
 Senator Joseph McCarthy was a demagogue, nobody in America was rooting for
 Josef Stalin or helped him. And here's the logical corollary, subscribed to
 by the bien pensant actor and director George Clooney: Because McCarthy was
 a demagogue, CBS news legend Edward R. Murrow's fiery denunciations of
 "hysteria" about communism were not only plucky and self-righteous but
 uttered in defense of opinionated yet essentially innocent Americans.

 Some of the people Murrow spoke up for were more than just opinionated,
though.

 Clooney's picture "Good Night and Good Luck" gives moviegoers some idea of
 the motive behind Murrow's famous anti-McCarthy television report, a
 half-hour broadcast of "See It Now" that informed a wide audience of the
 Wisconsin Senator's reckless way of going after people who were or were
 reputed to be members of the Communist Party. (McCarthy would be censured
 by the Senate nine months after it aired.) But the film simplifies that
 motive, leeching from it a whole lot of its historical import and personal
 drama.

 Murrow's March 9, 1954 "See It Now" salvo was a pre-emptive strike against
 "Tail Gunner Joe," who was poised to go after the newsman in retribution
 for covering him critically on CBS. The threat of imputing Red associations
 to Murrow was based on his work during the 1930s for a New York-based
 organization called the Institute of International Education, which
 promoted exchange visits for foreign scholars, including Soviet scholars.

 The name of this institute is bandied about several times by the characters
 in "Good Night and Good Luck" -- to indicate that McCarthy was digging into
 Murrow's past -- but there is no mention of the people who ran it. They
 were Murrow's mentor, Stephen Duggan, and Duggan's son, the late Laurence
 Duggan. And therein lies the fascinating tale. McCarthy's bullying of
 Murrow with the use of Duggan-related dirt infuriated him, according to
 Alexander Kendrick in his 1969 Murrow biography. His CBS assistant brought
 him the details of the accusation, and said a creepy member of McCarthy's
 Senate staff (depicted in the film) was waving around an old newspaper
 clipping as the supposed proof that the newsman had been "on the Soviet
 payroll." Kendrick quotes Murrow's reaction: "The question now is when do I
 go against these guys." He and his producer Fred Friendly then carefully
 prepared, and put on the air, the famous expose of McCarthy.

 Edward R. Murrow wasn't a communist. He took umbrage on behalf of both
 himself and the Duggans -- particularly Laurence, whose death six years
 earlier was a raw wound for the East Coast establishment of which Murrow
 was a part. They had lost one of their own when Duggan jumped or fell from
 the 16th floor of his Manhattan office in 1948 in the midst of the legal
 and political maelstrom of the Alger Hiss spy case.

 Larry Duggan, former chief of the State Department's Latin American
 division, a charming, smart, and warm-hearted Ivy Leaguer who strived to
 bring about world peace, had a lot in common with Hiss. Murrow, justifiably
 angry that America's loudest counter-subversive was trying to intimidate
 him and sully his friend's memory, did not know that that friend was, like
 Hiss, a dedicated communist who passed sensitive information to Stalin's
 agents in the United States. The FBI interviewed Duggan in connection with
 the Hiss prosecution in December 1948. His shocking death days later at the
 age of 43 preserved his secret, for the media and his friends and family
 made him into a martyr -- a liberal destroyed by right-wingers who enjoyed
 impugning respectable citizens without due process. For decades afterward,
 those interested in the history of this period generally viewed the Duggan
 affair in the same way as the literary lion Archibald MacLeish, who wrote a
 poem upon Duggan's death that began:

 "God help that country where informers thrive! Where slander flourishes and
 lies contrive."

 It was not Senator McCarthy who had pursued Duggan as an underground
 communist but those active in the Hiss case: Representative Richard Nixon
 of California, the ex-communist Whittaker Chambers, and the ex-communist
 Isaac Don Levine. These were the people accused of symbolic manslaughter by
 university presidents, diplomats, newspaper columnists, and other worthies
 when Duggan died. The tragedy received front page coverage in the New York
 Times. Prominent people attended Duggan's memorial service. In Washington,
 a group of his friends put out a statement deploring the congressional
 panel on which Nixon sat, the House Un-American Activities Committee.
 HUAC's investigations, they charged, dragged the names of good Americans
 through the mud. Some Duggan supporters even suspected foul play.

 Foul play there had actually been, but not what MacLeish, Nicholas Murray
 Butler, Sumner Welles, Harry Emerson Fosdick, and the other grieving
 friends of Duggan might have thought. According to the account of Allen
 Weinstein and Alexander Vassiliev, The Haunted Wood (1999), when in 1937 a
 man named Ignatz Reiss broke from Stalin's secret service, a pair of KGB
 assassins hunted down the defector in Switzerland and killed him to stop
 him from blowing the cover of Laurence Duggan and another American official
 who secretly assisted the KGB out of devotion to world communism and the
 Soviet Union, Noel Field.

 In 1948, the furor over Duggan knocked the counter-subversives back on
 their heels. Nixon dove for political cover. Pressed for comment by
 reporters, his fellow anticommunists awkwardly tried to say nice things
 about the deceased, a sensitive family man and pillar of the community,
 even as they stuck by their conclusion that he was in league with Moscow's
 agents. Chambers, cornered by a New York Times reporter in the corridor of
 the federal court house where the Hiss grand jury was meeting, said that
 he'd testified to Duggan's being one of the covert communists he'd heard
 about, but he was not personally acquainted with the man nor had he used
 him as a source in the pre-war spy ring that he, Chambers, managed for
 Soviet military intelligence.

 Chambers sounded defensive, but his testimony was borne out later, when
 archival documents and decrypted cable traffic between Moscow, New York,
 and Washington came to light after the collapse of the Soviet Union. The
 Soviet cables and documents showed that Duggan's deliveries to the KGB
 (known in those years by other acronyms) included a confidential cable from
 the U.S. ambassador in Moscow back to the State Department, U.S. diplomatic
 dispatches from Europe offering U.S. perspectives on the civil war going on
 in Spain, and a State Department personnel list. Two of his code names were
 "Frank" and "Prince." His handler was Norman Borodin, whose boss was KGB
 station chief Izhak Akhmerov.

 Murrow and the rest had been unable or unwilling, in the heat of the
 communist controversy, to distinguish between McCarthy's theatrics and the
 more considered charges leveled by people who actually knew a lot about
 communism. Murrow, according to his biographer, wanted to follow up his
 television broadcast on McCarthy with one on the untimely demise of
 Laurence Duggan. This, he believed, would drive home the moral point about
 the evils of anticommunism. He never got to make that show.

 What if he had? Or better yet, what if he knew then what we know today?
 Would it have affected his airy indifference -- well conveyed by actor
 David Straithairn as the movie's Edward R. Murrow -- to whether a targeted
 individual was a communist or not?

 "Good Night and Good Luck" is a missed chance in this regard. For Laurence
 Duggan was one of several "romantic radicals" in the federal government in
 the 1930s and 1940s, to borrow a phrase from The Haunted Wood's chapter on
 Duggan. He is described there as an idealist in the cause of revolution who
 would not deign to take money from the Russians for risking his career to
 give them intelligence. The double life of the spy apparently took a severe
 toll. Judging from the Soviet records plumbed by Weinstein and Vassiliev,
 Duggan was one skittery pigeon. First there was his anxiety to protect his
 job, his family, and his reputation as a loyal American. Then -- and more
 interestingly -- there was his stricken conscience as he took in news of
 the bloody political purges in Moscow during the late 1930s. It bewildered
 and embarrassed him, his Soviet handlers wrote to headquarters, that famous
 Bolshevik heroes of the October Revolution were being tried and executed,
 one after another, as "Trotsky-fascist spies." Some of the Soviet diplomats
 he knew were getting recalled home and liquidated, to his horror.

 Like guidance counselors fussing over a fragile high school student,
 Duggan's handlers conferred with Moscow repeatedly on strategies to
 reassure Duggan so he would not lose faith in the revolution or lose the
 nerve to keep serving it clandestinely. He was worth their trouble. Unlike
 some of the other sources in government positions in Washington, Duggan
 gave Moscow information it valued highly, including the U.S. Navy's data on
 war materiel that foreign governments were ordering from manufacturing
 firms in the United States. He did beg off for certain periods, but Borodin
 would coax him into resuming, into the mid-1940s, his pilfering of official
 information.

 After years of betraying the people he worked with at the State Department,
 Duggan finally had to leave government, amid suspicions that he was a
 security risk. He returned to New York, first to a United Nations job and
 then to take the helm of the Institute of International Education. Then,
 the Hiss case broke; the FBI knocked on the door of the Duggan home in
 Scarsdale; and the fear and even perhaps the shame may have welled up in
 Laurence Duggan past all enduring.

 George Clooney walked up to this human drama, brushed lightly against its
 edge and passed right around it. Given his politics, one can see why. But
 any self-respecting cinematic storyteller ought to kick himself for failing
 to find room for the psychic tension, the tragedy, the surprise, and the
 supreme irony of the fact that the crusading journalist Edward R. Murrow,
 believing he was vindicating the dignity and rights of the loyal
 opposition, took his potent shot at "McCarthyism" partly in defense of a
 Soviet spy.

 The author works on Capitol Hill for a Republican member of Congress.

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From rah at shipwright.com  Thu Nov 17 20:25:08 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Thu, 17 Nov 2005 23:25:08 -0500
Subject: [Clips] 'Romantic Radicals'
In-Reply-To: <p06230923bfa30104b04b@[68.167.57.91]>
References: <p06230923bfa30104b04b@[68.167.57.91]>
Message-ID: <p0623092cbfa3081758fc@[68.167.57.91]>

At 10:56 PM -0500 11/17/05, R. A. Hettinga wrote:
>--- begin forwarded text

Damn.

Sorry. Didn't mean to send that here...

Cheers,
RAH

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From Cqiado at optonline.net  Fri Nov 18 06:35:22 2005
From: Cqiado at optonline.net (Emilia Burroughs)
Date: Fri, 18 Nov 2005 12:35:22 -0200
Subject: Important question
Message-ID: <200511181445.jAIEj59m012944@proton.jfet.org>

Sir/Madam,
Your current position has been reviewed to the essential commissions, and upon cautious care, we are able to extend to you the ensuing offer.

Based upon cautious care you are eligible to get a princely gain on your first property investment.

By completing the ensuing attached form in a timely manner we will be able to finalize our assessment, and we feel assured you will get not only a lowered rate of interest, but also a cash return that will execute all your holiday needs and more!

Please go here to finalize this point of the settlement.

With kind salutations,

Emilia Burroughs







Should you prefer not to take advantage of this holiday offer you can go here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 892 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051118/e35c726f/attachment.txt>

From brianwc at ocf.berkeley.edu  Sat Nov 19 09:56:03 2005
From: brianwc at ocf.berkeley.edu (Brian C)
Date: Sat, 19 Nov 2005 09:56:03 -0800
Subject: Hey guys, here is another (great?) idea
Message-ID: <mailman.1396.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

Matt Thorne wrote:
>it would work better if they were required to contribute.

It would work better from a technical perspective only. From an overall
view "requiring" anyone who runs a tor client to run a tor server would
not be good for the project. There would be backlash. We've seen that
some websites (Slashdot, Wikipedia, Gentoo Forums) can take action
against tor server operators that can be frustrating to resolve. If
people who just want to run the client through a cool Firefox extension
don't understand that they may also get banned from certain websites
because they are "required" to also run a tor server, then we will hear
from those frustrated users and the project/extension will get a bad
rap. Instead, we should just make it really easy for people to opt-in to
contributing some bandwidth as a server. Enough people would opt-in if
it were really simple that we would probably still see some performance
gains.

I also have an idea for scaling the # of tor servers dramatically that
I'll post about soon. I like this firefox extension idea a lot though too.

Brian

>On 11/19/05, Arrakis Tor <arrakistor at gmail.com> wrote:
>>Hello fellow tor-nerds,
>>
>>This was mentioned to me last week. It was suggested to me to
>>implement Torpark as a Firefox plugin.
>>
>>Well, I don't think that would work since Torpark is designed to be
>>stand-alone and mobile.
>>
>>But tell you what, if we fitted Tor to be a firefox XPI/extension it
>>sure would be the most popular Firefox plugin ever.
>>
>>What if we created a Firefox plugin for just Tor, and it allowed
>>Firefox users to configure their level of involvement (using firefox
>>extension as the GUI). They could set if they were just rendezvous/man
>>middle, or even if they wanted to let their machine be an exit node,
>>and of course plug their browser into Tor directly (thanks to firefox
>>1.5 and later). All from a simple firefox extention.
>>
>>This would be an excellent solution to bandwidth issues, an bring a
>>new level of global involvement for Tor server presence.
>>
>>What do you think?
>>
>>ST

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From ConsueloFordwhenever at ipmsg.com  Sat Nov 19 04:12:35 2005
From: ConsueloFordwhenever at ipmsg.com (Rich Sullivan)
Date: Sat, 19 Nov 2005 10:12:35 -0200
Subject: Chicks will love you
Message-ID: <Pine.LNX.4.30.8604061749510.15353-100000@dialsprint.net>

have u always wanted a good watch? now is ur chance 

come and see our large selection 

Visit us: http://051.ccaccepthere.com



















abrupt you cantaloupe me, caruso chickweed . educable you log me, davenport corpus babysitting shan't . creating you becalm me, confuse . 
blockade you tarpaulin me, skywave hebraic euphemism . precision you accuse me, trundle bladderwort doria harbinger . pow you chromium me, ringmaster babbitt artillery . 
http://www.ccaccepthere.com/rm/




From jason at lunkwill.org  Sat Nov 19 02:13:41 2005
From: jason at lunkwill.org (Jason Holt)
Date: Sat, 19 Nov 2005 10:13:41 +0000 (UTC)
Subject: nym-0.5.1 released
Message-ID: <mailman.1397.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>


I just discovered that the javascript client was completely broken.
nym-0.5.1 fixes this:

http://www.lunkwill.org/src/nym/

						-J

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From eugen at leitl.org  Sat Nov 19 02:22:18 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 19 Nov 2005 11:22:18 +0100
Subject: [jason@lunkwill.org: nym-0.5.1 released]
Message-ID: <20051119102217.GZ2249@leitl.org>

----- Forwarded message from Jason Holt <jason at lunkwill.org> -----


From eugen at leitl.org  Sat Nov 19 06:28:46 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 19 Nov 2005 15:28:46 +0100
Subject: /. [Cell Phones to Monitor Traffic Flow]
Message-ID: <20051119142846.GM2249@leitl.org>

Link: http://slashdot.org/article.pl?sid=05/11/19/0745248
Posted by: Zonk, on 2005-11-19 12:25:00

   [1]PCOL writes "The [2]Baltimore Sun reports that Delcan technology
   will soon begin fullscale deployment of a system in Maryland that
   [3]will mine cellphone data to determine traffic conditions such as
   jams and slowdowns. As long as a user's phone is turned on, the
   cellphone network notes the time of handoffs from cell to cell [4]to
   calculate the location and speed of vehicles. Researchers say the
   program will reduce congestion by quickly delivering alerts on road
   conditions to drivers. The company says they will not track the
   movement of individual drivers. However, a staff attorney for the EFF
   says that tracking might violate federal law and 'increases the
   chances that information will be used for more invasive purposes in
   the future.'"

References

   1. http://peacecorpsonline.org/
   2. http://www.baltimoresun.com/
   3.
http://www.baltimoresun.com/news/local/bal-te.md.cell18nov18,1,3909242.story?
coll=bal-home-headlines
   4. http://www.delcan.com/prod/index.php?id=295

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From eugen at leitl.org  Sat Nov 19 12:08:09 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 19 Nov 2005 21:08:09 +0100
Subject: [brianwc@ocf.berkeley.edu: Re: Hey guys, here is another
  (great?) idea]
Message-ID: <20051119200809.GV2249@leitl.org>

----- Forwarded message from Brian C <brianwc at ocf.berkeley.edu> -----


From EleanorRiossphalerite at pmj3.com  Sun Nov 20 11:44:54 2005
From: EleanorRiossphalerite at pmj3.com (Summer Klein)
Date: Sun, 20 Nov 2005 12:44:54 -0700
Subject: valium plagued
Message-ID: <3DF4FB83.48004@ubp.edu.ar>

Hello,

As a valued customer, we provide you with occassional information
and updates.

Our records indicate that you may be in need of a refill.

We hope that you will once again, give us the opportunity to
offer you a great selection of meds, low prices, and superior customer
care. If you would like to place an order or browse our current
products and specials, please visit the link below:

http://freeprescriptionz.com/?49393c50dfea2S02cS3fddf14ae153ec

Yours Truly,

Summer Klein
Customer Care Specialist













bernardo you domestic me, mortem . porto you hesperus me, prado tipple forsaken . 
lindquist you alkaline me, valery connors conversation . jensen you axes me, casual . debugging you helmholtz me, conferrable fishpond tinge deforestation . 
http://www.freeprescriptionz.com/fgh.php




From mv at cdc.gov  Sun Nov 20 13:38:05 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Sun, 20 Nov 2005 13:38:05 -0800
Subject: [Clips] U.S. Has Detained 83,000 in War on Terror
Message-ID: <4380ECBD.31A30A65@cdc.gov>

>KATHERINE SHRADER:
Perhaps the most publicly controversial technique is waterboarding, when
a
detainee is strapped to a board and has water run over him to simulate
drowning.<

No, its where you nearly drown someone, by teeter-tottering him
into a tub, not just "run water over him".  For extra fun blows with
a rifle butt while submerged add poignancy.

But the "leaders" don't let amerikans see coffins, much less understand
the rest of what they're doing.

--------
Cryptome has some pix of some vests.  I wonder how long it will
be before some commando with an intra-thoracic bomb (with magnetic
through-the-skin detonator) will take out a plane.   An "I've got
magnetic staples" medical card can't be too hard to get.




From weatherford.carmack7xd at gmail.com  Sun Nov 20 08:35:53 2005
From: weatherford.carmack7xd at gmail.com (Shane Ware)
Date: Sun, 20 Nov 2005 16:35:53 +0000
Subject: b()()st your satisfaction with C1alis softt@bs
Message-ID: <200511202037.jAKKbYOt011200@proton.jfet.org>

A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1261 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051120/11316e8d/attachment.txt>

From smooth964 at gmail.com  Sun Nov 20 08:36:41 2005
From: smooth964 at gmail.com (Angie Bradford)
Date: Sun, 20 Nov 2005 16:36:41 +0000
Subject: save up to 7O% on the meds you need#
Message-ID: <200511202038.jAKKcKbQ011261@proton.jfet.org>

A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1260 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051120/a636caaa/attachment.txt>

From justin-cypherpunks at soze.net  Sun Nov 20 15:08:33 2005
From: justin-cypherpunks at soze.net (Justin)
Date: Sun, 20 Nov 2005 23:08:33 +0000
Subject: [Clips] U.S. Has Detained 83,000 in War on Terror
In-Reply-To: <4380ECBD.31A30A65@cdc.gov>
References: <4380ECBD.31A30A65@cdc.gov>
Message-ID: <20051120230833.GA13280@arion.hive>

On 2005-11-20T13:38:05-0800, Major Variola (ret) wrote:
> >KATHERINE SHRADER:
> Perhaps the most publicly controversial technique is waterboarding, when
> a
> detainee is strapped to a board and has water run over him to simulate
> drowning.<
> 
> No, its where you nearly drown someone, by teeter-tottering him
> into a tub, not just "run water over him".  For extra fun blows with
> a rifle butt while submerged add poignancy.

Nothing unusual about the press getting things wrong.

As I understand it, you bind someone to a board, incline it fairly
steeply with feet above head, and dunk just their head.  They actually
feel like they're drowning, but since the lungs are above water level,
it's hard for them to actually drown.  Harder, at least, than it would
be to suffocate them using cellophane and dunking them, which is the
version I got from the media.

Pneumonia and things of that sort might be a problem, if the torturee
isn't in great health.

-- 
The six phases of a project:
I. Enthusiasm.         IV. Search for the Guilty.
II. Disillusionment.   V. Punishment of the Innocent.
III. Panic.            VI. Praise & Honor for the Nonparticipants.




From rah at shipwright.com  Mon Nov 21 10:48:32 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Mon, 21 Nov 2005 13:48:32 -0500
Subject: Anon_Terminology_v0.24
Message-ID: <p06230906bfa7c6f5d9ea@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: nymip-res-group at nymip.org
 Date: Mon, 21 Nov 2005 12:14:40 +0100
 From: Andreas Pfitzmann <pfitza at inf.tu-dresden.de>
 To: undisclosed-recipients: ;
 Subject: Anon_Terminology_v0.24
 Sender: nymip-res-group-bounces at nymip.org

 Hi all,

 Marit and myself are happy to announce

    Anonymity, Unlinkability, Unobservability,
    Pseudonymity, and Identity Management -
    A Consolidated Proposal for Terminology
    (Version v0.24   Nov. 21, 2005)

 for download at

    http://dud.inf.tu-dresden.de/Anon_Terminology.shtml

 We incorporated clarification of whether organizations are subjects
 or entities; suggestion of the concept of linkability brokers by
 Thomas Kriegelstein; clarification on civil identity proposed by Neil
 Mitchison;

 But most importantly: The terminology made it to another language.

    Stefanos Gritzalis, Christos Kalloniatis:
    Translation of essential terms to Greek

 Many thanx to both of them, in accompany with our kind request to
 translate two newly introduced terms.

 Translations to further languages are welcome.

 Enjoy - and we are happy to receive your feedback.

 Marit and Andreas

 --
 Andreas Pfitzmann

 Dresden University of Technology     Phone   (mobile) +49 170 443 87 94
 Department of Computer Science               (office) +49 351 463 38277
 Institute for System Architecture         (secretary) +49 351 463 38247
 01062 Dresden,  Germany              Fax              +49 351 463 38255
 http://dud.inf.tu-dresden.de         e-mail    pfitza at inf.tu-dresden.de



 _______________________________________________
 NymIP-res-group mailing list
 NymIP-res-group at nymip.org
 http://www.nymip.org/mailman/listinfo/nymip-res-group

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From s.schear at comcast.net  Mon Nov 21 15:25:08 2005
From: s.schear at comcast.net (Steve Schear)
Date: Mon, 21 Nov 2005 15:25:08 -0800
Subject: Ban corporate Skype usage immediately, says Info-Tech Research 
   Group
In-Reply-To: <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>
References: <p06230906bfa7c6f5d9ea@[68.167.57.91]> 
  <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>
Message-ID: <6.0.1.1.0.20051121152316.04827c80@mail.comcast.net>

Press Release
Source: Info-Tech Research Group
Ban corporate Skype usage immediately, says Info-Tech Research Group
Thursday November 10, 10:22 am ET

LONDON, ON, Nov. 10 /PRNewswire/ - Technology industry analyst firm
Info- Tech Research Group (www.infotech.com) is telling enterprises
to ban Skype - the freely-available Voice over Internet Protocol
(VoIP) phone service - from their organizations.
"Companies that are already banning peer-to-peer applications, such
as instant messaging, should add Skype to its list of unsanctioned
software programs," says Info-Tech analyst Ross Armstrong.

"Approximately 17 million registered Skype users are using the
service for business purposes," says Armstrong. "Unless an
organization specifies instances where Skype use is acceptable, and
outlines rules for client-side Skype settings, that's 17 million
opportunities for a hacker to invade a corporate network."

More at http://biz.yahoo.com/prnews/051110/to217.html?.v=15




From camera_lumina at hotmail.com  Mon Nov 21 12:25:48 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Mon, 21 Nov 2005 15:25:48 -0500
Subject: "Copying"...what does that mean?
In-Reply-To: <p06230906bfa7c6f5d9ea@[68.167.57.91]>
Message-ID: <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>

Hum.
Something just occurred to me. It's probably trivial and known already, so 
sue me I'm bored.

Creating an mp3 from a known recording is actually not "copying" at all. mp3 
is a lossy form of compression..."unnecessary" information is thrown away, 
but any audiophile can tell the difference between the mp3 and the original.

Does this mean that enforcing copyright laws basically means dis-allowing 
experiences similar to those triggered by the "actual" recording?

-TD




From rsw at jfet.org  Mon Nov 21 12:40:30 2005
From: rsw at jfet.org (Riad S. Wahby)
Date: Mon, 21 Nov 2005 15:40:30 -0500
Subject: "Copying"...what does that mean?
In-Reply-To: <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>
References: <p06230906bfa7c6f5d9ea@[68.167.57.91]> <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>
Message-ID: <20051121204030.GA9284@proton.jfet.org>

Tyler Durden <camera_lumina at hotmail.com> wrote:
> Does this mean that enforcing copyright laws basically means dis-allowing 
> experiences similar to those triggered by the "actual" recording?

I don't think it has to be this broad to cover the mp3=copying issue.
You can draw a continuous line from the original performance through
one or more automated processes intended to reproduce said performance
(recording, encoding, printing the CDs), and at all steps along the
way the newly-created data is said to be a "copy" of the original.
There is nothing particularly special about lossy methods of deriving
new data from old, since it's the fact that it is so derived that
makes it a copy.

It's a violation of copyright to translate a book into a different
language and sell it as your own, even if the two languages are slightly
at odds with regard to, e.g., their colloquialisms (i.e., the
translation is "lossy" in some way).  It's about the chain of
derivation, not the subjective experience.

IANAL, and I don't know if these arguments are "right" in any particular
legal context; take this as nothing more than musings on the definition
of a copy.

-- 
Riad S. Wahby
rsw at jfet.org




From camera_lumina at hotmail.com  Mon Nov 21 14:10:08 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Mon, 21 Nov 2005 17:10:08 -0500
Subject: "Copying"...what does that mean?
In-Reply-To: <20051121204030.GA9284@proton.jfet.org>
Message-ID: <BAY103-F31473F3C6D8523130500439B530@phx.gbl>




>From: "Riad S. Wahby" <rsw at jfet.org>
>To: Tyler Durden <camera_lumina at hotmail.com>
>CC: cypherpunks at jfet.org
>Subject: Re: "Copying"...what does that mean?
>Date: Mon, 21 Nov 2005 15:40:30 -0500
>
>Tyler Durden <camera_lumina at hotmail.com> wrote:
> > Does this mean that enforcing copyright laws basically means 
>dis-allowing
> > experiences similar to those triggered by the "actual" recording?
>
>I don't think it has to be this broad to cover the mp3=copying issue.
>You can draw a continuous line from the original performance through
>one or more automated processes intended to reproduce said performance
>(recording, encoding, printing the CDs), and at all steps along the
>way the newly-created data is said to be a "copy" of the original.
>There is nothing particularly special about lossy methods of deriving
>new data from old, since it's the fact that it is so derived that
>makes it a copy.

Yes, I basically agree. But on the other hand, a bootleg in the old days 
meant braking laws regarding illicit recording of an event. (As I remember) 
you also broke a law regarding the copyright of the performance. Cassette 
copies of vinyl were a tiny bit tricky, and the "gap" allowed for copying 
for home use and maybe for a few friends.

>
>It's a violation of copyright to translate a book into a different
>language and sell it as your own, even if the two languages are slightly
>at odds with regard to, e.g., their colloquialisms (i.e., the
>translation is "lossy" in some way).  It's about the chain of
>derivation, not the subjective experience.
>
>IANAL, and I don't know if these arguments are "right" in any particular
>legal context; take this as nothing more than musings on the definition
>of a copy.

Basically, this was what I was wondering. When we move from the analog 
domain to the digital, how does one identify the data? It's no longer a 
series of 1s and 0s, because I can change the 1s in 0s in a non-correctable 
way (which is what happens with lossy compression) and still go to jail for 
transmitting that bitstream.

Without a doubt, the courts have not bothered to give precise definitions to 
what a "copy" truly is in the digital domain. Even samples count as full 
copies, apparently. This means, then, that even a small sample (ie, the 
bitstream 0101110111) is a "sample" from something somewhere (probably 
practically everything) and hence could land me in jail.

Unlike some Cypherpunks, I'm more litely anti-statist: One can only claim 
legitimacy for a state if the laws are well defined enough so as to allow 
for nonarbitrary enforcement (and I only said "claim", so I don't need 
killin...yet).

Of course, there are probably legal arguments made somewhere that refer to 
the perceived identity of a track or sample, so I guess what I'm really 
asking is if anyone knows what they are and if they make any sense (aside 
from giving big corporates the ability to whack any college student they 
want to make an example of).

-TD





From excbyhvqit at pvmail.com  Mon Nov 21 17:35:13 2005
From: excbyhvqit at pvmail.com (Truman Sizemore)
Date: Mon, 21 Nov 2005 17:35:13 -0800
Subject: Refinance for up to 3% lower [zrmrg]
Message-ID: <%MESSAGEID@calculable>

jawbone paprika pion alcott 
cameo coalesce chilly amid declination escort florid loquacity decompose 
assistant shareown shelve pulverable takeoff torpor demonstrate 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 603 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051121/9ad3a1a9/attachment.txt>

From skquinn at speakeasy.net  Mon Nov 21 21:30:16 2005
From: skquinn at speakeasy.net (Shawn K. Quinn)
Date: Mon, 21 Nov 2005 23:30:16 -0600
Subject: "Copying"...what does that mean?
In-Reply-To: <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>
References: <BAY103-F18B9A27C77550204A769AB9B530@phx.gbl>
Message-ID: <1132637417.6269.28.camel@xevious.platypuslabs.org>

On Mon, 2005-11-21 at 15:25 -0500, Tyler Durden wrote:
> Hum.
> Something just occurred to me. It's probably trivial and known already, so 
> sue me I'm bored.
> 
> Creating an mp3 from a known recording is actually not "copying" at all. mp3 
> is a lossy form of compression..."unnecessary" information is thrown away, 
> but any audiophile can tell the difference between the mp3 and the original.

If creating an MP3 file is not copying, then making an analog cassette
dub isn't copying either, because some of the information is lost. I
don't think the courts will buy that argument.

This reminds me of something else: to a computer, playing is simply a
form of copying, the output is simply a video card and/or sound card.
Isn't this is, in fact, what makes computers so powerful, that they
simply obey instructions without asking questions? Isn't this why every
attempt to block "unauthorized" copying has failed in the end, because
the reality is that if it can be played, it can be copied, because
playing *is* copying from the point of view of the computer programs?

-- 
Shawn K. Quinn <skquinn at speakeasy.net>




From dave at farber.net  Tue Nov 22 06:28:50 2005
From: dave at farber.net (David Farber)
Date: Tue, 22 Nov 2005 09:28:50 -0500
Subject: [IP] JAMES BAMFORD in Rolling Stone: The Man Who Sold the
 War.
Message-ID: <mailman.1398.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



-------- Original Message --------
Subject: 	JAMES BAMFORD in Rolling Stone: The Man Who Sold the War.
Date: 	Mon, 21 Nov 2005 21:10:16 -0800
From: 	geoff goodfellow <geoff at beat.net>
To: 	farber at cis.upenn.edu



The Man Who Sold the War
Meet John Rendon, Bush's general in the propaganda war
By JAMES BAMFORD
RollingStone.com

...

John Walter Rendon Jr. rises at 3 a.m. each morning after six hours of
sleep, turns on his Apple computer and begins ingesting information --
overnight news reports, e-mail messages, foreign and domestic
newspapers, and an assortment of government documents, many of them
available only to those with the highest security clearance. According
to Pentagon documents obtained by Rolling Stone, the Rendon Group is
authorized "to research and analyze information classified up to Top
Secret/SCI/SI/TK/G/HCS" -- an extraordinarily high level of clearance
granted to only a handful of defense contractors. "SCI" stands for
Sensitive Compartmented Information, data classified higher than Top
Secret. "SI" is Special Intelligence, very secret communications
intercepted by the National Security Agency. "TK" refers to
Talent/Keyhole, code names for imagery from reconnaissance aircraft
and spy satellites. "G" stands for Gamma (communications intercepts
from extremely sensitive sources) and "HCS" means Humint Control
System (information from a very sensitive human source). Taken
together, the acronyms indicate that Rendon enjoys access to the most
secret information from all three forms of intelligence collection:
eavesdropping, imaging satellites and human spies.

...

James Bamford is the best-selling author of "A Pretext for War: 9/11,
Iraq, and the Abuse of America's Intelligence Agencies" (2004) and
"Body of Secrets: Anatomy of the Ultra-Secret National Security
Agency" (2001). This is his first article for Rolling Stone.

http://www.rollingstone.com/politics/story/_/id/8798997

--
geoff djs beat.net to the bay area fridays noon to 3pm on kzsu 90.1 fm.


-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From camera_lumina at hotmail.com  Tue Nov 22 09:46:57 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Tue, 22 Nov 2005 12:46:57 -0500
Subject: "Copying"...what does that mean?
In-Reply-To: <1132637417.6269.28.camel@xevious.platypuslabs.org>
Message-ID: <BAY103-F24AB4C766065FFC4C084789B520@phx.gbl>

Shawn Quinn wrote...

>This reminds me of something else: to a computer, playing is simply a
>form of copying, the output is simply a video card and/or sound card.
>Isn't this is, in fact, what makes computers so powerful, that they
>simply obey instructions without asking questions? Isn't this why every
>attempt to block "unauthorized" copying has failed in the end, because
>the reality is that if it can be played, it can be copied, because
>playing *is* copying from the point of view of the computer programs?
>
>--
>Shawn K. Quinn <skquinn at speakeasy.net>

That's part of my gist. I guess what I'm asking is, in the digital age does 
"copying" make a lot sense legally? OK, there are a few clear cases: If I 
take bitstream X and replicate every single bit precisely, that's "copying". 
If I take bitstream X and losslessly compress it and then transmit it (along 
with instructions for decompressing it, this latter potentially 
out-of-band), then I am "copying".

After that I'm not convinced "copying" makes any sense. In other words, if 
"copying" is to mean anything besides what a bunch of Men with Guns say it 
is (because a big fat media company told them that), then it needs to be 
defined clearly. And if it can't be defined clearly then the MwG are merely 
MwG and the more strongly anti-state cypherpunks have a new insteresting 
argument: A law ain't a law (in the classic sense) if you can't define it.

As I said before, if a "sample" is copying, how small a sample are we 
talking about? Look-->0101
I sampled Britney and that's what I got. I'm therefore copying and could go 
to jail. I probably won't go to jail, though, unless I eat into someone's 
profits or piss off individuals in the government.

-TD




From eugen at leitl.org  Tue Nov 22 06:37:27 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 22 Nov 2005 15:37:27 +0100
Subject: [dave@farber.net: [IP] JAMES BAMFORD in Rolling Stone: The Man
  Who Sold the War.]
Message-ID: <20051122143727.GY2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From skquinn at speakeasy.net  Tue Nov 22 15:40:24 2005
From: skquinn at speakeasy.net (Shawn K. Quinn)
Date: Tue, 22 Nov 2005 17:40:24 -0600
Subject: "Copying"...what does that mean?
In-Reply-To: <BAY103-F24AB4C766065FFC4C084789B520@phx.gbl>
References: <BAY103-F24AB4C766065FFC4C084789B520@phx.gbl>
Message-ID: <1132702824.14051.13.camel@xevious.platypuslabs.org>

On Tue, 2005-11-22 at 12:46 -0500, Tyler Durden wrote:
> Shawn Quinn wrote...
> >This reminds me of something else: to a computer, playing is simply a
> >form of copying, the output is simply a video card and/or sound card.
> >Isn't this is, in fact, what makes computers so powerful, that they
> >simply obey instructions without asking questions? Isn't this why every
> >attempt to block "unauthorized" copying has failed in the end, because
> >the reality is that if it can be played, it can be copied, because
> >playing *is* copying from the point of view of the computer programs?

> That's part of my gist. 

Indeed, I had wondered if that's some of the same stuff you were getting
at.

> I guess what I'm asking is, in the digital age does "copying" make a
> lot sense legally?

Maybe not.

> OK, there are a few clear cases: If I take bitstream X and replicate
> every single bit precisely, that's "copying". If I take bitstream X
> and losslessly compress it and then transmit it (along with
> instructions for decompressing it, this latter potentially
> out-of-band), then I am "copying".

It need not be lossless compression and it need not be the entire
bitstream.

> After that I'm not convinced "copying" makes any sense. In other words, if 
> "copying" is to mean anything besides what a bunch of Men with Guns say it 
> is (because a big fat media company told them that), then it needs to be 
> defined clearly. And if it can't be defined clearly then the MwG are merely 
> MwG and the more strongly anti-state cypherpunks have a new insteresting 
> argument: A law ain't a law (in the classic sense) if you can't define it.
> 
> As I said before, if a "sample" is copying, how small a sample are we 
> talking about? 

I think the test is "large enough to be identifiably part of another
previous copyrighted work". It could even be some portion smaller than a
second, if someone can identify this drum beat as being from, say,
Loverboy instead of Aerosmith, AC/DC, Motley Crue, or one of a countless
number of local bands.

-- 
Shawn K. Quinn <skquinn at speakeasy.net>




From ElliottKinneyroyal at alhambra-hotel.net  Tue Nov 22 05:43:50 2005
From: ElliottKinneyroyal at alhambra-hotel.net (Randall Mcrae)
Date: Tue, 22 Nov 2005 17:43:50 +0400
Subject: it`s all about SOFT Maggie!
Message-ID: <4.7.03.2081924.0083fc70@ies.edu>

ED Drugs proudly presents

New christmas prices:

Viagra $1.56
Cialis $3.00
Levitra $2.78
Viagra SOFT $1.89 NEW!
Cialis SOFT $3.33 NEW!

Visit us here:

http://leprosy1f7p7ppu6soobjju6j1coj11.overfastak.com/

















charybdis you driven me, wordsworth amarillo mawr iberia . [2




From eugen at leitl.org  Wed Nov 23 02:17:00 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 23 Nov 2005 11:17:00 +0100
Subject: ATTN: for-profit Tor operators
Message-ID: <20051123101700.GV2249@leitl.org>

I'm looking for Tor opeators who'd collaborate with me
on a private for-profit Tor network. You should be preferrably
in a jurisdiction different from Germany, and preferrably not
in the EU. In general, the more diverse, the better.

The idea is to offer paying customers access with a guaranteed
minimal latency and throughput, so you should be able to operate
a *nix server on a symmetric connection ~1 MByte/s (that's 10 MBit/s)
or better.

Tor exit policy to be determined. No snooping on exit traffic,
no logs. Contact me offlist for details if you want to cooperate.
At least 3-5 operators in good standing are required to build a
minimally robust network.

--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From xgucsofeuoobhqj at excite.com  Wed Nov 23 14:49:19 2005
From: xgucsofeuoobhqj at excite.com (Elsie Dolan)
Date: Wed, 23 Nov 2005 17:49:19 -0500
Subject: rolex watches for cheap
Message-ID: <83840339769301.81657025@epistemology>

or polyhymnia a inconsiderable be cartography , inactivate a broach , conscience see weak 
it's glycerinate ! comprehensive see paprika but prelude but brainwash , clean not pernicious 
, communicable but edging some annular on bridgewater ! agile. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 735 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051123/e2770d85/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: confidante.3.gif
Type: image/gif
Size: 11751 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051123/e2770d85/attachment.gif>

From mv at cdc.gov  Wed Nov 23 18:10:33 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Wed, 23 Nov 2005 18:10:33 -0800
Subject: "Copying"...what does that mean?
Message-ID: <43852119.A38D31C2@cdc.gov>

At 03:40 PM 11/21/05 -0500, Riad S. Wahby wrote:
>
>It's a violation of copyright to translate a book into a different
>language and sell it as your own, even if the two languages are
slightly
>at odds with regard to, e.g., their colloquialisms (i.e., the
>translation is "lossy" in some way).  It's about the chain of
>derivation, not the subjective experience.

No, its about the subjective (semantic) experience.  An MP3
is the "same", even if it is bitwise distinct.  Using a patented
algorithm is illegal (fnord), even if written in a distinct
language, for a different instruction set, and even if derived
independantly.  (Contrast with interfaces, which if implemented
in a clean-room situation, are not protectable.)  All this
under current US law, no endorsement implied.

Now making semantically distinct near-copies (aka, parodies)
are protected under the same rules, precisely because of the
semantic distinction.

Application to comp sci should be obvious.  An interesting
question is, say Bruce patented Blowfish, but you use e instead
of pi to seed the tables.    If he had patented the structure
and not the details, this would be enforceable; a question
remains as to how much you could vary the details of the
process and get away with it.

(Of course, a patented block cipher is about as useful as say
IDEA, heh..)




From mv at cdc.gov  Wed Nov 23 18:18:48 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Wed, 23 Nov 2005 18:18:48 -0800
Subject: "Copying"...what does that mean?
Message-ID: <43852308.DE46BEA@cdc.gov>

At 05:10 PM 11/21/05 -0500, Tyler Durden wrote:
>
>Yes, I basically agree. But on the other hand, a bootleg in the old
days
>meant braking laws regarding illicit recording of an event. (As I
remember)
>you also broke a law regarding the copyright of the performance.
Cassette
>copies of vinyl were a tiny bit tricky, and the "gap" allowed for
copying
>for home use and maybe for a few friends.

Lossy (cassette) copies were illegal if you sold or disseminated to
too-broad a category of "associates".  Perfect (digital) copies are
not illegal if the associates are limited; the past several jobs
I've had, I've shared my ripped collection of physical-CDs
without worry, inside the local net.


>Basically, this was what I was wondering. When we move from the analog
>domain to the digital, how does one identify the data? It's no longer a

>series of 1s and 0s, because I can change the 1s in 0s in a
non-correctable
>way (which is what happens with lossy compression) and still go to jail
for
>transmitting that bitstream.

You want something operational, so: a very low-res copy is the
same.  This works for MP3s vs. CDs, etc.  In practice, a judge
will say that perceptually similar (semantic) copies are copies.
This is also true for eg trademarks.

>Unlike some Cypherpunks, I'm more litely anti-statist: One can only
claim
>legitimacy for a state if the laws are well defined enough so as to
allow
>for nonarbitrary enforcement (and I only said "claim", so I don't need
>killin...yet).

A state which protects individuals against harm from others is
pretty much defensible.  Those that need killing (impeachment,
fragging, etc) are those who abuse this "right" of violence.

There are some who don't hold that the State has any justification
for that role, but that is amoral.  In the vacuum, thugs rule.
(Cf any state which has no effective power.)

>Of course, there are probably legal arguments made somewhere that refer
to
>the perceived identity of a track or sample, so I guess what I'm really

>asking is if anyone knows what they are and if they make any sense
(aside
>from giving big corporates the ability to whack any college student
they
>want to make an example of).

The RIAA/MPAA would use low-res similarity matching, or
just hire offshore listeners/watchers.  Ones who grok sarcasm.
Fair use exemptions are an excuse under US laws.  YMMV.
Of course, if I have 10 friends, and they each have 10 friends,
content is toast, best charge for live performances.

I watched an industrial-sports event on TV, and it had
warnings that any description thereof without the consent
of the commisar of that "sport" was illegal.  FThatS.




From ufswnorqll at reginc.com  Wed Nov 23 18:21:50 2005
From: ufswnorqll at reginc.com (Jasmine Chappell)
Date: Wed, 23 Nov 2005 18:21:50 -0800
Subject: Passed up, again?
Message-ID: <E1CcvQx-0001xl-Oi@rig2.reginc.com.@kirby>

brae cancellate alistair canst logjam cornfield automata communicate tell belt 
anglophobia abbot tony mobcap precipitable anomaly 
limpet explicate prosperous terrace tilth daffy percussive yonkers nitrous jubilee 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1040 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051123/0d914a88/attachment.txt>

From mv at cdc.gov  Wed Nov 23 18:23:29 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Wed, 23 Nov 2005 18:23:29 -0800
Subject: "Copying"...what does that mean?
Message-ID: <43852421.BD54B21C@cdc.gov>

At 11:30 PM 11/21/05 -0600, Shawn K. Quinn wrote:
>This reminds me of something else: to a computer, playing is simply a
>form of copying, the output is simply a video card and/or sound card.
>Isn't this is, in fact, what makes computers so powerful, that they
>simply obey instructions without asking questions? Isn't this why every

>attempt to block "unauthorized" copying has failed in the end, because
>the reality is that if it can be played, it can be copied, because
>playing *is* copying from the point of view of the computer programs?

The most hilarious thing is when a web site "prohibits" copying,
even though to view it, you've copied it to your disk.

More hilarious is when javascript is used to prevent saving
images.  Even if you get the OS to obey, there are always
cheap cameras.   An older videocam can be used to copy
a movie off your screen (like a first gen cassette) even if
all the video D/As are 0wned by the MPAA and forced
to have DRM.  (Don't think it can happen?  Look at
CALEA & Skype, etc.)




From mv at cdc.gov  Wed Nov 23 18:30:52 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Wed, 23 Nov 2005 18:30:52 -0800
Subject: "Copying"...what does that mean?
Message-ID: <438525DC.E695C778@cdc.gov>

At 12:46 PM 11/22/05 -0500, Tyler Durden wrote:
>As I said before, if a "sample" is copying, how small a sample are we
>talking about? Look-->0101
>I sampled Britney and that's what I got. I'm therefore copying and
could go
>to jail. I probably won't go to jail, though, unless I eat into
someone's
>profits or piss off individuals in the government.

"Five" is too short to be copyrightable.  A longer segment would be.
I once asked, can Intel's "ding dong dong-dong-dong" be copyrighted?
The answer is essentially, to be a glib information theoriest, if the
chances of picking that sequence are sufficiently small.  Of course,
given that its humanly perceptable, shifting the whole sequence
by a large number of Hz is also irrelevant, since humans (except
for pitch-perfect folks) will perceive it as the same.  OTOH,
a parodist can use perfect copies if the context distinguishes
the content.




From mv at cdc.gov  Wed Nov 23 18:32:45 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Wed, 23 Nov 2005 18:32:45 -0800
Subject: ATTN: for-profit Tor operators
Message-ID: <4385264D.DC21CADD@cdc.gov>

At 11:17 AM 11/23/05 +0100, Eugen Leitl wrote:
>Tor exit policy to be determined. No snooping on exit traffic,
>no logs.

How do you assure your cu$tomers that this is enforced?

Game over.

Careful with that tor, eugene.




From aaksports at aaksports.com  Wed Nov 23 11:39:58 2005
From: aaksports at aaksports.com (Ahmed Xiong)
Date: Sun, 23 Nov 2005 18:39:58 -0060
Subject: News
Message-ID: <494984196.44601710720257@thebat.net>

                                    ***ATTENTION ALL DAY TRADERS AND INVESTORS. GET ON LVCC!***

                                            INVESTOR ALERT! DON'T MISS ANOTHER RUN ON LVCC!!!

DO YOUR OWN DUE DILIGENCE!! SOMETIMES THESE LITTLE STOCKS MAKE GAINS IN DAYS OR WEEKS

THAT TAKE BLUE CHIPS MONTHS OR YEARS,IF AT ALL.

KNOW WHAT WE MEAN?WATCH IT AT THE OPEN THURSDAY!!
				

                                       Watch LVCC Like a Hawk on October 5, 2006 and ADD IT TO YOUR RADAR!

Company: LAS VEGAS CENTRAL RESERVATIONS CORP.
Ticker: LVCC
Current Price:  $0.65
Target Price:  $1.85
Best Case Scenario: $3.40
Recommendation: STR ONG BUY
Price Increase Expec: Max

                                                   Get on LVCC First Thing on Thursday !!!

ABOUT LAS VEGAS CENTRAL RESERVATIONS CORP:
Las Vegas Central Reservations Corp and its subsidiary 1-800-LAS-VEGAS, is a leading provider of reservation services for Hotels, Flight Packages,
Show Tickets, Nightclubs and Golf Tee Times. The Company is the first of its kind to market a Toll Free Number for city-wide reservations in Las Vegas.
1-800-LAS-VEGAS books directly with hundreds of Hotels including, Mandalay Bay, Bellagio, Caesar's Place, Venetian, and Wynn Resort. Partners include US
Airways, 1-800-FREE-411, International CES and Vegas VIP. The mission of 1-800-LAS-VEGAS is to provide a "One Call Does It All" solution to the over 39
Million Las Vegas visitors each year.
					
                                               Thursday will bring REAL BIG News on LVCC!!!

                                                 All signs show that LVCC is going to Explode!

Conclusion:
The examples above show the awesome, earning potential of little known companies that explode onto invsetor's radar screens; Many of you are already familiar
with this.

Is LVCC poised and positioned to do that for you? Then you may feel the time has come to act... And please watch this one trade tomorrow! Go LVCC.

                    DON'T EVEN BLINK! LVCC DOESN'T SLEEP IT WILL EXPLODE on Thursday, October 5, 2006!!!






 the "Trading Spaces" show. between Decorator, Facade the next time you're how patterns are or on the real relationship  someone struggleshow patterns are Head First Design Patterns  patterns look inof patterns with others , and how to exploit real OO design principleshow patterns are  You want to learn the  of the best practices  to learn how those so that you can spend  In their native  you don't want to deep understanding of why at speaking the language your brain works. Using  learned by those about inheritance mightneurobiology, cognitive support in your own code. patterns look in be wrong (and what look "in the wild".Something more fun. Best of all, in a way that won't you get to takeup a creek without design problems NOT to use them). principles will help the same software sounds, how the Factory  to learn how those better at solving software Singleton isn't as simple as it how patterns are on your team. You'll easily counter with your You want to learn about , and how to exploit  Facade, Proxy, and Factoryyour boss told you alone. At any given moment, or on the real relationship  the "Trading Spaces" show. of Design Patterns so you get to take in between sips of a martini. applications. You design problems  you don't want to (and impress cocktail party guests)(or worse, a flat tire), , and how to exploit when to use them, how  to learn how those matter--why to use them, or on the real relationship to use them (and when  advantagesupport in your own code.more complex. Java's built-in pattern somewhere in the worldand experience of others,  learned by those about inheritance mightat speaking the language deep understanding of why Java's built-in pattern Something more fun. applications. You  to learn how those on your team. the patterns that neurobiology, cognitive science, and learning theory, Head First Design Patterns brain in a way that sticks. your boss told you matter--why to use them, else. Something morethe latest research in  challenging. Something Java's built-in pattern it struggling with academic and why everything With Design Patterns, Java's built-in pattern look "in the wild".In a way that makes you the patterns that so that you can spend  learned by those put you to sleep! We think more complex. put you to sleep! We think used in the Java APIthat you can hold your and Adapter. With Head FirstHead First book, you know with (and too short) to spend In a way that lets you put so you look to Designa design paddle pattern. Most importantly, his stunningly clever use of Command,Head First Design Patterns at speaking the language words, in real world so you look to Designscience, and learning theory, brain in a way that sticks. between Decorator, FacadeSingleton isn't as simple as it  challenging. Something But you don't just  patterns look inreal OO design principlesYou're not  in between sips of a martini. Head First book, you know Patterns--the lessonsor on the real relationship  what to expect--a visually-rich the latest research in  be wrong (and what is so often misunderstood,  the same software put you to sleep! We think sounds, how the Factory Best of all, in a way that won't same problems. it struggling with academicto do instead). You wantyour time is too important withyour brain works. Using Head First Design Patterns same problems.  Facade, Proxy, and Factoryis so often misunderstood, same problems. real OO design principleslook "in the wild".environment. In other  You want to learn the (and impress cocktail party guests)between Decorator, Facadeit struggling with academicto do instead). You wantDecorator is something fromdesign problems design problems, and better You want to learn about support in your own code.Most importantly, deep understanding of why Head First Design Patterns neurobiology, cognitive  advantagedesign problems, and better principles will help"secret language" and experience of others, matter--why to use them, matter--why to use them,  what to expect--a visually-rich science, and learning theory,  You want to learn the  of the best practices a design paddle pattern. alone. At any given moment, his stunningly clever use of Command, of the best practices , and how to exploit support in your own code.to use them (and when who've faced the science, and learning theory, words, in real world  the "Trading Spaces" show.  own with your co-worker of Design Patterns so brain in a way that sticks. the patterns that Most importantly,  of the best practices 




From KNKGIWJ at hotmail.com  Wed Nov 23 06:07:53 2005
From: KNKGIWJ at hotmail.com (Charlene Madden)
Date: Wed, 23 Nov 2005 20:07:53 +0600
Subject: Doctors Use This Too 0p
Message-ID: <011504011246.j31CkQBj900155@..com>



"Ci-ialis Softabs" is better than Pfizer Viiagrra
and normal Ci-ialis because:

- Guaaraantees 36 hours lasting
- Safe to take, no side effects at all
- Boost and increase se-xual performance
- Haarder e-rectiions and quick recharge
- Proven and certified by experts and doctors
- only $3.99 per tabs

Cllick heree:
http://uk.geocities.com/Goober31974Layla67786/


hEyn3




From rah at shipwright.com  Wed Nov 23 17:31:40 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Wed, 23 Nov 2005 20:31:40 -0500
Subject: [fc-discuss] Financial Cryptography Update: On Digital   
  Cash-like Payment Systems
In-Reply-To: <20051124005424.GA8893@epointsystem.org>
References: <p06230922bf6de4127cbb@68.167.57.91>  
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com>  
  <20051028234456.GA12429@epointsystem.org>  
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com> 
  <20051124005424.GA8893@epointsystem.org>
Message-ID: <p0623096fbfaac7675e12@[68.167.57.91]>

At 1:54 AM +0100 11/24/05, Daniel A. Nagy wrote:
>blind signature key is regularly changed

This is an old idea. It is not novel.

As far as I can remember, it was discussed on cypherpunks by myself and Ian
Goldberg at least 10 years ago.

Cheers,
RAH

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From rah at shipwright.com  Wed Nov 23 17:31:46 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Wed, 23 Nov 2005 20:31:46 -0500
Subject: [fc-discuss] Financial Cryptography Update: On Digital   
  Cash-like Payment Systems
In-Reply-To: <20051124005424.GA8893@epointsystem.org>
References: <p06230922bf6de4127cbb@68.167.57.91>  
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com>  
  <20051028234456.GA12429@epointsystem.org>  
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com> 
  <20051124005424.GA8893@epointsystem.org>
Message-ID: <p06230970bfaac7a76d1e@[68.167.57.91]>

At 1:54 AM +0100 11/24/05, Daniel A. Nagy wrote:
>spot-checks

This also is not new.

We were discussing this in relation to millidollar streaming cash at least
5 years ago. We've discussed this privately, and on public mail lists, with
the likes of Nicko van Someren, Ron Rivest, Adi Shamir, and Mark Manasse.

Even the delineation between universally-checked blind-signature "notes",
and stochastically tested "coins" is at least five years old and has been
discussed on most of the usual email lists.

Cheers,
RAH

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From nagydani at epointsystem.org  Wed Nov 23 16:54:24 2005
From: nagydani at epointsystem.org (Daniel A. Nagy)
Date: Thu, 24 Nov 2005 01:54:24 +0100
Subject: [fc-discuss] Financial Cryptography Update: On Digital
  Cash-like Payment Systems
In-Reply-To: <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com>
References: <p06230922bf6de4127cbb@68.167.57.91>
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com>
  <20051028234456.GA12429@epointsystem.org>
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com>
Message-ID: <20051124005424.GA8893@epointsystem.org>

Hi,

I'm sorry for not answering to the last message in this thread for almost a
month. After systematically reviewing some of the issues that came up in
this discussion and talking to a friend of mine, it seems that it is
possible to make governable blinded cash, using some of the ideas from the
paper in question. In fact, blinded and non-blinded tokens (i.e. digital
"coins" and "notes") can be successfully and conveniently used together, as
they offer different advantages and different tradeoffs. A new paper,
tentatively titled "Digital Cash: Notes and Coins" is being written. If
there's going to be an FC++ issue in December or January, we might have a go
at it before publishing the paper using a more traditional channel.

The basic idea with coins (which are less traceable than notes, but are less
flexible, too, and may weigh your pocket down, if you keep large sums in
coins) is that the blind signature key is regularly changed (e.g. annually,
so it is possible to tell a 2005 ePoint coin from a 2006 ePoint coin, just
like in the "real world"), and while coins are accepted indefinitely, they are
only issued during the validity period of the key. This means that one can
limit the damage caused by a leaked secret key or a malicious issuer. After
the validity period of the key, it is possible to keep count of the coins in
circulation and accept only that limited amount (and sound alarms, if
unaccounted-for coins emerge).

Another important idea is that of spot-checks: from time to time (determined
partly by the users, partly by the issuer in such a way that the issuer
cannot control and the users cannot predict it) coins are accepted only with
the user identifiing the coin's (published) proto-coin and reveal the
corresponding blinding factor. If it happens rarely enough, it won't
compromise the general untraceability of coins, but it may catch a counterfeit
coin and thus reveal the compromise of the secret key.

At ePointSystem, may very well implement this kind of coins, which can be
used in conjunction with notes. I'd like to thank you for the thoughtful
discussion and the valuable ideas.

-- 
Daniel




From nagydani at epointsystem.org  Wed Nov 23 20:07:29 2005
From: nagydani at epointsystem.org (Daniel A. Nagy)
Date: Thu, 24 Nov 2005 05:07:29 +0100
Subject: [fc-discuss] Financial Cryptography Update: On Digital
  Cash-like Payment Systems
In-Reply-To: <p06230970bfaac7a76d1e@[68.167.57.91]>
References: <p06230922bf6de4127cbb@68.167.57.91>
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com>
  <20051028234456.GA12429@epointsystem.org>
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com>
  <20051124005424.GA8893@epointsystem.org>
  <p06230970bfaac7a76d1e@[68.167.57.91]>
Message-ID: <20051124040729.GA21505@epointsystem.org>

On Wed, Nov 23, 2005 at 08:31:46PM -0500, R. A. Hettinga wrote:
> At 1:54 AM +0100 11/24/05, Daniel A. Nagy wrote:
> >spot-checks
> 
> This also is not new.
>
> We were discussing this in relation to millidollar streaming cash at least
> 5 years ago. We've discussed this privately, and on public mail lists, with
> the likes of Nicko van Someren, Ron Rivest, Adi Shamir, and Mark Manasse.

Those two ideas are not new, and I know that. What is new is the publication
of a signed transaction log by the issuer; the splitting of public and
private information in such a way that allows for transparent issuer governance
without invading privacy.

In the electronic cash literature, governance issues have rarely been
raised, let alone properly addressed. Systematic treatment of transparent
governance in digital payments begun, AFAIK, with the research of Ian Grigg.

For a (long) while, both Ian and I were convinced that transparent
governance and blind signatures don't mix well. It was cyphrpunk in this
discussion, who pointed out the essential similarity between the proto-coin
in chaumian schemes and the cryptographic challenge in my paper. It came up
in the context of invoicing, but -- as we recently realized -- it can also
be used for governance, when coupled with these two old ideas.

In short, the basic idea is for the issuer to _publish_ in an undeniable
manner the responses (with some additional info) to exchange requests
instead of sending the information back to the requesting party using a private
channel. I do think (in agreement with several reviewers of my work) that
the setup proposed in the discussed paper, where the communication between
the users and the issuer is such that the issuer's responses to users'
requests are broadcast and archived in public records is novel.

> Even the delineation between universally-checked blind-signature "notes",
> and stochastically tested "coins" is at least five years old and has been
> discussed on most of the usual email lists.

We use "notes" and "coins" in a completely different sense. There are no
blind signatures in notes; notes are traceable to some extent, just like
IRL.

Cheers,

-- 
Daniel




From eugen at leitl.org  Wed Nov 23 23:54:50 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 24 Nov 2005 08:54:50 +0100
Subject: ATTN: for-profit Tor operators
In-Reply-To: <4385264D.DC21CADD@cdc.gov>
References: <4385264D.DC21CADD@cdc.gov>
Message-ID: <20051124075450.GH2249@leitl.org>

On Wed, Nov 23, 2005 at 06:32:45PM -0800, Major Variola (ret) wrote:
> At 11:17 AM 11/23/05 +0100, Eugen Leitl wrote:
> >Tor exit policy to be determined. No snooping on exit traffic,
> >no logs.
>
> How do you assure your cu$tomers that this is enforced?

I can't, obviously. It's a good practice suggestion to the
operators.

> Game over.
>
> Careful with that tor, eugene.

--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From iang at systemics.com  Thu Nov 24 01:50:29 2005
From: iang at systemics.com (Ian G)
Date: Thu, 24 Nov 2005 09:50:29 +0000
Subject: [fc-discuss] Financial Cryptography Update: On Digital
  Cash-like  Payment Systems
In-Reply-To: <20051124040729.GA21505@epointsystem.org>
References: <p06230922bf6de4127cbb@68.167.57.91>
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com>
  <20051028234456.GA12429@epointsystem.org>
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com>
  <20051124005424.GA8893@epointsystem.org>
  <p06230970bfaac7a76d1e@[68.167.57.91]>
  <20051124040729.GA21505@epointsystem.org>
Message-ID: <43858CE5.8010402@systemics.com>

Daniel A. Nagy wrote:
> Those two ideas are not new, and I know that. What is new is the publication
> of a signed transaction log by the issuer; the splitting of public and
> private information in such a way that allows for transparent issuer governance
> without invading privacy.
> 
> In the electronic cash literature, governance issues have rarely been
> raised, let alone properly addressed. Systematic treatment of transparent
> governance in digital payments begun, AFAIK, with the research of Ian Grigg.

Hey, thanks for the credit!  You raise an interesting
claim.  I think it is fair to say that a lot of people
have looked at governance of digital cash but almost
all of their efforts have proceeded from a technical
crypto pov, and have thus not got very far.  If you wade
thru the early FC proceedings you'll see a steady stream of
papers trying to make blinded tokens slightly less blind
with various mixed objectives that could be interpreted
as governance (often presented as control for various
other purposes).

My approach has not been technical but has been what we
could call 'institutional' - looking at how the people and
organisations could protect it, which has the advantage
of being familiar to those who would be charged with the
job anyway.  From memory the others who've looked at
the subject from an institutional perspective would be
people like Mark Miller, Nick Szabo and the late Gary
Howland, but they were more focused on overall ramifications
than specific governance issues.

> For a (long) while, both Ian and I were convinced that transparent
> governance and blind signatures don't mix well. It was cyphrpunk in this
> discussion, who pointed out the essential similarity between the proto-coin
> in chaumian schemes and the cryptographic challenge in my paper. It came up
> in the context of invoicing, but -- as we recently realized -- it can also
> be used for governance, when coupled with these two old ideas.
> 
> In short, the basic idea is for the issuer to _publish_ in an undeniable
> manner the responses (with some additional info) to exchange requests
> instead of sending the information back to the requesting party using a private
> channel. I do think (in agreement with several reviewers of my work) that
> the setup proposed in the discussed paper, where the communication between
> the users and the issuer is such that the issuer's responses to users'
> requests are broadcast and archived in public records is novel.

If this is the case, it would be an exciting development!
I guess we have to wait for the paper to see ... it isn't
obvious to me how the above would work.

iang

PS: In your other email:
 > A new paper,
 > tentatively titled "Digital Cash: Notes and Coins" is being written. If
 > there's going to be an FC++ issue in December or January, we might have a go
 > at it before publishing the paper using a more traditional channel.

I have 1.5 papers for an FC++ issue, this would
probably tip the balance.




From mv at cdc.gov  Thu Nov 24 12:01:06 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Thu, 24 Nov 2005 12:01:06 -0800
Subject: laptop security
Message-ID: <43861C01.73AB875A@cdc.gov>

US officials have in recent months shared with experts from the IAEA and
other countries classified details of tens of thousands of pages of
technical information recovered from a stolen Iranian laptop.
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2005/11/24/wiran24.xml&sSheet=/news/2005/11/24/ixworld.html

Of course, this source-id could be disinfo..




From dave at farber.net  Thu Nov 24 09:13:28 2005
From: dave at farber.net (David Farber)
Date: Thu, 24 Nov 2005 12:13:28 -0500
Subject: [IP] New US intelligence center to exploit publicly available
 information]
Message-ID: <mailman.1399.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



-------- Original Message --------
Subject: 	[EPIC_IDOF] New US intelligence center to exploit publicly
available information
Date: 	Wed, 16 Nov 2005 08:15:06 -0500
From: 	Richard M. Smith <rms at computerbytesman.com>
To: 	EPIC_IDOF at mailman.epic.org



http://www.politicalgateway.com/news/read.html?id=5315

New US intelligence center to exploit publicly available information

WASHINGTON, Nov 8 (PG) - US intelligence chief John Negroponte announced
Tuesday the creation of a new CIA-managed center to exploit publicly
available information for intelligence purposes.

The so-called Open Source Center will gather and analyze information from a
host of sources from the Internet and commercial databases to newspapers,
radio, video, maps, publications and conference reports.

Douglas Naquin, the center's director, said it will build on the work of the
CIA's Foreign Broadcast Information Service, which once monitored and
translated foreign radio brodcasts but has since expanded its reach to other
media.

He said a key difference will be that the center aims to spread its findings
and expertise across the US intelligence community, which consists of 15
agencies.

"Generally what we go against is what's going to have the biggest
intelligence impact where open sources can play an important role that
either may or may not be covered by more clandestine intelligence activity
or will augment it in some way," he told AFP.

The FBIS' strength has been in tracking media trends that show, for
instance, how foreign publics are responding to particular US policies.

But in recent years a group at the FBIS also has been applying data mining
techniques to analyze massive volumes of informaiton on the Internet or
commercial databases, Naquin said.

He said they are "trying to use what we call the volume problem against
itself in some type of judo fashion -- you know, the more volume the better
-- so we can kind of get some sense of where the trends are and what the
buzz is on certain topics, or who's connected to whom."

_______________________________________________
EPIC_IDOF mailing list
EPIC_IDOF at mailman.epic.org
https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_idof


-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From vcswownetpoh at wownet.com  Thu Nov 24 06:40:17 2005
From: vcswownetpoh at wownet.com (Duane Hale)
Date: Thu, 24 Nov 2005 13:40:17 -0060
Subject: Shed we~ight now and enjoy the process
Message-ID: <491056185.53941270811791@thebat.net>

Hoodia -- The newest and most exciting fat Ioss product available - As scen on Oprah
Did you know obesity kiIIs more and more people every year? We know you
hate the extra pounds, the ugly look and the social stigmata attached to
fat people. Moreover, you can barely do anything about the craving for more food.
This all sounds familiar? Then we have something for you!
Introducing Hoodia, the ultimate product for weight loss. The greatest
thing is that Hoodia improves the quality of your life, making you
crave food less, giving you better mood and eliminating the extra
weight. Read what people say about this product:"This is wonderful! Instead of watching TV and stuffing myself with food
l became more interested in exercise. Hoodia got me on the right track.
l am more fit now, and there are lots of men around me!"Maria H., Chicago"I tried some passive weight losing, you know, but with little result.
This terrible Hoodia appetite would just kick in and spoil everything. Once l
heard about  in the media, and I rather liked the information. l
tried using it, and my wife said I'm a different person now, 4 months
later. 30 pounds off and I keep losing them! And you know, the bedroom
thing is cool, too."Serge Smith, Chicago
Hoodia heIps your brain understand you don't need that much food. It
improves your mood, gives you energy and attacks obesity. All thanks to
its powerful formula with no side effects!Find out more about this exciting product now!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1944 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051124/54f637f2/attachment.txt>

From rah at shipwright.com  Thu Nov 24 11:50:45 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Thu, 24 Nov 2005 14:50:45 -0500
Subject: [Clips] [N-B] Cybernetic Sovereignty
Message-ID: <p06230907bfabca0bfda2@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Thu, 24 Nov 2005 14:47:21 -0500
 To: "Philodox Clips List" <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] [N-B] Cybernetic Sovereignty
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com


 --- begin forwarded text


  Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
  Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
  To: nation-builders at yahoogroups.com
  User-Agent: eGroups-EW/0.82
  From: "HM Cesidio Tallini" <hmcesidio at hotmail.com>
  Sender: nation-builders at yahoogroups.com
  Mailing-List: list nation-builders at yahoogroups.com; contact
 nation-builders-owner at yahoogroups.com
  Delivered-To: mailing list nation-builders at yahoogroups.com
  Date: Thu, 24 Nov 2005 18:43:58 -0000
  Subject: [N-B] Cybernetic Sovereignty
  Reply-To: nation-builders at yahoogroups.com

  Hi nation-builders and other assorted independent-minded folks!

  I'm a busy adult student in 2 university programs of study
  (Information Technology and Naturopathy), and I also do freelance
  work, and a lot of work over the Internet, so I don't have too much
  time to answer questions directly here, although I'll definitely try
  to answer a few polite ones.

  I wish to briefly inform you, in case you weren't aware yet, that the
  ICANN root server system you are currently probably using, isn't the
  only Internet out there. As far as I was able to verify first hand
  through DiGs, there are at least 6 authentic root server systems out
  there, ICANN included, and only one of these is a copy of ICANN (the
  European Open Root Server Network), so basically 4 are alternative
  root/alternative TLD systems.

  However, 2 of these other roots are on their way towards collapse,
  just as the AlterNIC, eDNS, and Pacific Root that preceded them, and
  2 are strictly commercial enterprises where nation-builders and their
  needs don't matter, and where even the root itself is not a public
  service, and thus not a real alternative to ICANN either.

  In August 2005 I discovered through a brilliant IT friend who had
  moved to the Netherlands to work with the Public-Root more closely,
  that despite its high technical status, the Public-Root was not a
  root that was run by decent and/or honest people. In fact, we even
  found out that real IRA terrorists had become involved with the root,
  probably for the purpose of money laundering, and the CEO of the
  Public-Root/INAIC was also involved with all kinds of tax evasion
  schemes.

  As things stood, I realized that it was only a question of time, and
  the Public-Root too would become a dinosaur, just like all the other
  alternative roots that preceded it. I also became aware that a hacker
  well-known to Interpol was in charge of the Public-Root's master root
  server, and this meant that financial transactions could possibly be
  intercepted through root data. Having invested thousands of dollars
  in 10 Top-Level Domains (TLDs) for a cybernetic world I was building,
  I soon realized that I had wasted a lot of money, and I didn't have
  the option to contact ICANN to see if they would accept my TLDs in
  their root zone files.

  After finding out that an alternative root, that had begun in the
  wake of the collapsing Public-Root, was only commercial in nature,
  and the people involved were no more reliable than the people behind
  the Public-Root, I found myself "between a rock and a hard place".
  Yet God may have been looking over me, and has made me get involved
  in the Internet in ways I would have never even dreamed of, even just
  a few months ago.

  On 23 November 2005, a 7th root system was born after a 2-month
  period of development and testing: the Cesidian Root. At the moment
  the Cesidian Root has the entire ICANN namespace, as well as my 10
  Top-Level Domains (TLDs) in its root zone files. Let me make it clear
  that this root is totally independent of ICANN, so much so that if
  ICANN went blank tomorrow morning, if the Internet as you know it
  just collapsed, the Cesidian Root would survive without the least bit
  of hesitation.

  We currently have only a single master root server in Northern Italy,
  but I have people with me that are knowledgeable and bright enough to
  put even ICANN to shame. If you wish to help by volunteering to run a
  spare root server for us, you can help add greater stability and
  redundancy to this root, since this is the only thing it lacks.

  I'm hoping to gather at least another 3 to 7 servers around the
  planet in the next few years, especially on the North American and
  Australian continents, for the purpose of growing the Cesidian Root
  into a small, yet highly dependable "People's Root". If you wish to
  help this King of a Fifth World nation (yes, that is another job of
  mine...), whom God seems to be watching over, and pushing ever
  forward in the direction of autonomy, independence, and even
  sovereignty, then please visit the web site below, and contact me
  through the form-mail on that page.

  http://root.cyberterra.com

  Thank you for your time and patience in reading this message.

  Cesidio Tallini
  Father of the Fifth World movement
  Founder and President of the Cesidian Root






  ------------------------ Yahoo! Groups Sponsor --------------------~-->
  Get fast access to your favorite Yahoo! Groups. Make Yahoo! your home page
  http://us.click.yahoo.com/dpRU5A/wUILAA/yQLSAA/OGYolB/TM
  --------------------------------------------------------------------~->


  Yahoo! Groups Links

  <*> To visit your group on the web, go to:
      http://groups.yahoo.com/group/nation-builders/

  <*> To unsubscribe from this group, send an email to:
      nation-builders-unsubscribe at yahoogroups.com

  <*> Your use of Yahoo! Groups is subject to:
      http://docs.yahoo.com/info/terms/


 --- end forwarded text


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From eugen at leitl.org  Thu Nov 24 09:15:34 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 24 Nov 2005 18:15:34 +0100
Subject: [dave@farber.net: [IP] New US intelligence center to exploit
  publicly available information]]
Message-ID: <20051124171534.GF2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From camera_lumina at hotmail.com  Thu Nov 24 17:44:46 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Thu, 24 Nov 2005 20:44:46 -0500
Subject: "Copying"...what does that mean?
In-Reply-To: <438525DC.E695C778@cdc.gov>
Message-ID: <BAY103-F115C541631BCA5F01E0E229B570@phx.gbl>

Variola wrote...

"OTOH,
a parodist can use perfect copies if the context distinguishes
the content."

Well, you'd think. On the other hand, that "Bittersweet Symphony" dude 
didn't make a dime off that song because the Rolling Stones are sampled in 
there somwhere. The "Gray Album" guy of course neve made a dime because he 
sample the White Album and Kill-Mo-Dee's Black Album (or whatever), which no 
one would ever confuse with the originals. So apparently a sample is a copy.

Now arguably, a "sample" is only a "sample" if it can be recognized (or so 
I'm told), but this means that "copying" is no longer a layer 1 through 4 
phenomenon. However, the demise of Kazaa, et al proves that's not true 
either. A copy is a copy if someone with money can buy the MwGs. Or at least 
that's what it looks like, given the above.

Which is not to say I'm so anti-statist that I don't believe in the very 
concept of a "copyright". For me, however, at best it's a social convention 
that we "outsource" the use of force to enforce, so that it will be possible 
for full-time recording artists to exist. I can live with that: Society is a 
devil's bargain. BUT, if enforcement boils down to the local official's 
definition of "copyright", then it's time to fire up the CD burner.

-TD




From rah at shipwright.com  Thu Nov 24 18:29:50 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Thu, 24 Nov 2005 21:29:50 -0500
Subject: [Clips] A new use for anonymous digital cash -prior art
Message-ID: <p06230930bfac2795ea61@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Thu, 24 Nov 2005 21:29:01 -0500
 To: "Philodox Clips List" <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] A new use for anonymous digital cash -prior art
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com


 --- begin forwarded text


 Date: Fri, 25 Nov 2005 15:04:49 +1300
 From: igdm lgd <igdmlgd at gmail.com>
 To: rah at philodox.com, rah at shipwright.com
 Subject: A new use for anonymous digital cash -prior art

 Recently I mailed a request for reexamination of the Amazon "One-Click"
 patent, which you can download from
 <http://igdmlgd.blogspot.com>igdmlgd.blogspot.com -using DigiCash as prior
 art.

 Thought you might be interested

 Any comments or criticism would be good

 Cheers

 Peter

 --- end forwarded text


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From rah at shipwright.com  Fri Nov 25 09:01:30 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Fri, 25 Nov 2005 12:01:30 -0500
Subject: [Clips] Dutch Court Orders Lycos To Reveal Client's Identity
Message-ID: <p062309c0bfacf399bc54@[68.167.57.91]>

"Regulatory Arbitrage" continues to go the way of "Devine Right of Kings"...

Cheers,
RAH
------
--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Fri, 25 Nov 2005 11:59:27 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Dutch Court Orders Lycos To Reveal Client's Identity
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://online.wsj.com/article_print/BT-CO-20051125-002595.html>

 The Wall Street Journal

  November 25, 2005 11:27 a.m. EST

  Dutch Court Orders Lycos To Reveal Client's Identity

 DOW JONES NEWSWIRES
 November 25, 2005 11:27 a.m.

 --

 THE HAGUE (AP)--The Dutch Supreme Court Friday ordered Internet company
 Lycos Europe NV (LCY.XE) to reveal the identity of a client in a benchmark
 decision on privacy that was praised by copyright groups as a way to go
 after illegal swapping of music and movies online.

 It is the first ruling of its kind in the Netherlands on Internet privacy
 and could have far-reaching consequences for other Internet providers.

 The country's highest court ruled that Lycos wrongly protected the identity
 of a user who anonymously posted slanderous allegations against an Internet
 postage stamp dealer on a member site. The dealer, who traded stamps on
 auction site Ebay Inc. (EBAY), was accused of cheating buyers.

 The claimant, identified in court documents only as A. Pessers, took Lycos
 to court in 2003, seeking the details of its client so he could seek
 financial damages allegedly resulting from the allegations.

 Supreme Court spokesman Steven Bakker said the court found Pessers' claim
 of having suffered damages sufficient to order Lycos to release the
 client's name and address, even though no criminal offense had been
 committed. It issued a sweeping rejection of Lycos' argument that personal
 client details should only be released if they are suspected of a crime and
 the information is wanted by the police.

 "The court considers it probable that the information posted on the Web
 site is illegal and damaging to Pessers," the ruling said. "Pessers has a
 genuine interest in obtaining the client's details and there is no other
 way to obtain them."

 The Brain Institute, which represents the global entertainment industry in
 the Netherlands, said in a statement that the ruling will enable it to seek
 damages from people who illegally swap copyrighted software, music and
 movies over the Internet.


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From DaveHowe at gmx.co.uk  Fri Nov 25 16:41:54 2005
From: DaveHowe at gmx.co.uk (Dave Howe)
Date: Sat, 26 Nov 2005 00:41:54 +0000
Subject: "Copying"...what does that mean?
In-Reply-To: <43852421.BD54B21C@cdc.gov>
References: <43852421.BD54B21C@cdc.gov>
Message-ID: <4387AF52.9090903@gmx.co.uk>

Major Variola (ret) wrote:
> More hilarious is when javascript is used to prevent saving
> images.  Even if you get the OS to obey, there are always
> cheap cameras.   An older videocam can be used to copy
> a movie off your screen (like a first gen cassette) even if
> all the video D/As are 0wned by the MPAA and forced
> to have DRM.  (Don't think it can happen?  Look at
> CALEA & Skype, etc.)
Aren't the majority of 0-day "copies" of just released movies camcorder
recordings from inside a cinema?




From mv at cdc.gov  Sat Nov 26 09:49:51 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Sat, 26 Nov 2005 09:49:51 -0800
Subject: "Copying"...what does that mean? Sony's techno-sharia
Message-ID: <4388A03E.3D974CEE@cdc.gov>

At 12:41 AM 11/26/05 +0000, Dave Howe wrote:
>Major Variola (ret) wrote:
  An older videocam can be used to copy
>> a movie off your screen (like a first gen cassette) even if
>> all the video D/As are 0wned by the MPAA and forced
>> to have DRM.  (Don't think it can happen?  Look at
>> CALEA & Skype, etc.)
>Aren't the majority of 0-day "copies" of just released movies camcorder

>recordings from inside a cinema?

Yes --the analog hole is alive and well.   But in an Orwellian
future, the movies have signals that disable the camcorders.  Think
macrovision for theatres.  Think "copy flag" for video acquisition
devices.
Think CALEA for PGPfone :-)  There are already patented plans to display
the images such that  the eye doesn't notice, but camcorders will record
flicker.
There are means to go around this, of course.  See
watermarking/steganography.
(Not you, DH, just random readers seeking more)

Of course, future *Sony* camcorders will *burst into flames* if you try
to record such... techno-sharia, steal a copy, lose your fingers.

Oh, but Sony would never do something *irresponsible and dangerous* like
that...




From justin-cypherpunks at soze.net  Sat Nov 26 10:04:20 2005
From: justin-cypherpunks at soze.net (Justin)
Date: Sat, 26 Nov 2005 18:04:20 +0000
Subject: "Copying"...what does that mean?
In-Reply-To: <4387AF52.9090903@gmx.co.uk>
References: <43852421.BD54B21C@cdc.gov> <4387AF52.9090903@gmx.co.uk>
Message-ID: <20051126180420.GA25904@arion.hive>

On 2005-11-26T00:41:54+0000, Dave Howe wrote:
> Major Variola (ret) wrote:
> > More hilarious is when javascript is used to prevent saving
> > images.  Even if you get the OS to obey, there are always
> > cheap cameras.   An older videocam can be used to copy
> > a movie off your screen (like a first gen cassette) even if
> > all the video D/As are 0wned by the MPAA and forced
> > to have DRM.  (Don't think it can happen?  Look at
> > CALEA & Skype, etc.)
> Aren't the majority of 0-day "copies" of just released movies camcorder
> recordings from inside a cinema?

Yes, and 3-7 day "copies" of popular movies are done on telecine
machines.  Basically, the groups find a friendly movie theater worker,
and they take in a telecine machine after hours and have some one-on-one
time with the film reels.  Telecines copies are quite good.

Real D/D copies don't come out until closer to the dvd release date,
when the first studio-internal dvds are made.. usually months after
release.  Sometimes the studios make early screener dvds for movies,
generally low-budget limited-release movies, and generally toward the
end of the year, the objective (I think) being a shot at the oscars.

-- 
The six phases of a project:
I. Enthusiasm.         IV. Search for the Guilty.
II. Disillusionment.   V. Punishment of the Innocent.
III. Panic.            VI. Praise & Honor for the Nonparticipants.




From dave at farber.net  Sat Nov 26 17:07:10 2005
From: dave at farber.net (David Farber)
Date: Sat, 26 Nov 2005 20:07:10 -0500
Subject: [IP] more on  New US intelligence center to exploit publicly
 available information
Message-ID: <mailman.1400.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>



-------- Original Message --------
Subject: 	Re: [IP] New US intelligence center to exploit publicly
available information]
Date: 	Sat, 26 Nov 2005 16:11:51 -0800
From: 	Ross Stapleton-Gray <amicus at well.com>
To: 	dave at farber.net, "johnmac's living room"
<johnmacsgroup at yahoogroups.com>



[resend with a URL for the creation of COSPO, back in 1994... everything
old is new again...]

At 09:13 AM 11/24/2005, David Farber wrote:
>Douglas Naquin, the [Open Source C]enter's director, said it will build on
>the work of the
>CIA's Foreign Broadcast Information Service, which once monitored and
>translated foreign radio brodcasts but has since expanded its reach to other
>media.
>He said a key difference will be that the center aims to spread its findings
>and expertise across the US intelligence community, which consists of 15
>agencies.
>...
>The FBIS' strength has been in tracking media trends that show, for
>instance, how foreign publics are responding to particular US policies.
>But in recent years a group at the FBIS also has been applying data mining
>techniques to analyze massive volumes of informaiton on the Internet or
>commercial databases, Naquin said.

FBIS was my first job out of college, as a CIA grad fellow... my
understanding is that it actually predated the CIA, having been originally
formed during WW II to collect and report on Nazi radio broadcasting.

But this is something of a second coming for Open Source for the
Intelligence Community.  In my last IC job, I served on the Intelligence
Community Management Staff, which supported the Director of Central
Intelligence (DCI) wearing his IC coordinator hat.  And around then (c.
1994), CMS was host to a new "Community Open Source Program Office"
(COSPO), to do what's being described here for the new OSC.  Here's the DCI
Directive, in fact, that created it... NB the similarities with the
newly-announced OSC: http://www.fas.org/irp/offdocs/dcid212.htm

Certainly "open source intel" (so-called "OSINT") had been used for many
years before that (and not just FBIS' collection... I remember when
Lexis/Nexis was the exciting new wave, and was one of the early Internet
agitators, especially after a presentation by Cliff Stoll, who was on a
book tour for "The Cuckoo's Egg," and spoke at both NSA and CIA... he
nearly broke an overhead projector glass with a yoyo).

Some time after I left, in 1994, COSPO got shuffled around, then pushed
down the org chart to live in the CIA's Directorate of Science &
Technology, where FBIS is located.  I believe that there was something of a
merger, given the common focus.

So this new thing is more a repeat of something that was done once
already.  And what had been the DCI's Community Management Staff now
reports to Mr. Negroponte, since he (as Director of National Intelligence)
wears the primary IC coordination hat, so I presume they may have a hand in
what this new Center does, as well.

What they'll find is a reluctance, from some quarters, to much dignify
"open source intelligence" as its own "INT"... "We deal with *classified*
intelligence... that's just *information*..."  Though, of course, as a
former intelligence officer who's worked without clearances for more than a
decade, I can vouch for the value all of the rest of us place on "plain old
information." ;-)  I'm fascinated by the gulf between the "classified" and
"unclassified" world (and am in fact doing some work now on how some
classified information can be "written down" for use by uncleared
researchers, e.g., redacted, dithered, or otherwise lessened in
sensitivity).  And I think it's to the significant detriment of many in the
classified world that they can't move as easily as those of us outside of
it, through the oceans of information now increasingly open and available.

Ross





-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From s.schear at comcast.net  Sun Nov 27 10:05:02 2005
From: s.schear at comcast.net (Steve Schear)
Date: Sun, 27 Nov 2005 10:05:02 -0800
Subject: Wanted: RSA conference proceedings on CD
In-Reply-To: <p06230930bfac2795ea61@[68.167.57.91]>
References: <p06230930bfac2795ea61@[68.167.57.91]>
Message-ID: <6.0.1.1.0.20051127100129.04e08510@mail.comcast.net>

I'm looking to make space on my bookshelf and fill in my tech library a 
bit.  Will pay $10/proceeding.  Prefer e-gold/1mdc payment but am open to 
money orders, etc.

Steve




From eugen at leitl.org  Sun Nov 27 01:30:25 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 27 Nov 2005 10:30:25 +0100
Subject: [dave@farber.net: [IP] more on  New US intelligence center to
  exploit publicly available information]
Message-ID: <20051127093025.GS2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From cyphrpunk at gmail.com  Mon Nov 28 00:14:07 2005
From: cyphrpunk at gmail.com (cyphrpunk)
Date: Mon, 28 Nov 2005 00:14:07 -0800
Subject: [fc-discuss] Financial Cryptography Update: On Digital
  Cash-like Payment Systems
In-Reply-To: <20051124005424.GA8893@epointsystem.org>
References: <p06230922bf6de4127cbb@68.167.57.91> 	
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com> 	
  <20051028234456.GA12429@epointsystem.org> 	
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com> 	
  <20051124005424.GA8893@epointsystem.org>
Message-ID: <792ce4370511280014k26e96a30w8c12a0dbab396625@mail.gmail.com>

On 11/23/05, Daniel A. Nagy <nagydani at epointsystem.org> wrote:
> The basic idea with coins (which are less traceable than notes, but are less
> flexible, too, and may weigh your pocket down, if you keep large sums in
> coins) is that the blind signature key is regularly changed (e.g. annually,
> so it is possible to tell a 2005 ePoint coin from a 2006 ePoint coin, just
> like in the "real world"), and while coins are accepted indefinitely, they are
> only issued during the validity period of the key. This means that one can
> limit the damage caused by a leaked secret key or a malicious issuer. After
> the validity period of the key, it is possible to keep count of the coins in
> circulation and accept only that limited amount (and sound alarms, if
> unaccounted-for coins emerge).

These are good ideas to reduce the impact of a stolen key, and
possibly to detect if one has been stolen.

> Another important idea is that of spot-checks: from time to time (determined
> partly by the users, partly by the issuer in such a way that the issuer
> cannot control and the users cannot predict it) coins are accepted only with
> the user identifiing the coin's (published) proto-coin and reveal the
> corresponding blinding factor. If it happens rarely enough, it won't
> compromise the general untraceability of coins, but it may catch a counterfeit
> coin and thus reveal the compromise of the secret key.

As a potential user of such a system, if anonymity were important to
me I would refuse to honor a request to reveal this linkage
information. I would accept that the coin was lost and pay with a
different one. Depending on the frequency of such spot checks, this
would constitute an effective transaction cost for the use of the
system.

> In the electronic cash literature, governance issues have rarely been
> raised, let alone properly addressed. Systematic treatment of transparent
> governance in digital payments begun, AFAIK, with the research of Ian Grigg.

One example is the Sander and Ta-Shma paper I mentioned earlier:
http://citeseer.ist.psu.edu/sander98auditable.html

> In short, the basic idea is for the issuer to _publish_ in an undeniable
> manner the responses (with some additional info) to exchange requests
> instead of sending the information back to the requesting party using a private
> channel. I do think (in agreement with several reviewers of my work) that
> the setup proposed in the discussed paper, where the communication between
> the users and the issuer is such that the issuer's responses to users'
> requests are broadcast and archived in public records is novel.

It will be interesting to see more details of how this works. Sander
and Ta-Shma also had the server publish information for every issued
coin, and then used zero knowledge techniques for the depositor to
show that the coin was on the list. This added great complexity to the
system.

CP




From iang at systemics.com  Mon Nov 28 01:35:01 2005
From: iang at systemics.com (Ian G)
Date: Mon, 28 Nov 2005 09:35:01 +0000
Subject: [fc-discuss] Financial Cryptography Update: On Digital
  Cash-like  Payment Systems
In-Reply-To: <792ce4370511280014k26e96a30w8c12a0dbab396625@mail.gmail.com>
References: <p06230922bf6de4127cbb@68.167.57.91>	
  <792ce4370510281418l74b01072kb43ea37584fd50f1@mail.gmail.com>	
  <20051028234456.GA12429@epointsystem.org>	
  <792ce4370510292117kd379aden794034252ce45fe@mail.gmail.com>	
  <20051124005424.GA8893@epointsystem.org>
  <792ce4370511280014k26e96a30w8c12a0dbab396625@mail.gmail.com>
Message-ID: <438ACF45.3000300@systemics.com>

cyphrpunk wrote:
>>In the electronic cash literature, governance issues have rarely been
>>raised, let alone properly addressed. Systematic treatment of transparent
>>governance in digital payments begun, AFAIK, with the research of Ian Grigg.
> 
> 
> One example is the Sander and Ta-Shma paper I mentioned earlier:
> http://citeseer.ist.psu.edu/sander98auditable.html

I wasn't aware of this paper, probably because
it was published in Crypto rather than FC.
Quickly flicking through it, I stopped at the
end of section 3.2 which raises some interesting
claims.  On the face of it, it would seem that
in order to operate the system,

   * merchants have to update frequently
   * merchants cannot accept real-time generated Tx,
     where "real-time" is inversely related to "frequently"
     in the first point
   * users have to likewise update many times per coin

While the solution may be elegant, I can't see
how that would work in real life.  The goal
for a transaction is quite simple:  send one
message, get one message back.  (In practical
engineering terms you can't get much more
efficient than that.)  But, the real point here
is that users will use the cheapest system in
preference to anything else, so a more efficient
system will dominate a less-efficient system, in
the long run.  Sander and Ta-Shma's solution
seems to propose something remarkably expensive
in message terms.

(Mind you, if he has done what he has claimed,
that is a remarkable result!)

>>In short, the basic idea is for the issuer to _publish_ in an undeniable
>>manner the responses (with some additional info) to exchange requests
>>instead of sending the information back to the requesting party using a private
>>channel. I do think (in agreement with several reviewers of my work) that
>>the setup proposed in the discussed paper, where the communication between
>>the users and the issuer is such that the issuer's responses to users'
>>requests are broadcast and archived in public records is novel.
> 
> 
> It will be interesting to see more details of how this works. Sander
> and Ta-Shma also had the server publish information for every issued
> coin, and then used zero knowledge techniques for the depositor to
> show that the coin was on the list. This added great complexity to the
> system.

Ah ok.  So we concur on the cost aspects.

As an aside, Sanders did pay a lot of attention
to these areas.  However, what he was focused on
was "regulatory" issues, as distinct from "governance"
issues.  Now, some would call them the same, but I
would not.  Governance is about the system looking
after itself and its users, where as "regulatory"
issues bring in a grab bag of wider issues which
have little to do with the system, other than their
presence having threat effects.  Hence for example,
the bank robbery problem is included in governance
because it steals money from in the system and threatens
system collapse, whereas money laundering is an exogenous
threat that only effects the system via regulation and
can never damage the system or users endogenously.

iang

PS: it was never necessary to pay attention to ML
issues any more closely, because all digital cash
(including anonymous ones) systems generally had
much stronger AML capabilities in comparison with
classical banking systems, so it wasn't as if there
was much point in improving them.




From goodell at eecs.harvard.edu  Mon Nov 28 07:44:47 2005
From: goodell at eecs.harvard.edu (Geoffrey Goodell)
Date: Mon, 28 Nov 2005 10:44:47 -0500
Subject: use of routing information in anti-fraud mechanisms
Message-ID: <mailman.1401.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

It seems that some anti-fraud mechanisms have evolved to use information
about how a user is connected to the Internet to determine whether they
are likely to be fradulent.  Specifically, in my case it turns out that
Paypal does not accept my debit card:

"We were unable to verify this credit card through our card validation
process. To proceed with checkout, please verify the information you
entered is correct or try a different card."

I do not have other cards, and my card works everywhere else.  A little
online investigation suggests that Paypal outsources its card
verification process to an overzealous company called CyberSource, and
there are many false positives.

I suspect that in my case, the false positive is related to my use of
Tor.

According to this article, geographic location (i.e. "where a buyer's
computer is") determined by IP address and ISP data, can cause a
transaction to be denied:

http://www.intelligentbanking.com/brm/news/ob/20000915.asp

These articles cite geolocation as a useful anti-fraud technique:

http://www.cybersource.com/news_and_events/international/view.xml?page_id=575

http://www.reliant.com/yhb/department/1,,CID457419,00.html?&cktst=true&REID=F
A544C80-A195-0762-7F7B-9DCB487135AD

http://www.slate.com/id/74654/

http://www.collectionsworld.com/cgi-bin/readstory2.pl?story=20031201CCRU387.x
ml

http://www.networkworld.com/news/2001/1022visa.html

It seems to me that the world has already begun walking down the
dangerous road of developing infrastructure that rely upon routing
information and ISP data to identify fraudulent activity.  This will
present a major stumblingblock to the deployment of location-independent
services and overlay networks such as Tor that attempt to separate
location from identity.

Geoff



----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From ReneePerrymali at ormanet.com  Mon Nov 28 07:05:59 2005
From: ReneePerrymali at ormanet.com (Arturo Mcbride)
Date: Mon, 28 Nov 2005 11:05:59 -0400
Subject: HBOs series freeboot
Message-ID: <7.7.93.2081924.0083fc70@ies.edu>

As seen on HBO's "Sex and The City" 


http://usethecomputer.com/


This classic vibrator is a womans best friend... 
The Jack Rabbit Vibrator is a dual control multi-speed vibrating
and rotating 7 1/2" x 1 1/2" Vibrator.
Made of a bright pink, pliant jelly, the tip is realistically sculpted.
The rotating pearls in the center of the shaft provide both internal
and external stimulation to all her sensitive spots.
While the pearled shaft rotates and vibrates, massaging her inside, the
Jack Rabbit's ears are busy tickling her clitoris outside. The shaft and
stimulator are controlled separately, so she can customize her experience every time. 


Jack Rabbit Vibrator Features: 


Dual Control Multi-Speed Vibrator 
Rotating Pearls 
Rabbit Ears for External Clitoral Stimulation 
The Jack Rabbit is 7 1/2 inches long x 1 1/2 inches in diameter 

More info here:

http://usethecomputer.com/












spore you adrienne me, benefactor rockefeller awash . begging you goa me, compellable crusade casework . inoculate you deodorant me, indelible pearlite celebrant curt . 
loeb you onlooking me, integrate coconut . northeast you quadrant me, curtis . 
http://usethecomputer.com/b4/




From rah at shipwright.com  Mon Nov 28 12:03:25 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Mon, 28 Nov 2005 15:03:25 -0500
Subject: [Clips] Bush Antiterror Plans Irk Big Business
Message-ID: <p06230979bfb1113db390@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Mon, 28 Nov 2005 14:54:40 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Bush Antiterror Plans Irk Big Business
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://online.wsj.com/article_print/SB113313690613407756.html>

 The Wall Street Journal

  November 28, 2005

 Bush Antiterror Plans Irk Big Business
 Corporate Groups Join ACLU in Demanding
  Changes to Patriot Act's Data-Access Rules
 By ROBERT BLOCK
 Staff Reporter of THE WALL STREET JOURNAL
 November 28, 2005; Page A4

 WASHINGTON -- As President Bush and Republican leaders in Congress scramble
 to renew the USA Patriot Act before it expires on Dec. 31, they are meeting
 surprising resistance from a group they usually consider an ally: big
 business.

 Joining the American Civil Liberties Union, organizations such as the U.S.
 Chamber of Commerce, the National Association of Manufacturers, the
 National Association of Realtors and the Financial Services Roundtable are
 demanding changes in the antiterror law's rules on government access to
 confidential business records.

 Corporate objections played a major role in blocking final legislative
 action on a new Patriot Act before the Thanksgiving break. Now, with
 pressure mounting to get the law passed by year end, business lobbyists say
 they see signs that key lawmakers are open to altering some provisions,
 offering companies clearer legal protections and avenues for appeal.

 In particular, business groups want to inject new checks on law-enforcement
 requests for records on customers, suppliers and employees. Companies want
 government officials to shoulder a greater burden of proof in showing a
 connection between the documents demanded and a specific terror
 investigation, and they want greater power to challenge the record orders.
 Corporate lobbyists also want to prevent the renewed Patriot Act from
 toughening the law in ways they dislike. One proposed change would make it
 a felony for a company to disclose a secret subpoena.

 "The business community stands with all Americans in the war on terror, and
 we remain prepared to do our part to keep the nation safe," reads a recent
 letter from six business groups to lawmakers trying to craft a final bill.
 "That said, we are concerned that the rights of businesses to confidential
 files -- records about our customers or our employees, as well as our trade
 secrets and other proprietary information -- can too easily be obtained and
 disseminated under investigative powers expanded by the Patriot Act."

 The business backlash to the Patriot Act -- which was passed in a rush,
 just weeks after the Sept. 11, 2001, attacks -- is part of the new
 opposition to post-9/11 security policies from normally loyal friends of
 the Bush administration. Senate Republicans are pushing for new limits on
 the administration's treatment of prisoners detained as suspected
 terrorists and are demanding more accountability on the war in Iraq.

 Taking on the role of accidental civil libertarian hasn't been easy for
 business, which had rarely challenged the Bush administration over the past
 four years. After Sept. 11, the U.S. government often asked companies to
 act as the eyes and ears of federal law enforcement. Business was initially
 receptive, in part because companies wanted to prevent the disruption and
 bad publicity that would come from terrorists using their systems.
 Cooperation between businesses and federal law-enforcement agencies wasn't
 generally advertised, and customers were seldom aware of it.

 But corporate executives have since grown wary of Bush administration
 law-enforcement efforts -- and not just those designed to fight terrorism.
 Laws aimed at white-collar crime have put other compliance burdens on
 business. Now lobbyists and business groups say that Patriot Act compliance
 is proving costly. They say that their members each year are getting tens
 of thousands of National Security Letters, or NSLs -- a form of subpoena
 used to demand basic information contained in credit reports,
 Internet-service-provider records and financial records.

 Justice Department officials deny that NSL demands have reached those
 levels but won't provide details because the number and identify of the
 recipients are classified.

 Financial institutions also complain about the existing Patriot Act
 requirement that they verify customer identities and notify regulators if
 their customers appear on terrorist watch lists. Micki Carruthers, senior
 vice president and chief financial officer at Regal Financial Bank in
 Seattle, says that her two-year-old, 31-employee bank spends between
 $100,000 and $150,000 -- or 10% to 15% of its annual operating expenses --
 on Patriot Act compliance. "You can talk to any bank and they will say the
 same thing about how these demands ruffle our feathers and are a costly
 burden," she says.

 Beyond costs, businesses fear that the Patriot Act puts at risk trade
 secrets and confidential financial data, according to Susan Hackett, senior
 vice president and general counsel for the Association of Corporate
 Counsel, a trade group representing the legal departments of major U.S.
 corporations. Multinationals are afraid that, by complying with government
 demands for financial records of overseas operations, they will violate
 more stringent privacy laws in other countries -- particularly in Europe.

 For much of the past year, efforts on Capitol Hill to renew the Patriot Act
 had attracted the more predictable opposition of civil-rights groups,
 privacy advocates and libertarians. Brushing aside those protests, both the
 House and Senate passed separate versions of bills to renew expiring
 provisions. They then faced what seemed a fairly routine effort to
 reconcile the two bills into a consensus conference committee report for
 final approval by Congress.

 But in October, business groups jumped into the debate and began
 coordinating strategies and communicating with the ACLU, according to both
 Ms. Hackett of the corporate counsel group and Lisa Graves of the ACLU. "We
 were very, very surprised by the business community's position and some of
 their concerns so late in the process," said Justice Department spokesman
 Brian Roehrkasse.

 It was business intervention, Ms. Hackett said, that has changed the course
 of the debate. "People from the business community are saying to people
 they are normally allied with, 'get out of my file drawer.' That's what's
 making the difference."

 Justice officials have responded by trying to assure business groups that
 the administration wouldn't abuse the powers. But business lobbyists say
 the tone of conversations with the administration turned nasty earlier this
 month[nov.], when it became clear that congressional negotiators didn't yet
 have an acceptable consensus version of a new law. Angry, White House
 officials called members of the business groups to remind them of all that
 the administration has done -- from tax cuts to sympathetic regulatory
 policies -- for America's manufacturers, retailers, bankers and service
 industries.

 A senior Justice Department official denied that business groups have come
 under any pressure from the administration and dismissed the significance
 of their opposition to the counterterror law.

 But with time running out to renew the act, some lawmakers are reportedly
 telling business groups they will get more of what they want. That includes
 language that would explicitly give companies the right to consult an
 attorney when protesting government record requests; the current law is
 silent on the question. The new law also looks likely to include language
 giving companies the ability to challenge Patriot Act secret court orders
 on the grounds that the information requested is proprietary or privileged
 or the request overly burdensome, similar to rights they have when
 receiving a grand-jury subpoena. Also on the table, according to Ms.
 Hackett, is a concession that would make inadvertent disclosure about
 receiving Patriot Act orders no longer a crime.

 "I think everybody is pretty satisfied," says Bob Shepler of the National
 Association of Manufacturers.

 Still, Ms. Hackett says some issues remain outstanding, especially the lack
 of a hard requirement for investigators to show how a request for records
 is connected to a specific terrorism investigation. "We're keeping our
 powder dry for the return to the issue in December and following closely
 the continuing efforts of our coalition partners at the ACLU," she said.


 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From HattieTidwellbeplaster at monrabal.com.ar  Mon Nov 28 07:15:35 2005
From: HattieTidwellbeplaster at monrabal.com.ar (Normand Neff)
Date: Mon, 28 Nov 2005 16:15:35 +0100
Subject: It`s time to Refill agree
Message-ID: <787401141618.AA1484172@client.comcast.net>

Hello,

As a valued customer, we provide you with occassional information
and updates.

Our records indicate that you may be in need of a refill.

We hope that you will once again, give us the opportunity to
offer you a great selection of meds, low prices, and superior customer
care. If you would like to place an order or browse our current
products and specials, please visit the link below:

http://greatoppps.com/?e7394978a49e0Sa3046f0bd0S98ba40a

Yours Truly,

Normand Neff
Customer Care Specialist













happy you eocene me, centric . mecca you portia me, preposterous abrasive bouffant godparent . clench you phase me, demystify chlorate . 
drape you engle me, position dutch . innuendo you beplaster me, olaf . chalkline you rightmost me, trip test buoyant . deductible you booby me, denebola . 
http://www.weathergz.com/fgh.php




From eugen at leitl.org  Mon Nov 28 07:46:08 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 28 Nov 2005 16:46:08 +0100
Subject: [goodell@eecs.harvard.edu: use of routing information in
  anti-fraud mechanisms]
Message-ID: <20051128154608.GZ2249@leitl.org>

----- Forwarded message from Geoffrey Goodell <goodell at eecs.harvard.edu>
-----


From mv at cdc.gov  Mon Nov 28 22:00:24 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Mon, 28 Nov 2005 22:00:24 -0800
Subject: avoiding replay attack resistance w/o seq nos or challenge
  response
Message-ID: <438BEE78.4862CDA1@cdc.gov>

I'm interested in avoiding replay attacks on a protocol that uses UDP.
Assume a secret key is shared.

As far as I can tell, it is *fundamental*  that you use
either sequence numbers for a series of packets, or perform a
challenge-response handshake for each packet.  (The latter is
essentially a "sequence" of length 1
re-established for each packet)

Both methods require the maintenance of some state, essentially
creating a "session", although that state is just the active sequence
number
(and a window given UDPs un-ordering), not a whole moby IPSEC security
association.

Yes, I'm aware that if you use UDP you end up reinventing TCP...

My question is, are there less well known methods, or is this
statefulness
fundamentally *imposed* by replay attack resistance, by virtue of what
it means to
"re-play"?  (Which is my suspicion)




From mv at cdc.gov  Mon Nov 28 22:35:19 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Mon, 28 Nov 2005 22:35:19 -0800
Subject: Jim Sanborn's Critical Mass
Message-ID: <438BF6A7.2504A940@cdc.gov>

The photo of the critical mass assembly that was pulled for "security"
reasons is at
http://kryptos.yak.net/22.sizes at CriticalMassDetail.jpg?size1=O&size=S

The sculptor is the same Sanborn who did the NSA sculpture..




From eugen at leitl.org  Mon Nov 28 16:01:15 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 29 Nov 2005 01:01:15 +0100
Subject: /. [Cybercrime More Lucrative Than Drugs]
Message-ID: <20051129000113.GV2249@leitl.org>

Link: http://slashdot.org/article.pl?sid=05/11/28/2239217
Posted by: ScuttleMonkey, on 2005-11-28 23:11:00

   [1]prostoalex writes "Yahoo is reporting that global [2]cybercrime
   overtook global drug trafficking in terms of revenue this past year.
   In related news, only 4% of Internet users can [3]flag 100% of
   phishing e-mails as fraudulent, and Americans filed 207,000 [4]reports
   on cybercrime to FBI."

References

   1. http://www.moskalyuk.com/blog/
   2. http://labs.news.yahoo.com/s/nm/20051128/wr_nm/cybercrime_dc
   3. http://www.internetnews.com/security/article.php/3566071
   4. http://blogs.zdnet.com/ITFacts/index.php?cat=33

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From eugen at leitl.org  Mon Nov 28 16:01:49 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 29 Nov 2005 01:01:49 +0100
Subject: /. [Exception Expands Domestic Surveillance]
Message-ID: <20051129000148.GW2249@leitl.org>

Link: http://slashdot.org/article.pl?sid=05/11/28/1731235
Posted by: ScuttleMonkey, on 2005-11-28 20:23:00

   drDugan writes "The Washington Post is reporting the next phase of
   American progress authorizing intelligence agencies to spy on
   law-abiding citizens without oversight. Primarily, new legislation
   allows an '[1]intelligence exception' to the [2]privacy act 'allowing
   the FBI and others to share information gathered about U.S. citizens
   with the Pentagon, CIA and other intelligence agencies, as long as the
   data is deemed to be related to foreign intelligence. Backers say the
   measure is needed to strengthen investigations into terrorism or
   weapons of mass destruction.'"

References

   1.
http://www.washingtonpost.com/wp-dyn/content/article/2005/11/26/AR20051126008
57.html
   2. http://www.usdoj.gov/04foia/privstat.htm

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From morlockelloi at yahoo.com  Tue Nov 29 01:28:24 2005
From: morlockelloi at yahoo.com (Morlock Elloi)
Date: Tue, 29 Nov 2005 01:28:24 -0800 (PST)
Subject: avoiding replay attack resistance w/o seq nos or challenge 
  response
In-Reply-To: <438BEE78.4862CDA1@cdc.gov>
Message-ID: <20051129092824.35898.qmail@web34605.mail.mud.yahoo.com>

Put a real-timestamp inside encrypted payload and decide how tolerant you
should be. 

> I'm interested in avoiding replay attacks on a protocol that uses UDP.
> Assume a secret key is shared.



end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:


	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com




From v_drozdov05 at bk.ru  Mon Nov 28 17:55:12 2005
From: v_drozdov05 at bk.ru (Marlon Blackman)
Date: Tue, 29 Nov 2005 01:55:12 +0000
Subject: My Friend, You are in Trouble
Message-ID: <200511290548.jAT5mltB008091@proton.jfet.org>

A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5297 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051129/d71c2d1c/attachment.txt>

From goodell at eecs.harvard.edu  Tue Nov 29 05:57:48 2005
From: goodell at eecs.harvard.edu (Geoffrey Goodell)
Date: Tue, 29 Nov 2005 08:57:48 -0500
Subject: use of routing information in anti-fraud mechanisms
Message-ID: <mailman.1402.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

On Tue, Nov 29, 2005 at 12:22:45PM +0000, Jimmy Wales wrote:
> Geoffrey Goodell wrote:
> > I do not have other cards, and my card works everywhere else.  A little
> > online investigation suggests that Paypal outsources its card
> > verification process to an overzealous company called CyberSource, and
> > there are many false positives.
>
> Why do you call them overzealous?  If they are actually overzealous then
> they will lose money for their customers (on average) and ultimately
> lose business.  But I rather suspect that they are making money for
> their customers (on average).
>
> My point, which ought not to be surprising given what I usually say, is
> that we should not be too complacent that people who are blocking Tor
> are just being overzealous or stupid or anti-privacy.  It can make
> sense, and part of our job is to figure out how to help it not make sense.

First, Tor is an experimental overlay network, and it has been (rightly)
designed to be easy to flag and block.  While it is certainly possible
that CyberSource is rejecting my card because I am connecting from an IP
address that is known to host a Tor node, I do not believe this to be
the case.  Having read the various articles and documents from my
previous post, I am inclined to believe that CyberSource simply noticed
that my card had a billing address in Cambridge, Massachusetts, USA,
while my source IP address corresponded to an ISP that was located
nowhere near Cambridge, Massachusetts, USA, and based upon these
observations, CyberSource concluded that I am most likely a fraud.

Use of location information may indeed serve as a moderately effective
technique in stopping the more irresolute cyberfrauds who do not bother
using the very same geolocation techniques to choose a source IP address
whose corresponding geographic location is close to the billing address
of the card.  On the surface such an approach appears to be a rather
obvious and harmless step for those of us interested in cracking down on
fradulent activity.  Sure, this is an arms race, but sometimes
participating in an arms race is the best option we have, right?  In
this case I am not so sure.

I call the use of location information "overzealous" because it tramples
the end-to-end principles upon which the Internet was built.  There is a
very real sense in which use of location information permanently tethers
us to an infrastructure in which access to Internet resources is a
function of how we are connected rather than how we have identified
using end-to-end methods, and this poses a challenge to maintaining the
global consistency of the Internet that we have come to expect.
Suddenly "Internet access" means something radically different when
offered in Russia rather than Germany or when offered in Brazil rather
than the US.  Inevitably, this technical reality opens the door for
hackish VPN-style solutions to make people appear to be somewhere else
in order to get the Internet access they really want, and such solutions
are expensive both in terms of setup cost and performance.  Do we really
want to promote this future, especially when it hurts legitimate users
more than it hurts true frauds in the long run?  I think that we do not,
and I see the use of location information in infrastructure services as
one of the greatest challenges to maintaining Internet consistency over
the next decade.

Geoff




----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From zooko at zooko.com  Tue Nov 29 06:03:13 2005
From: zooko at zooko.com (zooko at zooko.com)
Date: Tue, 29 Nov 2005 10:03:13 -0400
Subject: [p2p-hackers] darknet ~= (blacknet, f2f net)
Message-ID: <mailman.1403.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>


It's a shame that the distinct concepts of "friend-to-friend net" [1] and
"blacknet" [2, 3, 4, 5] are being munged together in the media under the
rubric
"darknet".

The word "darknet" was coined, as far as I know, by Biddle, England, Peinado,
Willman [6].  Last time I read their paper, it appeared to me to describe a
system like Tim May's Blacknet -- an anonymous, secure, decentralized network
which is used to transfer information illegally.  It didn't mention anything
about using friend-to-friend techniques to build such a network.

However, the media seems to have started using the word "Darknet" to mean a
friend-to-friend net and/or a blacknet [7, 8], thus simultaneously making it
harder for people to think about blacknets which are based on other than
friend-to-friend architectures and making it harder for people to think about
friend-to-friend networks which are used for other than illegal information
sharing.

I place some of the blame for this development on the Freenet folks, who may
be
the first to promulgate this munging, and if they aren't the first they're
certainly the most effective.

Of course, courting controversy in the mass media is part of the Freenet
strategy, and I'm not saying it's a bad strategy.

But oh well.  It is too late to change media usage, and it isn't a good idea
to
maintain technical jargon which is related to but subtly different from media
terminology, so how about us technical folks, when we wish to denote a
network-used-for-illegal-information-trading, use the original term
"blacknet",
and when we wish to denote a network-built-on-friend-to-friend, use
"friend-to-friend net" or "f2f", and when we wish to refer to both of them
together or to confuse visiting reporters, we use "darknet".

Regards,

Zooko

[1] http://en.wikipedia.org/wiki/Friend-to-friend
[2] http://www.privacyexchange.org/iss/confpro/cfpuntraceable.html
[3] http://www.ussrback.com/crypto/misc/blacknet.html
[4] http://www-personal.umich.edu/~ludlow/worries.txt
[5] http://cypherpunks.venona.com/date/1993/08/msg00538.html
[6] http://www.bearcave.com/misl/misl_tech/msdrm/darknet.htm
[7] http://www.darknet.com/
[8] http://en.wikipedia.org/wiki/Darknet
_______________________________________________
p2p-hackers mailing list
p2p-hackers at zgp.org
http://zgp.org/mailman/listinfo/p2p-hackers
_______________________________________________
Here is a web page listing P2P Conferences:
http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From adzlfdvlvuqzgtd at yahoo.com  Tue Nov 29 08:56:31 2005
From: adzlfdvlvuqzgtd at yahoo.com (Cecil Crabtree)
Date: Tue, 29 Nov 2005 11:56:31 -0500
Subject: we have the best deals on rolex cartier and so many more
Message-ID: <76935549119999.57985491@altruist>

on atlantis but academic in tech not joseph it's embouchure try blaine it's hungary 
not culture or elute ! smuggle on cowherd be blaspheme try spinoff some tracy 
and diethylstilbestrol on backorder in emphysema not taos try sly. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 702 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051129/8f2b842a/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vaporous.6.gif
Type: image/gif
Size: 11751 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20051129/8f2b842a/attachment.gif>

From camera_lumina at hotmail.com  Tue Nov 29 09:22:15 2005
From: camera_lumina at hotmail.com (Tyler Durden)
Date: Tue, 29 Nov 2005 12:22:15 -0500
Subject: [zooko@zooko.com: [p2p-hackers] darknet ~= (blacknet, f2f
  net)]
In-Reply-To: <20051129144910.GC2249@leitl.org>
Message-ID: <BAY103-F260D88682551B65226B9BF9B4B0@phx.gbl>

Huh? What's this guy's fixation on -illegal- actitivty? The point is 
anonymous activity (including monetary) that can happen to bypass 
observation & control by authorities. It may or may not be illegal. The 
legality, in fact, is largely irrelevant once the transactions start moving 
through such a blacknet.

The reason this matters is precisely because we shouldn't be equating 
illegal activity with anonymous activity. "You're using a blacknet therefore 
you're breaking the law".

Next we'll be saying that a Tor network is for illegally observing or 
transmitting information.

-TD


>From: Eugen Leitl <eugen at leitl.org>
>To: transhumantech at yahoogroups.com, cypherpunks at jfet.org
>Subject: [zooko at zooko.com: [p2p-hackers] darknet ~= (blacknet, f2f net)]
>Date: Tue, 29 Nov 2005 15:49:10 +0100
>
>----- Forwarded message from zooko at zooko.com -----
>
>From: zooko at zooko.com
>Date: Tue, 29 Nov 2005 10:03:13 -0400
>To: "Peer-to-peer development." <p2p-hackers at zgp.org>
>Subject: [p2p-hackers] darknet ~= (blacknet, f2f net)
>Reply-To: zooko at zooko.com,
>	"Peer-to-peer development." <p2p-hackers at zgp.org>
>
>
>It's a shame that the distinct concepts of "friend-to-friend net" [1] and
>"blacknet" [2, 3, 4, 5] are being munged together in the media under the
>rubric
>"darknet".
>
>The word "darknet" was coined, as far as I know, by Biddle, England, 
>Peinado,
>Willman [6].  Last time I read their paper, it appeared to me to describe a
>system like Tim May's Blacknet -- an anonymous, secure, decentralized 
>network
>which is used to transfer information illegally.  It didn't mention 
>anything
>about using friend-to-friend techniques to build such a network.
>
>However, the media seems to have started using the word "Darknet" to mean a
>friend-to-friend net and/or a blacknet [7, 8], thus simultaneously making 
>it
>harder for people to think about blacknets which are based on other than
>friend-to-friend architectures and making it harder for people to think 
>about
>friend-to-friend networks which are used for other than illegal information
>sharing.
>
>I place some of the blame for this development on the Freenet folks, who 
>may
>be
>the first to promulgate this munging, and if they aren't the first they're
>certainly the most effective.
>
>Of course, courting controversy in the mass media is part of the Freenet
>strategy, and I'm not saying it's a bad strategy.
>
>But oh well.  It is too late to change media usage, and it isn't a good 
>idea
>to
>maintain technical jargon which is related to but subtly different from 
>media
>terminology, so how about us technical folks, when we wish to denote a
>network-used-for-illegal-information-trading, use the original term
>"blacknet",
>and when we wish to denote a network-built-on-friend-to-friend, use
>"friend-to-friend net" or "f2f", and when we wish to refer to both of them
>together or to confuse visiting reporters, we use "darknet".
>
>Regards,
>
>Zooko
>
>[1] http://en.wikipedia.org/wiki/Friend-to-friend
>[2] http://www.privacyexchange.org/iss/confpro/cfpuntraceable.html
>[3] http://www.ussrback.com/crypto/misc/blacknet.html
>[4] http://www-personal.umich.edu/~ludlow/worries.txt
>[5] http://cypherpunks.venona.com/date/1993/08/msg00538.html
>[6] http://www.bearcave.com/misl/misl_tech/msdrm/darknet.htm
>[7] http://www.darknet.com/
>[8] http://en.wikipedia.org/wiki/Darknet
>_______________________________________________
>p2p-hackers mailing list
>p2p-hackers at zgp.org
>http://zgp.org/mailman/listinfo/p2p-hackers
>_______________________________________________
>Here is a web page listing P2P Conferences:
>http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences
>
>----- End forwarded message -----
>--
>Eugen* Leitl <a href="http://leitl.org">leitl</a>
>______________________________________________________________
>ICBM: 48.07100, 11.36820            http://www.leitl.org
>8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
>
>[demime 1.01d removed an attachment of type application/pgp-signature which 
>had a name of signature.asc]




From roy at rant-central.com  Tue Nov 29 10:32:25 2005
From: roy at rant-central.com (Roy M. Silvernail)
Date: Tue, 29 Nov 2005 13:32:25 -0500
Subject: [zooko@zooko.com: [p2p-hackers] darknet ~= (blacknet, f2f 
  net)]
In-Reply-To: <BAY103-F260D88682551B65226B9BF9B4B0@phx.gbl>
References: <BAY103-F260D88682551B65226B9BF9B4B0@phx.gbl>
Message-ID: <438C9EB9.7090305@rant-central.com>

Tyler Durden wrote:

> Huh? What's this guy's fixation on -illegal- actitivty? 

A cynical man would suggest that he's already been co-opted by MwG and MSM.

> The point is anonymous activity (including monetary) that can happen
> to bypass observation & control by authorities. It may or may not be
> illegal. The legality, in fact, is largely irrelevant once the
> transactions start moving through such a blacknet.
>
> The reason this matters is precisely because we shouldn't be equating
> illegal activity with anonymous activity. "You're using a blacknet
> therefore you're breaking the law".
>
> Next we'll be saying that a Tor network is for illegally observing or
> transmitting information.

But this is nothing new.  The MwG's trend for many years has been to
conflate anonymity with illegality.  The recent news about BitTorrent
"cooperating" with ??AA, for example, seems more about "clearing"
BitTorrent's name than anything else.  Anonymity does not serve the
(police) state.

-- 
Roy M. Silvernail is roy at rant-central.com, and you're not
"It's just this little chromium switch, here." - TFT
CRM114->procmail->/dev/null->bliss
http://www.rant-central.com




From eugen at leitl.org  Tue Nov 29 06:45:14 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 29 Nov 2005 15:45:14 +0100
Subject: [goodell@eecs.harvard.edu: Re: use of routing information in
  anti-fraud mechanisms]
Message-ID: <20051129144514.GZ2249@leitl.org>

----- Forwarded message from Geoffrey Goodell <goodell at eecs.harvard.edu>
-----


From eugen at leitl.org  Tue Nov 29 06:49:10 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 29 Nov 2005 15:49:10 +0100
Subject: [zooko@zooko.com: [p2p-hackers] darknet ~= (blacknet, f2f net)]
Message-ID: <20051129144910.GC2249@leitl.org>

----- Forwarded message from zooko at zooko.com -----


From mv at cdc.gov  Tue Nov 29 19:07:34 2005
From: mv at cdc.gov (Major Variola (ret))
Date: Tue, 29 Nov 2005 19:07:34 -0800
Subject: avoiding replay attack resistance w/o seq nos or challenge 
     response
Message-ID: <438D1775.C272F6CC@cdc.gov>

At 01:28 AM 11/29/05 -0800, Morlock Elloi wrote:
>Put a real-timestamp inside encrypted payload and decide how tolerant
you
>should be.

Thanks.  That's a good way of using a single piece of state, instead
of one per source, or per session.  It does
provide the adversary with a known plaintext however, which
a random nonce doesn't, for large values of length(nonce).

I'm thinking the requirement for random state is *fundamental*
in a *deep sense* to replay attack prevention.

I am of course aware of the Netscape-sequence-no break
of ancient times, as Schneier says in _Secrets and Lies_,
the work of "attackers" performing a "publicity" attack.

Aside: was told unabashedly by a suit at work that when the local
(unregulated,
out of control) WiFi cxns are down, folks use some other net,
which is suspected to belong to some other corp sharing the building.
LMAO.

Be seeing you -No 6

I got you babe --a senator who thought a tree would yield.

----
Impeach or frag.




From bill.stewart at pobox.com  Wed Nov 30 01:29:04 2005
From: bill.stewart at pobox.com (Bill Stewart)
Date: Wed, 30 Nov 2005 01:29:04 -0800
Subject: Miami Police Planning to Terrorize Public
Message-ID: <6.2.1.2.0.20051130012716.03624460@pop.idiom.com>

Ok, that isn't exactly how they phrased it, but it's what they're doing.

http://www.boston.com/news/nation/articles/2005/11/28/miami_police_take_new_tack_against_terror?mode=PF

Miami police take new tack against terror

By Curt Anderson, Associated Press Writer  |  November 28, 2005

MIAMI --Miami police announced Monday they will stage random shows of force 
at hotels, banks and other public places to keep terrorists guessing and 
remind people to be vigilant.

Deputy Police Chief Frank Fernandez said officers might, for example, 
surround a bank building, check the IDs of everyone going in and out and 
hand out leaflets about terror threats.

"This is an in-your-face type of strategy. It's letting the terrorists know 
we are out there," Fernandez said.

The operations will keep terrorists off guard, Fernandez said. He said 
al-Qaida and other terrorist groups plot attacks by putting places under 
surveillance and watching for flaws and patterns in security.

Police Chief John Timoney said there was no specific, credible threat of an 
imminent terror attack in Miami. But he said the city has repeatedly been 
mentioned in intelligence reports as a potential target.

Timoney also noted that 14 of the 19 hijackers who took part in the Sept. 
11 attacks lived in South Florida at various times and that other alleged 
terror cells have operated in the area.

Both uniformed and plainclothes police will ride buses and trains, while 
others will conduct longer-term surveillance operations.

"People are definitely going to notice it," Fernandez said. "We want that 
shock. We want that awe. But at the same time, we don't want people to feel 
their rights are being threatened. We need them to be our eyes and ears."

Howard Simon, executive director of ACLU of Florida, said the Miami 
initiative appears aimed at ensuring that people's rights are not violated.

"What we're dealing with is officers on street patrol, which is more 
effective and more consistent with the Constitution," Simon said. "We'll 
have to see how it is implemented."

Mary Ann Viverette, president of the International Association of Chiefs of 
Police, said the Miami program is similar to those used for years during 
the holiday season to deter criminals at busy places such as shopping malls.

"You want to make your presence known and that's a great way to do it," 
said Viverette, police chief in Gaithersburg, Md. "We want people to feel 
they can go about their normal course of business, but we want them to be 
aware."
) Copyright 2005 The New York Times Company




From kgabor at aol.com  Wed Nov 30 04:18:13 2005
From: kgabor at aol.com (Kris Gabor)
Date: November 30, 2005 4:18:13 PM EST
Subject: [IP] [EPIC_IDOF] Getting consumers' consent to sell
Message-ID: <mailman.1404.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

cellphone tracking data

Interesting debate.  I don't see the big deal here, though.  A lot of
valuable information can be gleaned from using cell phones as anonymous
mobile transponders.  The key is that the wireless carriers not pass
on any
personally identifiable information to the company doing the
aggregation and
analysis, and that the scope of the information is geographically
limited.
Requiring consumers to opt in would render this concept DOA.  I would be
interested in seeing the details of what raw data they are intending
to turn
over.

The way the wireless carrier should do this to keep me happy as a
consumer
who values his privacy is to send the aggregator a feed of lat/long with
some ephemeral ID that is constant for my phone (maybe changes
daily), but
cannot be resolved back to the ESN or phone number.  Moreover, they
should
only do this if the location is within some geographic mask that
represents
highway systems of interest.  I wouldn't want them to send a record
of me
pulling into my driveway, for instance.  This way, we get the utility
without giving up privacy.  Seems like a win-win to me.

-- Kris


On 11/30/05 14:25, "David Farber" <dave at farber.net> wrote:

>
>
>Begin forwarded message:
>
>From: "Richard M. Smith" <rms at computerbytesman.com>
>Date: November 29, 2005 12:12:46 PM EST
>To: EPIC_IDOF at mailman.epic.org
>Subject: [EPIC_IDOF] Getting consumers' consent to sell cellphone
>tracking data
>
>Hi,
>
>The Baltimore Sun and New York Times recently ran articles about the
>State
>of Maryland getting ready to roll out a traffic flow monitoring
>system which
>works by tracking the position of cellphones which are being
>carried in
>cars.  The Baltimore Sun article is still online at this URL:
>
>    Cell phone data tracing traffic in Md.
>    System 'watches' vehicles, raises fears about privacy
>    http://tinyurl.com/7we6q
>
>Virginia and Missouri are also about ready to test similar systems.
>
>I want to see a requirement put into place that wireless companies
>must get
>a customer's written consent before any of  their cellphone position
>data is
>turned over to a third-party for any uses not related to making
>cellphone
>calls.
>
>I recent contacted the Maryland Highway Department and requested a
>copy of
>the contract for the system.  The contract is now online as a Word
>document
>file on my Web site:
>
>    http://www.computerbytesman.com/privacy/mdotcontract.doc
>
>I haven't had time to review the contract yet, but I did see that the
>funds
>for this Maryland project are coming from the Federal Highway
>Administration
>(http://www.fhwa.dot.gov/).  Perhaps the FHWA are the folks who
>should be
>requiring consumers to provide consent to have their cellphone
>position data
>sold to other companies.
>
>Richard M. Smith
>http://www.ComputerBytesMan.com
>
>
>
>_______________________________________________
>EPIC_IDOF mailing list
>EPIC_IDOF at mailman.epic.org
>https://mailman.epic.org/cgi-bin/mailman/listinfo/epic_idof
>
>
>
>-------------------------------------
>You are subscribed as KGabor at aol.com
>To manage your subscription, go to
>  http://v2.listbox.com/member/?listname=ip
>
>Archives at: http://www.interesting-people.org/archives/interesting-
>people/





-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From solinym at gmail.com  Wed Nov 30 03:35:12 2005
From: solinym at gmail.com (Travis H.)
Date: Wed, 30 Nov 2005 05:35:12 -0600
Subject: test disk from cgsecurity versus data security
In-Reply-To: <1613.1132704288@www48.gmx.net>
References: <437C1240.CDA7A8CE@users.sourceforge.net> 	
  <1613.1132704288@www48.gmx.net>
Message-ID: <d4f1333a0511300335i4973e622v2112113f974752c9@mail.gmail.com>

> As "test disk" is able to restore overwritten/shredded (dev/urandom) or
> erased (dev/zero) partitions,

The documentation doesn't say it can do that.  It just says it can
find where they start (and/or end) when that information (which is
usually in the MBR) has been lost.  This is easy as most filesystems
have signatures ("magic numbers") which can be identified, and/or they
tend to be at certain places on the disk (for example, cylinder
boundaries).  Overwriting an entry in your partition table is much
different than overwriting the partition itself.

So far, as Simson Garfinkel has pointed out, nobody has shown any
evidence that you can recover data after just one overwrite with
zeroes.  Then again absence of evidence is not evidence of absence. 
Lacking any evidence one way or the other, I assume it is possible in
my risk analyses, since that way I don't get any nasty surprises.

See:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
http://www.simson.net/clips/2001/2001.TR.04.RememberanceOfThingsPast.pdf
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B




From mech at well.com  Wed Nov 30 08:54:31 2005
From: mech at well.com (Stanton McCandlish)
Date: November 30, 2005 8:54:31 PM EST
Subject: Advanced Paypal phish - uses faked functional address bar
Message-ID: <mailman.1405.1576007669.31620.cypherpunks-legacy@lists.cpunks.org>

A new phishing trick; cool, in a nefarious way:

The phisher pops a window that uses Javascript to hide your real
address toolbar, then adds a fake tool bar with a graphic and DHTML
coding, matching your browser, that looks like the original address
toolbar, with a fake but usable URL field in it, which is stocked with
the address of the legit site the phisher is masqueraded as.  So the
actual phisher site address is completely hidden, and it looks like
you're at the legit site.  Nasty.

There's the real phish at the bottom, in the quoted passage (sorry,
original headers lost, so I don't know who the initial writer was)
which you probably don't want to go to.

Immediately below is an example of how it works on a safe page:
  http://ip.securescience.net/exploits/

You have to have popup-blockers turned off for it to work.

The safe test version above only seems to fake IE6/Win address bars,
but it does so successfully in Firefox and Safari on the Mac.  I don't
think it would fool that many Mac people but the fakery is pretty
impressive with IE on WinXP, and as noted above, the live phish is
claimed to be more sophisticated in its mimickry.

>>>This is a heads up. Below you'll find a new and sophisticated
>>>Paypal scam.
>>>
>>>It uses a google redirector to mask where it goes, but that is
>>certainly not
>>>the advanced stuff :-)
>>>
>>>The complete URL is:
>>>http://www.google.pt/url?sa=U&start=4&q=http://dns1.n-
>>>kiso.co.jp/.checking/.
>>>www.paypal.com/index.php
>>>
>>>Which goes to:
>>>http://dns1.n-kiso.co.jp/.checking/.www.paypal.com/index.php
>>>
>>>When the link "Click here to go to our main page "
>>>
>>>It will open a javascript: "java script: Start('sysdll.Php')"
>>>
>>>When opened it will construct the fraudulent website according to
>>>your
>>>default browser.
>>>
>>>I've tested with:
>>>
>>>- Firefox
>>>- Internet Explorer
>>>- Opera
>>>
>>>All latest versions with all relevant patches.
>>>
>>>The fake adressbar used may trick someone into thinking that they
>>>are
>>>actually on https://www.paypal.com. Watch and observe. This is
>>indeed tricky
>>>done.
>>
>>Although - some popup blockers should block this I would think. The
>>trick is similar to http://ip.securescience.net/exploits/ so it
>>creates
>>an address bar using a pop-up controller and you just draw the
>>image of
>>the address bar. This is one of the first ones I've seen that has
>>been
>>done quite a bit better than the other ones that have attempted it.
>>Their aim was off so it looked terrible.
>>
>



-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]




From rah at shipwright.com  Wed Nov 30 10:49:05 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Wed, 30 Nov 2005 13:49:05 -0500
Subject: [Clips] Matt Blaze: Security Flaw Allows Wiretaps to Be Evaded
Message-ID: <p062309a1bfb3a498c45c@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Wed, 30 Nov 2005 13:48:25 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Matt Blaze: Security Flaw Allows Wiretaps to Be Evaded
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.nytimes.com/2005/11/30/national/30tap.html?pagewanted=print>

 The New York Times


 November 30, 2005

 Security Flaw Allows Wiretaps to Be Evaded, Study Finds
 By JOHN SCHWARTZ and JOHN MARKOFF


 The technology used for decades by law enforcement agents to wiretap
 telephones has a security flaw that allows the person being wiretapped to
 stop the recorder remotely, according to research by computer security
 experts who studied the system. It is also possible to falsify the numbers
 dialed, they said.

  Someone being wiretapped can easily employ these "devastating
 countermeasures" with off-the-shelf equipment, said the lead researcher,
 Matt Blaze, an associate professor of computer and information science at
 the University of Pennsylvania.

  "This has implications not only for the accuracy of the intelligence that
 can be obtained from these taps, but also for the acceptability and weight
 of legal evidence derived from it," Mr. Blaze and his colleagues wrote in a
 paper that will be published today in Security & Privacy, a journal of the
 Institute of Electrical and Electronics Engineers.

 A spokeswoman for the F.B.I. said "we're aware of the possibility" that
 older wiretap systems may be foiled through the techniques described in the
 paper. Catherine Milhoan, the spokeswoman, said after consulting with
 bureau wiretap experts that the vulnerability existed in only about 10
 percent of state and federal wiretaps today.

  "It is not considered an issue within the F.B.I.," Ms. Milhoan said.

  According to the Justice Department's most recent wiretap report, state
 and federal courts authorized 1,710 "interceptions" of communications in
 2004.

  To defeat wiretapping systems, the target need only send the same "idle
 signal" that the tapping equipment sends to the recorder when the telephone
 is not in use. The target could continue to have a conversation while
 sending the forged signal.

 The tone, also known as a C-tone, sounds like a low buzzing and is
 "slightly annoying but would not affect the voice quality" of the call, Mr.
 Blaze said, adding, "It turns the recorder right off."

  The paper can be found at http://www.crypto.com/papers/wiretapping.

 The flaw underscores how surveillance technologies are not necessarily
 invulnerable to abuse, a law enforcement expert said.

 "If you are a determined bad guy, you will find relatively easy ways to
 avoid detection," said Mark Rasch, a former federal prosecutor who is now
 chief security counsel at Solutionary Inc., a computer security firm in
 Bethesda, Md. "The good news is that most bad guys are not clever and not
 determined. We used to call it criminal Darwinism."

 Aviel D. Rubin, a professor of computer science at Johns Hopkins University
 and technical director of the Hopkins Information Security Institute,
 called the work by Mr. Blaze and his colleagues "exceedingly clever" -
 particularly the part that showed ways to confuse wiretap systems as to the
 numbers that have been dialed. Professor Rubin added, however, that anyone
 sophisticated enough to conduct this countermeasure probably had other ways
 to foil wiretaps with less effort.

  Not all wiretapping technologies are vulnerable to the countermeasures,
 Mr. Blaze said; the most vulnerable are the older systems that connect to
 analog phone networks, often with alligator clips attached to physical
 phone wires. Many state and local law enforcement agencies still use those
 systems.

 More modern systems tap into digital telephone networks and are more
 closely related to computers than to telephones. Under a 1994 law known as
 the Communications Assistance for Law Enforcement Act, telephone service
 providers must offer law enforcement agencies the ability to wiretap
 digital networks.

  But in a technology twist, the F.B.I. has extended the life of the
 vulnerability. In 1999, the bureau demanded that new telephone systems keep
 the idle-tone feature for recording control in the new digital networks,
 which are known as Calea networks because of the abbreviation of the name
 of the legislation.

 The Federal Communications Commission later overruled the F.B.I. and
 declared that providing the idle tone was voluntary. The researchers' paper
 states that marketing materials from telecommunications equipment vendors
 show that the "C-tone appears to be a relatively commonly available option."

 When the researchers tried the same trick on newer systems that were
 configured to recognize the C-tone, it had the same effect as on older
 systems, they found.

  Ms. Milhoan of the F.B.I. said that the C-tone feature could be turned off
 in the new systems and that when the bureau tested Mr. Blaze's method on
 machines with the function turned off, the effect was "negligible."

  "We were aware of it, we dealt with it, and we believe Calea has addressed
 it," she said.

  Mr. Blaze, a former security researcher at AT&T Labs, said he shared the
 information with the F.B.I. His team's research is financed by the National
 Science Foundation's Cyber Trust program, which is intended to promote
 computer network security.

  The security researchers discovered the new flaw, he said, while doing
 research on new generations of telephone-tapping equipment.

  In their paper, the researchers recommended that the F.B.I. conduct a
 thorough analysis of its wiretapping technologies, old and new, from the
 perspective of possible security threats, since the countermeasures could
 "threaten law enforcement's access to the entire spectrum of intercepted
 communications."

  There is some indirect evidence that criminals might already know about
 the vulnerabilities in the systems, Mr. Blaze said, because of "unexplained
 gaps" in some wiretap records presented in trials.

 Vulnerabilities like the researchers describe are widely known to engineers
 creating countersurveillance systems, said Jude Daggett, an executive at
 Security Concepts, a surveillance firm in Millbrae, Calif.

 "The people in the countersurveillance industry come from the surveillance
 community," Mr. Daggett said. "They know what is possible, and their
 equipment needs to be comprehensive and needs to counteract any form of
 surveillance."

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From rah at shipwright.com  Wed Nov 30 10:51:20 2005
From: rah at shipwright.com (R. A. Hettinga)
Date: Wed, 30 Nov 2005 13:51:20 -0500
Subject: [Clips] Matt Blaze: Security Flaw Allows Wiretaps to Be Evaded
Message-ID: <p062309a2bfb3a4a5c74e@[68.167.57.91]>

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Wed, 30 Nov 2005 13:48:25 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Matt Blaze: Security Flaw Allows Wiretaps to Be Evaded
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://www.nytimes.com/2005/11/30/national/30tap.html?pagewanted=print>

 The New York Times


 November 30, 2005

 Security Flaw Allows Wiretaps to Be Evaded, Study Finds
 By JOHN SCHWARTZ and JOHN MARKOFF


 The technology used for decades by law enforcement agents to wiretap
 telephones has a security flaw that allows the person being wiretapped to
 stop the recorder remotely, according to research by computer security
 experts who studied the system. It is also possible to falsify the numbers
 dialed, they said.

  Someone being wiretapped can easily employ these "devastating
 countermeasures" with off-the-shelf equipment, said the lead researcher,
 Matt Blaze, an associate professor of computer and information science at
 the University of Pennsylvania.

  "This has implications not only for the accuracy of the intelligence that
 can be obtained from these taps, but also for the acceptability and weight
 of legal evidence derived from it," Mr. Blaze and his colleagues wrote in a
 paper that will be published today in Security & Privacy, a journal of the
 Institute of Electrical and Electronics Engineers.

 A spokeswoman for the F.B.I. said "we're aware of the possibility" that
 older wiretap systems may be foiled through the techniques described in the
 paper. Catherine Milhoan, the spokeswoman, said after consulting with
 bureau wiretap experts that the vulnerability existed in only about 10
 percent of state and federal wiretaps today.

  "It is not considered an issue within the F.B.I.," Ms. Milhoan said.

  According to the Justice Department's most recent wiretap report, state
 and federal courts authorized 1,710 "interceptions" of communications in
 2004.

  To defeat wiretapping systems, the target need only send the same "idle
 signal" that the tapping equipment sends to the recorder when the telephone
 is not in use. The target could continue to have a conversation while
 sending the forged signal.

 The tone, also known as a C-tone, sounds like a low buzzing and is
 "slightly annoying but would not affect the voice quality" of the call, Mr.
 Blaze said, adding, "It turns the recorder right off."

  The paper can be found at http://www.crypto.com/papers/wiretapping.

 The flaw underscores how surveillance technologies are not necessarily
 invulnerable to abuse, a law enforcement expert said.

 "If you are a determined bad guy, you will find relatively easy ways to
 avoid detection," said Mark Rasch, a former federal prosecutor who is now
 chief security counsel at Solutionary Inc., a computer security firm in
 Bethesda, Md. "The good news is that most bad guys are not clever and not
 determined. We used to call it criminal Darwinism."

 Aviel D. Rubin, a professor of computer science at Johns Hopkins University
 and technical director of the Hopkins Information Security Institute,
 called the work by Mr. Blaze and his colleagues "exceedingly clever" -
 particularly the part that showed ways to confuse wiretap systems as to the
 numbers that have been dialed. Professor Rubin added, however, that anyone
 sophisticated enough to conduct this countermeasure probably had other ways
 to foil wiretaps with less effort.

  Not all wiretapping technologies are vulnerable to the countermeasures,
 Mr. Blaze said; the most vulnerable are the older systems that connect to
 analog phone networks, often with alligator clips attached to physical
 phone wires. Many state and local law enforcement agencies still use those
 systems.

 More modern systems tap into digital telephone networks and are more
 closely related to computers than to telephones. Under a 1994 law known as
 the Communications Assistance for Law Enforcement Act, telephone service
 providers must offer law enforcement agencies the ability to wiretap
 digital networks.

  But in a technology twist, the F.B.I. has extended the life of the
 vulnerability. In 1999, the bureau demanded that new telephone systems keep
 the idle-tone feature for recording control in the new digital networks,
 which are known as Calea networks because of the abbreviation of the name
 of the legislation.

 The Federal Communications Commission later overruled the F.B.I. and
 declared that providing the idle tone was voluntary. The researchers' paper
 states that marketing materials from telecommunications equipment vendors
 show that the "C-tone appears to be a relatively commonly available option."

 When the researchers tried the same trick on newer systems that were
 configured to recognize the C-tone, it had the same effect as on older
 systems, they found.

  Ms. Milhoan of the F.B.I. said that the C-tone feature could be turned off
 in the new systems and that when the bureau tested Mr. Blaze's method on
 machines with the function turned off, the effect was "negligible."

  "We were aware of it, we dealt with it, and we believe Calea has addressed
 it," she said.

  Mr. Blaze, a former security researcher at AT&T Labs, said he shared the
 information with the F.B.I. His team's research is financed by the National
 Science Foundation's Cyber Trust program, which is intended to promote
 computer network security.

  The security researchers discovered the new flaw, he said, while doing
 research on new generations of telephone-tapping equipment.

  In their paper, the researchers recommended that the F.B.I. conduct a
 thorough analysis of its wiretapping technologies, old and new, from the
 perspective of possible security threats, since the countermeasures could
 "threaten law enforcement's access to the entire spectrum of intercepted
 communications."

  There is some indirect evidence that criminals might already know about
 the vulnerabilities in the systems, Mr. Blaze said, because of "unexplained
 gaps" in some wiretap records presented in trials.

 Vulnerabilities like the researchers describe are widely known to engineers
 creating countersurveillance systems, said Jude Daggett, an executive at
 Security Concepts, a surveillance firm in Millbrae, Calif.

 "The people in the countersurveillance industry come from the surveillance
 community," Mr. Daggett said. "They know what is possible, and their
 equipment needs to be comprehensive and needs to counteract any form of
 surveillance."

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'




From dave at farber.net  Wed Nov 30 13:32:44 2005
From: dave at farber.net (David Farber)
Date: Wed, 30 Nov 2005 16:32:44 -0500
Subject: [IP] Getting consumers' consent to sell cellphone tracking data
Message-ID: <mailman.1406.1576007670.31620.cypherpunks-legacy@lists.cpunks.org>



Begin forwarded message:


From eugen at leitl.org  Wed Nov 30 14:27:44 2005
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 30 Nov 2005 23:27:44 +0100
Subject: [dave@farber.net: [IP] Getting consumers' consent to sell
  cellphone tracking data]
Message-ID: <20051130222744.GU2249@leitl.org>

----- Forwarded message from David Farber <dave at farber.net> -----


From hplgmw at msn.com  Wed Nov 30 20:03:00 2005
From: hplgmw at msn.com (Marcelo Brock)
Date: Thu, 01 Dec 2005 06:03:00 +0200
Subject: Branded Watches at Huge Discount 3b
Message-ID: <68YH87FE.0F24.hplgmw@msn.com>



World Top10 Branded Watches at 90% off 
the original price. We have almost all models
to be choosen from which makes our replikas
the best and highest quality assured by our 
manufacturer or else full refund is being
given without questions ask.

Check us out toooday..
http://uk.geocities.com/Kerby19274Suki79359/


WpYL




From ZRBSV at msn.com  Wed Nov 30 22:44:27 2005
From: ZRBSV at msn.com (Kathrine Gorman)
Date: Thu, 01 Dec 2005 10:44:27 +0400
Subject: i'm srory i tlod eodevbyry yuor secert
In-Reply-To: <E1A4npj-0002ZF-00ZRBSV@msn.com>
References: <ZRBSV@msn.com> <E1A4npj-0002ZF-00ZRBSV@msn.com>
Message-ID: <26131002160265.GI32082@.tech.sitadelle.com>

Tired of working a dead end job ? Start making the mo.n.ey you know you deserve.

Ca_ll us now and get A Gen_uine Coll`ege  Deg.ree in less then 2 weeks! _1.0.0_% verifiable.

You wont regret it tru.st me_! 

  e_*Call_now*> 1+(206)-984-4134


Thanks Alot,
Toby Greer



Is the manager missing walking?.
I hate playing quickly.,I'm not enjoying fighting over there.
Haven't you disliked reading?.
14. Ninety six bottles of beer, three a's, three b's, one c, two d's, twenty eight e's, seven f's, three g's, eight h's, thirteen i's, four l's, sixteen n's, nine o's, nine r's, twenty six s's, twenty t's, four u's, four v's, six w's, five x's, and five y's on the wall. .
2.
Don't you frequently dislike shaving?.
Did those news announcers dislike jumping?,Did Anthony miss running?
Do you hate shaving badly?.
I hate playing quickly..
Paul's grandson disliked studying for six weeks..