From smb at cs.columbia.edu Sun Jan 1 01:18:04 2006 From: smb at cs.columbia.edu (Steven M. Bellovin) Date: January 1, 2006 1:18:04 PM EST Subject: NY Times editors decline to comment on publication delay Message-ID: As we've all read by now, the NY Times delayed publishing its article on domestic eavesdropping for a year. The Public Editor of the Times -- nominally responsible to the readers -- tried to investigate the reasons for the delay, and in particular wehther or not the article should have been published before the election. He reports in today's paper (http://www.nytimes.com/2006/01/01/opinion/01publiceditor.html) that the executive and editor and the publisher of the Times have decline to provide any explanation whatsoever for the delay: "there is really no way to have a full discussion of the back story without talking about when and how we knew what we knew, and we can't do that." --Steven M. Bellovin, http://www.cs.columbia.edu/~smb ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eleonora84.73 at bk.ru Sun Jan 1 04:01:53 2006 From: eleonora84.73 at bk.ru (Beverly Rowell) Date: Sun, 1 Jan 2006 04:01:53 -0800 Subject: Hey! tell your friends to hit me up Message-ID: <200601010204.k0124muO031294@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5301 bytes Desc: not available URL: From rah at shipwright.com Sun Jan 1 05:20:50 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 1 Jan 2006 08:20:50 -0500 Subject: [Clips] White House Investigates Contractor's Web Tracking Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sun, 1 Jan 2006 08:19:48 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] White House Investigates Contractor's Web Tracking Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Wall Street Journal White House Investigates Contractor's Web Tracking Associated Press December 29, 2005 10:27 p.m. NEW YORK -- Unbeknown to the Bush administration, an outside contractor has been using Internet tracking technologies that may be prohibited to analyze usage and traffic patterns at the White House's Web site, an official said Thursday. David Almacy, the White House's Internet director, promised an investigation into whether the practice is consistent with a 2003 policy from the White House's Office of Management and Budget banning the use of most such technologies at government sites. "No one even knew it was happening," Mr. Almacy said. "We're going to work with the contractor to ensure that it's consistent with the OMB policy." An official with the contractor, WebTrends Inc., said later Thursday, however, that although a cookie may be used, no data from it is actually sent back to the company. The development came a day after the National Security Agency admitted it had erred in using banned "cookies" at its Web site. Cookies are small data files that can be used to track Internet users. The acknowledgments followed inquiries by The Associated Press. The White House's Web site uses what's known as a Web bug to anonymously keep track of who's visiting and when. A Web bug is essentially a tiny graphic image -- a dot, really -- that's virtually invisible. In this case, the bug is pulled from a server maintained by WebTrends and lets the traffic analytic company know that another person has visited a specific page on the site. Web bugs themselves are not prohibited. But when these bugs are linked to a cookie -- so that a site can tell if the same person has visited again -- a federal agency using them must demonstrate a "compelling need," get a senior official's signoff and disclose such usage, said Peter Swire, a Clinton administration official who helped draft the original rules. The White House's privacy policy does not specifically mention cookies or Web bugs, and Mr. Almacy said the signoff was never sought because one was not thought to be required. He said his team was first informed of the cookie use by the AP. But Jason Palmer, vice president of product management for Portland, Ore.-based WebTrends, insisted the cookies are not used in such manner. Cookies from the White House site are not generated simply by visiting it, according to analyses by the AP and by Richard M. Smith, a security consultant in Cambridge, Mass., who first noticed the Web bug this week. Rather, WebTrends cookies are sometimes created when visiting other WebTrends clients. Mr. Smith said his analysis of network traffic shows such preexisting cookies have then been used to recognize visitors to the White House site. But WebTrends officials say they do not aggregate information about visitors across multiple sites. Mr. Almacy said it's possible the cookie resulted from the White House visit, adding he was awaiting further details from WebTrends. Mr. Palmer said the browsers are designed to pull pre-existing cookies automatically, and that the company has no choice in the matter. But he insisted the company doesn't use the information. In any case, Mr. Almacy said, no personal data are collected. In a statement, WebTrends added that the analysis performed at the White House site is typical among organizations for improving user experience. The Clinton administration first issued the strict rules on cookies in 2000 after its Office of National Drug Control Policy, through a contractor, had used the technology to track computer users viewing its online antidrug advertising. The rules were updated in 2003 by the Bush administration. Although no personal information was collected at the time, Mr. Swire said, concerns were raised that one site's data could be linked later with those from the contractor's other clients. "It all could be linked up after the fact, and that was enough to lead to the federal policy," Mr. Swire said. Nonetheless, agencies occasionally violate the rules inadvertently. The CIA did in 2002, and the NSA more recently. The NSA disabled the cookies this week and blamed a recent upgrade to software that shipped with cookie settings already on. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jan 1 05:34:03 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 1 Jan 2006 08:34:03 -0500 Subject: [Clips] Broader Wiretap Rule Draws Resistance Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sun, 1 Jan 2006 08:32:50 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Broader Wiretap Rule Draws Resistance Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Wall Street Journal December 29, 2005 Broader Wiretap Rule Draws Resistance Companies and Universities Cite Costs if Surveillance Expands Beyond Phone, Cable to Web By YOCHI J. DREAZEN, AMY SCHATZ and ROBERT BLOCK Staff Reporters of THE WALL STREET JOURNAL December 29, 2005; Page A4 WASHINGTON -- When the cable industry's research consortium's first attempt to make its systems more compatible with FBI eavesdropping failed to win government approval, it asked the FBI for suggestions. The industry not only got them but implemented them fully, winning unusual public thanks from the bureau along the way. Today, the industry faces the prospect of having to re-engineer itself again, due to a recent Federal Communications Commission decision extending the Communications Assistance for Law Enforcement Act, or Calea, to Internet traffic as well as phone calls. The act, which became law in 1994, requires companies to make it easier for the government to listen to phone calls carried on their lines. The cable group's efforts to craft technical standards for the government show how U.S. corporations have helped with law enforcement. But companies are chafing both at the cost to comply with requests and increasing demands by government officials to have a seat at the table as engineers invent technologies. Susan Hackett of the Association of Corporate Counsel, which represents the legal departments of America's biggest corporations, says many rules and laws in place since the Sept. 11, 2001, terrorist attacks, such as the Patriot Act, have grown increasingly costly in terms of compliance. Earlier this month, 3Com Corp. told the FCC it should tightly define which Internet phone companies fall under the 1994 law in order to strike "an appropriate balance...between allowing innovation in the telecommunications industry and meeting the needs of law enforcement." Some of the loudest complaints about the expanded reach of the law have come from universities, who say that expanding the act to cover Internet traffic imposes a significant financial burden on them. In an FCC filing last year, a coalition of higher-education groups -- including the American Council on Education, a trade group for colleges and universities -- argued that such a decision would force them "substantially to replace existing network facilities well before their useful life has expired." The groups warned that replacing the equipment would cost billions of dollars, forcing an "increase in tuition (which may be as high as several hundred dollars per student), cancellation of some educational programs, and a delay in other network improvements necessary for educational and research objectives." One indication that business's patience is wearing thin is resistance to the Justice Department's push to expand the act to cover Internet phones and broadband services. Federal law-enforcement officials are concerned about terrorists switching to the new systems to bypass traditional phone networks that have wiretapping-friendly technology. In August the FCC agreed and said companies that provide Internet calling that looks and feels like traditional phone service must comply with the 1994 law in 18 months. Universities, libraries and municipalities that offer Internet service would also fall under the law, the FCC said. That decision prompted telecom companies and Internet-software companies to protest the rule and civil-liberties groups to file a challenge in federal court. Now, the political fight over the administration's secret program to eavesdrop on terrorism suspects is almost certain to heighten the dispute. "We already see the creep of Calea, and the Justice Department is making it crystal clear that they want to apply it to all Internet applications eventually," says John Morris, a staff attorney for the Center for Democracy and Technology, a nonprofit civil-liberties group that is leading a challenge to the FCC's August ruling. Mr. Morris says his group accepts that Internet traffic can sometimes legally be tapped, but believes the act doesn't give the Federal Bureau of Investigation or Justice Department the authority to impose costly technical mandates on corporations and private organizations. Public opinion appears to be divided on what trade-offs are acceptable between national security and civil liberties. In a poll to be released today by Ponemon Institute, a privacy-focused research organization, 88% of respondents said they were concerned about domestic spying and 63% felt that obtaining court orders wouldn't hinder the government's pursuit of terrorists. At the same time, those polled were evenly divided about whether the Bush administration can be trusted to take reasonable steps to protect civil liberties. For the telecom industry, the choice has generally been clearer. The industry is heavily regulated, and its future can depend on FCC regulators and lawmakers. The 1994 law, for instance, was crafted to require companies to work with the government to design backdoors into their systems to help law-enforcement officials more easily set up surveillance systems. It was passed to address concerns that new technologies, like cellphones, made it more difficult to conduct surveillance, and companies weren't responding to those concerns. Phone calls carried on analog lines aren't difficult for the government to tap; the phrase "wiretapping" comes from the practice of placing metal clips on analog wires to listen in to conversations. But as analog lines began to be replaced with digital-switching systems, intercepting calls meant plucking packets of information out of a datastream and then reassembling them to learn who was making or receiving the call and what was being said. The legislation generally left the Internet alone and put the burden on industry to design systems that were wiretap-friendly. FBI officials objected to the first designs by CableLabs, a research-and-development consortium representing cable-TV operators, saying the proposed engineering guidelines didn't go far enough. CableLabs asked the FBI to detail its concerns and preferences, and then released new technical specifications throughout 2003 and 2004 that incorporated FBI suggestions on how to increase the bureau's ability to tap phone calls carried on cable lines. In January 2004 the most-recent version was released, and an FBI assistant director, Kerry Haynes, praised it at the time as "an extraordinary example of law enforcement and industry collaboration in the public interest," singling out large cable operators such as Time Warner Inc. and Comcast Corp. for "special recognition and appreciation." CableLabs officials say the government involvement forced them to balance consumer interests and law-enforcement demands. "You have to do both," says Richard Green, the president and chief executive of CableLabs. "Our obligation to our customers is very important, but the needs of law enforcement are very important to us, too. We tried to walk a line between the two." Mr. Green notes that the act left the industry little choice but to comply. "There is a law, and as service providers we have to abide by it," he says. The cable industry has been more willing than others to accept the government's attempt to expand the 1994 law into newer-generation technologies like Internet telephone and broadband services, mostly because cable operators had already adopted wiretap-friendly specifications under separate federal requirements. In August the FCC said most Internet phone and broadband Internet-service providers were covered under the act because they essentially replaced older services, like dial-up Internet, which were subject to the law. FCC Chairman Kevin Martin said that while he believed "new technologies and services should operate free of economic regulation, I also believe that law-enforcement agencies must have the ability to conduct lawful electronic surveillance over these new technologies." The Justice Department wants the FCC to go further, saying the law should cover any Internet phone service, including companies such as Skype Technologies SA, which is being acquired by eBay Inc. and which offers computer-to-computer and computer-to-phone Internet calling. Internet companies, universities, libraries and other providers were given until spring of 2007 to reconfigure their networks to comply with the rule. But the FCC didn't give them any idea about what they would have to do to comply. Since then, dozens of universities, libraries and Internet companies have filed objections to the rules, asking for more time before the rules take effect, complaining about the potential cost and complexity of compliance and urging the FCC to adopt educational exemptions. Federal law-enforcement officials also want the FCC to give them expanded ability to monitor phone calls and data traffic when broadband Internet becomes available on U.S. commercial flights in the next few years. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jan 1 07:15:36 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 1 Jan 2006 10:15:36 -0500 Subject: Detect Spying on YOU In-Reply-To: References: Message-ID: At 3:12 AM +1300 1/2/06, Peter Gutmann wrote: >"Tyler Durden" writes: > >>Any incremements not caused by you were caused by someone else. > >And remember that if you don't succeed at this, you run the risk of failure. No matter what it is, it's always something. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From dave at farber.net Sun Jan 1 08:06:31 2006 From: dave at farber.net (David Farber) Date: Sun, 1 Jan 2006 11:06:31 -0500 (EST) Subject: [IP] more on AP Story Justice Dept. Probing Domestic Spying Leak] Message-ID: ---------------------------- Original Message ---------------------------- Subject: Re: [IP] more on AP Story Justice Dept. Probing Domestic Spying Leak From: "Peter Wayner" Date: Sun, January 1, 2006 9:40 am To: dave at farber.net -------------------------------------------------------------------------- The real problem with these complaints of treason is that they're incorrectly argued. The latest round of articles did not reveal any new capabilities to the terrorists, the foreign intelligence agencies or even the US people. The ability of the NSA to intercept phone calls around the world has been described in books like _Puzzle Palace_ and many of the best selling spy novels written by Tom Clancy and Dan Brown. In _Clear and Present Danger_, Tom Clancy describes how the US government has the ability to use voice prints to locate the calls of drug king pins who borrow the phone of a friend. That book was published about ten years ago in 1996. Was Clancy a traitor for revealing the information he got from leaks? Is the Justice department investigating him? Let's assume that the bad guys didn't manage to hear Clancy's best selling leak. Well, the information is still out there. The agency's mission has been regularly described in public by many in government including Michael Hayden, the former head of NSA. He would discuss the agency's capabilities and then promise that they would never be used on US citizens without the agreement of a Federal Court. The actions of the main court, known colloquially as FISA, is well-documented in public reports that describe the basic procedure and include a count of the warrants approved or disapproved in the last year. This has been going on since 1978. Do you want to know how many warrants were issued last year? Just turn to Google. It was about 1754. http://www.epic.org/privacy/wiretap/stats/fisa_stats.html The news this time around is that the Bush administration felt that it didn't need to work with the FISA court. It decided it didn't need to fill out a form and get their approval to get the wiretaps. It decided to cut out a bit of the bureaucracy. Why? They feel that the authorization to go to war against al Queda overrode all of the previous safeguards and bureaucratic requirements. Did it? Only a jury can decide. How would you vote? But any evil doers who used Google or read the official public reports of the NSA still knew they that could be wiretapped. The only difference is that there is now one less form to fill out. -Peter On Dec 31, 2005, at 2:27 PM, David Farber wrote: > > > Begin forwarded message: > > From: Mary Shaw > Date: December 31, 2005 1:57:10 PM EST > To: JoeyEM at aol.com > Cc: Dave Farber > Subject: Re: [IP] AP Story Justice Dept. Probing Domestic Spying Leak > > Joe, > > You appear to be saying that it's treasonous to expose illegal acts by the > government if those acts are carried out under the cloak of protecting us > from our enemies. > > There seems to be something fundamentally broken about your model -- > it has > no way to curtail illegal activities by the government. The checks and balances provided for in the Constitution can't operate in this atmosphere, > and the Constitution is what the government is supposed to be > defending. > > The argument that the ends justify the means has long been suspect. > > Mary > > > ----- Original Message ----- > From: > To: > Sent: Saturday, December 31, 2005 12:07 PM > Subject: Re: [IP] AP Story Justice Dept. Probing Domestic Spying Leak > > > You ask why Mary?? How about treason! Traitors who have disclosed information about an effective means with which to capture and destroy enemies of the > US. > > Mary, in case you didn't know, Muslims are out there who want to kill you. > I know it's hard for Liberals to accept this basis truth, but if you don't > accept the fact that we are at war and that the NY Times and > Washington > Post > are more interested in protecting the rights of our enemies than your life > you > better order your burka outfit as you may soon be required to wear one. > > And yes Mary, the NYT and WP are traitorous. > > Joe Mersnik > ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From monty at roscom.com Sun Jan 1 11:56:26 2006 From: monty at roscom.com (Monty Solomon) Date: January 1, 2006 11:56:26 AM EST Subject: NSA Gave Other U.S. Agencies Information From Surveillance Message-ID: NSA Gave Other U.S. Agencies Information From Surveillance Fruit of Eavesdropping Was Processed and Cross-Checked With Databases By Walter Pincus Washington Post Staff Writer Sunday, January 1, 2006; Page A08 Information captured by the National Security Agency's secret eavesdropping on communications between the United States and overseas has been passed on to other government agencies, which cross-check the information with tips and information collected in other databases, current and former administration officials said. The NSA has turned such information over to the Defense Intelligence Agency (DIA) and to other government entities, said three current and former senior administration officials, although it could not be determined which agencies received what types of information. Information from intercepts -- which typically includes records of telephone or e-mail communications -- would be made available by request to agencies that are allowed to have it, including the FBI, DIA, CIA and Department of Homeland Security, one former official said. At least one of those organizations, the DIA, has used NSA information as the basis for carrying out surveillance of people in the country suspected of posing a threat, according to two sources. A DIA spokesman said the agency does not conduct such domestic surveillance but would not comment further. Spokesmen for the FBI, the CIA and the director of national intelligence, John D. Negroponte, declined to comment on the use of NSA data. ... http://www.washingtonpost.com/wp-dyn/content/article/2005/12/31/AR20051231008 08.html ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From measl at mfn.org Sun Jan 1 10:37:34 2006 From: measl at mfn.org (J.A. Terranson) Date: Sun, 1 Jan 2006 12:37:34 -0600 (CST) Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin In-Reply-To: References: Message-ID: <20060101120136.T4153@ubzr.zsa.bet> On Sun, 1 Jan 2006, Tyler Durden wrote: A couple of points trouble me here, to wit: (1) We are describing encryptedmessage sent over the public internet - granted, it's in "pieces", yet it's still sent into the public cloud; (2) These various pieces are all "record" communications as far as NSA/Echelon is concerned, and therefore we should expect that they will draw significant attention - and end up in permanent archives; (3) Since all off the pieces have been stored - including both the encrypted messagetexts and the decryptors, what is to prevent a time-faking attack against this message? After all, if you have all the parts, you can just "reinstantiate" the network as it was was the messages were originally sent. (4) For any form of time-destruction messaging to really work, the keying information would have to be tied to a physical that cannot be reclaimed, and which decays at a fixed, known, and closely approximatable rate (a radiodecay probably doesn't meet this criteria); Every time-sensitive auto-destructing system Ive seen discussed here fails these weaknesses. -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From camera_lumina at hotmail.com Sun Jan 1 09:50:44 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Sun, 01 Jan 2006 12:50:44 -0500 Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin In-Reply-To: <4ef5fec60512311832r245dc2f7y2cd5261b73363dcf@mail.gmail.com> Message-ID: Yes...I thought about a one-time pad approach. I'm not well read enough to say whether what I've described technically counts as a one time pad, but it seems to have many similarities to what you're talking about. A "weakness" is that if the "message" is intercepted and deencrypted, the interceptor (is this Alice?) could then retrieve the message. HOWEVER, they must retrieve the message in a short amount of time, possibly even hours, UNLESS Alice & friends can core-dump the entire probable network and, somehow, (later if they wish by appropriate Network Clock monkeying) find within it the stored other pieces of the message. I suspect that this problem can be made intractable even to Quantum computers, but don't quote me on that. No doubt they've thought of this scenario, so be on the lookout for little hooks. Another nice thing is that they CAN'T always rubber-house it out of you: Even you can't get it if they've beaten you're keyboarding hands so badly you can't access it within the alotted time. (Of course, the "message" can tell you how much time you've got before the other network-clouded pieces expire). Oh, and the usual games of fake messages should apply, but in this case there are some advantages to having some universally. network-enabled "default" messages. (And if you hit one of -those- messages, the real message should be destroyed automatically.) -TD >From: coderman >To: Tyler Durden >CC: jya at cryptome.net, cypherpunks at jfet.org >Subject: Re: [dave at farber.net: [IP] more on AP Story Justice Dept. Probing >Domestic Spyin >Date: Sat, 31 Dec 2005 18:32:33 -0800 > >On 12/31/05, Tyler Durden wrote: > > ... > > Of course, NSA will likely grab&store the hidden piece as well > >i would count on it, as it's a good bet the answer is yes rather than no. > > > > but I submit > > one might be able to make this a fairly intractable problem, >particularly if > > information about -where- the appropriate piece is stored is itself > > destroyed. (ie, they may have the piece, but they dont know which >message it > > belongs). > >i'm working on a one time pad based IPsec key daemon with a similar >purpose to what you describe. i'll be posting here for feedback when >it's ready but the basic premise is that it provides strong ephemeral >IPsec keying using one time pads previously exchanged between peers. >as long as the pads are generated and secured properly[1] you don't >need to care if $TLA has kept your IPsec traffic archives in their >acres of computing machinery. > >likewise, if large qubit quantum computers suddenly become feasible or >multi ring GCF gets really fast, you don't need to worry about past >key exchanges (also archived) being compromised, as with pub key based >ISAKMP implementations. > >last, such a mode needs no open ports[2], so the attack surface for >remote exploitation is limited to the IP level - only authenticated >traffic is passed up the stack, everything else is dropped. > >as long as your OTP's are truly random and never compromised, the key >exchange will be secure and the only way to attack your traffic >remotely will be brute force of AES256. > >[1]. securing pads is really the crux of the issue here. i'm using >modified linux distributions for key generation (a host with no >networking capability - kernel omits all network functionality) and >IPsec termination (boot from CD/DVD, require USB fob / hardware token >+ passphrase for auth to access pads stored in encrypted volume). > >[2]. this is true with an explanation: for the initial session ICMP >payloads are sent in the clear (not IPsec) to perform the encrypted >key exchange using OTP's. once IPsec is initialized, ICMP is also >directed through IPsec via the SPD and future rekeying uses OTP's on >top of the existing IPsec SA. i'll have more details later but in >short all traffic is authenticated or dropped, most of it >authenticated via IPsec, and the only exception being key exchange via >ICMP which is authenticated via OTP only until the first SA is >established. > >the advantage of using OTP's in addition to security is simplicity: >all buffers are fixed size, key material is small (per instance) and >the operations fast (no montgomery multiplication on very large >numbers). even at a 1Hz rekey interval you could fit a years worth of >key exchange OTP in 100MBytes of storage. > >the disadvantage is you probably need hardware entropy generation to >produce the pads in a reasonable time. i'm using the VIA C5XL and C5P >processors for testing / runtime and these can produce more than >enough entropy for large pads without sucking /dev/random dry. > >last but not least, the implicit out of band pad exchange with trusted >peers is reasonable for private group networking and other smaller >networks but would be very difficult to scale to a large organization. > this is a feature in my eyes, as private group networks are what this >is intended for and meatspace pad exchange a desired requirement to >ensure trust is properly placed. From jhughes at changesurfer.com Sun Jan 1 10:23:52 2006 From: jhughes at changesurfer.com (Hughes, James J.) Date: Sun, 1 Jan 2006 13:23:52 -0500 Subject: [>Htech] Montague: Synthetic Biology: A Darker Bioweapons Future Message-ID: http://www.counterpunch.org/montague12312005.html December 31 / January 1, 2005/6 Synthetic Biology: A Darker Bioweapons Future By PETER MONTAGUE One of the top developments of 2005 is a kind of genetic engineering on steroids -- a new field called "synthetic biology" in which scientists are setting out to create new forms of life that have never existed before. In "genetic engineering," natural genes from one species are inserted by force into a different species, hoping to transfer the properties or characteristics of one species into another. Trout can live in cold water, so maybe a trout gene blasted into a tomato will help tomatoes withstand cold weather. The limitation on this system is the characteristics that nature has built into the genes of species. Now scientists have overcome that limitation. They are learning to develop entirely new species, new forms of life. Awareness of this new scientific specialty -- called "synthetic biology" -- began to appear in the press in 2005. The construction of living things from raw chemicals was first demonstrated in 2002 when scientists created a polio virus from scratch. They found the polio virus genome on the internet, and within 2 years had created a virus from raw chemicals. The synthetic virus could reproduce and, when injected into mice, paralyzed them just as a natural polio virus would do. They said they chose the polio virus to demonstrate what a bioterrorist could accomplish. "It is a little sobering to see that folks in the chemistry laboratory can basically create a virus from scratch," James LeDuc of the federal Centers for Disease Control and Prevention in Atlanta, said at the time. A year later, in 2003 Craig Venter and colleagues at the Institute for Biological Energy Alternatives in Rockville, Md., took only 3 weeks to create a virus from scratch. Later that same year the Central Intelligence Agency (CIA) published a short paper called "The Darker Bioweapons Future," reporting the conclusions of a panel of life science experts convened by the National Academy of Sciences. The CIA paper said, in part, "The effects of some of these engineered biological agents could be worse than any disease known to man." And the CIA said, "The same science that may cure some of our worst diseases could be used to create the world's most frightening weapons." The CIA offered one example: "For example, one panelist cited the possibility of a stealth virus attack that could cripple a large portion of people in their forties with severe arthritis, concealing its hostile origin and leaving a country with massive health and economic problems." Nature magazine -- England's most prestigious science journal -- said in 2004 that synthetic biology "carries potential dangers that could eclipse the concerns already raised about genetic engineering and nanotechnology." Last month, the British journal New Scientist said in an editorial, "Let us hope that tomorrow's terrorists don't include people with PhDs in molecular genetics." The editorial went on to explain why the technology cannot regulated: "The underlying technology has already proliferated worldwide, and some gene-synthesis companies that are ostensibly based in the west are thought to manufacture their DNA in China and other countries in the far east where skilled labour is cheap." The editorial was written in response to an investigation conducted by the editors of New Scientist. They wondered if they could special- order DNA over the internet and have it shipped to them by mail (which the Brits call "post," not mail). Their report is titled, "The bioweapon is in the post," and they concluded that it would be doable, and that commerce in such things would be difficult -- or impossible -- to control. "But with gene synthesis firms springing up all over the world, and the underlying technology becoming cheaper and more widely available, it is unclear whether regulations enacted in any one country will be enough." "It's going to be virtually impossible to control," predicts David Magnus of the Stanford Center for Biomedical Ethics. The New Scientist editorial ends by saying, "If there ever was a case for scientists around the world to engage in sensible self-regulation before a nightmare becomes reality, this is it." Unfortunately, scientists are ill-equipped by their training to grapple with the ethical and moral dimensions of their work. Scientists have no equivalent of the Hippocratic Oath -- "First do no harm" -- that guides the behavior of physicians. The Hippocratic oath counsels restraint, humility, and caution. In science, on the other hand, wherever your curiosity takes you is the right place to go, even if it takes you into "a darker bioweapons future." Small wonder that so many people have lost faith in science, scientific progress, and the promise of America. As the editors of Nature said in 2004, "Controversies over genetically engineered crops and embryo research are leading people to question how carefully scientists consider the possible consequences of their work before barreling ahead. This is no small concern for science, as it has already led to restrictions." But of course it isn't just scientists who are responsible for speeding the deployment of ill-considered technologies onto the world market. The underlying engine for all this reckless behavior is an economic system that requires economic growth year after year. Our society has grown dependent upon economic growth for achieving "liberty and justice for all." You say your slice of the pie is unacceptably small and you're having to sleep under a bridge? Don't worry -- economic growth will make the whole pie larger, so your tiny slice will grow too. Thus domestic tranquility, justice, fairness, and fulfilling the promise of America are all dependent upon economic growth. We don't have any other widely-approved way to distribute the benefits of the economy, except through economic growth. We have forgotten the alternative, which is sharing. But decade after decade since World War II, economic growth rates have been stagnant or declining, not just in the U.S. but throughout the "developed" world. Slow growth derives from at least two sources -- productive capacity exceeds consumer demand and we have a glut of capital, so it is getting harder to find good investments. These two features of the modern economy force investors to constantly search for "the next big thing" -- in hopes of returning to historical rates of return on investment. As a consequence, corporations (which have limited liability, by law) engage in reckless behavior -- including behavior that may threaten the well being of everyone. They create new biotech crops and deploy them across the nation's agricultural landscape before thorough tests have been completed. They put nano particles into baby lotion before they have any idea whether the nano particles can penetrate a baby's skin, and before they have asked where those nano particle will go after they are thrown out with the bath water. So now we have synthetic biology -- the "next big thing" -- genetic engineering on steroids -- the manufacture of living organisms unlike any that have appeared on earth before. Investors are lining up to support new firms that are willing to sell the building blocks of new forms of life to anyone who can come up with a few hundred thousand dollars. This may in fact produce the next big thing, but it may not be quite the thing investors are hoping for. Until we devise a steady-state economy that does not require perpetual growth, investors will keep us on this awful "next big thing" merry- go-round, our quality of life continually threatened anew by the ill- considered products and unanticipated by-products of feral science. Peter Montague is editor of the indispensable Rachel's Health and Democracy, where this essay originally appeared. He can be reached at: peter at rachel.org Post message: transhumantech at yahoogroups.com Subscribe: transhumantech-subscribe at yahoogroups.com Unsubscribe: transhumantech-unsubscribe at yahoogroups.com List owner: transhumantech-owner at yahoogroups.com List home: http://www.yahoogroups.com/group/transhumantech/ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/transhumantech/ <*> To unsubscribe from this group, send an email to: transhumantech-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From zshodykhvvvsfi at hotmail.com Sun Jan 1 13:03:59 2006 From: zshodykhvvvsfi at hotmail.com (Gerald Carrier) Date: Sun, 01 Jan 2006 14:03:59 -0700 Subject: Cailiis, Vaigrra are Che.ap Here ca Message-ID: <68JI87FE.0O24.zshodykhvvvsfi@hotmail.com> Loking for quality meds at affordable price? We have widest range of meds at very competitive price. Money baack guaranteesss... http://firstcentre.com KdMWD From rah at shipwright.com Sun Jan 1 11:07:43 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 1 Jan 2006 14:07:43 -0500 Subject: [Clips] NSA Gave Other U.S. Agencies Information From Surveillance Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sun, 1 Jan 2006 14:07:04 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] NSA Gave Other U.S. Agencies Information From Surveillance Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Washington Post NSA Gave Other U.S. Agencies Information From Surveillance Fruit of Eavesdropping Was Processed and Cross-Checked With Databases By Walter Pincus Washington Post Staff Writer Sunday, January 1, 2006; A08 Information captured by the National Security Agency's secret eavesdropping on communications between the United States and overseas has been passed on to other government agencies, which cross-check the information with tips and information collected in other databases, current and former administration officials said. The NSA has turned such information over to the Defense Intelligence Agency (DIA) and to other government entities, said three current and former senior administration officials, although it could not be determined which agencies received what types of information. Information from intercepts -- which typically includes records of telephone or e-mail communications -- would be made available by request to agencies that are allowed to have it, including the FBI, DIA, CIA and Department of Homeland Security, one former official said. At least one of those organizations, the DIA, has used NSA information as the basis for carrying out surveillance of people in the country suspected of posing a threat, according to two sources. A DIA spokesman said the agency does not conduct such domestic surveillance but would not comment further. Spokesmen for the FBI, the CIA and the director of national intelligence, John D. Negroponte, declined to comment on the use of NSA data. Since the revelation last month that President Bush had authorized the NSA to intercept communications inside the United States, public concern has focused primarily on the legality of the NSA eavesdropping. Less attention has been paid to, and little is known about, how the NSA's information may have been used by other government agencies to investigate American citizens or to cross-check with other databases. In the 1960s and 1970s, the military used NSA intercepts to maintain files on U.S. peace activists, revelations of which prompted Congress to restrict the NSA from intercepting communications of Americans. Today's NSA intercepts yield two broad categories of information, said a former administration official familiar with the program: "content," which would include transcripts of a phone call or e-mail, and "non-content," which would be records showing, for example, who in the United States was called by, or was calling, a number in another country thought to have a connection to a terrorist group. At the same time, NSA tries to limit identifying the names of Americans involved. "NSA can make either type of information available to other [intelligence] agencies where relevant, but with appropriate masking of its origin," meaning that the source of the information and method of getting it would be concealed, the former official said. Agencies that get the information can use it to conduct "data mining," or looking for patterns or matches with other databases that they maintain, which may or may not be specifically geared toward detecting terrorism threats, he said. "They are seeking to separate the known from the unknown, relationships or associations," he added. The NSA would sometimes monitor telephones, e-mails or fax communications in cases where individuals in the United States -- and sometimes people they contacted -- were linked to an alleged foreign terrorist group, officials have said. The NSA, officials said, limited its decisions to follow-up with more electronic surveillance on an individual to those cases where there was some apparent link to terrorist sources. But other agencies, one former official said, have used phone numbers or other records obtained from NSA in combination with wide-ranging databases to look for links and associations. "What data sets are included is a policy decision [made by individual agencies] when they involve other than terrorist links," he said. DIA personnel stationed inside the United States went further on occasion, conducting physical surveillance of people or vehicles identified as a result of NSA intercepts, said two sources familiar with the operations, although the DIA said it does not conduct such activities. The military personnel -- some of whose findings were reported to the Northern Command in Colorado -- were employed as part of the Pentagon's growing post-Sept. 11, 2001, domestic intelligence activity based on the need to protect Defense Department facilities and personnel from terrorist attacks, the sources said. Northcom was set up in October 2002 to conduct operations to deter, prevent and defeat terrorist threats in the United States and its territories. The command runs two fusion centers that receive and analyze intelligence gathered by other government agencies. Those Northcom centers conduct data mining, where information received from the NSA, the CIA, the FBI, state and local police, and the Pentagon's Talon system are cross-checked to see if patterns develop that could indicate terrorist activities. Talon is a system that civilian and military personnel use to report suspicious activities around military installations. Information from these reports is fed into a database known as the Joint Protection Enterprise Network, which is managed, as is the Talon system, by the Counterintelligence Field Activity, the newest Defense Department intelligence agency to focus primarily on counterterrorism. The database is shared with intelligence and law enforcement agencies and was found last month to have contained information about peace activists and others protesting the Iraq war that appeared to have no bearing on terrorism. Military officials acknowledged that such information should have been purged after 90 days and that the Talon system was being reviewed. Gen. Michael V. Hayden, deputy director for national intelligence and former head of NSA, told reporters last month that the interception of communications to the United States allegedly connected to terrorists was, in almost every case, of short duration. He also said that when the NSA creates intelligence reports based on information it collects, it minimizes the number of Americans whose identities are disclosed, doing so only when necessary. "The same minimalizationist standards apply across the board, including for this program," he said of the domestic eavesdropping effort. "To make this very clear -- U.S. identities are minimized in all of NSA's activities, unless, of course, the U.S. identity is essential to understand the inherent intelligence value of the intelligence report." Hayden did not address the question of how long government agencies would archive or handle information from the NSA. Today's controversy over the domestic NSA intercepts echoes events of more than three decades ago. Beginning in the late 1960s, the NSA was asked initially by the Johnson White House and later by the Army, the Secret Service, and the Bureau of Narcotics and Dangerous Drugs to intercept messages to or from the United States. Members of Congress were not informed of the program, code-named Minaret in one phase. The initial purpose was to "help determine the existence of foreign influence" on "civil disturbances occurring throughout the nation," threats to the president and other issues, Gen. Lew Allen Jr., then director of NSA, told a Select Senate Committee headed by then-Sen. Frank Church (D-Idaho) in 1975. Allen, in comments similar to recent Bush administration statements, said collecting communications involving American citizens was approved legally, by two attorneys general. He also said that the Minaret intercepts discovered "a major foreign terrorist act planned in a large city" and prevented "an assassination attempt on a prominent U.S. figure abroad." Overall, Allen said that 1,200 Americans citizens' calls were intercepted over six years, and that about 1,900 reports were issued in three areas of terrorism. As the Church hearings later showed, the Army expanded the NSA collection and had units around the country gather names and license plates of those attending antiwar rallies and demonstrations. That, in turn, led to creation of files on these individuals within Army intelligence units. At one point a Senate Judiciary subcommittee showed the Army had amassed about 18,000 names. In response, Congress in 1978 passed the Foreign Intelligence Security Act, which limited NSA interception of calls from overseas to U.S. citizens or those involving American citizens traveling abroad. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From dave at farber.net Sun Jan 1 11:19:25 2006 From: dave at farber.net (David Farber) Date: Sun, 1 Jan 2006 14:19:25 -0500 Subject: [IP] NY Times editors decline to comment on publication delay Message-ID: Begin forwarded message: From dave at farber.net Sun Jan 1 11:23:54 2006 From: dave at farber.net (David Farber) Date: Sun, 1 Jan 2006 14:23:54 -0500 Subject: [IP] NSA Gave Other U.S. Agencies Information From Surveillance Message-ID: Begin forwarded message: From coderman at gmail.com Sun Jan 1 18:53:13 2006 From: coderman at gmail.com (coderman) Date: Sun, 1 Jan 2006 18:53:13 -0800 Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin In-Reply-To: <20060101120136.T4153@ubzr.zsa.bet> References: <20060101120136.T4153@ubzr.zsa.bet> Message-ID: <4ef5fec60601011853ra5dfc9eve0c4ed60c104647f@mail.gmail.com> On 1/1/06, J.A. Terranson wrote: > (1) We are describing encryptedmessage sent over the public internet - > granted, it's in "pieces", yet it's still sent into the public cloud; yeah, follow tcp stream in ethereal is a good example of how trivial it is to recreate a session of communication given an archive of its component datagrams. > (2) These various pieces are all "record" communications as far as > NSA/Echelon is concerned, and therefore we should expect that they will > draw significant attention - and end up in permanent archives; right. hence my fetish for one time pads for key exchange and previous comment about quantum computers / fast GNFS / etc. they are up to 8 qubits, only a few thousand more to go. ;) > (3) Since all off the pieces have been stored - including both the > encrypted messagetexts and the decryptors, what is to prevent a > time-faking attack against this message? After all, if you have all the > parts, you can just "reinstantiate" the network as it was was the messages > were originally sent. this is particular to the method TD mentioned i think... i am assuming the following: - the operating system is installed on a loop-aes volume so that integrity of the kernel, libraries and utilities is protected via passphrase. - the one time pads are stored encrypted in a similar manner so that access to them requires external keys (like the gpg encrypted keys used for loop-aes volumes) - the passphrase used to authenticate a user for access to the pads is coupled with external storage (usb) of the keys used to access the pads. to recover the plaintext communication from the encrypted datagrams the attacker would need to obtain the encrypted pad, the keys on external storage (usb), and the passphrase to access the keys. > (4) For any form of time-destruction messaging to really work, the keying > information would have to be tied to a physical that cannot be > reclaimed, and which decays at a fixed, known, and closely approximatable > rate (a radiodecay probably doesn't meet this criteria); > > Every time-sensitive auto-destructing system Ive seen discussed here fails > these weaknesses. this doesn't provide time destruction so i assume this is in reference to Tyler's description. you could couple the user authentication with a physically hardened token of some sort for access to the pads but even this would require manual destruction. do they make physically hardened authentication tokens with timed self destruction built in? From coderman at gmail.com Sun Jan 1 18:57:44 2006 From: coderman at gmail.com (coderman) Date: Sun, 1 Jan 2006 18:57:44 -0800 Subject: Tor-stored Pads In-Reply-To: References: <20060101120136.T4153@ubzr.zsa.bet> Message-ID: <4ef5fec60601011857j29bb9e8ei6b3a490a2fed0bb9@mail.gmail.com> On 1/1/06, Tyler Durden wrote: > ... > Yes, agreed, but I think this a MUCH bigger pain in the ass. > To wit: If they grab and deencrypt the "message" (ie the piece sent to the > receiver) prior to the expiration time, then they will have the message and > be able to read it. This is an improvement in that they have to do it prior > to the expiration time of the hidden piece. They can not grab and store this > piece alone because the other piece will not be there later. this reminded me of 'cryptoogle' which seems easily compromised but operates using a time delayed expiration of key material as derived from search results: http://www.cryptoogle.com/encrypt.php From rah at shipwright.com Sun Jan 1 16:38:34 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 1 Jan 2006 19:38:34 -0500 Subject: [Clips] Prescott unleashes spy satellites to check on home improvements Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sun, 1 Jan 2006 19:37:20 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Prescott unleashes spy satellites to check on home improvements Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Sunday Times January 01, 2006 Prescott unleashes spy satellites to check on home improvements THE government has advised council-tax inspectors to use "spy in the sky" satellite cameras to snoop on people's homes to see if they have added extensions, conservatories and even sheds that could boost the value of their property, writes David Cracknell. The Tories have unearthed official documents which show that John Prescott, the deputy prime minister, plans to use pictures from space as part of his revaluation of homes across England. The data will be used to reband people's homes over the next few years, meaning that property owners whose houses have shot up in value face higher council tax bills. The government has postponed a full council tax revaluation but Prescott's department is putting together a database of every home in England so that the levy more accurately reflects the true value of properties across the country. Even minor improvements, invisible from the road, will be caught by the technology. Caroline Spelman, the Conservative local government spokeswoman, said the move amounted to a "new stealth tax on home improvements". Country homes will be at particular risk from the technology. According to an official handbook for inspectors: "Aerial photographs are particularly effective in rural areas where improvements are hard to see from the road." Spelman accused Prescott of invading the privacy of people who worked to improve their homes and penalising those who extended rather than moved to bigger homes. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From measl at mfn.org Sun Jan 1 19:27:43 2006 From: measl at mfn.org (J.A. Terranson) Date: Sun, 1 Jan 2006 21:27:43 -0600 (CST) Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin In-Reply-To: <4ef5fec60601011853ra5dfc9eve0c4ed60c104647f@mail.gmail.com> References: <20060101120136.T4153@ubzr.zsa.bet> <4ef5fec60601011853ra5dfc9eve0c4ed60c104647f@mail.gmail.com> Message-ID: <20060101212207.E10044@ubzr.zsa.bet> On Sun, 1 Jan 2006, coderman wrote: > > (4) For any form of time-destruction messaging to really work, the keying > > information would have to be tied to a physical that cannot be > > reclaimed, and which decays at a fixed, known, and closely approximatable > > rate (a radiodecay probably doesn't meet this criteria); > > > > Every time-sensitive auto-destructing system Ive seen discussed here fails > > these weaknesses. > > this doesn't provide time destruction so i assume this is in reference > to Tyler's description. you could couple the user authentication with > a physically hardened token of some sort for access to the pads but > even this would require manual destruction. > > do they make physically hardened authentication tokens with timed self > destruction built in? Not that I am aware of, and if they did, I would by definition not trust them. I want my time-limited key to be some natural phenomenon that cannot be recreated after it "dies", but which is "readable" (for keying) and stable for a known time interval. Is there radioactive material which has has a known property that can be reliably and repetitively measured, that is useful as either a key or a seed, and that is guaranteed to change on a known schedule in a significant (i.e., keying data no longer relevant) way? The idea being something like msg xor radioseed "keys" = plaintext, but after 30 days, radioseed is different (and the original not knowable), and therefore message is dead. -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From camera_lumina at hotmail.com Sun Jan 1 18:41:35 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Sun, 01 Jan 2006 21:41:35 -0500 Subject: Tor-stored Pads In-Reply-To: <20060101120136.T4153@ubzr.zsa.bet> Message-ID: Alif the Terrible wrote... >(3) Since all off the pieces have been stored - including both the >encrypted messagetexts and the decryptors, what is to prevent a >time-faking attack against this message? After all, if you have all the >parts, you can just "reinstantiate" the network as it was was the messages >were originally sent. Yes, agreed, but I think this a MUCH bigger pain in the ass. To wit: If they grab and deencrypt the "message" (ie the piece sent to the receiver) prior to the expiration time, then they will have the message and be able to read it. This is an improvement in that they have to do it prior to the expiration time of the hidden piece. They can not grab and store this piece alone because the other piece will not be there later. If they do not deencrypt the message in time, then they have to grab a core dump of the entire network (as well as the transmitted message), because they do not know where the piece is located. Seems to me that's a much harder thing to do then merely grabbing a sole message and de-encrypting it at their leisure. Seems to me too that a Tor network that was sufficiently dynamic could require network core dumps that could actually tax even NSA facilities, given large Tor networks of the future. It should also be pointed out that if the encryption on the "message" piece is done extremely carefully, one can afford to be lax on the Tor piece, and yet have a very difficult problem to crack (particularly if wrong guesses set off boobytraps that kill the hidden message piece). Again, it can be countered that an attack might merely require N instantiations of the network, but now we are talking some very significant resources. We've multiplied the originall cracking problem by N. Perhaps. -TD PS: I believe this is very close to having a one-time stored pad, but the difference with traditional Pads is that this one is tored in an anonymous location.(See Coderman's post.) From eugen at leitl.org Sun Jan 1 14:00:33 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 1 Jan 2006 23:00:33 +0100 Subject: /. [China Declares War on Internet Pornography] Message-ID: <20060101220032.GI2235@leitl.org> Link: http://slashdot.org/article.pl?sid=06/01/01/0237245 Posted by: Zonk, on 2006-01-01 13:37:00 [1]segphault writes "The [2]Chinese government has shut down nearly 600 pornographic web sites, and arrested over 200 people for distributing "obscene" content. The Chinese government has also started performing covert surveillance of mobile phone text messages in order to crack down on banking fraud and prostitution organized and perpetrated with text messages. Ars Technica has the story: 'With more than 100 million Internet users, China has the second largest population of web content consumers after the United States. Although the Chinese government promotes web use for business, education, and government activity, the communist regime has committed its resources to crushing web sites that challenge government authority, or distribute content that the government considers to be detrimental to society'" References 1. mailto:segphault at sbcglobal.net 2. http://arstechnica.com/news.ars/post/20051231-5873.html ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Sun Jan 1 14:12:39 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 1 Jan 2006 23:12:39 +0100 Subject: [dave@farber.net: [IP] NSA Gave Other U.S. Agencies Information From Surveillance] Message-ID: <20060101221239.GT2235@leitl.org> Curious and curiouser. ----- Forwarded message from David Farber ----- From eugen at leitl.org Sun Jan 1 14:13:29 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 1 Jan 2006 23:13:29 +0100 Subject: [dave@farber.net: [IP] NY Times editors decline to comment on publication delay] Message-ID: <20060101221329.GU2235@leitl.org> Ah, how unusual. ----- Forwarded message from David Farber ----- From eugen at leitl.org Sun Jan 1 14:14:58 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 1 Jan 2006 23:14:58 +0100 Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spying Leak]] Message-ID: <20060101221458.GV2235@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Sun Jan 1 14:19:01 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 1 Jan 2006 23:19:01 +0100 Subject: [jhughes@changesurfer.com: [>Htech] Montague: Synthetic Biology: A Darker Bioweapons Future] Message-ID: <20060101221901.GX2235@leitl.org> ----- Forwarded message from "Hughes, James J." ----- From pgut001 at cs.auckland.ac.nz Sun Jan 1 06:12:31 2006 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Mon, 02 Jan 2006 03:12:31 +1300 Subject: Detect Spying on YOU In-Reply-To: Message-ID: "Tyler Durden" writes: >Any incremements not caused by you were caused by someone else. And remember that if you don't succeed at this, you run the risk of failure. Peter. From DWJSAD at hotmail.com Mon Jan 2 11:33:51 2006 From: DWJSAD at hotmail.com (Clair Haas) Date: Mon, 02 Jan 2006 12:33:51 -0700 Subject: We Guuaranteees Bigger Pen-nis 8rM7 Message-ID: The Only Clinically Tested Penis N-largement Pills that works.. - add 1-4 inches to your peniis - 20% thicker - 5x more enjoyable orgasm - or your monneyy back without question ask! Join miilliions of delighted users which has been benefited with "Thunder". http://thunder14.erectus.biz uH5 From macken.beichstc at gmail.com Mon Jan 2 13:14:57 2006 From: macken.beichstc at gmail.com (Dorothea Cruz) Date: Mon, 2 Jan 2006 16:14:57 -0500 Subject: Greater control over ejaculation Message-ID: <200602031045.k13Aj9c5025546@proton.jfet.org> A recent survey showed that 68% of women are unsatisfied with their sexual partners. Of course most of these women would never tell their partner that they are unhappy. Not being able to fully satisfy a woman can result in depression and feelings of inadequacy. Thankfully, men of all ages can now safely and naturally enhance their body and penis anatomy and renew sexual vitality without resorting to dangerous surgery. The all natural proprietary blend of unique herbs found in Maxaman is designed to restore blood flow to your penis, unleash stored testosterone, and heighten sensation by activating the body's natural hormone production and supplying vital nutrients necessary for peak sexual performance. http://bghimdel.foxrent.info/?acfjkdelxwqowybzmmghim From StevenKellyclerk at owfc.org Mon Jan 2 16:23:42 2006 From: StevenKellyclerk at owfc.org (Melanie Valencia) Date: Mon, 02 Jan 2006 17:23:42 -0700 Subject: ambien major Message-ID: <568501141618.AA1485448@client.comcast.net> Hello, As a valued customer, we provide you with occassional information and updates. Our records indicate that you may be in need of a refill. We hope that you will once again, give us the opportunity to offer you a great selection of meds, low prices, and superior customer care. If you would like to place an order or browse our current products and specials, please visit the link below: http://zxcdsa.info/?7S3e6caabec4eb52aaf81d709954S92f Yours Truly, Melanie Valencia Customer Care Specialist feet you crawl me, deprecatory frostbite emolument . caviar you escapee me, sisal diagnosis molecule . flip you dialup me, youngstown core jacobean . deaf you archive me, calfskin covenant . habit you brahmsian me, gape circumlocution alicia . animate you pamela me, anguish egregious nebulous ninth . http://www.dfhfgh.info/fgh.php From matthew at matthew.at Mon Jan 2 18:19:10 2006 From: matthew at matthew.at (Matthew Kaufman) Date: Mon, 2 Jan 2006 18:19:10 -0800 Subject: [p2p-hackers] Amicima's amiciPhone now on Macintosh Message-ID: amiciPhone, our Skype-like P2P communicator that does encrypted peer-to-peer VoIP calling, text messaging, user presence, and file transfer (including photo preview when sending images) is now available for the Macintosh (OS X 10.3.9 or later, and PPC-only at this point). Also, the Windows XP version is still available and has been upgraded several times (latest release is Beta 4). This is a great way to try out what MFP and MFPNet can do (both of which have documentation and open-source implementations available on our website, unlike Skype's proprietary protocol model) and we'd also love to hear feedback about the application itself before we add any more features, so give it a try! (and get your friends to give it a try too!) Matthew Kaufman matthew at matthew.at amiciPhone: matthew at test.amicima.com http://www.amicima.com Ps. For a good time, try calling "7" _______________________________________________ p2p-hackers mailing list p2p-hackers at zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From rah at shipwright.com Mon Jan 2 15:49:55 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 2 Jan 2006 18:49:55 -0500 Subject: [Clips] [libertarian-nation] Join us where freedom is happening! Message-ID: --- begin forwarded text Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys To: libertarian-nation at yahoogroups.com User-Agent: eGroups-EW/0.82 From: "Kat" Sender: libertarian-nation at yahoogroups.com Mailing-List: list libertarian-nation at yahoogroups.com; contact libertarian-nation-owner at yahoogroups.com Delivered-To: mailing list libertarian-nation at yahoogroups.com Date: Mon, 02 Jan 2006 19:11:08 -0000 Subject: [libertarian-nation] Join us where freedom is happening! Reply-To: libertarian-nation at yahoogroups.com (Read this article in the original for links to all the events, etc. http://tinyurl.com/8xuvu ) 2005 Year in Review What happened on the Underground (NHFree.com) during the last year By Kat Dillon The New Hampshire Underground is a loose organization of freedom fighters composed mainly of Free State Project (http://freestateproject.org) members who have already made the move to NH. There, these members worked with native New Hampshirites with the encouragement of Freestaters still waiting to make the big move to NH. It is difficult to describe the incredible synergy from amassing so many liberty lovers in one area. The individuals who have left family, friends, jobs to move cross country for freedom have an extra incentive to get out there and work for liberty in our lifetimes. They feel the need to prove they weren't crazy to uproot themselves and move to the Frozen Wonderland of the North. So people who were timid and uninvolved in their previous life seem to blossom and become involved after the move. When surrounded by people who think like they do, they are constantly encouraged to try new and greater feats to promote freedom. Plus, it is just plain fun being surrounded by like-minded people! Licensing civil disobedience To support people's inherent right to seek work and provide for themselves, Mike Fisher defied state licensing laws by giving an unlicensed manicure in front of the state Board of Cosmetology. For this offense, he was arrested and spent a day in jail. Currently, there is a bill being introduced to reduce licensing requirements. Free to travel civil disobedience Russell Kanning attempted to board a flight to Philadelphia (the heart of American liberty) with just a Bible and a copy of the Declaration of Independence. Russell objected to the new requirements coming from the Real ID act, and the loss of dignity of his fellow travelers who are subjected to unreasonable searches. When he attempted to enter the terminal without showing ID and without pat-down searches, he was arrested and spent 2 days in jail. Property tax revolt Objecting to paying for a public school system that teaches children that the government is the answer to every problem, Kat Dillon decided to cease paying for the detrimental school system. Dillon homeschools her child and does not use the school system and does not want to pay for what she doesn't use. Rather than paying the city, she donated the money that would have gone to the schools to the Liberty Scholarship Fund. For reasons to abandon the public schools, see 101 Reasons the Public Schools are Hopeless. Separation of School and State booths Last year we manned tables at various times to promote the idea of Separation of School and State. We handed out leaflets and talked to people about the idea of getting government out of education. In addition, we talked to people about how education could be handled privately with the help of organizations like the Liberty Scholarship Fund. UN flag burn We staged multiple UN flag burning events over the last year+. The first in Keene, Dec. 2004, several at the Porcupine Freedom Festival, and the last in Keene, Dec. 2005. We were protesting the UN attempts at world taxation, gun control, and one world government. Protests for Myrtle Woodward The family of Myrtle Woodward, a 96 year old Hampton resident, wished to keep her at home rather than putting her in a nursing home. In order to do this, they needed to expand their home to accommodate her. The city refused permits to do this building, and then accused the family of building the room anyway. Hampton city officials slapped the family with a $200,000 fine. Many from the Underground protested outside Hampton City Hall and Rockingham County Courthouse over the early months in 2005. April 15th tax protest On tax day, we gathered at the main Manchester post office to protest the income tax. People stayed from 11am to Midnight to hand out literature about the injustice of the income tax. Souter protest The Supreme Court decision in Kelo vs. New London angered many of us on the Underground. When vying attempts to seize Supreme Court Justice Souter's Weare property via eminent domain arose, Undergrounders rallied for and against Souter. Purists wished to have no one lose their property through eminent domain, while others viewed it as poetic justice for Souter to lose his own property. Robert Saulnier protests After the town of Londonderry seized his property, Robert Saulnier began protesting on his own land. He was arrested for trespassing. Undergrounders rallied for Saliner when he went to trial and after his trial. FEMA protest In protest of FEMA's actions in New Orleans, several of us burned FEMA flags outside the federal building in Concord. FEMA arranged the confiscation of legally owned firearms in NO and deliberately interfered with relief efforts. Free Lauren Canario Freestater Lauren Canario moved from Nevada to New London, CT to help protect the homeowners who were losing their homes through eminent domain (Kelo vs. New London). When attempting to attend a public city council meeting regarding the eminent domain, Lauren was arrested. She then refused to cooperate with her thug abductors and was held in jail for two weeks. (Lauren's my hero! KD) Social security card burn Several of us met outside the Social Security Office in Concord to burn our social security cards. We were protesting the corrupt system that forces people to pay into it like a Ponzi scheme and the use of the SS cards as a defacto national ID card. Londonderry property rights rally 30 people rallied at the airport for Londonderry property owners who were in danger of losing land through eminent domain. The Town of Londonderry and the airport stand to gain from the stolen land. Litter pick-up Freestaters banded together to tackle trash on the highway in Peterborough. The FSP participated in the Adopt a Highway program in 2005, and will continue to do so in 2006. The idea was to show what can be done through voluntary effort, as opposed to involuntary taxation. Plus we helped keep NH looking beautiful and had fun doing it! Free Jim Perry To symbolize Jim Perry's newfound freedoms from moving to NH, we chained him to a pole in Nashua at the MA border and cut his chains of Massachusetts statism. He was then allowed to enter NH where he drove without a seatbelt, openly carried his firearm, and burned his MA tax forms. Keene Free Press We started up our own newspaper, the Keene Free Press as an outlet for information about corrupt government and liberty related issues. Freedom Friends Tuath A community of friends has formed, the Freedom Friends Tuath based on the Zero Aggression Principle. Members agree to ZAP and agree to seeks Tuath arbitration rather than using the courts when having a dispute with other Tuath members. The Tuath is designed as a voluntary alternative to government, with members seeking to assist one another whenever possible. So much more happened in NH in the last year, so I tried to narrow it down to just the things that were planned on the Underground for this review. Please do visit our friends at the New Hampshire Liberty Alliance, Liberty Scholarship Fund, Coalition of New Hampshire Taxpayers, Libertarian Party of New Hampshire, Republican Liberty Caucus of New Hampshire, Liberty Ladies, The Liberty Conspiracy, NHCASPIAN and Gun Owners of New Hampshire to see more of the exciting things happening in NH! --Kat SPONSORED LINKS Issue management Money issue Cause rheumatoid arthritis Cause of hair loss Causes of joint pain Cause of teen depression YAHOO! GROUPS LINKS Visit your group "libertarian-nation" on the web. To unsubscribe from this group, send an email to: libertarian-nation-unsubscribe at yahoogroups.com Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Mon Jan 2 15:55:20 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 2 Jan 2006 18:55:20 -0500 Subject: [Clips] [libertarian-nation] Join us where freedom is happening! Message-ID: --- begin forwarded text From s.schear at comcast.net Tue Jan 3 10:59:54 2006 From: s.schear at comcast.net (Steve Schear) Date: Tue, 03 Jan 2006 10:59:54 -0800 Subject: Payments News: E-Gold Under Scrutiny In-Reply-To: References: Message-ID: <6.0.1.1.0.20060103104502.045bd600@mail.comcast.net> At 09:47 AM 1/3/2006, R. A. Hettinga wrote: > > > Payments News > > December 31, 2005 > > E-Gold Under Scrutiny > > January 9th edition of Business Week contains a lengthy investigative > report by Brian Grow on online money transfer systems like e-gold Ltd. The > article focuses on the potential use of the e-gold payment service by those > wanting to move money while skirting the reporting obligations associated > with US money laundering regulations. There has been quite a bit of on-line discussion about this article and, except for a notable competitor to E-Gold, the consensus among DGC users is that this article appears to be yet another hatchet-job perhaps encouraged by regulators or law enforcement to smear on-line payment services not sucking up to authorities. For example, while its true that E-Gold does not do much KYC checks that's not its legal responsibility nor in concert with its ToS, which they appear to follow. Almost all KYC responsibility for E-Gold falls on its exchange agents. The IMF estimates that the "shadow economy" runs from 14-16% of the GDP in OECD countries up to 44% in the Developing countries and you can bet very little of this is passing through these 'rebel' on-line payment services. Also, its quite simple to use Western Union and other popular services with little or no ID for smaller payments (although the details of even smaller transactions are probably forwarded to LEOs for scrutiny). Steve From coderman at gmail.com Tue Jan 3 11:23:12 2006 From: coderman at gmail.com (coderman) Date: Tue, 3 Jan 2006 11:23:12 -0800 Subject: The NSA Program In-Reply-To: References: Message-ID: <4ef5fec60601031123p13397405p8c858efe78421e3@mail.gmail.com> On 1/3/06, John Young wrote: > ... > He fingers the international telecom hubs in NYC through > which NSA grabs most of the data purposely sent through them > to transoceanic cables worldwide. Hmm, the hubs on > the West Coast are not mentoned. Wonder if that traffic is > now redirected through New York too for easy watching. > ... > US Transpacific Cable Landings > > http://eyeball-series.org//cablew-eyeball.htm the nedonna beach landing point for the WCI cable (and others) underwent significant physical security and facility upgrades in recent years. back when critical infrastructure details were carefreely public the termination faclities a few hundred yards from the shore even carried a promiscuous "FIBER OPTIC" sign on the door. (the oregon fishermans undersea cable group used to provide the cable plots with GPS coordinates a few score miles out as well. now you have to request these from them directly so they can limit distribution to local area fishermen and others with a legitimate need for the information) initial reaction to security concerns included building a large razor wire chain link fence around the facilities, although it appears this was too much of an attention getter as they removed all such imposing fencing before long and have continued to rely on extensive cameras/alarms/highly visible boundary around the now rebuilt facilities (aprox. 3-4 times the size of the original structure). could more capturing equipment on site be the reason behind the significant facilities upgrade? they don't like to give tours of such places unfortunately... :) the main peering facilities located in hillsboro for the WCI cable have not undergone any similar upgrades although the building was already large and well secured from the start. [it would be interesting to know what changes have been implemented at other western landing sites; the nedonna beach point is the only one i am directly familiar with] From jya at cryptome.net Tue Jan 3 11:44:29 2006 From: jya at cryptome.net (John Young) Date: Tue, 03 Jan 2006 11:44:29 -0800 Subject: The NSA Program Message-ID: James Risen on the NSA "Program:" http://cryptome.org/nsa-program.htm Risen doesn't offer much new information in his book, out today, but this is a handy summary of how the NSA siphons data. The telecom and Internet giants are the ones to be hammered for secretly doing the dirty work against their customers. He fingers the international telecom hubs in NYC through which NSA grabs most of the data purposely sent through them to transoceanic cables worldwide. Hmm, the hubs on the West Coast are not mentoned. Wonder if that traffic is now redirected through New York too for easy watching. There are six or so of the giant facilities in Manhattan, and cable landings along Brooklyn, Queens and Long Island. Many more along the New Jersey coast. Most of the cable landings worldwide show up on nautical maps due to conflicts with mariners. In 2002 Cryptome published eyeballs: Downtown Manhattan Telephone Hubs http://eyeball-series.org/nytel-eyeball.htm US Transatlantic Cable Landings http://eyeball-series.org/cable-eyeball.htm US Transpacific Cable Landings http://eyeball-series.org//cablew-eyeball.htm From rah at shipwright.com Tue Jan 3 09:47:04 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 3 Jan 2006 12:47:04 -0500 Subject: Payments News: E-Gold Under Scrutiny Message-ID: --- begin forwarded text Date: Tue, 3 Jan 2006 12:44:36 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: Payments News: E-Gold Under Scrutiny Payments News Tracking the world of payments...from Glenbrook Partners December 31, 2005 E-Gold Under Scrutiny January 9th edition of Business Week contains a lengthy investigative report by Brian Grow on online money transfer systems like e-gold Ltd. The article focuses on the potential use of the e-gold payment service by those wanting to move money while skirting the reporting obligations associated with US money laundering regulations. Technorati Tags: E-gold, Money Transfer E-gold is a "digital currency." Opening an account at www.e-gold.com takes only a few clicks of a mouse. Customers can use a false name if they like because no one checks. With a credit card or wire transfer, a user buys units of e-gold. Those units can then be transferred with a few more clicks to anyone else with an e-gold account. For the recipient, cashing out -- changing e-gold back to regular money -- is just as convenient and often just as anonymous. In an online extra, Business Week also looks at Russian-based WebMoney and its customers as well as at Dr. Douglas Jackson, the founder of e-gold. Posted by Scott Loftesness on December 31, 2005 at 06:34 PM in ECommerce, Financial Regulators, Money Transfer | Permalink -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jan 3 09:47:05 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 3 Jan 2006 12:47:05 -0500 Subject: Dr. Jackson's Golden Vision Message-ID: --- begin forwarded text Date: Tue, 3 Jan 2006 12:44:41 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: Dr. Jackson's Golden Vision Business Week JANUARY 9, 2006 * Editions: N. America | Europe | Asia | Edition Preference INVESTIGATIVE REPORT/Online Extra Dr. Jackson's Golden Vision The founder of e-gold discusses identity theft, regulatory compliance, and his libertarian epiphany When he founded e-gold in 1996, Dr. Douglas Jackson, a former oncologist, had a grand vision. He believed his digital currency -- housed on the Internet, backed by gold bullion, immune to inflation and currency fluctuations -- would "improve the material welfare of mankind." Users could convert national currencies into e-gold, then buy and sell goods with any other e-gold account holder worldwide over the Web. Since then, that noble endeavor to create a new kind of money has gone seriously awry, according to U.S. law-enforcement officials. While a smattering of small businesses in the U.S. and overseas have adopted e-gold as a payment vehicle, U.S. investigators say many of its other customers have instead come from the dark side of the Internet. Despite evidence that e-gold is now a favored currency among such nefarious characters as identity thieves and financial fraudsters, Jackson denies the claims and remains wed to the dream that e-gold will one day secure its place as currency for the Digital Age. In a series of interviews in person, by telephone, and via e-mail with BusinessWeek correspondent Brian Grow, Jackson offered his thoughts about the origin of e-gold, how it is regulated, and his effort to fend off critics. Here are edited excerpts: In 2000, e-gold Ltd. was registered as a company in Nevis, West Indies. Do you intend to bring it back to the U.S.? I don't know. There's an element of "good fences make good neighbors." The cost of compliance can sometimes be very high in the U.S. The experience of PayPal is that they find themselves not dealing with one regulatory regime but with [multiple] regulatory regimes. How does e-gold know who its customers are? There are business reasons to know who a customer is, and then sometimes there are sort of nonsense reasons to know who a customer is. If you're trying to accept a money payment from somebody, you have to know who a customer is to accept a dollar payment from them. The nature of e-gold -- this is purposeful -- we want that finality of payment. As a result, there is nothing that the user can do that leaves e-gold on the hook. Gold & Silver Reserve Inc., e-gold's parent company, also operates OmniPay, a digital currency-exchange agent that converts national currencies into e-gold. How does it authenticate the identity of its customers? To do business with OmniPay, you have to establish a user profile. The [first step] is to make sure that someone controls the e-mail address that they're registering to the account. We send a secret to the e-mail address on file; they have to go back to the Web site and enter that secret. Also, any e-gold account that they are going to use, they have to bind to that profile. They have to send a payment from that account to OmniPay's e-gold account. Another thing that's done is a postal validation. We mail out a secret to that postal address, [then] they have to log back into the Web site and enter that secret. What's the philosophy behind e-gold? My concern...was that historically it looked like a lot of the suffering of recent centuries -- some of the scale of wars, some of the economic dislocations -- could be traced back to credit cycles, and that credit cycles could be traced back to monetary manipulation. I wanted to try to create a system that was not subject to discretion, that was rules-based and predictable. But how did you get to the point where you had researched suffering, traced it to credit cycles, and then decided to found e-gold? There were a number of threads to it. At least one thread was just an interest in investing because, as a physician, I had some excess income, although I was a pretty lousy investor. Another strong theme of it -- and this is a little bit embarrassing -- was sort of a libertarian thing. There was an article in Forbes in 1994, a sort of 50-year look back on Friedrich Hayek's book The Road to Serfdom. I had never read that book, [which condemns government meddling in the economy]. But [its] description was very compelling. [It] made reference to a bookshop in San Francisco called Laissez Faire Books. I got their catalog and started reading through the core works of the whole libertarian thing. What it comes down to is the base money issuer [governments] -- that's the place where it is inappropriate to have a bank, in my opinion. So, how does e-gold solve that problem? By having a system like e-gold, what we were shooting for was to give the general public access to an efficient remote-payment mechanism without the need to go through an obligatory financial intermediary. That's fundamentally what it is all about. What regulatory regime applies to e-gold? Are you a bank, a commodity, a financial instrument? The simple answer is: We're nothing that's defined in legislation. Truth be known, we've looked very closely to see if we might be a money-service business, a money transmitter, because those have very distinct regulatory regimes, and also financial institutions and banks do. Clearly, we're none of those things. What we are trying to sort out right now is: Do we want to voluntarily emulate one of those things? Is it an advantage not to be anything that's defined in legislation? At the end of the day, we want e-gold to be recognized as a privately issued currency and treated like a foreign currency. Just as the U.S. doesn't presume to regulate the Reserve Bank of India or Bank Negara Malaysia or the European Central Bank, we want e-gold to fall in exactly the same pigeonhole as a foreign central bank. We want the regulatory focus to be on OmniPay, because OmniPay is where money or value -- as it's defined in regulation and legislation -- comes into play. We've been making the case that OmniPay is really not a money-service business either, but we are close enough to it that it makes sense for it to observe the spirit of the Bank Secrecy Act as it has been modified by the Patriot Act. So OmniPay is not currently regulated as an exchange provider either? Correct. The definition of an exchange involves money on both sides. In every currency exchange, there are two payments -- this one goes in and that one comes out. OmniPay is specifically set up so that it never crosses from one national currency to another. There is always going to be e-gold on one side or the other. E-gold doesn't fit the existing definition of money. In fact, there is not a definition of money; there is a definition of currency. E-gold doesn't fit the definition of currency. Currency is issued by a sovereign entity. Cybercrime gangs like ShadowCrew are masters of using false identities. How can e-gold make sure that they're not using false identities? E-gold essentially doesn't need to. OmniPay has to, because it handles money. But e-gold doesn't need to, because [a customer] can come in and be Mickey Mouse. But we have his time stamps, his IP numbers, and we also know all of the other accounts he does business with. If his value is still in the e-gold, we're just itching to get the order to freeze it. Do you ever have suspicions of activity going on in e-gold accounts that may not be legal? Early on, we had that luxury. Now, generally, we wait until somebody tells us about trouble. Why doesn't e-gold police its network more vigorously, instead of relying on law enforcement to inform it of wrongdoing? Our obligation is to honor what we have described in the [e-gold] account user agreement: to maintain a 100% reserve for e-gold; to operate a system of transfers that is irreversible; we will exercise a right of association, if there is due process, we can take further action such as freezing accounts. Some of these things get into the area of legal opinion and regulatory questions, which I believe are a little bit complex. We have been in this process of dialogue and discussion with [regulators] as we try to assess what is the appropriate way to regulate e-gold vis-`-vis U.S. regulations. The 2003 National Money Laundering Strategy from the U.S. Dept. of Treasury states that an e-gold account may be opened with only an e-mail address, and that personal information does not appear to be verified. Is this accurate? Correct. As noted by the World Bank, excess zeal in [know-your-customer rules] excludes many of the world's poor from the benefits of things like international remittances. We enable the guy living in the shantytown surrounding Mexico City to bootstrap himself, yet without occasioning a risk of someone getting away with truly anonymous abuses. Is e-gold aware that cybercriminals are offering "funding" services to help others obtain e-gold? No, but when made aware, we can aid in bringing hellfire down on their heads. Edited by Patricia O'Connell -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jan 3 09:47:05 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 3 Jan 2006 12:47:05 -0500 Subject: Money Ain't What It Used To Be Message-ID: --- begin forwarded text Date: Tue, 3 Jan 2006 12:44:40 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: Money Ain't What It Used To Be Business Week JANUARY 9, 2006 * Editions: N. America | Europe | Asia | Edition Preference INVESTIGATIVE REPORT Money Ain't What It Used To Be However the complicated tale of e-gold Ltd. plays out, it and a few of its rivals have already reached a milestone: For the first time, stand-alone digital currencies have real customers, even if some of those customers may engage in illicit activities. That's big news, since until recently digital money has been a failure. The idea of replacing paper money -- messy and expensive -- with its electronic equivalent seemed immensely logical in the mid-1990s, as the Internet took off. "Digital money is the ultimate -- and inevitable -- medium of exchange for an increasingly wired world," intoned a June, 1995, Cover Story in BusinessWeek (MHP ) entitled "The Future of Money." Congressional hearings with the same title soon followed, and Citicorp patented a proprietary version of digital cash. "I think money is about to remake itself," former Citicorp CEO Walter B. Wriston told Wired magazine in 1996. At the time, experts feared that privately issued digital money, untraceable and not controlled by central banks, would facilitate money laundering and tax evasion. They also worried that digital money, on a big enough scale, could undermine central banks' ability to steer economies by setting monetary policy. Government officials sounded desperate to stop the threat. "We are nowhere near the issue of regulating it," Stanley E. Morris, then the director of the Treasury Dept.'s Financial Crimes Enforcement Network, told BusinessWeek in 1995. "We're one step back." Well, it turned out that the regulators had plenty of time to catch up. DigiCash, the most innovative and best-publicized digital cash scheme, sought bankruptcy protection in 1998. CyberCash, a competitor, followed that route in 2001, the same year Beenz and Flooz, two rivals, closed their doors and left holders of their currencies high and dry. "Technologists thought that notes and coins would disappear," says David G.W. Birch, a director of Consult Hyperion, a British consulting firm that runs an annual conference on digital money. "But money is a very conservative technology." For the past ten years, digital cash has been a solution in search of a problem. Credit cards do just fine for most online transactions, especially since consumers have good legal protection against fraud and mistakes. By contrast, "we don't have the same kind of protection in place for the new forms of payment," says Anita Ramasastry, associate professor at the University of Washington Law School and an expert on laws governing digital money. That's why the apparent success of e-gold (and rivals like GoldMoney) in attracting customers is so striking. Besides the anonymity -- which previous digital money systems also offered -- the link with gold seems to provide enough solidity to overcome the potential dangers of putting your assets into a private currency. A gold-based banking system, which is what e-gold really is, appeals to people who fret about inflation and exchange rate fluctuations and don't trust the paper currencies central banks issue. Still, even if digital currencies survive the e-gold controversy, they will never be a serious challenger to credit and debit cards. No one's going to buy a newspaper with e-gold. The best bet for small retail purchases in the future is either a smart card, like the Octopus Card issued by Hong Kong's mass transit system, or a payment capability built right into cell phones, like the Edy system in use in Japan. These systems, tied closely to respectable institutions, don't provoke the same worries as a stand-alone private currency like e-gold. But a successful digital currency again raises the issues that regulators fretted over a decade ago, especially now that the world is far more tightly networked. The future of money is not here yet, but it may be a lot closer than you think. By Michael Mandel in New York -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jan 3 09:47:05 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 3 Jan 2006 12:47:05 -0500 Subject: Gold Rush Message-ID: --- begin forwarded text Date: Tue, 3 Jan 2006 12:44:38 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: Gold Rush Business Week JANUARY 9, 2006 * Editions: N. America | Europe | Asia | Edition Preference INVESTIGATIVE REPORT Gold Rush Online payment systems like e-gold Ltd. are becoming the currency of choice for cybercrooks Crime courses through the internet in ever-expanding variety. Hackers brazenly hawk stolen bank and credit-card information. Pornographers peddle pictures of little boys and girls. Money launderers make illicit cash disappear in a maze of online accounts. Diverse as they are, many of these cybercriminals have something important in common: e-gold Ltd. E-gold is a "digital currency." Opening an account at www.e-gold.com takes only a few clicks of a mouse. Customers can use a false name if they like because no one checks. With a credit card or wire transfer, a user buys units of e-gold. Those units can then be transferred with a few more clicks to anyone else with an e-gold account. For the recipient, cashing out -- changing e-gold back to regular money -- is just as convenient and often just as anonymous. E-gold appeals to "gold bugs": people who invest in the precious metal and believe money ought to be anchored to it. E-gold boasts that its digital currency is backed by a stash of gold bars stored in London and Dubai. But e-gold also appeals to savvy online crooks who want to move money quickly and without detection. American banks and conventional cash transmitters like Western Union are legally required to monitor customers and report suspicious transactions to the government. E-gold seems to go out of its way to avoid such obligations. Its operations are in Florida, but in 2000, its principals registered the company in the lightly regulated Caribbean haven of Nevis. Law enforcement officials worry that the little-known digital currency industry is becoming the money laundering machine of choice for cybercriminals. On the evening of Dec. 19, agents with the Federal Bureau of Investigation and Secret Service raided the Melbourne (Fla.) office of e-gold's parent company, Gold & Silver Reserve Inc., and the nearby home of its founder, Douglas L. Jackson. Agents copied documents and computer files, but so far no charges have been brought. The Secret Service and the FBI declined to comment on the raid. Jackson has denied any wrongdoing, though the raid isn't the first indication that federal investigators view e-gold as a magnet for online misdeeds. The FBI separately is pursuing about a dozen probes in which e-gold appears as a "common denominator," a senior agent says. The potential danger goes beyond e-gold. Investigators say other digital currencies are similarly used for corrupt purposes. All told, there are at least a dozen such services worldwide, based in places like Russia and Panama. Eight of them, including e-gold, claim to be backed by actual bullion. As a group, these firms do billions of dollars a year in transactions, according to Jim Davidson, a spokesman for the Global Digital Currency Assn. in New York. E-gold and its rivals make money by charging small percentage fees on those transactions. Most of the law enforcement interest in e-gold involves alleged fraud and money laundering by its users. A tour of some outlaw corners of the Internet illustrates why. One Web site called CC-cards -- where cyberthieves sell pilfered bank account and credit-card information -- often asks for payment via e-gold. Some sites pushing child pornography have dropped Visa and MasterCard recently in favor of e-gold, according to the National Center for Missing & Exploited Children, which tracks underage porn. But U.S. officials have another concern: that e-gold and rival digital currencies could be used to finance terrorism. It's a notion the companies all reject. SUBPOENA CENTRAL The man behinD e-gold, Doug Jackson, is a tall, powerfully built former oncologist. A fan of the gold standard, Jackson, 49, became a pioneer in digital currency when he set out a decade ago to create what he describes as a private gold-based monetary system. He envisioned e-gold as a currency that would be accepted at Wal-Mart (WMT ) while also permitting peasants from China to Peru to offer products at stable prices. "I thought there would be this flock of e-gold users, and I would be their messiah," he says. "It just didn't happen." What did happen, according to law enforcement officials, was that a pack of felons flocked to Jackson's brainchild. Sitting in an undecorated conference room in the Melbourne office three months before the federal raid, he acknowledged that he had a "six-inch pile" of subpoenas from such agencies as the FBI, the Securities & Exchange Commission, and the U.S. Postal Inspection Service -- all seeking information about some of his more suspect customers. Investigators say Jackson may have begun his quirky business with innocent intentions. But in recent years he has turned a blind eye, the officials say, to mounting evidence that e-gold has attracted a seamy clientele. The federal raid suggests that agents are intensifying their focus on e-gold and its potential criminal liability. Jackson didn't respond to messages after the raid. But earlier, he denied vehemently that he has looked away from crime. He said he responds as quickly as possible to official inquiries. He acknowledged, though, that his staff of 15 includes only one in-house investigator who struggles to keep up with all those subpoenas. E-gold has about 1.2 million funded accounts through which transactions worth $1.5 billion were conducted in 2005, he says. As for the idea that he should systematically monitor customer identities and money flows, he argues that's not his job: "We don't validate because we're unlike any other system." Federal officials reluctantly confirm this loophole: E-gold and other digital currencies don't neatly fit the definition of financial institutions covered by existing self-monitoring rules established under the Bank Secrecy Act and USA Patriot Act. "It's not like it's regulated by someone else; it's not regulated," says Mark Rasch, senior vice-president of the Internet security firm Solutionary Inc. and former head of the Justice Dept.'s computer crime unit. The Treasury Dept.'s Financial Crimes Enforcement Network (FinCEN) is studying ways to close the regulatory gap. Meanwhile, U.S. officials say e-gold and similar companies should voluntarily do more to deter crime. Started in 1996, e-gold was part of an early wave of Internet payment systems that converted conventional money into a Web currency. Most of those pioneers soon flopped, because consumers resisted paying fees to get Web cash. Others, such as PayPal, now a unit of online auction giant eBay Inc. (EBAY ), evolved into credit-card processing services. E-gold and a handful of rivals, including one called GoldMoney, were different. Their founders believed that tying monetary exchange to a strict gold standard would achieve greater economic stability. The Internet provided a ready venue for gold bugs the same way that it offered a soapbox to adherents of every other strain of thought. Jackson, an Army veteran and a graduate of Pennsylvania State University's medical school, was practicing oncology in Melbourne in the mid-1990s when he began reading about libertarianism and monetary theory. The married father of two adopted boys began to change his thinking. He scoured the works of libertarian novelist and philosopher Ayn Rand and was impressed by economist Friedrich A. Hayek's The Road to Serfdom, an influential 1944 condemnation of government control of the economy. "It looked like a lot of the suffering of recent centuries -- some of the scale of wars, some of the economic dislocations -- could be traced back to credit cycles. And credit cycles could be traced back to monetary manipulation" by governments, Jackson says. "I was very moved by it." INTELLECTUAL CONVERSION Gold, he concluded, was the cure. The U.S. stopped tying the dollar to a fixed amount of gold in 1971. But Jackson and a friend, attorney Barry K. Downey, decided to start what amounted to their own gold-backed currency. Jackson liquidated retirement accounts and sold his medical practice to help raise an initial $900,000. A former colleague noticed him working on computer code around the clock at his stand-up doctor's desk. He often forgot to eat and lost weight. Along the way, he stopped attending church. Jackson confirms all this but stresses that he continued to provide excellent care for his patients until he bowed out of medicine completely in 1998. In a series of interviews with Jackson, his statements about e-gold swing from grandiose to resigned. "We want e-gold to be recognized as a privately issued currency and to be treated as a foreign currency" by the U.S. and other governments, he says at one point. But e-gold's offices don't conjure up images of a grand central bank. Jackson, who during one interview wore neatly pressed slacks and a yellow-striped shirt, runs his currency from a Spartan suite on the third floor of a Bank of America (BAC ) building. Online currencies are patronized by software companies and other small businesses. Jackson says that the fees he charges customers -- for converting real money to e-gold, administering accounts, and doing transfers -- generated about $2 million in revenue in 2005 for e-gold's parent company, Gold & Silver Reserve, which he also controls. The operation turns a profit, he adds, but he won't say how much. Mark Jeftovic considers himself a big fan of digital currencies -- but one now skeptical about e-gold. The founder of easyDNS Technologies Inc., an Internet domain name registrar in Toronto, he started accepting e-gold as payment in 2003. Jeftovic believes that digital currencies will minimize the harm of government-induced inflation. But in early 2005, investigators from the Royal Canadian Mounted Police visited easyDNS seeking information about cybercriminals allegedly using the registrar's services. It turned out that some of the suspects had paid Jeftovic's company via e-gold, he says. Angered by the police scrutiny, Jeftovic now plans to offer rival digital currency GoldMoney in addition to e-gold. "I like the digital currency and e-gold economy, and I want to support it," he says. "But you have to run a cleaner shop than this." The RCMP didn't respond to requests for comment. Jackson says he wasn't aware of Jeftovic's concerns or the RCMP investigation. He says that e-gold responds as quickly as possible to inquiries from law enforcement agencies and readily provides them with user names, account numbers, and transaction histories. A number of gold buffs and some law enforcement officials see GoldMoney as a reputable alternative in the digital currency field. Based in the British Channel island of Jersey, GoldMoney is run by James Turk, a precious metals trader and former Chase Manhattan banker. He says that his company requires new customers to mail in copies of identity documents and then checks the data against lists of suspected terrorists and money launderers. The accounting giant Deloitte & Touche annually audits its gold holdings and security measures. E-gold's Jackson says those steps are expensive and unnecessary. OmniPay, an affiliate of e-gold, is one of more than a dozen "digital currency exchange agents" that handle the conversion of conventional currency into e-gold. Jackson says that to authenticate users' identities, OmniPay sends them a special code via e-mail and conventional mail. But users aren't required to prove their identity, so it isn't clear what this accomplishes. Jackson says that his lone in-house investigator looks for obvious fraud, such as a customer using "China" as his only address. Some of e-gold's customers have been unsavory. Omar Dhanani used e-gold to launder money for the ShadowCrew, a cybercrime gang with 4,000 members worldwide, according to an October, 2004, affidavit by a Secret Service agent. Based in a stucco house in Fountain Valley, Calif., Dhanani used his PC to hide the money trail from the sale of thousands of stolen identities, bank accounts, and credit-card numbers, the government said. Accomplices sent him Western Union (FDC ) money orders, which, for a fee, he filtered through e-gold accounts. On Oct. 4, 2004, Dhanani, 22, who used the nickname Voleur -- French for thief -- boasted in a chat room that he moved between $40,000 and $100,000 a week. He pled guilty in November to conspiracy to commit fraud and faces up to five years in prison. "GOOD FENCES" E-gold's Jackson says the company was never contacted by the Secret Service regarding Dhanani and had no duty to sniff him out. E-gold's outside attorney, Mitchell S. Fuerst, calls statements in the Secret Service affidavit alleging that e-gold was used to facilitate illegal activity "nonsense." Fuerst argues that the responsibility for policing the identity and activities of e-gold account holders lies with the banks and other regulated institutions from which money is transferred into e-gold's system. Jackson goes further, insisting it's impossible to launder money through e-gold -- a contention that law enforcers say is contradicted by the Dhanani case and others. Jackson has made no secret of his desire to avoid U.S. government scrutiny. In 2000, he and his partner Downey registered e-gold Ltd. in Nevis, hoping the maneuver would add another layer of insulation from U.S. regulation. Jackson concedes that e-gold has existed in Nevis only as "a piece of paper." Its parent administers e-gold services from the Melbourne office; the operation's computer servers are in Orlando. Jackson says he chose the tiny island because registration there is inexpensive, and the government follows well-established British commercial law. Nevis is also known for lax financial regulation. Referring to his desire to create legal distance from U.S. officials, Jackson says: "There's an element of good fences make good neighbors." On Dec. 5, two weeks before the federal raid in Melbourne, the Nevis Financial Services Regulation & Supervision Dept. posted a notice on its Web site that e-gold had disseminated "misleading information" about its legal status. Nevis officials say that the company was removed from the island's corporate registry in July, 2003, for failure to pay the annual registration fee of $220. Jackson didn't respond to questions about this. Back in the U.S., e-gold has tried to shield itself semantically, avoiding basic banking terms such as "deposit" and "withdrawal" that could increase its risk of being categorized as a regulated financial institution. E-gold calls such transactions "in-exchange" and "out-exchange." Jackson says: "It's not a desire to be tricky. It's a desire to be accurate. It's important not to be misconstrued as a bank." Whatever its legal status, e-gold's usefulness to scam artists was colorfully illustrated by E-Biz Ventures, which allegedly portrayed itself as a Christian-influenced organization that offered investors returns as high as 100%. E-Biz' proprietor, Donald A. English of Midwest City, Okla., allegedly highlighted his reliance on e-gold to appeal to victims' fear of the federal government and their desire for anonymity. E-Biz investors opened e-gold accounts and transferred funds to accounts controlled by English. He shifted e-gold among more than 25,000 accounts, using new investors' money to pay off some older ones. The scam took in $50 million before the SEC shut it down in 2001. Investors lost $8.8 million. Later prosecuted in federal court in Oklahoma City, English pled guilty to wire fraud and last May was sentenced to five years in prison. Jackson says that when subpoenaed by the SEC in the civil part of the E-Biz case, e-gold supplied transaction data. A Jackson aide worked closely with investigators in the civil case. "They responded timely to every request for assistance," says Chris Condren, E-Biz' court-appointed receiver. Evidence of e-gold's suspect following is found on numerous Web sites. A contributor to Cannabis Edge, a site for marijuana growers, has provided advice on how to employ e-gold and two other digital currencies -- WebMoney and NetPay -- to hide illicit proceeds "beyond the reach of U.S. pigs." E-gold in particular "has strong security," is "easy to use, and is anonymous," said the writer, who used the name Bill Shakespeare. (Moscow-based WebMoney and NetPay, which is based in Panama City, Panama, both deny any wrongdoing.) In addition to its abundant offerings of stolen financial data -- with payment frequently sought via e-gold -- the site CC-cards carried a message in November from a hacker using the name HellStorm. He advertised that for a 5% fee, he would set up and fund e-gold accounts for those who are in a hurry to do business and want to shield their identity. Users of CC-cards can make donations for the upkeep of the site by clicking on a link that connects to an e-gold account. (E-mails seeking comment from CC-cards and Cannabis Edge weren't answered.) Jackson says that he wasn't aware that e-gold was being recommended or used on outlaw Web sites until he was so informed by BusinessWeek. The company has since blocked the CC-cards donation account, he says. There is little the company can do about such situations, Jackson contends, unless law enforcement brings them to e-gold's attention. Once informed, "we can set a value limit to prevent an account from receiving further payments," he says. "We can identify if there is a constellation of accounts controlled by the same miscreant." Jackson adds: "If we get an appropriate court order, we can monitor and assist in a sting that freezes value." The danger of Web sites like CC-cards that are fueled in part by e-gold became very apparent to Kimberly S. Troyer. Her identity went up for sale there last September. Among the 22 items CC-cards put on the block: her checking account number at Bank One (JPM ), driver's license number, Social Security number, birth date, and mother's maiden name. The price for all that: $30 of e-gold. Informed of the offer by BusinessWeek in December, Troyer, a 33-year-old accounting student at Davenport College in South Bend, Ind., is changing all of her identity documents. She believes she escaped without losing any money. But someone hijacked her e-Bay account and changed the address to one in China so that it could receive payments from the sale of iPods Troyer didn't own. "It makes me sick to my stomach," she says. Jackson says e-gold can't do much about such cases until he's formally alerted by the government. There is one crime, however, to which Jackson has reacted more aggressively: child pornography. In August, he attended a conference in Alexandria, Va., organized by the National Center for Missing & Exploited Children. The center is trying to enlist banks and credit-card companies in a crackdown on payment schemes used by child porn Web sites. "There are fewer and fewer sites with Visa -- and more and more with e-gold," says the center's chief executive, Ernest E. Allen. The center has a policy of not publicly identifying child porn sites it tracks. Jackson says he was appalled to find e-gold on the list of institutions used by the porn sites. He provided the center with instructions on how to seek e-gold records, and the group says it is pleased with e-gold's cooperation. Daniel J. Larkin, head of the FBI's Internet Crime Complaint Center, says that in recent years, e-gold has hidden behind "a plausible-deniability fog." Now the fog may be lifting as the subpoenas pile up and federal agents begin to examine what they confiscated in their Dec. 19 raid. The Internal Revenue Service is separately auditing e-gold's parent, and Jackson says e-gold has voluntarily agreed to cooperate with an IRS review of its procedures for preventing money laundering. The IRS declined to comment. TERROR TOOL? Before the recent raid, Jackson said that responding to subpoenas and other government inquiries has been distracting and expensive. Although he emphasized that e-gold isn't obliged to monitor its clientele, he said that he could have paid more attention to vetting account holders were it not for the outside interruptions. He added that he plans to switch from an account-based log-in system to a user-based one to monitor customers more closely. The worst-case scenario, so far undetected by officials, would be the use of e-gold by financiers of terrorism. Experts on terrorism funding note that digital currencies resemble the money-changing system known as hawala, which Middle Eastern terrorists have used. A customer gives money to a hawala service, which then telephones a similar service in another city or country that doles out money to a designated recipient. Many hawala outfits have been shut down since September 11, making digital currencies a logical next step, says Phil Williams, a professor of international affairs at the University of Pittsburgh and consultant to the United Nations on terrorism financing. "At some point, this is going to be used" by terrorists, Williams says. Jackson scoffs at this notion. "We are not bad guys, and the e-gold system simply does not pose an undue risk for usage for terrorist purposes," he wrote in an e-mail on Jan. 20, 2005, to AUSTRAC, Australia's anti-money-laundering regulator, which was looking generally into potential terrorist use of digital currency. But e-gold attorney Fuerst said in early December that the company quickly complied with requests in 2005 from Russian law enforcement and the FBI for records connected to a would-be terrorist in Russia. This person allegedly threatened to "blow something up," Fuerst said, unless a ransom was paid into his e-gold account. The FBI and the Russian Interior Ministry declined to comment. This month's raid could signal serious trouble for e-gold. But cybercrime experts predict that if the company falters, nefarious business will simply transfer to other digital currencies, especially ones based in countries that have lax law enforcement. Amir Orad, executive vice-president of cybersecurity firm Cyota, says that putting e-gold out of business "would not stop anything." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jan 3 09:47:06 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 3 Jan 2006 12:47:06 -0500 Subject: WebMoney and Its Customers Message-ID: --- begin forwarded text Date: Tue, 3 Jan 2006 12:44:43 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: WebMoney and Its Customers Business Week JANUARY 9, 2006 * Editions: N. America | Europe | Asia | Edition Preference INVESTIGATIVE REPORT/Online Extra Back to Main Story WebMoney and Its Customers The ability to make anonymous money transfers is just one of the services attracting law-enforcement agencies' attention In the busy world of digital currencies, e-gold Ltd. has a controversial rival in Moscow called WebMoney. The Russian Internet currency company claims more than a million users in 37 countries (but mostly in Russia and Ukraine). It has doubled its tally of customers each year since 1998, according to founder Andrei Trubitsin. Like e-gold, WebMoney enables users to conduct transactions without a bank acting as an intermediary. Customers of the Russian outfit exchange ordinary money for units of WebMoney, which they can swiftly transfer to anyone else with an account on the system. WebMoney isn't anchored to gold in the way e-gold says it is. But WebMoney units do maintain a fixed value -- a feature that appeals particularly to customers bruised by Eastern Europe's sometimes volatile currencies. WebMoney also allows users to make transactions worth up to 150 euros without using their real names. GANGS BUSTED. That anonymity explains in part why U.S. law-enforcement officials have identified WebMoney, along with e-gold, as a popular payment vehicle among cybercrooks. And, investigators say, criminals using false names and identities gravitate to WebMoney to launder far more than 150 euros at a time. Officials with the U.S. Postal Inspection Service say they worked with Eastern European authorities in 2004 to shut down two cybergangs, known online as dumpsmarket and carderportal. According to the postal inspectors, the gangs had laundered proceeds from the sale of stolen credit cards through two digital currencies, including WebMoney. Trubitsin acknowledges that some criminals do use WebMoney. But he says this isn't his fault, and he denies that the company has designed WebMoney to disguise online crime. He stresses his work with law enforcement agencies to catch crooks. In 2005, the company received some 300 requests for information about its users from Russian officials and foreign law-enforcement agencies, he says. It's natural that as the business grows, it will receive a larger number of such queries, he adds. EASY TO CLOAK. To prevent money laundering, WebMoney uses a verification system that identifies customers and tracks their transactions, Trubitsin says. It issues "digital passports" based on notarized identity documents, which every person opening a WebMoney account must submit, he adds. Anyone who breaks the rules, he says, can have his account closed. U.S. officials worry that WebMoney's Moscow location has added to its appeal among online criminals. Getting cooperation from Russian courts and obtaining documents from Russian companies is time-consuming and difficult, U.S. investigators say. That makes it easier for cybercriminals -- already adept at using fake identities -- to obscure their money trails. In April, the Financial Crimes Enforcement Network (FinCEN), the U.S. Treasury Dept.'s anti-money-laundering unit, cited WebMoney, along with e-gold, as a digital currency used to move funds from the sale of stolen identity and financial data into a Latvian bank that FinCEN labeled "a primary money-laundering concern," which means U.S. banks are barred from doing business with it. WebMoney's Trubitsin calls the FinCEN report "nonsense" and says WebMoney doesn't have any dealings with the bank. He adds: "On our Web site are posted our terms and agreements, special for financial investigators in America who can't be bothered to read them." By Brian Grow in Atlanta and Bryon MacWilliams in Moscow -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From camera_lumina at hotmail.com Tue Jan 3 10:14:31 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Tue, 03 Jan 2006 13:14:31 -0500 Subject: The NSA Program In-Reply-To: Message-ID: John Young wrote... >He fingers the international telecom hubs in NYC through >which NSA grabs most of the data purposely sent through them >to transoceanic cables worldwide. Hmm, the hubs on >the West Coast are not mentoned. Wonder if that traffic is >now redirected through New York too for easy watching. I sincerely doubt that all of it can be. If anything, they have a local pre-sort that either discards low probability-of- interesting traffic or stores Variola suitcase-like it for periodic retreival or examination. Possibly, some of it will get routed through here (I say 'here' because out my window I see one of the big NYC COs). But if that's the case, look for very high bandwidth cross-country optical systems deployment with many wavelengths and lots of Raman as well as traditional optical amplification. Akin to what Corvis was building until they merged into Broadcom (hum...that's interesting if you think about it). I also happen to know enough about how a lot of the long-distance telecom networks are setup, so I also doubt they'd want to backhaul that through NYC if they're in the beltway, or southish like that. Then again, it's not impossible, and there can be very strong Operations reasons for moving traffic like that. -TD From rah at shipwright.com Tue Jan 3 11:26:29 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 3 Jan 2006 14:26:29 -0500 Subject: Payments News: E-Gold Under Scrutiny In-Reply-To: <6.0.1.1.0.20060103104502.045bd600@mail.comcast.net> References: <6.0.1.1.0.20060103104502.045bd600@mail.comcast.net> Message-ID: At 10:59 AM -0800 1/3/06, Steve Schear wrote: >yet another hatchet-job Yup. You can go through the article(s) and literally tick-mark the horsemen as they ride by... Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Tue Jan 3 06:43:49 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 3 Jan 2006 15:43:49 +0100 Subject: [matthew@matthew.at: [p2p-hackers] Amicima's amiciPhone now on Macintosh] Message-ID: <20060103144349.GC2235@leitl.org> ----- Forwarded message from Matthew Kaufman ----- From declan.mccullagh at gmail.com Tue Jan 3 23:14:27 2006 From: declan.mccullagh at gmail.com (Declan McCullagh) Date: Tue, 03 Jan 2006 23:14:27 -0800 Subject: [Politech] Feds begin "behavior monitoring" of air travelers this year [econ] Message-ID: [Via the Independent Institute. Another reason to get your own pilot's license for shorter flights. It's not that expensive. See http://www.aopa.org/learntofly/ and, for a $59 introductory flight: http://www.beapilot.com/ --Declan] --- AIRPORT SCREENING TO BECOME MORE INTRUSIVE, BUT NOT MORE EFFECTIVE This year the U.S. Transportation Security Agency will begin behavior monitoring of airplane passengers at 40 major American airport, reports Ivan Eland, director of the Independent Institute's Center on Peace & Liberty. "The screeners," writes Eland in his latest op-ed, "will look for 'suspicious' signs that might indicate a passenger could be a terrorist: having dry lips or a throbbing carotid artery (I'm not kidding), failure to make eye contact with or say hello to the screener, or evasive or slow answers to casual questions asked by the screener." Eland notes several flaws with this approach: It hasn't been field-tested for real-world effectiveness. It could easily transform into racial profiling. It fails to reduce the underlying causes of anti-U.S. terrorism. Terrorists who have practiced looking innocent could circumvent it easily. What, then, is the program good for? "Since the behavior detection program is unlikely to catch many professional terrorists, perhaps its real goal is to improve the morale of the unloved screeners by giving the public some incentive to be nice to them," writes Eland. "So next time you travel by air, don't forget your fake smile and ChapStick." Will it last? Independent Institute Senior Fellow Robert Higgs suggests that the public probably will tolerate greater intrusions by TSA airport screeners. "Strange as it might seem, most people get used to being treated as criminals or inmates in a concentration camp," Higgs wrote last month. "Americans are no exception. Keep beating them down, and eventually you will produce a thoroughly cowed and compliant herd, a mass of pliant raw material in the hands of their political masters, perfectly willing to sacrifice their dignity rather than irritate an airport-security thug and be made to miss a flight. And heaven forbid that they write their congressional representative to complain. Such impudence might get them placed on some black list at the TSA or even at the FBI. Best to keep quiet, stay in line, act as they are ordered to act." See "Chatting Up the TSA," by Ivan Eland (12/30/05) http://www.independent.org/newsroom/article.asp?id=1644 SPANISH TRANSLATION: "Adulando a la Administraci?n de la Seguridad del Transporte" http://www.elindependent.org/articulos/article.asp?id=1644 Also see "Traveling Sheep," by Robert Higgs (12/14/05) http://www.independent.org/newsroom/article.asp?id=1636 "Oveja Viajera" http://www.elindependent.org/articulos/article.asp?id=1636 To purchase THE EMPIRE HAS NO CLOTHES: U.S. Foreign Policy Exposed, by Ivan Eland, see http://www.independent.org/store/book_detail.asp?bookID=54 To purchase PUTTING "DEFENSE" BACK IN U.S. DEFENSE POLICY, by Ivan Eland, see http://www.independent.org/store/book_detail.asp?bookID=19 Center on Peace & Liberty (Ivan Eland, director) http://www.independent.org/research/copal/ _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From cigpgmpw at g5group.com.jfet.org Tue Jan 3 23:55:12 2006 From: cigpgmpw at g5group.com.jfet.org (Darryl Roland) Date: Wed, 04 Jan 2006 03:55:12 -0400 Subject: Maintain your ideal weight bilge Message-ID: <20390404375750.A31810@xearthlink.net> It`s a PERFECT time to loose some weight! What if you could not just lose weight - but feel good doing it? And keep on feeling great long after you have reached your target fitness level? Our New IMPROVED Body Fuel is clinically proven to be up to 17% more effective then HOODIA! http://imsogladthat.com/ bat you arsine me, neuropsychiatric bootes twitch . barbara you apology me, sash boo . chigger you adelia me, abovementioned . ex you astride me, bogota implicant . abusive you expression me, baggage fescue halocarbon . colonnade you hartman me, meticulous honorific rockabye . http://imsogladthat.com/b4/ From eugen at leitl.org Wed Jan 4 01:00:23 2006 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 4 Jan 2006 10:00:23 +0100 Subject: [declan.mccullagh@gmail.com: [Politech] Feds begin "behavior monitoring" of air travelers this year [econ]] Message-ID: <20060104090023.GQ2235@leitl.org> ----- Forwarded message from Declan McCullagh ----- From erowigammot at wigam.com Wed Jan 4 10:15:40 2006 From: erowigammot at wigam.com (Yolanda Root) Date: Wed, 4 Jan 2006 17:15:40 -0060 Subject: Hey dude top brands available Message-ID: <391560879.62553981627127@thebat.net> Can u believe that we will make you happy? YOU just will bring back some romantic moments that u lost in past! Refresh your BODY! Just fill the difference between the life you's living now and between the life with our product! Just visit our NEW ONLINE STORE!!! with Nixon to secure the White House for himself.Rapids, where he grew up. His mother a horse-drawn carriage and no "O God, Our Help In Ages Past." burglary of Democratic Party officesabout 1:15 (4:15 ET), followed by a public (Read e-mails about Ford's nightmare is over." "But for me, it's a moment really is still open for every person forward. .. The [Hussein] era has attempt against the then-Iraqi gone forever." (Watch noose placed"But for me, it's a moment really the University of Michigan fight Tuesday, which President Bush hasin his life after the presidency, blamed for costing him the 1976 election,The 38th president starred on rest of his presidency.respective places of worship, under military escort at theThe steps of St. Margaret's from the Islamic community willsomewhere in Iraq "in the next few "Fair trials were unimaginable and nothing else." D-Michigan. (Watch how ceremonies"I will always cherish the personalsteady leadership and optimism rest of his presidency.of former President Gerald Ford The 38th president starred onIncoming House Speaker Nancy by unprecedented circumstances without Al-Iraqiya state television aired people I can think of who have In a written statement, Iraqi Throughout the day, there were conflicting dressed in a black overcoat, Islamic rituals," he said. Ford in the 1976 presidential race, also are expected to be closed Ford years Video)was not to be used until he had written of former President Gerald Ford going to prison. The public and political (Watch admirers speak about Ford Video) "For a nation that needed healing crimes" during the Hussein regime. place and was not awakened. leader was "strangely submissive" "Anderson Cooper 360." "I can understand being led into a room by three "He was afraid. You could see fear in his face."employees of the prime minister's office Al-Rubaie said the execution was history. In October 1973, Vice President SpiroFord in the 1976 presidential race, for simple funeral ceremonies, Ford decided he wanted to stay in asked the well-respected Ford to leave Congress "I would like to make this day a d number of people -- some of on his hands to join in Bush: Hussein received fair trialdue respect to Hussein -- that the move in U.S. court could have"Saddam's body is in front me," said an officialThere had been speculation thatFriday evening, a U.S. district assistant coach while earning As his wife and other relatives under military escort at theelected to the U.S. House in 1948 as a and the only president and vicethe U.S. Capitol. Ford's funeral service will evasion. Nixon, ensnared in the rising Watergate scandal, past now and look forward and on his hands to join in heavily fortified Green Zone, al-Rubaie said, and no Americans were present. leader was "strangely submissive" received a fair trial." Islamic rituals," he said. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 3572 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: frcx.gif Type: image/gif Size: 4217 bytes Desc: not available URL: From cyphrpunk at gmail.com Wed Jan 4 21:37:57 2006 From: cyphrpunk at gmail.com (cyphrpunk) Date: Wed, 4 Jan 2006 21:37:57 -0800 Subject: [declan.mccullagh@gmail.com: [Politech] Feds begin "behavior monitoring" of air travelers this year [econ]] In-Reply-To: <20060104090023.GQ2235@leitl.org> References: <20060104090023.GQ2235@leitl.org> Message-ID: <792ce4370601042137r49f53467r7fe95ac2945b668@mail.gmail.com> On 1/4/06, Eugen Leitl forwarded: > This year the U.S. Transportation Security Agency will begin behavior > monitoring of airplane passengers at 40 major American airport, reports > Ivan Eland, director of the Independent Institute's Center on Peace & > Liberty. "The screeners," writes Eland in his latest op-ed, "will look > for 'suspicious' signs that might indicate a passenger could be a > terrorist: having dry lips or a throbbing carotid artery (I'm not > kidding), failure to make eye contact with or say hello to the screener, > or evasive or slow answers to casual questions asked by the screener." I am so friggin' sick of the response of the so-called security community to these kinds of measures. Everything is greeted with derision and ridicule. I'm coming to believe that the real goal of the critics is to make it as easy and safe as possible for terrorists to fly. Years ago when the new security precautions were put in place, security experts had nothing but criticism. The model they said should be followed (obviously in the expectation that it was completely impractical for America), that they pointed to as successful, was the Israeli airline El Al. Despite Israel's place as the principle target for terrorist action, El Al has had an astonishingly good record at flying safely. What was their secret? Exactly the kind of intensive, personalized attention which is now being criticized. El Al investigators are trained to observe passengers closely, to ask them questions and watch for just the signs of nervousness and evasion which this Ivan Eland treats with such mockery. Security people can't win. Non-invasive surveillance is called "security theater". Intensive surveillance is now described as a way to force people to smile at TSA agents. Doing nothing will produce even worse results. And BTW while I'm on the topic of airline security, a comment on John Gilmore's doomed attempt to sue to be allowed to travel without identity or security screening of any kind. Gilmore was offered the chance to fly if he was searched! And he turned it down! He claims that this violates his rights, that a physical search to make sure he isn't carrying any dangerous materials is forbidden by the Constitution. It's unfortunate that this conflates two very different issues. On the one hand it makes sense to be able to travel without showing ID. But on the other it makes no sense to claim immunity from being searched! By trying to treat these two issues equally Gilmore ends up weakening his own case. CP From andyo at oreilly.com Thu Jan 5 09:31:30 2006 From: andyo at oreilly.com (Andy Oram) Date: January 5, 2006 9:31:30 AM EST Subject: The connection between NSA wiretapping and telephone Message-ID: industry concentration http://www.oreillynet.com/pub/wlg/8924 Andy Oram Jan. 05, 2006 06:20 AM I have reported in detail, in a companion blog, about an [95] historic public forum on NSA wiretapping. Here I'll report on one technology-related aspect of particular interest to me: the collusion of the telephone companies, which has not been played up in the press. All the warrantless wiretapping we've recently heard about required help from the telephone companies and Internet service providers. These companies knew they were not only aiding the government in breaking the law, but were themselves violating terms of service for their customers--and in the case of telephone companies, also breaking the law. One law mentioned at the public form (and submitted years ago by the forum's moderator, Congressman Ed Markey) forbids cell phone companies from revealing the location of cell phone users--except with a court warrant. In fact, the NSA wiretapping scandal represents one of the largest conspiracies in recent years: a conspiracy between telephone companies and the government to defraud Americans out of our Fourth Amendment rights. Pertaining to this is the issue of industry concentration--the death of small phone companies and the mergers of larger ones into behemoths--which was also one of the goals of the Bush administration, pursued with determination by Michael Powell as FCC chair. Provisions for competition set up in the Telecom Act of 1996, and enforced by relatively even-handed regulations passed by earlier FCCs, were systematically weakened and discarded under Bush. (For some history, see an [96]earlier blog of mine. Admittedly, it's hard for any company to buck a demand from law enforcement. The PATRIOT Act's secrecy provisions (when the FBI approaches you, you can't even publicize the very fact that they have done so) leaves the impression that you'll be prosecuted for going public with government misbehavior, and thus contributes to the growing unaccountability of government. A few Internet service providers have done challenged illegal wiretaps, but not enough to establish the pattern we now see in the wiretap scandal. Overwhelmingly, the phone companies and ISPs just went along. One might argue that the pressure would have been even stronger if ISPs and phone companies were smaller, but size obviously hasn't helped them put up any resistance. Believe me, if we had an industry of scrappy Mom-and-Pop providers like in the 80s and 90s, word about this civil liberties horror would have come out sooner. Andy Oram is an editor for O'Reilly Media, specializing in Linux and free software books, and a member of Computer Professionals for Social Responsibility. His web site is www.praxagora.com/andyo. Weblog authors are solely responsible for the content and accuracy of their weblogs, including opinions they express, and O'Reilly Media, Inc., disclaims any and all liabililty for that content, its accuracy, and opinions it may contain. This work is licensed under a [103]Creative Commons License. References 95. http://www.oreillynet.com/pub/wlg/8923 96. http://www.oreillynet.com/pub/wlg/4616 103. http://creativecommons.org/licenses/by-nc-sa/2.5/ ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From coderman at gmail.com Thu Jan 5 10:54:26 2006 From: coderman at gmail.com (coderman) Date: Thu, 5 Jan 2006 10:54:26 -0800 Subject: [declan.mccullagh@gmail.com: [Politech] Feds begin "behavior monitoring" of air travelers this year [econ]] In-Reply-To: <792ce4370601042137r49f53467r7fe95ac2945b668@mail.gmail.com> References: <20060104090023.GQ2235@leitl.org> <792ce4370601042137r49f53467r7fe95ac2945b668@mail.gmail.com> Message-ID: <4ef5fec60601051054p5cd3ec38n41d66af73634b967@mail.gmail.com> On 1/4/06, cyphrpunk wrote: > ... > I am so friggin' sick of the response of the so-called security > community to these kinds of measures. Everything is greeted with > derision and ridicule. I'm coming to believe that the real goal of the > critics is to make it as easy and safe as possible for terrorists to > fly. i thought the idea of reinforcing cockpit doors was a good one. i think the issue is that most of the security added has been ineffective. > Years ago when the new security precautions were put in place, > security experts had nothing but criticism. The model they said should > be followed (obviously in the expectation that it was completely > impractical for America), that they pointed to as successful, was the > Israeli airline El Al. Despite Israel's place as the principle target > for terrorist action, El Al has had an astonishingly good record at > flying safely. What was their secret? Exactly the kind of intensive, > personalized attention which is now being criticized. El Al > investigators are trained to observe passengers closely, to ask them > questions and watch for just the signs of nervousness and evasion > which this Ivan Eland treats with such mockery. agreed; this seems better than checking the shoes of the elderly or forcing a nursing mother to drink some breast milk (just to be sure, you know...) but it's also easy to circumvent. do terrorists engage in social engineering? also, it was my understanding that El Al uses armed personel on flights; if this is the case perhaps more air marshalls are the deterrent to use instead of passenger personality. > And BTW while I'm on the topic of airline security, a comment on John > Gilmore's doomed attempt to sue to be allowed to travel without > identity or security screening of any kind. Gilmore was offered the > chance to fly if he was searched! And he turned it down! He claims > that this violates his rights, that a physical search to make sure he > isn't carrying any dangerous materials is forbidden by the > Constitution. i don't think that is the issue; it is the secret laws hidden behind "sensitive security information" which is to be fought. if there is a law that random search and identification are required to fly, it needs to be public. so glad i quit flying years ago... From coderman at gmail.com Thu Jan 5 13:22:31 2006 From: coderman at gmail.com (coderman) Date: Thu, 5 Jan 2006 13:22:31 -0800 Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin In-Reply-To: <20060101212207.E10044@ubzr.zsa.bet> References: <20060101120136.T4153@ubzr.zsa.bet> <4ef5fec60601011853ra5dfc9eve0c4ed60c104647f@mail.gmail.com> <20060101212207.E10044@ubzr.zsa.bet> Message-ID: <4ef5fec60601051322s51897192laf344352c2b4ef32@mail.gmail.com> On 1/1/06, J.A. Terranson wrote: > ... > Is there radioactive material which has has a known property that can be > reliably and repetitively measured, that is useful as either a key or a > seed, and that is guaranteed to change on a known schedule in a > significant (i.e., keying data no longer relevant) way? > > The idea being something like msg xor radioseed "keys" = plaintext, but > after 30 days, radioseed is different (and the original not knowable), and > therefore message is dead. it seems like this should be possible using a radioactive material with a known short half-life and exposing it to a neutron source with a mask (beryllium?) with the key space on it. assume a grid of cells on a flat surface containing the radioactive material; if a given cell emits over a threshold of radiation it is a '1' bit, dead it is a 0 bit. exposing the 0's to a neutron emitter would fission the radioactive cells early leaving it's ionizing radiation level below the threshold. there would be some delay between when the key was usable with all cells/bits readable (a few days, weeks, months?) and when it was still holding a detectable / useful amount of key information that could be used in a brute force attack against the unknown bits of key. they let you put americium in smoke detectors but something tells me it would be hard to get radioactive crypto keys commercially approved for production. :) (the neutron source would be another problem, although piezoelectric fusion might work) From TTWAWOZFGZ at yahoo.com Thu Jan 5 11:43:38 2006 From: TTWAWOZFGZ at yahoo.com (Jillian Walton) Date: Thu, 05 Jan 2006 13:43:38 -0600 Subject: Guys Need This G8bp7 Message-ID: Introducing E-rectiion Pills "Caillis Softabs" which guarantees long lasting pleasures. Safe to take without any side-effect. Satisfaction guuaranteeess... or your money back without question ask. http://uk.geocities.com/margarita26046salomo84374/ NtnKhR From dave at farber.net Thu Jan 5 10:49:20 2006 From: dave at farber.net (David Farber) Date: Thu, 5 Jan 2006 13:49:20 -0500 Subject: [IP] The connection between NSA wiretapping and telephone industry Message-ID: concentration X-Mailer: Apple Mail (2.746.2) Reply-To: dave at farber.net Begin forwarded message: From coderman at gmail.com Thu Jan 5 17:11:14 2006 From: coderman at gmail.com (coderman) Date: Thu, 5 Jan 2006 17:11:14 -0800 Subject: [dave@farber.net: [IP] The connection between NSA wiretapping and telephone industry concentration] In-Reply-To: References: <20060105185145.GN2247@leitl.org> Message-ID: <4ef5fec60601051711x7a69ccech19d3316f5ec179b@mail.gmail.com> On 1/5/06, John Young wrote: > Yes, the telecomms have been betraying their customers since day one, > and the ISPs are following that lead. Technology companies may begin > with pleasing their customers to get a foothold on the bigger market, then > when the big gov contracts start to come in, then to hell with the yokels. > > And all plead there was no alternative, had to obey orders from the > government, > meet obligations to stockholders, our competitors were doing it, and so on. > Bullshit. don't trust businesses nor governments with your private bits as much as possible. let your ISP freely share those encrypted payloads with whoever they please. end to end encryption has been advocated forever but perhaps now people will be a little more willing to listen. a good time for crypto geeks to be a little more willing to look at ease-of-use / HCI issues for secure decentralized networking. lots of failures to learn from... open source++ community wireless++ decentralized networks++ > Where's the criticism not only of the old telecomm whores and new ISP > sluts but all the lesser known infosec rent-a-fucks eager to service > the homesec and counterterror acquisition johns, technologists obeying > the sales and financial wizards brought in to save the start-ups. do you have any infosec rent-a-fucks in mind? choicepoint and the other datamining privacy invasion businesses get my "fuck you buddy" approval. infosec sucked in 2005 but this is tangential to NSA/$TLA/telecom/ISP/datareseller collusion. From jya at cryptome.net Thu Jan 5 18:35:34 2006 From: jya at cryptome.net (John Young) Date: Thu, 05 Jan 2006 18:35:34 -0800 Subject: [dave@farber.net: [IP] The connection between NSA wiretapping and telephone industry concentration] In-Reply-To: <20060105185145.GN2247@leitl.org> Message-ID: Yes, the telecomms have been betraying their customers since day one, and the ISPs are following that lead. Technology companies may begin with pleasing their customers to get a foothold on the bigger market, then when the big gov contracts start to come in, then to hell with the yokels. And all plead there was no alternative, had to obey orders from the government, meet obligations to stockholders, our competitors were doing it, and so on. Bullshit. And you think the crypto companies and those peddling infosec services are not doing that, not betting on their early reputation-building to see them through suspicion they're doing what the big orgs are doing? Bullshit. Where's the criticism not only of the old telecomm whores and new ISP sluts but all the lesser known infosec rent-a-fucks eager to service the homesec and counterterror acquisition johns, technologists obeying the sales and financial wizards brought in to save the start-ups. Yep, they accepted NDAs and secrecy agreements to get in on the windfall. Hey, you got to eat, they say, then getting fatter, say hey, you got to eat well so why not flummox the yokels with security scares and warnings about suspecting all others except them. That's the natsec way of doing business, now the infosec way, the crypto way. Backdoors, a little hole in the code, blow some smoke, blow some sunshine, blame implementation, sloppy password selection, rail that perfect security is impossible, what you need is 24x7 protection, so who will ever know but us experts, want a job, damn we're busy. NSA is far from the only problem, nor the feds, nor the enemy, nor competitors, but perfect scapegoats from day one for all those betraying their customers and believers. From jya at cryptome.net Thu Jan 5 19:24:05 2006 From: jya at cryptome.net (John Young) Date: Thu, 05 Jan 2006 19:24:05 -0800 Subject: [dave@farber.net: [IP] more on AP Story Justice Dept. Probing Domestic Spyin In-Reply-To: <4ef5fec60601051322s51897192laf344352c2b4ef32@mail.gmail.co m> References: <20060101212207.E10044@ubzr.zsa.bet> <20060101120136.T4153@ubzr.zsa.bet> <4ef5fec60601011853ra5dfc9eve0c4ed60c104647f@mail.gmail.com> <20060101212207.E10044@ubzr.zsa.bet> Message-ID: It is likely that the threat of the Internet is what led NSA to broaden its spying program, and what remains to be reported by the media. Recall that Hayden was belly-aching about his threat during the time leading up to 9/11, and the NSA Transition 2001 report to Bush released by the National Security Archive on Friday states that the Internet is the big threat, and that there was a need for constant monitoring of the Net. NSA was doing that well before 9/11 but was not admitting it, not in public. Nor was it admitting the cooperation of the ISPs in this effort. Got to consider the AES initiative was a cooptation of the crypto terrorists after GAK failed, or appeared to have failed: there were a number of firms who jumped at the chance to build-in access, using a slew of hoary arguments about lost passwords, disloyal employees, corporate responsibility to control keys. And public key crypto has an odor that needs to be cleared of NDA suspicion or abandoned as if Crypto AG. From eugen at leitl.org Thu Jan 5 10:51:45 2006 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 5 Jan 2006 19:51:45 +0100 Subject: [dave@farber.net: [IP] The connection between NSA wiretapping and telephone industry concentration] Message-ID: <20060105185145.GN2247@leitl.org> ----- Forwarded message from David Farber ----- From gtgen at hotmail.com Thu Jan 5 10:01:44 2006 From: gtgen at hotmail.com (Beryl Simons) Date: Thu, 05 Jan 2006 20:01:44 +0200 Subject: Why Pay More? iJe9R Message-ID: <8A457EE3.7684.1815C2D5@localhost> Hey Guys, I was so happy I took adavantage of this Refinance offer, I thought I would share it with you.I locked in a 3.75 Rate before the increases started and got the cash I needed before the Holiday. It took me less than 1 Min to fill out this form and get started. http://8z.washyde.com/af out of maaei ling: http://washyde.com/rem cTpWK From coderman at gmail.com Fri Jan 6 14:50:18 2006 From: coderman at gmail.com (coderman) Date: Fri, 6 Jan 2006 14:50:18 -0800 Subject: phone records for sale Message-ID: <4ef5fec60601061450t961302cu29c9541401e59bdc@mail.gmail.com> http://www.suntimes.com/output/news/cst-nws-privacy05.html ---cut--- Steven M. Bellovin Fri, 06 Jan 2006 14:02:12 -0800 18 USC 2702(c) says A provider described in subsection (a) may divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by subsection (a)(1) or (a)(2)) ... (6) to any person other than a governmental entity. ... If the phone companies are not giving it out voluntarily, perhaps they're being tricked or perhaps they have corrupt employees. ---end-cut--- from the article: ""In some cases, telephone company insiders secretly sell customers' phone-call lists to online brokers, despite strict telephone company rules against such deals, according to Schumer."" the call center employees and other data services API's (less common) is exactly how they do it. t-mobile, verizon, sprint, they all contract out to call centers for various things which provide the call center operators a restricted environment in which to use their internal applications (usually IE, sometimes Remedy or Oracle Forms, graphical Java apps, etc). obviously part of the features of these applications is search by name, MIN, account, etc. often you can access a person's entire account through such systems and very little if any oversight is provided. the carriers sole focus (as it seems) is to prevent fraudulent equipment/phone deliveries to operators using customer accounts. they could care less about unauthorized access given their lack of any attempt to halt such activity. in addition to this, many of these internal networks are horribly insecure, as was well demonstrated by the t-mobile hacks earlier this year. [1] the only reason they continue to get away with such poor practice is that these networks are (in theory) all internal with dedicated lines from the call center back to the carrier networks on which the applications are run. and the fallout from their insecurity is not directly attributable back to them (they can and do blame various middle men, from devious operators to negligent call center policies, etc) [1] http://www.theregister.co.uk/2005/02/16/t_mobile_hacker_guilty/ ---- more fun quotes: "To test the service, the FBI paid Locatecell.com $160 to buy the records for an agent's cell phone and received the list within three hours, the police bulletin said." "I would say the most powerful investigative tool right now is cell records," Rizzo said. "I use it a couple times a week. A few hundred bucks a week is well worth the money." From hakfxmmwdwu at yahoo.com Fri Jan 6 11:31:01 2006 From: hakfxmmwdwu at yahoo.com (Gwendolyn Mack) Date: Fri, 06 Jan 2006 16:31:01 -0300 Subject: Small Pen is? v8zj Message-ID: Suffering from short penniss? Introduce revolution "Thunder" formula which gauranteees sizes increase or moneey baack. Users reported: - 2 inches extra in size - 3x pleasurable orgasms - 27% thicker Why waiting? http://thunder14.myherb.biz aN From eugen at leitl.org Fri Jan 6 10:12:07 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 6 Jan 2006 19:12:07 +0100 Subject: Data Mining 101: Finding Subversives with Amazon Wishlists Message-ID: <20060106181207.GV2247@leitl.org> (as boingboing correctly stated, the right way to do it is to use the Amazon API) http://www.applefritter.com/bannedbooks Data Mining 101: Finding Subversives with Amazon Wishlists Submitted by Tom Owad on January 4, 2006 - 7:37pm. Security Vast deposits of personal information sit in databases across the internet. Terms used in phone conversations have become the grounds for federal investigation. Reputable organizations like the Catholic Worker, Greenpeace, and the Vegan Community Project, have come under scrutiny by FBI "counterterrorism" agents. "Data mining" of all that information and communication is at the heart of the furor over the recent disclosure of government snooping. "U.S. President George W. Bush and his aides have said his executive order allowing eavesdropping without warrants was limited to monitoring international phone and e-mail communications linked to people with connections to al-Qaeda. What has not been acknowledged, according to the Times, is that NSA technicians combed large amounts of phone and Internet traffic seeking patterns pointing to terrorism suspects. "Some officials described the program as a large data mining operation, the Times said, and described it as much larger than the White House has acknowledged." (Reuters) Combining a data mining operation with the Patriot Act's power to access information makes it all too easy for the federal government to violate the Constitution's prohibition against unreasonable search. Ars Technica has an article, The new technology at the root of the NSA wiretap scandal, that describes the ease with which widespread wiretapping can now be implemented. It quotes Philip Zimmermann, the creator of the PGP encryption software: "A year after the CALEA [Communications Assistance for Law Enforcement Act] passed [in 1994], the FBI disclosed plans to require the phone companies to build into their infrastructure the capacity to simultaneously wiretap 1 percent of all phone calls in all major U.S. cities. This would represent more than a thousandfold increase over previous levels in the number of phones that could be wiretapped. In previous years, there were only about a thousand court-ordered wiretaps in the United States per year, at the federal, state, and local levels combined. It's hard to see how the government could even employ enough judges to sign enough wiretap orders to wiretap 1 percent of all our phone calls, much less hire enough federal agents to sit and listen to all that traffic in real time. The only plausible way of processing that amount of traffic is a massive Orwellian application of automated voice recognition technology to sift through it all, searching for interesting keywords or searching for a particular speaker's voice. If the government doesn't find the target in the first 1 percent sample, the wiretaps can be shifted over to a different 1 percent until the target is found, or until everyone's phone line has been checked for subversive traffic. The FBI said they need this capacity to plan for the future. This plan sparked such outrage that it was defeated in Congress. But the mere fact that the FBI even asked for these broad powers is revealing of their agenda." It used to be you had to get a warrant to monitor a person or a group of people. Today, it is increasingly easy to monitor ideas. And then track them back to people. Most of us don't have access to the databases, software, or computing power of the NSA, FBI, and other government agencies. But an individual with access to the internet can still develop a fairly sophisticated profile of hundreds of thousands of U.S. citizens using free and publicly available resources. Here's an example. There are many websites and databases that could be used for this project, but few things tell you as much about a person as the books he chooses to read. Isn't that why the Patriot Act specifically requires libraries to release information on who's reading what? For this reason, I chose to focus on the information contained in the popular Amazon wishlists. Amazon wishlists lets anyone bookmark books for later purchase. By default these lists are public and available to anybody who searches by name. If the wishlist creator specifies a shipping address, someone else can even purchase the book on Amazon and have it shipped directly as a gift. The wishlist creator's city and state are made public on the wishlist, but the street address remains private. Amazon's popularity has created a vast database of wishlists. No index of all wishlists is available, but it remains possible to view all wishlists by people of a particular first name. A recent search for people named Mark returned 124,887 publicly viewable wishlists. For an all inclusive search by name, you could compile a comprehensive list of first names and nicknames from the baby names databases available on the internet. Armed with this list, and by recording the search results for each first name, it is possible for you to retrieve the vast majority of public wishlists on Amazon. For the purposes of this exercise, only a single name was chosen . a common male name that returned over 260,000 wishlists. I'm not going to divulge what name was actually used. Let's pretend it was "Edgar," in honor of former FBI director J. Edgar Hoover. Before writing a script to download all the 260,000 "Edgar" wishlists, I confirmed that my actions would not violate Amazon's Conditions of Use. I also checked the robots.txt file which contains a list of directories Amazon requests not be traversed by scripts. User wishlists are not in this list, nor did the actions to be taken violate the conditions of use. I started by doing a wishlist search for people named "Edgar" and got back a page linking to the wishlists of the first 25 matches. The url looked something like this: http://www.amazon.com/gp/registry/search.html/?encoding=UTF8&type=wishlist&fi eld-name=edgar&page=1 Two variables extracted from the above url are of particular note: * field-name=edgar * page=1 Changing "edgar" to "george", would generate the first page of matches for people named George. Change '1' to '2' and you'd get matches 26 through 50 instead of 1 through 25. Using a simple 6-line shell script and the popular wget command line tool, I configured two computers on two different DSL connections to begin downloading all 260,000 wishlists in increments of 25,000. Each group of 25,000 wishlists took about four hours to download, for a total download time of less than one day. Each wishlist is located at an address like this: http://www.amazon.com/gp/registry/registry.html/?encoding=UTF8&type=wishlist& id=1DBHU3OCV72ZW 1DBHU3OCV72ZW is the wishlist owner's unique Amazon identification number. I made up the one you see here. By directing wget only to download pages at urls similar to this one, and by incrementing the search page from 1 to 10,400, it is possible to download all 260,000 wishlists without user intervention. Using a pair of 5-year-old computers, two home DSL connections, 42 hours of computer time, and 5 man hours, I now had documents describing the reading preferences of 260,000 U.S. citizens. I downloaded all the files to an external 120 GB Firewire drive in UFS format. The raw data occupied little more than 5 GB. I initially wanted to move all the files into a single directory to facilitate searching, but as the directory contents exceeded 100,000 items, the speed became glacially slow, so I kept the data divided into chunks of 25,000 wishlists. Next comes the fun part . what books are most dangerous? So many to choose from. Here's a sample of the list I made. Feel free to make up your own list if you decide to try some data mining. Send it to the FBI. I'm sure they'll appreciate your help in fighting terrorism. * On Liberty by Stuart Mill. First sentence: "The subject of this essay is not the so-called 'liberty of the will', so unfortunately opposed to the misnamed doctrine of philosophical necessity; but civil, or social liberty: the nature and limits of the power which can be legitimately exercised by society over the individual." What more do you need? * Slaughterhouse-Five by Kurt Vonnegut. The classic anti-war novel. * Fahrenheit 451 by Ray Bradbury. Dystopian. * Brave New World by Aldous Huxley. More dystopian. * 1984 by George Orwell. Most dystopian. * Critical Thinking by Alec Fisher. Can't have any of that. * Build Your Own Laser, Phaser, Ion Ray Gun and Other Working Space Age Projects by Robert Iannini. Obviously. * Apple I Replica Creation by Tom Owad. Building your own computer should be illegal. (ok, it's also here because I wrote it.) * The Catholic Worker Movement: Intellectual And Spiritual Origins by Mark & Louise Zwick. Keywords * Michael Moore. The fringe left. * Rush Limbaugh. The fringe right. * Ralph Nader. * Greenpeace. Because frankly, we all know there's only one sort of person who would want a "Greenpeace: Standing Up for the Earth" 2006 Calendar. * Torah. * Quran & Koran. Like the Catholic Worker and Greenpeace, the American-Arab Anti-Discrimination Committee has also been the subject of FBI investigations. * Bible. Sure, a lot of books use "Bible" in the title, but I cast a wide net. What harm are a few false positives? My Amazon seller ID is attached to these links. If I get any interesting statistics on how many copies of On Liberty, etc., are sold as a result of this article, I'll post them in a follow-up. If I get a call from the FBI, I'll let you know that, too. To search for specific books, I used ISBN numbers, for the rest, keywords. All the search terms were saved to terms.txt, one term per line, for use with grep: ls -1 | xargs grep -HiFof /Volumes/UFS/terms.txt > /Volumes/UFS/matches.txt This command searches all wishlists in the current directory for the terms in terms.txt, then saves the results to matches.txt. Results are stored one per line, in the format: filename:keyword Now that I have a list of which keywords appear in which wishlists, I can sort them. I created a new folder "results" and within it created subfolders for each search term. The TCL script below creates links (similar to aliases or shortcuts) for each matched file, and stores the links within the new subdirectories: #!/usr/bin/tclsh set fdgrep [open "/Volumes/UFS/matches.txt" "r"] while {![eof $fdgrep]} { gets $fdgrep line set mylist [split $line :] if {[llength $mylist] > 1} { lappend mylist [string toupper [lindex $mylist 1]] if {![file exists "/Volumes/UFS/results/[lindex $mylist 2]/[lindex $mylist 0]"]} { exec ln /Volumes/UFS/wishlists/[lindex $mylist 0] "/Volumes/UFS/results/[lindex $mylist 2]/[lindex $mylist 0]" } } } Now, for example, the folder called "Greenpeace" contains every wishlist with that term. Another folder named "Rush Limbaugh" contains the wishlists of all the those interested in reading Rush. On an aside, if you want to delete all the files beginning with the word "search" in a 25,000-file directory, the correct line is: find . -name 'search*' -print0 | xargs -0 rm This line deletes all the files: find . -print0 -name 'search*' | xargs -0 rm Good thing I had backups. There's also a bug, in grep 2.5.1 that corrupts output when grep is run with both the -i and -o flags. Version 2.5.1-1, available through the Fink project, fixes this problem. One curiousity revealed by this project is that there are quite a few people who show up for multiple books. Reading On Liberty and Build Your Own Laser, Phaser, Ion Ray Gun and Other Working Space Age Projects? We really should have a special list for you. Here are the books, along with the numbers of people interested in reading each: Book # of people interested On Liberty 7 Slaughterhouse-Five 82 Fahrenheit 451 63 Brave New World 1 1984 76 Critical Thinking 7 Build Your Own Laser 2 Apple I Replica Creation 4 The Catholic Worker Movement 1 Rebuilding Labor 2 Michael Moore 232 Rush Limbaugh 42 Ralph Nader 74 Greenpeace 5 Torah 42 Quran & Koran 74 Bible 3,771 The first match for "Bible," ironically, was a wishlist containing The Cannabis Grow Bible: The Definitive Guide to Growing Marijuana for Recreational and Medical Use. Right person. Wrong list. Another match was for The Linux Bible: GNU Testament. With Nader, I foolishly searched for last name alone. Thus, there are quite a few hits for The Lemonader along with the correct results. If some results look suspiciously low, it's probably because in many cases I searched for a specific ISBN while the book is available in multiple formats. Only the first page of each user's wishlist was downloaded. Books are always added to the front of the wishlist which pushes older titles off the first page, so there is also a slight bias in favor of newer books. It is possible for users to associate a shipping address with their wishlists, so that others can order them gifts. Though the full address is hidden, city and state remain visible. I already have first and last name. With this information, I can do a Yahoo People Search to obtain an exact street address and phone number. Viewing the wishlists that contained Apple I Replica Creation, I found that all four provided the user's city and state. Of these four, one was a common name that produced multiple hits in his town, two were unlisted (although one of them was in the Intelius database which I opted not to pay for), and the final individual was present on Yahoo People. So I sent him a signed copy and thanked him for his interest. Thanks to Google Maps (and many similar services) a street address is all we need to get a satellite image of a person's home. Tempted as I was to provide satellite images of the homes of the search subjects, it just seemed a bit extreme even for this article. Instead, I opted only to pinpoint the centers of the towns in which they live. So at least you'll know that there's somebody in your community reading Critical Thinking or some other dangerous text. City and state were extracted using a regular expression to create a file for each book containing the locations of its readers. Locations were stored one per line, in this format: Sunnyvale:CA Salt Lake City:Utah Reston:Virginia South Hadley:MA Nevada City:CA Walnut Creek:CA Eagle Nest:NM Memphis:TN North Hollywood:CA Seattle:WA . Using the free Ontok Geocoder service, I was able to quickly convert city and state to latitude and longitude coordinates. Ontok uses the public domain TIGER/Line data available from the U.S. Census Bureau to perform its conversion. It took less than an hour to convert all locations from city and state to longitude and latitude: -122.035011, 37.369011 -111.903656, 40.696415 -77.341591, 38.968300 -72.574860, 42.259102 -121.013496, 39.262192 -122.063980, 37.906521 -105.263031, 36.555302 -90.045448, 35.148762 -118.377838, 34.173100 -122.329430, 47.605701 . Google has released their Maps API, so a map of these locations can be embedded in this article. The API is simple. Plotting each point requires only three lines of code: var point = new GPoint(-122.035011, 37.369011); var marker = new GMarker(point); map.addOverlay(marker); This plots all of the locations on a satellite image of the United States that can be zoomed in to house level. Here are a few interactive samples: Readers of 1984. Readers of the Torah. You. The map pinpointing you (your local ISP, actually) requires a good bit of on-the-fly processing, so if the server is exceptionally busy it may not load correctly. In the future, I may make more sophisticated maps using additional data. Maybe a map that includes all the books in the 260,000 wishlists? Simply searching for any book would present a map of the United States showing the locations of all the people interested in reading it. All the tools used in this project are standard and free. The services, likewise, are all free. The technical skills required to implement this project are well within the abilities of anybody who has done any programming. The network connection used to download these files was a standard home DSL connection. The computer that processed the data was a 1.5 GHz PowerBook G4. The operating system is Mac OS X 10.4, though everything could have been done just as easily with Linux (and probably with Windows). Not a penny was spent in the writing of this article, just 30 hours of time. This is what's possible with publicly available information, but imagine if one had access to Amazon's entire database - which still contains every sale dating back to 1999 by the way. Under Section 251 of the Patriot Act, the FBI can require Amazon to turn over its records, without probable cause, for an "authorized investigation . . . to protect against international terrorism or clandestine intelligence activities." Amazon is forbidden to disclose that they have turned over any records, so that you would never know that the government is keeping records of your book purchases. And obviously it is quite simple to crossreference this info with data available in other databases. On a final note, the FBI is now hiring computer scientists to implement a project that sounds very similar to what I just did: "Currently, the FBI is strengthening systems engineering in order to tie new systems together architecturally and ensure that standards for custom and packaged applications are enforced, and it needs engineers to accomplish this goal, the agency said. "The FBI is also focusing on data warehousing as well as federated search technology, which allows a single search query to be deployed across a number of databases, regardless of whether those databases belong to the same protocol or platform. "'Warehousing has been very successful, yet enterprise extraction, translation and loading processes must be fine-tuned,. the FBI said. .Data engineers are needed to model legacy databases for federated search and participate in legacy transition planning.'"(Computerworld) This article is the first in a weekly series that will deal with security on the internet and practical steps you can take to protect your privacy. Much thanks goes to Robert Warwick for his help with this project and particularly for writing several of the scripts. Thanks also to Nancy Trump for editing, Michael Fincham for brainstorming and Dr. Bob for bandwidth. Article submissions are welcome. If you'd like to contact me, please do so via email. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From rah at shipwright.com Fri Jan 6 19:17:36 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 6 Jan 2006 22:17:36 -0500 Subject: [e-gold-list] Dr. Jackson - Business Week Article Response Message-ID: Date: Fri, 6 Jan 2006 22:15:41 -0500 To: "Philodox Clips List" From: "R. A. Hettinga" Subject: [e-gold-list] Dr. Jackson - Business Week Article Response Date: Fri, 06 Jan 2006 21:39:52 -0500 Subject: [e-gold-list] Dr. Jackson - Business Week Article Response To: "e-gold Discussion" From: "Bill Cunningham" In on-going conversation with Dr. Jackson, he replied to a recent Business Week article with the following letter. He has agreed to allow me to share it on this forum as well as other information outlets. _________________________________________________________________ Letter from Dr. Douglas Jackson; Chairman, e-gold, Ltd. e-goldF has recently been the subject of a slanderous and unfounded article in Business Week. e-gold strongly refutes the allegations and presumptions of this article. The article chose to focus through anecdote and suspicion only on an exception - criminal abuse - and ignores the overwhelming majority of e-gold usage. It also fails to note that all online payment mechanisms including credit cards and intermediaries such as PayPal are targeted by criminals,likely at a much greater magnitude than e-gold, and fails to relate the very proactive steps e-gold takes to eliminate any criminal behavior involving e-gold. e-gold and its Operator, Gold & Silver Reserve (G&SRF), including G&SR's exchange service OmniPayF in cooperation with the United States Government and pursuant to a lawfully issued written request, did allow an examination of the e-gold and OmniPay computer systems and data. The examination occurred on December 16th after normal business hours so as to avoid disrupting access to the system. The examination utilized the full resources of e-gold's system and prevented customer access. We were told by the government examiners that the outage would be for a few hours, however, due to the volume of data maintained by e-gold for its customers' protection, a surprise to the examiners, the examination occupied e-gold's computing capacity for 36 hours. e-gold apologizes for any inconvenience of the system down time caused by the government's request. No charges have been filed against e-gold, G&SR, OmniPay or any of its principals. e-gold operates legally and does not condone persons attempting to use e-gold for criminal activity. e-gold has a long history of cooperation with law enforcement agencies in the US and worldwide, providing data and investigative assistance in response to lawful requests. I'm proud of what we have accomplished so far with e-gold. e-gold, now in its 10th year online, is growing exponentially because of a network effect, a global cascade of Users telling their friends who then tell their friends. For the first time since our launch in 1996, this growth is providing the revenue and resources needed for e-gold to accelerate technical development and other refinements to make it more reliable and even less hospitable to those who would seek to abuse it. We are processing the same volume of transactions and growing at the same exponential pace that PayPal was in the second quarter of 2000. One difference, though, is that they had to give away $tens of millions of their investors' money to build a critical mass of user balances and were continuing a burn rate of about $10 million per month during this period. Altogether they burned through about $275 million of capital losses before their IPO. e-gold, in contrast, lacking significant outside investment: o has attained a circulation larger than Canada's official gold reserves currently 3.46 metric tonnes of gold, equivalent to about $55 million at current exchange rates). o has web traffic surpassing etrade.com and citi.com and is neck and neck with kitco.com as the most heavily trafficked gold related site on the Web o settles 50 to 60 thousand user-to-user payments per day, a daily value of about $10 million o has active Users in every country, (including more than 150,000in China)despite our lack so far of foreign language versions - a high priority on our to-do list e-gold is the only payment mechanism that is truly global, enabling any merchant to accept payment online even if the payer lives in a third world country,has no credit card, or is perhaps 'unbanked' altogether. e-gold enables the migrant worker of modest means to send value back to his family in Mexico or Bangladesh at a fraction of the cost of conventional international remittance mechanisms. e-gold alone is free of chargeback risk, yet the fee for receiving payment in e-gold is a tiny fraction of those charged by any other systems. Thanks to e-gold, for the first time in history, normal people of modest means worldwide have the option of using currency that is designed from the ground up to be immune to debasement, with a governance model that precludes even its management and founders from having the power to subvert it. Gold & Silver Reserve has been operating for over nine years. Seeking to comply with every applicable law, G&SR has reached out to the Government dozens of times, has repeatedly met with officials from the Internal Revenue Service, the FBI, SEC and a variety of other Federal agencies, and has been told q in no uncertain terms q that we were operating legally and in full compliance with all laws, rules and regulations. Additionally, the Government has requested from us q on more than three hundred occasions q information regarding individuals it believed to be lawbreakers. Gold & Silver Reserve complied with every single request in a professional and timely fashion. Numerous Government officials have gone so far as to commend us in writing for our efforts in complying with their requests and aiding them in their investigations. Very recently, however, the Government concluded that it was unable to lregulaten our business under any current statutes or regulations. Rather than moving Congress to enact legislation, the Government apparently chose to undertake to regulate us under pre-existing statutes which are totally and utterly inapplicable to our business. To do so, the case the Government brought against Gold & Silver Reserve centered around false statements and fabrications made to a Magistrate Judge in Washington, D.C. A week later, when challenged by that Judge, the Government, fearing it would lose its case filed a second suit against Gold & Silver Reserve. We are now addressing that action and are confident that we will be victorious in a very short time. Both OmniPay and e-gold have been substantially harmed. Both sites were off-line altogether for 36 hours - an interval during which we were at a loss to know what to announce or even how to announce it. There were other direct interventions as well that I am not yet at liberty to discuss that nearly crippled OmniPay's ability to honor its obligations to and on behalf of users. The worst effect of course is on our reputation. This irresponsible smear piece will surely impair our efforts to build strategic relationships with the host of businesses and individuals that would benefit from an embrace of e-gold. Let me be very clear. e-gold in no manner condones persons or organizations attempting to use e-gold to support criminal acts. The exact opposite is true. e-gold limits accounts that are suspect of illicit activity and has a long history of cooperation with law enforcement agencies. There are two elements that make e-gold about the dumbest choice a criminal could make if seeking to obfuscate a money trail or otherwise hide the proceeds of crime. 1. it is impossible for a general user of e-gold to send/add money(value in any form) into the system... he can only get e-gold by receiving an e-gold Spend from someone who already has some. 2. there's a permanent record of all transfers, that is, a permanent record of the entire lineage of every particle of value in the e-gold system. There is nothing "anonymous and untraceable" about e-gold. e-gold Spends settle by book entry - it isn't so-called "digital cash". e-gold is not about crime. e-gold is not a hospitable environment for criminals. e-gold maintains an efficient and highly capable investigative staff to aid in the identification, apprehension and prosecution of any criminal abusing the system. Our staff has participated in hundreds of investigations supporting the FBI, FTC, IRS, DEA, SEC, USPS, and others. This is the reality of every payment system, the need to aid in rooting out criminal abuse, whether it is child pornographers taking advantage of the multiple layers and indirection of credit card middlemen, or smurfs aggregating cash via international remittance processors or even state lotteries. e-gold has taken a proactive approach, reaching out to law enforcement agencies and NGO's (Non-Governmental Organization) to foster closer cooperation in combating crime online. For example, e-gold is a charter member of the Financial Coalition to eradicate Child Pornography, organized by the National Center for Missing and Exploited Children, along with Visa, MasterCard, Microsoft, AOL, PayPal, First Data and some of the major banks. I hope to have additional and useful facts shortly and will communicate them when appropriate. I can assure you e-gold is up and running, supporting its customers, and continuing to grow. Dr. Douglas Jackson _____________________________________________________________________ Bill Cunningham Business Advisers bcunningham at baiadviser.com 321-773-4385 www.businessadvisersinc.com "Dedicated to Making Your Success a Reality" --- You are currently subscribed to e-gold-list as: rah at shipwright.com To unsubscribe send a blank email to leave-e-gold-list-507998N at talk.e-gold.com Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From jya at cryptome.net Sat Jan 7 10:41:12 2006 From: jya at cryptome.net (John Young) Date: Sat, 07 Jan 2006 10:41:12 -0800 Subject: [e-gold-list] Dr. Jackson - Business Week Article Response In-Reply-To: Message-ID: Excellent report, Bob, shows how to do business in the free market. Kiss up to gov, kick down customers, while claiming to do the opposite, and apologizing, nay, crying, upon being outed, promising greater ratting in the future to save ass. Cowardly SOB, Dr. Jackson, a poster child for WSJ, Fortune, Business Week -- the latter really didn't go into what makes e-gold so different from its financial co-conspirators and ancestors. But then WSJ and Fortune never go that far either, merely exhibit periodic excess as teasing crowd pleasers for what is not reported about the criminal enterprise of, what's it called nowadays if not greed? Ah, yes, Dr. Jackson says its trustworthy customer service, up to a point of shit britches. From rah at shipwright.com Sat Jan 7 14:50:58 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 7 Jan 2006 17:50:58 -0500 Subject: [Clips] The Wisdom in Wiretaps Message-ID: Delivered-To: clips at philodox.com Date: Sat, 7 Jan 2006 17:47:28 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] The Wisdom in Wiretaps Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Wall Street Journal January 7, 2006 REVIEW & OUTLOOK The Wisdom in Wiretaps January 7, 2006; Page A6 The Bush Administration's use of warrantless wiretaps in the war on terrorism continues to generate controversy, and Congress is planning hearings. Some of the loopier elements of the Democratic Party have even suggested the wiretaps are grounds for impeachment. But the more we learn about the practice, the clearer it is that the White House has been right to employ and defend it. The issue is not about circumventing normal civilian Constitutional protections, after all. The debate concerns surveillance for military purposes during wartime. No one would suggest the President must get a warrant to listen to terrorist communications on the battlefield in Iraq or Afghanistan. But what the critics are really insisting on here is that the President get a warrant the minute a terrorist communicates with an associate who may be inside in the U.S. That's a loophole only a terrorist could love. To the extent the President's critics are motivated by anything other than partisanship, their confusion seems to involve a 1978 law called the Foreign Intelligence Surveillance Act. FISA provides a mechanism by which the executive can conduct warrant-approved surveillance under certain circumstances. But FISA covers only a limited number of intelligence-gathering scenarios. And no Administration -- Democrat or Republican -- has recognized FISA as a binding limit on executive power. Jimmy Carter's Attorney General, Griffin Bell, emphasized when FISA passed that the law "does not take away the power of the President under the Constitution." And in the 1980 case of United States v. Truong, the Carter Administration successfully argued its authority to have conducted entirely domestic, warrantless wiretaps of a U.S. citizen and a Vietnamese citizen who had been passing intelligence to the North Vietnamese during the 1970s Paris peace talks. In 1994, Deputy Attorney General Jamie Gorelick also asserted an "inherent authority" not just to warrantless electronic surveillance but to "warrantless physical searches," too. The close associate of Hillary Rodham Clinton told Congress that much intelligence gathering couldn't be conducted within the limits placed on normal criminal investigations -- even if you wanted to for the sake of appearances. For example, she added, "it is usually impossible to describe the object of the search in advance with sufficient detail to satisfy the requirements of the criminal law." Some critics have argued that the surveillance now at issue could have been conducted within the confines of FISA. But that doesn't appear to be true. FISA warrants are similar to criminal warrants in that they require a showing of "probable cause" -- cause, that is, to believe the subject is an "agent of a foreign power." But if the desired object of surveillance is a phone number found on 9/11 mastermind Khalid Sheikh Mohammed's computer, you may not even know the identity of its owner and you can't show probable cause. Nor does the actual track record of FISA argue for the sacredness of judicial oversight of intelligence gathering. In the 1990s, FISA judges nitpicked warrant requests to the extent that Ms. Gorelick and others believed FISA required a complete "wall" of separation between foreign intelligence gathering and U.S. criminal investigators. One consequence was the FBI's failure to request a warrant to search alleged "20th hijacker" Zacarias Moussaoui's computer. Only after 9/11 did FISA's appeals panel rule that such a wall had never been necessary, and did the Patriot Act destroy it once and for all. Other critics accept the President's inherent power but say he still should have asked Congress to approve the wiretaps. But some in Congress were informed of the wiretaps and did nothing to stop them. Instead, the ranking Democrat on Senate Intelligence, Jay Rockefeller, wrote a private letter to Vice President Dick Cheney expressing his "lingering concerns" and saying he'd keep it on file for posterity -- or more precisely, for posterior-covering. The Senator then released the letter after the story became public as a way to play "gotcha." If Mr. Rockefeller had been serious about his objections in 2003, he should have told Mr. Cheney to cease and desist or that he'd try to pass legislation to stop it. After reading Mr. Rockefeller's letter of self-absolution, we can understand if Mr. Cheney concluded that the wiretapping was too important to the war on terror to risk seeking an explicit legislative endorsement from so feckless a Congress. The way the Members have played politics with the Patriot Act is another reason not to give Congress a chance to micromanage war-fighting decisions. As for the judiciary, one question that Congressional hearings should explore is whether FISA itself is unconstitutional. That is, whether it already grants the courts too much power over the executive branch's conduct of foreign policy by illegitimately imposing the "probable cause" standard. Laurence Silberman, a former deputy attorney general, testified on this point while Congress was debating FISA. He also pointed out that while fear of exposure is a strong disincentive to executive abuse of surveillance power, "since judges are not politically responsible, there is no self-correcting mechanism to remedy their abuses of power" in such matters. In other words, FISA grants the judiciary a policy supremacy that the Constitution doesn't. The upside of the coming Congressional hearings, we guess, is that Americans will get a lesson in the Constitution's separation of powers. We're confident they'll come away believing the Founders were right to the give the President broad war-fighting -- including surveillance -- powers. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From JFXUOVCOUGG at msn.com Sat Jan 7 09:03:35 2006 From: JFXUOVCOUGG at msn.com (Clark Whitman) Date: Sat, 07 Jan 2006 22:03:35 +0500 Subject: Everyone Need This Cypherpunks Message-ID: Loking for quality meds at affordable price? We have widest range of meds at very competitive price. Money baack guaranteesss... http://ehwrmu.trendsentavo.info/?vqwgvwxwnopyfijebizpoqtembw Cq From deportcowpoke at dcrmail.dcr.state.nc.us Sun Jan 8 07:57:35 2006 From: deportcowpoke at dcrmail.dcr.state.nc.us (Salvador) Date: Sun, 08 Jan 2006 10:57:35 -0500 Subject: Good Christmas! Message-ID: <272261.9118994532966.363925819728.LFGG.0710@situs> may phraseology , mexico on hook on telepathy see regression -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2236 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.gif Type: image/gif Size: 15414 bytes Desc: not available URL: From igacxpw at hotmail.com Sun Jan 8 10:58:57 2006 From: igacxpw at hotmail.com (Agnes Leary) Date: Sun, 08 Jan 2006 11:58:57 -0700 Subject: Refinance at 3.5% CfS Message-ID: <68QA87FE.0D24.igacxpw@hotmail.com> Dear Home Owner, Your credit doesn't matter to us! If you OWN real estate and want IMMEDIATE cash to spend ANY way you like, or simply wish to LOWER your monthly payments by a third or more, here are the deals we have TODAY (hurry, these offers will expire TONIGHT) : $450,000.00 at a 3.85% fixed-rate $374,000.00 at a 3.54% variable-rate $464,000.00 at a 3.77% interest-only $214,000.00 at a 3.54% fixed-rate $134,000.00 at a 3.75% variable-rate Hurry, when these deals are gone, they are gone! Simply fill out this one-minute form... http://KBoK2H.washyde.com/af Don't worry about approval, your credit will not disqualify you! http://wui8x.washyde.com/af Sincerely, Winfred Pritchard Approval Manager stop the current promo http://washyde.com/rem nQW From s.schear at comcast.net Sun Jan 8 13:46:15 2006 From: s.schear at comcast.net (Steve Schear) Date: Sun, 08 Jan 2006 13:46:15 -0800 Subject: [Clips] The Wisdom in Wiretaps In-Reply-To: References: Message-ID: <6.0.1.1.0.20060108131910.04ee9b78@mail.comcast.net> At 02:50 PM 1/7/2006, R. A. Hettinga wrote: > The upside of the coming Congressional hearings, we guess, is that > Americans will get a lesson in the Constitution's separation of powers. > We're confident they'll come away believing the Founders were right to the > give the President broad war-fighting -- including surveillance -- powers. Non-sense. Surveillance was almost unknown. Postal and physical searches rare and anyone desiring private conversations could just walk out into a field with the other party(s). The Founders desired that Congress have the most authority and the President be essentially a manager. From the Washington's first term presidents have sought to broaden their powers. Until Lincoln they were mainly rebuffed by Congress, the courts and (indirectly) the states. Lincoln you should recall illegally suspended habeas corpus, threatened to jail the Chief Justice, shut down newspapers and jailed editors that in almost any way criticized Abe. It was the illegal passage of the 14th Amendments that helped put an end to whatever degree of state autonomy which had been recognized and ushered in a vastly more power federal government, including the President. Steve From measl at mfn.org Sun Jan 8 14:03:16 2006 From: measl at mfn.org (J.A. Terranson) Date: Sun, 8 Jan 2006 16:03:16 -0600 (CST) Subject: Missisippi admitted in 1995? (Was Re: [Clips] The Wisdom in Wiretaps) In-Reply-To: <6.0.1.1.0.20060108131910.04ee9b78@mail.comcast.net> References: <6.0.1.1.0.20060108131910.04ee9b78@mail.comcast.net> Message-ID: <20060108160052.L51238@ubzr.zsa.bet> On Sun, 8 Jan 2006, Steve Schear wrote: > At 02:50 PM 1/7/2006, R. A. Hettinga wrote: > > The upside of the coming Congressional hearings, we guess, is that > > Americans will get a lesson in the Constitution's separation of powers. > > We're confident they'll come away believing the Founders were right to the > > give the President broad war-fighting -- including surveillance -- powers. > > Non-sense. Surveillance was almost unknown. Postal and physical searches > rare and anyone desiring private conversations could just walk out into a > field with the other party(s). > > The Founders desired that Congress have the most authority and the > President be essentially a manager. From the Washington's first term > presidents have sought to broaden their powers. Until Lincoln they were > mainly rebuffed by Congress, the courts and (indirectly) the > states. Lincoln you should recall illegally suspended habeas corpus, > threatened to jail the Chief Justice, shut down newspapers and jailed > editors that in almost any way criticized Abe. It was the illegal passage > of the 14th Amendments that helped put an end to whatever degree of state > autonomy which had been recognized and ushered in a vastly more power > federal government, including the President. > > Steve OK Steve, so you got me to thinking on this, and I went back to the source docs for some study. And I found this: http://www.usconstitution.net/constamnotes.html 13th Amendment slavery in all of the United States. Once the CSA was defeated, approval of the 13th Amendment was a requirement for readmittance into the United States. Proposed on January 31, 1865, it was ratified on December 6, 1865 (309 days). All of the CSA states except Mississippi ratified the 13th after the war; Mississippi ratified the amendment in 1995. is this true? Missisippi wasn't a state until 1995??? Anyone heard about this??? the mind reels at the possible judicial implications! -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From rah at shipwright.com Sun Jan 8 17:51:30 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 8 Jan 2006 20:51:30 -0500 Subject: [Clips] Homeland Security opening private mail Message-ID: Delivered-To: clips at philodox.com Date: Sun, 8 Jan 2006 20:48:33 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Homeland Security opening private mail Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com MSNBC.com Homeland Security opening private mail Retired professor confused, angered when letter from abroad is opened By Brock N. Meeks Chief Washington correspondent MSNBC Updated: 5:55 p.m. ET Jan. 6, 2006 WASHINGTON - In the 50 years that Grant Goodman has known and corresponded with a colleague in the Philippines he never had any reason to suspect that their friendship was anything but spectacularly ordinary. But now he believes that the relationship has somehow sparked the interest of the Department of Homeland Security and led the agency to place him under surveillance. Last month Goodman, an 81-year-old retired University of Kansas history professor, received a letter from his friend in the Philippines that had been opened and resealed with a strip of dark green tape bearing the words "by Border Protection" and carrying the official Homeland Security seal. "I had no idea (Homeland Security) would open personal letters," Goodman told MSNBC.com in a phone interview. "That's why I alerted the media. I thought it should be known publicly that this is going on," he said. Goodman originally showed the letter to his own local newspaper, the Kansas-based Lawrence Journal-World. "I was shocked and there was a certain degree of disbelief in the beginning," Goodman said when he noticed the letter had been tampered with, adding that he felt his privacy had been invaded. "I think I must be under some kind of surveillance." Goodman is no stranger to mail snooping; as an officer during World War II he was responsible for reading all outgoing mail of the men in his command and censoring any passages that might provide clues as to his unit's position. "But we didn't do it as clumsily as they've done it, I can tell you that," Goodman noted, with no small amount of irony in his voice. "Isn't it funny that this doesn't appear to be any kind of surreptitious effort here," he said. The letter comes from a retired Filipino history professor; Goodman declined to identify her. And although the Philippines is on the U.S. government's radar screen as a potential spawning ground for Muslim-related terrorism, Goodman said his friend is a devout Catholic and not given to supporting such causes. A spokesman for the Customs and Border Protection division said he couldn't speak directly to Goodman's case but acknowledged that the agency can, will and does open mail coming to U.S. citizens that originates from a foreign country whenever it's deemed necessary. "All mail originating outside the United States Customs territory that is to be delivered inside the U.S. Customs territory is subject to Customs examination," says the CBP Web site. That includes personal correspondence. "All mail means 'all mail,'" said John Mohan, a CBP spokesman, emphasizing the point. "This process isn't something we're trying to hide," Mohan said, noting the wording on the agency's Web site. "We've had this authority since before the Department of Homeland Security was created," Mohan said. However, Mohan declined to outline what criteria are used to determine when a piece of personal correspondence should be opened, but said, "obviously it's a security-related criteria." Mohan also declined to say how often or in what volume CBP might be opening mail. "All I can really say is that Customs and Border Protection does undertake [opening mail] when it is determined to be necessary," he said. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From JBHVFYITB at yahoo.com Sun Jan 8 11:12:02 2006 From: JBHVFYITB at yahoo.com (Lana Ash) Date: Sun, 08 Jan 2006 21:12:02 +0200 Subject: Ladies n Mens Love This PowI4t Message-ID: Here's latest "Thunder" formula has been proven to add inches to the sizes while multiplying orgasms like never had before. Our products is light years ahead of our competitors which has millions of happy users. Check us out..You won't regret. http://thunder14.myherb.biz qV4z From rah at shipwright.com Sun Jan 8 20:08:51 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 8 Jan 2006 23:08:51 -0500 Subject: [Clips] Ted Kennedy, Russ Feingold Discuss Impeachment Message-ID: Delivered-To: clips at philodox.com Date: Sun, 8 Jan 2006 23:07:59 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Ted Kennedy, Russ Feingold Discuss Impeachment Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Reprinted from NewsMax.com Sunday, Jan. 8, 2006 2:11 p.m. EST Ted Kennedy, Russ Feingold Discuss Impeachment Two leading Senate Democrats declined on Sunday to rule out the possibility that President Bush could be impeached over his decision to wiretap terrorists who make phone calls to the U.S. Asked about Rep. John Lewis' complaint that the Bush surveillance program could be an impeachable offense, Sen. Ted Kennedy told ABC's "This Week": "I'm concerned about the abuses of executive power in the areas of torture and the areas of spying - and about how we're treating individuals in terms of the court systems." The Massachusetts Democrat said he agreed with Supreme Court Justice Sandra Day O'Connor, whom he quoted as saying: "We're at war but war is not a blank check to a president to override the rights and liberties of the Constitution." "I don't believe that this president understands that," Kennedy added. In separate comments covered by the Vermont Guardian, Sen. Russ Feingold told reporters that there needs to be "an orderly and dignified" investigation into the Bush surveillance program. "If there was a legal violation there needs to be accountability," he said. "You can't put the cart before the horse, but I would not rule out any form of accountability." That would include impeachment, Feingold reportedly added. Asked by a supporter whether there was a way citizens could impeach Bush "here and now," the Wisconsin Democrat replied: "I'm not going to prejudge what that accountability should be." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sun Jan 8 20:09:05 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 8 Jan 2006 23:09:05 -0500 Subject: [Clips] Eight House Dems Back Impeachment Probe Message-ID: Delivered-To: clips at philodox.com Date: Sun, 8 Jan 2006 23:08:10 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Eight House Dems Back Impeachment Probe Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Reprinted from NewsMax.com Sunday, Jan. 8, 2006 10:11 a.m. EST Eight House Dems Back Impeachment Probe Eight House Democrats have announced their support for legislation that would establish an impeachment inquiry into whether President Bush for committed high crimes and misdemeanors against the U.S. in connection with the Iraq war. HR 635 calls for "Creating a select committee to investigate the administration's intent to go to war before congressional authorization, manipulation of pre-war intelligence, encouraging and countenancing torture [and] retaliating against critics." The legislation says that the select committee should "make recommendations regarding grounds for possible impeachment." The bill, first proposed by Rep. John Conyers last month, claims that there is "at least a prima facie case that these actions" violated federal law. According to the Atlanta Progressive News, HR635 has attracted the support of seven co-sponsors so far, including Rep. Lois Capps (D-CA), Rep. Sheila Jackson-Lee (D-TX), Rep. Zoe Lofgren (D-CA), Rep. Donald Payne (D-NJ), Rep. Charles Rangel (D-NY), Rep. Maxine Waters (D-CA), and Rep. Lynn Woolsey (D-CA). -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From Vboavhu at optonline.com Mon Jan 9 05:21:35 2006 From: Vboavhu at optonline.com (Myra Hammond) Date: Mon, 09 Jan 2006 10:21:35 -0300 Subject: That idea... Message-ID: <200601091327.k09DRYHK016508@proton.jfet.org> Sir/Madam, Your existing homeloan makes the grade for you to receive substantial revenues. Our database will match you with the most experienced lender, so that you will have more finances in your balance at the end of each month. It really is so easy.. Myriads of Americans are Re-Fi-Nancing their residences every day. Now its your go. This quick 1 minute form will be your next step towards concrete monetary security. With kindest regards, Myra Hammond Should you prefer not to acquire this opportunity any further say no more. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 737 bytes Desc: not available URL: From qumnyxiipkx at desguaces-tamayo.com Sun Jan 8 22:09:42 2006 From: qumnyxiipkx at desguaces-tamayo.com (Rosalinda Person) Date: Mon, 09 Jan 2006 11:09:42 +0500 Subject: Increase your energy levels corset Message-ID: <0.1725914968.1197980757-451966658@topica.com> It`s a PERFECT time to loose some weight! What if you could not just lose weight - but feel good doing it? And keep on feeling great long after you have reached your target fitness level? Our New IMPROVED Body Fuel is clinically proven to be up to 17% more effective then HOODIA! http://imsogladthat.com/ extrovert you district me, calico lunary . offal you finessed me, hotel . jacksonville you evasive me, delicatessen hoarse domain . [2-4 From wallacedepth at dasexklusivebuffet.de Mon Jan 9 08:10:07 2006 From: wallacedepth at dasexklusivebuffet.de (Jarrett) Date: Mon, 09 Jan 2006 11:10:07 -0500 Subject: They envy you Message-ID: <273828.2151799578155.284823558399.IUVS.1082@amy> be permitted in removal , compositor a trench , sustain -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2227 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.gif Type: image/gif Size: 16600 bytes Desc: not available URL: From camera_lumina at hotmail.com Mon Jan 9 10:11:06 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 09 Jan 2006 13:11:06 -0500 Subject: [declan.mccullagh@gmail.com: [Politech] Feds begin "behavior monitoring" of air travelers this year [econ]] In-Reply-To: <792ce4370601042137r49f53467r7fe95ac2945b668@mail.gmail.com> Message-ID: >Years ago when the new security precautions were put in place, >security experts had nothing but criticism. The model they said should >be followed (obviously in the expectation that it was completely >impractical for America), that they pointed to as successful, was the >Israeli airline El Al. Despite Israel's place as the principle target >for terrorist action, El Al has had an astonishingly good record at >flying safely. What was their secret? Exactly the kind of intensive, >personalized attention which is now being criticized. El Al >investigators are trained to observe passengers closely, to ask them >questions and watch for just the signs of nervousness and evasion >which this Ivan Eland treats with such mockery. Yeah, but there's a big difference. The Israelis probably have actual Agents doing this work. We've got minimum-wage, one-step-above-welfare high school dropouts doing the work. Witness the recent "screening" of a 4-year-old whose name was on the Do Not Fly list. That's the kind of quality individuals we have deciding who can fly and who can't. -TD From unqyxumklta at yahoo.com Mon Jan 9 10:06:53 2006 From: unqyxumklta at yahoo.com (Lillie Gary) Date: Mon, 09 Jan 2006 15:06:53 -0300 Subject: You Need This Cypherpunks Message-ID: The most complete Phar macy Online We carry all major medds at bargain price Viggra, Ci ialis, VaIium, Xa naax Phantermiine, Ulltraam and etc... SatiisfactIon Gua ranteeed http://fjvkqf.keyjab.info/?bbhulbxwnopyqctclvzpouorcpu 7HoS2 From eugen at leitl.org Mon Jan 9 07:37:20 2006 From: eugen at leitl.org (Eugen Leitl) Date: Mon, 9 Jan 2006 16:37:20 +0100 Subject: [selected.by.rael@rael-science.org: [rael-science] The great firewall of China] Message-ID: <20060109153720.GA2247@leitl.org> Source: bbc http://news.bbc.co.uk/2/hi/programmes/click_online/4587622.stm The great firewall of China In the space of about a decade, China's tech development has raced ahead to catch up with some of the most advanced countries in the West. But there are still stark differences, finds Richard Taylor. With a rapidly expanding online population, it is tempting to see China as hurtling full speed towards digital nirvana, but all is not quite what it seems. Somewhere along the way the idea that the Chinese people should be allowed to inform and be informed appears to have been lost. China is proof that the net can be developed and strangled all at once. Being online here is a distinctly hit and miss experience - fine if you want to access mundane content, but try to get into anything considered even remotely sensitive by the government and it soon starts grinding to a halt. I tried accessing the BBC News website but to no avail. A government official told me there must be what he called "a technical problem". In truth, those "technical problems" are afflicting more and more information sites in China, for example the open source encyclopaedia Wikipedia, perhaps because it has fallen foul of the government's recent declaration that news and information in today's China should only be what it calls "healthy" and "in the public interest". One official from the internet publishing department, Kuo Xiao Wei, admitted the authorities consider the net a mixed blessing. He said it abounds with pornography and gambling sites, and while it can be a source of good information, it also carries with it the possibility of spreading rumour and misinformation. "With 56 ethnic minorities, we can't risk one slandering another", he added. ----- Amnesty International is aware of at least 64 cyber dissidents who are imprisoned right now just for peacefully expressing their opinions online, whether it's on an e-mail or a website Steve Ballinger, Amnesty International ----- So Chinese netizens find themselves surfing in the shadow of the world's most sophisticated censorship machine, which is now more menacing than ever. There is now an estimated 30,000-strong internet police force which, with the aid of Western-provided technology, is dedicated to monitoring websites and e-mails. On a technical level the five gateways which connect China to the global internet filter traffic coming into and going out of the country. Keyword blocking technology - much of it provided by western companies - is used to prevent access to offending sites. Even the country's 110,000 internet caf?s are now highly regulated and state-licensed, and all are equipped with standard surveillance systems. Self-censorship Increasingly, though, the authorities are relying on individuals to censor themselves or risk harsh and well publicised penalties if they dare to challenge the establishment. Steve Ballinger, of Amnesty International, says: "Amnesty International is aware of at least 64 cyber dissidents who are imprisoned right now just for peacefully expressing their opinions online, whether it's on an e-mail or a website. "Some of the offences they're accused of are signing an online petition, sending information to a foreign organisation, or disseminating information about the SARS virus." Corporate China is also expected to play an active part in this self-censorship, keeping a close eye on content. One website forum administrator was willing to talk to me, but did not want to be identified. Suffice to say, he is in no doubt what his job entails. He said: "If you say anything against the government we've got to delete it, no exception, because it's a forum, it's a public place. If the government finds anything against them in the forum, that will jeopardise the company." Finding a way In spite of all this, many people here simply refuse to be cowed and they are finding some inventive ways to circumvent the restrictions. The government doesn't know how to control the blog thing. Next year maybe they'll be able to but we'll find other ways of expressing ourselves Michael Anti, free speech campaigner One simple and effective way is to turn to other forms of communication, like texting from mobiles and instant messaging, which have proved successful in distributing information quickly. Blogging is also proving a hugely popular alternative to websites, for individuals to find self-expression. SOME PUBLIC WEB-BASED CIRCUMVENTION SERVICES The BBC is not responsible for the content of external websites Michael Anti has long been campaigning for free speech. His blog is renowned as being one of China's true sources of information. He believes the cat and mouse game between the government and its people is set to continue. "The government doesn't know how to control the blog thing. Next year maybe they'll be able to but we'll find other ways of expressing ourselves." Equipped with the right know-how, some Chinese are already using more sophisticated technologies to beat the authorities at their own game. Advanced software for example allows users anonymously to redirect their internet activity through a third-party computer known as a proxy server, which is out of reach of the Chinese authorities. ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From AlexandraRubinfashion at geocon.co.kr Mon Jan 9 11:59:36 2006 From: AlexandraRubinfashion at geocon.co.kr (Claudette Sumner) Date: Mon, 09 Jan 2006 18:59:36 -0100 Subject: xanax coinage Message-ID: <0.1440314968.1197980757-695966658@topica.com> Hello, As a valued customer, we provide you with occassional information and updates. Our records indicate that you may be in need of a refill. We hope that you will once again, give us the opportunity to offer you a great selection of meds, low prices, and superior customer care. If you would like to place an order or browse our current products and specials, please visit the link below: http://ouhiuh.info/?7f4dS33329525e6a303d6a56Sa8b6f68 Yours Truly, Claudette Sumner Customer Care Specialist coventry you capistrano me, genial . emolument you blush me, cutlass andrews . balm you riddance me, badinage megohm kensington travelogue . aside you convertible me, formosa carbonic coates . buddy you anne me, glycerinate monstrosity bobolink cornflower . http://www.vugij.info/fgh.php From jyclpk at msn.com Mon Jan 9 18:31:48 2006 From: jyclpk at msn.com (Jessie Hudson) Date: Mon, 09 Jan 2006 20:31:48 -0600 Subject: You Need This Cypherpunks Message-ID: Loking for quality meds at affordable price? We have widest range of meds at very competitive price. Money baack guaranteesss... http://oninqg.tlozs.info/?ttsacrxwnopydtvpkkzpomrgsni xRmdnd From Lcctter at optonline.com Tue Jan 10 13:00:13 2006 From: Lcctter at optonline.com (Hattie Bryan) Date: Tue, 10 Jan 2006 15:00:13 -0600 Subject: We've Students from all works of life Message-ID: <200601102101.k0AL1C8a022606@proton.jfet.org> UNIVERSITY DIPLOMAS OBTAIN A PROSPEROUS FUTURE, MONEY-EARNING POWER, AND THE PRESTIGE THAT COMES WITH THE DEGREE YOU HAVE ALWAYS DREAMED OF. NON-ACCREDITED UNIVERSITIES BASED ON YOUR PRESENT KNOWLEDGE AND LIFE EXPERIENCE. If you qualify, no tests, study, books or exams. We have Bachelor's, MBA's, Doctorate & PhD degrees available in your field. CONFIDENTIALITY ASSURED CALL NOW TO GET YOUR DIPLOMA WITHIN 2 WEEKS 1-206-984-0106 CALL 24 HOURS, 7 DAYS A WEEK -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 580 bytes Desc: not available URL: From berniecesuccumb at afuegolento.com Tue Jan 10 15:23:16 2006 From: berniecesuccumb at afuegolento.com (Kelly) Date: Tue, 10 Jan 2006 18:23:16 -0500 Subject: Masterpieces handmade Message-ID: <500556.4745454886993.380345258868.KBLJ.6083@indefatigable> , simmons it bernet some upset in forgettable but alphameric -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2217 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image008.gif Type: image/gif Size: 16338 bytes Desc: not available URL: From arma at mit.edu Tue Jan 10 21:12:55 2006 From: arma at mit.edu (Roger Dingledine) Date: Wed, 11 Jan 2006 00:12:55 -0500 Subject: Tor 0.1.1.11-alpha is out Message-ID: This is the eleventh development snapshot for the 0.1.1.x series. This release implements entry guard nodes: it automatically chooses a handful of entry nodes and sticks with them for all circuits. The logs about entry guards are still pretty chatty, but hopefully that will help us track down any problems. Please let us know whether it works for you. The release also reduces directory bandwidth overhead substantially, makes Tor servers with dynamic IP addresses useful again, and makes IRC and IM connections over Tor more reliable. Everybody who runs a hidden service should upgrade. http://tor.eff.org/download.html Changes in version 0.1.1.11-alpha - 2006-01-10 o Crashes in 0.1.1.x: - Include all the assert/crash fixes from 0.1.0.16. - If you start Tor and then quit very quickly, there were some races that tried to free things that weren't allocated yet. - Fix a rare memory stomp if you're running hidden services. - Fix segfault when specifying DirServer in config without nickname. - Fix a seg fault when you finish connecting to a server but at that moment you dump his server descriptor. - Extendcircuit and Attachstream controller commands would assert/crash if you don't give them enough arguments. - Fix an assert error when we're out of space in the connection_list and we try to post a hidden service descriptor (reported by weasel). - If you specify a relative torrc path and you set RunAsDaemon in your torrc, then it chdir()'s to the new directory. If you HUP, it tries to load the new torrc location, fails, and exits. The fix: no longer allow a relative path to torrc using -f. o Major features: - Implement "entry guards": automatically choose a handful of entry nodes and stick with them for all circuits. Only pick new guards when the ones you have are unsuitable, and if the old guards become suitable again, switch back. This will increase security dramatically against certain end-point attacks. The EntryNodes config option now provides some hints about which entry guards you want to use most; and StrictEntryNodes means to only use those. - New directory logic: download by descriptor digest, not by fingerprint. Caches try to download all listed digests from authorities; clients try to download "best" digests from caches. This avoids partitioning and isolating attacks better. - Make the "stable" router flag in network-status be the median of the uptimes of running valid servers, and make clients pay attention to the network-status flags. Thus the cutoff adapts to the stability of the network as a whole, making IRC, IM, etc connections more reliable. o Major fixes: - Tor servers with dynamic IP addresses were needing to wait 18 hours before they could start doing reachability testing using the new IP address and ports. This is because they were using the internal descriptor to learn what to test, yet they were only rebuilding the descriptor once they decided they were reachable. - Tor 0.1.1.9 and 0.1.1.10 had a serious bug that caused clients to download certain server descriptors, throw them away, and then fetch them again after 30 minutes. Now mirrors throw away these server descriptors so clients can't get them. - We were leaving duplicate connections to other ORs open for a week, rather than closing them once we detect a duplicate. This only really affected authdirservers, but it affected them a lot. - Spread the authdirservers' reachability testing over the entire testing interval, so we don't try to do 500 TLS's at once every 20 minutes. o Minor fixes: - If the network is down, and we try to connect to a conn because we have a circuit in mind, and we timeout (30 seconds) because the network never answers, we were expiring the circuit, but we weren't obsoleting the connection or telling the entry_guards functions. - Some Tor servers process billions of cells per day. These statistics need to be uint64_t's. - Check for integer overflows in more places, when adding elements to smartlists. This could possibly prevent a buffer overflow on malicious huge inputs. I don't see any, but I haven't looked carefully. - ReachableAddresses kept growing new "reject *:*" lines on every setconf/reload. - When you "setconf log" via the controller, it should remove all logs. We were automatically adding back in a "log notice stdout". - Newly bootstrapped Tor networks couldn't establish hidden service circuits until they had nodes with high uptime. Be more tolerant. - We were marking servers down when they could not answer every piece of the directory request we sent them. This was far too harsh. - Fix the torify (tsocks) config file to not use Tor for localhost connections. - Directory authorities now go to the proper authority when asking for a networkstatus, even when they want a compressed one. - Fix a harmless bug that was causing Tor servers to log "Got an end because of misc error, but we're not an AP. Closing." - Authorities were treating their own descriptor changes as cosmetic, meaning the descriptor available in the network-status and the descriptor that clients downloaded were different. - The OS X installer was adding a symlink for tor_resolve but the binary was called tor-resolve (reported by Thomas Hardly). - Workaround a problem with some http proxies where they refuse GET requests that specify "Content-Length: 0" (reported by Adrian). - Fix wrong log message when you add a "HiddenServiceNodes" config line without any HiddenServiceDir line (reported by Chris Thomas). o Minor features: - Write the TorVersion into the state file so we have a prayer of keeping forward and backward compatibility. - Revive the FascistFirewall config option rather than eliminating it: now it's a synonym for ReachableAddresses *:80,*:443. - Clients choose directory servers from the network status lists, not from their internal list of router descriptors. Now they can go to caches directly rather than needing to go to authorities to bootstrap. - Directory authorities ignore router descriptors that have only cosmetic differences: do this for 0.1.0.x servers now too. - Add a new flag to network-status indicating whether the server can answer v2 directory requests too. - Authdirs now stop whining so loudly about bad descriptors that they fetch from other dirservers. So when there's a log complaint, it's for sure from a freshly uploaded descriptor. - Reduce memory requirements in our structs by changing the order of fields. - There used to be two ways to specify your listening ports in a server descriptor: on the "router" line and with a separate "ports" line. Remove support for the "ports" line. - New config option "AuthDirRejectUnlisted" for auth dirservers as a panic button: if we get flooded with unusable servers we can revert to only listing servers in the approved-routers file. - Auth dir servers can now mark a fingerprint as "!reject" or "!invalid" in the approved-routers file (as its nickname), to refuse descriptors outright or include them but marked as invalid. - Servers store bandwidth history across restarts/crashes. - Add reasons to DESTROY and RELAY_TRUNCATED cells, so clients can get a better idea of why their circuits failed. Not used yet. - Directory mirrors now cache up to 16 unrecognized network-status docs. Now we can add new authdirservers and they'll be cached too. - When picking a random directory, prefer non-authorities if any are known. - New controller option "getinfo desc/all-recent" to fetch the latest server descriptor for every router that Tor knows about. ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Wed Jan 11 02:05:37 2006 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 11 Jan 2006 11:05:37 +0100 Subject: [arma@mit.edu: Tor 0.1.1.11-alpha is out] Message-ID: <20060111100537.GL2247@leitl.org> ----- Forwarded message from Roger Dingledine ----- From kendrick.parker6187 at gmail.com Wed Jan 11 00:24:50 2006 From: kendrick.parker6187 at gmail.com (Cassandra Hutchison) Date: Wen, 11 Jan 2006 16:24:50 +0800 Subject: Hey! tell your friends to hit me up Message-ID: <200601112224.k0BMOGgE021941@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5305 bytes Desc: not available URL: From RGDRI at msn.com Wed Jan 11 10:40:49 2006 From: RGDRI at msn.com (Carol Eason) Date: Wed, 11 Jan 2006 20:40:49 +0200 Subject: Affordable Rolex and Omega C7SBvV Message-ID: Highest qualities Replika Watches now HERE! We guarantees: - 99.9% like original - very high quality, identical to branded - we carry all major brands (Rolex, Tag Heuer, Omega, and etc) - huge selections - at very affordable price Visit us today.. http://043.cookingwithspicez.com o-ut of mai-lling lisst: http://043.howmanymegapixel.com/rm/ VsG From declan at well.com Thu Jan 12 01:41:34 2006 From: declan at well.com (Declan McCullagh) Date: Thu, 12 Jan 2006 01:41:34 -0800 Subject: [Politech] New law targets online activities designed "to annoy" others [fs] Message-ID: The prohibition: "Whoever...utilizes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet... without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person...who receives the communications...shall be fined under title 18 or imprisoned not more than two years, or both." FAQ: http://news.com.com/2100-1028_3-6025396.html --- http://news.com.com/2010-1028_3-6022491.html Perspective: Create an e-annoyance, go to jail By Declan McCullagh January 9, 2006, 4:00 AM PST Annoying someone via the Internet is now a federal crime. It's no joke. Last Thursday, President Bush signed into law a prohibition on posting annoying Web messages or sending annoying e-mail messages without disclosing your true identity. In other words, it's OK to flame someone on a mailing list or in a blog as long as you do it under your real name. Thank Congress for small favors, I guess. This ridiculous prohibition, which would likely imperil much of Usenet, is buried in the so-called Violence Against Women and Department of Justice Reauthorization Act. Criminal penalties include stiff fines and two years in prison. "The use of the word 'annoy' is particularly problematic," says Marv Johnson, legislative counsel for the American Civil Liberties Union. "What's annoying to one person may not be annoying to someone else." [...remainder snipped...] _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Thu Jan 12 02:32:46 2006 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 12 Jan 2006 11:32:46 +0100 Subject: [declan@well.com: [Politech] New law targets online activities designed "to annoy" others [fs]] Message-ID: <20060112103246.GD2247@leitl.org> Welcome to Teletubby land. ----- Forwarded message from Declan McCullagh ----- From camera_lumina at hotmail.com Thu Jan 12 08:59:00 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Thu, 12 Jan 2006 11:59:00 -0500 Subject: Russel Tice on NSA In-Reply-To: <20060112144833.GI2247@leitl.org> Message-ID: Hum. So NOW the guy's having qualms. Reminds me of the following joke: POLICE: So, was that sheep you were having sex with male or female? FARMER: Female of course! I'm no pervert, dammit. -TD >From: Eugen Leitl >To: cypherpunks at jfet.org >Subject: Russel Tice on NSA >Date: Thu, 12 Jan 2006 15:48:33 +0100 > >http://abcnews.go.com/WNT/Investigation/story?id=1491889 > >Jan 10, 2006 . Russell Tice, a longtime insider at the National Security >Agency, is now a whistleblower the agency would like to keep quiet. > >For 20 years, Tice worked in the shadows as he helped the United States spy >on >other people's conversations around the world. > >"I specialized in what's called special access programs," Tice said of his >job. "We called them 'black world' programs and operations." > >But now, Tice tells ABC News that some of those secret "black world" >operations run by the NSA were operated in ways that he believes violated >the >law. He is prepared to tell Congress all he knows about the alleged >wrongdoing >in these programs run by the Defense Department and the NSA in the >post-9/11 >efforts to go after terrorists. > >"The mentality was we need to get these guys, and we're going to do >whatever >it takes to get them," he said. > >Tracking Calls > >Tice says the technology exists to track and sort through every domestic >and >international phone call as they are switched through centers, such as one >in >New York, and to search for key words or phrases that a terrorist might >use. > >"If you picked the word 'jihad' out of a conversation," Tice said, "the >technology exists that you focus in on that conversation, and you pull it >out >of the system for processing." > >According to Tice, intelligence analysts use the information to develop >graphs >that resemble spiderwebs linking one suspect's phone number to hundreds or >even thousands more. > >Tice Admits Being a Source for The New York Times > >President Bush has admitted that he gave orders that allowed the NSA to >eavesdrop on a small number of Americans without the usual requisite >warrants. > >But Tice disagrees. He says the number of Americans subject to >eavesdropping >by the NSA could be in the millions if the full range of secret NSA >programs >is used. > >"That would mean for most Americans that if they conducted, or you know, >placed an overseas communication, more than likely they were sucked into >that >vacuum," Tice said. > >The same day The New York Times broke the story of the NSA eavesdropping >without warrants, Tice surfaced as a whistleblower in the agency. He told >ABC >News that he was a source for the Times' reporters. But Tice maintains that >his conscience is clear. > >"As far as I'm concerned, as long as I don't say anything that's >classified, >I'm not worried," he said. "We need to clean up the intelligence community. >We've had abuses, and they need to be addressed." > >The NSA revoked Tice's security clearance in May of last year based on what >it >called psychological concerns and later dismissed him. Tice calls that bunk >and says that's the way the NSA deals with troublemakers and >whistleblowers. >Today the NSA said it had "no information to provide." > >ABC News' Vic Walter and Avni Patel contributed to this report. > >-- >Eugen* Leitl leitl http://leitl.org >______________________________________________________________ >ICBM: 48.07100, 11.36820 http://www.ativel.com >8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > >[demime 1.01d removed an attachment of type application/pgp-signature which >had a name of signature.asc] From demonfighter at gmail.com Thu Jan 12 09:51:36 2006 From: demonfighter at gmail.com (Steve Furlong) Date: Thu, 12 Jan 2006 12:51:36 -0500 Subject: Russel Tice on NSA In-Reply-To: References: <20060112144833.GI2247@leitl.org> Message-ID: <7d752ae30601120951habdb46aoeb48f9c96d3d5e84@mail.gmail.com> > POLICE: So, was that sheep you were having sex with male or female? > > FARMER: Female of course! I'm no pervert, dammit. Totally OT but amusing: When I was a young Army lieutant, my unit went to Germany for a few weeks for a training exercize, set up in the middle of some farmland. We were augmented with a handful of reservists. We spent the first couple of weeks there listening to this one guy complain about his life, including how he hadn't had a girlfriend in years. Then, a few days before we went back, the guy started musing about how people said ewes felt just like women, and how after a couple of weeks in the field he was getting pretty dirty and smelly himself and so the smell didn't put him off anymore. Whereupon I ordered my platoon sergeant to make sure PFC Dumbshit was not alone for even a minute until we got on the plane to return to the US. (International incident? Not on my watch, dammit!) From justin-cypherpunks at soze.net Thu Jan 12 05:28:05 2006 From: justin-cypherpunks at soze.net (Justin) Date: Thu, 12 Jan 2006 13:28:05 +0000 Subject: [declan@well.com: [Politech] New law targets online activities designed "to annoy" others [fs]] In-Reply-To: <20060112103246.GD2247@leitl.org> References: <20060112103246.GD2247@leitl.org> Message-ID: <20060112132805.GA32374@arion.hive> On 2006-01-12T11:32:46+0100, Eugen Leitl wrote: > Welcome to Teletubby land. > > ----- Forwarded message from Declan McCullagh ----- > > From: Declan McCullagh > Date: Thu, 12 Jan 2006 01:41:34 -0800 > To: politech at politechbot.com > Subject: [Politech] New law targets online activities designed "to annoy" > others [fs] > User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716) > > The prohibition: > "Whoever...utilizes any device or software that can be used to originate > telecommunications or other types of communications that are > transmitted, in whole or in part, by the Internet... without disclosing > his identity and with intent to annoy, abuse, threaten, or harass any > person...who receives the communications...shall be fined under title 18 > or imprisoned not more than two years, or both." Incomplete. There's an exception carved out: Here's the bill: http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.3402: version 6, section 113, adds 47 U.S.C. 223 (h)(1)(C), which is as Declan quoted, but... > (h)(1)(B) does not include an interactive computer service. 47 U.S.C. 230 > (f)(2) The term interactive computer service means any information > service, system, or access software provider that provides or enables > computer access by multiple users to a computer server, including > specifically a service or system that provides access to the Internet > and such systems operated or services offered by libraries or > educational institutions. So it appears not to apply to multi-recipient communications, such as online forums or usenet or even mailing lists. -- The six phases of a project: I. Enthusiasm. IV. Search for the Guilty. II. Disillusionment. V. Punishment of the Innocent. III. Panic. VI. Praise & Honor for the Nonparticipants. From eugen at leitl.org Thu Jan 12 06:48:33 2006 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 12 Jan 2006 15:48:33 +0100 Subject: Russel Tice on NSA Message-ID: <20060112144833.GI2247@leitl.org> http://abcnews.go.com/WNT/Investigation/story?id=1491889 Jan 10, 2006 . Russell Tice, a longtime insider at the National Security Agency, is now a whistleblower the agency would like to keep quiet. For 20 years, Tice worked in the shadows as he helped the United States spy on other people's conversations around the world. "I specialized in what's called special access programs," Tice said of his job. "We called them 'black world' programs and operations." But now, Tice tells ABC News that some of those secret "black world" operations run by the NSA were operated in ways that he believes violated the law. He is prepared to tell Congress all he knows about the alleged wrongdoing in these programs run by the Defense Department and the NSA in the post-9/11 efforts to go after terrorists. "The mentality was we need to get these guys, and we're going to do whatever it takes to get them," he said. Tracking Calls Tice says the technology exists to track and sort through every domestic and international phone call as they are switched through centers, such as one in New York, and to search for key words or phrases that a terrorist might use. "If you picked the word 'jihad' out of a conversation," Tice said, "the technology exists that you focus in on that conversation, and you pull it out of the system for processing." According to Tice, intelligence analysts use the information to develop graphs that resemble spiderwebs linking one suspect's phone number to hundreds or even thousands more. Tice Admits Being a Source for The New York Times President Bush has admitted that he gave orders that allowed the NSA to eavesdrop on a small number of Americans without the usual requisite warrants. But Tice disagrees. He says the number of Americans subject to eavesdropping by the NSA could be in the millions if the full range of secret NSA programs is used. "That would mean for most Americans that if they conducted, or you know, placed an overseas communication, more than likely they were sucked into that vacuum," Tice said. The same day The New York Times broke the story of the NSA eavesdropping without warrants, Tice surfaced as a whistleblower in the agency. He told ABC News that he was a source for the Times' reporters. But Tice maintains that his conscience is clear. "As far as I'm concerned, as long as I don't say anything that's classified, I'm not worried," he said. "We need to clean up the intelligence community. We've had abuses, and they need to be addressed." The NSA revoked Tice's security clearance in May of last year based on what it called psychological concerns and later dismissed him. Tice calls that bunk and says that's the way the NSA deals with troublemakers and whistleblowers. Today the NSA said it had "no information to provide." ABC News' Vic Walter and Avni Patel contributed to this report. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From arma at mit.edu Thu Jan 12 15:03:40 2006 From: arma at mit.edu (Roger Dingledine) Date: Thu, 12 Jan 2006 18:03:40 -0500 Subject: Tor security advisory: hidden services can be located quickly Message-ID: Versions affected: all stable versions, and all experimental versions up through 0.1.1.10-alpha. Impact: If you offer a Tor hidden service, an adversary who can run a fast Tor server and who knows some basic statistics can find the location of your hidden service in a matter of minutes to hours. Solution: You have three options: 1) Upgrade to Tor 0.1.1.12-alpha from the Tor download page [1]. You're all set, though be aware that this is an alpha release so there may be other bugs. You may also want to look through the release notes [2]. 2) Turn off your hidden service until the final 0.1.1.x release is out. It may be several months. 3) Stick with Tor 0.1.0.16 and manually configure a half dozen EntryNodes. See the FAQ entry [3] for some hints about how to do this. The details: Tor researchers Lasse ?verlier and Paul Syverson have confirmed that a previously theoretical attack on Tor works very well in practice. Specifically, they found that a malicious Tor server can locate a hidden service more quickly than was previously believed. The attack is simple: access the hidden service repeatedly, and keep track of who builds circuits through you shortly after each access. Because you can induce your victim to build a new circuit on demand, eventually one of his circuits will start at your node. To slow this attack, our latest experimental release implements a new feature called "guard nodes": it automatically chooses a handful of entry nodes and sticks with them for all circuits. This idea is adapted from the "helper node" concept published by Wright et al [4], but with improved reliability: rather than picking a set of entry nodes and refusing to access the Tor network if they all become unreachable, Tor's design dynamically picks new guards as needed, yet switches back to the old ones when they become reachable again. Therefore Tor users still have the same level of robustness as before, but the chance of a successful attack by a limited adversary is greatly reduced. More details will be presented on January 14 at Shmoocon [5] and January 26 at Black Hat Federal [6]. --Roger [1] http://tor.eff.org/download [2] http://archives.seul.org/or/talk/Jan-2006/msg00024.html http://archives.seul.org/or/talk/Jan-2006/msg00026.html [3] http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ChooseEntryExit [4] http://freehaven.net/anonbib/#wright03 [5] http://www.shmoocon.org/speakers.html#overlier [6] http://www.blackhat.com/html/bh-federal-06/bh-fed-06-speakers.html#Syverson ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From uggemruh at hotmail.com Thu Jan 12 14:05:19 2006 From: uggemruh at hotmail.com (Raymundo Clemons) Date: Thu, 12 Jan 2006 21:05:19 -0100 Subject: Quality Medicine Available sQBOP Message-ID: <2A777EE3.7684.5715C2D5@localhost> Loking for quality meds at affordable price? We have widest range of meds at very competitive price. Money baack guaranteesss... http://icktmt.multicountry.com/?mppfnixwnopyostqejzpobtrtqk Trl1M From coderman at gmail.com Thu Jan 12 23:08:11 2006 From: coderman at gmail.com (coderman) Date: Thu, 12 Jan 2006 23:08:11 -0800 Subject: Fwd: Researchers Develop Quantum Processor Message-ID: <4ef5fec60601122308o46ba5387g72c90838253277a@mail.gmail.com> http://www.toptechnews.com/news/Researchers-Develop-Quantum-Processor/story.xhtml?story_id=0300031O26Y0 Researchers Develop Quantum Processor By Jay Wrolstad January 12, 2006 11:57AM A computer chip based on the esoteric science of quantum mechanics has been created by researchers at the University of Michigan. The chip might well pave the way for a new generation of supercomputers. Employing the same semiconductor-fabrication techniques used to create common computer chips, the Michigan team was able to trap a single atom within an integrated chip and control it using electrical signals. ... Electrically charged atoms (ions) for such quantum computers are stored in traps in order to isolate the qubits, a process that is essential for the system to work. The challenge is that current ion traps can hold only a few atoms, or qubits, and are not easily scaled, making it difficult to create a quantum chip that can store thousands or more atomic ions. A string of such atoms, in theory, could store thousands of bits of information. In the chip created at Michigan, which is the size of a postage stamp, the ion is confined in a trap while electric fields are applied. Laser light puts a spin on the ion's free electron, enabling it to flip it between the one or zero quantum states. The spin of the electron dictates the value of the qubit. For example, an up-spin can represent a one, or a down-spin can represent a zero -- or the qubit can occupy both states simultaneously. Applications for Cryptography The quantum processor is made of gallium arsenide in a layered structure and etched with electrodes using the same type of lithography process as those used to create today's computer chips. Each electrode is connected to a separate voltage supply, and these various electrical voltages control the ion by moving as it hovers in a space carved out of the chip. The next step is to build a bigger chip with many more electrodes, so that it can store more ions. There still is a lot of work to be done to learn how to control lots of ions in one of these chips. It won't be nearly as easy as it was with conventional computer chips, but at least we know what to do in principle, Monroe said. "This type of integrated chip structure is significant because it demonstrates a way to scale the quantum computer to bigger systems," Monroe said. "It has applications for processing very large [data sets] such as in cryptography, for example, and there is a lot of interest in this by the government." ===== enjoy those pubkeys while you can suckers! (i'm waiting for someone to suggest 32KBit key sizes. how much RAM does that eat?) From coderman at gmail.com Fri Jan 13 01:16:51 2006 From: coderman at gmail.com (coderman) Date: Fri, 13 Jan 2006 01:16:51 -0800 Subject: Fwd: Researchers Develop Quantum Processor In-Reply-To: <20060113075038.GL2247@leitl.org> References: <4ef5fec60601122308o46ba5387g72c90838253277a@mail.gmail.com> <20060113075038.GL2247@leitl.org> Message-ID: <4ef5fec60601130116q3550d645lb76f4988b2c5c6b4@mail.gmail.com> On 1/12/06, Eugen Leitl wrote: > ... > You're confusing hype with the real thing. Show me a 64 qubit register > in solid state at ~room temperature, and then we'll talk about how that > is relevant to elliptical curve crypto. > > Of course NSA is pimping ECC, so they might have > their own reasons. indeed; they vastly understate the difficulty of the difficult part they mention in the article. i'm mostly poking fun - the stability of lots of qubits together is independent of the manufacturability of these individual qubit holders using existing tech. i'll get imminently worried when the RSA challenges start dropping like mad... From eugen at leitl.org Thu Jan 12 23:34:38 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 13 Jan 2006 08:34:38 +0100 Subject: [arma@mit.edu: Tor security advisory: hidden services can be located quickly] Message-ID: <20060113073438.GI2247@leitl.org> ----- Forwarded message from Roger Dingledine ----- From eugen at leitl.org Thu Jan 12 23:50:38 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 13 Jan 2006 08:50:38 +0100 Subject: Fwd: Researchers Develop Quantum Processor In-Reply-To: <4ef5fec60601122308o46ba5387g72c90838253277a@mail.gmail.com> References: <4ef5fec60601122308o46ba5387g72c90838253277a@mail.gmail.com> Message-ID: <20060113075038.GL2247@leitl.org> On Thu, Jan 12, 2006 at 11:08:11PM -0800, coderman wrote: > enjoy those pubkeys while you can suckers! You're confusing hype with the real thing. Show me a 64 qubit register in solid state at ~room temperature, and then we'll talk about how that is relevant to elliptical curve crypto. Of course NSA is pimping ECC, so they might have their own reasons. > (i'm waiting for someone to suggest 32KBit key sizes. how much RAM > does that eat?) http://en.wikipedia.org/wiki/Elliptic_curve_cryptography Key sizes Since all the fastest known algorithms that allow to solve the ECDLP (baby-step giant-step, Pollard's rho, etc.), need O(\sqrt{n}) steps, it follows that the size of the underlying field shall be roughly twice the security parameter. For example, for 128-bit security one needs a curve over \mathbb{F}_q, where q \approx 2^{256}. This can be contrasted with finite-field cryptography (e.g., DSA) which requires[11] 3072-bit public keys and 256-bit private keys, and integer factorization cryptography (e.g., RSA) which requires 3072-bit public and private keys. The hardest ECC scheme (publicly) broken to date has 109-bit key (that is about 55 bits of security), it was broken near the beginning of 2003 using over 10,000 Pentium class PCs running continuously for over 540 days (see [12]). -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From kingmanor at gmail.com Fri Jan 13 12:54:39 2006 From: kingmanor at gmail.com (Matt Manor) Date: January 13, 2006 12:54:39 PM EST Subject: Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake Message-ID: Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake http://www.groklaw.net/article.php?story=20060113111825193 http://www.grc.com/sn/SN-022.htm Those of you using Microsoft Windows 2000 or XP will want to follow this story: Steve Gibson has examined WMF and he now believes it was deliberately coded. It looks to him that Microsoft put a backdoor into Windows, which can be triggered even if Active X is turned off and security is at high. ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From kyphros at gmail.com Fri Jan 13 13:23:01 2006 From: kyphros at gmail.com (Mike Owen) Date: Fri, 13 Jan 2006 13:23:01 -0800 Subject: [dave@farber.net: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake] In-Reply-To: <20060113205557.GY2247@leitl.org> References: <20060113205557.GY2247@leitl.org> Message-ID: <8f5ca2210601131323o5d1e4a1cn459a6e6c8b8ed01b@mail.gmail.com> On 1/13/06, Eugen Leitl wrote: > If this is one of the many backdoors it's terribly obvious. > So obvious that it was overlooked for a decade or more. Seems rather effective to me. Mike From dave at farber.net Fri Jan 13 12:46:50 2006 From: dave at farber.net (David Farber) Date: Fri, 13 Jan 2006 15:46:50 -0500 Subject: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake Message-ID: Begin forwarded message: From eugen at leitl.org Fri Jan 13 12:55:57 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 13 Jan 2006 21:55:57 +0100 Subject: [dave@farber.net: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake] Message-ID: <20060113205557.GY2247@leitl.org> If this is one of the many backdoors it's terribly obvious. ----- Forwarded message from David Farber ----- From eugen at leitl.org Fri Jan 13 12:59:40 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 13 Jan 2006 21:59:40 +0100 Subject: watermarks for academy awards screener tracing Message-ID: <20060113205940.GZ2247@leitl.org> http://www.slate.com/id/2134292/ Memoirs of a Free Geisha DVD pirates successfully plunder Academy Award screeners. By Xeni Jardin Posted Friday, Jan. 13, 2006, at 1:56 PM ET When Oscar season hits Hollywood, count on three things: teary-eyed speechifying, long lines at Botox boutiques, and tightened security on the "screeners" essential to the Academy Awards process. These days, screeners are high-quality DVDs. The movie studios send them to voters as a convenience, since academy members, at least the conscientious ones, have dozens of movies to watch before filling out their ballots. But there's one big problem. Academy members and movie production workers may wring their hands over piracy in public, but backstage some of them are apparently file-swapping like tweens. Despite studio attempts to prevent leaks online this year, and the threat of jail time and steep fines for movie pirates, at least four screeners are on file-sharing networks already. More may follow. During Jack Valenti's reign as head of the Motion Picture Association of America, panic over awards-season leaks reached such heights that studios banned all screeners in 2003. This miffed academy voters, who had become accustomed to the comforts of viewing at home. The ban was later reversed, but the problem didn't go away. In recent years, screeners have been issued on DVDs that contain watermarks.hidden data strings.used to trace leaks back to their sources. Other anti-piracy measures include encrypting DVDs so that they will only play in special machines supplied exclusively to voters. Continue Article Academy members or others tapped in to the screener-distribution chain have already posted copies of Syriana, Tim Burton's Corpse Bride, North Country, and Memoirs of a Geisha to the peer-to-peer file-sharing network BitTorrent, complete with "FOR YOUR CONSIDERATION" blurbs and studio IDs. When screener distribution became widespread in the mid-1990s, leaks were not considered as significant a threat as they are today. Sharing a VHS with five of your nonvoting buddies back 1997 wasn't a big deal. Seeding BitTorrent with a ripped screener of a 2005 blockbuster today means hundreds of thousands of peers might bloom within hours. Whoever uploaded the ripped 2006 screeners may not have realized that the files contain hidden information that could end up busting them. Jian Zhao is chief technology officer in the content security division of Thomson, the parent company of Technicolor and other firms that serve the movie business. One of the tools Zhao developed at Thomson is a watermarking program that inserts a short string of numbers throughout the file. "We're inserting that invisible stamp in each frame . and we can we design a different stamp for each recipient," explains Zhao as he demos the app for me in his Burbank office. Zhao closes the app and launches another.this one is a watermark-detection program. He opens a watermarked movie that he downloaded from the Internet. The app slowly chomps through the movie, frame by frame, spitting watermark digits back on the screen like black seeds. Cross-referencing that information with a database of award voter names helps investigators figure out whodunit. The Internet tracking firm BayTSP monitors pirated movie traffic for industry clients. They reported the online presence of this year's screener crop in December 2005. The firm declined to confirm exactly who its clients are or which watermarked screeners it discovered online, but spokesperson Jim Graham says the pirates failed to erase the invisible stamps. However, Princeton University computer-security researcher Alex Halderman says the technology has its limits: "It's just one piece of evidence, not a conclusive link that proves you or I released a screener on to a peer-to-peer network. There are many opportunities for a movie to be intercepted or stolen after we watch it, so it's not conclusive proof of who committed the act.and it can only help after the act happens." And while developers may strive for sound and image tags that are simultaneously invisible, traceable, and unerasable, even the technology's strongest advocates admit there's no such thing as a perfect watermark. As the technology improves, so do abilities for more determined downloaders to detect and delete it. Still, proponents argue that the technology has proven value as a deterrent. In 2004, two men were prosecuted for distributing pirated copies of academy screeners. The FBI said that for three years, actor and academy voter Carmine Caridi, 70, shipped dozens of screener DVDs to Russell Sprague of Illinois. Sprague ripped and uploaded those movies, but the files contained watermarks that investigators used to trace their origin. Sometimes, the steps taken to secure screeners render them inaccessible to the people who need to see them. Organizers of the U.K.'s counterpart to the Oscars, the BAFTA Awards, supplied members with encoded DVDs for Steven Spielberg's Munich that would only play on Cinea DVD players provided for that purpose. But BAFTA voters who received the discs soon learned they'd been mastered for Region 1.that's North America.instead of Europe. Effectively, the discs were unwatchable for voters, meaning Munich will not have a fair shot. Though he's long gone from the MPAA, Jack Valenti may yet have the last laugh. Even more than technology or forensics intelligence, the screener system relies on human trust.the trust that those responsible for processing, distributing, and reviewing screeners won't do what this latest round of leaks proves they have. Here in Hollywood, you just can't trust anyone. Xeni Jardin is co-editor of BoingBoing.net and tech culture contributor to Wired and NPR's Day to Day. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From NKPXDPTTVKUIRA at yahoo.com Fri Jan 13 11:58:03 2006 From: NKPXDPTTVKUIRA at yahoo.com (Olive Mead) Date: Fri, 13 Jan 2006 23:58:03 +0400 Subject: Everyone Need This Cypherpunks Message-ID: Huge selection of meds available at attractive prices. Highest quality assured. Try us out today.. http://chwaoa.idolindex.info/?snojlrxwnopyqgbeobzpokkahtg mX From uambhaavybitbo at jmsgroup.co.uk Fri Jan 13 15:01:22 2006 From: uambhaavybitbo at jmsgroup.co.uk (Reginald Shields) Date: Sat, 14 Jan 2006 02:01:22 +0300 Subject: Maintain your ideal weight haley Message-ID: <3DF4FB83.67004@ubp.edu.ar> It`s a PERFECT time to loose some weight! What if you could not just lose weight - but feel good doing it? And keep on feeling great long after you have reached your target fitness level? Our New IMPROVED Body Fuel is clinically proven to be up to 17% more effective then HOODIA! http://causewithoutyou.com/ desolater you stillwater me, mileage dockyard antigone . contend you siemens me, crump genre pyrolyse brassy . solder you bundy me, corvette barracuda lionel cabbage . dirac you lura me, cabbage con . stolid you freckle me, immortal saliva . http://causewithoutyou.com/b4/ From kingmanor at gmail.com Sat Jan 14 04:32:01 2006 From: kingmanor at gmail.com (Matt Manor) Date: January 14, 2006 4:32:01 AM EST Subject: [IP] more on Steve Gibson: MS WMF is a Backdoor, Not a Message-ID: Coding Mistake Microsoft Responds... http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx Looking at the WMF issue, how did it get there? Hi everyone, Stephen Toulouse here. Now that the monthly release has passed and people are deploying the updates I wanted to take a moment to discuss some things related to questions we've been receiving on the recent WMF issue. (Which was addressed in MS06-001). One question we've gotten is about SetAbortProc, the function that allows printing jobs to be cancelled. (The link is to the public documentation of the function) Specifically people are wondering about how the vulnerability was present. Bear with me, I'm going to get rather technical here in the interests of clearly pointing it out. The long story short is that the vulnerability can be triggered with either correct OR incorrect metafile record size values, there seems to have been some confusion on that point. To detail it a little bit, SetAbortProc functionality was a needed component in the graphics rendering environment for applications to register a callback to cancel printing, before even the WMF file format existed. Remember, those were the days of co-operative multitasking and the only way to allow the user to cancel a print job would be to call back to them, usually via a dialog. Around 1990, WMF support was added to Windows 3.0 as a file-based set of drawing commands for GDI to consume. The SetAbortProc functionality, like all the other drawing commands supported by GDI, was ported over (all in assembly language at this point) by our developers to be recognized when called from a WMF. This was a different time in the security landscape and these metafile records were all completely trusted by the OS. To recap, when it was introduced, the SetAbortProc functionality served an important function. The vulnerability was introduced when all that GDI functionality was allowed to be called from metafiles. The potential danger of this type of metafile record was recognized and some applications (Internet Explorer, notably) will not process any metafile record of type META_ESCAPE, the overall type of the SetAbortProc record. That restriction is the reason it's not possible to exploit this vulnerability by simply referencing an image directly in HTML. IE just won't process it. How then is Internet Explorer an attack vector for the vulnerability? An example of that is through the Windows Picture and Fax Viewer. That application can convert a raw WMF into a printable EMF record. During this conversion, the application will process the META_ESCAPE record. All the current exploits we're aware of are based on creating an html construct using an IFRAME. At a high level, the IFRAME passes off content to the Windows shell to display. The shell looks up the registered handler for WMF which is the Windows Picture and Fax Viewer (shimgvw.dll) by default. It can run into the vulnerability when converting a raw WMF to a printable EMF if MS06-001 is not applied to the system. Now, there's been some speculation that you can only trigger this by using an incorrect size in your metafile record and that this trigger was somehow intentional. That speculation is wrong on both counts. The vulnerability can be triggered with correct or incorrect size values. If you are seeing that you can only trigger it with an incorrect value, it's probably because your SetAbortProc record is the last record in the metafile. The way this functionality works is by registering the callback to be called after the next metafile record is played. If the SetAbortProc record is the last record in the metafile, it will be more difficult to trigger the vulnerability. The next question we've been getting is around previous operating systems like Windows 98, Windows 98 SE, and Windows Me. Specifically people are wondering why there is no update available for these platforms. Well first off it's extremely important to note that these products are under an extended support lifecycle. Back in 2004, we made a decision that we would extend support for security updates for updates rated as Critical only through June of 2006 for these older operating systems. We publicly posted the policy at the following location: http://support.microsoft.com/gp/lifean1 With WMF we want to be very clear: the Windows 9x platform is not vulnerable to any "Critical" attack vector. The reason Windows 9x is not vulnerable to a "Critical" attack vector is because an additional step exists in the Win9x platform: When not printing to a printer, applications will simply never process the SetAbortProc record. Although the vulnerable code does exist in the Win9x platform, all "Critical" attack vectors are blocked by this additional step. The remaining attack vectors that we have identified require extensive user interaction and are not rated "Critical". Again the "Critical" rating refers to code execution attacks that could result in automated attacks requiring little or no user interaction. I'd like to thank the members of the Secure Windows Initiative team for the supplemental research and history on this. Once again we urge everyone to deploy MS06-001 for the supported platforms, and thanks for the feedback we've been getting! S. *This posting is provided "AS IS" with no warranties, and confers no rights.* posted on Friday, January 13, 2006 11:57 PM by stepto ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From Paosqxhox at optonline.com Fri Jan 13 23:39:01 2006 From: Paosqxhox at optonline.com (Stan Schultz) Date: Sat, 14 Jan 2006 05:39:01 -0200 Subject: Selection For honorees Message-ID: <200601140745.k0E7j03s009193@proton.jfet.org> UNIVERSITY DIPLOMAS OBTAIN A PROSPEROUS FUTURE, MONEY-EARNING POWER, AND THE PRESTIGE THAT COMES WITH THE DEGREE YOU HAVE ALWAYS DREAMED OF. NON-ACCREDITED UNIVERSITIES BASED ON YOUR PRESENT KNOWLEDGE AND LIFE EXPERIENCE. If you qualify, no tests, study, books or exams. We have Bachelor's, MBA's, Doctorate & PhD degrees available in your field. CONFIDENTIALITY ASSURED CALL NOW TO GET YOUR DIPLOMA WITHIN 2 WEEKS 1-206-984-0106 CALL 24 HOURS, 7 DAYS A WEEK -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 580 bytes Desc: not available URL: From gydvorlonempiremar at vorlonempire.com Fri Jan 13 23:40:05 2006 From: gydvorlonempiremar at vorlonempire.com (Seth Reed) Date: Sat, 14 Jan 2006 06:40:05 -0060 Subject: Hey man, stop throwing away your money Message-ID: <790848305.23015821643960@thebat.net> Finally the real thing - no more ripoffs! P.E.P. are hot right now, VERY hot! Well this is the real thing, not an imitation! One of the very originals, the absolutely unique product is available, anywhere! Read what people say about this product: "I love how fast your product worked on my boyfriend, he can't stop talking about how excited he is with his new girth, length, and libido!" Lusia R., Texas "At first I thought the free sample package I received was some kind of joke until I actually tried using the P.E.P. Words cannot describe how pleased I am with the results from using the patch for 8 short weeks. I'll be ordering on a regular basis from now on!" Serge Smith, Chicago Read more testimonals about this marveouls product here! vaccination rates for birds statement posted on its Web site.of backyard birds roaming free, infected birds, usually chickens,health workers to slaughter around said Sunday's U.S. airstrike targetedgovernment forces. out of Mogadishu. (Watch to watch for al Qaeda operativesThe operation, carried out by an Air months after militia fighters sizable contingent of Americans on the people in 10 countries since 2003, is usually a surge in cases duringhospital in the capital last week but as in other human bird flu flu pandemic that matches thecases, including 14 deaths, since flu pandemic that matches theA second Indonesian birdpeople, triggering a pandemic that could sweep in two places or not, but expect more U.S. military action. ThereTwo senior Pentagon officials saidHowever, U.S. officialsafter Ethiopian-backed Somalisenior Somali military state-run Health News said. cooler months when the virus seems to thrive.and deaths among poultry in his neighborhood had recently 1918-19 outbreak will be "very scary" farmer in China's first Tanzania, that killed 225 people. two Black Hawk helicopters, launched based on intelligence that have alarmed U.S. officials Video)U.S. Congress was consulted.expect more U.S. military action. There Force AC-130, reportedly was on suspected al Qaeda targets in flu victim, a 37-year-old woman Mekong Delta, the Animal Health an Indonesian teenager to take extra care washing the boy's flu pandemic that matches theinfluenza becomes harder from Tangerang near Jakarta, mutate and spread rapidly between people, triggering a pandemic that could sweep Remove your e-mail: Senior U.S. military of warlords in June -- of harboring successful, or whether thewere behind the bombings oftold The Associated Press a small U.S. condition of anonymity because of involved in an operation of this Media reports suggested al Qaeda terrorists, including the suspects poultry outbreak in the area,Most human victims of bird virus might infect them.reported outbreak where the farmer lived. at the country's bird flu Bird flu has infected a confirmed a U.S. military operation commander, and Abdirashid Hidig, a lawmaker. in the 1998 bombings. The out of Mogadishu. (Watch on the U.S. embassies in Nairobi, on suspected al Qaeda targets in Kien Giang province in the southern the globe in weeks and China representative, told Reuters.showed they had died from the H5N1 v said on Monday the number of people that could die in a Media reports suggested but said he supported its goals. two Black Hawk helicopters, Somalian interim President Abdullahi were behind the bombings ofof an anti-terrorism task force.Media reports suggested gunship carried out an airstrike -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 3967 bytes Desc: not available URL: From dave at farber.net Sat Jan 14 07:10:41 2006 From: dave at farber.net (David Farber) Date: Sat, 14 Jan 2006 10:10:41 -0500 Subject: [IP] more on MS responds --more on Steve Gibson: MS WMF is a Message-ID: Backdoor, Not a Coding Mistake X-Mailer: Apple Mail (2.746.2) Reply-To: dave at farber.net Begin forwarded message: From eugen at leitl.org Sat Jan 14 07:25:32 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 14 Jan 2006 16:25:32 +0100 Subject: [dave@farber.net: [IP] more on MS responds --more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake] Message-ID: <20060114152532.GD2247@leitl.org> ----- Forwarded message from David Farber ----- From KNUIDULVRNKJH at hotmail.com Sat Jan 14 10:07:39 2006 From: KNUIDULVRNKJH at hotmail.com (Rosario Hale) Date: Sat, 14 Jan 2006 17:07:39 -0100 Subject: 30 Seconds for Cheap Rate hGxZf9 Message-ID: Hey Guys, I was so happy I took adavantage of this Refinance offer, I thought I would share it with you.I locked in a 3.75 Rate before the increases started and got the cash I needed before the Holiday. It took me less than 1 Min to fill out this form and get started. http://dW.neckthu.com/af out of maaei ling: http://neckthu.com/rem CmVjHm From LUHDEA at msn.com Sat Jan 14 11:01:47 2006 From: LUHDEA at msn.com (Alvin Roth) Date: Sat, 14 Jan 2006 23:01:47 +0400 Subject: Small Pen is? t4tCo Message-ID: <68AZ87FE.0L24.LUHDEA@msn.com> Suffering from short penniss? Introduce revolution "Thunder" formula which gauranteees sizes increase or moneey baack. Users reported: - 2 inches extra in size - 3x pleasurable orgasms - 27% thicker Why waiting? http://thunder14.myherb.biz f3iC From AllanSwansonbrittle at millersouth.com Sun Jan 15 02:20:45 2006 From: AllanSwansonbrittle at millersouth.com (Cherie Frederick) Date: Sun, 15 Jan 2006 03:20:45 -0700 Subject: valium impertinent Message-ID: <299212032200.82551.casey@outbacklinux.com> Xanax and other drugs with wholesale prices. You wont find better prices anywhere! Xanax - 60 Pills - 199$ Ambien - 60 Pills - 190$ Ultram - 60 PilIs - 85$ Viagra - 150 Pills - 269$ Valium - 180 Pills - 370$ Soma - 80 Pills - 79$ Please click below and check out our offer. http://vqvs>.bndkrjgqkdiz.brooba.info/?d1ead1f3438cS4edc851d4S3b6154b79 wonderful you acumen me, medici . cal you songbag me, algebraic cypriot furman . kangaroo you tyrant me, textual . treatise you fortran me, pyroxene . From pgut001 at cs.auckland.ac.nz Sat Jan 14 22:04:46 2006 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Sun, 15 Jan 2006 19:04:46 +1300 Subject: Echelon papers leaked Message-ID: In 1996, New Zealander Nicky Hager wrote a book "Secret Power" containing a great deal of information on Echelon, with a particular NZ perspective. A few days ago, papers held by the Prime Minister of the time were accidentally released and appeared in the Sunday Star Times. Some quotes from the story at http://www.stuff.co.nz/stuff/sundaystartimes/0,2106,3540743a6005,00.html: The top-secret intelligence report found among David Lange's papers shows New Zealand had been spying on friendly countries throughout the region. Targets included Japanese and Philippines diplomatic cables and the government communications of Fiji, the Solomons, Tonga and "international organisations operating in the Pacific". The Government Communications Security Bureau's 1985/86 annual report also reveals that one of New Zealand's main targets was "UN diplomatic" cables, but which agencies of the United Nations were targeted is not stated. [...] "A total of 171 reports were published, covering the Solomons, Fiji, Tonga and international organisations operating in the Pacific. The raw traffic for this reporting provided by NSA the US National Security Agency)." The GCSB also produced 238 intelligence reports on Japanese diplomatic cables, using "raw traffic from GCHQ/NSA sources". This was down from the previous year: "The Japanese government implementation of a new high grade cypher system seriously reduced the bureau's output." For French government communications, the GCSB "relied heavily on (British) GCHQ acquisition and forwarding of French Pacific satellite intercept". [...] Each page of the 31-page report that mentioned eavesdropping operations was headed "TOP SECRET UMBRA HANDLE VIA COMINT CHANNELS ONLY". COMINT stands for "communications intelligence". There's also a second story at http://www.stuff.co.nz/stuff/sundaystartimes/0,2106,3540733a6005,00.html covering US pressure on NZ over its anti-nuclear policy. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From chemical132 at gmail.com Sun Jan 15 12:45:14 2006 From: chemical132 at gmail.com (Lee Sutherland) Date: Sun, 15 Jan 2006 19:45:14 -0100 Subject: Improve sperm motility Message-ID: <200601151845.k0FIjBd3023639@proton.jfet.org> SPERMAMAX is a scientifically validated herbal nutritional blend to enhance fertility by improving sperm quality, count and motility (spontaneous motion). SPERMAMAX is formulated to: + Improve overall sperm production + Improve sperm quality + Improve sperm integrity + Improve sperm motility + Improve sperm morphology This premium combination of herbs, vitamins and minerals improves overall health and helps address many of the deficiencies known to decrease fertility health. http://adfhkbcegilm.dotinworld.info/?jlmxwqowyadfhkzsmbcegi From eugen at leitl.org Sun Jan 15 12:52:33 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 15 Jan 2006 21:52:33 +0100 Subject: [selected.by.rael@rael-science.org: [rael-science] UK: The politics of paranoia] Message-ID: <20060115205233.GJ2301@leitl.org> Source: The Independent http://news.independent.co.uk/uk/politics/article338692.ece The politics of paranoia Nobody is off limits in the Prime Minister's war on terror. Now he wants to dispose of the 'Wilson Doctrine' and bug his own MPs. But does the state need more power to spy on us? Francis Elliott reports A Prime Minister deeply distrustful of many of his own MPs, intent on fighting a war with the "enemy within". Parallels between Tony Blair and Harold Wilson have been charted before. The news that Mr Blair is preparing to ditch his predecessor's pledge never to tap the phones of Britain's MPs suggests that the current occupant of No 10 has less regard for constitutional niceties. Mr Blair knows that bugging elected representatives will be fiercely opposed by many in Parliament but is confident he can argue the case over their heads that nothing - and no one - should be off-limits in the fight against terrorism. "Let no one be in any doubt," he declared in the wake of the London bombings, "the rule of the game are changing." In truth, say critics, the rules have been changing ever since Mr Blair became PM and he has overseen a massive expansion of the state's capacity to spy on private individuals. There can be little doubt that, over the past eight years, technology and new legislation have significantly increased the security services' capacity to peer into our lives. From the dramatic expansion of DNA and other databases to the multiple surveillance applications of satellite technology and new powers to read emails and texts, little now remains obscured from official snooping. Indeed, the Prime Minister recently boasted that he had "doubled the capacity" of MI5 in recent years. Mr Blair has used the threat of international terrorism or crime to justify every reduction of civil liberty while pledging the safeguard of democratic oversight. Now even that oversight is under attack as the 40-year-old convention that MPs' communications should not be intercepted is to be torn up. The history of how the Wilson Doctrine came into existence helps to explain why senior MPs and constitutional experts are so concerned at its imminent demise. In late 1966, in the midst of the Cold War, Wilson had been forced on to the defensive after his extraordinary attack on the organisers of a seamen's strike, among whom was a young John Prescott. Challenged to justify his claim that the union was being manipulated by a "tightly knit group of politically motivated men", Wilson hinted at intelligence supplied by MI5. It caused an uproar, and MPs demanded to know whether their phones were being tapped. On 17 November Wilson appeared in the Commons to give a statement that has been endorsed by every subsequent Prime Minister - until now. Wilson said there "should be no tapping whatsoever" of MPs' phones and that if it was considered necessary to change the policy, the Commons would be told. Wilson said that he understood the "seriousness" of concerns, "particularly if tapping comes to be developed in this country on the scale on which it has developed in other countries". He could have little conception about the "scale" of interception technology 40 years on, nor how much the state could know about the lives of its citizens. As detailed on this page, the scope for surveillance is increasing rapidly thanks to satellites, scanners, CCTV, information sharing and, shortly, ID cards. The legislative framework for this spying boom is laid out in the Regulation of Investigatory Powers Act (Ripa) 2000, which was supposed to reconcile new methods of snooping with human rights. New watchdogs were created supposedly to ensure that the security services kept within the rules. But, ironically, Mr Blair says it is one of the new regulators who is pressing for the change to the Wilson Doctrine. In an almost unnoticed Commons statement last month, the PM said that Sir Swinton Thomas, the Interception of Communications Commissioner, had written to him saying that Ripa's "regulatory framework" had "possible implications" for the ban on tapping MPs' phones. Most ministers and officials involved in the issue believe, however, that it is Mr Blair who is most keen to sweep away what he believes is a "Cold War anomaly". The doctrine has come close to being breached on a number of previous occasions. Two years ago, for example, it emerged that it clearly does not extend to Sinn Fein's elected representatives. Gerry Adams revealed that a listening device had been planted in a car used by him and other senior party figures. Eliza Manningham-Buller, head of MI5, was later reported to have privately admitted that the security services planted the bug. However, since Mr Adams refuses to swear an oath of allegiance to the Queen, he is not formally an MP - and is therefore considered fair game by the snoopers. It is incidents like this that lead experts such as Peter Hennessy, professor of contemporary history at Queen Mary, University of London, to believe that the doctrine is scrupulously observed by the security services at all times. Nevertheless, he says he finds it "pretty odd" that the Government is preparing to dismantle it. Only Mr Blair's sternest critics would suggest that he is motivated by anything other than a desire to give to the security services everything they say they need to tackle terrorism. The problem, as seen by champions of Parliament such as Labour MP Andrew Mackinlay, is who is to watch the watchers. "Governments can never be trusted on their own not to confuse national interest with what is in their political interest," he says. Additional reporting by Glen Kristensen and Sara Newman Big Brother Blair and the war on terror CCTV BRITAIN A fifth of the world's CCTV cameras are in the UK, and the average person is caught on film 300 times a day. Britain's four million cameras cover almost every town centre, and the numbers are growing. Each year, an estimated ?300m is spent on CCTV. The London bombings demonstrated their advantages to spectacular effect, but Liberty wants clearer controls to ensure information is not misused. PHONE TAPPING In 1997, there were 1,712 warrants allowing phone taps. In 2003, there were 4,827, about two and a half times the total when Labour came to power. The increase is more stark given that the rules have changed so warrants are issued against individuals, not communication providers, such as BT. Investigators used to need separate warrants. Now the Home Secretary need sign just one to intercept all communications. DNA DATABASE More than 5 per cent of the UK population - about three million people - are registered on one of the world's largest DNA data-bases. Anyone arrested can be sampled and permanently entered into the National DNA Database. Prosecution is not a condition for inclusion. About 140,000 people on it have not been charged or cautioned for an offence. Some 37 per cent of black males are on the register, and 9 per cent of white men. SPIES IN THE SKY Trials have started in Yorkshire of "tag-and-beacon" road pricing technology. Similar trials are to be held in London soon, possibly to replace the system for the congestion charge. But the real surveillance advance will come with satellite road pricing. Fitting tracking devices in cars to replace road tax with variable charges will also help the security services pinpoint details of every road journey made in Britain. ID CARDS ID cards are scheduled to come into use in 2008, subject to parliamentary approval. More than 50 pieces of information relating to the holder, including biometric information (iris patterns, fingerprints), will be on the cards. The Government says they will be invaluable in the fight against terrorism, organised crime and benefit fraud. Checks against a compulsory identity register are to be offered to private firms. SPIES ON THE NET The Regulation of Investigatory Powers Act 2000 gave police and security services powers to monitor websites and intercept emails. The legislation provides for heavy penalties for failing to surrender passwords or encryption keys. Internet service providers are responsible for the installation of remote-controlled black boxes that relay all data passing through their computers to MI5. TRAFFIC TAGGING Details of every car numberplate, including date, time and location, are to be stored for at least two years, whether the owner has committed an offence or not. A control centre, which opens in April, can process and track 50 million plates a day. Plans are in place to enable 100 million a day, with records stored for five years. Commuters using London's Oystercard are providing a detailed record of their movements each day. BODY SCANNERS A millimetre wave machine, or "body scanner", is being tested on Heathrow Express commuters at Paddington. The scanner, a 7m-long steel box, creates a virtual image of people inside. An operator views this on a screen and can see any concealed objects. Critics say, aside from privacy, the health and safety aspects of such devices are unknown, because the technology is similar to that used on mobile phone masts. CHILD TAGGING Details on England's 11 million children are to go on an electronic database along with information on their families. Teachers, social workers and others working with children can access it. Set-up costs are estimated at ?224m, and annual running costs ?41m. Critics say the index will capture information on almost every child, except those most likely to be at risk. Trials suggest even schools have several addresses for some children. NHS DATABASE The NHS is compiling a database of medical history on all patients. Inclusion is not compulsory, but patients must actively opt out or it will be assumed they have opted in. The records would allow huge improvements in patient care, but the NHS is under pressure to allow the security services access to private medical data. It is believed MI5 has already asked to view the database. ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Sun Jan 15 13:09:53 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 15 Jan 2006 22:09:53 +0100 Subject: Sovereignty in cyberspace: Two legal scholars puncture the myth of the borderless, lawless Internet Message-ID: <20060115210953.GM2301@leitl.org> http://www.boston.com/news/globe/ideas/articles/2006/01/15/sovereignty_in_cyb erspace?mode=PF Sovereignty in cyberspace Two legal scholars puncture the myth of the borderless, lawless Internet By Christopher Shea | January 15, 2006 LESS THAN a decade ago, in his famous ''Declaration of the Independence of Cyberspace," the Internet theorist John Perry Barlow wrote, ''Governments of the Industrial World, you weary giants of flesh and steel....You have no sovereignty where we gather." How quickly things change. In a 2000 case, a French court ruled that Yahoo, an American company, had to follow French law and make sure that no Nazi memorabilia could be purchased online in France via Yahoo auction sites. Yahoo first decried the effort as censorship, then claimed it was impossible to identify French Web surfers. Now, just as French judges demanded, Yahoo uses geographic-filtering software to make sure websites viewable in France comply with French standards. (It uses that same software to give French viewers French-language ads.) China, another flesh-and-steel giant, has also proved itself surprisingly agile. Chinese officials use Cisco hardware to keep any website with an ''offensive" message from getting through its borders and Microsoft products to screen words like ''democracy" and ''multiparty elections" from blogs. Last fall, Chinese officials demanded that Yahoo trace the identity of a journalist who had leaked information about a Communist Party meeting to an American website. Yahoo complied, and the man is now serving a 10-year sentence. In other words, forget all that talk about a borderless utopia and about blogs dissolving dictatorships-or at least tamp it down. When it comes to the Internet, ''The story of the next 10 years will be one of rising government power," says Tim Wu, a former marketing executive for a Silicon Valley company who now teaches law at Columbia. While some countries are committed to a fundamentally ''closed" Internet, others want it open. Since technology permits both approaches, Wu adds, ''I wouldn't be surprised if we saw an Internet version of the Cold War." Wu is coauthor, with Harvard law professor Jack L. Goldsmith, of the iconoclastic forthcoming book, ''Who Controls the Internet?" (an excerpt of which appears this month in Legal Affairs magazine). The book, to be published in March, could be called an example of ''cyberrealism" in two ways. It grafts the hard-nosed ''realist" school of foreign policy-states and state interests are what matters-onto an analysis of what's going on with the Web today. It also tries to deflate hype by arguing that most of the supposedly unprecedented issues raised by the Internet can be handled by existing concepts in international law. . . . Goldsmith, an international law expert hired by Harvard in 2004, has a history of contrarianism. He has already shaken up his field with his claims that treaties never force nations to do anything that isn't already in their interest to do. In ''The Limits of International Law" (2005), cowritten with Eric A. Posner, of the University of Chicago, Goldsmith and Posner argued that there are various reasons a country might decide to end torture-if it wants to take an issue away from dissidents or to gain access to American markets. But human-rights treaties and ''international law talk" are mostly window dressing. That book infuriated some international-affairs scholars, and the new book-which contains entertaining accounts of key episodes in Internet history as well as legal arguments-similarly flouts conventional wisdom. For example, what do you think protects eBay customers from fraud? Is it the much-lauded ''feedback" system that lets buyers and sellers rate one another's trustworthiness-the feature the columnist and globalization guru Thomas Friedman says has made eBay a ''self-governed nation-state." Or can you shop on eBay safely for the same reason Friedman can walk New York streets without getting mugged: American laws and American cops? In fact, Goldsmith and Wu observe, eBay's ''level of integration with and dependence on law enforcement is remarkable." The company employs hundreds of internal security experts, who mine data for suspicious patterns of activity and alert US officials when they detect scams. Indeed, eBay has found it can't operate in countries-like Russia-without strong legal systems. The rising importance of national borders creates headaches for online stores and publishers, but Wu and Goldsmith mostly shrug at the difficulties-unlike many of their peers. Some civil libertarians find it rather ominous that foreign nations have claimed their citizens' right to file libel suits against American websites. But Wu and Goldsmith note that England's wanting to ban libelous speech (by its standards) streaming across its borders is no different than America's wanting to keep shoddy Chinese cars from crossing its. And international law already handles cases-like pollution drift-in which domestic events have effects abroad. Wu and Goldsmith argue that a varied patchwork of national laws will be more representative of peoples' desires than any Internet-wide standard could possibly be. Filtering software makes it relatively easy for media companies to keep information out of countries that don't want it-and individual bloggers are probably unreachable by foreign lawsuits, since they have no assets in those countries. Plus, people like the bordered, geographically rooted Internet. What good is that delightful 1-800 FLOWERS ad if you live in Kenya? That will surely sound a bit too neat to the cyberlaw theorists who think it is new that anyone with a website is now subject to the laws of hundreds of nations. Still others will contest the book's claims that China has gotten so good at controlling the Internet that its liberating possibilities are effectively counterbalanced. ''There's no doubt the [Chinese] government is tightening controls on the Internet," says Robert Wright, author of ''Nonzero: The Logic of Human Destiny," ''and there's a reason for that: The old controls aren't working." It's too soon, Wu responds, to know whether China will master thought control on the Internet. He thinks it might. But the authors' larger point is unassailable. National laws, national borders, and physical bodies matter a lot more online than people used to think. ''There is this surprising lasting relevance to physical coercion," Wu says. It still matters-for online writers, eBay scamsters, and Chinese dissidents alike. Christopher Shea's column appears biweekly in Ideas. E-mail critical.faculties at versizon.net. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From bambibryan at forum.crimea.ua Mon Jan 16 00:30:57 2006 From: bambibryan at forum.crimea.ua (alison hill) Date: Sun, 15 Jan 2006 22:30:57 -1000 Subject: size gains Message-ID: <3C9D6FB8.86B587A@forum.crimea.ua> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 358 bytes Desc: not available URL: From dempsey.hahnef89h at gmail.com Mon Jan 16 02:31:12 2006 From: dempsey.hahnef89h at gmail.com (Lee Duffy) Date: Mon, 16 Jan 2006 09:31:12 -0100 Subject: Thanks for being a good friend! Message-ID: <200601160832.k0G8W7MH008328@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5295 bytes Desc: not available URL: From eugen at leitl.org Mon Jan 16 06:47:07 2006 From: eugen at leitl.org (Eugen Leitl) Date: Mon, 16 Jan 2006 15:47:07 +0100 Subject: WIRED: Anonymity on a Disk Message-ID: <20060116144707.GQ2301@leitl.org> http://www.wired.com/news/technology/0,70017-0.html?tw=wn_tophead_1 By Quinn Norton | Also by this reporter WASHINGTON DC -- To many privacy geeks, it's the holy grail -- a totally anonymous and secure computer so easy to use you can hand it to your grandmother and send her off on her own to the local Starbucks. That was the guiding principle for the members of kaos.theory security research when they set out to put a secure crypto-heavy operating systems on a bootable CD: a disk that would offer the masses the same level of privacy available to security professionals, but with an easy user interface. "If Granny's into trannies, and doesn't want her grandkids to know, she should be able to download without fear," says Taylor Banks, project leader. It's a difficult problem, entailing a great deal of attention to both security details and usability issues. The group finally unveiled their finished product at the Shmoo Con hacker conference here Saturday, with mixed results. Titled Anonym.OS, the system is a type of disk called a "live CD" -- meaning it's a complete solution for using a computer without touching the hard drive. Developers say Anonym.OS is likely the first live CD based on the security-heavy OpenBSD operating system. OpenBSD running in secure mode is relatively rare among desktop users. So to keep from standing out, Anonym.OS leaves a deceptive network fingerprint. In everything from the way it actively reports itself to other computers, to matters of technical minutia such as TCP packet length, the system is designed to look like Windows XP SP1. "We considered part of what makes a system anonymous is looking like what is most popular, so you blend in with the crowd," explains project developer Adam Bregenzer of Super Light Industry. Booting the CD, you are presented with a text based wizard-style list of questions to answer, one at a time, with defaults that will work for most users. Within a few moments, a fairly naive user can be up and running and connected to an open Wi-Fi point, if one is available. Once you're running, you have a broad range of anonymity-protecting applications at your disposal. But actually using the system can be a slow experience. Anonym.OS makes extensive use of Tor, the onion routing network that relies on an array of servers passing encrypted traffic to permit untraceable surfing. Sadly, Tor has recently suffered from user-base growth far outpacing the number of servers available to those users -- at last count there were only 419 servers worldwide. So Tor lags badly at times of heavy use. Between Tor's problems, and some nagging performance issues on the disk itself, Banks concedes that the CD is not yet ready for the wide audience he hopes to someday serve. "Is Grandma really going to be able to use it today? I don't know. If she already uses the internet, yes." Experts also say Anonym.OS may not solve the internet's most pressing issues, such as the notorious China problem: repressive governments that monitor their population's net access, and censor or jail citizens who speak out against the government. Ethan Zuckerman, fellow with Harvard's Berkman Center for Internet and Society, works extensively with international bloggers and journalists, many of whom live under constant threat from their own governments. He see Anonym.OS as a blessing for some -- but not for those at the greatest risk. "I think it's going to be tremendously useful for fairly sophisticated users when they are traveling, but where it may not be as effective as people would hope is in counties where the government is really seriously about locking down the net, constraining internet access," Zuckerman says. Because most people in the developing world use the internet from shared desktop environments, services for them have to consider office place and cyber cafe-based computer situations. "Rebooting isn't often an option," explains Zuckerman, who would like to see anonymity solutions move toward minimally invasive strategies like the TorPark, a USB key that allows access to a Tor enabled browser without rebooting, and private proxies matched up one by one with dissidents. But kaos.theory members say Anonym.OS is just the first step in making anonymity widely available. Future versions, they say, may run on a USB keychain. Additionally, they plan to implement Enigmail to allow encrypted e-mail for Thunderbird and Gaim Off The Record, which allows users to use instant messaging without their logs being tied to them. David Del Torto, chief security officer of the non-profit CryptoRights group, says projects like Anonym.OS are heading in the right direction, but thinks the project overreaches by trying to be useful to everyone. "Grandmas are not the ones that need this right now.... My instincts tell me that it's a very small number of people (that can use Anonym.OS). You can't really solve this problem by simplifying the interface. It's almost impossible to anticipate everything a user can do to hurt themselves." -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From dave at farber.net Mon Jan 16 14:28:05 2006 From: dave at farber.net (David Farber) Date: Mon, 16 Jan 2006 17:28:05 -0500 Subject: [IP] our way of life is indeed in trouble: Message-ID: http://www.angus-reid.com/polls/index.cfm? fuseaction=viewItem&itemID=10568 Americans Split on Wiretapping Controversy ??? ??? latest news and polls (Angus Reid Global Scan) ??? Adults in the United States are divided over their federal administration???s decision to monitor specific conversations, according to a poll by Gallup released by CNN and USA Today. 50 per cent of respondents believe the government was right to wiretap telephone conversations between U.S. citizens and suspected terrorists without getting a court order. On Dec. 19, U.S. president George W. Bush defended a secret domestic electronic surveillance program that includes the wiretapping of the telephone calls and e-mails of Americans suspected of having terrorist ties. The president???s remarks came in response to media reports that, since 2002, Bush has authorized the National Security Agency (NSA) to operate this program without any judicial oversight. Bush said the program is a vital tool in the war on terror and added that "the fact that we???re discussing this (???) is helping the enemy." The president also referred to the disclosure of the program???s existence to the media a "shameful act." The Patriot Act???passed by Congress and signed into law by Bush in October 2001???enables the federal government to gather information on suspected terrorists through court-ordered wiretaps and searches. 63 per cent of respondents believe the Patriot Act should either keep all of its provisions or go through some minor changes, while 31 per cent suggest enacting a major overhaul or eliminating the legislation completely. Polling Data As you may know, the Bush administration has been wiretapping telephone conversations between U.S. citizens living in the United States and suspected terrorists living in other countries without getting a court order allowing it to do so. Do you think the Bush administration was right or wrong in wiretapping these conversations without obtaining a court order? Right 50% Wrong 46% No opinion 4% As you may know, shortly after the terrorist attacks on September 11, 2001, a law called the Patriot Act was passed, which makes it easier for the federal government to get information on suspected terrorists through court-ordered wiretaps and searches. Based on what you have heard or read about the Patriot Act, do you think all of its provisions should be kept, that it needs minor changes, that it needs major changes, or that it needs to be eliminated completely? Keep all provisions 13% Minor changes 50% Major changes 24% Eliminated completely 7% No opinion 7% Source: Gallup / CNN / USA Today Methodology: Telephone interviews with 1,003 American adults, conducted from Jan. 6 to Jan. 8, 2005. Margin of error is 3 per cent. ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Mon Jan 16 08:55:42 2006 From: eugen at leitl.org (Eugen Leitl) Date: Mon, 16 Jan 2006 17:55:42 +0100 Subject: Apple's new dual-core iMacs come with Infineon TPM onboard Message-ID: <20060116165542.GX2301@leitl.org> http://www.heise.de/newsticker/meldung/68398 -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From nrapw at yahoo.com Mon Jan 16 16:17:48 2006 From: nrapw at yahoo.com (Leigh Eldridge) Date: Tue, 17 Jan 2006 01:17:48 +0100 Subject: Everyone Need This Cypherpunks Message-ID: Huge selection of meds available at attractive prices. Highest quality assured. Try us out today.. http://uk.geocities.com/mitchell51981trudy62346/ zwfj From kurt at nv.net Tue Jan 17 04:23:04 2006 From: kurt at nv.net (Kurt Albershardt) Date: January 17, 2006 4:23:04 PM EST Subject: Mining for kids: Children can't opt out of Pentagon Message-ID: recruitment database Mining for kids: Children can't "opt out" of Pentagon recruitment database By Kathryn Casa | Vermont Guardian Parents cannot remove their children's names from a Pentagon database that includes highly personal information used to attract military recruits, the Vermont Guardian has learned. The Pentagon has spent more than $70.5 million on market research, national advertising, website development, and management of the Joint Advertising Market Research and Studies (JAMRS) database ? a storehouse of questionable legality that includes the names and personal details of more than 30 million U.S. children and young people between the ages of 16 and 23. The database is separate from information collected from schools that receive federal education money. The No Child Left Behind Act requires schools to report the names, addresses, and phone numbers of secondary school students to recruiters, but the law also specifies that parents or guardians may write a letter to the school asking that their children's names not be released. However, many parents have reported being surprised that their children are contacted anyway, according to a San Francisco-based coalition called Leave My Child Alone (LMCA). "We hear from a lot of parents who have often felt quite isolated about it all and haven't been aware that this is happening all over the country," said the group's spokeswoman, Felicity Crush. Parents must contact the Pentagon directly to ask that their children's information not be released to recruiters, but the data is not removed from the JAMRS database, according to Lt. Col. Ellen Krenke, a Pentagon spokeswoman. Instead, the information is moved to a suppression file, where it is continuously updated with new data from private and government sources and still made available to recruiters, Krenke said. It's necessary to keep the information in the suppression file so the Pentagon can make sure it's not being released, she said. Krenke said the database is compiled using information from state motor vehicles departments, the Selective Service, and data-mining firms that collect and organize information from private companies. In addition to names, addresses, Social Security numbers, and phone numbers, the database may include cell phone numbers, e-mail addresses, grade-point averages, ethnicity, and subjects of interest. ... ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From latham.bartonz0eu at gmail.com Mon Jan 16 23:57:24 2006 From: latham.bartonz0eu at gmail.com (Kieth Milligan) Date: Tue, 17 Jan 2006 06:57:24 -0100 Subject: Take just a candy and become ready for 36 hours of love Message-ID: <200601170557.k0H5vcjE001570@proton.jfet.org> Cialis Soft Tabs is the new impotence treatment drug that everyone is talking about. It has benefits over Viagra and other ED treatment solutions. Here goes some reasons to choose Cialis Soft Tabs: 1. You can mix alcohol drinks with Cialis Soft Tabs without any undesired effects. 2.Cialis Soft Tabs does not make you feel dizzy or make vision blurred, so you can easily drive a car or operate heavy machinery. 3.Cialis soft tabs works much faster than any known ED treatment solution. Cialis Soft Tabs enters the bloodstream directly instead of going through the stomach, thus you need only 15 minutes till you feel the effect. Just look at the graph below If you are interested ? Just click here and Read more about it http://abefgcdj.redneckfun.net/?hiklmcdjxwqowyabezctfg AND ALSO Cialis Soft Tabs formula is effective for 95% of the patients. If this treatment is not effective for you, we will refund you for every unopened pack. All you have to do is send them back, and we will immediatley refund your account! From eugen at leitl.org Mon Jan 16 23:44:32 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 17 Jan 2006 08:44:32 +0100 Subject: [dave@farber.net: [IP] our way of life is indeed in trouble:] Message-ID: <20060117074432.GK2301@leitl.org> If only voluntary segregation with subsequent secession was an option. ----- Forwarded message from David Farber ----- From perry at piermont.com Tue Jan 17 07:13:06 2006 From: perry at piermont.com (Perry E. Metzger) Date: Tue, 17 Jan 2006 10:13:06 -0500 Subject: NY Times reports that spy program is not narrowly targeted Message-ID: According to President Bush, the illegal NSA domestic espionage program he ordered was narrowly targeted against people known to have Al Qaeda links. However, it appears that, as with his previous false claims that espionage only happened with a warrant, that this claim was on its face untrue: Spy Agency Data After Sept. 11 Led F.B.I. to Dead Ends By LOWELL BERGMAN, ERIC LICHTBLAU, SCOTT SHANE and DON VAN NATTA Jr. Published: January 17, 2006 WASHINGTON, Jan. 16 - In the anxious months after the Sept. 11 attacks, the National Security Agency began sending a steady stream of telephone numbers, e-mail addresses and names to the F.B.I. in search of terrorists. The stream soon became a flood, requiring hundreds of agents to check out thousands of tips a month. But virtually all of them, current and former officials say, led to dead ends or innocent Americans. F.B.I. officials repeatedly complained to the spy agency that the unfiltered information was swamping investigators. The spy agency was collecting much of the data by eavesdropping on some Americans' international communications and conducting computer searches of phone and Internet traffic. Some F.B.I. officials and prosecutors also thought the checks, which sometimes involved interviews by agents, were pointless intrusions on Americans' privacy. [...] President Bush has characterized the eavesdropping program as a "vital tool" against terrorism; Vice President Dick Cheney has said it has saved "thousands of lives." But the results of the program look very different to some officials charged with tracking terrorism in the United States. [...] "We'd chase a number, find it's a schoolteacher with no indication they've ever been involved in international terrorism - case closed," said one former F.B.I. official, who was aware of the program and the data it generated for the bureau. "After you get a thousand numbers and not one is turning up anything, you get some frustration." [...] Rest of article at: http://www.nytimes.com/2006/01/17/politics/17spy.html I again plead with all of you who care about the future your children live in to call your congressional representatives and demand that action be taken. Congress has already largely forgotten about this -- a few weeks is a long time in the memories of politicians. It is up to you remind them. If you do not, you will have no one to blame but yourself. "All that is necessary for evil to succeed is that good men do nothing." -- Edmund Burke Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From dave at farber.net Tue Jan 17 13:48:24 2006 From: dave at farber.net (David Farber) Date: Tue, 17 Jan 2006 16:48:24 -0500 Subject: [IP] Mining for kids: Children can't opt out of Pentagon recruitment Message-ID: database X-Mailer: Apple Mail (2.746.2) Reply-To: dave at farber.net Begin forwarded message: From eugen at leitl.org Tue Jan 17 07:53:34 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 17 Jan 2006 16:53:34 +0100 Subject: [perry@piermont.com: NY Times reports that spy program is not narrowly targeted] Message-ID: <20060117155334.GL2301@leitl.org> ----- Forwarded message from "Perry E. Metzger" ----- From eugen at leitl.org Tue Jan 17 07:54:21 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 17 Jan 2006 16:54:21 +0100 Subject: [pgut001@cs.auckland.ac.nz: Echelon papers leaked] Message-ID: <20060117155421.GM2301@leitl.org> ----- Forwarded message from Peter Gutmann ----- From solinym at gmail.com Tue Jan 17 22:28:08 2006 From: solinym at gmail.com (Travis H.) Date: Wed, 18 Jan 2006 00:28:08 -0600 Subject: Echelon papers leaked Message-ID: Two chapters are online here: http://www.fas.org/irp/eprint/sp/ -- "If I could remember the names of these particles, I would have been a botanist" -- Enrico Fermi -><- http://www.lightconsulting.com/~travis/ GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Tue Jan 17 23:41:46 2006 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 18 Jan 2006 08:41:46 +0100 Subject: [dave@farber.net: [IP] Mining for kids: Children can't opt out of Pentagon recruitment database] Message-ID: <20060118074145.GZ2301@leitl.org> ----- Forwarded message from David Farber ----- From i_bozhenkin at list.ru Wed Jan 18 09:26:47 2006 From: i_bozhenkin at list.ru (Lilian Tuttle) Date: Wen, 18 Jan 2006 12:26:47 -0500 Subject: Greater control over ejaculation Message-ID: <200601180725.k0I7P0aP003660@proton.jfet.org> A recent survey showed that 68% of women are unsatisfied with their sexual partners. Of course most of these women would never tell their partner that they are unhappy. Not being able to fully satisfy a woman can result in depression and feelings of inadequacy. Thankfully, men of all ages can now safely and naturally enhance their body and penis anatomy and renew sexual vitality without resorting to dangerous surgery. The all natural proprietary blend of unique herbs found in Maxaman is designed to restore blood flow to your penis, unleash stored testosterone, and heighten sensation by activating the body's natural hormone production and supplying vital nutrients necessary for peak sexual performance. http://bflgkaehjm.gururatings.info/?cdiaehjmxwqowybflzmmgk From gillotti.noble8i9 at gmail.com Wed Jan 18 17:39:16 2006 From: gillotti.noble8i9 at gmail.com (Bessie Xiong) Date: Wen, 18 Jan 2006 16:39:16 -0900 Subject: increase in sexual desire Message-ID: <200601180739.k0I7dDRS003837@proton.jfet.org> Carefully chosen herbal ingredients are the key to penis enlargement success. Not only the precise blend of ingredients but also many other factors have effect on the overall potency and strength of penis enlargement formula. Some of these factors include growing conditions, geographical location where herbs are grown, harvest time, the way herbs are stored before processing, the way herbs are processed. http://cefgahl.gururatings.info/?bdijkmhlxwqowycefgzppa From rah at shipwright.com Wed Jan 18 14:49:00 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 18 Jan 2006 17:49:00 -0500 Subject: [Clips] Key Technology Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Wed, 18 Jan 2006 17:47:23 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Key Technology Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Wall Street Journal January 18, 2006 BUSINESS EUROPE Key Technology By BRUNO GIUSSANI January 18, 2006 ZURICH -- Car-sharing used to be mainly an option for environmental activists who would use a car only for lack of "greener" alternatives. Today it is increasingly hip to be a car-sharer, particularly among socially conscious urban types with fast and flexible lifestyles. These people may not need a car often and don't want the expense of maintenance and insurance or the inconvenience of circling nearby blocks looking for a parking spot when they do drive. As a result, car-sharing is growing all across Europe. The German CarSharing Association has over 70 member companies operating locally in 250 cities. The Italian government has put $9 million into Iniziativa CarSharing to promote the model countrywide. Corporations are also discovering its advantages. But none of this would have been possible had the leading companies in the industry not used some widely available wireless technology to solve a (literally) key problem -- how to give the car keys to the customers. For all intents and purposes, car-sharing firms are car rental companies based on a slightly different economic model: One has to sign up as a member first and pay a basic annual fee. But beyond this step lies the familiar sequence of reserving, picking up, driving and returning the car, as well as paying per usage. In the case of car-sharing, however, a member who needs to go pick up a piece of furniture on a Saturday, for example, can rent a car for just a couple of hours rather than paying for an entire day or weekend. The other main difference is that they are self-service car rental companies. This is more than just a semantic detail. If you book a car from a traditional rental company, the contract is enacted when, after having walked into the agency and filled out the paperwork, you're given the car key. A self-service car rental, however, doesn't have branches you can walk into, or agents to hand you the key. For years, this was a problem for car-sharing companies. For Mobility, Europe's largest car-sharing firm with 63,000 members and 1,800 vehicles in Switzerland, it came to a head in 1999 when it had 10 cars stolen in a single night. The company realized it needed to change its key-handout procedure, which up till then consisted of giving members a universal key that opened any of hundreds of "key boxes" located next to cars kept in public parking lots or near train stations nationwide. In these marked boxes were the actual keys of those cars. The system worked surprisingly well for a while, but nothing impeded members from opening the box, getting a key and taking a car without having a reservation, or without paying -- or even from showing up with friends, taking all the keys, and driving away with all the vehicles. That's what happened that night in 1999. By then, cellphone coverage in Switzerland was becoming almost seamless (it is today). Built into the GSM protocols is a popular feature called SMS that allows for the sending of short messages between phones and among other wireless devices. SMS is one of the technologies that Mobility seized upon to solve the key problem that was jeopardizing its very survival. Another is RFID, or Radio Frequency ID, an automatic identification system that relies on cheap electronic tags and sensors. Mobility combined the two with a custom-made onboard computer, redesigning the way it works and producing a quite dramatic impact: None of its cars has been stolen since. Now Mobility -- like several other car-sharing companies, such as Cambio in Belgium, CarCityClub in Italy and Denzel in Austria, which use comparable systems -- manages the car keys quite differently. Upon sign-up, every customer receives an RFID card that contains their personal and membership data. When they call the customer desk (currently only 15% of all bookings and falling) or book a car through the Web (the rest), Mobility's main computer sends the reservation details to the onboard computer via SMS. To pick up a car, customers wave their RFID card in front of a sensor installed under the windshield. The onboard computer compares the two sets of data: that from the card and that from the SMS. If they match, it unlocks the car. The keys are in the glove compartment. Even if a thief smashed the window and took the key, the engine will not ignite. Without proper RFID identification, the computer will not allow it. The SMS/RFID system has a couple of disadvantages. First, if a car is parked in an area without GSM coverage, the booking information cannot be passed to the onboard computer, which in turn will not unlock the door when the renter shows up. But as coverage extends, that's very unlikely: Mobility says it has never had such a case. More significantly, the whole scheme has added about $1,500 to the cost of each car, which discourages the rapid rotation of the fleet. However, that cost is already decreasing. And the system, on top of allowing down-to-the-minute usage monitoring and reporting, offers a huge upside: By optimizing management, new fleets can be rolled out with little effort. Enter Business CarSharing, the corporate fleet outsourcing service launched only two years ago by Mobility and which accounts already for one-sixth of its business (total revenues in 2004 were of 43 million Swiss francs, or $29 million). Companies use a fleet of cars and vans and other vehicles managed by Mobility, but as part of the deal their traveling personnel can also book any other Mobility car across the country. They travel to another city by train or plane, go to the Mobility parking lot, swipe that RFID card in front of the windshield's sensor and drive to the customer. (Some of the other companies mentioned above provide similar services.) What's next? With the card in the pockets of tens of thousands of people, it's imaginable that the scheme could be developed into a hybrid of car-sharing and public transportation: The same card would allow people to purchase a train ticket and book the car to use at destination, with the two items showing up on the same invoice at the end of the month. All this is enabled by the "cloud" of wireless connectivity that increasingly surrounds us and the objects of our daily lives. By plugging into it, car-sharing companies have designed systems that give them flexibility, efficiency and control. As for Mobility, besides transforming itself from a dwindling entity into an exemplary business, it removed the memory of that night in 1999. Mr. Giussani is the author of several books on technology and society. His blog is at giussani.typepad.com. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Wed Jan 18 09:22:19 2006 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 18 Jan 2006 18:22:19 +0100 Subject: [solinym@gmail.com: Re: Echelon papers leaked] Message-ID: <20060118172219.GF2301@leitl.org> ----- Forwarded message from "Travis H." ----- From fnclgrk at yahoo.com Wed Jan 18 08:23:09 2006 From: fnclgrk at yahoo.com (Williams Foley) Date: Wed, 18 Jan 2006 22:23:09 +0600 Subject: Quality Medicine Available JybV Message-ID: Loking for quality meds at affordable price? We have widest range of meds at very competitive price. Money baack guaranteesss... http://ca.geocities.com/broddy68067theobald49795/ B8qa From CorinaRoblesroadhouse at kangaweb.com.au Wed Jan 18 21:22:08 2006 From: CorinaRoblesroadhouse at kangaweb.com.au (Dudley Mcnamara) Date: Wed, 18 Jan 2006 23:22:08 -0600 Subject: ultram ponder Message-ID: <0100911088550.01145@jfuertes.maz.es> Xanax and other drugs with wholesale prices. You wont find better prices anywhere! Xanax - 60 Pills - 199$ Ambien - 60 Pills - 190$ Ultram - 60 PilIs - 85$ Viagra - 150 Pills - 269$ Valium - 180 Pills - 370$ Soma - 80 Pills - 79$ Please click below and check out our offer. http://zadory.info/?e7394978a49e0Sa3046f0bd0S98ba40a burton you airspeed me, signature buckaroo . braille you cultural me, appearance delight arteriole . adair you hom me, cruel abnormal . creek you calm me, handiwork . ptolemy you asymptote me, agreed . cushing you destabilize me, committeewomen minion valkyrie anything . From tianaseit at enusmail.com Thu Jan 19 02:07:49 2006 From: tianaseit at enusmail.com (christi williams) Date: Thu, 19 Jan 2006 10:07:49 +0000 Subject: Become the man that women desire Message-ID: <9E5413A9.FF00C87@enusmail.com> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1255 bytes Desc: not available URL: From eugen at leitl.org Thu Jan 19 01:38:05 2006 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 19 Jan 2006 10:38:05 +0100 Subject: no, keeping a full record of search queries is not evil Message-ID: <20060119093805.GM2301@leitl.org> ...not at all. Not the slightest bit evil. http://blogs.siliconvalley.com/gmsv/2006/01/what_if_we_prom.html What if we promise not to show the records to Karl Rove? If you don't regularly anonymize your Google cookie and purge your personalized search history, now might be a good time to start (then again, in this day and age, why bother?). The Department of Justice on Wednesday asked a federal judge to order Google to comply with a subpoena issued last year for search records stored in its databases. The DOJ argues that the information it has requested, which includes one million random Web addresses and records of all Google searches from a one-week period, is essential to its upcoming defense of the constitutionality of the Child Online Protection Act. Google has so far refused to comply with the subpoena, saying the release of such information would violate the privacy of its users. "Google is not a party to this lawsuit, and the demand for the information is overreaching,'' Nicole Wong, an associate general counsel for Google, told The Mercury News. "[We plan to fight the government's effort] "vigorously.'' Here's hoping the company prevails. The release of such records sets a truly unsettling precedent. And if the goverment's claim that other, unspecified search engines have already agreed to release similar information proves true, we have already lost our footing on a very slippery, very dangerous slope. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From coderman at gmail.com Thu Jan 19 11:01:40 2006 From: coderman at gmail.com (coderman) Date: Thu, 19 Jan 2006 11:01:40 -0800 Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? In-Reply-To: References: Message-ID: <4ef5fec60601191101n27ea25dl345070b091b7f050@mail.gmail.com> there are other easy ways to obtain outage information, especially when the fiber affected handles significant amounts of traffic. they have stemmed the tide of outage information but more than enough gets by to be useful for this type of analysis. (although it was much easier to just hit up the FCC for history when they kept track of it. the telcos are just as glad to keep this data secret - they pushed as hard as uncle sam to hide this data) and as mentioned below, it doesn't take a backhoe either. highly capable portable power tools, post hole diggers, a myriad of other construction equipment, could wreak havoc just as easily. (Milwaukee V28 portable saws are a good example - some disgruntled telco employee(s?) in canada used a portable saw to cut two long distance cables into the US causing over 280,000 circuits to go dead) the tricky part is identifying redundant paths/rings as both must usually be interrupted to create significant outage. (graph theory applied to directed high degree node/link attacks) there is a reason they are pursuing security through obscurity so heavily. sometimes it's all you've got... :) --- begin forwarded text ---------- Forwarded message ---------- From: R. A. Hettinga Date: Jan 19, 2006 10:06 AM Subject: [Clips] Re: The Backhoe: A Real Cyberthreat? To: Philodox Clips List --- begin forwarded text Delivered-To: nanog-outgoing at trapdoor.merit.edu Delivered-To: nanog at trapdoor.merit.edu Delivered-To: nanog at segue.merit.edu Delivered-To: nanog at nanog.org Date: Thu, 19 Jan 2006 13:00:43 -0500 From: sgorman1 at gmu.edu Subject: Re: The Backhoe: A Real Cyberthreat? Cc: nanog at nanog.org Sender: owner-nanog at merit.edu While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story. - For one you do not need a backhoe to cut fiber - Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc. - Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit. I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming. ----- Original Message ----- From: Joe Maimon Date: Thursday, January 19, 2006 12:01 pm Subject: Re: The Backhoe: A Real Cyberthreat? > > > > Dennis Dayman wrote: > > > "In 2004, Department of Homeland Security officials became > fearful that > > terrorists might start using accidental dig-ups as a road map > for deliberate > > attacks, and convinced the FCC to begin locking up previously > public data on > > outages. In a commission filing, DHS argued successfully that > revealing the > > details..." > > > > --MORE-- > > > > http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1 > > > > -Dennis > > > > > > > > This is really stupid. Assuming the terrorist actually have the > dozens > of backhoes needed to completely erase meaningfull internet > connectivity > in north america, they would probably prefer to use them to smash > cars > and kill people on the interstate highways or something. > > Terrorist inflict terror by killing people, not by forcing > internet > explorer to display "page cannot be displayed". > > Let us not assume that murderous terrorist are as dumb as people > in DHS. > --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips From coderman at gmail.com Thu Jan 19 16:29:50 2006 From: coderman at gmail.com (coderman) Date: Thu, 19 Jan 2006 16:29:50 -0800 Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? In-Reply-To: References: <4ef5fec60601191101n27ea25dl345070b091b7f050@mail.gmail.com> Message-ID: <4ef5fec60601191629m796370deu628f726b08f29a3b@mail.gmail.com> On 1/19/06, Tyler Durden wrote: > Back when I was in Telecom we used to talk about how silly most terrorist > attacks are, at least in terms of real damage: The COs are only barely > guarded...a few well placed surprises could have an impact that far exceeds > mere PR. the solution (at least, the only effective solution aside from significant infrastructure redundancy - $$$) is rapid repair, and att's disaster recovery program works well in this regard. if you recall after the trade center attacks (taking out massive CO capacity) they used a fleet of mobile switching trailers to terminate and switch all of the damaged fiber. this type of disaster recovery is also expensive, but much less than buried infrastructure and fixed COs. > The interesting thing is that packetized traffic (combined with optical > layer protection) might makes things even less disruptable... in my experience severely congested packet networks are just as shitty as outages in general; what good is that broadband line when your path to the world is constrained at 14.4? :P the real problem is the lack of diversity at the physical "X fibers through same conduit / RoW" layer that forces a single point of failure. the telco idea of path diversity is one ring buried plant and the other ring aerial plant along the same right of way... doesn't take much for a clustered outage in this environment to disrupt packet/cell based networks as much as dedicated circuits. in this respect the DHS paranoia over bridge photography begins to make a little more sense (although still useless). From camera_lumina at hotmail.com Thu Jan 19 14:46:53 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Thu, 19 Jan 2006 17:46:53 -0500 Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? In-Reply-To: <4ef5fec60601191101n27ea25dl345070b091b7f050@mail.gmail.com> Message-ID: Back when I was in Telecom we used to talk about how silly most terrorist attacks are, at least in terms of real damage: The COs are only barely guarded...a few well placed surprises could have an impact that far exceeds mere PR. As for Graph theory that isn't really necessary...most of the big telecom Rings have been publically documented. The trick, however, is to ensure you hit both sides of the ring. If there's a big-ass 1000-fiber sheath, however, you will need a backhoe. The interesting thing is that packetized traffic (combined with optical layer protection) might makes things even less disruptable... -TD >From: coderman >To: cypherpunks at jfet.org >Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? >Date: Thu, 19 Jan 2006 11:01:40 -0800 > >there are other easy ways to obtain outage information, especially >when the fiber affected handles significant amounts of traffic. they >have stemmed the tide of outage information but more than enough gets >by to be useful for this type of analysis. (although it was much >easier to just hit up the FCC for history when they kept track of it. >the telcos are just as glad to keep this data secret - they pushed as >hard as uncle sam to hide this data) > >and as mentioned below, it doesn't take a backhoe either. highly >capable portable power tools, post hole diggers, a myriad of other >construction equipment, could wreak havoc just as easily. (Milwaukee >V28 portable saws are a good example - some disgruntled telco >employee(s?) in canada used a portable saw to cut two long distance >cables into the US causing over 280,000 circuits to go dead) > >the tricky part is identifying redundant paths/rings as both must >usually be interrupted to create significant outage. (graph theory >applied to directed high degree node/link attacks) > >there is a reason they are pursuing security through obscurity so >heavily. sometimes it's all you've got... :) > > >--- begin forwarded text > >---------- Forwarded message ---------- >From: R. A. Hettinga >Date: Jan 19, 2006 10:06 AM >Subject: [Clips] Re: The Backhoe: A Real Cyberthreat? >To: Philodox Clips List > >--- begin forwarded text > > Delivered-To: nanog-outgoing at trapdoor.merit.edu > Delivered-To: nanog at trapdoor.merit.edu > Delivered-To: nanog at segue.merit.edu > Delivered-To: nanog at nanog.org > Date: Thu, 19 Jan 2006 13:00:43 -0500 > From: sgorman1 at gmu.edu > Subject: Re: The Backhoe: A Real Cyberthreat? > Cc: nanog at nanog.org > Sender: owner-nanog at merit.edu > > > > While it is always fun to call the government stupid, or anyone else for >that matter, there is a little more to the story. > > - For one you do not need a backhoe to cut fiber > - Two, fiber carries a lot more than Internet traffic - cell phone, 911, >financial tranactions, etc. etc. > - Three, while it is very unlikely terrorists would only attack telecom >infrastructure, a case can be made for a telecom attack that amplifies a >primary conventional attack. The loss of communications would complicate >things quite a bit. > > I'll agree it is very far fethced you could hatch an attack plan from >FCC >outage reports, but I would not call worrying about attacks on >telecommunications infrastructure stupid. Enough sobriety though, please >return to the flaming. > > > ----- Original Message ----- > From: Joe Maimon > Date: Thursday, January 19, 2006 12:01 pm > Subject: Re: The Backhoe: A Real Cyberthreat? > > > > > > > > > Dennis Dayman wrote: > > > > > "In 2004, Department of Homeland Security officials became > > fearful that > > > terrorists might start using accidental dig-ups as a road map > > for deliberate > > > attacks, and convinced the FCC to begin locking up previously > > public data on > > > outages. In a commission filing, DHS argued successfully that > > revealing the > > > details..." > > > > > > --MORE-- > > > > > > http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1 > > > > > > -Dennis > > > > > > > > > > > > > This is really stupid. Assuming the terrorist actually have the > > dozens > > of backhoes needed to completely erase meaningfull internet > > connectivity > > in north america, they would probably prefer to use them to smash > > cars > > and kill people on the interstate highways or something. > > > > Terrorist inflict terror by killing people, not by forcing > > internet > > explorer to display "page cannot be displayed". > > > > Let us not assume that murderous terrorist are as dumb as people > > in DHS. > > > >--- end forwarded text > > >-- >----------------- >R. A. Hettinga >The Internet Bearer Underwriting Corporation >44 Farquhar Street, Boston, MA 02131 USA >"... however it may deserve respect for its usefulness and antiquity, >[predicting the end of the world] has not been found agreeable to >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' >_______________________________________________ >Clips mailing list >Clips at philodox.com >http://www.philodox.com/mailman/listinfo/clips From njpbervhxjoe at hotmail.com Thu Jan 19 15:19:46 2006 From: njpbervhxjoe at hotmail.com (Hattie Franco) Date: Thu, 19 Jan 2006 20:19:46 -0300 Subject: Doctors Use This Too OIzJJ Message-ID: The Only Clinically Tested Penis N-largement Pills that works.. - add 1-4 inches to your peniis - 20% thicker - 5x more enjoyable orgasm - or your monneyy back without question ask! Join miilliions of delighted users which has been benefited with "Thunder". http://thunder14.myherb.biz JL0aM2 From measl at mfn.org Thu Jan 19 18:40:54 2006 From: measl at mfn.org (J.A. Terranson) Date: Thu, 19 Jan 2006 20:40:54 -0600 (CST) Subject: [Clips] Wiretaps Win For W In-Reply-To: References: Message-ID: <20060119203956.R23511@ubzr.zsa.bet> On Thu, 19 Jan 2006, R. A. Hettinga wrote: > WIRETAPS WIN FOR W > Dick Morris > > January 19, 2006 -- DEMOCRATS who criticize President Bush for using > warrantless wiretaps to elicit information about potential terrorist > activity should be aware that the American people strongly support his > decision to do so. Believe it or not, they trust their own government and > the president they elected to use the information wisely and for our own > protection. > > The Fox News poll of Jan. 11 asked voters whether the president "should Fox? Yeah - *there's* a nice reliable, unbiased, well-informed poller. *NEXT* -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From rah at shipwright.com Thu Jan 19 18:24:43 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 19 Jan 2006 21:24:43 -0500 Subject: [Clips] Wiretaps Win For W Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Thu, 19 Jan 2006 21:24:07 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Wiretaps Win For W Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The New York Post WIRETAPS WIN FOR W Dick Morris January 19, 2006 -- DEMOCRATS who criticize President Bush for using warrantless wiretaps to elicit information about potential terrorist activity should be aware that the American people strongly support his decision to do so. Believe it or not, they trust their own government and the president they elected to use the information wisely and for our own protection. The Fox News poll of Jan. 11 asked voters whether the president "should have the power to authorize the National Security Agency to monitor electronic communications of suspected terrorists without getting warrants, even if one end of the communication is in the United States?" By 58 percent to 36 percent, the answer was "yes." Indeed, 42 percent of the nation's Democrats agreed that the president should have this power. The poll also tells us that Americans attribute the absence of terrorist attacks over the past 41/2 years to our government's efforts to protect us. Asked if the fact that there has been no major terror attack since 9/11 was due to "security measures working" or to "no attack having been planned" by terrorists, Americans credited government efforts by 46 percent (to 22 percent for the terrorists, with another 20 percent saying both factors contributed). Other results: Some 61 percent - including a majority of the Democrats - said they'd be willing to surrender some of their own privacy to help prevent terror attacks. Respondents support renewal of the Patriot Act by 57 percent to 31 percent. (Even Democrats only oppose renewal by 40-47.) And those who called attention to the NSA policy of warrant-less wiretaps are called "traitors" by 50 percent of the voters and "whistleblowers" by only 27 percent. Democrats opted for "traitors" by 42 percent to 34 percent. In other words, Ann Coulter represents the Democratic mainstream better than Al Gore on this one! These statistics tell us that Democratic politicians are just hurting themselves by raising and dwelling on the wiretap issue. Americans don't fear giving their government the power to monitor conversations between Americans and foreigners even if no warrant sanctions the intrusion - we're more afraid of al Qaeda than of our own elected officials. No wonder President Bush is willing to let Congress hold hearings about the NSA intercepts and the legal basis that allows them. The more focus this issue gets, the more it helps his administration. This time, liberal bias in the media helps moderates and conservatives - no pol should mind being attacked for doing things that the public approves. Once again, liberals are misreading the public's heavy doubts about the wisdom of the war in Iraq and our ability to win. These are pragmatic concerns, not an embrace of the left's take on national security. In fact, there is a broad and deep consensus when it comes to homeland security, which any politician defies at the risk of losing support. Nor did the NSA wiretaps break the law. The president's inherent power as commander in chief allows them. Warrant-less wiretaps for tax, drug, or even organized crime investigations would clearly be illegal. But to protect our country in the War on Terror, they are extensions of military action and are as legal as any wartime intelligence gathering would be. The fact that there has been no declaration of war is a distinction without a difference. Congress has approved military action and within that approval lies an implicit assumption that the president will use our intelligence services to prevail militarily, on the home front as surely as he does in Iraq and Afghanistan. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From oberon.sandysby2 at gmail.com Thu Jan 19 17:18:11 2006 From: oberon.sandysby2 at gmail.com (Millard Reilly) Date: Thu, 19 Jan 2006 23:18:11 -0200 Subject: Feel & look younger Message-ID: <200601192118.k0JLIBpS022411@proton.jfet.org> After the age of twenty-one, your body slowly stops releasing an important hormone known as HGH (Human Growth Hormone). The reduction of HGH, which regulates levels of other hormones in the body (including testosterone, estrogen, progesterone, and melatonin) is directly responsible for many of the most common signs of growing old, such as wrinkles, gray hair, decreased energy, and diminished sexual function. Human Growth Hormone will normally yield the following results: - Boost your immune system - Rejuvenate your body and mind - Feel & look younger - Reduce wrinkles, lose weight, decrease cellulite - Restore your sex drive and vigor - Revitalize your heart, liver, kidneys & lungs - Maintain muscle mass - Refresh memory, mood and mental energy - Sleep soundly and awake rested - Help eliminate stress, fatigue and depression http://bcjmadfghil.moviepresenter.info/?ekfghilxwqowybcjmzhghad From HIZDGQKINXT at yahoo.com Thu Jan 19 15:22:05 2006 From: HIZDGQKINXT at yahoo.com (Marcelino Nieves) Date: Fri, 20 Jan 2006 00:22:05 +0100 Subject: Rolex at 80% Off XY3H5 Message-ID: <5A917EE3.7684.7815C2D5@localhost> Highest qualities Replika Watches now HERE! We guarantees: - 99.9% like original - very high quality, identical to branded - we carry all major brands (Rolex, Tag Heuer, Omega, and etc) - huge selections - at very affordable price Visit us today.. http://043.frutyblendas.com o-ut of mai-lling lisst: http://043.frutyblendas.com/rm/ vPMof From bill.stewart at pobox.com Fri Jan 20 07:59:03 2006 From: bill.stewart at pobox.com (Bill Stewart) Date: January 20, 2006 7:59:03 PM EST Subject: more on Search queries *can* contain personal information Message-ID: Lauren commented on the wide range of things that people search for, and it keeps getting wider as Google and other search engines add features. I regularly type in names, phone numbers, addresses, and lat/longs, IP addresses, AS numbers, patent numbers, Cisco part numbers, etc., sometimes to find maps, or businesses, or phone book information, and there are a number of websites I use for business for which Google is a much more effective search tool than the site's own indexes. Sometimes I've even typed in my own name when looking for cached versions of mailing list articles in the distant past (non-specific ego-surfing isn't very useful if your name's not sufficiently unique - AltaVista had over 50,000 hits for people with similar names when it first came out - but there are times that specific searches are useful.) As somebody who regularly used Google during the specified period, do I have a right to object to the court if Gonzales wants my data? I hereby declare any phone numbers, addresses, and medical information in my searches to be Confidential, though the subpoena doesn't allow the recipients to declare their entire document as Confidential. Furthermore, the subpoena indicates that for every document not produced by Google due to confidentiality or trade secrecy, the respondents want the authors' and recipients' names, addresses, dates, etc. - but for this type of information, that disclosure includes the confidential portion and more, not less. Gonzales et al. allege that they're looking for information about the effectiveness of web filters as a tool for protecting children, so they want to look at popular search terms to see what people are looking at. But if I search for a term like "Scooter Libby", am I looking for information about him as an friend, or a Republican Henchperson, or a well-known pornographer? His original request wanted _all_ the search terms, including my attempts to find relatives' current mailing addresses, and makes it available to all attorneys and employees of the Department of Justice who are involved in the case - but that's all of them, given Gonzales's War on Obscenity, and nothing in the subpoena forbids them from making other uses of the information, such as using my searches for medical marijuana information for Drug War purposes. Brad Templeton talks about issues of identifying IP addresses, and the Tor project certainly helps - but there are other web surfing privacy tools, like The Anonymizer and other proxies, which are generally faster, more scalable, and effective at protecting content, though they're still susceptible to subpoenas for any information that they may have retained. Thanks; Bill Stewart ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From camera_lumina at hotmail.com Fri Jan 20 08:04:17 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 20 Jan 2006 11:04:17 -0500 Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? In-Reply-To: <4ef5fec60601191629m796370deu628f726b08f29a3b@mail.gmail.com> Message-ID: Well, redundancy is basically universal, thanks to SONET rings. In fact, this is why there was any traffic at all on 9/11 and why Wall Street was able to come back on line so quickly afterwards. Even the big CO on West Street, which took some decent damage (and which I can see over my right shoulder), was rebooted very quickly thereafter (and true to GR-63-CORE just about all the equipment came back online correctly provisioned). BUT, someone knowledgeable about Ring architectures and other things could fairly easily figure out how to disconnect big chunks of the network if they really wanted to, and in such a way to cause some real damage. In telecom it always surpirsed us that "terrorists" never seemed to try this. -TD >From: coderman >To: Tyler Durden >CC: cypherpunks at jfet.org >Subject: Re: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? >Date: Thu, 19 Jan 2006 16:29:50 -0800 > >On 1/19/06, Tyler Durden wrote: > > Back when I was in Telecom we used to talk about how silly most >terrorist > > attacks are, at least in terms of real damage: The COs are only barely > > guarded...a few well placed surprises could have an impact that far >exceeds > > mere PR. > >the solution (at least, the only effective solution aside from >significant infrastructure redundancy - $$$) is rapid repair, and >att's disaster recovery program works well in this regard. if you >recall after the trade center attacks (taking out massive CO capacity) >they used a fleet of mobile switching trailers to terminate and switch >all of the damaged fiber. > >this type of disaster recovery is also expensive, but much less than >buried infrastructure and fixed COs. > > > > The interesting thing is that packetized traffic (combined with optical > > layer protection) might makes things even less disruptable... > >in my experience severely congested packet networks are just as shitty >as outages in general; what good is that broadband line when your path >to the world is constrained at 14.4? :P > >the real problem is the lack of diversity at the physical "X fibers >through same conduit / RoW" layer that forces a single point of >failure. the telco idea of path diversity is one ring buried plant >and the other ring aerial plant along the same right of way... >doesn't take much for a clustered outage in this environment to >disrupt packet/cell based networks as much as dedicated circuits. > >in this respect the DHS paranoia over bridge photography begins to >make a little more sense (although still useless). From ericm at lne.com Fri Jan 20 11:08:47 2006 From: ericm at lne.com (ericm at lne.com) Date: Fri, 20 Jan 2006 11:08:47 -0800 Subject: Commercial Key Escrow? Message-ID: <20060120190847.GA28781@slack.lne.com> Does anyone know of a company that provides a commercial key escrow service? Eric From eugen at leitl.org Fri Jan 20 02:41:17 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 20 Jan 2006 11:41:17 +0100 Subject: pinnacle nucflash Message-ID: <20060120104116.GY2301@leitl.org> http://nfttu.blogspot.com/2006/01/pinnacle-nucflash.html To the left: the "football". This is the satchel that follows the US President with him wherever he goes. It contains the "go codes" to launch nuclear strikes. Take any good nuclear Armageddon movie, from Dr. Strangelove, to Fail Safe, to The Sum of All Fears, there.s always a scene in which the erstwhile lightly engaged president is either tendered an urgent note or handed a telephone by his top aide. Cut to a closeup on the president's face. His expression changes immediately, the color drains from his face, followed by a sound-on-sound slash cut that takes the viewer to an underground bunker, deep under a Virginia mountain. There, a collection of grim faced, high-ranking military men work determinedly to avoid a global catastrophe. . . What words are written on that note, what could it say that can make the President go white in an instant? What are the words that the president never wants to see on a note thrust into his hand while he is busy giving a speech? I believe the answer is .PINNACLE/NUCFLASH.. Pinnacle/nucflash is the military communications code word designation that instructs all military communication personnel to stop whatever else they.re doing and transmit the message that immediately, because there's some bad news, really, really bad news that you need to act on right now. There is a set of instructions that describes exactly how information relating to military threats to the USA is designated, prioritized, and delivered. The rules are spelled out in precise military fashion in a document called OPREP-3, the US Military.s written guideline for operational reports relating to important events involving nuclear weapons. .PINNACLE/NUCFLASH. are the flagwords or header that presages an electronic transmission through the U.S. military's command and control structure that reports an actual or possible detonation of a nuclear weapon. Not only that, these code words mean that the explosion was not an accident and the risk of nuclear war is imminent. As one might expect, .PINNACLE/NUCFLASH. has the highest precedence in the OPREP-3 reporting structure. Men and women train for months, years, in order to be able to coolly and efficiently handle the communications that follow an OPREP-3 PINNACLE level flagword. There are several OPREP-3 code word designators with a chilling cold war/Tom Clancy/John Lecarre ring to them. None of these foreshadow good news. I'll write more on those later. Well, going back to the movies mentioned in the first paragraph, do you know of any other nuclear armaggeon movies? Any movie in which the bomb actually went off? I'm making a list. (I like to make lists of movies. Sometime I'll share my list of movies with trebuchets.) posted by Bill Gurstelle at 6:35 AM 45 Comments: * The details of the Single Integrated Operational Plan (SIOP) are certainly a fascinating area of military protocol. The SIOP, which includes 5 Major Attack Options and 165 Limited Attack Options is the plan that is initialized by the nuclear football. I know that it takes two people from a list in order to order a strike, and that they do so through the STRATCOM headquarters in Omaha, Nebraska. Redudant facilities that can serve this purpose include the National Alternative Military Command in Pennsylvania and 'Looking Glass' - a ruggedized 747. What I wonder is what mechanism is used to pass authentication tokens (or whatever control is used) from one person to another in the event that they are killed or incapacitated. I could imagine either an automated system based on some kind of network of dead-man switches or the use of a trusted third party (in which case, I would be interested in knowing their authentication and verification protocols). With regard to films involving nuclear weapons, the non-fiction documentary "Fog of War" is an excellent example. ... -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From beckleyy at wtonetwork.com Fri Jan 20 10:13:25 2006 From: beckleyy at wtonetwork.com (kenyatta rice) Date: Fri, 20 Jan 2006 12:13:25 -0600 Subject: Give her something to smile about Message-ID: A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1457 bytes Desc: not available URL: From clean4 at gmail.com Thu Jan 19 23:53:32 2006 From: clean4 at gmail.com (Marcos Combs) Date: Fri, 20 Jan 2006 12:53:32 +0500 Subject: Mortgage rates haven't been this low in the last 12 months Message-ID: <200601201753.k0KHrVAf018578@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1530 bytes Desc: not available URL: From ericm at lne.com Fri Jan 20 13:26:35 2006 From: ericm at lne.com (ericm at lne.com) Date: Fri, 20 Jan 2006 13:26:35 -0800 Subject: Commercial Key Escrow? In-Reply-To: References: <20060120190847.GA28781@slack.lne.com> Message-ID: <20060120212635.GB28781@slack.lne.com> On Fri, Jan 20, 2006 at 03:43:00PM -0500, R. A. Hettinga wrote: > At 11:08 AM -0800 1/20/06, ericm at lne.com wrote: > >Does anyone know of a company that provides a commercial key escrow service? > > Prolly don't wanna call it that around here :-) I assume that readers of this list know the difference between commercial key escrow and GAK. >, but most commercial public > key applications have that feature, or the functional equivalent thereof. > > PGP, for instance, allows for the mandatory secondary-encryption of all > messages using a corporate key. I'm looking for someone who provides an actual commercial key escrow service, not double encryption with a master key. The usual offsite data storage outfits are set up to deal with large volumes of not so sensitive data, not small amounts of very sensitive data. They also disclaim any responsibility for the security of the data, which won't work for this application. Eric From ericm at lne.com Fri Jan 20 14:10:54 2006 From: ericm at lne.com (ericm at lne.com) Date: Fri, 20 Jan 2006 14:10:54 -0800 Subject: Commercial Key Escrow? In-Reply-To: References: <20060120190847.GA28781@slack.lne.com> <20060120212635.GB28781@slack.lne.com> Message-ID: <20060120221054.GA23835@slack.lne.com> On Fri, Jan 20, 2006 at 04:38:56PM -0500, R. A. Hettinga wrote: > At 1:26 PM -0800 1/20/06, ericm at lne.com wrote: > >I'm looking for someone who provides an actual commercial key > >escrow service, not double encryption with a master key. > > One would think that the effect, being the same, creates a distinction > without a difference? In some cases, yes. But not for this application. I really am looking for a commercial trusted third party to hold keys. I've found a bunch of references from ~10 years ago that say that someday commercial key escrow will be prevalent but it appears that someday hasn't yet arrived. My problem is in many ways similar to the problem a CA would face in ensuring business continuity in a business that depends on keeping secrets. What does say Verisign do to back up their root CA private keys? They probably have a bunch of BBN SafeKeypers (or rather the modern equivalent FIPS-140 hardware). What if all of them croak at the same time? Do they keep multiple backups? What happens if the keys/passphrases for those backups are lost? Or secret sharing? What if N-(K+1) shares are destroyed? Do they just quit the CA business then? There presumeably are scenerios under which that is the only answer, and Verisign has judged their possibility to be so remote and/or their solution cost so high that they are not worth defending against. What would Verisign do if they didn't have security experts to decide what's an acceptable risk and what isn't, and instead just wanted to have someone else deal with the problem for them? Eric From rah at shipwright.com Fri Jan 20 12:43:00 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 20 Jan 2006 15:43:00 -0500 Subject: Commercial Key Escrow? In-Reply-To: <20060120190847.GA28781@slack.lne.com> References: <20060120190847.GA28781@slack.lne.com> Message-ID: At 11:08 AM -0800 1/20/06, ericm at lne.com wrote: >Does anyone know of a company that provides a commercial key escrow service? Prolly don't wanna call it that around here :-), but most commercial public key applications have that feature, or the functional equivalent thereof. PGP, for instance, allows for the mandatory secondary-encryption of all messages using a corporate key. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Fri Jan 20 12:43:20 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 20 Jan 2006 15:43:20 -0500 Subject: [Clips] Yahoo admits it let White House access its databases Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Fri, 20 Jan 2006 15:39:15 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Yahoo admits it let White House access its databases Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Times of London Times Online January 20, 2006 Yahoo admits it let White House access its databases By Jenny Booth and agencies Yahoo has admitted that it granted the US Government access to its search engine's databases this summer, as a battle develops over the right to privacy in cyberspace. Google, by contrast, promised last night to fight vigorously the Bush Administration's demand to know what millions of people have been looking up on the internet. It emerged this week that the White House issued subpoenas to a number of US-based search engines this summer, asking to see what information the public had accessed in a two-month period. It said that it needed the information in order to help create online child protection laws. But Google refused to comply with its subpoena - prompting the US Attorney General this week to ask a federal judge in San Jose for an order to hand over the requested records. Details of the confrontation emerged after the San Jose Mercury News reported seeing the court papers on Wednesday. At the heart of the battle is the potential for online databases to become tools for government surveillance. Yahoo has stressed that it didn't reveal any personal information. "We are rigorous defenders of our users' privacy," Yahoo spokeswoman Mary Osako said last night. "In our opinion, this is not a privacy issue." The Google court papers show that the US Government originally asked for a list of all requests entered into Google's search engine between June 1 and July 31 last year. When Google argued, the request was whittled down to a week's worth of search terms - a breakdown that could nonetheless span tens of millions of queries. In addition, the White House has asked for one million randomly selected Web addresses from various Google databases. Every other search engine company served similar subpoenas by the Bush administration has complied so far, according to the court documents. The co-operating search engines were not identified. Microsoft's MSN, the third-most used search engine, has declined to say whether it received a subpoena. "MSN works closely with law enforcement officials worldwide to assist them when requested," the company said in a statement. The US Government says that it is not seeking any data that would allow it to identify which individual made which search request. Experts say nonetheless that the subpoena raises serious privacy concerns, especially after recent revelations that the White House authorised civilian phone-taps after the September 11 attacks without obtaining court approval. Beth Givens, director of the Privacy Rights Clearinghouse charity in California, called the subpoenas "the first shoe dropping" that online privacy advocates had long feared. "These search engines are a very tempting target for government and law enforcement," Givens said. "Look at the millions of people who use search engines without thinking of the potential to be drawn into a government drag net." The subpoenas were a "classic fishing trip" by federal prosecutors, she added. Thomas Burke, a San Francisco lawyer who has handled several prominent privacy cases, said that many people contacted Google more often than they spoke to their mother. "Just as most people would be upset if the government wanted to know how much you called your mother and what you talked about, they should be upset about this, too," he said. Pam Dixon, executive director for the World Privacy Forum, warned that the content of search requests sometimes contain information about the person making the query, such as names, medical profiles or Social Security information. "This is exactly the kind of thing we have been worrying about with search engines for some time," Dixon said. "Google should be commended for fighting this." She warned people to be careful what personal information they entered into search engines. The Department of Justice argues that Google's cooperation is essential in its effort to simulate how people navigate the web. In a separate case in Pennsylvania, the Bush Administration is trying to prove that internet filters do not do an adequate job of preventing children from accessing online pornography and other objectionable destinations. Obtaining the subpoenaed information from Google "would assist the government in its efforts to understand the behavior of current web users, (and) to estimate how often web users encounter harmful-to-minors material in the course of their searches," the Justice Department wrote in its court petition. Google issued a statement last night promising to fight the case. "Google is not a party to this lawsuit and their demand for information overreaches," wrote Nicole Wong, Google's associate general counsel. "We had lengthy discussions with them to try to resolve this, but were not able to and we intend to resist their motion vigorously." But Google's vigorous defence of privacy rights in the face of demands from the US government is apparently at odds with the search engine's stance in China. There, human rights activists have complained that Google collaborates with the Chinese government, which controls the activities of its 111 million web surfers with one of the most stifling internet censorship policies in the world. Google is locked in competition for the lucrative Chinese market, along with Yahoo and MSN, and the homegrown Chinese search engine Baidu.com. All the US companies have been criticised for censoring news sites, search engines and weblogs that China's communist government considers subversive or obscene. For example, a web user in China who tried to search Google or Yahoo for subjects such as democracy and human rights would find nothing in his search results. There was outrage in September when it emerged that Yahoo had supplied details to the Chinese authorities of the personal e-mail account of Shi Tao, a 37-year-old journalist. He was found guilty of "spreading state secrets" and jailed for 10 years, for forwarding to a foreign website a Chinese government circular banning the media from reporting the 15th anniversary of the Tiananmen Square massacre. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Fri Jan 20 13:05:39 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 20 Jan 2006 16:05:39 -0500 Subject: [Clips] Department of Computer Security? It's a Joke Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Fri, 20 Jan 2006 15:59:27 -0500 To: "Philodox Clips List" From: "R. A. Hettinga" Subject: [Clips] Department of Computer Security? It's a Joke Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com --- begin forwarded text From: "Mises Daily Article"
To:
Subject: Department of Computer Security? It's a Joke Date: Fri, 20 Jan 2006 10:20:02 -0500 Organization: Mises Institute Mailing-List: contact article-help at mises.biglist.com Rothbard's Masterpiece, available again: The History of Economic Thought ($45). Department of Computer Security? It's a Joke by Jeffrey Tucker [Posted on Friday, January 20, 2006] To receive the Daily Article in your inbox, go to email services, and tell others too! If you want to make a geek laugh derisively, suggest that responsibility for computer security be turned over to the government. This reaction is guaranteed, regardless of ideology. Everyone knows that this is not possible, but rarely are the implications for political economy noted. Now, keep in mind that geeks know that producing fabulous looking and acting things for the web is only part of the job. These are people who spend a fantastic amount of time dealing with security issues, which change every season, day, hour, and even minute. People know about viruses. Spyware and adware, meanwhile, is an incredible threat to people's home computers. A new computer can be slowed to a crawl in a few days of quick browsing without good security against hijackings. And a huge industry has sprung up promising solutions, some good and some almost as dangerous as the thing they allegedly stop. Some of these are free, and some quite expensive, and the typical geek must work to discover what's what. Other threats are less well known, such as the possibility that your own computer can be hijacked and controlled by other people who want to use it to store files or scan for other hijackable ports. This is mainly a threat faced by servers running large websiteshuge magnets for hijackings and hacksbut it even affects home computers. For example: I was recently talking to a technical administrator of a prestigious host of thousands of servers. He was amazed by the number of root-level compromises that had been taking place in recent months. The possible holes in people's systems are without limit. Software must be constantly upgraded. Even one small mistake can lead to data loss and disaster. He tried a little experiment. He installed a new operating system on a new laptop, and disabled the firewall. He then hooked it up to a non-secure wireless network in an urban area. The first attack came in 6 minutes. In 12 minutes, the computer had already been hacked and was under the control of somebody or something else. All data on the computer was rendered vulnerable, available for looting or selling. In a few minutes more, it would have become a work station for more port scanning, denial-of-service attacks, or some other menacing behavior, and been added to the empire of servers being controlled by some of the world's smartest criminal minds. Not that a good firewall and secure connection are infallible solutions. There is always a way in for someone with high-level skills and the will to take the risk. To keep threats away involves the technical equivalent of street fights between hackers and security professionals. The fighters have similar skills; it's just that one group wears the blacks hats and one wears white hats. Some are criminals, some are saviors. The battle never stops. And yes, some of them change hats depending on their career prospects. The fight involves deploying skills that are far beyond what most any normal person could conceive of possessing. They can run circles around most computer science professors and even run-of-the-mill webmasters. Some will rant and rave against the security holes in proprietary products such as those offered by Microsoft. And users of Internet Explorer would be likely to agree. The thing hasn't been properly updated in many years. It has not kept pace with the times, and so attracts web-based evil like a landfill attracts flies. Other products, however, are different. Server-level software is constantly monitored for holes, with updates sent out automatically and often (though not always as often as the people might like). Still, open-source advocates say that this proprietary stuff is expensive and dangerous. The companies don't respond soon enough to threats, and no one but company employees can view the underlying code. That means that improvements come more slowly. With open source, the world community of programmers have access and work constantly to improve the product. To be sure, hackers too have access to the same code. So here too you have a battle between good and evil. Among the good guys, there is a debate: should software holes be announced publicly (full disclosure) in the hope that the firms that work on open source will fix it before the hackers find out? But between the announcement and the fix, there is a gap that hackers can exploit. Perhaps then the hole should only be revealed to the firm or individuals who manage the open-source product (limited disclosure). The downside here is that the people responsible will lack the frantic sense of urgency that generates a quick hot-fix. Geeks thrive in emergencies, while non-emergencies fail to inspire. So the debate over security rages furiously: open source or proprietary code, public security announcements or quiet revelations, development or risk? At any one time, all solutions are being used, with bulletin boards filling up thousands and thousands of pages of debate based on experience. Ideology can play a part here but, in the end, it comes down to what works best. And all the while, the war continues, pushed onward by the relentless pace of development and progress towards better living standards. We haven't even touched on the war between the virus makers and the virus killers. The competition here is also intense. When a new virus is unleashed, the first firm to produce the fix wins new levels of consumer devotion and attention. A nothing company can become the next big thing by producing a fix for two or three viruses in a row, and doing it before the established firms get there. An established firm can lose its market edge in a month by failing to update its virus definitions in time. The difference between winners and losers in this struggle comes down to minutes, not days or weeks. In this never ending struggle, there are always tradeoffs between the pace of development and its security risks. No software is perfect. They all have bugs. But people demand development. The market never rests. We must all take some risk. How much is acceptable? Competition prevails here too. A bad choice in favor of security over development can leave a company eating other companies' dust. A bad choice in favor of development over security can lead to bankruptcy in the face of a high-stakes security compromise. Geek personalities reflect this trade-off: some develop on live servers and deploy every beta the hour it appears, while others test and test and prefer only the tried and true. All these fascinating details aside, keep in mind that the terrain on which these wars rage is wholly market based. The idea that any public bureaucracy could oversee the process is unthinkable. So let us ask the question again, so that the reader may join in the derisive laughter: in a world populated by black hats, should the government to be the sole wearer of the white hat? Actually, is there any point at all in giving a white hat to the state? It has no incentive to join the struggle. It lacks the calculational means to assess the trade-off between security and development. It lacks the entrepreneurial drive to produce either. The nature of the bureaucratic organization is to stay put, protect itself, and only move when kicked good and hard by political bosses. As for the power to do good, how can anyone guarantee that it won't quickly become the power to do evil? If experience is our guide, the government in a position of authority is more likely to be creating viruses and spyware rather than stop them. As for the impact of the law, I vaguely seem to recall some legislation passed a few years ago that made spam illegal. Wear the blue hat: $18 Government can't produce software that can outsmart every hacker. Not now, not ever. But the government can violate liberty and waste vast resources in the attempt. As important as computers have become, there are interesting implications here. On a day-by-day basis the security of these machines is a far bigger matter than the threat of terrorism. Whether we like it or not, and regardless of ideology, we all depend on market competition to bring us not only innovation but also to protect us in our dealings with information technology. It is not a perfect solution. It can be messy and fallible. But the market is strongest and best hope for security, and the alternative is unthinkable. How interesting that we have been told for, oh, some 400 years, that government is the agency we need to give us the security that markets cannot give us. There are a thousand rationales why intellectuals have believed this, but none of them seem very robust by comparison of the experience of our times. Jeffrey Tucker is editor of Mises.org. tucker at mises.org. Special thanks to some white hats who commented on this piece. You can comment on the blog. [Print Friendly Page] Mises Email List Services Join the Mises Institute Mises.org Store Home | About | Email List | Search | Contact Us | Periodicals | Articles | Games & Fun FAQ | EBooks | Resources | Catalog | Contributions | Freedom Calendar You are subscribed as: rah at ibuc.com Manage your account. Unsubscribe here or send email to this address. Report abuse or Spam on the abuse page. --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Fri Jan 20 13:38:56 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 20 Jan 2006 16:38:56 -0500 Subject: Commercial Key Escrow? In-Reply-To: <20060120212635.GB28781@slack.lne.com> References: <20060120190847.GA28781@slack.lne.com> <20060120212635.GB28781@slack.lne.com> Message-ID: At 1:26 PM -0800 1/20/06, ericm at lne.com wrote: >I'm looking for someone who provides an actual commercial key >escrow service, not double encryption with a master key. One would think that the effect, being the same, creates a distinction without a difference? Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From CaraNaquintag at kindai.ac.jp Fri Jan 20 09:07:54 2006 From: CaraNaquintag at kindai.ac.jp (Amos Denton) Date: Fri, 20 Jan 2006 18:07:54 +0100 Subject: It`s time to Refill oceanside Message-ID: <8.8.86.2081924.0083fc70@ies.edu> Xanax and other drugs with wholesale prices. You wont find better prices anywhere! Xanax - 60 Pills - 199$ Ambien - 60 Pills - 190$ Ultram - 60 PilIs - 85$ Viagra - 150 Pills - 269$ Valium - 180 Pills - 370$ Soma - 80 Pills - 79$ Please click below and check out our offer. http://zadora.info/?d1ead1f3438cS4edc851d4S3b6154b79 sumptuous you politic me, clasp moody scold handwritten . demiscible you yachtsman me, feb hollywood cotoneaster . pandora you cottrell me, aquinas bivalve stanton typescript . staphylococcus you roughneck me, rat osier rim . applaud you gao me, ferment branch billie affiance . abduct you resume me, cloud . karate you omitting me, chauffeur . From s.schear at comcast.net Fri Jan 20 18:26:58 2006 From: s.schear at comcast.net (Steve Schear) Date: Fri, 20 Jan 2006 18:26:58 -0800 Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? In-Reply-To: References: <4ef5fec60601191629m796370deu628f726b08f29a3b@mail.gmail.com> Message-ID: <6.0.1.1.0.20060120181500.051c3340@mail.comcast.net> When I worked for Citicorp in the late 80s we switched over much of our backbone to private fiber. At the time I was shown detailed fiber routes for Sprint's network and after the meeting discussed how easy it would be for a disgruntled former employee to dig up multiple locations along their the often rural and remote routes and sabotage the entire network. The scenario that particularly concerned me was trenching and installing electromechanical guillotines triggered by receive-only terrestrial pagers since a multitude of locations could be severed in any order and at will. Although it might be possible to radio locate these it could be a grueling job. Meanwhile the saboteur could extort at will and even plant new ones after areas had been declared clean. Steve From rah at shipwright.com Fri Jan 20 15:59:46 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 20 Jan 2006 18:59:46 -0500 Subject: [Clips] White House refuses to talk about Al Gore's plan to Wiretap every electronic device in the world Message-ID: ...From the "No matter who you vote for, the government gets elected", department... Cheers, RAH --- begin forwarded text Delivered-To: clips at philodox.com Date: Fri, 20 Jan 2006 18:54:15 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] White House refuses to talk about Al Gore's plan to Wiretap every electronic device in the world Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Left Wing Hate What the Left is all about White House refuses to talk about Al Gore's plan to Wiretap every electronic device in the world 20th January 2006 >From today's WhiteHouse press Briefing: quote: Q Scott, I have a two-part question. Apparently, no one in the White House will challenge Al Gore with now public information that he led the Clinton administration's Clipper Chip Project back in the 1990s to effectively tap every phone, fax machine and computer in the country. And my question: Isn't that worth pointing out to the American people, after he accused President Bush of breaking the law and violating the Constitution by - MR. McCLELLAN: I think you just did. This is an administration that is forward-looking, Les. We're focused on the priorities of the American people. Q Well, how about Gore? You mean you're going to say nothing about Gore and the clipper chip project? MR. McCLELLAN: I think you already have. No, I'm not going to get into that. :unquote More reading about the Clinton's Administrations Treason: Wikipedia Clipper Chip 2001: Clinton Administration Considered Sharing National Security Secrets With China, Syria, Pakistan 2000: Out-sourcing Big Brother 1997-2000 Alamo-Girl's Archives of Clinton's "Rogues Gallery" Clipper Chip info from the Electronic Privacy Information Center Editorial: Brian Mosely: Gore's criticism strikes a sour note This entry was posted on Friday, January 20th, 2006 at 2:57 pm and is filed under Main. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Fri Jan 20 16:36:15 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 20 Jan 2006 19:36:15 -0500 Subject: [Clips] NSA Data Mining Is Legal, Necessary, Sec. Chertoff Says Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Fri, 20 Jan 2006 19:34:41 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] NSA Data Mining Is Legal, Necessary, Sec. Chertoff Says Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com January 20, 2006 NSA Data Mining Is Legal, Necessary, Sec. Chertoff Says By Mort Kondracke "I think it's important to point out," Homeland Security Secretary Michael Chertoff told me in an interview, "that there's no evidence that this is a program designed to achieve political ends or do something nefarious." He was talking about the National Security Agency's warrantless "domestic spying" program, and I couldn't agree with him more. Despite the alarms sounded by the American Civil Liberties Union, former Vice President Al Gore and various Members of Congress, "there hasn't even been a hint" that the program is targeted at domestic dissidents or innocent bystanders, Chertoff said. It's designed to find and stop terrorists. "If you go back to the post-Sept. 11 analyses and the 9/11 commission, the whole message was that we were inadequately sensitive to the need to identify the dots and connect them," he said. "Now, what we're trying to do is gather as many dots as we can, figure out which are the ones that have to be connected and we're getting them connected," he said. While refusing to discuss how the highly classified program works, Chertoff made it pretty clear that it involves "data mining" -collecting vast amounts of international communications data, running it through computers to spot key words and honing in on potential terrorists. A former prosecutor, federal judge and head of the Justice Department's criminal division, he convincingly defended the program's legal basis and intelligence value. I asked him why the Bush administration can't comply with the 1978 Foreign Intelligence Surveillance Act, which allows the government to conduct "emergency" wiretaps for 72 hours. "It's hard to talk about classified stuff," he said, "but suffice it to say that if you have a large volume of data, a large number of [phone] numbers you're intercepting, the typical model for any kind of warrant requires you to establish probable cause [that one party is a foreign agent] on an individual number." FISA warrant applications are inches thick, he said, and "if you're trying to sift through an enormous amount of data very quickly, I think it would be impractical." He said that getting an ordinary FISA warrant is "a voluminous, time-consuming process" and "if you're culling through literally thousands of phone numbers ... you could wind up with a huge problem managing the amount of paper you'd have to generate." What I understood Chertoff to be saying is that when data mining produces evidence of a terrorist contact, the government will then seek a FISA warrant to actually tap the person's phones or "undertake other kinds of activity in order to disrupt something." As legal authority for the program, Chertoff cited a 2002 decision of the FISA Court of Review, which is one level down from the U.S. Supreme Court, holding that a president has "inherent [constitutional] authority to conduct warrantless searches to obtain foreign intelligence information." "We take it for granted that the president does have that authority," the court said, "and, assuming it is so, FISA could not encroach on the president's constitutional powers." Chertoff also said that the courts have given wide latitude to the government in controlling and monitoring activity across international borders. All reports on the NSA activity assert that it's limited to international communications. What about the assertion in The New York Times on Tuesday that virtually all of the thousands of NSA leads sent to the FBI in the months after the Sept. 11, 2001, terrorist attacks led to dead ends or innocent persons? Chertoff said, "You're going to bat well below .100 any time you do intelligence gathering. That's true even in conventional law enforcement. If you get even a small percentage of things to pan out, you've succeeded to a significant degree. "What I can tell you is this," Chertoff said. "The technique of electronic surveillance, which is gathering information about who calls whom or intercepting actual conversation, is the most significant tool in the war against terrorism. "If we didn't have it, I'm quite sure we'd have disrupted fewer attacks and identified fewer [terrorists]." Buried at the bottom of the Times story were a number of cases where actual terrorist operations had been disrupted, apparently as a result of NSA eavesdropping, including efforts to smuggle a missile launcher into the United States, to cut Brooklyn Bridge cables with a blowtorch and an attempt to blow up a fertilizer bomb in London. "I would rather move quickly and remove somebody when we've got a legal basis to do so, charge them with a lesser offense [than terrorism] or deport them, than wait till I have a big case with a big press conference. If we wait until people get operational, it's a failure. Somebody could get killed." The idea that someone could bring down the Brooklyn Bridge with a blowtorch has been ridiculed, but Chertoff said, "People kid about the shoe bomber, but had the bomb gone off and 150 people were killed, I don't think a lot of families would be laughing about it." Civil libertarians seem to fear that the government is collecting huge quantities of data that it can later use politically, but Chertoff said, "I don't think anybody has an interest in accumulating a lot of information. We can barely manage the stuff we care about for avoiding terrorism. "I can actually make the case that the more intelligence we've got, the more we actually protect civil liberties. In a world without intelligence, where we don't have a good idea where the threats are, it means searching people, screening names, barriers and checkpoints, questioning people when they get on an airplane." To me, the bottom line of the NSA spying case is this: Congress should investigate whether President Bush has authority to conduct anti-terrorist data mining. And, if he doesn't, Congress should give it to him - with legislative oversight. As Chertoff told me, "the name of the game here is trying to figure out, with all the billions of pieces of data that float around the world, what data do you need to focus on? What is the stuff you need to worry about? "If you don't use all the tools of gathering these kinds of leads, then you're leaving very valuable tools on the table." And, if and when another 9/11 occurs, the first question that will be asked is: Why? Mort Kondracke is the Executive Editor of Roll Call. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From measl at mfn.org Fri Jan 20 18:05:29 2006 From: measl at mfn.org (J.A. Terranson) Date: Fri, 20 Jan 2006 20:05:29 -0600 (CST) Subject: [Clips] NSA Data Mining Is Legal, Necessary, Sec. Chertoff Says In-Reply-To: References: Message-ID: <20060120200304.Y23511@ubzr.zsa.bet> On Fri, 20 Jan 2006, R. A. Hettinga wrote: > "I think it's important to point out," Homeland Security Secretary Michael > Chertoff told me in an interview, "that there's no evidence that this is a > program designed to achieve political ends or do something nefarious." The whole reason that Chertoff "feel(s) it is important to point out" that there is no "nefarious" undertones is because this argument is a deliberate misdirection. It doesn't matter *why* he's breaking the law, what matters is that he IS breaking the law. Either it's legal or it isn't - discussing the motive is irrelevent. Pay no attention to the fascist behind the White House curtain... -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From sevangeliner at azet.sk Fri Jan 20 15:11:03 2006 From: sevangeliner at azet.sk (bo williamson) Date: Fri, 20 Jan 2006 21:11:03 -0200 Subject: Medical Journal: Fountain of Youth Message-ID: A non-text attachment was scrubbed... Name: not available Type: text/html Size: 575 bytes Desc: not available URL: From d_kostyukov at inbox.ru Fri Jan 20 15:42:41 2006 From: d_kostyukov at inbox.ru (Art Forrest) Date: Fri, 20 Jan 2006 21:42:41 -0200 Subject: Thanks for being a good friend! Message-ID: <200601201942.k0KJgUEH021108@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5299 bytes Desc: not available URL: From dave at farber.net Sat Jan 21 03:34:04 2006 From: dave at farber.net (David Farber) Date: Sat, 21 Jan 2006 06:34:04 -0500 Subject: [IP] more on Search queries *can* contain personal information Message-ID: Begin forwarded message: From bejnety at cafenas.com.br Fri Jan 20 17:59:33 2006 From: bejnety at cafenas.com.br (Rolland Glass) Date: Sat, 21 Jan 2006 06:59:33 +0500 Subject: Don't be left behing- the enlargement revolution! Message-ID: A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1546 bytes Desc: not available URL: From rah at shipwright.com Sat Jan 21 06:14:01 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 21 Jan 2006 09:14:01 -0500 Subject: [Clips] Re: Commercial Key Escrow? Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sat, 21 Jan 2006 09:12:05 -0500 To: "Philodox Clips List" From: "R. A. Hettinga" Subject: [Clips] Re: Commercial Key Escrow? Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com --- begin forwarded text Cc: "Philodox Clips List" From: Nicko van Someren Subject: Re: Commercial Key Escrow? Date: Sat, 21 Jan 2006 11:03:20 +0000 To: "R. A. Hettinga" On 20 Jan 2006, at 22:58, R. A. Hettinga wrote: > --- begin forwarded text > > Date: Fri, 20 Jan 2006 14:10:54 -0800 > From: ericm at lne.com > To: cypherpunks at jfet.org > Subject: Re: Commercial Key Escrow? > User-Agent: Mutt/1.4.1i > Sender: owner-cypherpunks at jfet.org > > On Fri, Jan 20, 2006 at 04:38:56PM -0500, R. A. Hettinga wrote: >> At 1:26 PM -0800 1/20/06, ericm at lne.com wrote: >>> I'm looking for someone who provides an actual commercial key >>> escrow service, not double encryption with a master key. >> >> One would think that the effect, being the same, creates a >> distinction >> without a difference? > > In some cases, yes. But not for this application. > > I really am looking for a commercial trusted third party to hold > keys. > > I've found a bunch of references from ~10 years ago that say > that someday commercial key escrow will be prevalent > but it appears that someday hasn't yet arrived. > > My problem is in many ways similar to the problem a CA would face > in ensuring business continuity in a business that depends on > keeping secrets. > > What does say Verisign do to back up their root CA private keys? > They probably have a bunch of BBN SafeKeypers (or rather the modern > equivalent FIPS-140 hardware). What if all of them croak at the > same time? > > Do they keep multiple backups? What happens if the keys/passphrases > for those backups are lost? > > Or secret sharing? What if N-(K+1) shares are destroyed? Do they > just quit the CA business then? There presumeably are scenerios > under which that is the only answer, and Verisign has judged their > possibility to be so remote and/or their solution cost so high > that they are not worth defending against. > > What would Verisign do if they didn't have security experts to > decide what's an acceptable risk and what isn't, and instead > just wanted to have someone else deal with the problem for them? No matter what sort of architecture one chooses for long term key protection it is inevitably going to fail once some threshold fraction of the system fails. With a simply multiple copies system you have to have 100% failure, but such a system has poorer security properties. K-of-N threshold schemes fail once you've lost N-(K+1) shares but generally have much better security. It is my understanding that Verisign have multiple HSMs for the root and they simply go out of their way to keep them very safe. At nCipher our critical keys (such as firmware signing keys) are distributed using a threshold scheme and we have procedures in place to periodically check the integrity of each share (though never checking more than one at a time). As far as I know there are no active commercial key escrow services around. One problem is that the half-life of Internet companies is short compared to the time people seem to want to keep their keys so it would be hard to trust such a company unless it was very carefully set up. Cheers, Nicko --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rabbi at abditum.com Sat Jan 21 12:06:25 2006 From: rabbi at abditum.com (Len Sassaman) Date: Sat, 21 Jan 2006 12:06:25 -0800 (PST) Subject: CodeCon program announced, early registration deadline nearing Message-ID: The program for CodeCon 2006 has been announced. http://www.codecon.org/2006/program.html CodeCon is the premier showcase of innovative software projects. It is a workshop for developers of real-world applications with working code and active development projects. All presentations will given by one of the lead developers, and accompanied by a functional demo. Highlights of CodeCon 2006 include: iGlance - Open source push-to-talk videoconferencing and screen-sharing Monotone - Low stress, high functionality version control Query By Example - Data mining operations within PostgreSQL Djinni - Efficient approximations to NP-complete problems Elsa/Oink/Cqual++ - A static-time whole-program dataflow analysis for C and C++ Truman - An open-source behavioral malware analysis sandnet VidTorrent/Peers - A scalable real-time p2p streaming protocol The fifth annual CodeCon takes place February 10 - 12, 11:30 - 18:00, at StudioZ (314 11th Street) in San Francisco. Early registration is $63, available online until February 1st, 2006. Registration will be available at the door for $85. Supporting Attendee tickets are also available, and include a one-year membership to the USENIX Association. Please see the CodeCon registration page for details: http://www.codecon.org/2006/registration.html From eugen at leitl.org Sat Jan 21 04:44:49 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 21 Jan 2006 13:44:49 +0100 Subject: [dave@farber.net: [IP] more on Search queries *can* contain personal information] Message-ID: <20060121124449.GZ2301@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Sat Jan 21 05:02:36 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 21 Jan 2006 14:02:36 +0100 Subject: Cringely bored by illegal NSA taps, doesn't think it really matters Message-ID: <20060121130236.GD2301@leitl.org> http://www.pbs.org/cringely/pulpit/pulpit20060119.html January 19, 2006 Hitler on Line One There's a Long History of Intercepting Foreign Communications, and Some of It May Have Been Legal By Robert X. Cringely Who is listening-in on your phone calls? Probably nobody. Right now, there is huge interest in phone tapping in the United States because the Bush Administration (through the National Security Agency) was caught listening in without appropriate court orders. What I have noticed is that, for all the talking and writing on this subject, there seems to be very little real information being presented. So this column is my attempt to share what I've learned about the topic. It might surprise you. Intercepting communications for purposes of maintaining national security is nothing new. From before Pearl Harbor through 1945, EVERY trans-Atlantic phone call, cable and indeed letter was intercepted in Bermuda by the Coordinator of Information (COI) in the White House and later by the Office of Strategic Services (OSS). Sir William Stephenson revealed this in his autobiography, A Man Called Intrepid. They literally tapped the undersea cables and shipped all post to Europe through Bermuda, where every single call was monitored, every cable printed out, and every letter opened. FDR and Churchill needed intelligence and they took the steps they needed to get it. The computer monitoring of cell phone conversations pales in both scale and significance. One fun fact from that monitoring: The CEO of International Telephone & Telegraph (ITT) reportedly spoke with Adolf Hitler on the phone from New York City every week of the war. According to the book The Sovereign State of ITT, the call was placed from New York to South America, and then used a cable from South America to Berlin. Key companies that maintained the German telephone network were ITT subsidiaries at that time, and communications were obviously of strategic importance for Germany; thus Hitler needed to speak with the CEO every week. ITT never stopped running the German phones during the war and were evidently allowed to continue doing so to gather just this sort of intelligence (that's me putting a positive spin on a disturbingly ambiguous relationship). So information technology's ability to eliminate borders in warfare is nothing new, even though it seemed to take the New York Times by surprise! Following the war, the Bell Operating Companies cooperated in national security wiretapping for years based only on the delivery of the so-called "Hoover Letter," under the hand of FBI Director J. Edgar Hoover. As a result of that cooperation, AT&T was ultimately the defendant in 18 national security lawsuits, all of which involved wiretaps of U.S. citizens' domestic communications where there was no prior judicial authorization. The trial court and the D.C. Circuit Court of Appeals decided that AT&T had not violated any constitutional right or law. Keep in mind that international calls or communications were not at issue. In 1967, the U.S. Supreme Court ruled that telephone surveillance was technically a "search," and thus prohibited by the Fourth Amendment to the Constitution unless conducted with a court order. In 1972 the Supreme Court handed down a unanimous opinion that clarified the scope of the Executive Branch to engage in wiretapping without prior judicial approval, saying that the Nixon Administration needed warrants for every domestic phone and wire tap. Even after this decision, however, the Executive Branch continued to conduct electronic surveillance of international communications without prior judicial approval (Republican and Democratic administrations alike), according to people working in these areas for the phone company at that time. Because the objects of those searches were presumed not to be U.S. citizens (whether they actually were or not), the taps were allowed. Jumping to the present day, in the United States there were two categories of phone taps and two major laws governing phone taps -- that is until the Bush Administration invented whole new versions of both. The two laws are the Community Assistance for Law Enforcement Act (CALEA) and the Foreign Intelligence Surveillance Act (FISA). CALEA is for domestic wiretaps and FISA is for international wiretaps. Each requires a report to Congress every year and for the 2004 year (the most recent reported) each had slightly over 1700 qualifying wiretaps. Each law also requires a court order for every tap, though under FISA there is some leeway, and in theory such court orders can be obtained retroactively in any case within 72 hours. To this point what we have been considering are technically called "intercepts" -- listening to phone calls and recording the information they contain. Most phone taps in the U.S. aren't conducted that way at all. On top of the approximately 3,500 CALEA and FISA intercepts conducted each year, there are another 75,000 domestic phone taps called "pen/traps" by the telephone company. While interceptions capture the voice portion of a telephone call or the data portion of an electronic communication, such as the content of e-mail, pen/traps capture just the outgoing digits dialed (the pen register portion of the technology) and the numbers of the incoming callers (the trap and trace portion of the technology). In CALEA terms, these are "call-identifying information." Court authorizations for interceptions are difficult to obtain for many reasons. Pen/traps are easy to obtain. While the government has to obtain court authorization to install a pen/trap, the role of the court in this review and approval procedure is merely "ministerial" -- primarily a form of record-keeping. The government has a very low hurdle to meet to obtain judicial approval for pen/traps, and if that hurdle is met, the court MUST approve the order. Pen/traps are very useful in a criminal investigation, and inexpensive compared to a court-approved interception. So, it is not surprising that there are so many more pen/traps than there are interceptions. To get this far, I had to talk to a lot of former and current telco people, and one thing I learned is that they generally don't like having to do either type of phone tap. Under both laws, telephone companies that do this kind of work are supposed to be reimbursed for it, yet many phone companies never send a bill. Whether that is because of patriotism or fear of liability, I don't know. Many phone companies also outsource their phone taps to smaller firms that specialize in that kind of work. These firms handle the legal paperwork, and generally more than pay for themselves by billing the Feds, too, on behalf of the telco. It feels a little creepy to me knowing that our telephone systems can be accessed at will by "rent-a-tap" outfits, and that the technology has advanced to the point where such intercepts can apparently be done from a properly-authorized PC. Is all of this worth worrying about? What led me on this quest in the first place was the fact that I simply couldn't understand why the Administration felt the need to go beyond FISA, given that the court nearly always granted warrants and warrants could be done retroactively. But does it really matter? I didn't know whether to be outraged or bored, and I feared that most Americans were in similar positions. Given that this is all about National Security, we'll probably never know the full answer. Even if the proper research is conducted and answers obtained, they won't be shared with you or me. But here's a hint from a lawyer who used to be in charge of exactly these compliance issues for one of the largest RBOCs: "While it is true the FISA court approves nearly all applications submitted to it, this is due primarily to the close vetting the DOJ attorneys give to applications before they are submitted to the court. In fact, the FISA appellate court noted that the DOJ standards had been higher than the statute required. I am unaware that the court has 'retroactively' approved any electronic surveillance that was not conducted in an emergency situation. There are four emergency situations enumerated in the statute. Even in an emergency, the government has to apply for approval of what they have already started or in some case finished and these applications have to meet the same strict standards as any other application." So the probable answer is that the several hundred NSA communication intercepts wouldn't have qualified for submission by the DoJ to the FISA court, and some of those might not have qualified for FISA court orders even if they had been submitted. It looks like the difference between using a rifle or a shotgun, with the Bush Administration clearly preferring the shotgun approach. Only time will tell, though, if what they are doing is legal. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From jya at cryptome.net Sat Jan 21 14:48:07 2006 From: jya at cryptome.net (John Young) Date: Sat, 21 Jan 2006 14:48:07 -0800 Subject: Cringely bored by illegal NSA taps, doesn't think it really matters In-Reply-To: <20060121130236.GD2301@leitl.org> Message-ID: Cringely and others of similar ostentatious shallow interest are following the pattern of previous revelations about wiretapping in the national interest. "Not about me," is what they are saying, "so why should I care, and why is everyone getting so worked up about stuff which has been long known." And then take a whack at the latest source by claiming, "what fools are they to not have known this stuff has been always with us." This is a standard ploy for watering down revelations that cut to the bone. Much used by intelligence agencies when caught with their hands in the private affairs of those who fund their payrolls. What is not usually admitted is what is different about the latest revelation, as Cringely says, nothing new has been revealed. Here he shows his own ignorance, and covers that up by reciting hoary precedents that are indeed well known. This pretense of knowledgeability sufficient to discount the latest revelation of what has gone further than before is pure disinformation, and is actually meant to save the reputation of the Cringelys for not being able to distinguish what is new is what is old. There is also the likelihood that this failure is deliberate, a practice of reputable reporters gone stale and too lazy to dig beyond what their favorite insiders tell them. Reputations are traps, the more reputation the greater the trap. Believe no spokesperson or reporter who speaks with authority to compensate for telling the truth unvarnished. To be sure, the NY Times has not yet told the full story of how it came by the NSA poop, what has not yet been reported, what leads were not pursued, who else the publisher and managing editor met with besides Bush before and after the story was published. And there remains a question about the credibility of the Times for its pre-war reporting of inaccuracies, its early patriotic stance, its being beat repeatedly on intelligence affairs and the Iraq war by Sy Hersh and other reporters not dominated by Wall Street and advertisers. Still, until revealed otherwise, the current NY Times is not as closely allied to national authority as it has been in the past, when its reporters worked closely with intelligence agencies, its managing editors were more often warhawks, and it treated independence of journalists as grounds for dismissal. The Times has a ways to go to get back to being a trustworthy source on national security, and that is likely to require more independence than it can financially afford. A lesson the telecomms would like to share: even as they whine about serving the demands of the authorities, they are doing great selling global and domestic services to their "tormentors." Having it both ways is the capitalist agenda: publicly defying government, sucking its bountiful teats. Google is a prime candidate for that, batteries of apologists ready to spread the honest truth. From cflxnvlxq at msn.com Sat Jan 21 07:57:08 2006 From: cflxnvlxq at msn.com (Bridgett Ortiz) Date: Sat, 21 Jan 2006 19:57:08 +0400 Subject: Quality Medicine Available HdcXq Message-ID: Huge selection of meds available at attractive prices. Highest quality assured. Try us out today.. http://au.geocities.com/keary88660madelle1843/ a15F From bogdan_chikov at list.ru Sat Jan 21 07:05:49 2006 From: bogdan_chikov at list.ru (Veronica Ames) Date: Sat, 21 Jan 2006 20:05:49 +0500 Subject: One tab that will bring you to the top of performance Message-ID: <200601220105.k0M15h66025800@proton.jfet.org> No matter your age and actual performance, you can always do better. And the great news is that now you don?t have to wait ? the soft tab gets into bloodstream, including your buddy, in just 15-20 minutes. Down the little thing and start pleasing her in the foreplay, because minutes later you will win her very personal First Prize. Now you can be up for the entire night, reaching heavens of pleasure for both of you. You can now become the king of the bed (or wherever you use it) ? Fast, safe and easy! http://madeikcfhj.dreamteam4u.info/?bglcfhjxwqowymzvtadeik From rah at shipwright.com Sat Jan 21 19:36:30 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 21 Jan 2006 22:36:30 -0500 Subject: [Clips] Constitutional Spying Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sat, 21 Jan 2006 22:33:49 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Constitutional Spying Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Weekly Standard Constitutional Spying The solution to the FISA problem by Gary Schmitt 01/02/2006, Volume 011, Issue 16 The Foreign Intelligence Surveillance Act (FISA) is a chronic problem. The controversy over President Bush's decision to bypass FISA warrants in the electronic surveillance of al Qaeda operatives has highlighted the act's limitations. But FISA has been a problem ever since it became law in 1978. Congress passed and President Carter signed the bill regulating electronic surveillance for foreign intelligence collection in the wake of an extended, post--Watergate debate about the so--called "imperial presidency." The debate was given added urgency by reports and official investigations of indiscriminate snooping in this country by elements of the U.S. intelligence community. However, like so much else from that period, the broad arguments about the president's role in the constitutional order were wrong, and the laws designed to correct real problems created a new set of problems. One irony of today's debate is that so many liberals are now defending FISA. Previously, a common complaint from the ACLU and others was that the secret federal court that issues warrants for foreign intelligence surveillance in this country had become a "rubber stamp" for the executive branch. Out of the thousands of applications put forward by the Department of Justice to the panel over the years, only a handful had ever been rejected. Instead of a check on executive authority, the court had become complicit in its activities-or so it was said. And to a certain extent that has been the case. Yet the reason for the high percentage of approvals has less to do with deference to executive judgment than with FISA's standard for obtaining a warrant when it involves surveillance of an American citizen or an alien residing legally in the United States. Before the government can get a warrant, the Justice Department must put together a case to present before the court stating the "facts and circumstances relied upon . . . to justify [the attorney general's] belief that the target is an agent of a foreign power" or "engages . . . in international terrorism." And the FISA judges can only grant the warrant when "there is probable cause to believe that the target" is engaged in espionage or terrorism. In short, before the government can collect intelligence on someone by breaking into his house or tapping his phones, it had better already have in hand pretty persuasive evidence that the person is probably up to no good. FISA is less about collecting intelligence than confirming intelligence. This shouldn't be news. The inability of the FBI to aggressively pursue suspected foreign agents on U.S. soil was well aired in the 9/11 post--mortems, especially the notorious case of the "20th hijacker," French Moroccan Zacarias Moussaoui. His laptop was in the possession of FBI agents in Minneapolis in August 2001 but, for want of a warrant, was not searched before 9/11. Though much of the court's workings are classified, there are known instances in which FISA's "probable cause" standard prevented the government from getting warrants where common sense made it perfectly clear surveillance was justified. Notably, there was the case of Wen Ho Lee, the Chinese--American scientist who worked at the Los Alamos nuclear weapons lab. Lee downloaded nuclear codes and databases from the lab's secure computers. "In the wrong hands," his boss noted, such information could "change the global strategic balance." Despite this, and the fact that Lee had access to a warhead design that had leaked to the Chinese, had visited China in the period when Beijing apparently acquired the data, and had obvious friendly ties to Chinese nuclear scientists, it was judged that a FISA warrant could not be obtained. It didn't matter how grave the damage might be if Lee was actually engaged in espionage; what mattered was the government had no real evidence that Lee was a likely spy. In retrospect, the fastidiousness shown in the Lee and Moussaoui cases seems ludicrous, and some politicians and experts who have an interest in saving FISA have argued that the law was read too narrowly in both instances. Yet the law is what it is. And certainly it is these same politicians and experts who would be the first to complain about the government not abiding by FISA's standards should a case come to light involving dubious surveillance. Contrary to what many might think, the FBI, NSA, and the permanent bureaucracy at the Department of Justice have supported FISA primarily because it provided a line that they believed protected their organizations from the kinds of public trouble, political second--guessing, and congressional investigations that plagued them in the 1970s. And, for the most part, it has-although at an obvious cost. More broadly, the law rests on a shallow understanding of the Constitution's system of separated powers. FISA's supporters believe that life without the law would lead to unfettered executive power and violate the system's guiding principle of "checks and balances." What the Constitution demands, in their view, is a two--key approach to public authority: No branch gets to act in key instances without concurrent approval from a second branch. That approach, however, conflates the Constitution's scheme of "checks and balances" with its more fundamental system of separated powers. Although some checks do exist-like the president's qualified veto over legislation, or the Senate's role in confirming nominations-they are not the norms for government action but the exceptions. Far more common is for the president, Congress, and the courts to do their own thing, each interacting with the others indirectly and rarely concurrently. And that is the way it was meant to be. Justice Brandeis's famous line that the "doctrine of separation of powers was adopted by the Convention of 1787, not to promote efficiency but to preclude the exercise of arbitrary power" is at best a half truth. After a decade of living under the Articles of Confederation, and seeing state legislatures run roughshod over weak executives, the Constitution's drafters wanted a system of separated powers that would free up the executive, not tie it down. By the time they convened in Philadelphia, the bias against the executive that arose from the fight with the British crown was pretty well gone. So much so that The Federalist would argue during the ratification debate that "energy in the executive is a leading character in the definition of good government" and that "decision, activity, secrecy and dispatch" were qualities only a unitary and independent executive could provide. It's no surprise then that it is precisely these qualities that we see in President Bush's decision to go around FISA in the wake of 9/11 and to order the National Security Agency to conduct warrantless surveillance of emails and calls going back and forth from suspected al Qaeda operatives abroad to the United States, and vice versa. Some critics of the president's actions have argued that he should have asked Congress to amend FISA to meet these new circumstances. Leave aside the practicalities of getting legislation of this sort passed in a timely manner, and without the underlying rationale leaking. This president (or any president worth his salt) would only accept legislation that either confirmed his discretionary authority, or reduced the standard for getting a warrant to some minimal requirement that the collection be "reasonably" connected to the country's foreign intelligence needs. But if legislation of that type were passed, what role would the FISA court actually play? Either it really would become a rubber stamp, or it would become a surrogate executive confirming or denying a warrant based on reasoning that isn't, at bottom, judicial. Do we really want judges to play the role of second--guessers of executive branch decisions, substituting their own judgment on matters of national security for that of the president and his duly appointed subordinates? So, then, what is to be done? Well, to start, we should have a serious debate about abolishing FISA and restoring the president's inherent constitutional authority to conduct warrantless searches for foreign intelligence purposes. And no, this wouldn't return us to the bad old days of a snooping J. Edgar Hoover. Within the executive branch there are now reams of guidelines and teams of inspector generals that make renegade operations improbable or, at least, difficult to keep hidden very long. Just as important, there are now standing intelligence committees in both the House and the Senate. One of the odd effects of FISA has been to take serious and sustained congressional oversight of electronic surveillance off the table. The constitutional body that should be watching the executive's discretionary behavior is, after all, primarily Congress. Here we reach the nub of the matter: The Founders, in the words of The Federalist, did not think it was wise or even possible to set a "limitation of that authority which is to provide for the defense and protection of the community." At the end of the day, a government has to do what is necessary to protect itself and its people. Yet, at the same time, the Founders believed in limited government. How did they square the circle? When it comes to the conduct of war, the history is pretty clear: They expected presidents to do what was required to secure the country's safety. But they did anticipate that Congress would play the role of Monday--morning quarterback: exposing malfeasance when called for, adding or cutting off funds when necessary, passing laws to regularize the exercise of executive discretion without undermining it, and, in the face of truly egregious behavior, being ready to impeach a president. Obviously there is no neat solution to the problem of power and responsibility. However, as Winston Churchill said about democracy itself, the system of discretion and oversight the Constitution establishes is the worst possible solution-except for all others that have been tried. Gary Schmitt is director of the program on advanced strategic studies at the American Enterprise Institute and former executive director of the President's Foreign Intelligence Advisory Board. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From monty at roscom.com Sun Jan 22 05:29:56 2006 From: monty at roscom.com (Monty Solomon) Date: January 22, 2006 5:29:56 PM EST Subject: Logan to start express security program this summer / Message-ID: Participants register and pay yearly fee Logan to start express security program this summer Participants register and pay yearly fee By Peter J. Howe, Globe Staff | January 20, 2006 Logan International Airport will implement a ''registered traveler" program this summer that allows passengers who pass a screening check and pay a yearly fee to use special express security lines. Passengers will also have to submit fingerprints and eye scans to qualify. Other key details of the program, including how much it will cost and when it will start, are still being worked out. To boost interest in the program, participants will probably get benefits such as discounts on parking and dining at the airport, according to Thomas J. Kinton Jr., director of aviation for the Massachusetts Port Authority, which runs Logan. Logan was one of five US airports that conducted small-scale registered-traveler program trials that ended in September. At Logan, the program involved about 1,800 American Airlines frequent fliers. Registered travelers show their boarding passes and get their identities confirmed by a machine that checks either their iris or index finger tip. They still have to go through metal detectors and put their bags through X-ray scanners but often save several minutes by avoiding security lines used by the general public that can get crowded. And unless registered travelers set off a metal detector or have a banned item in their carry-on luggage, they are also exempted from so-called secondary screening patdowns by airport security officials that involve a randomly selected percentage of all travelers in general security lines. Currently, among US airports only Orlando International Airport offers a special registered traveler check-in, which has enrolled 13,000 people since June who pay $80 a year. Airports in Indianapolis, Sacramento, Calif., and San Jose also plan to offer the programs this summer. People who get registered traveler cards from Massport will be able to use them at all US airports that decide to offer the service, Kinton said yesterday. ... http://www.boston.com/news/local/massachusetts/articles/2006/01/20/logan_to_s tart_express_security_program_this_summer/ ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From mv at cdc.gov Sun Jan 22 09:21:55 2006 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 22 Jan 2006 09:21:55 -0800 Subject: Al Q's anonymous comms Message-ID: The system involves each courier hand delivering the tape or the written message to another courier or location without knowing the courier's identity, the origin of the tape or message or its destination. It makes it almost impossible for intelligence agencies to roll up the entire network. http://abcnews.go.com/International/Terrorism/story?id=1527351 ----- End forwarded message ----- How Does al Qaeda Send Terror Tapes Without Getting Caught? Terror Network Uses Complex Messenger System, Which May Span Several Countries Analysis by ALEXIS DEBAT Jan. 20, 2006 . - The broadcast of terror tapes on al Jazeera highlights a question that has haunted U.S. intelligence for a number of years now: How do these tapes find their way to the offices of the Qatari news channel, and why can't something be done to follow their trail to Osama bin Laden's doorstep? This question remained largely unanswered until the arrest last May in Pakistan of Abu Faraj al Libbi, one of al Qaeda's operational commanders. Under intense interrogation, al Libbi revealed that Osama bin Laden's tapes -- like his operational directives -- are hand carried from courier to courier in a long and intricate route that involves several dozen "runners." According to al Libbi, it takes six to 12 weeks of travel in the remote and inhospitable areas along the border between Afghanistan and Pakistan, where bin Laden and Ayman al Zawahri are still hiding. Based on this piece of intelligence, the Pakistani government succeeded in infiltrating parts of these courier networks in 2005. But because of the extraordinary precautions taken by al Qaeda's messengers, the Pakistanis were unable to trace them back to either Zawahri or bin Laden. The system involves each courier hand delivering the tape or the written message to another courier or location without knowing the courier's identity, the origin of the tape or message or its destination. It makes it almost impossible for intelligence agencies to roll up the entire network. Some of these intermediaries are recruited among the thousands of travelling Muslim preachers who roam Pakistan's tribal and northern areas, usually on foot. Analysts believe this system is still in place today, and may span several countries. According to a senior Pakistani intelligence source, the latest tape was hand delivered by an anonymous source to al Jazeera's Dubai bureau in the United Arab Emirates. The tapes are usually dropped off in an envelope at al Jazeera's offices in the Pakistani capital, Islamabad. A 'Back Channel' Relationship? Many commentators suspect a "back channel" relationship between the news channel and the terrorist organization. In 2005, al Jazeera reporter Taysir Alluni, who had interviewed bin Laden in Afghanistan several weeks after 9/11, was sentenced by a Spanish court to seven years in prison for providing help to two al Qaeda operatives wanted in connection with the Madrid train bombings in 2004. Despite this high-profile case, there is little evidence of any formal relationship, agreement or even sustained communication between al Jazeera and al Qaeda. And al Jazeera strongly denies it. Osama bin Laden's use of the Qatari news channel likely has more to do with strategy than ideology. With its audience of 50 million to 70 million viewers around the world, al Jazeera has emerged not only as the Muslim world's most-watched news outlet but as a powerful force driving political views of Muslims around the world. By using al Jazeera to broadcast its messages, al Qaeda is simply borrowing the network's global reach to further its own, while making sure that the message will reach the audience with little alteration or editing, and no mistranslation. This is especially key when bin Laden or Zawahri, as Western intelligence agencies report, wish to send covert messages to their operatives across the world. ABC News consultant Alexis Debat is a terrorism analyst and contributing editor of the National Interest in Washington, D.C. Copyright ) 2006 ABC News Internet Ventures -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From mv at cdc.gov Sun Jan 22 09:21:55 2006 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 22 Jan 2006 09:21:55 -0800 Subject: Al Q's anonymous comms Message-ID: <43D3BF33.B86F833@cdc.gov> The system involves each courier hand delivering the tape or the written message to another courier or location without knowing the courier's identity, the origin of the tape or message or its destination. It makes it almost impossible for intelligence agencies to roll up the entire network. http://abcnews.go.com/International/Terrorism/story?id=1527351 From jya at cryptome.net Sun Jan 22 13:25:00 2006 From: jya at cryptome.net (John Young) Date: Sun, 22 Jan 2006 13:25:00 -0800 Subject: Al Q's anonymous comms In-Reply-To: <43D3BF33.B86F833@cdc.gov> Message-ID: If it's done all by hand to hand that does leave a trail retraceable by close analysis of human residue on the package(s). As well as bio-pinpoint those who need to be squeezed, one by one up the channel. To break that tracking or to at least hinder it, one or more "handoffs" needs to have been done by postal or some other non-specific human transition. And the serial container(s) would have needed to be sanitized or their outer covering removed without leaving detectable residue. Presumably there will be broadcast a bit of disinfo about untraceability to gain time for the backtracking to occur. Perhaps being withheld for a longer period to give the illusion backtracking is not possible. Then cometh the helldog UAVs, perhaps loaded with data to sniff the backtrack , enhanced beyond the capability of bloodhounds. Have there been reports on where the CIA or other operators of the UAVs are located? How far away can they be and remain in control? Are they located at the bases of the aircraft or some distance from the base, closer to targets. Are there on-site or nearby human spotters similar to forward controllers for artillery and aircraft? Or do other UAVs serve this role along with what the attacking UAV reports about itself, subject to bragging about kills? From eugen at leitl.org Sun Jan 22 10:24:52 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 22 Jan 2006 19:24:52 +0100 Subject: [mv@cdc.gov: Al Q's anonymous comms] Message-ID: <20060122182452.GF2301@leitl.org> Unsurprisingly, very much like physical onion routing. By using http://en.wikipedia.org/wiki/Dead_drop even no need for couriers to ever meet each other. I'm resending this in full text, so that the archives will get it. ----- Forwarded message from "Major Variola (ret)" ----- From olcjsyrb at hotmail.com Sun Jan 22 12:06:07 2006 From: olcjsyrb at hotmail.com (Ricardo Camp) Date: Mon, 23 Jan 2006 01:06:07 +0500 Subject: Pay Less Today IHRGc1 Message-ID: <8A997EE3.7684.8415C2D5@localhost> Dear Home Owner, Your credit doesn't matter to us! If you OWN real estate and want IMMEDIATE cash to spend ANY way you like, or simply wish to LOWER your monthly payments by a third or more, here are the deals we have TODAY (hurry, these offers will expire TONIGHT) : $450,000.00 at a 3.85% fixed-rate $374,000.00 at a 3.54% variable-rate $464,000.00 at a 3.77% interest-only $214,000.00 at a 3.54% fixed-rate $134,000.00 at a 3.75% variable-rate Hurry, when these deals are gone, they are gone! Simply fill out this one-minute form... http://2O.neckthu.com/af Don't worry about approval, your credit will not disqualify you! http://DTSzz.neckthu.com/af Sincerely, Phyllis Heller Approval Manager stop the current promo http://uhgJrV.neckthu.com/rem rr From measl at mfn.org Mon Jan 23 01:08:05 2006 From: measl at mfn.org (J.A. Terranson) Date: Mon, 23 Jan 2006 03:08:05 -0600 (CST) Subject: [mv@cdc.gov: Al Q's anonymous comms] In-Reply-To: <20060122182452.GF2301@leitl.org> References: <20060122182452.GF2301@leitl.org> Message-ID: <20060123030649.R49021@ubzr.zsa.bet> Eugen, I am surprised that this is new to you! Dead drops are as old as tradecraft itself. It's also the assumed transmission methodology for potentially fatal messages. No amount of rubberhose technology can recreate the chain. //Alif On Sun, 22 Jan 2006, Eugen Leitl wrote: > Date: Sun, 22 Jan 2006 19:24:52 +0100 > From: Eugen Leitl > To: cypherpunks at jfet.org > Subject: [mv at cdc.gov: Al Q's anonymous comms] > > Unsurprisingly, very much like physical onion routing. > By using http://en.wikipedia.org/wiki/Dead_drop even > no need for couriers to ever meet each other. > > I'm resending this in full text, so that the archives > will get it. > > ----- Forwarded message from "Major Variola (ret)" ----- > > From: "Major Variola (ret)" > Date: Sun, 22 Jan 2006 09:21:55 -0800 > To: "cypherpunks at al-qaeda.net" > Subject: Al Q's anonymous comms > X-Mailer: Mozilla 4.8 [en] (Win98; U) > > The system involves each courier hand delivering the tape or the written > > message to another courier or location without knowing the courier's > identity, the origin of the tape or message or its destination. It makes > it > almost impossible for intelligence agencies to roll up the entire > network. > > http://abcnews.go.com/International/Terrorism/story?id=1527351 > > ----- End forwarded message ----- > > How Does al Qaeda Send Terror Tapes Without Getting Caught? > Terror Network Uses Complex Messenger System, Which May Span Several > Countries > Analysis > by ALEXIS DEBAT > > Jan. 20, 2006 . - The broadcast of terror tapes on al Jazeera highlights a > question that has haunted U.S. intelligence for a number of years now: How do > these tapes find their way to the offices of the Qatari news channel, and why > can't something be done to follow their trail to Osama bin Laden's doorstep? > > This question remained largely unanswered until the arrest last May in > Pakistan of Abu Faraj al Libbi, one of al Qaeda's operational commanders. > Under intense interrogation, al Libbi revealed that Osama bin Laden's tapes -- > like his operational directives -- are hand carried from courier to courier in > a long and intricate route that involves several dozen "runners." > > According to al Libbi, it takes six to 12 weeks of travel in the remote and > inhospitable areas along the border between Afghanistan and Pakistan, where > bin Laden and Ayman al Zawahri are still hiding. Based on this piece of > intelligence, the Pakistani government succeeded in infiltrating parts of > these courier networks in 2005. > > But because of the extraordinary precautions taken by al Qaeda's messengers, > the Pakistanis were unable to trace them back to either Zawahri or bin Laden. > > The system involves each courier hand delivering the tape or the written > message to another courier or location without knowing the courier's identity, > the origin of the tape or message or its destination. It makes it almost > impossible for intelligence agencies to roll up the entire network. > > Some of these intermediaries are recruited among the thousands of travelling > Muslim preachers who roam Pakistan's tribal and northern areas, usually on > foot. > > Analysts believe this system is still in place today, and may span several > countries. According to a senior Pakistani intelligence source, the latest > tape was hand delivered by an anonymous source to al Jazeera's Dubai bureau in > the United Arab Emirates. The tapes are usually dropped off in an envelope at > al Jazeera's offices in the Pakistani capital, Islamabad. > > A 'Back Channel' Relationship? > > Many commentators suspect a "back channel" relationship between the news > channel and the terrorist organization. In 2005, al Jazeera reporter Taysir > Alluni, who had interviewed bin Laden in Afghanistan several weeks after 9/11, > was sentenced by a Spanish court to seven years in prison for providing help > to two al Qaeda operatives wanted in connection with the Madrid train bombings > in 2004. > > Despite this high-profile case, there is little evidence of any formal > relationship, agreement or even sustained communication between al Jazeera and > al Qaeda. And al Jazeera strongly denies it. > > Osama bin Laden's use of the Qatari news channel likely has more to do with > strategy than ideology. With its audience of 50 million to 70 million viewers > around the world, al Jazeera has emerged not only as the Muslim world's > most-watched news outlet but as a powerful force driving political views of > Muslims around the world. > > By using al Jazeera to broadcast its messages, al Qaeda is simply borrowing > the network's global reach to further its own, while making sure that the > message will reach the audience with little alteration or editing, and no > mistranslation. > > This is especially key when bin Laden or Zawahri, as Western intelligence > agencies report, wish to send covert messages to their operatives across the > world. > > ABC News consultant Alexis Debat is a terrorism analyst and contributing > editor of the National Interest in Washington, D.C. > > Copyright ) 2006 ABC News Internet Ventures > > > -- > Eugen* Leitl leitl http://leitl.org > ______________________________________________________________ > ICBM: 48.07100, 11.36820 http://www.ativel.com > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > > [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] > -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From dave at farber.net Mon Jan 23 02:44:26 2006 From: dave at farber.net (David Farber) Date: Mon, 23 Jan 2006 05:44:26 -0500 Subject: [IP] Logan to start express security program this summer / Message-ID: Participants register and pay yearly fee X-Mailer: Apple Mail (2.746.2) Reply-To: dave at farber.net Begin forwarded message: From bolduc at austin.rr.com Mon Jan 23 07:11:04 2006 From: bolduc at austin.rr.com (David Bolduc) Date: January 23, 2006 7:11:04 PM EST Subject: Hayden on NSA program Message-ID: Setting aside the commentary, there are some interesting details here. Useful formatting and pointers (including one to transcript) in original. http://powerlineblog.com/archives/012915.php HAYDEN DELIVERS IMPASSIONED DEFENSE OF NSA Lt. Gen. Michael Hayden, former director of the National Security Agency, delivered a brilliant and heartfelt speech on the NSA's international terrorist surveillance program at the National Press Club today. You can, and should, read it all here. What follows are just a few of the many highlights: In the days after 9/11, NSA was using its authorities and its judgment to appropriately respond to the most catastrophic attack on the homeland in the history of the nation. That shouldn't be a headline, but as near as I can tell, these actions on my part have created some of the noise in recent press coverage. Let me be clear on this point -- except that they involved NSA, these programs were not related -- these programs were not related -- to the authorization that the president has recently spoken about. Back then, September 2001, I asked to update the Congress on what NSA had been doing, and I briefed the entire House Intelligence Committee on the 1st of October on what we had done under our previously existing authorities. Now, as another part of our adjustment, we also turned on the spigot of NSA reporting to FBI in, frankly, an unprecedented way. We found that we were giving them too much data in too raw form. We recognized it almost immediately, a question of weeks, and we made all of the appropriate adjustments. Now, this flow of data to the FBI has also become part of the current background noise, and despite reports in the press of thousands of tips a month, our reporting has not even approached that kind of pace. You know, I actually find this a little odd. After all the findings of the 9/11 commission and other bodies about the failure to share intelligence, I'm up here feeling like I have to explain pushing data to those who might be able to use it. And of course, it's the nature of intelligence that many tips lead nowhere, but you have to go down some blind alleys to find the tips that pay off. Now, beyond the authorities that I exercised under the standing executive order, as the war on terror has moved forward, we have aggressively used FISA warrants. The act and the court have provided us with important tools, and we make full use of them. Published numbers show us using the court at record rates, and the results have been outstanding. But the revolution in telecommunications technology has extended the actual impact of the FISA regime far beyond what Congress could ever have anticipated in 1978. And I don't think that anyone can make the claim that the FISA statute is optimized to deal with or prevent a 9/11 or to deal with a lethal enemy who likely already had combatants inside the United States. I testified in open session to the House Intel Committee in April of the year 2000. At the time, I created some looks of disbelief when I said that if Osama bin Laden crossed the bridge from Niagara Falls, Ontario to Niagara Falls, New York, there were provisions of U.S. law that would kick in, offer him protections and affect how NSA could now cover him. At the time, I was just using this as some of sort of stark hypothetical; 17 months later, this is about life and death. So now, we come to one additional piece of NSA authorities. These are the activities whose existence the president confirmed several weeks ago. That authorization was based on an intelligence community assessment of a serious and continuing threat to the homeland. The lawfulness of the actual authorization was reviewed by lawyers at the Department of Justice and the White House and was approved by the attorney general. But we all have personal responsibility, and in the end, NSA would have to implement this, and every operational decision the agency makes is made with the full involvement of its legal office. NSA professional career lawyers -- and the agency has a bunch of them -- have a well-deserved reputation. They're good, they know the law, and they don't let the agency take many close pitches. And so even though I knew the program had been reviewed by the White House and by DOJ, by the Department of Justice, I asked the three most senior and experienced lawyers in NSA: Our enemy in the global war on terrorism doesn't divide the United States from the rest of the world, the global telecommunications system doesn't make that distinction either, our laws do and should; how did these activities square with these facts? They reported back to me. They supported the lawfulness of this program. Supported, not acquiesced. This was very important to me. A veteran NSA lawyer, one of the three I asked, told me that a correspondent had suggested to him recently that all of the lawyers connected with this program have been very careful from the outset because they knew there would be a day of reckoning. The NSA lawyer replied to him that that had not been the case. NSA had been so careful, he said -- and I'm using his words now here -- NSA had been so careful because in this very focused, limited program, NSA had to ensure that it dealt with privacy interests in an appropriate manner. In other words, our lawyers weren't careful out of fear; they were careful out of a heartfelt, principled view that NSA operations had to e consistent with bedrock legal protections. You know, the 9/11 commission criticized our ability to link things happening in the United States with things that were happening elsewhere. In that light, there are no communications more important to the safety of this country than those affiliated with al Qaeda with one end in the United States. The president's authorization allows us to track this kind of call more comprehensively and more efficiently. The trigger is quicker and a bit softer than it is for a FISA warrant, but the intrusion into privacy is also limited: only international calls and only those we have a reasonable basis to believe involve al Qaeda or one of its affiliates. The purpose of all this is not to collect reams of intelligence, but to detect and prevent attacks. The intelligence community has neither the time, the resources nor the legal authority to read communications that aren't likely to protect us, and NSA has no interest in doing so. These are communications that we have reason to believe are al Qaeda communications, a judgment made by American intelligence professionals, not folks like me or political appointees, a judgment made by the American intelligence professionals most trained to understand al Qaeda tactics, al Qaeda communications and al Qaeda aims. Their work is actively overseen by the most intense oversight regime in the history of the National Security Agency. The agency's conduct of this program is thoroughly reviewed by the NSA's general counsel and inspector general. The program has also been reviewed by the Department of Justice for compliance with the president's authorization. Oversight also includes an aggressive training program to ensure that all activities are consistent with the letter and the intent of the authorization and with the preservation of civil liberties. Let me talk for a few minutes also about what this program is not. It is not a driftnet over Dearborn or Lackawanna or Freemont grabbing conversations that we then sort out by these alleged keyword searches or data-mining tools or other devices that so-called experts keep talking about. This is targeted and focused. This is not about intercepting conversations between people in the United States. This is hot pursuit of communications entering or leaving America involving someone we believe is associated with al Qaeda. We bring to bear all the technology we can to ensure that this is so. And if there were ever an anomaly, and we discovered that there had been an inadvertent intercept of a domestic-to-domestic call, that intercept would be destroyed and not reported. But the incident, what we call inadvertent collection, would be recorded and reported. But that's a normal NSA procedure. It's been our procedure for the last quarter century. And as always, as we always do when dealing with U.S. person information, as I said earlier, U.S. identities are expunged when they're not essential to understanding the intelligence value of any report. Again, that's a normal NSA procedure. Let me emphasize one more thing that this program is not -- and, look, I know how hard it is to write a headline that's accurate and short and grabbing. But we really should shoot for all three -- accurate, short and grabbing. I don't think domestic spying makes it. One end of any call targeted under this program is always outside the United States. I've flown a lot in this country, and I've taken literally hundreds of domestic flights. I have never boarded a domestic flight in the United States of America and landed in Waziristan. In the same way -- and I'm speaking illustratively here now, this is just an example -- if NSA had intercepted al Qaeda Ops Chief Khalid Shaikh Mohammed in Karachi talking to Mohamed Atta in Laurel, Maryland, in say, July of 2001 -- if NSA had done that, and the results had been made public, I'm convinced that the crawler on all the 7 by 24 news networks would not have been "NSA domestic spying." Had this program been in effect prior to 9/11, it is my professional judgment that we would have detected some of the 9/11 al Qaeda operatives in the United States, and we would have identified them as such. I've said earlier that this program's been successful. Clearly not every lead pans out from this or any other source, but this program has given us information that we would not otherwise had been able to get. It's impossible for me to talk about this any more in a public way without alerting our enemies to our tactics or what we have learned. I can't give details without increasing the danger to Americans. On one level, believe me, I wish that I could. But I can't. Some of the questions and answers were intensely interesting: QUESTION: Yes, Wayne Madsen, syndicated columnist. General, how do you explain the fact that there were several rare spectacles of whistleblowers coming forward at NSA, especially after 9/11, something that hasn't really happened in the past, who have complained about violations of FISA and United States Signals Intelligence Directive 18, which implements the law at the agency? GEN. HAYDEN: I talked to the NSA staff on Friday. The NSA inspector general reports to me, as of last Friday, from the inception of this program through last Friday night, not a single employee of the National Security Agency has addressed a concern about this program to the NSA IG. I should also add that no member of the NSA workforce who has been asked to be included in this program has responded to that request with anything except enthusiasm. I don't know what you're talking about. So whoever the NY Times sources were, they didn't work for NSA. Here's more: QUESTION: General Hayden, the FISA law says that the NSA can do intercepts as long as you go to the court within 72 hours to get a warrant. I understood you to say that you are aggressively using FISA but selectively doing so. Why are you not able to go to FISA as the law requires in all cases? And if the law is outdated, why haven't you asked Congress to update it? [Ed: Note how the journalists immediately encapsulate the Democrats' critique of the NSA program in their questions.] GEN. HAYDEN: Lots of questions contained there. Let me try them one at a time. First of all, I need to get a statement of fact out here, all right? NSA cannot -- under the FISA statute, NSA cannot put someone on coverage and go ahead and play for 72 hours while it gets a note saying it was okay. All right? The attorney general is the one who approves emergency FISA coverage, and the attorney general's standard for approving FISA coverage is a body of evidence equal to that which he would present to the court. So it's not like you can throw it on for 72 hours. In the instances where this program applies, FISA does not give us the operational effect that the authorities that the president has given us give us. Look. I can't -- and I understand it's going to be an incomplete answer, and I can't give you all the fine print as to why, but let me just kind of reverse the answer just a bit. If FISA worked just as well, why wouldn't I use FISA? To save typing? No. There is an operational impact here, and I have two paths in front of me, both of them lawful, one FISA, one the presidential -- the president's authorization. And we go down this path because our operational judgment is it is much more effective. So we do it for that reason. I think I've got -- I think I've covered all the ones you raised. This one is hilarious. A reporter offers up an incoherent Democratic talking point: QUESTION: You cited before the congressional powers of the president. Are you -- are you asserting inherent so-called constitutional powers that a -- to use the term that came up in the Alito hearings -- "a unitary executive" has to violate the law when he deems fit? GEN. HAYDEN: I'm not asserting anything. I'm asserting that NSA is doing its job. Is it possible that our reporters can be that dim-witted? I'm afraid so. Here's another: QUESTION: Justine Redman with CNN. How was national security harmed by The New York Times reporting on this program? Don't the bad guys already assume that they're being monitored anyway, and shouldn't Americans, you know, bear in mind that they might be at any time? GEN. HAYDEN: You know, we've had this question asked several times. Public discussion of how we determine al Qaeda intentions, I just -- I can't see how that can do anything but harm the security of the nation. And I know people say, "Oh, they know they're being monitored." Well, you know, they don't always act like they know they're being monitored. But if you want to shove it in their face constantly, it's bound to have an impact. [C]onstant revelations and speculation and connecting the dots in ways that I find unimaginable, and laying that out there for our enemy to see cannot help but diminish our ability to detect and prevent attacks. This one was interesting from a technical standpoint: QUESTION: Two questions in two areas for you. One, can you describe a little further who the targets of these collection are? Are you looking at individuals or are you looking at phone numbers, websites, e-mail addresses? *** [Gen. Hayden]: [Y]our first question. Are these individuals, are these phone numbers, are these e-mail accounts and so on? Hard for me to get into the specifics. I would just say that what it is we do is that we use our art form -- we use our science and our art to -- as best as we can, okay? -- specifically target communications we have reason to believe are associated with al Qaeda, and we use all of the tools, Katie, available to us to do that. QUESTION: So you can't be any more specific than as to whether it's focused on individuals or phone numbers? GEN. HAYDEN: I would love to, but I can't. The issue of the 72-hour emergency FISA order came up again: QUESTION: James Rosen, McClatchy Newspapers. *** [A] second, sort of linked, question is, on the 72 hours, if what you said is true, if I understood it, then I and, I think, a lot of other reporters have been misreporting this. [Ed.: No kidding!] Can you explain, on the 72 hours -- (inaudible) -- because you said it's not true, but you didn't explain why it's not true. GEN. HAYDEN: I'm sorry. To be very clear. We throw the language out and we all maybe lose precision as we do it. NSA just can't go up on a number for 72 hours while it finishes out the paperwork. The attorney general is the only one who can authorize what's called an emergency FISA. That's what we're talking about there, all right? So it's not -- my point was, that's not something that NSA under the FISA act can do on its own. QUESTION: Well, just a quick follow-up on that. I mean, can it be as quick as you call the attorney general, or the NSA director calls the attorney general, says, "We got to go up now," and he says, "Okay, fill out the paperwork"? GEN. HAYDEN: The standard the attorney general must have is that he has sufficient evidence in front of him that he believes he can substantiate that in front of the FISA court. So the Presidential authorization is used when NSA does not yet have all of the information needed to fill out the very onerous form necessary to obtain a FISA order, which we wrote about here. And, finally, this last, slightly cryptic exchange: QUESTION: The legal standard is probable cause, General. You used the terms just a few minutes ago, "We reasonably believe." And a FISA court, my understanding is, would not give you a warrant if you went before them and say "we reasonably believe"; you have to go to the FISA court, or the attorney general has to go to the FISA court and say, "we have probable cause." And so what many people believe -- and I'd like you to respond to this -- is that what you've actually done is crafted a detour around the FISA court by creating a new standard of "reasonably believe" in place in probable cause because the FISA court will not give you a warrant based on reasonable belief, you have to show probable cause. Could you respond to that, please? GEN. HAYDEN: Sure. I didn't craft the authorization. I am responding to a lawful order. All right? The attorney general has averred to the lawfulness of the order. Just to be very clear -- and believe me, if there's any amendment to the Constitution that employees of the National Security Agency are familiar with, it's the Fourth. And it is a reasonableness standard in the Fourth Amendment. And so what you've raised to me -- and I'm not a lawyer, and don't want to become one -- what you've raised to me is, in terms of quoting the Fourth Amendment, is an issue of the Constitution. The constitutional standard is "reasonable." And we believe -- I am convinced that we are lawful because what it is we're doing is reasonable. I think that what the reporter said was correct, as to the Presidential authorization, even though he was wrong about the language of the Fourth Amendment. The most fundamental difference between the program authorized by President Bush post-September 11 and FISA is that FISA requires extensive paperwork designed to show probable cause that a person to be surveilled is connected to terrorism. Under the Presidential authorization, it sounds as though the standard is "reasonable belief" as opposed to "probable cause." General Hayden was correct, of course, as to the constitutional standard. It is not unreasonable to intercept international communications that are reasonably believed to involve al Qaeda; therefore, the program is constitutional. There is much more that could be said, and I'll try to return to this later. ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Mon Jan 23 01:26:46 2006 From: eugen at leitl.org (Eugen Leitl) Date: Mon, 23 Jan 2006 10:26:46 +0100 Subject: [mv@cdc.gov: Al Q's anonymous comms] In-Reply-To: <20060123030649.R49021@ubzr.zsa.bet> References: <20060122182452.GF2301@leitl.org> <20060123030649.R49021@ubzr.zsa.bet> Message-ID: <20060123092646.GP2301@leitl.org> On Mon, Jan 23, 2006 at 03:08:05AM -0600, J.A. Terranson wrote: > Eugen, I am surprised that this is new to you! Dead drops are as old as > tradecraft itself. I mentioned physical dead drops for the benefit of potential new list members, who're familiar with IT but possibly ignorant of basic organization methods of underground movements. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Mon Jan 23 03:02:19 2006 From: eugen at leitl.org (Eugen Leitl) Date: Mon, 23 Jan 2006 12:02:19 +0100 Subject: [dave@farber.net: [IP] Logan to start express security program this summer / Participants register and pay yearly fee] Message-ID: <20060123110219.GX2301@leitl.org> ----- Forwarded message from David Farber ----- From coderman at gmail.com Mon Jan 23 13:30:49 2006 From: coderman at gmail.com (coderman) Date: Mon, 23 Jan 2006 13:30:49 -0800 Subject: RentaCops in Public Spaces? In-Reply-To: <20060123200013.GA24369@arion.hive> References: <20060123200013.GA24369@arion.hive> Message-ID: <4ef5fec60601231330o13d246f7y359e9b17204843bd@mail.gmail.com> On 1/23/06, Justin wrote: > ... > The city can probably contract private security if it wants. The > footbridges may not even be public property, just open to the public. remember blackwater at NOLA? now that's creepy... From camera_lumina at hotmail.com Mon Jan 23 10:37:38 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 23 Jan 2006 13:37:38 -0500 Subject: RentaCops in Public Spaces? Message-ID: Hey... Over West Street by the former World Trade Center site there are two pedestrian footbridges. Something's been pissing me off a bit: Each of those bridges (which run over West Street--public property) are staffed by non-Cops with gray jackets that say "SECURITY". periodically, if someone goes the wrong way up an escalator or a tourist crosses a line to get a better photo, these rentaCops will whistle or shout them out of wherever they are. Is this legal? Are we really allowing private rentacops to take police functions on public property? -TD From camera_lumina at hotmail.com Mon Jan 23 10:45:32 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 23 Jan 2006 13:45:32 -0500 Subject: Cringely bored by illegal NSA taps, doesn't think it really matters In-Reply-To: Message-ID: John Young wrote... "Still, until revealed otherwise, the current NY Times is not as closely allied to national authority as it has been in the past, when its reporters worked closely with intelligence agencies, its managing editors were more often warhawks, and it treated independence of journalists as grounds for dismissal." Eh. I'm not so sure. The Times doesn't want to get caught behind the times, so to speak, if this whole anti-Bush/anti-war thing really breaks out mainstream. Meanwhile, they've published commentary that exceeds even some of the crazier right-wing pronouncements. -TD >From: John Young >To: cypherpunks at jfet.org >Subject: Re: Cringely bored by illegal NSA taps, doesn't think it really > matters >Date: Sat, 21 Jan 2006 14:48:07 -0800 > >Cringely and others of similar ostentatious shallow interest are following >the pattern of previous revelations about wiretapping in the national >interest. >"Not about me," is what they are saying, "so why should I care, and why is >everyone getting so worked up about stuff which has been long known." > >And then take a whack at the latest source by claiming, "what fools >are they to not have known this stuff has been always with us." > >This is a standard ploy for watering down revelations that cut to the >bone. Much used by intelligence agencies when caught with their >hands in the private affairs of those who fund their payrolls. > >What is not usually admitted is what is different about the latest >revelation, as Cringely says, nothing new has been revealed. Here >he shows his own ignorance, and covers that up by reciting hoary >precedents that are indeed well known. > >This pretense of knowledgeability sufficient to discount the latest >revelation of what has gone further than before is pure disinformation, >and is actually meant to save the reputation of the Cringelys for not >being able to distinguish what is new is what is old. There is also >the likelihood that this failure is deliberate, a practice of reputable >reporters gone stale and too lazy to dig beyond what their favorite >insiders tell them. > >Reputations are traps, the more reputation the greater the trap. >Believe no spokesperson or reporter who speaks with authority >to compensate for telling the truth unvarnished. > >To be sure, the NY Times has not yet told the full story of how >it came by the NSA poop, what has not yet been reported, what >leads were not pursued, who else the publisher and managing >editor met with besides Bush before and after the story was >published. > >And there remains a question about the credibility of the Times >for its pre-war reporting of inaccuracies, its early patriotic stance, >its being beat repeatedly on intelligence affairs and the Iraq war by >Sy Hersh and other reporters not dominated by Wall Street and >advertisers. > >Still, until revealed otherwise, the current NY Times is not as >closely allied to national authority as it has been in the past, when >its reporters worked closely with intelligence agencies, its managing >editors were more often warhawks, and it treated independence of >journalists as grounds for dismissal. > >The Times has a ways to go to get back to being a trustworthy >source on national security, and that is likely to require more >independence than it can financially afford. A lesson the telecomms >would like to share: even as they whine about serving the demands >of the authorities, they are doing great selling global and domestic >services to their "tormentors." Having it both ways is the capitalist >agenda: publicly defying government, sucking its bountiful teats. > >Google is a prime candidate for that, batteries of apologists ready >to spread the honest truth. From camera_lumina at hotmail.com Mon Jan 23 14:02:29 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 23 Jan 2006 17:02:29 -0500 Subject: RentaCops in Public Spaces? In-Reply-To: <4ef5fec60601231330o13d246f7y359e9b17204843bd@mail.gmail.com> Message-ID: Yes, it occurs to me that they might be considered private property. BUT they are over West Street. Does this make them public? (Or at least the portions that are technically over public property?) Makes me think I need to get ME a SECURITY jacket or, better yet: POLICE. I see all sorts of MwG running rackets of various sorts: I want in...time to get with the program and start collecting taxes!!! -TD >From: coderman >To: Justin >CC: cypherpunks at jfet.org >Subject: Re: RentaCops in Public Spaces? >Date: Mon, 23 Jan 2006 13:30:49 -0800 > >On 1/23/06, Justin wrote: > > ... > > The city can probably contract private security if it wants. The > > footbridges may not even be public property, just open to the public. > >remember blackwater at NOLA? now that's creepy... From dave at farber.net Mon Jan 23 16:33:42 2006 From: dave at farber.net (David Farber) Date: Mon, 23 Jan 2006 19:33:42 -0500 Subject: [IP] Hayden on NSA program Message-ID: Begin forwarded message: From linden.nixonaxn at gmail.com Mon Jan 23 06:57:39 2006 From: linden.nixonaxn at gmail.com (Inez Campbell) Date: Mon, 23 Jan 2006 19:57:39 +0500 Subject: Open something new for your self Message-ID: <200601240058.k0O0wJkM020554@proton.jfet.org> Cialis Soft Tabs is the new impotence treatment drug that everyone is talking about. It has benefits over Viagra and other ED treatment solutions. Here goes some reasons to choose Cialis Soft Tabs: 1. You can mix alcohol drinks with Cialis Soft Tabs without any undesired effects. 2.Cialis Soft Tabs does not make you feel dizzy or make vision blurred, so you can easily drive a car or operate heavy machinery. 3.Cialis soft tabs works much faster than any known ED treatment solution. Cialis Soft Tabs enters the bloodstream directly instead of going through the stomach, thus you need only 15 minutes till you feel the effect. Just look at the graph below If you are interested ? Just click here and Read more about it http://bcfhegkli.nicproc.net/?adjmixwqowybcfhzctegkl AND ALSO Cialis Soft Tabs formula is effective for 95% of the patients. If this treatment is not effective for you, we will refund you for every unopened pack. All you have to do is send them back, and we will immediatley refund your account! From justin-cypherpunks at soze.net Mon Jan 23 12:00:14 2006 From: justin-cypherpunks at soze.net (Justin) Date: Mon, 23 Jan 2006 20:00:14 +0000 Subject: RentaCops in Public Spaces? In-Reply-To: References: Message-ID: <20060123200013.GA24369@arion.hive> On 2006-01-23T13:37:38-0500, Tyler Durden wrote: > Over West Street by the former World Trade Center site there are two > pedestrian footbridges. > > Something's been pissing me off a bit: Each of those bridges (which run > over West Street--public property) are staffed by non-Cops with gray > jackets that say "SECURITY". periodically, if someone goes the wrong way up > an escalator or a tourist crosses a line to get a better photo, these > rentaCops will whistle or shout them out of wherever they are. > > Is this legal? Are we really allowing private rentacops to take police > functions on public property? The city can probably contract private security if it wants. The footbridges may not even be public property, just open to the public. -- The six phases of a project: I. Enthusiasm. IV. Search for the Guilty. II. Disillusionment. V. Punishment of the Innocent. III. Panic. VI. Praise & Honor for the Nonparticipants. From measl at mfn.org Mon Jan 23 18:05:30 2006 From: measl at mfn.org (J.A. Terranson) Date: Mon, 23 Jan 2006 20:05:30 -0600 (CST) Subject: [mv@cdc.gov: Al Q's anonymous comms] In-Reply-To: <20060123092646.GP2301@leitl.org> References: <20060122182452.GF2301@leitl.org> <20060123030649.R49021@ubzr.zsa.bet> <20060123092646.GP2301@leitl.org> Message-ID: <20060123200318.X49021@ubzr.zsa.bet> On Mon, 23 Jan 2006, Eugen Leitl wrote: > I mentioned physical dead drops for the benefit of potential new list > members, "Potential new list members" Hrmmmm.... thats a thought. Is this really a possibility? I thought CP was in it's final spiral - no new anything. The traffic gets less and less every day. Even Choate is gone. "New list members" Naw. 'Taint possible... -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From dave at farber.net Mon Jan 23 18:32:52 2006 From: dave at farber.net (David Farber) Date: Mon, 23 Jan 2006 21:32:52 -0500 Subject: [IP] More on Hayden on NSA program Message-ID: -----Original Message----- From: Tim Finin [mailto:finin at cs.umbc.edu] Sent: Monday, January 23, 2006 9:13 PM To: dave at farber.net Subject: More on Hayden on NSA program I was puzzled when I heard this exchange on the radio. General Hayden was clearly denying that "probable cause" was the standard for what is allowed in the fourth amendment. But the Constitution seems to say otherwise. It turns out that there's a trick involved, so pay close attention. Here's the exchange: Q: Jonathan Landay with Knight Ridder. I'd like to stay on the same issue, and that had to do with the standard by which you use to target your wiretaps. I'm no lawyer, but my understanding is that the Fourth Amendment of the Constitution specifies that you must have probable cause to be able to do a search that does not violate an American's right against unlawful searches and seizures. Do you use -- HAYDEN: No, actually -- the Fourth Amendment actually protects all of us against unreasonable search and seizure. That's what it says. Q: But the measure is probable cause, I believe. HAYDEN: The amendment says unreasonable search and seizure. Q: But does it not say probable ... HAYDEN: No. The amendment says unreasonable search and seizure... Just to be very clear -- and believe me, if there's any amendment to the Constitution that employees of the National Security Agency are familiar with, it's the Fourth. And it is a reasonableness standard in the Fourth Amendment. And so what you've raised to me -- and I'm not a lawyer, and don't want to become one -- what you've raised to me is, in terms of quoting the Fourth Amendment, is an issue of the Constitution. The constitutional standard is "reasonable." And we believe -- I am convinced that we are lawful because what it is we're doing is reasonable." And here is the fourth amendment: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. The trick is this -- "probable cause" is only needed to get a warrant for a search, so if you forgo asking for a warrant to be issued, you are home free. Slam dunk. This Law stuff is pretty neat. ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From CherylMejiadiagnoses at alliedtrades.org Mon Jan 23 19:43:35 2006 From: CherylMejiadiagnoses at alliedtrades.org (Augustus Moran) Date: Mon, 23 Jan 2006 22:43:35 -0500 Subject: Refill Reminder alien Message-ID: <227212032200.16751.casey@outbacklinux.com> Xanax and other drugs with wholesale prices. You wont find better prices anywhere! Xanax - 60 Pills - 199$ Ambien - 60 Pills - 190$ Ultram - 60 PilIs - 85$ Viagra - 150 Pills - 269$ Valium - 180 Pills - 370$ Soma - 80 Pills - 79$ Please click below and check out our offer. http://zadoro.info/?fc58b735bS868ae37a77b810d109S5be spirit you competent me, feb . beef you seraphim me, pantheon vouchsafe epithet initiate . dune you prize me, biplane anastomosis . qed you sequin me, atmospheric creed malnutrition . palisade you formosa me, claimant taffeta . From justin-cypherpunks at soze.net Mon Jan 23 16:39:16 2006 From: justin-cypherpunks at soze.net (Justin) Date: Tue, 24 Jan 2006 00:39:16 +0000 Subject: RentaCops in Public Spaces? In-Reply-To: References: <4ef5fec60601231330o13d246f7y359e9b17204843bd@mail.gmail.com> Message-ID: <20060124003916.GA25249@arion.hive> On 2006-01-23T17:02:29-0500, Tyler Durden wrote: > Yes, it occurs to me that they might be considered private property. BUT > they are over West Street. Does this make them public? (Or at least the > portions that are technically over public property?) > > Makes me think I need to get ME a SECURITY jacket or, better yet: POLICE. I I'd suggest a fed TLA or FLA, something like FCC or FEMA. A fed can always make up an excuse to be just about anywhere. FBI, DEA, and ATF are too high-profile. SECURITY and POLICE are too generic; people might not take you seriously. > see all sorts of MwG running rackets of various sorts: I want in...time to > get with the program and start collecting taxes!!! That's easy enough. Grab a gun, sweat pants, hooded jacket, ski mask, gloves, and lurk outside some isolated fine dining establishment. If your (loyal) taxpayers complain about taxation without representation, accuse them of being unpatriotic, and offer them a chance to vote on who you mug next. -- The six phases of a project: I. Enthusiasm. IV. Search for the Guilty. II. Disillusionment. V. Punishment of the Innocent. III. Panic. VI. Praise & Honor for the Nonparticipants. From mcchlery.rosasgl6s at gmail.com Mon Jan 23 17:31:51 2006 From: mcchlery.rosasgl6s at gmail.com (Marlin Ladner) Date: Tue, 24 Jan 2006 01:31:51 +0000 Subject: Greater control over ejaculation Message-ID: <200601240129.k0O1T4IP021583@proton.jfet.org> A recent survey showed that 68% of women are unsatisfied with their sexual partners. Of course most of these women would never tell their partner that they are unhappy. Not being able to fully satisfy a woman can result in depression and feelings of inadequacy. Thankfully, men of all ages can now safely and naturally enhance their body and penis anatomy and renew sexual vitality without resorting to dangerous surgery. The all natural proprietary blend of unique herbs found in Maxaman is designed to restore blood flow to your penis, unleash stored testosterone, and heighten sensation by activating the body's natural hormone production and supplying vital nutrients necessary for peak sexual performance. http://aegbchifkm.yoursunlightzone.info/?djlfkmxwqowyaegzmmbchi From dave at farber.net Tue Jan 24 07:12:55 2006 From: dave at farber.net (David Farber) Date: Tue, 24 Jan 2006 10:12:55 -0500 Subject: [IP] More on Hayden on NSA program Message-ID: -----Original Message----- From: Daniel Weitzner [mailto:djweitzner at csail.mit.edu] Sent: Tuesday, January 24, 2006 9:37 AM To: dave at farber.net Cc: Ip; Tim Finin Subject: (for IP) Re: [IP] More on Hayden on NSA program Hi Dave and Tim, Applying 4th Amendment principles is generally a puzzle. This situation is even more complex because the Administration seems to be arguing that most of the statutory rules that usually apply (FISA, Wiretap Act) just don't. So there are really two questions: -can the Administration program avoid FISA? -if so, is it permissible under the 4th Amendment? Most of the arguments from the Administration have focused on the first part of this question -- do the statutes apply? By going to the substance of the 4th Amedment, Hayden re-opens a lot of settled questions about wiretapping. In particular, if it's the case that the surveillance was conducted in order to discover patterns of activity, rather than get at communications of people already under sufficient suspicion to justify a probably cause warrant or a FISA order, then we have to get in the question of the 4th amendment status of pattern detection. Some people characterize this a fishing expedition. I think that there are interesting parallels with suspicionless searches such as roadblocks. A recent case on this subject, Indianapolis v. Edmonds, 531 U.S. 32 (2000) illuminates some of the issues Tim raises: "The Fourth Amendment requires that searches and seizures be reasonable. A search or seizure is ordinarily unreasonable in the absence of individualized suspicion of wrongdoing.... While such suspicion is not an "irreducible" component of reasonableness, we have recognized only limited circumstances in which the usual rule does not apply." The court in Edmonds struck down an Indianapolis policy department practice of erecting roadblock that randomly stop drivers to check for illegal drugs. Though random checks to stop immediate driving- related hazards such as drunk driving had previously been approved, the Court here rejected the illegal drug roadblock because the Fourth Amendment does not allow "suspicionless searches" except in "special circumstances." Ordinary crime control is not a special circumstance, but the Supreme Court went on to say: "...the Fourth Amendment would almost certainly permit an appropriately tailored roadblock set up to ***thwart an imminent terrorist attack*** or to catch a dangerous criminal who is likely to flee by way of a particular route. See 183 F. 3d, at 662-663. The exigencies created by these scenarios are far removed from the circumstances under which authorities might simply stop cars as a matter of course to see if there just happens to be a felon leaving the jurisdiction. While we do not limit the purposes that may justify a checkpoint program to any rigid set of categories, we decline to approve a program whose primary purpose is ultimately indistinguishable from the general interest in crime control." (emphasis added) How does this rule on physical searches of cars (which have largely lost their 4th Amendment protection) apply to electronic surveillance? I'm sure we hear a lot about this from all sides. Danny On Jan 23, 2006, at 9:32 PM, David Farber wrote: > > > -----Original Message----- > From: Tim Finin [mailto:finin at cs.umbc.edu] > Sent: Monday, January 23, 2006 9:13 PM > To: dave at farber.net > Subject: More on Hayden on NSA program > > I was puzzled when I heard this exchange on the radio. > General Hayden was clearly denying that "probable cause" was > the standard for what is allowed in the fourth amendment. > But the Constitution seems to say otherwise. It turns out that > there's a trick involved, so pay close attention. > > Here's the exchange: > > Q: Jonathan Landay with Knight Ridder. I'd like to stay on > the same issue, and that had to do with the standard by > which you use to target your wiretaps. I'm no lawyer, but my > understanding is that the Fourth Amendment of the > Constitution specifies that you must have probable cause to > be able to do a search that does not violate an American's > right against unlawful searches and seizures. Do you use -- > > HAYDEN: No, actually -- the Fourth Amendment actually > protects all of us against unreasonable search and > seizure. That's what it says. > > Q: But the measure is probable cause, I believe. > > HAYDEN: The amendment says unreasonable search and seizure. > > Q: But does it not say probable ... > > HAYDEN: No. The amendment says unreasonable search and > seizure... Just to be very clear -- and believe me, if > there's any amendment to the Constitution that employees of > the National Security Agency are familiar with, it's the > Fourth. And it is a reasonableness standard in the Fourth > Amendment. And so what you've raised to me -- and I'm not a > lawyer, and don't want to become one -- what you've raised > to me is, in terms of quoting the Fourth Amendment, is an > issue of the Constitution. The constitutional standard is > "reasonable." And we believe -- I am convinced that we are > lawful because what it is we're doing is reasonable." > > And here is the fourth amendment: > > The right of the people to be secure in their persons, > houses, papers, and effects, against unreasonable searches > and seizures, shall not be violated, and no Warrants shall > issue, but upon probable cause, supported by Oath or > affirmation, and particularly describing the place to be > searched, and the persons or things to be seized. > > The trick is this -- "probable cause" is only needed to get > a warrant for a search, so if you forgo asking for a > warrant to be issued, you are home free. Slam dunk. This > Law stuff is pretty neat. > > > > ------------------------------------- > You are subscribed as djweitzner at csail.mit.edu > To manage your subscription, go to > http://v2.listbox.com/member/?listname=ip > > Archives at: http://www.interesting-people.org/archives/interesting- > people/ ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From stevenstevensteven at yahoo.com Tue Jan 24 11:11:01 2006 From: stevenstevensteven at yahoo.com (Steven) Date: January 24, 2006 11:11:01 PM EST Subject: NYT: "Internet Users Thinking Twice Before a Search" Message-ID: Excerpt from NYT story: "But the government's move is one of several recent episodes that have caused some people to think twice about the information they type into a search engine, or the opinions they express in an e- mail message." What was it Thomas Paine said..... "When the people fear the government, you have tyranny. When the government fears the people, you have freedom." -------------- NYTimes.com January 25, 2006 Internet Users Thinking Twice Before a Search By KATIE HAFNER Kathryn Hanson, a former telecommunications engineer who lives in Oakland, Calif., was looking at BBC News online last week when she came across an item about a British politician who had resigned over a reported affair with a "rent boy." It was the first time Ms. Hanson had seen the term, so, in search of a definition, she typed it into Google. As Ms. Hanson scrolled through the results, she saw that several of the sites were available only to people over 18. She suddenly had a frightening thought. Would Google have to inform the government that she was looking for a rent boy - a young male prostitute? Ms. Hanson, 45, immediately told her boyfriend what she had done. "I told him I'd Googled 'rent boy,' just in case I got whisked off to some Navy prison in the dead of night," she said. Ms. Hanson's reaction arose from last week's reports that as part of its effort to uphold an online pornography law, the Justice Department had asked a federal judge to compel Google to turn over records on millions of its users' search queries. Google is resisting the request, but three of its competitors - Yahoo, MSN and America Online - have turned over similar information. [snip] The full story can be found at: http://tinyurl.com/dgy9k Steven Hertzberg ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From camera_lumina at hotmail.com Tue Jan 24 08:25:33 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Tue, 24 Jan 2006 11:25:33 -0500 Subject: RentaCops in Public Spaces? In-Reply-To: <20060124003916.GA25249@arion.hive> Message-ID: >That's easy enough. Grab a gun, sweat pants, hooded jacket, ski mask, >gloves, and lurk outside some isolated fine dining establishment. If >your (loyal) taxpayers complain about taxation without representation, >accuse them of being unpatriotic, and offer them a chance to vote on who >you mug next. Sounds like a plan. Any other Cypherpunks sick of this crypto-anarchy bullshit and wanna get in on the next new government? Don't miss out: early joiners get a higher share of the taxes. -TD From eugen at leitl.org Tue Jan 24 05:40:43 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 24 Jan 2006 14:40:43 +0100 Subject: [dave@farber.net: [IP] Hayden on NSA program] Message-ID: <20060124134043.GT2301@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Tue Jan 24 05:55:31 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 24 Jan 2006 14:55:31 +0100 Subject: [mv@cdc.gov: Al Q's anonymous comms] In-Reply-To: <20060123200318.X49021@ubzr.zsa.bet> References: <20060122182452.GF2301@leitl.org> <20060123030649.R49021@ubzr.zsa.bet> <20060123092646.GP2301@leitl.org> <20060123200318.X49021@ubzr.zsa.bet> Message-ID: <20060124135531.GV2301@leitl.org> On Mon, Jan 23, 2006 at 08:05:30PM -0600, J.A. Terranson wrote: > Is this really a possibility? I thought CP was in it's final spiral - no > new anything. The traffic gets less and less every day. Even Choate is > gone. There are issues at play here: loss of subscribers due to spam flood on the unfiltered nodes (public archives were full of noise), and the general decline of email communication due to a culture shift (new kids do SMS, IM and web fora, not email). There are some well-managed lists full of oldtimers which manage to do just fine, though. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Tue Jan 24 05:57:08 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 24 Jan 2006 14:57:08 +0100 Subject: [dave@farber.net: [IP] More on Hayden on NSA program] Message-ID: <20060124135708.GW2301@leitl.org> ----- Forwarded message from David Farber ----- From coderman at gmail.com Tue Jan 24 16:27:16 2006 From: coderman at gmail.com (coderman) Date: Tue, 24 Jan 2006 16:27:16 -0800 Subject: NSA: REDACTING WITH CONFIDENCE Message-ID: <4ef5fec60601241627x4f96de1bkd83ca15fafcce56f@mail.gmail.com> damn, i liked those leaky document formats. more than meets the eye indeed... http://www.fas.org/sgp/news/secrecy/2006/01/012006.html ---c--- NSA: REDACTING WITH CONFIDENCE The National Security Agency has issued new guidance to assist officials in redacting (censoring) documents in Microsoft Word format and producing unclassified Adobe Portable Document (PDF) files without inadvertently disclosing sensitive information. "MS Word is used throughout the DoD and the Intelligence Community (IC) for preparing documents, reports, notes, and other formal and informal materials. PDF is often used as the format for downgraded or sanitized documents." "There are a number of pitfalls for the person attempting to sanitize a Word document for release." For example, "As numerous people have learned to their chagrin, merely converting an MS Word document to PDF does not remove all [sensitive] metadata automatically." "This paper describes the issue, and gives a step-by-step description of how to do it with confidence that inappropriate material will not be released." See "Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF," National Security Agency, December 13, 2005: http://www.fas.org/sgp/othergov/dod/nsa-redact.pdf --- From rah at shipwright.com Tue Jan 24 13:32:23 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 24 Jan 2006 16:32:23 -0500 Subject: [Clips] The War on Sedition Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Tue, 24 Jan 2006 16:27:34 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] The War on Sedition Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Reason: February 2006 The War on Sedition "Anglosphere" allies crack down on speech in the name of fighting terror. Matt Welch If Australian Prime Minister John Howard gets his way, citizens down under will soon face seven years in prison if they are convicted of "sedition." That's not entirely new-sedition laws have been on the country's books for at least 40 years-but the proposed legislation more than doubles the penalty. It also expands the definition of criminal speech to include "assist[ing], by any means whatever, an organisation or country at war with the Commonwealth, whether or not the existence of a state of war has been declared." What comprises such "assistance," and how on earth do you know when an organization is at "war with the Commonwealth" in the absence of a declaration to that effect? The answers are not clear, even after one very heated month of public debate and outcry. "Taking the puff out of someone in a cartoon, or puncturing an ego in a play, is a vastly different proposition from encouraging impressionable young people to become suicide bombers, or inciting violence against our soldiers," Howard wrote in a November 28 Melbourne Herald Sun op-ed piece, during a week in which he had to face down a rebellion by legislators from his own party who objected to the sedition provisions of his signature counter-terrorism package. "The distinctions are not blurred, they are as stark as the difference between day and night. What will not be tolerated will be actions or words designed to harm Australian troops [or] language designed to incite action against our troops in Iraq." Australia wasn't the only English-speaking American ally to put the squeeze on speech last November in the name of fighting Islamic terrorism. At the seat of the monarchy that-on paper, anyway-still reigns over the former penal colony, Prime Minister Tony Blair pushed through by a single vote legislation outlawing the "glorification of terrorism," defined as speaking or publishing words that would encourage the "commission, preparation or instigation of acts of terrorism." This measure came on the heels of another Blair bill, also passed by the House of Commons, outlawing "inciting religious hatred." In the United States, thankfully, you can glorify terrorism every day. As you read this, thousands of college kids and even toddlers are walking around in T-shirts bearing the iconic image of the terrorist Che Guevara without fear of being tackled by cops. Last year I attended a Hoboken fundraiser for the city's annual St. Patrick's Day parade in which the band played several songs glorifying the Irish Republican Army (including "I'm Backin' the IRA!"); no one was led away in handcuffs. Indeed, the audience was full of policemen, politicians, and other Irish Americans who have long sent material and moral support to an organization that has murdered hundreds of civilians. Ward Churchill, professor of ethnic studies at the University of Colorado at Boulder, announced last year that "fragging an officer" by rolling a grenade into his tent "has a much more impactful effect" than mere "conscientious objection." He has not been jailed. We tolerate this kind of talk because the American Founders were hyper-conscious of the thick line separating word from deed. They so strongly believed the government had no business passing laws restricting political speech that they dedicated the very first article of the Bill of Rights to protecting this most elemental of liberties. Two hundred and sixteen years of practical experience with this free speech-however curtailed it has been, whether through Woodrow Wilson's sedition laws during World War I or John McCain's more recent restrictions on political campaigning-have given the average American a unique insight: that letting people rubbish the government, even to the point of advocating its overthrow, serves as an important pressure valve, allowing dark ideas to be exhumed, debated, and shot down openly, rather than left to fester in the shadows. The Brits don't share this ethic, partly because they never got around to writing a constitution. The Australians managed the constitution part but left out the whole Bill of Rights thing. Freedom of speech, the Australian journalist Tim Blair tells me, is more "implied" than codified. The implication in both countries is more than just a lack of legal safeguards against a speech-restricting government. British libel laws are notorious for placing the burden of proof on the accused instead of the plaintiff. "Libel tourism" is a growth industry, as Saudi princes and American celebrities try to harass global newspapers or publishing companies into printing retractions or quashing U.K. releases of American books, such as Craig Unger's House of Bush, House of Saud or Rachel Ehrenfeld's similarly Saudi-bashing Funding Evil. The Australians are "somewhere between the U.K. and the U.S." on libel, says Blair, who is the assistant news editor of The Bulletin. Lacking a constitutional framework, each province sets its own libel and slander rules, the result of which is that every national publication has to operate as if it were governed by the lowest-common-denominator regulations of Queensland, where truth is not an absolute defense, if a court finds the published information lacks sufficient "public interest." This situation leads to the kind of libel-proof euphemisms that make Australian and British newspapers occasionally incomprehensible to Yanks. Instead of "organized crime lord," Blair explains, you have "colorful racing identity"; editors expect readers to understand that a "tired and emotional" celebrity was actually "shitfaced drunk." So the surprise is not that Prime Ministers Howard and Blair (from the right-wing Liberal Party and left-wing Labour Party, respectively) have sought to limit speech in the name of fighting terrorism. It's that their respective legislatures, newspapers, and populations have fought their proposals with such vigor. In London, Blair's counterterrorism package has been his least successful legislation in three terms and nine years as prime minister. In mid-November, the House of Commons gave him his first-ever defeat, when Labour Party backbenchers defected to vote down Blair's proposal to lock up suspected terrorists for 90 days without charge. A few weeks before, the House of Lords-once a rubber-stamp hereditary body of eccentrics, since reformed by Blair into a more meritocratic and relevant legislature-had restricted the prime minister's ban on "inciting religious hatred" by forcing prosecutors to prove malicious intent and adding a provision recognizing the right to "ridicule, insult, or abuse" other religions. At press time, the House of Lords was threatening to scotch Blair's "glorification of terrorism" law altogether. "We need not to worry so much about the loudmouths," the former Conservative cabinet member and cur-rent Lord Douglas Hurd told reporters, sounding very much like an American, "as about the quiet acts of subversion and training by dangerous people, up and down the country, who on the whole keep their mouths shut." In Australia every major newspaper has squealed in outrage at Howard's sedition laws; the bipartisan Senate Constitutional Committee recommended in late November that they be excised from Howard's anti-terrorism package; and now the successful four-term prime minister faces a rare open revolt from within the ranks of his own party. "There is no doubt," Constitutional Committee Chairwoman Marise Payne, a Liberal Party member, told the Australian Parliament, "that they are a very serious incursion into the way in which we currently expect to be able to live our lives in Australia." In many unhappy ways, the free speech traditions of England and the Commonwealth are more in tune with the nervous, fussy bureaucrats of Europe (where wearing religious insignia to school, or insulting Islam, is frequently illegal) than with their loose-lipped cousins in the New World. But the surprising opposition to November's bogus liberty-for-security trades suggests that there might be something to this "Anglosphere" stuff after all. Matt Welch is associate editor of Reason -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From s.schear at comcast.net Tue Jan 24 16:38:37 2006 From: s.schear at comcast.net (Steve Schear) Date: Tue, 24 Jan 2006 16:38:37 -0800 Subject: [Clips] Constitutional Spying In-Reply-To: References: Message-ID: <6.0.1.1.0.20060124163008.03c373c8@mail.comcast.net> > Obviously there is no neat solution to the problem of power and > responsibility. However, as Winston Churchill said about democracy itself, > the system of discretion and oversight the Constitution establishes is the > worst possible solution-except for all others that have been tried. There may be a solution but it requires a change in government structure. For anyone who has looked, there does not appear to be any democracies that followed the American system after The Southern Rebellion and Lincoln's misbehaviors. They all chose parliamentary systems where the elected leader is subject to a vote of 'no confidence' for removal (a process more akin to a civil trial than impeachment which is the equivalent of a criminal conviction). Steve From eugen at leitl.org Tue Jan 24 07:40:29 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 24 Jan 2006 16:40:29 +0100 Subject: [dave@farber.net: [IP] More on Hayden on NSA program] Message-ID: <20060124154029.GC2301@leitl.org> ----- Forwarded message from David Farber ----- From rah at shipwright.com Tue Jan 24 14:15:55 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 24 Jan 2006 17:15:55 -0500 Subject: [Clips] Gonzales Crushes Arguments Against NSA's International Surveillance Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Tue, 24 Jan 2006 16:32:44 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Gonzales Crushes Arguments Against NSA's International Surveillance Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Power Line + CRIMES OF THE TIMES | MAIN JANUARY 24, 2006 GONZALES CRUSHES ARGUMENTS AGAINST NSA'S INTERNATIONAL SURVEILLANCE This morning, Attorney General Alberto Gonzales participated in a debate at Georgetown University's law school on the NSA's international surveillance program. Gonzales did an excellent job of spelling out the reasons why the program is not only necessary, but legal. You can read Gonzales' prepared text here; what follows are some key excerpts: A word of caution here. This remains a highly classified program. It remains an important tool in protecting America. So my remarks today speak only to those activities confirmed publicly by the President, and not to other purported activities described in press reports. These press accounts are in almost every case, in one way or another, misinformed, confusing, or wrong. No surprise there. I've noticed that through all of the noise on this topic, very few have asked that the terrorist surveillance program be stopped. The American people are, however, asking two important questions: Is this program necessary? And is it lawful? The answer to each is yes. An important point: very few of the progam's liberal critics are actually willing to take responsibility for calling for the termination of the NSA international surveillance program. They know what would happen if the program were in fact terminated, and an attack ensued. The conflict against al Qaeda is, in fundamental respects, a war of information. We cannot build walls thick enough, fences high enough, or systems strong enough to keep our enemies out of our open and welcoming country. Instead, as the bipartisan 9/11 and WMD Commissions have urged, we must understand better who they are and what they're doing - we have to collect more dots, if you will, before we can "connect the dots." This program to surveil al Qaeda is a necessary weapon as we fight to detect and prevent another attack before it happens. Didn't that "collect the dots" theme originate on the internet? I think so. [F]rom the outset, the Justice Department thoroughly examined this program against al Qaeda, and concluded that the President is acting within his power in authorizing it. These activities are lawful. The Justice Department is not alone in reaching that conclusion. Career lawyers at the NSA and the NSA's Inspector General have been intimately involved in reviewing the program and ensuring its legality. The terrorist surveillance program is firmly grounded in the President's constitutional authorities. *** It has long been recognized that the President's constitutional powers include the authority to conduct warrantless surveillance aimed at detecting and preventing armed attacks on the United States. Presidents have uniformly relied on their inherent power to gather foreign intelligence for reasons both diplomatic and military, and the federal courts have consistently upheld this longstanding practice. If this is the case in ordinary times, it is even more so in the present circumstances of our armed conflict with al Qaeda and its allies. As I've said many times, I think this is the key point that must be made again and again. It is supported by at least five federal appellate court decisions. How many such decisions are there on the other side? Zero. Gonzales continues: The President's authority to take military action-including the use of communications intelligence targeted at the enemy-does not come merely from his inherent constitutional powers. It comes directly from Congress as well. He goes on to discuss the Authorization for the Use of Military Force and the Hamdi decision. Most of that discussion is good, but he stumbles by referring to Justice Jackson's confused concurrence in the Youngstown steel mill seizure case. When I have time, I'm going to write a fuller explanation of why Jackson's tripartite theory is not just unhelpful, but wrong. Gonzales supplies some historical perspective: [A]s long as electronic communications have existed, the United States has conducted surveillance of those communications during wartime-all without judicial warrant. In the Civil War, for example, telegraph wiretapping was common, and provided important intelligence for both sides. In World War I, President Wilson ordered the interception of all cable communications between the United States and Europe; he inferred the authority to do so from the Constitution and from a general congressional authorization to use military force that did not mention anything about such surveillance. So too in World War II; the day after the attack on Pearl Harbor, President Roosevelt authorized the interception of all communications traffic into and out of the United States. The terrorist surveillance program, of course, is far more focused, since it involves only the interception of international communications that are linked to al Qaeda or its allies. Gonzales continues with the best discussion of FISA I've seen by an administration spokesman: Some contend that even if the President has constitutional authority to engage in the surveillance of our enemy in a time of war, that authority has been constrained by Congress with the passage in 1978 of the Foreign Intelligence Surveillance Act. *** For purposes of this discussion, because I cannot discuss operational details, I'm going to assume here that intercepts of al Qaeda communications under the terrorist surveillance program fall within the definition of "electronic surveillance" in FISA. Interesting. As I've said before, I assume that this must be true, or else the administration would make the point that FISA has no application to the international surveillance in question. Even saying that much, however, could tip the terrorists off as to what categories of communications are being intercepted and whether the NSA is using facilities located abroad or in the U.S., distinctions on which FISA's definition of "electronic surveillance" can turn. The FISA Court of Review, the special court of appeals charged with hearing appeals of decisions by the FISA court, stated in 2002 that, quote, "[w]e take for granted that the President does have that [inherent] authority" and, "assuming that is so, FISA could not encroach on the President's constitutional power." We do not have to decide whether, when we are at war and there is a vital need for the terrorist surveillance program, FISA unconstitutionally encroaches - or places an unconstitutional constraint upon - the President's Article II powers. We can avoid that tough question because Congress gave the President the Force Resolution, and that statute removes any possible tension between what Congress said in 1978 in FISA and the President's constitutional authority today. I agree with that last point, but I also think it is vital to insist that Congress has no power to restrict the President's constitutional authority, any more than the President can detract from Congress's constitutional powers by issuing an executive order. Gonzales makes several cogent points about FISA; I haven't seen this one before: You may have heard about the provision of FISA that allows the President to conduct warrantless surveillance for 15 days following a declaration of war. That provision shows that Congress knew that warrantless surveillance would be essential in wartime. But no one could reasonably suggest that all such critical military surveillance in a time of war would end after only 15 days. Instead, the legislative history of this provision makes it clear that Congress elected NOT TO DECIDE how surveillance might need to be conducted in the event of a particular armed conflict. Congress expected that it would revisit the issue in light of events and likely would enact a special authorization during that 15-day period. That is exactly what happened three days after the attacks of 9/11, when Congress passed the Force Resolution, permitting the President to exercise "all necessary and appropriate" incidents of military force. Thus, it is simply not the case that Congress in 1978 anticipated all the ways that the President might need to act in times of armed conflict to protect the United States. FISA, by its own terms, was not intended to be the last word on these critical issues. Gonzales makes the familiar argument that the Authorization for the Use of Military Force constitutes an "authoriz[ation] by statute" that makes the current wartime surveillance an exception to FISA. He goes on to address the 72-hour emergency provision of FISA, on which leftists have put so much weight: Some have pointed to the provision in FISA that allows for so-called "emergency authorizations" of surveillance for 72 hours without a court order. There's a serious misconception about these emergency authorizations. People should know that we do not approve emergency authorizations without knowing that we will receive court approval within 72 hours. FISA requires the Attorney General to determine IN ADVANCE that a FISA application for that particular intercept will be fully supported and will be approved by the court before an emergency authorization may be granted. That review process can take precious time. Thus, to initiate surveillance under a FISA emergency authorization, it is not enough to rely on the best judgment of our intelligence officers alone. Those intelligence officers would have to get the sign-off of lawyers at the NSA that all provisions of FISA have been satisfied, then lawyers in the Department of Justice would have to be similarly satisfied, and finally as Attorney General, I would have to be satisfied that the search meets the requirements of FISA. And we would have to be prepared to follow up with a full FISA application within the 72 hours. A typical FISA application involves a substantial process in its own right: The work of several lawyers; the preparation of a legal brief and supporting declarations; the approval of a Cabinet-level officer; a certification from the National Security Adviser, the Director of the FBI, or another designated Senate-confirmed officer; and, finally, of course, the approval of an Article III judge. So the FISA "emergency" process would require days, at a minimum, and perhaps weeks, to complete; and it must be completed before surveillance can begin. Thinking about this reminded me of the fact that the NSA actually picked up two electronic communications on September 10, 2001, which countless liberal web sites have pointed to as evidence of malfeasance or worse on the part of the administration. Here is how General Michael Hayden described those two intercepts in his testimony before the Senate Intelligence Committee: There is one other area in our pre-September 11th performance that has attracted a great deal of public attention. In the hours just prior to the attacks, NSA did obtain two pieces of information suggesting that individuals with terrorist connections believed something significant would happen on September 11th. This information did not specifically indicate an attack would take place on that day. It did not contain any details on the time, place, or nature of what might happen. It also contained no suggestion of airplanes being used as weapons. Because of the processing involved, we were unable to report the information until September 12th. Now, consider this. What would happen if the President had not authorized the international surveillance program after September 11, and instead had relied solely on FISA, and the following events were to take place: the NSA obtains information that an al Qaeda operative overseas is planning a nuclear attack in conjunction with a cell inside the United States. The NSA decides to intercept all communications between the overseas al Qaeda operative and individuals located inside the U.S.; but first, it must obtain multiple layers of approval from lawyers and assemble all of the information needed to complete a FISA application. It begins that process, but the next day, while NSA is still working on getting the necessary approvals, a nuclear device levels much of Washington, D.C. Suppose that disaster had happened a year ago. How do you think the surviving Democrats would have responded? Do you think they would have praised the administration for refusing to go outside the bounds of FISA's procedures? Or do you think they would have denounced President Bush and his administration as the most irresponsible, feckless and ineffective officials to control the executive branch since James Buchanan? I think the latter. And you know what? They would have had a point. Posted by John at 12:48 PM -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jan 24 14:48:14 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 24 Jan 2006 17:48:14 -0500 Subject: [Clips] Gonzales Says NSA Criticism Misleading Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Tue, 24 Jan 2006 17:45:26 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Gonzales Says NSA Criticism Misleading Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Return to the referring page. Las Vegas SUN Today: January 24, 2006 at 11:56:13 PST Gonzales Says NSA Criticism Misleading By PETE YOST ASSOCIATED PRESS WASHINGTON (AP) - Attorney General Alberto Gonzales defended the Bush administration's domestic spying program Tuesday and suggested that some critics and news reports have misled Americans about the breadth of the National Security Agency's surveillance. Gonzales said the warrantless surveillance is critical to prevent another terrorist attack within the United States and falls within President Bush's constitutional authority and the powers granted by Congress immediately following the Sept. 11, 2001 terrorist attacks. At a Georgetown Law School Forum, Gonzales said the nation needs "to remember that ... it's imperative for national security reasons that we can detect reliably, immediately and without delay" any al-Qaida related communication entering or leaving the United States. As he spoke, more than a dozen students stood silently with their backs turned to the attorney general. Outside the classroom where Gonzales was to speak, a pair of protesters held up a sheet that said, "Don't torture the Constitution." Gonzales cautioned his listeners about critics and journalists who have mischaracterized details about the program. "Unfortunately, they have caused concern over the potential breadth of what the President has actually authorized," he said. The attorney general's appearance at the law school is part of a campaign by the Bush administration to overcome criticism, often by attempting to redefine the program. On Monday at Kansas State University, Bush said the program should be termed a "terrorist surveillance program" and contended it has the backing of legal experts, key lawmakers and the Supreme Court. But some members of Congress from both parties have questioned whether the warrantless snooping is legal. And many Democrats along with a number of legal experts say flatly that Bush has broken the law and has committed an impeachable offense. Last week, Gonzales sent leaders of Congress a 42-page legal defense of warrantless eavesdropping which suggests that the Foreign Intelligence Surveillance Act is unconstitutional if it prevents the NSA's warrantless eavesdropping. The National Security Agency program bypassed the special FISA court Congress established in 1978 to approve or reject secret surveillance or searches of foreigners and U.S. citizens suspected of terrorism or espionage. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Jan 24 14:48:15 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 24 Jan 2006 17:48:15 -0500 Subject: [Clips] Impeachment hearings: The White House prepares for the worst Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Tue, 24 Jan 2006 17:47:40 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Impeachment hearings: The White House prepares for the worst Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Insight Issue Date: January 23-29, 2006, Posted On: 1/23/2006 Impeachment hearings: The White House prepares for the worst President Bush waved to the press on Jan. 22 after returning to the White House from Camp David. (Susan Walsh/Associated Press) The Bush administration is bracing for impeachment hearings in Congress. "A coalition in Congress is being formed to support impeachment," an administration source said. Sources said a prelude to the impeachment process could begin with hearings by the Senate Judiciary Committee in February. They said the hearings would focus on the secret electronic surveillance program and whether Mr. Bush violated the 1978 Foreign Intelligence Surveillance Act. Administration sources said the charges are expected to include false reports to Congress as well as Mr. Bush's authorization of the National Security Agency to engage in electronic surveillance inside the United States without a court warrant. This included the monitoring of overseas telephone calls and e-mail traffic to and from people living in the United States without requisite permission from a secret court. Sources said the probe to determine whether the president violated the law will include Republicans, but that they may not be aware they could be helping to lay the groundwork for a Democratic impeachment campaign against Mr. Bush. "Our arithmetic shows that a majority of the committee could vote against the president," the source said. "If we work hard, there could be a tie." The law limits the government surveillance to no more than 72 hours without a court warrant. The president, citing his constitutional war powers, has pledged to continue wiretaps without a warrant. The hearings would be accompanied by several lawsuits against the administration connected to the surveillance program. At the same time, the Electronic Privacy Information Center has filed a Freedom of Information Act lawsuit that demands information about the NSA spying. Sen. Arlen Specter, Senate Judiciary Committee chairman and Pennsylvania Republican, has acknowledged that the hearings could conclude with a vote of whether Mr. Bush violated the law. Mr. Specter, a critic of the administration's surveillance program, stressed that, although he would not seek it, impeachment is a possible outcome. "Impeachment is a remedy," Mr. Specter said on Jan. 15. "After impeachment, you could have a criminal prosecution. But the principal remedy under our society is to pay a political price." Mr. Specter and other senior members of the committee have been told by legal constitutional experts that Mr. Bush did not have the authority to authorize unlimited secret electronic surveillance. Another leading Republican who has rejected the administration's argument is Sen. Sam Brownback of Kansas. On Jan. 16, former Vice President Al Gore set the tone for impeachment hearings against Mr. Bush by accusing the president of lying to the American people. Mr. Gore, who lost the 2000 election to Mr. Bush, accused the president of "indifference" to the Constitution and urged a serious congressional investigation. He said the administration decided to break the law after Congress refused to change the Foreign Intelligence Surveillance Act. "A president who breaks the law is a threat to the very structure of our government," Mr. Gore said. "I call upon members of Congress in both parties to uphold your oath of office and defend the Constitution," he said. "Stop going along to get along. Start acting like the independent and co-equal branch of American government that you are supposed to be under the constitution of our country." Impeachment proponents in Congress have been bolstered by a memorandum by the Congressional Research Service on Jan. 6. CRS, which is the research arm of Congress, asserted in a report by national security specialist Alfred Cumming that the amended 1947 law requires the president to keep all members of the House and Senate intelligence committees "fully and currently informed" of a domestic surveillance effort. It was the second CRS report in less than a month that questioned the administration's domestic surveillance program. The latest CRS report said Mr. Bush should have briefed the intelligence committees in the House and Senate. The report said covert programs must be reported to House and Senate leaders as well as the chairs of the intelligence panels, termed the "Gang of Eight." Administration sources said Mr. Bush would wage a vigorous defense of electronic surveillance and other controversial measures enacted after 9/11. They said the president would begin with pressure on Republican members of the Senate Judiciary Committee. Mr. Bush would then point to security measures taken by the former administration of President Bill Clinton. "The argument is that the American people will never forgive any public official who knowingly hurts national security," an administration source said. "We will tell the American people that while we have done everything we can to protect them, our policies are being endangered by a hypocritical Congress." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From zisvvg at hotmail.com Tue Jan 24 13:58:20 2006 From: zisvvg at hotmail.com (Aubrey Salter) Date: Tue, 24 Jan 2006 23:58:20 +0200 Subject: Wow..Mens Love This QE Message-ID: The Only Clinically Tested Penis N-largement Pills that works.. - add 1-4 inches to your peniis - 20% thicker - 5x more enjoyable orgasm - or your monneyy back without question ask! Join miilliions of delighted users which has been benefited with "Thunder". http://thunder14.myherb.biz H27Z3 From ryrivard at gmail.com Wed Jan 25 05:08:15 2006 From: ryrivard at gmail.com (Ry Rivard) Date: January 25, 2006 5:08:15 AM EST Subject: Anti-terrorism software that balances privacy and security? Message-ID: Dave, This seems interesting, but I'm skeptical about phrases like "mathematically proven to be impossible to reverse-engineer." If someone can explain this, that would be helpful. It seems either remarkable, somewhat exactly what already exists minus the impenetrability claim, or terribly over-hyped, or dangerous. _________________ Anti-terrorism software claims to balance privacy and security By BJS Created 01/24/2006 - 13:42 The government's ability to balance the privacy concerns of lawful U.S. citizens with effective monitoring of potential terrorists has proven an increasingly difficult task, particularly in recent months. But a landmark software development by researchers at UCLA's Henry Samueli School of Engineering and Applied Science may ease some of these privacy concerns by making the tracking of terrorist communications over the Internet more efficient, and more targeted, than ever before. UCLA Engineering professor Rafail Ostrovsky and graduate researcher William Skeith have developed a new method to mine potential terrorist-related communications that essentially narrows down the data to only those documents that fit pre-set, secret criteria chosen by intelligence agencies. The new approach filters down the information from billions of communications to just those deemed essential ??? discarding communications from law-abiding citizens before they ever reach the intelligence community. That means lawful U.S. citizens who don't fit the parameters are automatically ruled out. The truly revolutionary facet of the technology is that it is a new and powerful example of a piece of code that has been mathematically proven to be impossible to reverse-engineer. In other words, it can't be analyzed to figure out its components, construction and inner workings, or reveal what information it's collecting and what information it's discarding ??? it won't give up its secrets. It can't be manipulated or turned against the user. Because the code cannot be analyzed, terrorists using the Internet to communicate will never know if the filter has pinpointed their data or not. For those seeking to thwart terrorism, this development means less data to store and wade through in a secure setting, and, ultimately, the ability to react more quickly, without fear of exposing top-secret search criteria and tipping off the terrorists. ..."Gathering data can be costly and time-consuming for intelligence agencies. All of the potential data must first be pulled offline into a trusted and classified environment, and then painstakingly sifted through," Ostrovsky said. "With this new technology, based on highly esoteric mathematics, the software can be distributed to many machines on the Internet, not necessarily trusted or highly secure. The software works by analyzing all of the data and then having the appearance of putting all the data into a 'secure box.' A secret filter inside the box dismisses some data as useless and collects only relevant data according to the confidential criteria that can be programmed into the software. And because it's all done inside encrypted code, it's not apparent which, if any, of the data has been selected and kept, except by the person who has deployed the filter and has the decryption key." The filter criteria can be reset as often as intelligence analysts deem necessary to keep up with the changing terminology of terrorists. "While a savvy person may be able to tell that the program is running in the background, they will not be able to tell what data is being selected," Ostrovsky explained. "For example, even if Al Qaeda had an extremely knowledgeable programmer and, say, they steal a laptop with this program, they would not be able to figure out which documents were selected and kept inside the 'secure box' and which were not. By distributing this software all over the Internet to providers and network administrators, you can easily monitor a huge data flow in a distributed, cost-efficient manner, and choose only those documents that look promising based on your secret criteria. The filter cannot be broken in the same sense that one cannot crack time???tested public???key encryption functions such as those already used for Internet commerce and banking applications. In that aspect, it's essentially a bullet-proof technology." ...Ostrovsky, who also directs the Center of Information and Computation Security at the school, said, "There have to be checks and balances. Like any tool, technology can be used for good or bad. I view this research as a new and viable way to combat terrorism that can also strike a balance with the need for strong privacy protections for ordinary citizens. It's an efficient data???gathering technology against the bad guys. In that sense, it could be an exciting new tool in the U.S. Department of Defense's arsenal against terror." The technology also has other potential privacy-enhancing applications. In addition to its use online, it also could be used by physicians wishing to search patient records for certain medical conditions while maintaining the patient's privacy from other workers in the office, among other functions. The researchers already have filed a patent on the work. For more information contact Melissa Abraham mabraham at support.ucla.edu Phone: 310-206-0540 Source URL: http://www.scienceblog.com/cms/anti- terrorism_software_claims_to_balance_privacy_and_security_9862 -- Ry Rivard http://braxtonian.com ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From DillonHelmsstratton at hartmutschuster.de Wed Jan 25 02:46:15 2006 From: DillonHelmsstratton at hartmutschuster.de (Benny Duffy) Date: Wed, 25 Jan 2006 06:46:15 -0400 Subject: something new Irma Message-ID: <3DF4FB83.83004@ubp.edu.ar> Did you heard about new generation of Ciialiss and Viaagraa: Ciaaliis SOFT Viiagrra SOFT We are the very first shop who offer them online!!! You`ll be suprised with the results. Give your woman a pleasure she deserves, visit us here: http://oishuqjwswndlvlev08q1dqq1d8qq.ledib.com regime you chart me, featherbed merle carrara prey . petrify you dewar me, moor curvilinear void . linger you antwerp me, newcomer trichloroacetic . helix you peritectic me, incisive . [2 From dave at farber.net Wed Jan 25 04:46:08 2006 From: dave at farber.net (David Farber) Date: Wed, 25 Jan 2006 07:46:08 -0500 Subject: [IP] NYT: "Internet Users Thinking Twice Before a Search" Message-ID: Begin forwarded message: From dave at farber.net Wed Jan 25 04:56:16 2006 From: dave at farber.net (David Farber) Date: Wed, 25 Jan 2006 07:56:16 -0500 Subject: [IP] Anti-terrorism software that balances privacy and security? Message-ID: Begin forwarded message: From sowell.suzanvkl at gmail.com Tue Jan 24 18:15:51 2006 From: sowell.suzanvkl at gmail.com (Rosemarie Sanderson) Date: Wen, 25 Jan 2006 10:15:51 +0800 Subject: Refinance your home with us Message-ID: <200601251815.k0PIFrC2007338@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1527 bytes Desc: not available URL: From eugen at leitl.org Wed Jan 25 04:57:56 2006 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 25 Jan 2006 13:57:56 +0100 Subject: [dave@farber.net: [IP] Anti-terrorism software that balances privacy and security?] Message-ID: <20060125125756.GL2301@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Wed Jan 25 04:58:41 2006 From: eugen at leitl.org (Eugen Leitl) Date: Wed, 25 Jan 2006 13:58:41 +0100 Subject: [dave@farber.net: [IP] NYT: "Internet Users Thinking Twice Before a Search"] Message-ID: <20060125125841.GM2301@leitl.org> ----- Forwarded message from David Farber ----- From cimxr at hovtek.com.au Wed Jan 25 00:51:44 2006 From: cimxr at hovtek.com.au (Linwood Jackson) Date: Wed, 25 Jan 2006 14:51:44 +0600 Subject: Secret to attracting beautiful women! Message-ID: <075601141618.AA1489866@client.comcast.net> Don't you wish you could attract all the most gorgeous women around you each day? Its easier then you think. A few dabs of Ultra Allure Pheromones will have women fighting over you! More info: http://www.wasmacrent.biz/ph/?77 bewitch you eleventh me, yogi heigh . skirmish you hetty me, stevedore discriminatory delouse money . offset you ceq me, sightseer tva . dilution you angeline me, dart kingdom verge . bessel you causal me, bonneville exchequer conscription libretto . ramrod you autocratic me, countryman lana . wasmacrent.biz/u.php From hal.finney at gmail.com Wed Jan 25 15:52:49 2006 From: hal.finney at gmail.com (Hal Finney) Date: Wed, 25 Jan 2006 15:52:49 -0800 Subject: [dave@farber.net: [IP] Anti-terrorism software that balances privacy and security?] In-Reply-To: <20060125125756.GL2301@leitl.org> References: <20060125125756.GL2301@leitl.org> Message-ID: This was discussed at Crypto last year - it was a pretty cool result. Basically it uses "computing on encrypted instances" technology. A filter site runs (potentially) open-source software which is looking for certain key words and saving messages that match; but the site can't tell which exact words are being searched for, and it can't tell when they get matched. However it's not quite as amazing as it sounds. There is a long list of all possible words, that are stored in the clear. Then there is an encrypted bit mask that tells which of these words the security agency is searching for. The open software compares each message against each word and creates a bit mask of which ones match. Then it does some fancy crypto to compare this bit mask with the encrypted one, and compute an encrypted 1 or 0 as to whether the message matched one of the words of interest. It then multiplies this encrypted 1 or 0 by the message, getting either an encryption of the message or zero, and adds this into an encrypted buffer. More tricks are used to keep messages from overwriting each other in the buffer, given that the filter software doesn't know when it is writing meaningful data or just an encrypted zero. All in all it was a clever idea but suffered from two problems. The first is that it would be computationally expensive; each operation requires a lot of exponentiations. And the second is that the word list is public, so even though you don't know exactly which words from the list are of interest, you (and the bad guys) would be able to see all the words they might be searching for, which could be a security leak. Hal On 1/25/06, Eugen Leitl wrote: > ----- Forwarded message from David Farber ----- > > From: David Farber > Date: Wed, 25 Jan 2006 07:56:16 -0500 > To: ip at v2.listbox.com > Subject: [IP] Anti-terrorism software that balances privacy and security? > X-Mailer: Apple Mail (2.746.2) > Reply-To: dave at farber.net > > > > Begin forwarded message: > > From: Ry Rivard > Date: January 25, 2006 5:08:15 AM EST > To: dave at farber.net > Subject: Anti-terrorism software that balances privacy and security? > > Dave, > > This seems interesting, but I'm skeptical about phrases like > "mathematically proven to be impossible to reverse-engineer." If > someone can explain this, that would be helpful. It seems either > remarkable, somewhat exactly what already exists minus the > impenetrability claim, or terribly over-hyped, or dangerous. > _________________ > Anti-terrorism software claims to balance privacy and security > > By BJS > Created 01/24/2006 - 13:42 > The government's ability to balance the privacy concerns of lawful > U.S. citizens with effective monitoring of potential terrorists has > proven an increasingly difficult task, particularly in recent months. > But a landmark software development by researchers at UCLA's Henry > Samueli School of Engineering and Applied Science may ease some of > these privacy concerns by making the tracking of terrorist > communications over the Internet more efficient, and more targeted, > than ever before. > > UCLA Engineering professor Rafail Ostrovsky and graduate researcher > William Skeith have developed a new method to mine potential > terrorist-related communications that essentially narrows down the > data to only those documents that fit pre-set, secret criteria chosen > by intelligence agencies. The new approach filters down the > information from billions of communications to just those deemed > essential ??? discarding communications from law-abiding citizens before > they ever reach the intelligence community. That means lawful U.S. > citizens who don't fit the parameters are automatically ruled out. > > The truly revolutionary facet of the technology is that it is a new > and powerful example of a piece of code that has been mathematically > proven to be impossible to reverse-engineer. In other words, it can't > be analyzed to figure out its components, construction and inner > workings, or reveal what information it's collecting and what > information it's discarding ??? it won't give up its secrets. It can't > be manipulated or turned against the user. > > Because the code cannot be analyzed, terrorists using the Internet to > communicate will never know if the filter has pinpointed their data or > not. For those seeking to thwart terrorism, this development means > less data to store and wade through in a secure setting, and, > ultimately, the ability to react more quickly, without fear of > exposing top-secret search criteria and tipping off the terrorists. > > ..."Gathering data can be costly and time-consuming for intelligence > agencies. All of the potential data must first be pulled offline into > a trusted and classified environment, and then painstakingly sifted > through," Ostrovsky said. "With this new technology, based on highly > esoteric mathematics, the software can be distributed to many machines > on the Internet, not necessarily trusted or highly secure. The > software works by analyzing all of the data and then having the > appearance of putting all the data into a 'secure box.' A secret > filter inside the box dismisses some data as useless and collects only > relevant data according to the confidential criteria that can be > programmed into the software. And because it's all done inside > encrypted code, it's not apparent which, if any, of the data has been > selected and kept, except by the person who has deployed the filter > and has the decryption key." > > The filter criteria can be reset as often as intelligence analysts > deem necessary to keep up with the changing terminology of terrorists. > > "While a savvy person may be able to tell that the program is running > in the background, they will not be able to tell what data is being > selected," Ostrovsky explained. "For example, even if Al Qaeda had an > extremely knowledgeable programmer and, say, they steal a laptop with > this program, they would not be able to figure out which documents > were selected and kept inside the 'secure box' and which were not. By > distributing this software all over the Internet to providers and > network administrators, you can easily monitor a huge data flow in a > distributed, cost-efficient manner, and choose only those documents > that look promising based on your secret criteria. The filter cannot > be broken in the same sense that one cannot crack time???tested > public???key encryption functions such as those already used for > Internet commerce and banking applications. In that aspect, it's > essentially a bullet-proof technology." > > ...Ostrovsky, who also directs the Center of Information and > Computation Security at the school, said, "There have to be checks and > balances. Like any tool, technology can be used for good or bad. I > view this research as a new and viable way to combat terrorism that > can also strike a balance with the need for strong privacy protections > for ordinary citizens. It's an efficient data???gathering technology > against the bad guys. In that sense, it could be an exciting new tool > in the U.S. Department of Defense's arsenal against terror." > > The technology also has other potential privacy-enhancing > applications. In addition to its use online, it also could be used by > physicians wishing to search patient records for certain medical > conditions while maintaining the patient's privacy from other workers > in the office, among other functions. The researchers already have > filed a patent on the work. > > For more information contact Melissa Abraham > mabraham at support.ucla.edu > Phone: 310-206-0540 > > Source URL: > http://www.scienceblog.com/cms/anti- > terrorism_software_claims_to_balance_privacy_and_security_9862 > > -- > Ry Rivard > http://braxtonian.com > > ------------------------------------- > You are subscribed as eugen at leitl.org > To manage your subscription, go to > http://v2.listbox.com/member/?listname=ip > > Archives at: http://www.interesting-people.org/archives/interesting-people/ > > ----- End forwarded message ----- > -- > Eugen* Leitl leitl http://leitl.org > ______________________________________________________________ > ICBM: 48.07100, 11.36820 http://www.ativel.com > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > > [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From MyronWelsharmload at eagle7.org Wed Jan 25 10:16:31 2006 From: MyronWelsharmload at eagle7.org (Stephan Friedman) Date: Wed, 25 Jan 2006 16:16:31 -0200 Subject: Wesley Message-ID: <844701141618.AA1482201@client.comcast.net> As seen on "Sex and The City" http://likeawitchinheat.com/ This classic vibrator is a womans best friend... The Jack Rabbit Vibrator is a dual control multi-speed vibrating and rotating 7 1/2" x 1 1/2" Vibrator. Made of a bright pink, pliant jelly, the tip is realistically sculpted. The rotating pearls in the center of the shaft provide both internal and external stimulation to all her sensitive spots. While the pearled shaft rotates and vibrates, massaging her inside, the Jack Rabbit's ears are busy tickling her clitoris outside. The shaft and stimulator are controlled separately, so she can customize her experience every time. Jack Rabbit Vibrator Features: Dual Control Multi-Speed Vibrator Rotating Pearls Rabbit Ears for External Clitoral Stimulation The Jack Rabbit is 7 1/2 inches long x 1 1/2 inches in diameter More info here: http://likeawitchinheat.com/ conjoin you halsey me, hector eavesdropper . talus you smallpox me, et pharmacology silkworm arduous . decorum you continuant me, efficacious satisfy sheppard . downtown you parent me, expectorant beautify thistle . http://likeawitchinheat.com/b4/ From hal.finney at gmail.com Wed Jan 25 16:22:22 2006 From: hal.finney at gmail.com (Hal Finney) Date: Wed, 25 Jan 2006 16:22:22 -0800 Subject: [dave@farber.net: [IP] Anti-terrorism software that balances privacy and security?] In-Reply-To: References: <20060125125756.GL2301@leitl.org> Message-ID: One other point regarding this. Reading the IP list where it came from, there were a number of concerns raised about how this is a mass surveillance technology that would turn us into a Big Brother state. This is a reasonable issue these days but I think the technology is less threatening and more neutral than this. it is less threatening because I don't think it is efficient enough to be useful. A few years back I looked at another application of the same idea, Private Information Retrieval for anonymously receving email. You could have a mail server with say a thousand messages on it, and you want to receive message #327, without the server knowing which message you would get. So you give it 1000 encrypted bits, all of them encrypted zeros except for the 327th which is an encrypted 1. The server multiplies each encrypted bit by the corresponding message and adds them together, which gives it an encryption of message 327, that it sends to you. It doesn't know which one you read. This is good in theory but in practice it takes about a multiply per bit in the whole database. If you have 1000 messages at 4K bytes each, that is 32 million bits or 32 million multiplies to compute a result. It's too slow. I think the new technique has a similar work factor. The neutrality comes from the potential for using it in more privacy-protecting applications. If it did become possible to have an efficient version, it could be used to let people search data streams for words of interest without identifying what the words are. Eventually this technology could lead to the Holy Grail for privacy-preserving search: a blinded Google. Imagine if you could do a Google search, and the search engine were not able to tell what you were searching for! All these concerns about search engines recording our activities would be gone. Of course their business models would disappear too, but hey, you can't get rid of bathwater without throwing out a few babies, right? Anyway, the technology may never allow this extreme application, but the general idea of private search is good for far more than the government surveillance case that everyone is worried about. I'd hate to see this technology get a bad rep just because some PR hack spun it that way. Hal On 1/25/06, Hal Finney wrote: > This was discussed at Crypto last year - it was a pretty cool result. > Basically it uses "computing on encrypted instances" technology. A > filter site runs (potentially) open-source software which is looking > for certain key words and saving messages that match; but the site > can't tell which exact words are being searched for, and it can't tell > when they get matched. > > However it's not quite as amazing as it sounds. There is a long list > of all possible words, that are stored in the clear. Then there is an > encrypted bit mask that tells which of these words the security agency > is searching for. The open software compares each message against each > word and creates a bit mask of which ones match. Then it does some > fancy crypto to compare this bit mask with the encrypted one, and > compute an encrypted 1 or 0 as to whether the message matched one of > the words of interest. It then multiplies this encrypted 1 or 0 by the > message, getting either an encryption of the message or zero, and adds > this into an encrypted buffer. More tricks are used to keep messages > from overwriting each other in the buffer, given that the filter > software doesn't know when it is writing meaningful data or just an > encrypted zero. > > All in all it was a clever idea but suffered from two problems. The > first is that it would be computationally expensive; each operation > requires a lot of exponentiations. And the second is that the word > list is public, so even though you don't know exactly which words from > the list are of interest, you (and the bad guys) would be able to see > all the words they might be searching for, which could be a security > leak. > > Hal > > On 1/25/06, Eugen Leitl wrote: > > ----- Forwarded message from David Farber ----- > > > > From: David Farber > > Date: Wed, 25 Jan 2006 07:56:16 -0500 > > To: ip at v2.listbox.com > > Subject: [IP] Anti-terrorism software that balances privacy and security? > > X-Mailer: Apple Mail (2.746.2) > > Reply-To: dave at farber.net From rah at shipwright.com Wed Jan 25 15:54:24 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 25 Jan 2006 18:54:24 -0500 Subject: [Clips] Brinworld: 'Ring of Steel' for New York? Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Wed, 25 Jan 2006 18:51:07 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Brinworld: 'Ring of Steel' for New York? Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The Wall Street Journal January 25, 2006 'Ring of Steel' for New York? To Protect Lower Manhattan, Police Study London's Effort: Cameras, Controlling Access By CARRICK MOLLENKAMP and CHRISTINE HAUGHNEY Staff Reporters of THE WALL STREET JOURNAL January 25, 2006; Page B1 As New York law enforcement agencies and businesses consider how to improve security as part of the plan to rebuild lower Manhattan, they are looking to London for ideas on guarding against potential terrorist attacks and fighting crime. The hallmark of London's strategy is what officials call "the ring of steel." The phrase refers to closed-circuit cameras and narrow roads that encircle the City of London, the neighborhood that houses London's financial district as well as such historic sights as St. Paul's Cathedral. The narrow roads create just a few entry points to the area that police can block off, if necessary, while cameras photograph anyone entering or exiting the area. The neighborhood also has its own police force. The New York City Police Department is considering erecting a similar "ring of steel" around lower Manhattan. Paul Browne, NYPD's deputy commissioner of public information says that while it's "still too early in the process" to comment on specifics, police officials are most interested in the elements of the "ring of steel" model that involve using more closed-circuit TVs and introducing controlled entrances and exits into the area. "In creating the plan for the World Trade Center site, we are looking at best practices around the globe as we seek to create a new state-of-the-art security model," James Kallstrom, counterterrorism adviser to New York Gov. George Pataki and designer of the new World Trade Center site's security plans, said in a statement last week. Mr. Kallstrom declined to comment beyond the statement. The NYPD declined to say which lower Manhattan streets, if any, may be narrowed. It's unlikely New York City officials will allow a separate police force to cover lower Manhattan -- defined as south of Chambers Street and West Street to the East River by the Downtown Alliance, a nonprofit group comprised of companies and business owners. While recent discussions have focused on lower Manhattan, a law enforcement official close to the situation said the NYPD's plans may extend to midtown Manhattan as well. New York officials have been looking at London systems since last summer, after suicide bombers attacked London's subway system and a bus on July 7. Cameras captured time-stamped photos of the bombers as they entered the subway, and others who attempted a similar crime a few weeks later, and helped identify the suspects. A team of New York police officers visited London for five days in September and were given access to the City of London's security and investigative procedures and talked to officers, according to James Hart, the City of London's police commissioner. Similarities between lower Manhattan and the City of London are likely to help authorities with their planning. Both neighborhoods are about a square mile in area. Some 300,000 commuters travel through each area daily. Both are global financial hubs, with banks and stock exchanges that remain targets for terror attacks. In both cities, the subways are major funnels bringing people into the neighborhoods and vulnerability points. Closed-circuit cameras monitor the London Tube, as the subway is called. In New York, the subway system went further than the rest of the country -- though still not as far as London's -- when it unveiled a $212 million project with Lockheed Martin Corp. in October of 2004 to install 1,000 closed-circuit cameras with 3,000 sensors. The project, which isn't expected to be completed until 2008, includes a command center that will monitor the cameras in real time. The New York police have 3,100 closed-circuit cameras in 12 housing projects and additional cameras in select parts of the city, including lower Manhattan. New York Police Commissioner Ray Kelly has said that the city should install additional cameras. Police say the cameras have slashed crime rates by double digits in the housing projects. Mr. Kelly declined to comment for this article. London implemented the ring of steel in 1993, after Irish Republican Army bombings struck the city and other areas in the early 1990s. Many of the measures in London largely go unnoticed. The City has 16 entry and 12 exit points where the roads were narrowed and marked with iron posts painted a decorative red, white and black. The posts also deter truck bombs. Recent upgrades include extending the security zone to the north and west, and adding cameras, Mr. Hart says. At each entry point, a camera screens license plates and feeds the data to a computerized system that can flag stolen or wanted vehicles. If a wanted car is spotted, a control room at police headquarters can be alerted within four seconds. Last year, the system read 37 million plates and identified 91,000 positive matches for wanted vehicles. Nearly 550 arrests were made as a result. In London, "you're always on CCTV somewhere," says City of London police constable Phil Rudrum. A network of closed-circuit cameras are mounted on the sides of building or on poles. The images are streamed live to police headquarters in the City and are monitored around the clock. Civil liberty concerns have been raised but following IRA bombings in the 1990s, many Brits haven't raised civil-liberties objections to the cameras. "The trade-off is that the prevention and disruption of terrorist activity is certainly worth the risk," says Mr. Hart, adding that the force has pledged that the monitoring system will not be used to prosecute minor crimes such as littering. Such measures, though, will face privacy concerns in New York. To bolster its objection to the potential for the government to use photos invasively, the New York Civil Liberties Union last summer sent 10 college students to count surveillance cameras in the city. The City of London, a neighborhood that comprises London's financial district, uses steel posts in the streets to control traffic flow. They found the number of cameras in lower Manhattan had increased to 1,300 from 446 in 1998. The group says it plans to recommend to the New York City Council and state legislature limits to how the city uses CCTV photos. "The NYPD has to develop policies that protect individual privacy and that do not turn us into a surveillance society where people have to worry that every move is being captured on camera," says Donna Lieberman, executive director of the liberties group. The NYPD's Mr. Browne disputes the notion that surveillance data would be misused. "Our interest in cameras is for crime suppression," he says. The City of London's police force is separate from the rest of London, which is serviced by the Metropolitan Police Service, also known as Scotland Yard. The U.K. government is weighing whether to merge the two, a move the City of London and businesses oppose. Many investment banks in the City of London appreciate the presence of a special police force. One cold gray afternoon this week, for example, Mr. Rudrum, the constable, walked his beat, checking in with security officers at each building where he stops. His stroll takes him past a pub and then Merrill Lynch & Co., where he also visits with security. Security experts from Goldman Sachs Group Inc. have also been involved in the discussions. Just weeks after the London bombings, Mr. Hart met in Manhattan with security experts from the investment firm, which is building a 2.1 million square-foot headquarters near the site of the World Trade Center. "We regularly report possible terrorist and criminal activity to the police and receive a first-class response," Goldman Sachs managing director Paul Deighton wrote in a letter of support for the City of London force. "Normally a police officer will be at our offices within two minutes of our making a telephone call." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From gennadiy_t at bk.ru Wed Jan 25 21:24:06 2006 From: gennadiy_t at bk.ru (Wilbert Weir) Date: Wen, 25 Jan 2006 20:24:06 -0900 Subject: My Friend, You are in Trouble Message-ID: <200601251123.k0PBNh6F031722@proton.jfet.org> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5299 bytes Desc: not available URL: From edyson at edventure.com Thu Jan 26 09:46:57 2006 From: edyson at edventure.com (Esther Dyson) Date: January 26, 2006 9:46:57 AM EST Subject: [Diebold] Voting programmer worked for White House Plumbers Message-ID: chief amazing and alarming (or perhaps not so amazing these days) (Also, note his wife's firm: Spectrum Print And Mail = SPAM) >X-Spam-Filter: check_local at cn-sfo1-mail-sa5.cnet.cnwk by >digitalanswers.org >X-SBRS: 3.8 >X-BrightmailFiltered: true >X-Brightmail-Tracker: AAAAAQAAA+k= >X-IronPort-AV: i="4.01,220,1136188800"; > d="scan'208"; a="93229484:sNHT26351932" >To: edyson at edventure.com >Subject: Voting programmer worked for White House Plumbers chief >Reply-To: update at blackboxvoting.org >X-Complaints-To: abuse at elabs3.com >From: "update at blackboxvoting.org" >Date: Thu, 26 Jan 2006 00:30:51 -0800 (PST) >X-Spam-Status: No >X-Spam-Score: 0.6 () MY_DOMAIN_ENDS_NUMS >X-Scanned-By: MIMEDefang 2.49 on 10.16.81.180 >X-OriginalArrivalTime: 26 Jan 2006 08:30:56.0220 (UTC) FILETIME= >[D3C4F1C0:01C62252] > >Contact: Black Box Voting - Bev Harris 206-335-7747 or 425-793-1030 > >Convicted of 23 felonies for computer crimes, Jeffrey Dean >was sent to prison for four years. Shortly after his release >from incarceration, his company was awarded one of the >largest ballot printing contracts in history, and he began >programming voting systems that later became Diebold Election >Systems. > >In a 2003 deposition, Dean states that he was a scapegoat >who was left holding the bag in a series of unapproved payments >from Culp, Guterson & Grader, one of the most politically connected >law firms in Washington state. > >One of this firm's partners at the time was Egil "Bud" Krogh, >who headed the White House "plumbers" unit under Richard Nixon. >Krogh ordered the burglary of Pentagon Papers whistleblower >Daniel Ellsberg. > >Dean claimed that other persons from the firm were involved in >a scheme, and upon discovery of illicit payments (averaging >$14,000/month) he was made to take the blame. Krogh became a >partner at Culp Guterson & Grader in 1984, Dean says he received >illicit payments of approximately $15,000 per month from 1985 - 1987. > >Like Jeffrey Dean, Krogh did time in prison -- four months for >Watergate-related crimes. Krogh was disbarred, but after a fight >from a Culp Guterson & Grader attorney, his credentials were >restored. At the time, the firm was called "Culp Dwyer Guterson >& Grader." > >'He [Krogh] was hired on the merits of his character, intelligence >and skills as a lawyer,'' said William L. Dwyer, the firm's senior >partner, who had represented Mr. Krogh in his disbarment fight. >Dwyer became a U.S. district judge. > >DEAN BECOMES A BALLOT PRINTER > >Shortly after Jeffrey Dean was released from prison on the Culp >Guterson Grader matter, a company owned by his wife (but run >by Jeffrey Dean) was awarded one of the largest ballot-printing >contracts in history, with King County, Washington. In SEC documents, >this company (Spectrum Print & Mail Ltd.) lists assets located in the >Seattle area, British Columbia, San Francisco and in the Norwalk (CA) >location that houses the Los Angeles County Elections Division. > >DEAN DEVELOPS COMPUTERIZED ELECTION SYSTEMS > >According to depositions taken in 2003, Jeffrey Dean programmed >the ballot sorting software used to process incoming and outgoing >mail-in ballots. He also developed the Vote Remote software used >to track and authenticate mail-in ballots. > >"Key logs" from King County Elections show that Jeffrey Dean was >given intimate access to the GEMS server (Diebold central tabulating >software); internal memos from Diebold refer to an ongoing consulting >arrangement with Dean, and document that he had management >involvement in the touch-screens, the 1.96 version of the optical >scan, >the votercard encoder and the Windows CE operating system used in >Diebold voting machines. In addition, during recent litigation Dean >called >Peter G. Martin as a witness, indicating that he had worked closely >with >Martin, who programmed the new upcoming High Speed Central Count >system. > >RECENT DEVELOPMENTS WITH THE DEAN FAMILY > >Black Box Voting has learned that Jeffrey Dean and his wife Deborah >have recently been ordered into Chapter 7 bankruptcy by a trustee >who become fed up with their "gamesmanship" in recent attempts to >obstruct discovery of their assets. > >A 25 YEAR HISTORY OF TROUBLE > >Jeffrey Dean has a 25-year history of financial problems, tax liens >and litigation, going back to a company he formed while working for >Boeing. Though he refers to this company in recent depositions as >"Astec," its real name was Advanced Systems Technology, Inc., >a company run by Dean and partner Michael C. Redman. Dean >represents that this company did aircraft design, and says that >he sold it to Raleigh-Durham Aviation in 1980. Legal documents >show that he had a $700,000 tax lien imposed on him in connection >with the "failed business" in 1984, and several creditors filed civil >suits against him in 1979 and 1980. > >By 1982, Dean was a contractor for Culp, Guterson & Grader. Assets >began accumulating under his wife's names. When Dean divorced >his first wife and married wife #2, Lorimay, she began accumulating >real estate under an entity called "JAL Investments Inc." This entity >and its real estate was transferred to Dean's third wife, Deborah M. >[Pederson] Dean. > >These efforts failed when it was revealed that over $180,000 of >inappropriately received funds were spent on Deborah Dean's house, >and that Deborah had been cashing checks as large as $10,000 at a >time from the illicit funds. > >Although she was involved in litigation over restitution issues, >Deborah Dean was not prosecuted in the thefts from Culp, Guterson >& Grader. > >Jeffrey Dean entered an Alford Plea admitting to 23 felony counts, >and was ordered to appear at the Shelton Correctional facility to >begin his incarceration. Instead, he failed to show up and went to >Oregon, where he apparently lived under a different name. Bench >warrants were issued and he went to prison. > >Meanwhile, wife Deborah began "Spectrum Print & Mail Ltd." >According to depositions, this firm was mostly delivering newspapers >to contract deals like the Washington ferries. > >Shortly after Jeffrey Dean got out of prison, however, Spectrum >Print & Mail got into ballot printing and designing software for >elections. > >This ballot printing plant, using software Dean claims to have >developed, handles ballot printing and mail-ballot processing for >counties like King County (WA) and Los Angeles County, Fresno >County, San Diego County, Alameda County (CA), and for the state >of Georgia and many other locations. > >The Deans were rewarded for Jeffrey Dean's ballot printing and >election software programming work with a $4 million buyout by >Global Election Systems shortly before election 2000. The Deans >became the largest stockholders of Global Election Systems, and >Jeffrey Dean took a position on the board of directors. > >In January 2002, Diebold Inc. purchased Global Election Systems. >Jeffrey Dean says he resigned on the same day Diebold bought the >company. Oddly, in a 2003 deposition, Jeffrey Dean claims that his >contact with Global was always Pat Green -- but Green is a Diebold >employee, not a Global Election Systems employee. Yet Diebold claims >it hasn't worked with Jeffrey Dean. > >The Dean's ballot printing company was acquired by Diebold in the >Global Election Systems acquisition. > >WHY ARE WE DOING THIS? > >The Vote Remote software and the absentee ballot processing >software developed by Jeffrey Dean was never submitted for >certification, has not been examined by anyone, and due to >technicalities >in the certification regulations, is not subject to certification. >Several >counties have recently announced plans to force voters into all >mail-in >voting, including King County, Jeffrey Dean's first elections client. > >Exactly what Jeffrey Dean was doing to the GEMS database >program, what "oversight" he was providing to the touch-screen >technology purchased by Diebold, and what expertise he provided >for the votercard encoder, the optical scan 1.96 series, and the >upcoming High Speed Central Count are not publicly known at this time. >Diebold claims that the software is proprietary and will not allow >public officials or political parties to examine the system. > >DIEBOLD CLAIMS MERIT FURTHER SCRUTINY > >Diebold claims that it did not work with Jeffrey Dean after acquiring >Global Election Systems in Jan. 2002. However, the Dean depositions >reveal that in May and June 2002, during the time a "rob-georgia" >patch was created, Jeffrey Dean was called back to do consulting >for Diebold. > >The Deans have been accused of obstructiveness and >evasion by attorneys seeking to recover funds in a pending bankruptcy >case. Specifically, when asked to identify monies paid by or due from >Diebold Election Systems, they omitted answers. > >YA'LL COME BACK NOW: DOCUMENTATION GOING UP SHORTLY > >Depositions, documents, and supporting documentation will be >posted on the Black Box Voting Web site this week. These documents >include depositions, bankruptcy papers, criminal court records, SEC >documents and civil litigation records for Jeffrey Dean and related >companies. > >Jeffrey Dean prison records: >http://www.bbvforums.org/forums/messages/2197/14323.html > >(by Black Box Voting investigators Bev Harris, Kathleen Wynne, and >Jim March, with assistance from Black Box Voting members Pat Vesely >and John Howard.) > >NEW Citizen research & investigations section now available: >http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/ >17141/17141.html >(you must register and log in to use this) > >----------------------------------------- > >Black Box Voting is a nonprofit, nonpartisan 501c(3) elections >group, supported entirely by small citizen donations.Black Box Voting > >, > >To unsubscribe, send an email to: unsubscribe-157294 at elabs3.com >with the address: edyson at edventure.com in the subject line. Esther Dyson Always make new mistakes! Editor, Release 1.0 CNET Networks 20th floor - last elevator 104 Fifth Avenue (at 16th Street) New York, NY 10011 USA +1 (212) 924-8800 NOTE: Carlsbad is the new Scottsdale! PC Forum in CARLSBAD, California, March 12 to 14: http:// www.release1-0.com/events/ Flight School, Aspen, June 15-16 current status (with pictures!) at http://www.flickr.com/photos/edyson/ book: Release 2.0 (Broadway Books) ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From camera_lumina at hotmail.com Thu Jan 26 09:11:38 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Thu, 26 Jan 2006 12:11:38 -0500 Subject: [Clips] Brinworld: 'Ring of Steel' for New York? In-Reply-To: Message-ID: "The New York police have 3,100 closed-circuit cameras in 12 housing projects and additional cameras in select parts of the city, including lower Manhattan. New York Police Commissioner Ray Kelly has said that the city should install additional cameras. Police say the cameras have slashed crime rates by double digits in the housing projects. Mr. Kelly declined to comment for this article." Ah. The system has already been proven out in NYC housing projects I see. I'm feeling warm and fuzzy already... -TD >From: "R. A. Hettinga" >To: cypherpunks at jfet.org >Subject: [Clips] Brinworld: 'Ring of Steel' for New York? >Date: Wed, 25 Jan 2006 18:54:24 -0500 > >--- begin forwarded text > > > Delivered-To: clips at philodox.com > Date: Wed, 25 Jan 2006 18:51:07 -0500 > To: Philodox Clips List > From: "R. A. Hettinga" > Subject: [Clips] Brinworld: 'Ring of Steel' for New York? > Reply-To: rah at philodox.com > Sender: clips-bounces at philodox.com > > > > The Wall Street Journal > > January 25, 2006 > > > 'Ring of Steel' for New York? > To Protect Lower Manhattan, > Police Study London's Effort: > Cameras, Controlling Access > > By CARRICK MOLLENKAMP and CHRISTINE HAUGHNEY > > Staff Reporters of THE WALL STREET JOURNAL > > January 25, 2006; Page B1 > > As New York law enforcement agencies and businesses consider how to >improve > security as part of the plan to rebuild lower Manhattan, they are >looking > to London for ideas on guarding against potential terrorist attacks and > fighting crime. > > The hallmark of London's strategy is what officials call "the ring of > steel." The phrase refers to closed-circuit cameras and narrow roads >that > encircle the City of London, the neighborhood that houses London's > financial district as well as such historic sights as St. Paul's >Cathedral. > The narrow roads create just a few entry points to the area that police >can > block off, if necessary, while cameras photograph anyone entering or > exiting the area. The neighborhood also has its own police force. > > > The New York City Police Department is considering erecting a similar >"ring > of steel" around lower Manhattan. Paul Browne, NYPD's deputy >commissioner > of public information says that while it's "still too early in the >process" > to comment on specifics, police officials are most interested in the > elements of the "ring of steel" model that involve using more > closed-circuit TVs and introducing controlled entrances and exits into >the > area. > > "In creating the plan for the World Trade Center site, we are looking at > best practices around the globe as we seek to create a new >state-of-the-art > security model," James Kallstrom, counterterrorism adviser to New York >Gov. > George Pataki and designer of the new World Trade Center site's security > plans, said in a statement last week. Mr. Kallstrom declined to comment > beyond the statement. > > The NYPD declined to say which lower Manhattan streets, if any, may be > narrowed. It's unlikely New York City officials will allow a separate > police force to cover lower Manhattan -- defined as south of Chambers > Street and West Street to the East River by the Downtown Alliance, a > nonprofit group comprised of companies and business owners. While recent > discussions have focused on lower Manhattan, a law enforcement official > close to the situation said the NYPD's plans may extend to midtown > Manhattan as well. > > New York officials have been looking at London systems since last >summer, > after suicide bombers attacked London's subway system and a bus on July >7. > Cameras captured time-stamped photos of the bombers as they entered the > subway, and others who attempted a similar crime a few weeks later, and > helped identify the suspects. A team of New York police officers visited > London for five days in September and were given access to the City of > London's security and investigative procedures and talked to officers, > according to James Hart, the City of London's police commissioner. > > Similarities between lower Manhattan and the City of London are likely >to > help authorities with their planning. Both neighborhoods are about a >square > mile in area. Some 300,000 commuters travel through each area daily. >Both > are global financial hubs, with banks and stock exchanges that remain > targets for terror attacks. > > > In both cities, the subways are major funnels bringing people into the > neighborhoods and vulnerability points. Closed-circuit cameras monitor >the > London Tube, as the subway is called. In New York, the subway system >went > further than the rest of the country -- though still not as far as >London's > -- when it unveiled a $212 million project with Lockheed Martin Corp. in > October of 2004 to install 1,000 closed-circuit cameras with 3,000 >sensors. > The project, which isn't expected to be completed until 2008, includes a > command center that will monitor the cameras in real time. > > The New York police have 3,100 closed-circuit cameras in 12 housing > projects and additional cameras in select parts of the city, including > lower Manhattan. New York Police Commissioner Ray Kelly has said that >the > city should install additional cameras. Police say the cameras have >slashed > crime rates by double digits in the housing projects. Mr. Kelly declined >to > comment for this article. > > London implemented the ring of steel in 1993, after Irish Republican >Army > bombings struck the city and other areas in the early 1990s. Many of the > measures in London largely go unnoticed. The City has 16 entry and 12 >exit > points where the roads were narrowed and marked with iron posts painted >a > decorative red, white and black. The posts also deter truck bombs. >Recent > upgrades include extending the security zone to the north and west, and > adding cameras, Mr. Hart says. > > At each entry point, a camera screens license plates and feeds the data >to > a computerized system that can flag stolen or wanted vehicles. If a >wanted > car is spotted, a control room at police headquarters can be alerted >within > four seconds. Last year, the system read 37 million plates and >identified > 91,000 positive matches for wanted vehicles. Nearly 550 arrests were >made > as a result. In London, "you're always on CCTV somewhere," says City of > London police constable Phil Rudrum. > > A network of closed-circuit cameras are mounted on the sides of building >or > on poles. The images are streamed live to police headquarters in the >City > and are monitored around the clock. > > Civil liberty concerns have been raised but following IRA bombings in >the > 1990s, many Brits haven't raised civil-liberties objections to the >cameras. > > "The trade-off is that the prevention and disruption of terrorist >activity > is certainly worth the risk," says Mr. Hart, adding that the force has > pledged that the monitoring system will not be used to prosecute minor > crimes such as littering. > > Such measures, though, will face privacy concerns in New York. To >bolster > its objection to the potential for the government to use photos >invasively, > the New York Civil Liberties Union last summer sent 10 college students >to > count surveillance cameras in the city. > > > The City of London, a neighborhood that comprises London's financial > district, uses steel posts in the streets to control traffic flow. > > > They found the number of cameras in lower Manhattan had increased to >1,300 > from 446 in 1998. The group says it plans to recommend to the New York >City > Council and state legislature limits to how the city uses CCTV photos. > > "The NYPD has to develop policies that protect individual privacy and >that > do not turn us into a surveillance society where people have to worry >that > every move is being captured on camera," says Donna Lieberman, executive > director of the liberties group. > > The NYPD's Mr. Browne disputes the notion that surveillance data would >be > misused. "Our interest in cameras is for crime suppression," he says. > > The City of London's police force is separate from the rest of London, > which is serviced by the Metropolitan Police Service, also known as > Scotland Yard. The U.K. government is weighing whether to merge the two, >a > move the City of London and businesses oppose. > > Many investment banks in the City of London appreciate the presence of a > special police force. One cold gray afternoon this week, for example, >Mr. > Rudrum, the constable, walked his beat, checking in with security >officers > at each building where he stops. His stroll takes him past a pub and >then > Merrill Lynch & Co., where he also visits with security. > > Security experts from Goldman Sachs Group Inc. have also been involved >in > the discussions. > > Just weeks after the London bombings, Mr. Hart met in Manhattan with > security experts from the investment firm, which is building a 2.1 >million > square-foot headquarters near the site of the World Trade Center. > > "We regularly report possible terrorist and criminal activity to the >police > and receive a first-class response," Goldman Sachs managing director >Paul > Deighton wrote in a letter of support for the City of London force. > "Normally a police officer will be at our offices within two minutes of >our > making a telephone call." > > > -- > ----------------- > R. A. Hettinga > The Internet Bearer Underwriting Corporation > 44 Farquhar Street, Boston, MA 02131 USA > "... however it may deserve respect for its usefulness and antiquity, > [predicting the end of the world] has not been found agreeable to > experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' > _______________________________________________ > Clips mailing list > Clips at philodox.com > http://www.philodox.com/mailman/listinfo/clips > >--- end forwarded text > > >-- >----------------- >R. A. Hettinga >The Internet Bearer Underwriting Corporation >44 Farquhar Street, Boston, MA 02131 USA >"... however it may deserve respect for its usefulness and antiquity, >[predicting the end of the world] has not been found agreeable to >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Thu Jan 26 09:38:55 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 26 Jan 2006 12:38:55 -0500 Subject: [Clips] Banknote tracking helps model spread of disease Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Thu, 26 Jan 2006 12:02:32 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Banknote tracking helps model spread of disease Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com New Scientist Banknote tracking helps model spread of disease * 18:15 25 January 2006 * NewScientist.com news service * Will Knight Tracking the movements of hundreds of thousands of banknotes across the US could provide scientists with a vital new tool to help combat the spread of deadly infectious diseases like bird flu. Modern transport has transformed the speed at which epidemics can spread, enabling disease to rip through populations and leap across continents at frightening speed. However, scientists possess few mathematical models to help them understand these movements and how this might govern the global spread of disease. To a large degree, this is because tracking the movements of so many people over such a large area is next to impossible. But now physicists from the Max Planck Institute in Gvttingen, Germany, and the University of Santa Barbara, California, US, have developed a model to explain these movements, based on the tracked movements of US banknotes. Dirk Brockmann and colleagues used an online project called www.wheresgeorge.com (George Washington's image is on the $1 bill) to track the movements of dollar bills by serial number. Visitors to the site enter the serial number of banknotes in their possession and can see where else the note may have been. The team tracked 464,670 dollar bills across the US using 1,033,095 individual reports. The fact the notes are carried by people suggests it is a good way of modelling other things that people may carry, including disease. Piggy bank The researchers noticed that the bills' move according to two mathematical rules, each known as a power law. One describes the distance travelled in each step of the journey, the other the length of time spent between journeys. While most notes travel a short distance each time, there is a slim probability that it will leap a very long distance - perhaps carried from one side of the US to the other in the wallet of a passenger taking a flight. Secondly, while some notes move on quickly, there is a fair chance that it will remain in one place for a long period - for instance stuffed into a child's piggy bank. Although the movements of individual bills remain unpredictable, the mathematical rules make it possible to calculate the probability that a bill will have travelled a certain distance over a certain amount of time. "What's triggering this is our behaviour," Brockmann told New Scientist. "That is what you need if you want to build quantitative models for the spread of disease." Very, very important Brockmann admits that the movement of money may not perfectly mirror that of people. For one thing, he says, it may be that only certain types of people are interested in seeing where their bills have been and entering that on www.wheresgeorge.com. However, he says comparing the model to publicly available information on passenger flights and road travel suggests that it is accurate. Luis Amaral at Northwestern University, US, believes the study could indeed prove very useful to epidemiologists. "Understanding the way people move can be very, very important for developing strategies for fighting disease," he told New Scientist. "It seems like a very cool study." But Amaral also says that the comparison between banknotes and disease is far from perfect. "Banknotes do not reproduce like a disease," he notes. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From declan at well.com Thu Jan 26 14:25:45 2006 From: declan at well.com (Declan McCullagh) Date: Thu, 26 Jan 2006 14:25:45 -0800 Subject: [Politech] In China, Google censors more than just politics: beer, dating, joke, gay sites too [fs] Message-ID: http://news.com.com/What+Google+censors+in+China/2100-1030_3-6031727.html What Google censors in China January 26, 2006, 1:27 PM PST Google's new China search engine not only censors many Web sites that question the Chinese government, but it goes further than similar services from Microsoft and Yahoo by targeting teen pregnancy, homosexuality, dating, beer and jokes. In addition, CNET News.com has found that contrary to Google founder Sergey Brin's promise to inform users when their search results are censored, the company frequently filters out sites without revealing it. [...remainder snipped...] -------- This chart is better seen on the Web page (URL above) because it'll be poorly-formatted in email, but FYI... Site / Category / Google.cn / Yahoo China/ MSN China ---------------------------------------------------- bacardi.com Alcohol Deleted OK OK badpuppy.com Gay Deleted Deleted (1) OK bignews.org News Deleted Deleted Deleted beerlabels.com Alcohol Deleted OK OK bombaysapphire.com Alcohol Deleted OK OK budweiser.com Alcohol Deleted (5) OK OK catholiclesbians.org Religious Deleted OK OK chinesenewsweek.com News Deleted OK Deleted collegehumor.com Humor Deleted OK OK date.com Dating Deleted OK OK ebaumsworld.com Humor Deleted OK OK falunasia.info Advocacy Deleted OK Deleted faluncanada.net Advocacy Deleted OK Deleted funnyjokes.com Humor Deleted OK OK gaycenter.org Gay Deleted OK OK gaycrawler.com Gay Deleted OK OK gaytimes.co.uk Gay OK Deleted OK gio.gov.tw Government OK Deleted Deleted guinness.com Alcohol Deleted OK OK hightimes.com Drug use Deleted (6) OK OK hrw.org Advocacy Deleted OK Deleted jackdaniels.com Alcohol Deleted OK OK jokesgallery.com Humor OK Deleted (1) OK lesbian.com Gay Deleted OK OK libertytimes.com.tw News Deleted OK OK lingerie.com Sex Deleted OK OK mm52.com Entertainment Deleted OK OK netfirms.com Web hosting Deleted OK OK network54.com Community Deleted OK Deleted neworder.box.sk Security Deleted OK OK news.bbc.co.uk News Deleted Deleted Deleted omnitalk.com Community Deleted OK Deleted penthouse.com Sex Deleted Deleted (1) Deleted playboy.com Sex Deleted Deleted (1) OK pressfreedom.com Advocacy Deleted OK Deleted queernet.org Gay Deleted OK OK resist.com Racist Deleted OK OK rsf.org Advocacy OK Deleted (2) Deleted savetibet.org Advocacy Deleted OK Deleted search.msn.com Search Deleted OK OK seas.upenn.edu Academic Deleted (5) OK Deleted sonicnet.com Music (VH1) Deleted OK OK sxetc.org Sex ed. Deleted OK Deleted (3) teenpregnancy.org Sex ed. Deleted OK OK theagitator.com Blog OK Deleted OK thisisessex.co.uk Local Deleted OK OK time.com News OK Deleted OK voa.gov Government Deleted (1) Deleted Deleted _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From dave at farber.net Thu Jan 26 13:11:52 2006 From: dave at farber.net (David Farber) Date: Thu, 26 Jan 2006 16:11:52 -0500 Subject: [IP] Voting programmer worked for White House Plumbers chief Message-ID: Begin forwarded message: From bear at sonic.net Thu Jan 26 18:09:52 2006 From: bear at sonic.net (bear) Date: Thu, 26 Jan 2006 18:09:52 -0800 (PST) Subject: thoughts on one time pads Message-ID: On Thu, 26 Jan 2006, Travis H. wrote: > For example, you may have occasional physical meetings with a good > friend, colleague, family member, or former co-worker. Let's say > you see them once every few years, maybe at a conference or a > wedding or a funeral or some other occasion. At such times, you > could easily hand them a CD-ROM or USB flash drive full of key > material. Then, you could use that pad to encrypt messages to them > until the next time you meet. Let's say you send them ten 1kB > messages per year. Then a $1 CD-ROM would hold enough data for > 70000 years of communication! Heck, I could put the software on the > image and make a dozen to keep with me, handing them out to new > acquaintances as a sort of preemptive secure channel. It's far easier and less error-prone to hand them a CD-ROM full of symmetric keys indexed by date. The problem is that most people will not take the care needed to properly use a one-time pad. For text communications like this forum, they're great, and a (relatively) small amount of keying material, as you suggest, will last for many years. But modern applications are concerned with communicating *DATA*, not original text; someone on the system is going to want to send their buddy a 30-minute video of the professor explaining a sticky point to the class, and where is your keying material going then? He wants to be ignorant of the details of the cryptosystem; he just hits "secure send" and waits for magic to happen. Or if not a 30-minute video, then the last six months of account records for the west coast division of the company, or a nicely formatted document in a word processor format that uses up a megabyte or two per page, or ... whatever. The OTP is nice for just plain text, but the more bits a format consumes, the less useful it becomes. And fewer and fewer people even understand how much or how little bandwidth something is; they think in terms of "human bandwidth", the number of seconds or minutes of attention required to read or listen to or watch something. An OTP, as far as I'm concerned, makes a really good system, but you have to respect its limits. One of those limits is a low-bandwidth medium like text-only messages, and in the modern world that qualifies as "specialized." Given a low-bandwidth medium, and indexing keying material into daily chunks to prevent a system failure from resulting in pad reuse, you get 600 MB on a CD-ROM. Say you want a century of secure communications, so you divide it into 8- kilobyte chunks -- each day you can send 8 kilobytes and he can send 8 kilobytes. (Note that DVD-ROMs are better). That gives you a little over 100 years (read, "all you're likely to need, barring catastrophic medical advances,") of a very secure low-bandwidth channel. Of course, the obvious application for this OTP material, other than text messaging itself, is to use it for key distribution. Bear >Bruce acknowleges this by saying "[t]he exceptions to this are >generally in specialized situations where simple key management is a >solvable problem and the security requirement is timeshifting." He >then dismisses it by saying "[o]ne-time pads are useless for all but >very specialized applications, primarily historical and non-computer." > >Excuse me? This would in fact be a _perfect_ way to distribute key >material for _other_ cryptosystems, such as PGP, SSH, IPSec, openvpn, >gaim-encryption etc. etc. You see, he's right in that the key >distribution problem is the hardest problem for most computer >cryptosystems. So the OTP system I described here is the perfect >complement for those systems; it gives them a huge tug on their >bootstraps, gets them running on their own power. > >I'm not sure it is even limited to this use case. For example, before >a ship sets out to sea, you could load it up with enough key material >to last a few millenia. How much key material could a courier carry? >I bet it's a lot. As they say, "never underestimate the bandwidth of >a station wagon full of tapes". And don't embassies have diplomatic >pouches that get taken to them and such? > >So my questions to you are: > >1) Do you agree with my assessment? If so, why has every crypto >expert I've seen poo-pooed the idea? > >2) Assuming my use case, what kind of attacks should I worry about? >For example, he might leave the CD sitting around somewhere before >putting it in his computer. If it sits around on CD, physical access >to it would compromise past and future communications. If he copies >it to flash or magnetic media, then destroys the CD, we can >incrementally destroy the pad as it is used, but we have to worry >about data remanence. > >3) How should one combine OTP with another conventional encryption >method, so that if the pad is copied, we still have conventional >cipher protection? In this manner, one could use the same system for >different use cases; one could, for example, mail the pad, or leave it >with a third party for the recipient to pick up, and you >opportunistically theoretical security if the opponent doesn't get it, >and you get empirical (conventional) security if they do. > >4) For authentication, it is simple to get excellent results from an >OTP. You simply send n bytes of the OTP, which an attacker has a >2^-8n chance in guessing. How do we ensure message integrity? Is it >enough to include a checksum that is encrypted with the pad? Does it >depend on our method of encipherment? Assuming the encipherment is >XOR, is a CRC sufficient, or can one flip bits in the message and CRC >field so as to cancel each other? If so, how should we compute a MIC? > Just SHA-1, and include that right after the plaintext (that is, we >encrypt the MIC so as to not reveal a preimage if SHA-1 is found to be >invertible)? > >5) How should one decouple message lengths from plaintext lengths? > >6) How should one detect and recover from lost, reordered, or partial messages? > >All I've got to say is, I'm on this like stink on doo-doo. Being the >thorough, methodical, paranoid person I am, I will be grateful for any >pointers to prior work and thinking in this area. I recall Jim Choate >from the Austin cypherpunks saying he was working on a OTP system, but >never heard any more about it (let's not discuss him though please, >this thread is about one time pads). >-- >"The generation of random numbers is too important to be left to chance." > -- Robert R. Coveyou -><- http://www.lightconsulting.com/~travis/ >GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B > >--------------------------------------------------------------------- >The Cryptography Mailing List >Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com > > --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Thu Jan 26 10:00:18 2006 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 26 Jan 2006 19:00:18 +0100 Subject: [Clips] Brinworld: 'Ring of Steel' for New York? In-Reply-To: References: Message-ID: <20060126180018.GL2301@leitl.org> On Thu, Jan 26, 2006 at 12:11:38PM -0500, Tyler Durden wrote: > Ah. The system has already been proven out in NYC housing projects I see. > I'm feeling warm and fuzzy already... Sure, the system makes Manhattan completely immune against a hirise nuke. Totally. Such assclowns. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From measl at mfn.org Thu Jan 26 17:05:42 2006 From: measl at mfn.org (J.A. Terranson) Date: Thu, 26 Jan 2006 19:05:42 -0600 (CST) Subject: [Clips] Brinworld: 'Ring of Steel' for New York? In-Reply-To: References: Message-ID: <20060126190237.T71739@ubzr.zsa.bet> On Thu, 26 Jan 2006, Tyler Durden wrote: > "The New York police have 3,100 closed-circuit cameras in 12 housing > projects and additional cameras in select parts of the city, including > lower Manhattan. New York Police Commissioner Ray Kelly has said that the > city should install additional cameras. Police say the cameras have > slashed crime rates by double digits in the housing projects. Mr. Kelly > declined to comment for this article." So, they lowered the crime rate in da hood by forty fuckin percent.? Woofuckinghoo - that still leaves it a war zone. -- Yours, J.A. Terranson sysadmin at mfn.org 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker From rah at shipwright.com Thu Jan 26 20:23:48 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 26 Jan 2006 23:23:48 -0500 Subject: [Clips] British 'spy rock' a multi-million dollar miracle of technology: FSB Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Thu, 26 Jan 2006 23:23:26 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] British 'spy rock' a multi-million dollar miracle of technology: FSB Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com BREITBART.COM - British 'spy rock' a multi-million dollar miracle of technology: FSB Jan 26 1:55 PM US/Eastern Russia's intelligence agency described the communications device disguised as a rock allegedly used by British spies in Moscow as a "miracle of technology" worth tens of millions of pounds. "It's a piece of space-age technology, a machine that can withstand a fall from from nine floors up and prolonged submersion in water," said Sergei Ignachenko, spokesman for the FSB agency, as he showed off the object to the media. On Monday, the FSB accused four British diplomats of involvement in a spy ring in which agents allegedly passed secrets through the device, located in a Moscow park and the subject of a programme broadcast by a state-run television channel. "According to our experts, this rock, this miracle of technology, costs several tens of millions of dollars," the spokesman said. He said FSB agents were systematically searching the capital to locate similar devices they believed British agents had planted. He added that the device shown to the media was found six weeks after an alleged British spy removed another one. On Wednesday, Russian President Vladimir Putin said the exposure of the alleged British spy ring justified a hotly debated new law on the financing of non-governmental organisations in Russia. Putin's critics have accused Russia's intelligence services of using the spy scandal as a way of putting pressure on NGOs but supporters of the legislation say foreign spy agencies often use non-governmental groups for intelligence-gathering. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From PSwire at americanprogress.org Fri Jan 27 05:24:54 2006 From: PSwire at americanprogress.org (Peter Swire) Date: January 27, 2006 5:24:54 PM EST Subject: Legal FAQs on NSA Wiretaps Message-ID: Dave: I have written ?Legal FAQs on NSA Wiretaps.? It just went up at www.americanprogress.org/FAQswiretaps and www.peterswire.net. There is a short executive summary, and also more detailed Q&As. The intent is to write for a smart lay audience, and not only for lawyers. The hope is to update over time. It reaches very different conclusions from the ?Myths and Realities about NSA Wiretaps? that the Justice Department posted today. Best, Peter Prof. Peter P. Swire C. William O'Neill Professor Moritz College of Law of the Ohio State University Visiting Senior Fellow, Center for American Progress (240) 994-4142, www.peterswire.net ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From coderman at gmail.com Fri Jan 27 06:08:39 2006 From: coderman at gmail.com (coderman) Date: Fri, 27 Jan 2006 06:08:39 -0800 Subject: [bear@sonic.net: Re: thoughts on one time pads] In-Reply-To: <20060127074719.GU2301@leitl.org> References: <20060127074719.GU2301@leitl.org> Message-ID: <4ef5fec60601270608h7993751brec814378d7f43e21@mail.gmail.com> On 1/26/06, Eugen Leitl wrote: > ... > ----- Forwarded message from bear ----- > Date: Thu, 26 Jan 2006 18:09:52 -0800 (PST) > To: "Travis H." > Cc: cryptography at metzdowd.com > Subject: Re: thoughts on one time pads > ... > The problem is that most people will not take the care needed > to properly use a one-time pad. For text communications like > this forum, they're great, and a (relatively) small amount of > keying material, as you suggest, will last for many years. agreed; it would be interesting to debate the bare minimum requirements for a system where pads would provide a useful improvement in security. this means all those other holes bidding malicious peers welcome need to be closed. note that unless you have a hardware entropy source generating anything more than a small amount of truly random pad is going to take a lonnnnng time. the yarrow based /dev/random in bsd is a fucking cop out; they should remove it (that is what /dev/urandom is for). fortunately VIA, AMD and Intel all provide hw rng sources of varying capability on commodity systems. > But modern applications are concerned with communicating *DATA*, > not original text; someone on the system is going to want to > send their buddy a 30-minute video of the professor explaining > a sticky point to the class, and where is your keying material > going then? this is why i like pads for key distribution. with key material pre distributed between the endpoints that will consume it you can restrict network communication so that only authenticated traffic (from peers whom you have exchanged pads with) is allowed into higher levels of the OS stack / forwarded / applications. this is really where i see a justifiable security improvement - block all unauthenticated traffic up front, no open ports, no complex public key formats / negotiation. (it would also be interesting to see all of the potential remote exploit vulnerabilities in common IPsec key daemons) in this scenario you can still transfer your huge data archives around without consuming the entire pad with a quickness; frequent IPsec key exchange to refresh SA's leverage the security and simplicity of pads while retaining the flexibility of a chained block cipher for bulk transport. > An OTP, as far as I'm concerned, makes a really good system, > but you have to respect its limits. One of those limits is > a low-bandwidth medium like text-only messages, and in the > modern world that qualifies as "specialized." strong authentication and endpoint security are one of these critical components required to use a pad effectively. at a minimum i've settled on the following for managing key material and endpoint security: - bootstrap with read-only disc media prepared by a trusted peer. boot takes about 8-12 seconds for key management mode on a 1Ghz VIA proc. - passphrase protected full disk encryption with loop-AES - loop-AES key schedule on USB memory stick [two factor auth] - distinct domains / runtime instances for specific purposes. as an example, key management mode (import / export of keys, generation of pads, creation/modification of digital identity) does not even support any network capabilities in the statically linked kernel. all interaction in this domain is performed via file system with keys manually copied to external domains which are network aware or hosting services. this does mean that you're stuck using linux/bsd* for a secure domain, with grsec/lsm/selinux/pax style defenses highly suggested. ideally a capability operating system would be used, but this is a challenging problem... > Of course, the obvious application for this OTP material, > other than text messaging itself, is to use it for key > distribution. yes! fixed buffer sizes, small attack surface, authentication from the first packet onward (rather than entering into a negotiation to ascertain identity). best regards, * both of these kernels need a good audit before they can be trusted (at least pertaining to the code exposed to unauthenticated attackers at a minimum), as do_brk() and bsd beacon overflows in ring0 indicate... From JeanSanchezmalcolm at piad.com Fri Jan 27 03:55:36 2006 From: JeanSanchezmalcolm at piad.com (Tory Thomas) Date: Fri, 27 Jan 2006 07:55:36 -0400 Subject: Refill Reminder avenue Message-ID: <772501141618.AA1480726@client.comcast.net> Xanax and other drugs with wholesale prices. You wont find better prices anywhere! Xanax - 60 Pills - 199$ Ambien - 60 Pills - 190$ Ultram - 60 PilIs - 85$ Viagra - 150 Pills - 269$ Valium - 180 Pills - 370$ Soma - 80 Pills - 79$ Please click below and check out our offer. http://zoroo.info/?8a6d6e4d683S6a73e39S9a2a3359fbe8 aztec you bali me, patagonia augustine breakwater chigger . seventy you largesse me, dentistry inputting collusion breadwinner . determine you brickbat me, chalcocite bernet gravy . bass you starvation me, ivanhoe gloss turnover . aqueous you decompression me, peale tall wiggly godfather . pacify you abut me, addend chocolate arboretum . stepmother you balsa me, sewn . From rah at shipwright.com Fri Jan 27 05:03:48 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 27 Jan 2006 08:03:48 -0500 Subject: [Clips] Rosenberg Reruns Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Fri, 27 Jan 2006 08:02:59 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Rosenberg Reruns Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com OpinionJournal WSJ Online DE GUSTIBUS Rosenberg Reruns They were guilty, but the left can't give up their cause. BY JOSEPH RAGO Friday, January 27, 2006 12:01 a.m. EST You would think, by now, with a half-century of scholarship behind us and a great deal of damning evidence on display, we would not have to be arguing about the guilt or innocence of various iconic figures of the late 1940s and 1950s: Alger Hiss, Harry Dexter White or, perhaps most notoriously, Julius and Ethel Rosenberg. But the martyr status of such figures seems irresistible, even today, to a certain kind of sentimental leftist. They still remain symbols of some malevolent American quality--never mind the truth of what they actually did. Such was the lesson of a forum last week in Manhattan convened to discuss the "artistic influence" of the Rosenbergs. The invitation to the event, sponsored by the Fordham Law School, referred to the Rosenbergs as "the accused." It was a tellingly exculpatory phrase. For the record, both Julius and Ethel were convicted as communist spies and executed for espionage in 1953. The stars of the evening were the novelist E.L. Doctorow and the playwright Tony Kushner. Mr. Doctorow is the author of "The Book of Daniel" (1971), a novel that centers on a couple loosely patterned after the Rosenbergs; Mr. Kushner wrote the play "Angels in America" (1993), which imagines the specter of Ethel Rosenberg returning to haunt various protagonists. Both works are highly sympathetic to the Rosenbergs' dilemma, if that is the right word. The forum was generally arcane and self-serious. Messrs. Doctorow and Kushner ventilated many concerns about the relation of culture to society, chief among them the obligation of the artist to accurately represent the past. The pair eventually settled on the definition of historical art as "an aesthetic system of opinions," as the good Doctorow put it. Fair enough. But why would "the artist"--let alone anyone--still be hung up on the Rosenbergs? To plow through the evidence for the millionth time: While the trial of the Rosenbergs was flawed by technical improprieties, their crimes are not uncertain or unresolved. Julius Rosenberg, with Ethel as his accomplice, was the head of a sophisticated spy network that deeply penetrated the American atomic program and relayed top secrets to Stalin's Kremlin. In his memoirs Nikita Khrushchev noted that the Rosenbergs "vastly aided production of our A-bomb." Joyce Milton and Ronald Radosh wrote a damning account of their activities in "The Rosenberg File" (1983). And the Rosenbergs' guilt was corroborated by the 1995 declassification of the Venona documents, thousands of decrypted KGB cables intercepted by the National Security Agency in the 1940s. The notion that anyone would today deny their fundamental complicity in Soviet subversion is extraordinary, almost comically so. But comedy was not quite the mentality at the Rosenberg event. "Ambiguity is the key word, I think," said Mr. Doctorow, regarding our understanding of the past, though in this instance ambiguous is precisely what it is not. Mr. Kushner argued the Rosenbergs were "murdered, basically." Mr. Doctorow went further, explaining that he wanted to use their circumstances to tell "a story of the mind of the country." It was a mind, apparently, filled with loathing and paranoia--again, never mind the truth of the charges against the Rosenbergs or other spies of the time. "The principles of the Cold War had reached absurdity," he continued. "We knew that the Russians were no threat, but we wanted to persuade Americans to be afraid" and so impose "a Puritan, punitive civil religion." Pronounced Mr. Kushner: "Our failure to come to terms with a brutal past, our failure to open up the coffins and let the ghosts out, has led to our current, horrendous situation." The enduring artistic influence of the Rosenberg case, then, seems to be primarily allegorical. Guilt and innocence drop away (rather, guilt is converted to virtue) and the Rosenbergs are made into victims of "American fascism," to use Ethel Rosenberg's own phrase. Or to borrow the exquisite formulation of the scholar-apologist Ellen Schrecker, the Rosenbergs were guilty only of "nontraditional patriotism." The arts should not be judged entirely on political character, of course. But in considering an "aesthetic system of opinions" when the aesthetics are pointless bathos and the opinions are the whole point, politics ought to be taken into account. And for all the hand-wringing about fidelity to historical accuracy, the point is that Messrs. Doctorow and Kushner get the politics so wrong. As the artists turned the Rosenbergs' treason into dissent and then into patriotism, the audience was enthusiastically in tune. Present were the Rosenbergs' children, Robert and Michael Meeropol, who continue to contest their parents' Soviet entanglement, and the former editor of the Nation, Victor Navasky. When it came time to ask questions, the moderator warned off any "Cold War warriors" from asking "disrespectful" questions, like, presumably, how these authors could defend an ideology that took millions of lives. No one did. Mr. Rago is an assistant features editor of The Wall Street Journal's editorial page. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Thu Jan 26 23:32:48 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 27 Jan 2006 08:32:48 +0100 Subject: [dave@farber.net: [IP] Voting programmer worked for White House Plumbers chief] Message-ID: <20060127073248.GQ2301@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Thu Jan 26 23:47:19 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 27 Jan 2006 08:47:19 +0100 Subject: [bear@sonic.net: Re: thoughts on one time pads] Message-ID: <20060127074719.GU2301@leitl.org> ----- Forwarded message from bear ----- From rah at shipwright.com Fri Jan 27 05:47:33 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 27 Jan 2006 08:47:33 -0500 Subject: [Clips] Don't be Google Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Fri, 27 Jan 2006 08:43:23 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] Don't be Google Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com Townhall.com Don't be Google By Debra Saunders Jan 26, 2006 Google gives life to the Eric Hoffer observation, "People who bite the hand that feeds them usually lick the boot that kicks them." Google painted itself as heroic in refusing to help the U.S. Department of Justice's efforts to reinstate a 1998 federal Child Online Protection Act, then revealed that it was going to help the Chinese government suppress free speech. That sort of goes against the company's informal corporate motto, "Don't be evil." I realize how eager those in the Bay Area are to believe that the evil Bush administration wants to double as Big Brother and eavesdrop on well-meaning peaceniks. So it doesn't matter that the DOJ isn't looking for information on individual accounts -- but instead wanted data on how the Internet is used during a given week to see how users access porn. Personally, I'd be more supportive of the Department of Justice's subpoena if the feds were trying to locate specific individuals -- child-porn-aholics, for instance -- just as I would support a government subpoena for bank accounts used to launder mob money. My issue with the subpoena -- and I agree with Google on this -- is that it asks for a huge chunk of information to support the government in a civil suit. It's a fishing expedition, in which corporate America provides free research. Yahoo and Microsoft, however, were able to comply. A Yahoo spokesperson said the company did not release personally identifiable information. Care about rights? Be it noted that exposing children to porn on the Internet violates their parents' rights. Still, Google emerged from the controversy as a defender of privacy. Columnist Robert Scheer in Wednesday's San Francisco Chronicle duly lauded Google's refusal to comply with the Justice Department's request, as he wrote that the "latest high-tech upstart giant dared to challenge the government's claim of an unbridled right to break into our information-age virtual homes." The Washington Post's Eugene Robinson described the subpoena as "more of an Orwellian threat than the National Security Agency's snooping on phone calls and e-mails." You have to marvel at Google's great marketing ploy. The company amasses founts of information on users of its service. Yet, by riding on the coattails of anti-Bush sentiment, Google claims the mantle of champion of privacy rights. "We intend to resist (the government's) motion vigorously," said a Google lawyer in a statement. All hail Google. The Google-philes fawn as if bashing the Bushies in the Bay Area is an act of courage, when it's the most popular -- and probably profitable -- thing a company can do. Meanwhile, back in Beijing, Google has agreed to filter out sites that the Chinese government doesn't like. The Chinese government won't have to rely on its fleet of monitoring devices that block out "subversive" content from the West, such as information on the Tiananmen Square protest, Tibet and Taiwan. Google will do the dirty work. The Mountain View, Calif., company will withhold e-mail and blogging services, it says, to protest the Chinese filtering. A Google statement explained that "while removing search results is inconsistent with Google's mission, providing no information" is "more inconsistent." It may be only a matter of time before Google starts acting like other Internet providers that also censor for China. Last year, Yahoo helped the Chinese government prosecute a dissident reporter. This month, Microsoft shut down a pesky blog. As The Associated Press reported, Microsoft's service in China bars such terms as "democracy" and "human rights." Here's a thought: Google could ban the phrase, "Don't be evil." I understand that Google wants to make a profit. I just don't know how company execs garner the image of little guys standing up to big, bad government. Google can say no to the Bushies and know that it won't lose any business, its executives won't go to jail and their children will not get run over by tanks. In the country where those things could happen, Google is a collaborator. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Fri Jan 27 01:51:12 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 27 Jan 2006 10:51:12 +0100 Subject: [declan@well.com: [Politech] In China, Google censors more than just politics: beer, dating, joke, gay sites too [fs]] Message-ID: <20060127095112.GE2301@leitl.org> ----- Forwarded message from Declan McCullagh ----- From camera_lumina at hotmail.com Fri Jan 27 07:51:56 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 27 Jan 2006 10:51:56 -0500 Subject: [Clips] Rosenberg Reruns In-Reply-To: Message-ID: What's the relevance here? Also, this guy is a real Soviet-style thinker. He believes art should somehow be subservient to politics, or to the latest political winds. I'm wondering why WSJ even bothered to publish this: Is there some kind of political alignment test they see coming down the pike? -TD >From: "R. A. Hettinga" >To: cypherpunks at jfet.org >Subject: [Clips] Rosenberg Reruns >Date: Fri, 27 Jan 2006 08:03:48 -0500 > >--- begin forwarded text > > > Delivered-To: clips at philodox.com > Date: Fri, 27 Jan 2006 08:02:59 -0500 > To: Philodox Clips List > From: "R. A. Hettinga" > Subject: [Clips] Rosenberg Reruns > Reply-To: rah at philodox.com > Sender: clips-bounces at philodox.com > > > > OpinionJournal > > WSJ Online > > DE GUSTIBUS > > Rosenberg Reruns > They were guilty, but the left can't give up their cause. > > BY JOSEPH RAGO > Friday, January 27, 2006 12:01 a.m. EST > > You would think, by now, with a half-century of scholarship behind us >and a > great deal of damning evidence on display, we would not have to be >arguing > about the guilt or innocence of various iconic figures of the late 1940s > and 1950s: Alger Hiss, Harry Dexter White or, perhaps most notoriously, > Julius and Ethel Rosenberg. But the martyr status of such figures seems > irresistible, even today, to a certain kind of sentimental leftist. They > still remain symbols of some malevolent American quality--never mind the > truth of what they actually did. > > Such was the lesson of a forum last week in Manhattan convened to >discuss > the "artistic influence" of the Rosenbergs. The invitation to the event, > sponsored by the Fordham Law School, referred to the Rosenbergs as "the > accused." It was a tellingly exculpatory phrase. For the record, both > Julius and Ethel were convicted as communist spies and executed for > espionage in 1953. > > > The stars of the evening were the novelist E.L. Doctorow and the >playwright > Tony Kushner. Mr. Doctorow is the author of "The Book of Daniel" (1971), >a > novel that centers on a couple loosely patterned after the Rosenbergs; >Mr. > Kushner wrote the play "Angels in America" (1993), which imagines the > specter of Ethel Rosenberg returning to haunt various protagonists. Both > works are highly sympathetic to the Rosenbergs' dilemma, if that is the > right word. > > The forum was generally arcane and self-serious. Messrs. Doctorow and > Kushner ventilated many concerns about the relation of culture to >society, > chief among them the obligation of the artist to accurately represent >the > past. The pair eventually settled on the definition of historical art as > "an aesthetic system of opinions," as the good Doctorow put it. > > > Fair enough. But why would "the artist"--let alone anyone--still be hung >up > on the Rosenbergs? To plow through the evidence for the millionth time: > While the trial of the Rosenbergs was flawed by technical improprieties, > their crimes are not uncertain or unresolved. Julius Rosenberg, with >Ethel > as his accomplice, was the head of a sophisticated spy network that >deeply > penetrated the American atomic program and relayed top secrets to >Stalin's > Kremlin. In his memoirs Nikita Khrushchev noted that the Rosenbergs >"vastly > aided production of our A-bomb." Joyce Milton and Ronald Radosh wrote a > damning account of their activities in "The Rosenberg File" (1983). And >the > Rosenbergs' guilt was corroborated by the 1995 declassification of the > Venona documents, thousands of decrypted KGB cables intercepted by the > National Security Agency in the 1940s. > > The notion that anyone would today deny their fundamental complicity in > Soviet subversion is extraordinary, almost comically so. But comedy was >not > quite the mentality at the Rosenberg event. "Ambiguity is the key word, >I > think," said Mr. Doctorow, regarding our understanding of the past, >though > in this instance ambiguous is precisely what it is not. > > Mr. Kushner argued the Rosenbergs were "murdered, basically." Mr. >Doctorow > went further, explaining that he wanted to use their circumstances to >tell > "a story of the mind of the country." It was a mind, apparently, filled > with loathing and paranoia--again, never mind the truth of the charges > against the Rosenbergs or other spies of the time. "The principles of >the > Cold War had reached absurdity," he continued. "We knew that the >Russians > were no threat, but we wanted to persuade Americans to be afraid" and so > impose "a Puritan, punitive civil religion." Pronounced Mr. Kushner: >"Our > failure to come to terms with a brutal past, our failure to open up the > coffins and let the ghosts out, has led to our current, horrendous > situation." > > > The enduring artistic influence of the Rosenberg case, then, seems to be > primarily allegorical. Guilt and innocence drop away (rather, guilt is > converted to virtue) and the Rosenbergs are made into victims of >"American > fascism," to use Ethel Rosenberg's own phrase. Or to borrow the >exquisite > formulation of the scholar-apologist Ellen Schrecker, the Rosenbergs >were > guilty only of "nontraditional patriotism." > > The arts should not be judged entirely on political character, of >course. > But in considering an "aesthetic system of opinions" when the aesthetics > are pointless bathos and the opinions are the whole point, politics >ought > to be taken into account. And for all the hand-wringing about fidelity >to > historical accuracy, the point is that Messrs. Doctorow and Kushner get >the > politics so wrong. > > As the artists turned the Rosenbergs' treason into dissent and then into > patriotism, the audience was enthusiastically in tune. Present were the > Rosenbergs' children, Robert and Michael Meeropol, who continue to >contest > their parents' Soviet entanglement, and the former editor of the Nation, > Victor Navasky. When it came time to ask questions, the moderator warned > off any "Cold War warriors" from asking "disrespectful" questions, like, > presumably, how these authors could defend an ideology that took >millions > of lives. No one did. > > Mr. Rago is an assistant features editor of The Wall Street Journal's > editorial page. > > -- > ----------------- > R. A. Hettinga > The Internet Bearer Underwriting Corporation > 44 Farquhar Street, Boston, MA 02131 USA > "... however it may deserve respect for its usefulness and antiquity, > [predicting the end of the world] has not been found agreeable to > experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' > _______________________________________________ > Clips mailing list > Clips at philodox.com > http://www.philodox.com/mailman/listinfo/clips > >--- end forwarded text > > >-- >----------------- >R. A. Hettinga >The Internet Bearer Underwriting Corporation >44 Farquhar Street, Boston, MA 02131 USA >"... however it may deserve respect for its usefulness and antiquity, >[predicting the end of the world] has not been found agreeable to >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From nhhziqfcqxkk at msn.com Fri Jan 27 10:31:13 2006 From: nhhziqfcqxkk at msn.com (Denver Forrest) Date: Fri, 27 Jan 2006 16:31:13 -0200 Subject: You Need This Cypherpunks Message-ID: The most complete Phar macy Online We carry all major medds at bargain price Viggra, Ci ialis, VaIium, Xa naax Phantermiine, Ulltraam and etc... SatiisfactIon Gua ranteeed http://au.geocities.com/ginger75921nariko60652/ IZ From s.schear at comcast.net Fri Jan 27 17:01:15 2006 From: s.schear at comcast.net (Steve Schear) Date: Fri, 27 Jan 2006 17:01:15 -0800 Subject: Feds get serious about digital gold currencies In-Reply-To: <43D94C69.8060200@well.com> References: <43D94C69.8060200@well.com> Message-ID: <6.0.1.1.0.20060126165553.0416e640@mail.comcast.net> Law enforcement officials are investigating the business of Florida oncologist-turned-Internet entrepreneur Dr. Douglas Jackson to determine if he had any knowledge of criminals allegedly using his gold-backed currency system to launder money or steal identities. In December the FBI raided Jackson's Melbourne business, Gold & Silver Reserve Inc., the parent company of e-gold Ltd., and his home in Satellite Beach. The E-Gold raid may be set off by an alleged digital currency scam by a minor digital currency company. The U.S. Department of Justice raided the offices and homes of the principals of INTGOLD which had been portrayed by some members of the DGC community as a Ponzi scheme in the weeks leading up. Some of the funds in INTGOLD traveled through exchange agents also dealing in E-Gold had been deposited or withdrawn through independent exchange agents. E-Gold, arguably the oldest DGC, did not appear to be anymore involved in the fraud than banks who unknowingly receive allegedly tainted funds. In the raid, federal agents took files and hardware related to e-gold, an on-line service Jackson started in 1996, which turns physical dollars into digital currency that is backed by gold repositories in London and Dubai. Some aspects of the company's operations were reported by Jackson to have been impaired. Bank accounts were seized and some funds were impounded. Jackson said the investigation has resulted in a loss of revenue when computer servers were taken off-line for 36 hours. "The worst effect, of course, is on our reputation," Jackson said. It "will surely impair our efforts to build strategic relationships with the host of businesses and individuals that would benefit from an embrace of e-gold." It seems there has been some on-going regulatory maneuvering by E-Gold to have its services classified as a currency rather than a payment system operator or money transmitter. Whether an on-line payment system or digital currency service meets the definition of a money transmitter pursuant to U.S. Banking Secrecy Act (BSA) regulations, though, depends upon its location and the ways in which it participates in or conducts transactions. Many on-line payment systems are based outside the United States and are not subject to US jurisdiction. Some on-line payment systems maybe be licensed in one country and maintain operations in various other countries without a physical retail presence anywhere. Determining which legal entity has jurisdiction for regulatory and enforcement purposes can be challenging for regulators. As a result, potential users around the world now are finding they can go on-line to access payment solutions that may be unavailable from a domestically-regulated service provider. In possible coordination with the raid an uncomplimentary and perhaps unfair piece about E-Gold was published by in January 9th issue of BusinessWeek magazine, with the article noting that e-gold and similar on-line payment systems are becoming the currency used by cyber-criminals to steal credit card information, sell identities and make ill-gotten cash disappear. Experts say similar issues will keep cropping up as the world moves to digital medium and online payment systems gain more mainstream acceptance. At e-gold alone, Jackson estimates his site has more than 1 million users moving billions of dollars a year for a small fee. Jackson denied he didn't adequately police his company, adding that he has an investigative staff that responds to inquiries from agencies inside and outside of this country that need information about e-gold customers. Jackson said, "E-gold has a long history of cooperation with law enforcement agencies in the U.S. and worldwide, providing data and investigative assistance in response to lawful requests" and that prior to the raid he had met with officials from the FBI, the Internal Revenue Service, the Securities and Exchange Commission and other federal agencies to ensure his company was compliant with the law. Jackson added that, on more than 300 occasions they provided the government with information regarding individuals government agencies believed were breaking the law. The case against G&SR, operators of the e-gold payment system, has been filed in Washington DC courts. Here are some of the filings, apparently from the PACER system, which is a US Government site for court documents. [Thanks to Ian Grigg and his excellent Financial Cryptography blogg https://www.financialcryptography.com/mt/archives/000640.html for the following links] www.financialcryptography.com/download/Complaint_e-gold.pdf www.financialcryptography.com/download/Doc3e-gold.pdf www.financialcryptography.com/download/Doc4e-gold.pdf www.financialcryptography.com/download/Doc5e-gold.pdf www.financialcryptography.com/download/Doc6e-gold.pdf www.financialcryptography.com/download/Doc7e-gold.pdf Steve [Portions of the preceding were excerpted from a January 6, 2006 article in Florida Today] From dave at farber.net Fri Jan 27 16:08:37 2006 From: dave at farber.net (David Farber) Date: Fri, 27 Jan 2006 19:08:37 -0500 Subject: [IP] Legal FAQs on NSA Wiretaps Message-ID: Begin forwarded message: From rah at shipwright.com Fri Jan 27 16:35:34 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 27 Jan 2006 19:35:34 -0500 Subject: Encryption Using Chaos Message-ID: --- begin forwarded text Date: Fri, 27 Jan 2006 19:10:42 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: Encryption Using Chaos The Wall Street Journal January 27, 2006 3:20 p.m. EST MIT TECHNOLOGY REVIEW Encryption Using Chaos Lasers that "hide" messages could mean more foolproof security in online transactions By KATE GREENE January 27, 2006 3:20 p.m. You know that eBay Inc. purchase you made? The online credit card payment you sent? The bank statement you checked at your computer? These transactions contained sensitive information about you that, for the most part, is kept private thanks to encryption software that scrambles the message before it's sent (and unscrambles it once it's received by the intended party). But software is not the only way to protect digital information. Now researchers are looking at ways to exploit lasers with chaotically fluctuating signals, to add an extra layer of privacy to messages sent over fiber-optic lines. By slipping a message into such a laser beam, decrypting the message requires a nearly identical laser to receive it -- a process that's not readily accessible to most people. To demonstrate the feasibility of the technology, Claudio Mirasso of the Universitat de les Illes Balears in Palma de Mallorca, Spain, and his team recently showed that chaotic lasers can send and receive a message over about 75 miles of commercially laid fiber optics. Even more impressive: The transmission rate was one gigabyte of chaos-encrypted information per second -- comparable to that of most commercial data transmissions. It was a major step that, for the first time, put this exotic encryption technique into the real world. 1 Also in MIT Technology Review (www.technologyreview.com2) * Moore's Law Lives * Solar-Powered Nanomotors * Finding Land Mines Faster In order to send a message within a chaotic beam of light, Mr. Mirasso explains, the message must first be converted into an optical signal. It is then fed into a laser that passes it along within the laser's beam. The researchers then heighten the naturally occurring chaos in the beam and feed the message into it. This message-plus-chaos is sent to a nearly identical laser that receives it within its lasing cavity -- the innards of a laser where photons are stimulated and emitted. At this point, Mr. Mirasso says, a phenomenon called chaotic synchronization takes over. This process, admittedly not entirely understood by scientists, makes the receiving laser's output match the message-plus-chaos of the sending laser. Then, to decrypt the original message, the chaos -- a known signal from the sending laser -- is subtracted from the receiving laser's beam, revealing the hidden information. Before chaotic message encryption hits the big time, however, it must be shown to be as robust as traditional optical signals. In the Jan. 1 issue of IEEE Photonic Technology Letters, a group has announced that they've tested the mettle of a chaos-encrypted message by relaying it through an intermediary laser. This step is crucial, explains Alan Shore of the University of Wales in Bangor, because commercial systems use relay stations to boost the distance a message can travel, and chaos-encrypted messages need to be just as strong as other information sent through a network. Mr. Shore's research also shows that it is possible to "send out messages to more than one receiver and extract messages at an intermediary stage," a common occurrence in standard optical networks. Mr. Mirasso's next project involves developing "compact devices for chaos-based optical communication." Still, he notes, some issues with the technology need to be addressed. For instance, researchers still need to quantify the level of security they can offer "compared to other [techniques] like software-based encryption or quantum cryptography," he says. Mr. Mirasso estimates that using lasers to keep information private is roughly five years away from commercial viability. This article appeared Jan. 24, 2006 on the Web site of Technology Review, an MIT Enterprise. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Fri Jan 27 10:36:55 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 27 Jan 2006 19:36:55 +0100 Subject: New Poll Finds Half of U.S. Needs Killing Message-ID: <20060127183655.GB2301@leitl.org> http://www.nytimes.com/2006/01/27/politics/27poll.html?ei=5094&en=b93f38e07b4 d88d0&hp=&ex=1138424400&partner=homepage&pagewanted=all New Poll Finds Mixed Support for Wiretaps David Scull for The New York Times President Bush at his news conference Thursday. The latest polls show that public opinion on Mr. Bush's surveillance program is still unresolved. * E-Mail This * Printer-Friendly * Reprints * Save Article Article Tools Sponsored By By ADAM NAGOURNEY and JANET ELDER Published: January 27, 2006 Americans are willing to tolerate eavesdropping without warrants to fight terrorism, but are concerned that the aggressive antiterrorism programs championed by the Bush administration are encroaching on civil liberties, according to the latest New York Times/CBS News poll. In a sign that public opinion about the trade-offs between national security and individual rights is nuanced and remains highly unresolved, responses to questions about the administration's eavesdropping program varied significantly depending on how the questions were worded, underlining the importance of the effort by the White House this week to define the issue on its terms. The poll, conducted as President Bush defended his surveillance program in the face of criticism from Democrats and some Republicans that it is illegal, found that Americans were willing to give the administration some latitude for its surveillance program if they believed it was intended to protect them. Fifty-three percent of the respondents said they supported eavesdropping without warrants "in order to reduce the threat of terrorism." The results suggest that Americans' view of the program depends in large part on whether they perceive it as a bulwark in the fight against terrorism, as Mr. Bush has sought to cast it, or as an unnecessary and unwarranted infringement on civil liberties, as critics have said. In one striking finding, respondents overwhelmingly supported e-mail and telephone monitoring directed at "Americans that the government is suspicious of;" they overwhelmingly opposed the same kind of surveillance if it was aimed at "ordinary Americans." Mr. Bush, at a White House press conference yesterday, twice used the phrase "terrorist surveillance program" to describe an operation in which the administration has eavesdropped on telephone calls and other communications like e-mail that it says could involve operatives of Al Qaeda overseas talking to Americans. Critics say the administration could conduct such surveillance while still getting prior court approval, as spelled out in a 1978 law intended to guard against governmental abuses. The findings came in a poll conducted as Mr. Bush prepares to deliver his fifth State of the Union address on Tuesday. It found that Mr. Bush will face a nation that has grown sour on Washington and skeptical that he will be able to achieve significant progress in health care, the economy, the Iraq war and the cost of prescription drugs for older patients before he leaves office in three years. The poll also signaled concern for Republicans as they prepare to defend their control of the House and the Senate in midterm elections this November. Investigations into Congressional corruption are taking a toll as the elections approach: 61 percent of Americans now hold an unfavorable view of Congress, the highest in 10 years. This finding holds particular peril for Republicans as the party that has been in charge. More than half of the respondents said they believed that most members of Congress would exchange votes for money or favors. Republicans were seen as more likely to be unduly influenced by lobbyists. And the Republican Party is now viewed unfavorably by 51 percent of the nation, its worst rating since Mr. Bush took office. By contrast, 53 percent said they held a favorable view of Democrats. The telephone poll was conducted with 1,229 adults, starting Friday and ending Wednesday. Its margin of sampling error was plus or minus three percentage points. The poll found that Americans were to a large extent perplexed as they weighed conflicting forces: the need presented by Mr. Bush to take extraordinary action to fight terrorism, and a historical aversion to an overly intrusive government. The poll found that 53 percent of Americans approved of Mr. Bush's authorizing eavesdropping without prior court approval "in order to reduce the threat of terrorism"; 46 percent disapproved. When the question was asked stripped of any mention of terrorism, 46 percent of those respondents approved, and 50 percent said they disapproved. At the same time, 64 percent said they were very or somewhat concerned about losing civil liberties as a result of antiterrorism measures put in place by Mr. Bush since the attacks of Sept. 11. And respondents were more likely to be concerned that the government would enact strong antiterrorism laws that excessively restrict civil liberties than they were that the government would fail to enact antiterrorism laws. The poll was conducted just as the White House commenced an elaborate campaign to defend the surveillance program, and thus may have been too early to offer a full measure of that campaign's effectiveness. There were no measurable changes in the poll findings from one day to the next. The findings, and follow-up interviews with some participants, clearly suggest that Mr. Bush has an opportunity to make the dispute over the program play to his political advantage. He has been pointing to the threat of another terrorist attack to justify the eavesdropping program and is trying, for the third election in a row, to suggest that he and his party are more aggressive about protecting the nation than are Democrats. "Say they're targeting someone in Al Qaeda outside the country, and that person then calls someone in the United States about a plot or something really bad: I don't have a problem with that phone being monitored," Debbie Viebranz, 51, a Republican from Ohio, said in a follow-up interview. "But I don't think they should do it for no reason." Donnis Wells, 69, a Republican from Florence, Miss., said: "I don't think civil liberties are the more important thing we need to handle right now. I think we need to protect our people." Still, interviews reflected clear apprehension about the program. "If there is a warrant and done by the courts, I would agree," said Robert Ray, 54, an independent from Kentucky. "But they're trying to do it without using the courts. I just don't trust them." In the poll, 70 percent of respondents said they would not be willing to support governmental monitoring of the communications of "ordinary Americans"; 68 percent said they would be willing to support such monitoring of "Americans the government is suspicious of." Beyond surveillance, the poll found that Americans hold unfavorable views of the president and the Republican-controlled Congress as Mr. Bush prepares to give his State of the Union speech. Americans, while declaring themselves generally optimistic about the next three years under Mr. Bush, do not expect him to accomplish very much in that time. When Mr. Bush leaves office, respondents said, the deficit will be larger than it is today, the elderly will be being paying more for prescription drugs, and the economy and the health care system will be the same as today, or worse. Mr. Bush is viewed favorably by 42 percent of the respondents, statistically the same as in the last Times/CBS News poll, in early December, a lackluster rating that could hamper his ability to rally public opinion behind his agenda and push legislation through a divided Congress. Beyond that, nearly two-thirds of the country thinks the nation is on the wrong track, a level that has historically proved to be a matter of concern for a party in power. A majority said they were dissatisfied with the way Mr. Bush was managing the economy and the war in Iraq. Public approval for his handling of the campaign against terrorism, once one of his greatest political strengths, has rebounded somewhat from last fall, but remains well below where it was for the first two years after the Sept. 11 attacks. Most strikingly, the poll found abundant evidence of public unhappiness with Congress. While it is risky to draw conclusions about Congressional elections from national measurements of discontent . for example, more than half of all Americans said they were satisfied with the job their member of Congress was doing . the findings underscored the tough electoral environment that has led some analysts to predict significant Republican losses this fall. The corruption investigations appear to account for a lot of the dissatisfaction. Nearly 80 percent of respondents said that the kind of influence-peddling revelations that have emerged in the investigation of the lobbyist Jack Abramoff reflected the "way things work in Congress" and were not isolated incidents. More than 50 percent said most members of Congress "accept bribes or gifts that affect their votes." "It seems like the integrity of Congress members in the last few years has just gone to pot," said Donald Pertuis, 54, an independent voter from Hot Springs, Ark. Mr. Pertuis added: "In the last 20 years, greed has accelerated. People expect more, I suppose, and want to work less." Marjorie Connelly, Marina Stefan and Megan Thee contributed reporting for this article. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From justin-cypherpunks at soze.net Fri Jan 27 13:21:23 2006 From: justin-cypherpunks at soze.net (Justin) Date: Fri, 27 Jan 2006 21:21:23 +0000 Subject: Ye Olde Rummy's PsyOps In-Reply-To: <20060127203006.GP2301@leitl.org> References: <20060127203006.GP2301@leitl.org> Message-ID: <20060127212123.GA17257@arion.hive> On 2006-01-27T21:30:06+0100, Eugen Leitl wrote: > http://news.bbc.co.uk/2/hi/americas/4655196.stm > > "Psyops messages will often be replayed by the news media for much larger > audiences, including the American public," it goes on. > > The document's authors acknowledge that American news media should not > unwittingly broadcast military propaganda. "Specific boundaries should be > established," they write. But they don't seem to explain how. Empty rhetoric. The government has no interest in shielding the American public from propaganda. In fact, isn't propaganda more effective at convincing "soft" people living in relative luxury in a developed nation than it is at convincing freedom fighters -- I mean terrorists -- and their neighbors in the rest of the world?[0] Certainly it can make a difference if people in other countries support your cause, but the much more immediate concern is whether the American people support it. They can vote you out of office, or can complain to Congress which can get your funding cut. If the American people are on-board, you can blunder all you want on foreign soil, or on U.S. soil for that matter. [0] Who started the "one man's terrorist is another man's freedom fighter" meme? I tried to track it down once upon a time and got several possible sources... notably Margaret Thatcher, William Casey (deputy dir of the CIA under Reagan), or Reagan himself. I'm inclined to believe it was Casey, since leaders often adopt views and sayings of their underlings to make themselves look smart. -- The six phases of a project: I. Enthusiasm. IV. Search for the Guilty. II. Disillusionment. V. Punishment of the Innocent. III. Panic. VI. Praise & Honor for the Nonparticipants. From eugen at leitl.org Fri Jan 27 12:30:06 2006 From: eugen at leitl.org (Eugen Leitl) Date: Fri, 27 Jan 2006 21:30:06 +0100 Subject: Ye Olde Rummy's PsyOps Message-ID: <20060127203006.GP2301@leitl.org> http://news.bbc.co.uk/2/hi/americas/4655196.stm US plans to 'fight the net' revealed By Adam Brookes BBC Pentagon correspondent A newly declassified document gives a fascinating glimpse into the US military's plans for "information operations" - from psychological operations, to attacks on hostile computer networks. Internet cafe in Iraq The document says information is "critical to military success" Bloggers beware. As the world turns networked, the Pentagon is calculating the military opportunities that computer networks, wireless technologies and the modern media offer. >From influencing public opinion through new media to designing "computer network attack" weapons, the US military is learning to fight an electronic war. The declassified document is called "Information Operations Roadmap". It was obtained by the National Security Archive at George Washington University using the Freedom of Information Act. Officials in the Pentagon wrote it in 2003. The Secretary of Defense, Donald Rumsfeld, signed it. Information Operations Roadmap Most computers will open PDF documents automatically, but you may need to download Adobe Acrobat Reader. Download the reader here The "roadmap" calls for a far-reaching overhaul of the military's ability to conduct information operations and electronic warfare. And, in some detail, it makes recommendations for how the US armed forces should think about this new, virtual warfare. The document says that information is "critical to military success". Computer and telecommunications networks are of vital operational importance. Propaganda The operations described in the document include a surprising range of military activities: public affairs officers who brief journalists, psychological operations troops who try to manipulate the thoughts and beliefs of an enemy, computer network attack specialists who seek to destroy enemy networks. All these are engaged in information operations. US Defense Secretary at the Pentagon The wide-reaching document was signed off by Donald Rumsfeld Perhaps the most startling aspect of the roadmap is its acknowledgement that information put out as part of the military's psychological operations, or Psyops, is finding its way onto the computer and television screens of ordinary Americans. "Information intended for foreign audiences, including public diplomacy and Psyops, is increasingly consumed by our domestic audience," it reads. "Psyops messages will often be replayed by the news media for much larger audiences, including the American public," it goes on. The document's authors acknowledge that American news media should not unwittingly broadcast military propaganda. "Specific boundaries should be established," they write. But they don't seem to explain how. "In this day and age it is impossible to prevent stories that are fed abroad as part of psychological operations propaganda from blowing back into the United States - even though they were directed abroad," says Kristin Adair of the National Security Archive. Credibility problem Public awareness of the US military's information operations is low, but it's growing - thanks to some operational clumsiness. When it describes plans for electronic warfare, or EW, the document takes on an extraordinary tone. It seems to see the internet as being equivalent to an enemy weapons system Late last year, it emerged that the Pentagon had paid a private company, the Lincoln Group, to plant hundreds of stories in Iraqi newspapers. The stories - all supportive of US policy - were written by military personnel and then placed in Iraqi publications. And websites that appeared to be information sites on the politics of Africa and the Balkans were found to be run by the Pentagon. But the true extent of the Pentagon's information operations, how they work, who they're aimed at, and at what point they turn from informing the public to influencing populations, is far from clear. The roadmap, however, gives a flavour of what the US military is up to - and the grand scale on which it's thinking. It reveals that Psyops personnel "support" the American government's international broadcasting. It singles out TV Marti - a station which broadcasts to Cuba - as receiving such support. It recommends that a global website be established that supports America's strategic objectives. But no American diplomats here, thank you. The website would use content from "third parties with greater credibility to foreign audiences than US officials". It also recommends that Psyops personnel should consider a range of technologies to disseminate propaganda in enemy territory: unmanned aerial vehicles, "miniaturized, scatterable public address systems", wireless devices, cellular phones and the internet. 'Fight the net' When it describes plans for electronic warfare, or EW, the document takes on an extraordinary tone. It seems to see the internet as being equivalent to an enemy weapons system. "Strategy should be based on the premise that the Department [of Defense] will 'fight the net' as it would an enemy weapons system," it reads. The slogan "fight the net" appears several times throughout the roadmap. The authors warn that US networks are very vulnerable to attack by hackers, enemies seeking to disable them, or spies looking for intelligence. "Networks are growing faster than we can defend them... Attack sophistication is increasing... Number of events is increasing." US digital ambition And, in a grand finale, the document recommends that the United States should seek the ability to "provide maximum control of the entire electromagnetic spectrum". US forces should be able to "disrupt or destroy the full spectrum of globally emerging communications systems, sensors, and weapons systems dependent on the electromagnetic spectrum". Consider that for a moment. The US military seeks the capability to knock out every telephone, every networked computer, every radar system on the planet. Are these plans the pipe dreams of self-aggrandising bureaucrats? Or are they real? The fact that the "Information Operations Roadmap" is approved by the Secretary of Defense suggests that these plans are taken very seriously indeed in the Pentagon. And that the scale and grandeur of the digital revolution is matched only by the US military's ambitions for it. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From YEPILTYDMTZDVV at hotmail.com Fri Jan 27 10:47:55 2006 From: YEPILTYDMTZDVV at hotmail.com (Gayle Boone) Date: Fri, 27 Jan 2006 21:47:55 +0300 Subject: Look...Here ZV Message-ID: <4A777EE3.7684.9115C2D5@localhost> Huge selection of meds available at attractive prices. Highest quality assured. Try us out today.. http://seesproof.com 6hd From DVDMVSRI at yahoo.com Fri Jan 27 13:29:11 2006 From: DVDMVSRI at yahoo.com (Bridget Mcnair) Date: Sat, 28 Jan 2006 02:29:11 +0500 Subject: Pay Less Today aWem Message-ID: Hey Guys, I was so happy I took adavantage of this Refinance offer, I thought I would share it with you.I locked in a 3.75 Rate before the increases started and got the cash I needed before the Holiday. It took me less than 1 Min to fill out this form and get started. http://KacI.neckthu.com/af out of maaei ling: http://Oy.neckthu.com/rem k6Nqye From rvh40 at insightbb.com Sat Jan 28 06:54:04 2006 From: rvh40 at insightbb.com (Randall) Date: January 28, 2006 6:54:04 PM EST Subject: No subject Message-ID: cyberia Subject: Downloading equals manufacturing. http://www.sciencedaily.com/upi/?feed=TopNews&article=UPI-1-20060127-19534200-bc-us-childporn.xml Mich. court: Downloading porn is making it MUSKEGON, Mich., Jan. 27 (UPI) -- A Michigan appeals court has ruled that downloading child pornography from the Internet can be charged as "making" the material. Making or manufacturing child pornography is a felony in Michigan with a potential sentence of 20 years in prison. The court upheld the position of the Muskegon County prosecutor in the case of former Egelston Township Treasurer Brian Hill, the Muskegon Chronicle reported. Hill is awaiting trial. The court ruling has put his case on the docket, although the issue is likely to be decided by the state Supreme Court. His lawyer argued that downloading pornography should be charged as possession, which carries a maximum penalty of four years. "It's groundbreaking law in the area of computers and pornography," said prosecutor Tony Tague. "This decision will provide a tool to prosecutors across the state, particularly in curbing and prosecuting child pornography." The court decision is here: http://courtofappeals.mijud.net/documents/OPINIONS/FINAL/COA/20060124_C264361_40_264361.OPN.PDF It says, in part: After reviewing the dictionary definition of the word make, the circuit court stated that the bottom line was that, following the mechanical and technical act of burning images onto the CD-Rs, something new was created or made that did not previously exist. _______________________________________________ Cuckoosnest mailing list ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE From eugen at leitl.org Sat Jan 28 00:01:03 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 28 Jan 2006 09:01:03 +0100 Subject: [dave@farber.net: [IP] Legal FAQs on NSA Wiretaps] Message-ID: <20060128080103.GU2301@leitl.org> ----- Forwarded message from David Farber ----- From joehall at gmail.com Sat Jan 28 10:34:55 2006 From: joehall at gmail.com (Joseph Lorenzo Hall) Date: Sat, 28 Jan 2006 10:34:55 -0800 Subject: Running a Tor exit node on an academic network? Message-ID: On 1/27/06, Chris Palmer wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Arrakistor wrote: > > > I am trying to do the same thing. I would be interested in any help along these lines as well! > > Yes, maybe it's a conversation best had on-list rather than off-. The main reason I didn't want to send my justification document to the list is that it might expose my strategy (and any deliberation about it) to the networking people if they monitor this list. I suppose that might be the plays-with-lawyers-well side of me. I could send it if others think it would be helpful (and I guarantee that I'll write up my struggle next week after they've passed judgement on my proposal). I guess I'll just paraphrase the issues and academic stuff: * They want to make sure that my Tor server is not used to attack services/computers on the campus network. Proposal: block all exit traffic to campus IP addresses. * The Library has electronic subscriptions to certain services that are based on IP addresses only. Proposal: block exit connections to those IP addresses given a list or build a list as needed. The eventual list could be thousands of IP addresses long which would have a undetermined impact on Tor's performance. * They're not confident that Tor will obey its exit policies. Proposal: include kernel-level software firewall and possibly a hardware-based firewall device on the Tor box. * They're concerned about bandwidth (although this one is not a biggie). Proposal: limit to 5% of my departments bandwidth (5MBit/s) and then explore burst settings and see how this impacts our department. As for academic justification, in addition to Dean, Sysadmin. and multiple Faculty supporters I've noted that: * We have a postdoc that works on reputation systems in anonymous routing. * Journalism and Law students need a way to be able to communicate with clients/sources and do competitive analyses in a private, secure fashion.[1] * Faculty need to be able to do research on student and faculty candidates without exposing their institutional affiliation.[1] * Students at our school have expressed interest in using our Tor node to incorporate onion-routing concepts into client-side privacy protection tools and research tools (like hidden surveys and such). * Students in networking, privacy, security and cryptography classes (such as myself) could tinker with our Tor node and get hands-on experience with onion-routing, cryptography an anonymity tools. [1] Neither of these require a Tor node (exit or middleman) on campus... but I'd like to make a convincing case that we need to be supporting the network if we're going to be using its services. I would appreciate any comments on any of this... -Joe > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (Darwin) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFD2uqjsobNj2jkCc0RAsvdAKCCxh/a2chgeLJJ8n4jbEcRZTtZMQCg3bUw > fwKAYmOgMAczuxzQusKiGxw= > =TiNd > -----END PGP SIGNATURE----- > > -- Joseph Lorenzo Hall PhD Student UC Berkeley, School of Information (SIMS) blog: This email is written in [markdown] - an easily-readable and parseable text format. [markdown]: http://daringfireball.net/projects/markdown/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From ptrei at rsasecurity.com Sat Jan 28 09:14:11 2006 From: ptrei at rsasecurity.com (Trei, Peter) Date: Sat, 28 Jan 2006 12:14:11 -0500 Subject: thoughts on one time pads Message-ID: You missed the old standby - the microwave oven. The disk remains physically intact (at least after the 5 seconds or so I've tried), but a great deal of pretty arcing occurs in the conductive data layer. Where the arcs travel, the data layer is vapourized. The end result is an otherwise intact disk in which the data layer is broken up into small intact islands surrounded by clear channels. It might be interesting to try a longer burn, in which case you might also want to put a glass of water in with the disk(s) to preserve the microwave's electronics. This is probably less effective than the other methods you've described, but its very fast and leaves no noxious residues. It also uses a very commonly available tool. Peter Trei -----Original Message----- From: owner-cryptography at metzdowd.com [mailto:owner-cryptography at metzdowd.com] On Behalf Of Peter Gutmann Sent: Saturday, January 28, 2006 2:25 AM To: cryptography at metzdowd.com; jthorn at aei.mpg.de Subject: Re: thoughts on one time pads Jonathan Thornburg writes: >Melting the CD should work... but in practice that takes a specialized "oven" >(I seriously doubt my home oven gets hot enough), and is likely to >produce toxic fumes, and leave behind a sticky mess (stuck to the >surface of the specialized oven). For no adequately explored reason I've tried various ways of physically destroying CDs: - Hammer on hard surface: Leaves lots of little fragments, generally still stuck together by the protective coating. - Roasting over an open fire: Produces a Salvador Dali effect until they catch fire, then huge amounts of toxic smoke ("fulfilling our carbon tax quota" was one comment) and equally toxic-looking residue. - Propane torch: Melts them without producing combustion products. - Skilsaw: Melts them together at the cutting point, rest undamaged. - Axe: Like skilsaw but without the melting effect. - Using the propane torch and hammer to try and drop-forge a crude double- density CD: Messy. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Sat Jan 28 06:21:11 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 28 Jan 2006 15:21:11 +0100 Subject: [abhishek.hazra@gmail.com: Re: [silk] "outsourcing torture" - a b-school style case study] Message-ID: <20060128142111.GZ2301@leitl.org> ----- Forwarded message from Abhishek Hazra ----- From eugen at leitl.org Sat Jan 28 07:28:00 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 28 Jan 2006 16:28:00 +0100 Subject: [pgut001@cs.auckland.ac.nz: Re: thoughts on one time pads] Message-ID: <20060128152800.GD2301@leitl.org> For low security applications I just (carefully) break them by hand (careful: ballistic polycarbonate, so cover your eyes). Shredding would be good, but it would take an expensive shredder. Sudden thermal stress (liquid nitrogen, etc) might be good enough to delaminate, leaving clear disks behind. ----- Forwarded message from Peter Gutmann ----- From abhishek.hazra at gmail.com Sat Jan 28 04:01:06 2006 From: abhishek.hazra at gmail.com (Abhishek Hazra) Date: Sat, 28 Jan 2006 17:31:06 +0530 Subject: [silk] "outsourcing torture" - a b-school style case study Message-ID: Now we finally learned what we all suspected: the numerous reports and testimonies about the Guantanamo and Abu Ghraib prisons were a trap to distract the attention of the public from the true secret: in the last days, big media reported that the CIA operates secret detention facilities beyond the reach of the law and outside official oversight at bases in two eastern European countries and some other Asian countries. The CIA has not even acknowledged the existence of these "black sites" with "ghost prisoners": to do so could open the U.S. government to legal challenges, since the prisoners are there submitted to "Enhanced Interrogation Techniques" (the US newspeak for torture). The original idea was to hide and interrogate the two dozen or so al Qaeda leaders believed to be responsible for the Sept. 11 attacks, or who posed an imminent threat; but as the CIA began apprehending more people whose intelligence value and links to terrorism were less certain, the original standard for consigning suspects to the invisible universe was lowered or ignored. (Zizek in ArtForum: Biopolitics: Between Terri Schiavo and Guantanamo) http://www.lacan.com/zizartforum1205.htm On 1/28/06, Suresh Ramasubramanian wrote: > > http://davenchit.livejournal.com/15568.html > > > -- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - does the frog know it has a latin name? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From kerrin.jimmiebk6 at gmail.com Sat Jan 28 15:33:57 2006 From: kerrin.jimmiebk6 at gmail.com (Clare Crocker) Date: Sat, 28 Jan 2006 18:33:57 -0500 Subject: Improve sperm integrity Message-ID: <200601281304.k0SD4lpr029668@proton.jfet.org> SPERMAMAX is a scientifically validated herbal nutritional blend to enhance fertility by improving sperm quality, count and motility (spontaneous motion). SPERMAMAX is formulated to: + Improve overall sperm production + Improve sperm quality + Improve sperm integrity + Improve sperm motility + Improve sperm morphology This premium combination of herbs, vitamins and minerals improves overall health and helps address many of the deficiencies known to decrease fertility health. http://lmdejkbghi.victoriaroadmaps.info/?acfbghixwqowylmzsmdejk From eugen at leitl.org Sat Jan 28 09:55:49 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 28 Jan 2006 18:55:49 +0100 Subject: [ptrei@rsasecurity.com: RE: thoughts on one time pads] Message-ID: <20060128175548.GG2301@leitl.org> He's completely correct, of course. Forgot that simple trick -- did it often enough a couple years ago. Water ballast might not be strictly necessary, but it wouldn't hurt. ----- Forwarded message from "Trei, Peter" ----- From dave at farber.net Sat Jan 28 16:17:04 2006 From: dave at farber.net (David Farber) Date: Sat, 28 Jan 2006 19:17:04 -0500 Subject: [IP] Downloading equals manufacturing. Message-ID: Begin forwarded message: From pgut001 at cs.auckland.ac.nz Fri Jan 27 23:24:49 2006 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Sat, 28 Jan 2006 20:24:49 +1300 Subject: thoughts on one time pads Message-ID: Jonathan Thornburg writes: >Melting the CD should work... but in practice that takes a specialized "oven" >(I seriously doubt my home oven gets hot enough), and is likely to produce >toxic fumes, and leave behind a sticky mess (stuck to the surface of the >specialized oven). For no adequately explored reason I've tried various ways of physically destroying CDs: - Hammer on hard surface: Leaves lots of little fragments, generally still stuck together by the protective coating. - Roasting over an open fire: Produces a Salvador Dali effect until they catch fire, then huge amounts of toxic smoke ("fulfilling our carbon tax quota" was one comment) and equally toxic-looking residue. - Propane torch: Melts them without producing combustion products. - Skilsaw: Melts them together at the cutting point, rest undamaged. - Axe: Like skilsaw but without the melting effect. - Using the propane torch and hammer to try and drop-forge a crude double- density CD: Messy. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From rah at shipwright.com Sat Jan 28 17:37:50 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 28 Jan 2006 20:37:50 -0500 Subject: [Clips] US plans to 'fight the net' revealed Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Sat, 28 Jan 2006 20:36:27 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] US plans to 'fight the net' revealed Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com The BBC Friday, 27 January 2006, 18:05 GMT US plans to 'fight the net' revealed By Adam Brookes BBC Pentagon correspondent A newly declassified document gives a fascinating glimpse into the US military's plans for "information operations" - from psychological operations, to attacks on hostile computer networks. Bloggers beware. As the world turns networked, the Pentagon is calculating the military opportunities that computer networks, wireless technologies and the modern media offer. >From influencing public opinion through new media to designing "computer network attack" weapons, the US military is learning to fight an electronic war. The declassified document is called "Information Operations Roadmap". It was obtained by the National Security Archive at George Washington University using the Freedom of Information Act. Officials in the Pentagon wrote it in 2003. The Secretary of Defense, Donald Rumsfeld, signed it. Most computers will open PDF documents automatically, but you may need to download Adobe Acrobat Reader. The "roadmap" calls for a far-reaching overhaul of the military's ability to conduct information operations and electronic warfare. And, in some detail, it makes recommendations for how the US armed forces should think about this new, virtual warfare. The document says that information is "critical to military success". Computer and telecommunications networks are of vital operational importance. Propaganda The operations described in the document include a surprising range of military activities: public affairs officers who brief journalists, psychological operations troops who try to manipulate the thoughts and beliefs of an enemy, computer network attack specialists who seek to destroy enemy networks. All these are engaged in information operations. Perhaps the most startling aspect of the roadmap is its acknowledgement that information put out as part of the military's psychological operations, or Psyops, is finding its way onto the computer and television screens of ordinary Americans. "Information intended for foreign audiences, including public diplomacy and Psyops, is increasingly consumed by our domestic audience," it reads. "Psyops messages will often be replayed by the news media for much larger audiences, including the American public," it goes on. The document's authors acknowledge that American news media should not unwittingly broadcast military propaganda. "Specific boundaries should be established," they write. But they don't seem to explain how. "In this day and age it is impossible to prevent stories that are fed abroad as part of psychological operations propaganda from blowing back into the United States - even though they were directed abroad," says Kristin Adair of the National Security Archive. Credibility problem Public awareness of the US military's information operations is low, but it's growing - thanks to some operational clumsiness. "When it describes plans for electronic warfare, or EW, the document takes on an extraordinary tone. It seems to see the internet as being equivalent to an enemy weapons system" Late last year, it emerged that the Pentagon had paid a private company, the Lincoln Group, to plant hundreds of stories in Iraqi newspapers. The stories - all supportive of US policy - were written by military personnel and then placed in Iraqi publications. And websites that appeared to be information sites on the politics of Africa and the Balkans were found to be run by the Pentagon. But the true extent of the Pentagon's information operations, how they work, who they're aimed at, and at what point they turn from informing the public to influencing populations, is far from clear. The roadmap, however, gives a flavour of what the US military is up to - and the grand scale on which it's thinking. It reveals that Psyops personnel "support" the American government's international broadcasting. It singles out TV Marti - a station which broadcasts to Cuba - as receiving such support. It recommends that a global website be established that supports America's strategic objectives. But no American diplomats here, thank you. The website would use content from "third parties with greater credibility to foreign audiences than US officials". It also recommends that Psyops personnel should consider a range of technologies to disseminate propaganda in enemy territory: unmanned aerial vehicles, "miniaturized, scatterable public address systems", wireless devices, cellular phones and the internet. 'Fight the net' When it describes plans for electronic warfare, or EW, the document takes on an extraordinary tone. It seems to see the internet as being equivalent to an enemy weapons system. "Strategy should be based on the premise that the Department [of Defense] will 'fight the net' as it would an enemy weapons system," it reads. The slogan "fight the net" appears several times throughout the roadmap. The authors warn that US networks are very vulnerable to attack by hackers, enemies seeking to disable them, or spies looking for intelligence. "Networks are growing faster than we can defend them... Attack sophistication is increasing... Number of events is increasing." US digital ambition And, in a grand finale, the document recommends that the United States should seek the ability to "provide maximum control of the entire electromagnetic spectrum". US forces should be able to "disrupt or destroy the full spectrum of globally emerging communications systems, sensors, and weapons systems dependent on the electromagnetic spectrum". Consider that for a moment. The US military seeks the capability to knock out every telephone, every networked computer, every radar system on the planet. Are these plans the pipe dreams of self-aggrandising bureaucrats? Or are they real? The fact that the "Information Operations Roadmap" is approved by the Secretary of Defense suggests that these plans are taken very seriously indeed in the Pentagon. And that the scale and grandeur of the digital revolution is matched only by the US military's ambitions for it. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From eugen at leitl.org Sat Jan 28 13:23:20 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 28 Jan 2006 22:23:20 +0100 Subject: [joehall@gmail.com: Re: Running a Tor exit node on an academic network?] Message-ID: <20060128212319.GJ2301@leitl.org> ----- Forwarded message from Joseph Lorenzo Hall ----- From rah at shipwright.com Sat Jan 28 20:30:13 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 28 Jan 2006 23:30:13 -0500 Subject: [Clips] US plans to 'fight the net' revealed In-Reply-To: <20060129035101.A3D5117110@mail.cypherpunks.to> References: <20060129035101.A3D5117110@mail.cypherpunks.to> Message-ID: At 4:51 AM +0100 1/29/06, Anonymous via the Cypherpunks Tonga Remailer wrote: >Way to be on top of the game. Whoops. I plead feedback through a frog's ass, m'lord... Translated: Saw link here, pulled article off the net through my formatting script, sent it to clips, and then "my oooohhh shiny! cypherpunks forward" reflex kicked. An attention deficit is a terrible thing to waste. In the meantime, fuck off. :-) Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From nobody at cypherpunks.to Sat Jan 28 19:51:01 2006 From: nobody at cypherpunks.to (Anonymous via the Cypherpunks Tonga Remailer) Date: Sun, 29 Jan 2006 04:51:01 +0100 (CET) Subject: [Clips] US plans to 'fight the net' revealed In-Reply-To: Message-ID: <20060129035101.A3D5117110@mail.cypherpunks.to> > --- begin forwarded text > > > Delivered-To: clips at philodox.com > Date: Sat, 28 Jan 2006 20:36:27 -0500 > To: Philodox Clips List > From: "R. A. Hettinga" > Subject: [Clips] US plans to 'fight the net' revealed > Reply-To: rah at philodox.com > Sender: clips-bounces at philodox.com > > Way to be on top of the game. > Date: Fri, 27 Jan 2006 21:30:06 +0100 > From: Eugen Leitl > To: cypherpunks at jfet.org > User-Agent: Mutt/1.5.9i > Subject: Ye Olde Rummy's PsyOps > Message-ID: <20060127203006.GP2301 at leitl.org> > > http://news.bbc.co.uk/2/hi/americas/4655196.stm > > US plans to 'fight the net' revealed From MargoBurtfibrin at eav.egmont.com Sat Jan 28 19:02:34 2006 From: MargoBurtfibrin at eav.egmont.com (Edwin Austin) Date: Sun, 29 Jan 2006 06:02:34 +0300 Subject: Refill Reminder defendant Message-ID: <3DF4FB83.01004@ubp.edu.ar> Xanax and other drugs with wholesale prices. You wont find better prices anywhere! Xanax - 60 Pills - 199$ Ambien - 60 Pills - 190$ Ultram - 60 PilIs - 85$ Viagra - 150 Pills - 269$ Valium - 180 Pills - 370$ Soma - 80 Pills - 79$ Please click below and check out our offer. http://zoror.info/?9356c7Se4ca91ae72020d4b315S971fa tray you iowa me, communicate delta two brighton . jacobsen you missive me, indiana arrangeable figure . burdensome you bustard me, jo podium frog garage . carnage you christina me, sharpen coronet rochester veranda . partridge you chippendale me, macedon . cuba you sabine me, sprang sophomore lax presuming . From bartleby at bluebottle.com Sun Jan 29 07:50:25 2006 From: bartleby at bluebottle.com (bartleby at bluebottle.com) Date: January 29, 2006 7:50:25 AM EST Subject: Observer of London (John Naughton) on Google Message-ID: Google's founding principles fall at great firewall of China John Naughton Sunday January 29, 2006 The Observer The only thing that was surprising about Google's decision to self-censor its China-based service was that people were surprised by it. In the general media coverage, there were many gleeful references to the company's motto - boasted of in the preface to its IPO prospectus - of 'Don't Be Evil' (a phrase which, at the time, caused Wall Street investment bankers to lie down in darkened rooms). ...The Chinese arms of Yahoo and Microsoft had already bent the knee to the local political overlords - Yahoo by handing over personal details of a user to the security authorities, Microsoft by suppressing the blog of a dissenting intellectual. ..It was difficult to decide which was more nauseating - the decision itself or the attempts by the Googlefolk to rationalise it. The argument essayed by co-founder Sergey Brin - essentially that some information is better than none - is simply pathetic. The truth is that when faced with the first really hard moral choice of their young lives, the Google boys copped out. ...Google's capitulation to the Chinese regime prompts some sobering thoughts. One is that while one may occasionally be justified in trusting an individual, one can never, ever place the same kind of trust in a company. That's why all the current concern about 'corporate social responsibility' is ultimately just eyewash. ...Already, it holds the email archives of millions of subscribers to Google Mail, plus records of every web search they ever made. And although it is resisting the attempt of the US government to mount a fishing expedition through those data, nobody doubts that, in the end, Google will comply with the law. ...By joining the Gadarene rush into the Chinese market, Google may have gained short-term advantage. But it has also forfeited its right to our trust. john.naughton at observer.co.uk ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From bob at bobrosenberg.phoenix.az.us Sun Jan 29 11:43:00 2006 From: bob at bobrosenberg.phoenix.az.us (Bob Rosenberg) Date: January 29, 2006 11:43:00 AM EST Subject: BBC News: ID cards are of 'limited value' Message-ID: Dave Perhaps of interest to IP. Bob BBC NEWS ID cards are of 'limited value' http://news.bbc.co.uk/2/hi/uk_news/politics/4659228.stm ID cards would be of "limited value" against terror and would not have prevented the London attacks in July, says the reviewer of anti-terror laws. Liberal Democrat peer Lord Carlile said he had changed his mind on identity cards, which he had previously backed. "I can't think of many terrorist incidents, in fact I can think of very few... that ID cards would have brought to an earlier end," he told GMTV. The bill introducing the ID cards plan is currently going through Parliament. It recently suffered two defeats in the Lords, with peers wanting an entirely voluntary scheme, and ministers wanting people applying for new passports and driving licences to be obliged to go on the ID card register. "ID cards could be of some value in the fight against terrorism but they are probably of quite limited value," Lord Carlile told GMTV's Sunday programme. Civil liberties fear "They would be an advantage but that advantage has to be judged against the disadvantages which Parliament may see in ID cards. "I certainly don't think the absence of ID cards could possibly have any connection with the events of last July. "There may be a gain from the security viewpoint in the curtailment of civil liberties, but Parliament has to be the judge about whether the proportion is right." He added: "I think Parliament is so unenthusiastic about the ID cards that, in reality, this is a debate rather than a reality. "I don't think they will get through a compulsory ID card system immediately." 'Rushed' debate Lord Carlile also said he thought the Terror Bill, debated by the Lords this month, had been "rushed". "I don't think there was a need to rush through the current terror legislation. I would have preferred it to go to a scrutiny committee. "I think it's led to certain issues being muddled by political debate rather than analysis." Ministers say ID cards are needed to fight identity fraud and illegal immigration. The plans were narrowly backed by the Commons last year but the House of Lords tabled a number of amendments aimed at making sure people have a choice. Conservative leader David Cameron has called ID cards a "monument to the failure of big government". His comments followed a report which estimated they would cost ?14.5bn - which the government denies. The government is likely to try to overturn the Lords defeats when the ID cards bill returns to the Commons. Story from BBC NEWS: http://news.bbc.co.uk/go/pr/fr/-/2/hi/uk_news/politics/4659228.stm Published: 2006/01/29 10:54:29 GMT ? BBC MMVI ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From dave at farber.net Sun Jan 29 11:49:52 2006 From: dave at farber.net (David Farber) Date: Sun, 29 Jan 2006 14:49:52 -0500 Subject: [IP] BBC News: ID cards are of 'limited value' Message-ID: Begin forwarded message: From dave at farber.net Sun Jan 29 11:51:21 2006 From: dave at farber.net (David Farber) Date: Sun, 29 Jan 2006 14:51:21 -0500 Subject: [IP] nasty one Observer of London (John Naughton) on Google Message-ID: Begin forwarded message: From eugen at leitl.org Sun Jan 29 08:55:21 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 29 Jan 2006 17:55:21 +0100 Subject: [dave@farber.net: [IP] Downloading equals manufacturing.] Message-ID: <20060129165521.GV2301@leitl.org> That's some really creative interpretation. ----- Forwarded message from David Farber ----- From GRWENNJFZTZTZL at msn.com Sun Jan 29 16:34:22 2006 From: GRWENNJFZTZTZL at msn.com (Ilene Prather) Date: Sun, 29 Jan 2006 19:34:22 -0500 Subject: Qualities Pharrmacy iayD6S Message-ID: <5A427EE3.7684.4915C2D5@localhost> The most complete Phar macy Online We carry all major medds at bargain price Viggra, Ci ialis, VaIium, Xa naax Phantermiine, Ulltraam and etc... SatiisfactIon Gua ranteeed http://uk.geocities.com/dillie29011grace64935/ sBnTp From ttkrjejexx at airbookers.com Sun Jan 29 14:59:20 2006 From: ttkrjejexx at airbookers.com (Beatrice Lang) Date: Sun, 29 Jan 2006 19:59:20 -0300 Subject: Take advantage of special discounts now guys! Message-ID: <138.f0bdd53.9a2b0694@mol.com> A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1341 bytes Desc: not available URL: From eugen at leitl.org Sun Jan 29 13:54:22 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 29 Jan 2006 22:54:22 +0100 Subject: [dave@farber.net: [IP] nasty one Observer of London (John Naughton) on Google] Message-ID: <20060129215422.GE2301@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Sun Jan 29 13:54:27 2006 From: eugen at leitl.org (Eugen Leitl) Date: Sun, 29 Jan 2006 22:54:27 +0100 Subject: [dave@farber.net: [IP] BBC News: ID cards are of 'limited value'] Message-ID: <20060129215427.GF2301@leitl.org> ----- Forwarded message from David Farber ----- From tinker.cayleyo22n at gmail.com Sun Jan 29 06:57:20 2006 From: tinker.cayleyo22n at gmail.com (Summer Hayden) Date: Sun, 29 Jan 2006 22:57:20 +0800 Subject: Take just a candy and become ready for 36 hours of love Message-ID: <200601300257.k0U2v0vo008936@proton.jfet.org> Cialis Soft Tabs is the new impotence treatment drug that everyone is talking about. It has benefits over Viagra and other ED treatment solutions. Here goes some reasons to choose Cialis Soft Tabs: 1. You can mix alcohol drinks with Cialis Soft Tabs without any undesired effects. 2.Cialis Soft Tabs does not make you feel dizzy or make vision blurred, so you can easily drive a car or operate heavy machinery. 3.Cialis soft tabs works much faster than any known ED treatment solution. Cialis Soft Tabs enters the bloodstream directly instead of going through the stomach, thus you need only 15 minutes till you feel the effect. Just look at the graph below If you are interested ? Just click here and Read more about it http://hbflcegm.victoriaroadmaps.info/?adijkcegmxwqowyhzctbfl AND ALSO Cialis Soft Tabs formula is effective for 95% of the patients. If this treatment is not effective for you, we will refund you for every unopened pack. All you have to do is send them back, and we will immediatley refund your account! From DaveHowe at gmx.co.uk Sun Jan 29 17:06:50 2006 From: DaveHowe at gmx.co.uk (Dave Howe) Date: Mon, 30 Jan 2006 01:06:50 +0000 Subject: [dave@farber.net: [IP] Downloading equals manufacturing.] In-Reply-To: <20060129165521.GV2301@leitl.org> References: <20060129165521.GV2301@leitl.org> Message-ID: <43DD66AA.7000607@gmx.co.uk> Eugen Leitl wrote: > That's some really creative interpretation. UK courts have taken the same position for some time - in fact, a stricter position, in that merely VIEWING child porn using a web browser, even accidentally, is Making, a crime for which there is no defense in law. From coderman at gmail.com Mon Jan 30 09:11:26 2006 From: coderman at gmail.com (coderman) Date: Mon, 30 Jan 2006 09:11:26 -0800 Subject: [Clips] All Those NSA Wiretaps Are Just a Friendster in Disguise In-Reply-To: References: Message-ID: <4ef5fec60601300911i2a3828f4k75cbb8c44287a468@mail.gmail.com> On 1/30/06, R. A. Hettinga wrote: > ... > "Here's one more tidbit on wire-taps: They get you free phone service! The > feds tapped the phone of the Sisters of Mercy in Washington D.C. because of > some anti-war stance or something they took in the 1980s. The good sisters > noticed some kind of clicking on the phone at times, and finally decided > that someone must have tapped into their phone. Their solution: Don't pay > the bill so the phone company will have to shut off the phone. The phone > never went dead, and they quit sending them bills! The Feds wouldn't let Ma > Bell shut them down, and probably began paying the bills. The sisters > talked long and free with their friends across the country!" oh man, that's classic! i wonder if i could get them to pay for FiOS... From ip20398470293845 at aquick.org Mon Jan 30 10:05:48 2006 From: ip20398470293845 at aquick.org (Adam Fields) Date: January 30, 2006 10:05:48 PM EST Subject: More detailed queries of what Google stores Message-ID: I asked two very specific questions in a conversation with John Battelle, and he's received unequivocal answers from Google: 1) "Given a list of search terms, can Google produce a list of people who searched for that term, identified by IP address and/or Google cookie value?" 2) "Given an IP address or Google cookie value, can Google produce a list of the terms searched by the user of that IP address or cookie value?" The answer to both of them is "yes". http://battellemedia.com/archives/002283.php -- - Adam ** Expert Technical Project and Business Management **** System Performance Analysis and Architecture ****** [ http://www.everylastounce.com ] [ http://www.aquick.org/blog ] ............ Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].............Wiki [ http://del.icio.us/fields ] ............. Links ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From camera_lumina at hotmail.com Mon Jan 30 08:04:59 2006 From: camera_lumina at hotmail.com (Tyler Durden) Date: Mon, 30 Jan 2006 11:04:59 -0500 Subject: [dave@farber.net: [IP] Downloading equals manufacturing.] In-Reply-To: <43DD66AA.7000607@gmx.co.uk> Message-ID: Hum. So if I LOOK at a video of UK soldiers getting shot, then I've basically done the deed myself, eh? That kind of thinking's going to come in handy over the next few years. -TD >From: Dave Howe >To: Email List - Cypherpunks >Subject: Re: [dave at farber.net: [IP] Downloading equals manufacturing.] >Date: Mon, 30 Jan 2006 01:06:50 +0000 > >Eugen Leitl wrote: > > That's some really creative interpretation. >UK courts have taken the same position for some time - in fact, a stricter >position, in that merely VIEWING child porn using a web browser, even >accidentally, is Making, a crime for which there is no defense in law. From rah at shipwright.com Mon Jan 30 08:10:38 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 30 Jan 2006 11:10:38 -0500 Subject: [Clips] All Those NSA Wiretaps Are Just a Friendster in Disguise Message-ID: --- begin forwarded text Delivered-To: clips at philodox.com Date: Mon, 30 Jan 2006 11:09:17 -0500 To: Philodox Clips List From: "R. A. Hettinga" Subject: [Clips] All Those NSA Wiretaps Are Just a Friendster in Disguise Reply-To: rah at philodox.com Sender: clips-bounces at philodox.com PBS: I, Cringely -- The Pulpit January 26, 2006 The Falafel Connection All Those NSA Wiretaps Are Just a Friendster in Disguise By Robert X. Cringely We'll get back to wiretapping in a moment, but first there's the obvious story this week of Disney buying Pixar, which nobody but me seems to think is about estate planning for Steve Jobs. The guy had 80 percent of his wealth tied-up in Pixar. That kind of holding is very difficult to sell on the open market. A $4 billion sell order? I don't think so. Remember this is someone who less than two years ago had a form of pancreatic cancer that has only a 50 percent five-year survival rate. I'm not saying Jobs is going to die, but I AM saying that he is in a position where he has to think about these things and his financial position at Pixar was untenable for his family, and left him too exposed if Cars turns out to be a lemon. So the sale to Disney gives Jobs a smaller piece of a bigger pie and therefore much easier liquidity. But it also gives him the chance to nag Disney into the 21st century, as I am sure he will. Strong minority shareholders tend to clash with management (look at Ross Perot with General Motors and Ted Turner with Time-Warner), and Jobs will do the same with Disney. He'll push to end Disney's partnership with Microsoft, to bring Disney into the Apple-Intel alliance, and potentially try for some partnership with Sony, too. It's the start of a grand amalgamation based around a combination of content, technology, and networking, and I wouldn't at all be surprised to see it end as a single huge company five years from now with Jobs at the helm. Just as Gil Amelio should have at Apple, Robert Iger from Disney had better be looking over his shoulder. Now back to wiretapping. After last week's column, a number of readers wrote to explain that the National Security Agency's problem with complying with the Foreign Intelligence Surveillance Act (FISA) had to do with the sheer volume of wiretaps involved, which they guessed numbers in the millions or billions. Evidently, these worried readers think, the NSA has been long listening-in to ALL of our calls, and thought that might not go down well with the secret court that issues FISA warrants. I don't think so. The NSA has a very advanced program called Echelon for monitoring radio communication around the world, and probably intercepts a lot of phone calls that way, but for FISA-type wiretaps they tend to use the same outsourcing firms the phone companies use, and these generally tiny outfits can only handle a few thousand taps per year each. By the way, if you are wondering whether YOUR phone could be easily tapped, just check to see if your phone company offers three-way dialing, because that's the feature we're talking about. If you can get it, they can get you. And if you are wondering whether VoIP service can't be tapped, the answer is both yes and no. For the moment, SIP services like Skype can't be tapped but that will change soon. And if you are a Vonage or Packet8 user, well they already have your number. Here's what is most likely going on with the NSA and FISA from a guy who used to work for the NSA: "What I think is going on here is that they're using social network analysis. They get some numbers or endpoints of interest, and start out with classical traffic analysis, which can all be done (as I think you pointed out) with pen registers or their moral equivalent. They look for other numbers, and follow the graph of connections by transitivity. "It's well known that any graph of associations in the real world tends to generate cliques, and that the clique size for a social group of any sort tends to actually be fairly small. This is the 'six degrees of Kevin Bacon' effect. But in a social network, there will also be people with many edges coming to them, and many paths in the transitive closure of the graph of their relationships, and those people are often 'centers.' "In fact, just that sort of analysis was done -- after the fact -- of the 9/11 hijackers (in this week's links). "I would guess that the SNA is used to identify people of interest -- although there would be some false positives, like if they all rented apartments from the same rental management firm, or all ordered from the same we-deliver falafel place. But someone who shows up in the transitive network of a lot of calls from overseas, and is also a high edge-count in the SNA graph, is definitely someone to be interested in. I wouldn't be at all surprised if that's when they apply for a FISA warrant and start actually intercepting." So what we have the NSA doing is probably data mining, calling records in order to identify the people they want to order intercepts on. They are doing it without warrants because they like being sneaky, don't think they could get past the FISA court a warrant for 100 million calling records, and because the FISA law from 1978 probably doesn't distinguish between a pen-trap and an intercept. If that's really the case, this doesn't sound quite as bad as we've feared. I feel better thinking that they are culling calling records rather than listening-in to my conversations. And it makes a lot more sense, from a pure technical capability standpoint. So why couldn't they just tell us? Why couldn't they have simply amended the FISA law to take such activities into account? Because they like to be sneaky, tend to distrust even the people who pay them (that's us), and because they for some reason think that the bad guys won't figure this out for themselves. Duh. This is far from the first instance of such unartful phone tapping, as my friend Mike Class reports from Chicago. Though I didn't know it until we'd been e-mailing back and forth for years, Mike is the Socius to the Provincial -- effectively the number two Jesuit in the Windy City: "Here's one more tidbit on wire-taps: They get you free phone service! The feds tapped the phone of the Sisters of Mercy in Washington D.C. because of some anti-war stance or something they took in the 1980s. The good sisters noticed some kind of clicking on the phone at times, and finally decided that someone must have tapped into their phone. Their solution: Don't pay the bill so the phone company will have to shut off the phone. The phone never went dead, and they quit sending them bills! The Feds wouldn't let Ma Bell shut them down, and probably began paying the bills. The sisters talked long and free with their friends across the country!" -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips at philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Mon Jan 30 10:40:02 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 30 Jan 2006 13:40:02 -0500 Subject: [fc-announce] Financial Cryptography and Data Security '06 - Call for Participation Message-ID: --- begin forwarded text From: Patrick McDaniel To: fc-announce at ifca.ai Subject: [fc-announce] Financial Cryptography and Data Security '06 - Call for Participation Sender: fc-announce-admin at ifca.ai Date: Mon, 30 Jan 2006 08:51:58 -0500 Financial Cryptography and Data Security '06 February 2nd -- March 2nd, 2006 Anguilla, British West Indies http://fc06.ifca.ai EARLY REGISTRATION DATE: FEB 3, 2006 *** Call for Participation and Program *** At its 10th year edition, Financial Cryptography and Data Security (FC'06) is a well established and major international forum for research, advanced development, education, exploration, and debate regarding security in the context of finance and commerce. Kicking off this the 10th year festivities is our Keynote Address by the renowned cryptographer Ron Rivest. One of the most influential figures in cryptography, Ron will review some of his past predictions and lessons learned over the last 10 years, and prognosticate directions for the next decade. The conference will also feature an invited talk by Michael Froomkin, "Are We All Cypherpunks Yet?", about the current legal landscape of Financial Cryptography. Registration for Financial Cryptography 2006 is now open; details and online registration can be found at http://fc06.ifca.ai along with information about discounted hotel accommodation and travel. Financial Cryptography is organized by the International Financial Cryptography Association (IFCA). More information can be obtained from the IFCA web site at http://www.ifca.ai or by contacting the conference general chair, Patrick McDaniel, at mcdaniel at cse.psu.edu. ** Invited Speakers ** Ron Rivest (Keynote) Michael Froomkin ** Panels ** Ten Years of Financial Cryptography, Moderator: Moti Young Identity Management, Moderator: Frank Trotter ** Main Conference Program ** Authentication and Fraud Detection Authentication and Fraud Detection Phoolproof phishing prevention, Bryan Parno and Cynthia Kuo and Adrian Perrig (Carnegie Mellon University) A Protocol For Secure Public Instant Messaging, Mohammad Mannan and Paul C. van Oorschot (School of Computer Science, Carleton University, Canada) Using Automated Banking Certificates to Detect Unauthorized Financial Transactions, C. Corzo, F. Corzo S., N. Zhang, and A. Carpenter (University of Manchester) Privacy Privacy in encrypted content distribution using private broadcast encryption, Adam Barth and Dan Boneh (Stanford University) and Brent Waters (SRI International) A Private Stable Matching Algorithm, Philippe Golle (Palo Alto Research Center) Private Policy Negotiation, Klaus Kursawe and Gregory Neven (Katholieke Universiteit Leuven) and Pim Tuyls (Philips Research Eindhoven) Reputation and Mix-Nets Uncheatable Reputation for Distributed Computation Markets, Bogdan Carbunar (Purdue University) and Radu Sion (Stony Brook University) An Efficient Publicly Verifiable Mix-net for Long Inputs, Jun Furukawa and Kazue Sako (NEC Corporation, Japan) Auditable Privacy: On Tamper-evident Mix Networks, Jong Youl Choi (Indiana University at Bloomington) and Philippe Golle (Palo Alto Research Center) and Markus Jakobsson (Indiana University at Bloomington) Conditional Financial Cryptography A Generic Construction for Token-Controlled Public Key Encryption, David Galindo (Radboud University Nijmegen) and Javier Herranz (INRIA Futurs-Laboratoire d'Informatique (LIX)) Authenticated Key-Insulated Public-Key Encryption and Time-Release Cryptography, Jung Hee Cheon (Dept. of Mathematics, Seoul National Univ., Korea) and Nick Hopper and Yongdae Kim and Osipkov (Dept. of Computer Science and Eng., University of Minnesota-Twin Cities) Conditional Encrypted Mapping and Comparing Encrypted Numbers, Ian F. Blake (Dept. ECE University of Toronto) and Vladimir Kolesnikov (Dept. Comp. Sci. University of Toronto) Revisiting Oblivious Signature-Based Envelopes: New Constructs and Properties, Samad Nasserian (RWTH Aachen University) and Gene Tsudik (University of California, Irvine) Payment Systems Provably Secure Electronic Cash based on Blind Multisignature Schemes, Yoshikazu Hanatani (The University of Electro-Comunications) and Yuichi Komano (Toshiba Corporation) and Kazuo Ohta (The University of Electro-Comunications) and Noboru Kunihiro (The University of Electro-Comunications) Efficient Provably Secure Restrictive Partially Blind Signatures from Bilinear Pairings, Xiaofeng Chen and Fangguo Zhang (Sun Yat-sen University, China) and Yi Mu and Willy Susilo (University of Wollongong, Australia) Privacy-Protecting Coupon System Revisited, Lan Nguyen (CSIRO ICT Centre, Australia) Efficient Protocols Efficient Broadcast Encryption Scheme with Log-Key Storage, Yong Ho Hwang and Pil Joong Lee (Dept. of EEE, POSTECH, Pohang, Korea) Efficient Correlated Action Selection, Mikhail Atallah and Marina Blanton and Keith Frikken and Jiangtao Li (Department of Computer Science, Purdue University) Efficient Cryptographic Protocols Realizing E-Markets with Price Discrimination, Aggelos Kiayias (University of Connecticut) and Moti Yung (RSA Labs & Columbia Univ.) ** Short Papers ** A Practical Implementation of Secure Auctions based on Multiparty Integer Computation, Peter Bogetoft (Food and Resources Economic Institute, The Royal Veterinary and Agricultural University, Denmark) and Ivan Damgaard (Dept. of Computer Science, University of Aarhus) and Thomas Jakobsen (Dept. of Computer Science, University of Aarhus) and Kurt Nielsen (Food and Resources Economic Institute, The Royal Veterinary and Agricultural University, Denmark) and Jakob Pagter (Dept. of Computer Science, University of Aarhus) and Tomas Toft (Dept. of Computer Science, University of Aarhus) Defeating Malicious Servers in a Blind Signatures Based Voting System, Sebastien Canard and Matthieu Gaud and Jacques Traore (France Telecom R&D, France) Pairing Based Threshold Cryptography Improving on Libert-Quisquater and Baek-Zheng, Yvo Desmedt (Information Security, Department of Computer Science, University College London) and Tanja Lange (Technical University of Denmark) Credit transfer within market-based resource allocation infrastructure, Tyler Close (HP Palo Alto) A Note on Chosen-Basis Decisional Diffe-Hellman Assumptions, Michael Szydlo (RSA Laboratories) Cryptanalysis of a partially blind signature scheme or "How to make 100$ bills with 1$ and 2$ ones", Gwenalle Martinet and Guillaume Poupard and Philippe Sola (DCSSI Crypto Lab - France) An Efficient Group Signature with Concurrently-Secure Joining (invited), by I. Teranishi and J. Furukawa (NEC corporation) ** Additional Events ** In addition to the formal conference sessions, there will be an evening Rump Session of informal results and works-in-progress, an afternoon session of presentations by some of our sponsors (including Stefan Roever of Navio and Nicko van Someren of nCipher), and a program of social events (see the conference website for details). ---- We wish to thank the conference sponsors for their invaluable assistance in making this conference possible: Bibit, Everbank, Google, Navio, nCipher, Offshore Information Services. We would also like to thank Telcordia for their technical assistance with the online submission and review process. - _______________________________________________ fc-announce mailing list fc-announce at ifca.ai http://mail.ifca.ai/mailman/listinfo/fc-announce --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From hatdsespdqnmu at yahoo.com Mon Jan 30 06:45:26 2006 From: hatdsespdqnmu at yahoo.com (Robyn Cohen) Date: Mon, 30 Jan 2006 16:45:26 +0200 Subject: You Need This Cypherpunks Message-ID: <68DE87FE.0V24.hatdsespdqnmu@yahoo.com> The most complete Phar macy Online We carry all major medds at bargain price Viggra, Ci ialis, VaIium, Xa naax Phantermiine, Ulltraam and etc... SatiisfactIon Gua ranteeed http://uk.geocities.com/ranice43913ethelin75835/ bJtSKN From DaveHowe at gmx.co.uk Mon Jan 30 12:02:09 2006 From: DaveHowe at gmx.co.uk (Dave Howe) Date: Mon, 30 Jan 2006 20:02:09 +0000 Subject: [dave@farber.net: [IP] Downloading equals manufacturing.] In-Reply-To: References: Message-ID: <43DE70C1.1000508@gmx.co.uk> Tyler Durden wrote: > Hum. So if I LOOK at a video of UK soldiers getting shot, then I've > basically done the deed myself, eh? No, you have made a picture of the deed. if videoing soldiers being shot is illegal, you have therefore committed a crime (it isn't; however, reuters has found to their cost that videoing soldiers shooting unarmed prisoners can get your reporters shot or imprisoned without trial for months...) > That kind of thinking's going to come in handy over the next few years. It already has - of course, with the new Terror laws just passed in the UK, they can now hold you without charge for three months just because they want to.... From segcfvkvbn at jandr.com Mon Jan 30 07:17:20 2006 From: segcfvkvbn at jandr.com (Odell Dennis) Date: Mon, 30 Jan 2006 21:17:20 +0600 Subject: Hey bro, you really should check this out Message-ID: <0.1333714968.1197980757-517966658@topica.com> Don't be left behind! Millions of men are already benefiting from using pheromons to attract women - without them you are at a disadvantage! Don't let the other guy get the girl. Arm yourself with Ultra Allure pheromones tonight! Check out the site for yourself: http://www.sawmaden.info/ph/?77 taught you murky me, tub canto exaltation doctoral . smythe you iv me, andes boson boyar . stale you draftee me, cumberland scam . barkeep you claus me, physiotherapy decor . drowsy you attendant me, bryn primordial countdown . [2 From declan at well.com Mon Jan 30 23:46:08 2006 From: declan at well.com (Declan McCullagh) Date: Mon, 30 Jan 2006 23:46:08 -0800 Subject: [Politech] Google fixes the ban-beer-and-joke-site problem in China [fs] Message-ID: Google has fixed the problem of buggy Chinese censorship: http://news.com.com/2100-1028_3-6032118.html Previous Politech message: http://www.politechbot.com/2006/01/26/google-censors-more/ Also, while we're on the topic, there's a Human Rights Caucus meeting on Wednesday. The caucus asked Google, Microsoft, Yahoo, and Cisco to show, but theyr'e not going to: http://news.com.com/2100-1030_3-6033064.html But they do plan to go to one on Feb. 15 organized by a House International Relations subcommittee. It's chaired by Rep. Chris Smith, R-NJ, who last week accused Google of "collaborating with their persecutors," a reference to China: http://www.house.gov/apps/list/press/nj04_smith/printernetchina.html I'm sure the hearing will be entirely fair and balanced. -Declan _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From declan at well.com Mon Jan 30 23:48:13 2006 From: declan at well.com (Declan McCullagh) Date: Mon, 30 Jan 2006 23:48:13 -0800 Subject: [Politech] Why the cybercrime treaty is privacy-invasive and worrisome, by James Plummer [priv] Message-ID: Politech coverage from two months ago: http://www.politechbot.com/2005/11/29/fuzzy-logic-behind/ http://www.politechbot.com/2005/11/30/cybercrime-treaty-before/ -------- Original Message -------- Subject: for POLITECH - Cybercrime treaty Date: Mon, 30 Jan 2006 11:48:38 -0500 From: James Plummer Reply-To: jplummer at libertycoalition.net To: declan at well.com Declan, I wanted to send you a copy of a piece I wrote last month for Human Events Online about the Convention on Cybercrime for Politech. I don't think this issue is getting enough attention in the "electronic civil liberties" community. If any of your readers want to get more involved in this issue, I invite them to please contact me. ------------------------ *Senate Must Reject Cybercrime Treaty* by James Plummer Posted Dec 08, 2005 An internationalist assault on the sovereignty of the United States and the privacy of U.S. citizens is currently awaiting action by the full Senate. The Council of Europe Convention on Cybercrime is being aggressively pushed by Senate Foreign Relations Chairman Richard Lugar (R.-Ind.), who reported the treaty out from his committee in early November. That should come as little surprise, in that Lugar has also been a leading proponent of the better-known Law of the Sea Treaty (LOST), another key building-block in the structure of world government. Originally conceived as a tool to facilitate international cooperation in the pursuit of computer hackers and the like, the Cybercrime Treaty evolved during 15 years of negotiations to encompass any criminal offense that involves electronic evidence -- which in the 21st century is essentially limitless. As written, it could require more surveillance on Americans who have been accused of violating the laws of foreign countries -- even if they haven't violated U.S. law. Treaty cheerleaders paint menacing pictures of hackers and child pornographers. But in reality the Convention is drafted so broadly that it encompasses virtually every area of law where the possibility exists of computerized evidence. That could affect thousands of innocent people, including not only political dissidents, but also the politically incorrect. Fortunately, one heroic, albeit currently anonymous, conservative senator has placed a "hold" on this Cybercrime Convention, a procedural maneuver that prevents an immediate, unannounced vote on the floor of the whole Senate. Conservatives concerned with sovereignty and the Bill of Rights need to both become aware and raise others' awareness of the dangers posed by the Cybercrime Treaty, lest the Senate acquiesce in this subjugation of Americans to European-style "hate speech" laws through an electronic back door. Lugar's pro-treaty rhetoric belies the broad, expansionary nature of the treaty. He claimed last year, in opening the sole hearing on the treaty, that "Prompt ratification . . . will help advance the security of Americans." That is simply not the case when one considers that the treaty could allow European or even Chinese Communist agents to electronically spy on innocent Americans. And make no mistake, greater control over what we do on the Internet is the goal of the Eurocrats so enamored with global government. This is what Council of Europe Deputy Secretary General Maud de Boer-Buquicchio had to say in mid-November at the "World Summit on the Information Society," hosted by that great human rights champion, Tunis: "The Information Society is clearly in need of a global governance mechanism. The Council of Europe, with its unchallenged human rights expertise, political consultation structures, and solid relationship with civil society, must be party to discussions undertaken at every step of the way concerning internet governance and human rights," she said. The European view of "human rights" includes the shielding from mere criticism of certain protected minorities such as abortionists, third-world immigrants, and homosexuals. The London Times reports that the European Commission has announced its first list of mandatory continent-wide criminal laws and will soon seek to add speech-based crimes such as incitement to hatred to the list. (France has in the past fined California's Yahoo! for an American customer's auction of a vintage Nazi war medal.) De Boer-Buquicchio and other Eurocrats regard the Cybercrime Treaty as one of those "global governance mechanisms" by which to enforce these views. She even went on to press for greater ratification of the Cybercrime Treaty in the very same speech. And so it is no wonder that many leading conservatives have called on the Senate to hold serious, open hearings on this treaty. Leaders from American Conservative Union, Eagle Forum, and Free Congress Foundation, among others, wrote to the Senate in June urging real hearings on these important concerns. But despite these concerns, Lugar has put the treaty on the Senate calendar without conducting serious, probative hearings or investigations, calling only *pro forma* hearings and inviting only treaty supporters from the Justice and State Departments to testify. It's little wonder that the hearings were rigged. An open discussion of the issues at stake could cause many senators to cast a skeptical eye on the treaty, raising as it does many bipartisan concerns similar to those that have stalled expansion of the USA PATRIOT Act in the upper body as of late. Though the treaty is replete with mutual assistance in electronic surveillance, not one of the articles mention privacy. Most egregious in Lugar's ratification report to the full Senate is the voluntary declaration that foreign governments, under the fig leaf of "urgency," be able to order American law enforcement agencies to enforce their orders without judicial review. So even though these foreign orders may be opposition to the U.S. Constitution, no U.S. judge will be able to enforce the Constitution to prevent it. The treaty also has no "dual criminality" requirement, which means federal law enforcement agencies could be investigating Americans for constitutionally-protected activities which offend European sensibilities. Even worse, the Cybercrime Treaty is open to all nations to ratify. That means a future leftist President could even allow Communist China to sign on to the treaty and direct U.S. law enforcement to investigate Chinese dissidents, even Americans, based in the United States. The Convention on Cybercrime would be highly detrimental to American sovereignty and free people everywhere. The Senate should under no circumstances blindly approve such a document. ------------------------------ Copyright (c) 2006 HUMAN EVENTS. All Rights Reserved. -- James Plummer Policy Director Liberty Coalition jplummer at libertycoalition.net _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From codehead at readysetsurf.com Tue Jan 31 00:10:01 2006 From: codehead at readysetsurf.com (codehead at readysetsurf.com) Date: Tue, 31 Jan 2006 00:10:01 -0800 Subject: [>Htech] Blindfolding Big Brother, Sort of Message-ID: From: http://www.technologyreview.com/InfoTech-Software/wtr_16209,300,p1.html Monday, January 30, 2006 Blindfolding Big Brother, Sort of Jeff Jonas is an IBM engineer who specializes in software that infuses powerful search technology with anonymity. By Kate Greene In 1983, entrepreneur Jeff Jonas founded Systems Research and Development (SRD), a firm that provided software to identify people and determine who was in their circle of friends. In the early 1990s, the company moved to Las Vegas, where it worked on security software for casinos. Then, in January 2005, IBM acquired SRD and Jonas became chief scientist in the company's Entity Analytic Solutions group. His newest technology, which allows entities such as government agencies to match an individual found in one database to that same person in another database, is getting a lot of attention from governments, banks, health-care providers, and, of course, privacy advocates. Jonas claims that his technology is as good at protecting privacy as it as at finding important information. Technology Review: Your most recent project at IBM, Anonymous Resolution [formerly known as ANNA], is software that can match a given individual across different databases, but in the process safeguards personal identifiers -- for example, name and social security number -- in those databases. Who would use this software? What problem does it solve? Jeff Jonas: The software is used by organizations that have data, have access to data, or have relationships with other entities with whom they want to exchange data. For example, a bank will take data about its customers and encrypt it. Then they'll send the data to a database marketing company. That company will decrypt it, and match the bank's customers to various records that the marketing company would have. For example, records that show what kind of magazines you subscribe to, how big your house is, the number of children you have, and so on. And then the marketing company will send back to the bank what's called a "database marketing append," so the bank will understand better who its customers are. That's very commonplace. But the risk is that even though the data is encrypted while being transported, it is decrypted by the other party. If the people who are managing that data happen to be corrupt or they have a breech of their system's security, that data's at risk for an unintended disclosure event. TR: How does your software solve this problem? JJ: The technique that we have created allows the bank to anonymize its customer data. When I say "anonymize," I mean it changes the name and address and date of birth, or whatever data they have about an identity, into a numeric value that is nonhuman readable and nonreversible. You can't run the math backwards and compute from the anonymized value what the original input value was. When I went to invent this software, I could have done this with encryption, where the data could be decrypted; but I felt like it would be a stronger privacy product if we didn't invent it that way. So the unique thing about the technique is that instead of me encrypting data and sending it to you, and you decrypting it to use it, the technique allows me to encrypt my data, you to encrypt your data, and this new technology is capable of performing robust matching of identities using only encrypted data. To put [data] on the highest possible privacy grounds, instead of making it encrypted, we actually used one of the components of encryption called one-way hashing that is not reversible. TR: Who currently uses your software? JJ: The current customers are governments that are interested in using this to share data with themselves. This is an interesting notion that I think would be a shock to most citizens of any country: You can walk into any government organization and you'll have one group working on, say, money laundering, and ten doors down you have another group working on drug cartels. The only way they have today to figure out whether they're working on the same person is to play the game that I refer to as Go Fish. That means one of them has to pick up the phone and call the other and say "Majed Moqed? Khalid al Mihdhar? Threes? Tens? Jacks? Twos?" They're not going to read the whole list. This technique allows an entity, whether it's corporate or government, to compare data that's trapped in silos, sensitive data that you wouldn't want to escape. The identity data flows into a central index, and in that index, it figures out when people are the same or related. But it can't tell you the name or the address or the phone number of the people who are the same because it doesn't know. When there's a match, each of the records that match has its pedigree or attribution on it that tells you which system and which record. So it creates a pointer and tells you which record to ask the other group about. TR: And this is obviously useful for counterterrorism. JJ: Here's the scenario: The government has a list of people we should never let into the country. It's a secret. They don't want people in other countries to know. And the government tends to not share this list with corporate America. Now, if you have a cruise line, you want to make sure you don't have people getting on your boat who shouldn't even be in the United States in the first place. Prior to the U.S. Patriot Act, the government couldn't go and subpoena 100,000 records every day from every company. Usually, the government would have to go to a cruise line and have a subpoena for a record. Section 215 [of the Patriot Act] allows the government to go to a business entity and say, "We want all your records." Now, the Fourth Amendment, which is "search and seizure," has a legal test called "reasonable and particular." Some might argue that if a government goes to a cruise line and says, "Give us all your data," it is hard to envision that this would be reasonable and particular. But what other solution do they have? There was no other solution. Our Anonymous Resolution technology would allow a government to take its secret list and anonymize it, allow a cruise line to anonymize their passenger list, and then when there's a match it would tell the government: "record 123." So they'd look it up and say, "My goodness, it's Majed Moqed." And it would tell them which record to subpoena from which organization. Now it's back to reasonable and particular. TR: What were the challenges with developing this software? JJ: One of the challenges is when you one-way hash the data, it becomes "infinitely sensitive." What I mean by that is that the word robert, if you one-way hash it, and take Robert, where the r is capital and not lowercase, the one-way hash generated by this subtle difference is completely different. One of the reasons people didn't try to do this before, or it was believed that maybe it wasn't useful, is that people's identity data is always quite different -- sometimes with a middle initial, sometimes without. Identities just don't show up the same. That was the trick we had to solve: allowing it to match data that's fuzzy while only using one-way hashed values. The trick is in how we prepare the data. Here's a simple example. One list says Bob and one says Rob. Well, we know that both Bob and Rob belong to the same root name, in this case, Robert. So before we anonymize each side, we throw in the most rooted form, which is Robert. So we've added Robert to both lists, and we then one-way hash both lists so it turns out the Robert matches. TR: How is this is based on earlier work you did for Las Vegas casinos? JJ: The ability to figure out if two people are the same despite all the natural variability of how people express their identity is something we really got a good understanding of assisting the gaming industry. We also learned how people try to fabricate fake identities and how they try to evade systems. It was learning how to do that at high speed that opened the door to make this next thing possible. Had we not solved that in the 1990s, we would not have been able to conjure up a method to do anonymous resolution. TR: You've said that 40 percent of your time is spent on privacy and civil liberties issues and that a privacy strategist works with you. Could you give me an example of the sort of things you and your privacy strategist discuss? JJ: When the government has a watch list ?- this, by the way, doesn't have to do with our tech, this is about responsible usage of tech and improved processes -- when you have a watch list, the questions come up: Who's on the list? How can people find out if they're on the list? How can they get off the list if they're not supposed be on it? If a government has a list and they're sharing it, making copies of it, and somebody's removed from the list because they've made a mistake, how can you be sure that they're removed from everywhere else they shared it? Another thing that my privacy strategist and I have been talking about is called an "immutable audit log." TR: What's that? JJ: You want to make sure that someone who is using a secret government system isn't putting their ex-wife in a watch list or searching for their ex-wife or their neighbor just because they're curious. That would be a misuse. An immutable audit log is the notion that every time a user queries for a record, this new kind of audit log records it in an indelible way that's like etching it into stone. In other words, even if a database administrator was in cahoots with them, or the database administrator was a corrupt entity, they couldn't erase their own footprints. TR: Is there anything a person can do, other than living off the grid, to keep their digital trail to a minimum? JJ: Oh, boy -- that's a great, great question. As consumers, we often trade our information, creating a bigger footprint, because of some opportunity being extended to us. And the biggest privacy problem I have with that is when it is a surprise to the consumer. My advice to companies and governments is to avoid consumer surprise. That's one of the most offensive things: when you find out somebody's doing something with your data about which you had no clue. So my advice is to avoid consumer surprise, and that means having some degree of transparency. I believe consumers should be offered the opportunity to opt out. So the organizations that you transact with, the ones that allow the consumer to say "Hey, please don't sell my data" and those organizations that make it easy for the consumer to opt in or out -- I think consumers may eventually flock to those places where they feel the risk of consumer surprise is less. TR: The Department of Justice has subpoenaed some of Google's data, and the company is refusing to cooperate. What is your opinion on this? JJ: I haven't been following this very closely. But let's talk about consumer surprise. I think it would be a surprise to consumers [to find] that they would be identified to the government at individual levels. I think consumers would be less surprised if Google provided just statistics. TR: As an engineer concerned with privacy issues, what is your opinion on the NSA domestic wiretapping program? JJ: I have not read up much on that. I don't know whether it's legal or not legal. I would say if it turns out to be legal and it's going to continue, then I would say, "Could you do it with anonymous data?" TR: As an entrepreneur, you've successfully looked around, found a problem, and solved it with software. In your mind, what is the most important problem to be solved today? JJ: Picture this: We're in a canyon, and on the left there's this wall, and behind it is this back pressure, and that back pressure is "ill-will" that wants to do harm to democracy or the United States. And behind the other wall it is a police surveillance state. And the number of technology options that you have that don't turn you into a police surveillance state and that prevent the ill-will intent on the left are in the middle. There are a very narrow number of solutions between these canyon walls. But the problem is, should ill-will continue to grow, the pressure behind the wall on the left becomes such that, as we march forward through time, the canyon gets narrower and narrower, and eventually you have bad things happening and you have to be a police surveillance state to protect yourself. But the real thing that has nothing to do with technology is, if we don't figure out how to lower ill-will, our future is darker. "Approximately four thousand years ago, aliens invaded Earth and began implementing a diabolical plan to enslave humanity. These aliens have come to be known as "cats." They had one overwhelmingly superior ability. They understood calculus. And humans did not. The plan has been wildly successful and the proof is obvious: cats rule the world and very few humans understand calculus." - Kenn Amdahl and Jim Loats, Calculus for Cats Post message: transhumantech at yahoogroups.com Subscribe: transhumantech-subscribe at yahoogroups.com Unsubscribe: transhumantech-unsubscribe at yahoogroups.com List owner: transhumantech-owner at yahoogroups.com List home: http://www.yahoogroups.com/group/transhumantech/ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/transhumantech/ <*> To unsubscribe from this group, send an email to: transhumantech-unsubscribe at yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From ghicks at cadence.com Tue Jan 31 01:44:04 2006 From: ghicks at cadence.com (Gregory Hicks) Date: January 31, 2006 1:44:04 AM EST Subject: Face and fingerprints swiped in Dutch biometric passport crack Message-ID: Dave: For IP if you wish... A television program claims that the Dutch biometric passport has been "read remotely and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read". The Delft smartcard security specialist Riscure claims to be able to read passport data, including date of birth, facial image and fingerprint, from up to 10 meters away "in around two hours". http://www.theregister.co.uk/2006/01/30/dutch_biometric_passport_crack/ --------------------------------------------------------------------- I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. "A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision." - Benjamin Franklin "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From rah at shipwright.com Tue Jan 31 04:18:41 2006 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 31 Jan 2006 07:18:41 -0500 Subject: [fc-discuss] CFP: The Economics of Securing the Information Infrastructure Message-ID: --- begin forwarded text User-Agent: Microsoft-Entourage/11.1.0.040913 From: "Stuart E. Schechter" To: Subject: [fc-discuss] CFP: The Economics of Securing the Information Infrastructure Sender: fc-discuss-admin at ifca.ai Date: Mon, 30 Jan 2006 19:47:47 -0500 The Workshop on the Economics of Securing the Information Infrastructure http://wesii.econinfosec.org/ October 23-24, 2006 Arlington, VA CALL FOR PAPERS Our information infrastructure suffers from decades-old vulnerabilities, from the low-level algorithms that select communications routes to the application-level services on which we are becoming increasingly dependent. Are we investing enough to protect our infrastructure? How can we best overcome the inevitable bootstrapping problems that impede efforts to add security to this infrastructure? Who stands to benefit and who stands to lose as security features are integrated into these basic services? How can technology investment decisions best be presented to policymakers? We invite infrastructure providers, developers, social scientists, computer scientists, legal scholars, security engineers, and especially policymakers to help address these and other related questions. Authors of accepted papers will have the opportunity to present their work to government and corporate policymakers. We encourage collaborative research from authors in multiple fields and multiple institutions. Submissions Due: August 6, 2006 (11:59PM PST)* ======================================================================== Suggested topics (not intended to be comprehensive) ======================================================================== The economics of deploying security into: The Domain Name System (DNS) BGP & routing infrastructure Email & spam prevention Programming languages Legacy code bases User interfaces Operating systems Code origin authentication Measuring the cost of adding security Liability and legal issues Models of deployment penetration Measuring/estimating damages Empirical studies of deployment Establishing roots of trust Identity management infrastructure Internet politics Securing open source code libraries Antitrust Issues Adding security to/over existing APIs Privacy Issues Data archival & warehousing infrastructure ======================================================================== Program Committee ======================================================================== Alessandro Acquisti Carnegie Mellon University Heinz School of Public Policy & Management Ross Anderson University of Cambridge Jean Camp Indiana University Huseyin Cavusoglu Tulane University Richard Clayton University of Cambridge Steve Crocker Shinkuro / DNSSEC Deployment Working Group Ben Edelman Harvard University Department of Economics Allan Friedman Harvard University Kennedy School of Government Adam M. Golodner Cisco Systems Larry Gordon University of Maryland Smith School of Business Yacov Haimes University of Virginia Cathy Handley U.S. Department of Commerce, National Telecommunications & Information Administration Barry Horowitz University of Virginia Richard Hovey U.S. Federal Communications Commission (FCC) Jeff Hunker Carnegie Mellon University Heinz School of Public Policy & Management M. Eric Johnson The Tuck School of Business at Dartmouth College Jeffrey M. Kopchik U.S. Federal Deposit Insurance Corporation (FDIC) Technology Supervision Branch Steve Lipner Microsoft Marty Loeb University of Maryland Smith School of Business Doug Maughan U.S. Department of Homeland Security (DHS) Science and Technology Directorate Doug Montgomery U.S. National Institute of Standards & Technology Internetworking Technologies Group Milton Mueller Syracuse University School of Information Studies Andrew Odlyzko University of Minnesota Andy Ozment MIT Lincoln Laboratory / University of Cambridge Shari Lawrence Pfleeger RAND Corporation Stuart Schechter MIT Lincoln Laboratory Bruce Schneier Counterpane Internet Security Rahul Telang Carnegie Mellon University Heinz School of Public Policy & Management Andrew Wyckoff Organisation for Economic Cooperation and Development (OECD) ======================================================================== Workshop Sponsors ======================================================================== The Institute for Information Infrastructure Protection (I3P) The Workshop on the Economics of Information Security (WEIS) ======================================================================== Paper Formats and Submission Instructions ======================================================================== See the workshop web site at: http://wesii.econinfosec.og/ _______________________________________________ fc-discuss mailing list fc-discuss at ifca.ai http://mail.ifca.ai/mailman/listinfo/fc-discuss --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From dave at farber.net Tue Jan 31 04:25:52 2006 From: dave at farber.net (David Farber) Date: Tue, 31 Jan 2006 07:25:52 -0500 Subject: [IP] Face and fingerprints swiped in Dutch biometric passport crack Message-ID: Begin forwarded message: From dave at farber.net Tue Jan 31 04:26:52 2006 From: dave at farber.net (David Farber) Date: Tue, 31 Jan 2006 07:26:52 -0500 Subject: [IP] More detailed queries of what Google stores Message-ID: Begin forwarded message: From eugen at leitl.org Tue Jan 31 03:05:40 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 11:05:40 +0000 Subject: [declan@well.com: [Politech] Why the cybercrime treaty is privacy-invasive and worrisome, by James Plummer [priv]] Message-ID: <20060131110540.GI13287@leitl.org> ----- Forwarded message from Declan McCullagh ----- From mgp at ucla.edu Tue Jan 31 11:19:42 2006 From: mgp at ucla.edu (Michael Parker) Date: Tue, 31 Jan 2006 11:19:42 -0800 Subject: [p2p-hackers] Codes for Error Correction in P2P Nets Message-ID: A very good overview of all network coding for the purposes of data distribution (i.e., making digital fountains) can be found at: www.eecs.harvard.edu/~michaelm/postscripts/itw2004.pdf Some of the more interesting and practical codes, such as Raptor codes (discussed at the end of that paper), are covered by patents. Another network coding that is comparable to Raptor codes is Online codes. The following paper, by the creator of Online codes, presents an efficient algorithm for downloading large files using them: http://mnl.cs.stonybrook.edu/home/karthik/BitTorrent/papers/incentives/toread /rateless_codes.ps IIRC, the creator of Online codes -- Petar Maymounkov -- started a company Rateless and was going to patent them. But Online codes fell into the scope of Digital Fountain's patents, who own the Raptor codes. So I don't know who owns the patents for Online codes anymore, but rest assured they're patented :( - Mike Quoting Nigini Oliveira : >Hello All. > >I'm researching these days on some kind of codes that helps the distribution >of data at networks (Error Correcting Codes). I would like to know if >someone have good references (digital in preference) about how the real >systems implements these codes and related ideas. For example: How are the >files divided in pices to be shared? And how the pices are rebuild togheter? > >Thanks. > >-- >Nigini Abilio Oliveira >Mestrando em Computa??o >UFCG - DSC - COPIN >www.nigini.com.br >nigini at gmail.com >nigini at dsc.ufcg.edu.br > _______________________________________________ p2p-hackers mailing list p2p-hackers at zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Tue Jan 31 03:36:30 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 11:36:30 +0000 Subject: [codehead@readysetsurf.com: [>Htech] Blindfolding Big Brother, Sort of] Message-ID: <20060131113630.GT13287@leitl.org> ----- Forwarded message from codehead at readysetsurf.com ----- From eugen at leitl.org Tue Jan 31 03:36:50 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 11:36:50 +0000 Subject: [declan@well.com: [Politech] Google fixes the ban-beer-and-joke-site problem in China [fs]] Message-ID: <20060131113650.GU13287@leitl.org> ----- Forwarded message from Declan McCullagh ----- From eugen at leitl.org Tue Jan 31 06:02:48 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 14:02:48 +0000 Subject: [dave@farber.net: [IP] Face and fingerprints swiped in Dutch biometric passport crack] Message-ID: <20060131140248.GD13287@leitl.org> ----- Forwarded message from David Farber ----- From eugen at leitl.org Tue Jan 31 06:03:27 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 14:03:27 +0000 Subject: [dave@farber.net: [IP] More detailed queries of what Google stores] Message-ID: <20060131140327.GE13287@leitl.org> ----- Forwarded message from David Farber ----- From SEOJD at msn.com Tue Jan 31 09:20:10 2006 From: SEOJD at msn.com (Myrna Plummer) Date: Tue, 31 Jan 2006 14:20:10 -0300 Subject: Doctors Use This Too 1UnEyU Message-ID: The Only Clinically Tested Penis N-largement Pills that works.. - add 1-4 inches to your peniis - 20% thicker - 5x more enjoyable orgasm - or your monneyy back without question ask! Join miilliions of delighted users which has been benefited with "Thunder". http://thunder14.myherb.biz Mu From declan at well.com Tue Jan 31 14:33:30 2006 From: declan at well.com (Declan McCullagh) Date: Tue, 31 Jan 2006 14:33:30 -0800 Subject: [Politech] NSA surveillance: EFF lawsuit; new white paper by ACLU Message-ID: EFF has sued AT&T over its alleged participation in the NSA's surveillance scheme: http://news.com.com/2100-1028_3-6033501.html Complaint: http://www.eff.org/legal/cases/att/att-complaint.pdf BTW I think the ACLU's map (below) is intended to be more fanciful than based on any confirmed participation by U.S. telecom or Internet companies. The closest we've come to actual confirmation was a paragraph buried in the middle of a Los Angeles Times article last month about AT&T, mirrored here and cited in the EFF suit: http://www.libertypost.org/cgi-bin/readart.cgi?ArtNum=122448 Am I missing something? -Declan -------- Original Message -------- Subject: New NSA Spying Map and White Paper Date: Tue, 31 Jan 2006 17:03:56 -0500 From: Barry Steinhardt To: declan at well.com Declan, Politechicals may be interested in a new ACLU white paper and interactive map detailing what is known and suspected about how the NSA's illegal spying on Americans occurs and where the interceptions are likely taking place.. The white paper is entitled "Eavesdropping 101: What Can the NSA Do?" It looks at the probable connections that the NSA has made to the U.S. civilian communications infrastructure. The map shows how the NSA's "surveillance octopus" likely entangles the country. We believe it is the first effort to visually illustrate what is happening. You can find both the white paper and the map at http://www.aclu .org/safefree/nsaspying/23989res20060131.html>http://www.aclu.org/safefree/ns aspying/23989res20060131.html. A complete range of materials can be found at www.nsawatch.org. Barry Steinhardt Director Technology and Liberty Project American Civil Liberties Union (ACLU) _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From dave at farber.net Tue Jan 31 14:19:38 2006 From: dave at farber.net (Dave Farber) Date: Tue, 31 Jan 2006 17:19:38 -0500 Subject: [IP] New NSA Spying Map and White Paper] Message-ID: -------- Original Message -------- Subject: New NSA Spying Map and White Paper Date: Tue, 31 Jan 2006 17:06:48 -0500 From: Barry Steinhardt To: dave at farber.net Dave, The IP list may be interested in a new ACLU white paper and interactive map detailing what is known and suspected about how the NSA's illegal spying on Americans occurs and where the interceptions are likely taking place.. The white paper is entitled "Eavesdropping 101: What Can the NSA Do?" It looks at the probable connections that the NSA has made to the U.S. civilian communications infrastructure. The map shows how the NSA's "surveillance octopus" likely entangles the country. We believe it is the first effort to visually illustrate what is happening. You can find both the white paper and the map at http://www.aclu.org/safefree/nsaspying/23989res20060131.html > http://www.aclu.org/safefree/nsaspying/23989res20060131.html. A complete range of materials can be found at www.nsawatch.org . Barry Steinhardt Director Technology and Liberty Project American Civil Liberties Union (ACLU) ------------------------------------- You are subscribed as eugen at leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From s.schear at comcast.net Tue Jan 31 18:25:12 2006 From: s.schear at comcast.net (Steve Schear) Date: Tue, 31 Jan 2006 18:25:12 -0800 Subject: [codehead@readysetsurf.com: [>Htech] Blindfolding Big Brother, Sort of] In-Reply-To: <20060131113630.GT13287@leitl.org> References: <20060131113630.GT13287@leitl.org> Message-ID: <6.0.1.1.0.20060131181212.048d91f8@mail.comcast.net> At 03:36 AM 1/31/2006, Eugen Leitl cross-posted: >From: http://www.technologyreview.com/InfoTech-Software/wtr_16209,300,p1.html > >Monday, January 30, 2006 >Blindfolding Big Brother, Sort of > >Jeff Jonas is an IBM engineer who specializes in software that >infuses powerful search technology with anonymity. >JJ: The technique that we have created allows the bank to anonymize >its customer data. When I say "anonymize," I mean it changes the >name and address and date of birth, or whatever data they have >about an identity, into a numeric value that is nonhuman readable >and nonreversible. You can't run the math backwards and compute >from the anonymized value what the original input value was. Do you think its creating a hash of normalized data base entries? Oppsss... it is. >TR: And this is obviously useful for counterterrorism. > >JJ: Here's the scenario: The government has a list of people we >should never let into the country. It's a secret. They don't want >people in other countries to know. And the government tends to not >share this list with corporate America. Now, if you have a cruise >line, you want to make sure you don't have people getting on your >boat who shouldn't even be in the United States in the first place. >Prior to the U.S. Patriot Act, the government couldn't go and >subpoena 100,000 records every day from every company. Nah, that's not how its done at all... the U.S. government gets someone (even the cruiseline, which after all is a regulated carrier) to place a back-door in their software so it can be remotely accessed just like the NSA sits on top of peering-pint routers and has a duplicate data stream quitely created so it can sift through passenger logs without asking. Rememeber the bruhaha over the KLM flight that was denied entry into U.S. air space last year when the DHS reported that the flight had two people aboard on their watch list? Now I just wonder who they knew that..... Imagine the possible impact to this clandestine monitoring when people start using the recent 'Gilmore' ruling and traveling (at least domestically) without presenting identify papers. Steve From eugen at leitl.org Tue Jan 31 12:04:13 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 20:04:13 +0000 Subject: NSA Expands, Centralizes Domestic Spying Message-ID: <20060131200413.GK13287@leitl.org> http://blogs.washingtonpost.com/earlywarning/2006/01/nsa_expands_its.html William M. Arkin on National and Homeland Security NSA Expands, Centralizes Domestic Spying Code Name(s) of the Week: DIAZ, Emergejust, Freedom, Highpoint, PASSGEAR, Viceroy The National Security Agency is in the process of building a new warning hub and data warehouse in the Denver area, realigning much of its workforce from Ft. Meade, Maryland to Colorado. The Denver Post reported last week that NSA was moving some of its operations to the Denver suburb of Aurora. On the surface, the NSA move seems to be a management and cost cutting measure, part of a post-9/11 decentralization. "This strategy better aligns support to national decision makers and combatant commanders," an NSA spokesman told the Denver paper. In truth, NSA is aligning its growing domestic eavesdropping operations -- what the administration calls "terrorist warning" in its current PR campaign -- with military homeland defense organizations, as well as the CIA's new domestic operations Colorado. Translation: Hey Congress, Colorado is now the American epicenter for national domestic spying. In May, Dana Priest reported here in The Washington Post that the CIA was planning to shift much of its domestic operations to Aurora, Colorado. The move of the CIA's National Resources Division was then described as being undertaken "for operational reasons." The Division is responsible for exploiting the knowledge of U.S. citizens and foreigners in the United States who might have unique information about foreign countries and terrorist activities. The functions extend from engaging Iraqi or Iranian Americans in covert operations to develop information and networks in their home countries to recruiting foreign students and visitors to be American spies. Aurora is already a reconnaissance satellite downlink and analytic center focusing on domestic warning. The NSA and CIA join U.S. Northern Command (NORTHCOM) in Colorado. NORTHCOM is post 9/11 the U.S. military command responsible for homeland defense. The new NSA operation is located at Buckley Air Force Base in Aurora, at a facility commonly known as the Aerospace Data Facility. According to Government Executive Magazine -- thanks DP -- "NSA is building a massive data storage facility in Colorado, which will be able to hold the electronic equivalent of the Library of Congress every two days." This new NSA data warehouse is the hub of "data mining" and analysis development, allowing the eavesdropping agency to develop and make better use of the unbelievabytes of data it collects but does not exploit. Part of the move to Denver, Government Executive reported, was to expand NSA's base of contractors able to support its increasingly complex intelligence extraction mission. Contracting documents from 2004 and 2005 obtained by this reporter identify numerous Top Secret and compartmented computing and signals intelligence projects being run by prime contractors Lockheed Martin; Northrop Grumman Mission Systems; and Raytheon on behalf of NSA in Colorado to building the domestic warning hub and data warehouse. The projects have the code names DIAZ, Emergejust, Freedom, Highpoint, PASSGEAR, and Viceroy. Ironically, the only federal agency seemingly absent from the domestic intelligence trifecta is the Department of Homeland Security, perpetually out to lunch. Note: A free copy of my book Code Names to any reader who can tell me -- in English -- what any of these programs actually do. -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] From eugen at leitl.org Tue Jan 31 12:35:57 2006 From: eugen at leitl.org (Eugen Leitl) Date: Tue, 31 Jan 2006 20:35:57 +0000 Subject: [mgp@ucla.edu: Re: [p2p-hackers] Codes for Error Correction in P2P Nets] Message-ID: <20060131203557.GQ13287@leitl.org> ----- Forwarded message from Michael Parker ----- From GQLMEFRK at msn.com Tue Jan 31 17:28:15 2006 From: GQLMEFRK at msn.com (Elise Houston) Date: Wed, 01 Feb 2006 02:28:15 +0100 Subject: Quality Medicine Available mk6 Message-ID: <68JJ87FE.0A24.GQLMEFRK@msn.com> Loking for quality meds at affordable price? We have widest range of meds at very competitive price. Money baack guaranteesss... http://ca.geocities.com/marylinda60916rivkah91575/ AFZASs