From hilariotc at mpamedia.com  Sun Jul  1 11:32:52 2012
From: hilariotc at mpamedia.com (=?koi8-r?B?Iu7Jy8nUwSDzxdLHxcXXyd4i?=)
Date: Sun, 1 Jul 2012 10:32:52 -0800
Subject: =?koi8-r?B?OiDw0s/EwcXU09EgxM/NINMg1d7B09TLz80g0M8g8tXCzMXXzy3109DF?=
	=?koi8-r?B?ztPLz83VINvP09PF?=
Message-ID: <000d01cd57af$8adc7750$6400a8c0@hilariotc>

Продается самый красивый дом, входит в 100 лучших домов мира. Рублево-Успенское шоссе, 17 км. от МКАД, Горки-8, на просторном участке.

Видеоролик о доме смотрите по ссылке http://youtu.be/Fi4S1WVgy3I

Телефон специалиста: 8 (495) 6-432-999 Никита.




From eugen at leitl.org  Sun Jul  1 01:37:45 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 1 Jul 2012 10:37:45 +0200
Subject: [ZS] Re: Bitcoin, Empire of void*
Message-ID: <20120701083745.GF12615@leitl.org>

----- Forwarded message from Jacob Schultz <jake at aol.jp> -----


From virtualadept at gmail.com  Sun Jul  1 11:16:54 2012
From: virtualadept at gmail.com (Bryce Lynch)
Date: Sun, 1 Jul 2012 14:16:54 -0400
Subject: [ZS] Neat wallet
Message-ID: <mailman.3549.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012 at 12:42 PM, Dirk Bruere <dirk.bruere at gmail.com> wrote:

> It's going to have to be simpler than that before significant numbers
> of people use it.

Yes and no.  For people who are very concerned about their privacy and
anonymity, chances are their standard OPSEC process is a lot more
involved than this.  Look at Anonymous' OPSEC handbook, for example.

However, this doesn't do much to help legitimize Bitcoin as a
currency.  OPSEC like this screams 'shady' to average folks and
doesn't shine a particularly favorable light upon Bitcoin.  Moreover,
average folks aren't going to want to do this just to pay for an ebook
or cover their AWS bill for the month, they're going to want to click
on a webpage and be done with it.

There is room for both ultra-paranoid OPSEC and having all little mad
money stashed away in Bitcoins.  The two user communities have to grow
at roughly the same rate, though.

-- 
The Doctor [412/724/301/703] [ZS]
https://drwho.virtadpt.net/
"I am everywhere."

-- 
-- 
Zero State mailing list:
http://groups.google.com/group/DoctrineZero

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gmaxwell at gmail.com  Sun Jul  1 12:38:53 2012
From: gmaxwell at gmail.com (Gregory Maxwell)
Date: Sun, 1 Jul 2012 15:38:53 -0400
Subject: [tor-talk] Anonymous Publishing Is Dead.
Message-ID: <mailman.3550.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sat, Jun 30, 2012 at 4:15 PM, Anonymous Person
<anonymousperson90 at in.com> wrote:
> I know it is dead, because I have tried to do it, and I can assure you  it is dead.

I had a similar experience.

When I decided to publish a large collection (30gb) of previously
paywalled (but public domain) JSTOR documents[1] I initially planned
to do so anonymouslyb simply to mitigate the risk of harassment via
the courts. Ultimately, after more consideration I decided to publish
with my name attached and I think it made more of an impact because I
did so (even though quite a few journalists reported it as though it
were a pseudonym)b though if I didn't have even the prospect that I
could publish anonymously I can't say for sure that I would have
started down that road at all.

I perused anonymous publication for some days prior to deciding to not
publish anonymously and I encountered many of the same issues that
Anonymous Person above named at every juncture I hit roadblocksb
though in my case I already had bitcoins, but I couldn't find anyone
to take them in exchange for actually anonymous hosting especially
without access to freenode.   If I'd wanted to emit a few bytes of
text fineb but large amount of data, no.

It's also the case that non-text documents can trivially break your
anonymityb overtly in the case of things like pdf or exif metadata, or
more subtly through noise/defect fingerprints in images. I think I can
fairly count myself among the most technically sophisticated parties,
and yet even I'm not confident that I could successfully publish
anything but simple text anonymously.

The related problems span even further than just the anonymity part of
it.  Even once I'd decided to be non-anonymous I needed hosting that
wouldn't just take the material down (for weeks, if not forever) at
the first bogus DMCA claim (or even in advance of a claim because the
publication was 'edgy').  I ended up using the pirate bayb which
turned out pretty well, though there were some issues where discussion
of my release was silently suppressed on sites such as facebook
because they were hiding messages with links to the pirate bay, and it
was blocked on some corporate networks that utilized commercial
filtering.

So I think that the problems for anonymous publication on the Internet
are actually a subset of a greater problem that there is little
independence and autonomy in access to publishing online. You can't
_effectively_ publish online without the help of other people, and
they're not very interested in helping anonymous people, presumably
because the ratio of trouble to profit isn't good enough.

About the only solutions I can see are:

(1) Provide stronger abuse resistant nymservices so that things like
freenode don't have to block anonymous parties, thus facilitating
person to person interactions.
(2) Improve the security and useability of things like freenet and
hidden services, so that they are usable for publication directly and
provide strong anonymity.

I'm disappointed to see some of the naysaying in this thread. It
really is hard to publish anything more than short text messages
anonymously, at least if you care about the anonymity not being broken
and you want to reach a fairly large audience.



[1] https://thepiratebay.se/torrent/6554331/
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From flyingkiwiguy at gmail.com  Sun Jul  1 08:10:19 2012
From: flyingkiwiguy at gmail.com (Gary Mulder)
Date: Sun, 1 Jul 2012 16:10:19 +0100
Subject: [ZS] Re: Bitcoin, Empire of void*
Message-ID: <mailman.3551.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

My Google Galaxy Nexus already has NFC, and being 6 months old is close to
obsolete. It is very likely the next iPhone will support NFC as well.

Not even considering the future possibilities of Bitcoin, it is fairly
clear that everything in your wallet, credit cards, photo id (retina or
thumb scans using your phone's camera, anyone?), tickets,  cash, etc. will
be integrated into your smartphone within the next 5-10 years.

Peer to peer decentralisation  and strong encryption is the way to keep big
brother out of all of it.

Gary

-- 
-- 
Zero State mailing list:
http://groups.google.com/group/DoctrineZero

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gmaxwell at gmail.com  Sun Jul  1 13:46:38 2012
From: gmaxwell at gmail.com (Gregory Maxwell)
Date: Sun, 1 Jul 2012 16:46:38 -0400
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <mailman.3552.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012 at 3:32 PM, Sam Whited <sam at samwhited.com> wrote:
> Tor is designed to keep people anonymous; this works for both the good
> guys, and the bad. This isn't something the Tor Project needs to fix

There are things the tor project and surrounding community could do to
help here.

For example, If I could anonymously donate $10 to a charity and in
return receive a persistent nym which I could use to get around those
kinds of blocks... I'd be hesitant to misbehave and get my nym
blocked.  (And forums should feel good about whatever small residual
amount of spammers who do buy donation nyms, because even though they
spam their need to keep buying nyms support the charities).

But no practical software infrastructure exists for this sort of thing today.

And until it does any education/advocacy will not go too far because
it doesn't offer much in terms of real alternatives.  "It's not really
so bad." "Yes it is, or we wouldn't have bothered putting in the
blocking in the first place" "er.."
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Sun Jul  1 08:48:33 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 1 Jul 2012 17:48:33 +0200
Subject: [ZS] Re: Bitcoin, Empire of void*
Message-ID: <20120701154833.GT12615@leitl.org>

----- Forwarded message from Gary Mulder <flyingkiwiguy at gmail.com> -----


From warner at lothar.com  Sun Jul  1 17:51:30 2012
From: warner at lothar.com (Brian)
Date: Sun, 01 Jul 2012 17:51:30 -0700
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <mailman.3553.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On 6/14/12 1:02 PM, Zooko Wilcox-O'Hearn wrote:

> Brian has been posting patches that move away from using introducers
> at all in favor of "gossip". Now if I understand correctly, gossip is
> simply "every node is an introducer (in addition to whatever other
> jobs it does)".

Yeah, the general idea is that all nodes provide the "grid-control"
service, in addition to the "storage" service they might be providing
right now. Nodes announce both "grid-control" and "storage" via the same
introducer Announcements as before. The old Introducer becomes a node
that only provides "grid-control", on a pre-published FURL.

"grid-control" lets you publish Announcements (either your own or ones
you're forwarding from others), and subscribe to the same.

Once that is in place, and we have some code to prevent infinite
flooding loops, there are several different approaches you could take:

* fully-connected mesh: every node makes a Foolscap connection to every
  grid-control provider they hear about, subscribe to hear about all
  announcements, and publish any announcements that the other side
  doesn't already know about.
* opportunistic: clients only connect to storage servers, and storage
  servers don't make outbound connections to anybody, but if you *do*
  happen to be connected to someone who also offers "grid-control", then
  connect to their grid-control object too and exchange Announcements
* cluster-of-Introducers: normal nodes don't offer grid-control, but
  multiple Introducers do, and all of them know about each other. All
  nodes connect to all grid-control providers (which means all
  Introducers).
* one Introducer: this is just a degenerate cluster-of-Introducers

> Hrm. This idea of gossip conflicts with my idea that each server
> should attempt to connect to all clients -- and only to clients -- and
> that each client should attempt to connect to all servers -- and only
> to servers (#344, #1086).

I think we can probably accomodate that. I'm optimizing for our two main
use cases: friendnet and paid-service.

In the friendnet, nearly all nodes are both a client *and* a server.
Client-only nodes (like the one I occasionally connect to VG2 to
investigate bug reports), or server-only nodes (imagine a paid storage
server, the "rent-a-friend" idea I've talked about before) are rare. So
ruling out C->C or S->S connections doesn't change very much.

In the paid-service case (allmydata), we don't want clients talking to
each other (they're all behind NAT anyways). But we could allow S->S
connections without problems, and if all servers know about all other
servers, then we could add new servers to the grid by just connecting
them to at least one existing server, and knowledge of them would flood
quickly and reliably to everyone else.

> It would also interact somewhat poorly with #444

Note that we don't need active+online connections to all other nodes all
the time. Connecting with less than 100% duty cycle would still get the
information distributed eventually. What I'm really expecting is that
we'll use Zooko's clever log-scaling flooding techniques (from Mnet) to
limit the amount of traffic and connections but still achieve
rapid+reliable diffusion of knowledge.

> In fact, why do we need to switch from introducers to gossip at all?
> Could we finish the rest of the #466 new-introduction-protocol and
> related accounting infrastructure while leaving the current
> centralized introducer (or the #68 multiple introducers) alone?

They aren't interdependent, for sure. Now that #466 is in trunk, we've
got a handle on Announcements (i.e. the node key that signs each one) so
recipients can make decisions about whether they'll accept the thing
being introduced or not, independently of the channel by which they
received the announcement. *That* is important to unlock alternate
introduction topologies: without signed announcements, the only form of
grid control you can get is to limit who gets access to the Introducer
(as the VG2 folks accomplish by changing the introducer.furl each time
it is accidentally leaked). But with signed announcements, you don't
need control over the channel to retain control over which servers your
client uses, or over which clients your server will serve. You could
even safely use a single massive universe-spanning broadcast channel, if
you could make it efficient enough.

And the first steps of Accounting don't require changes to introduction
at all. These steps will enable tracking of who-uses-what, and manual
control (probably by pasting nodeids into tahoe.cfg) over both
which-servers-should-I-use and which-clients-should-I-accept. This needs
signed announcements (to get a strong nodeid of a server) and signed
accounting-facet-of-storage-server FURLification messages (so clients
can demonstrate control of a key). The main question is whether nodes
which are both clients and servers should have a single key, or two
separate keys (I prefer a single key, because it makes reciprocal
storage-permission grants easier).

The second steps of Accounting, where we try to make things easy and
automatic for our common use cases, is where we start getting into my
Invitation scheme, and is where gossip becomes more interesting. What I
really want is to make it super-easy for a new user to get their node
running and connected to their friend's existing grid. And, more
importantly, for that *first* friend to set up that grid.

Imagine for a moment that we have a nicely-packaged OS-X or debian app,
already distributed via the mac App Store or through apt/etc. And also
imagine that we've got uPnP working (or something equivalent, maybe
involving a relay or some helper service that we run), so NAT isn't a
problem. Then this is my goal:

  The first friend (Alice) hears about Tahoe from her favorite blog, and
  installs it with her favorite package manager. She lauches it for the
  first time, and it asks "start your own grid, or join someone
  else's?", and she picks "start your own". Her node starts up,
  establishes an external IP address, sets itself up to restart at
  reboot, and announces that Alice is now the proud member of a 1-node
  grid, and that she should invite a few friends to join before she'll
  get more than educational value out of the system. She hits the
  "Invite A Friend" button, types Bob's (pet)name and email address into
  the box, and the node sends Bob a message with links to the
  application, instructions, and an invitation code.

  Bob gets Alice's email, downloads+installs the app, and pastes in the
  invitation code. The next thing he sees is a picture of the two-node
  grid, with the Alice and Bob nodes labeled, and he can upload files
  and either retrieve them locally or share them with Alice.

  Later, Alice and Bob invite other people to join in their grid. The
  only grid-specific coordinates that each new member needs is a
  single-use invitation code like "d77hbsmkgeufjpwacu3ywkbwem".
  Eventually, Alice leaves the grid, but her departure doesn't affect
  the remaining members: they can still connect and exchange shares as
  usual.

  All grid members get a control panel where they can see who else is
  using their storage, allow/deny access, and control where their own
  node places shares. By default, anyone who gets invited to join the
  grid gets full access to storage on all members' servers, but access
  can be revoked at any time.

The corresponding story with an AllMyData-like paid-service is:

  Alice visits allmydata.com, signs up for the service with a credit
  card, downloads the client app and gets an invitation code for her
  account. She pastes the invitation code into the "accept an
  invitation" box when her app starts up.

  Her app connects to all AllMyData storage servers and is allowed
  storage access. New servers can be added without Alice's involvement.
  Any subset of the servers can go away without affecting her ability to
  connect to (or learn about) the rest.

To support those stories, I don't want Alice (or AllMyData) to be
running a single Introducer, or even a cluster of Introducers. Alice,
Bob, and the other members of the friendnet should *all* be helping each
other connect to the rest of their grid.. otherwise they have to pay
attention to how many Introducers are present, and who's responsible for
them, and make sure there are enough left available to accomodate
changes.

Does that help explain my interest in gossip-based introduction?

cheers,
 -Brian
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From antispam06 at sent.at  Sun Jul  1 09:39:33 2012
From: antispam06 at sent.at (antispam06 at sent.at)
Date: Sun, 01 Jul 2012 18:39:33 +0200
Subject: [tor-talk] Anonymous Publishing Is Dead.
Message-ID: <mailman.3554.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012, at 14:20, Edward Thompson wrote:
> 2. Email. I signed up for mailoo.org through Tor, I believe. But for all
> practical purposes, you could easily get a disposable e-mail address
> through a Firefox plugin called Bloody Vikings. Otherwise, pretty much
> any web mail will do... just war drive and sign up through the first
> open wi-fi connection you find ;)

Hmm... I already do something like that. And I tell you that most free
providers are a pain to work with. And that includes all the major
players. They are all going to punish you with a long annoying
reidentification which will prove zero security just because you change
location. And they do have the time and computing power just to try to
locate you any other possible way as their business model is tightly
integrated with tracking and selling private data.

Disposable email is good for accessing some resource once. Otherwise is
a pain in the rear.

> 3. Bitcoins. Yes, block chains are not that anonymous, especially
> considering the difficulty of buying them legitimately in the first
> place. How about a coin mixing service like www.bitcoinfog.com? Their
> methodology is very interesting, and it seems like you'd be able to
> 'launder' ordinary coins, bought legitimately through an exchange...
> There are a few other sites like this one:
> http://vzpzbfwsrvhfuzop.onion.to

I spent some time reading about bitcoin. It's a miracle discovery. It's
a proof about non conventional methods being able to compete with the
conventional financial transaction type. But I fail to see the anonimity
side of things. It's so nice. It's sooo geeky. It employs silly terms to
scare the layman like mining. Or worse, it has terms with a clear
equivalent in conventional finance like wallet. My grandma knows she can
watch over her wallet and things would be all right. And if someone
forces her she can go to the police station and declare the theft. Till
version 0.6 there was no protection from theft with BC. Crap concept
with junk application from the point of view of annonimity. Each time
some conspiracy theorist starts making sense I remind myself that people
(programmers are people, aren't they?) are above all stupid followed
closely by lazy. Just take a look at the way FF is developed: in the era
of Facebook developers are doing their best to shed MORE data instead of
patching up the holes. By holes I don't mean Secunia security holes, but
privacy holes.

> 4. Do you really need your own dedicated VPS?! And only in developed
> Western countries? Have you checked out this list of BTC-friendly
> servers:

Actually any service should be checked for its origin or place of doing
business. Always remember the case of Hide My Ass which proved to be
full of Holes if you allow such a gross joke. They weren't keeping logs
till pressured. Than they said everybody is obliged under law to keep
logs. And to prove the indolence of their users: they are still in
business, trapping flies for the government. On the other hand, servers
hosted outside the reach of certain totalitarian governments are blocked
on the crime of spam or copyright infringement. If these were anything
but hassle (see the problems with the free webmail above) yahoo and
google would have offered email only between their users.

> Anyway, my point is that there are ways to acquire BTC, randomised
> enough not to be a concern, after which you can buy all the hosting (and
> related) services your heart desires. And if your threat model
> encompasses an organisation with vast resources, like the NSA for
> example, consider that they haven't yet managed to track down the guys
> running the Silk Road drug site (http://silkroadvb5piz3r.onion)... ;)

Usually this kind of trafic is tolerated because they want to catch a
bigger fish. Sometimes services like that are set up by the
investigating authorities. And some other times they set it up
independently just for the sake of compensating the budget restrictions
(those drones are mighty expensive, mind you).

Cheers
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From warner at lothar.com  Sun Jul  1 19:45:00 2012
From: warner at lothar.com (Brian)
Date: Sun, 01 Jul 2012 19:45:00 -0700
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <mailman.3555.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On 7/1/12 5:56 PM, Tony Arcieri wrote:

> Is there any reason why you can't simply have multiple introducers,
> which may have inconsistent views of the world, but which otherwise
> function identically? Clients can use information gathered from all
> introducers they're connected to in order to make connections to other
> storage nodes. It seems like all that's really missing is a system to
> construct the union of the available storage nodes as enumerated by
> multiple introducers.

That's doable (it's basically what the #68 Google Summer of Code project
produced), and it would be more robust than the current
one-lone-Introducer (and we need the "union of announcements" feature in
any case). But it wouldn't decrease the administrative burden.. in fact
it would be worse than a single introducer.

Imagine a grid that has two Introducers and everybody knows about both
of them (I1 and I2). Now the operator of one (I1) of them announces that
they're going to retire it, so somebody (I3) else volunteers to add a
replacement. We'll start with I1+I2, then have I1+I2+I3, then finish
with I2+I3.

With the #68-GSoC -style "introducer.furls", after the volunteer spins
up I3, everybody in the entire grid has to edit their configs to add
I3's new FURL.

With gossip, the volunteer adds I3 and then they're done. Everyone else
learns about I3 from I1/I2, then remembers I3, and connects to it even
though I1 is gone.

If you generalize this, then all nodes can function as introducers, and
there's no need for dedicated Introducer nodes. As long as at least one
node with a public IP is up at any given time, everybody else can learn
the current state of the world.

cheers,
 -Brian
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From payloadsh51 at joyners.com  Sun Jul  1 05:32:56 2012
From: payloadsh51 at joyners.com (=?koi8-r?B?Iu/UxMXMINDSz8TB1iDHz9TP19nIIMvP1NTFxNbFyiI=?=)
Date: Sun, 1 Jul 2012 21:32:56 +0900
Subject: =?koi8-r?B?58/Uz9fZyiDLwc3Fzs7ZyiDEz80g0M8g08HNz8og19nHz8TOz8ogw8XO?=
	=?koi8-r?B?xSE=?=
Message-ID: <000d01cd5785$a42f90e0$6400a8c0@payloadsh51>

Предлагаю Вам готовый дом со всеми коммуникациями и земельным участком в охраняемом стилизованном поселке по самой выгодной цене. Собственный оборудованный пляж, вид на сосновый бор из окон дома. ИПОТЕКА или рассрочка. Приезжайте, Вам понравиться! Мой телефон - 8 (915) 360-20-49 Алексей




From antispam06 at sent.at  Sun Jul  1 14:35:35 2012
From: antispam06 at sent.at (antispam06 at sent.at)
Date: Sun, 01 Jul 2012 23:35:35 +0200
Subject: [tor-talk] Anonymous Publishing Is Dead.
Message-ID: <mailman.3556.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012, at 15:38, Gregory Maxwell wrote:
> When I decided to publish a large collection (30gb) of previously
> paywalled (but public domain) JSTOR documents[1] I initially planned
> to do so anonymouslyb simply to mitigate the risk of harassment via
> the courts. Ultimately, after more consideration I decided to publish
> with my name attached and I think it made more of an impact because I
> did so (even though quite a few journalists reported it as though it
> were a pseudonym)b though if I didn't have even the prospect that I
> could publish anonymously I can't say for sure that I would have
> started down that road at all.

Bravo! I would have done it anonymously anyway.
 
> It's also the case that non-text documents can trivially break your
> anonymityb overtly in the case of things like pdf or exif metadata, or
> more subtly through noise/defect fingerprints in images. I think I can
> fairly count myself among the most technically sophisticated parties,
> and yet even I'm not confident that I could successfully publish
> anything but simple text anonymously.

That is a MAJOR issue with anonymity. But you are mistaken: not only
text, but HTML / XML can be clean with a careful, but fast examination.
Also the derivates like EPUB. Otherwise, hairy and badly written
standards always will have places to watermark. Imagination is the
limit. That goes for PDF for example. Most of the watermarks could fall
with a succession of conversions which will degrade the quality of the
document, but will erase the less imaginative watermarks (say PDF ->
DJVU -> PDF). To downright criminal formats like .DOC which are ready to
store information about your configuration and private document path.

You could, for example, process PDFs or scans through Abbyy Finereader
which is quite fast and reliable. The OCR results will discard part of
the image fingerprinting if not all and also the metadata.

> So I think that the problems for anonymous publication on the Internet
> are actually a subset of a greater problem that there is little
> independence and autonomy in access to publishing online. You can't
> _effectively_ publish online without the help of other people, and
> they're not very interested in helping anonymous people, presumably
> because the ratio of trouble to profit isn't good enough.

That's because the major players of the Internet are LIVING out of
selling data to third parties. An anonymous individual is not a
liability as they declare, but a loss of revenue. Still, at the time,
they can't really verify everybody so a lot of people just slip in. But
Google and Facebook are pretty decided to close this gap ASAP. And the
less than very big players still can get a nice income out of selling
data, or are plain careless. Myself I'm amazed of how many sites are
ready to share their data with Facebook or Google for free.

> (2) Improve the security and useability of things like freenet and
> hidden services, so that they are usable for publication directly and
> provide strong anonymity.

That is very hard to achieve. Once things become a few clicks away
carelessness shows its head. And people are already so very used to give
their private data expecting someone else to take care and hide it. And
it takes a few more steps in terms of thinking than the regular ways.
Because it's not enough to buy a new GSM prepaid card in order to
receive calls from a third party. Because the phone in which you use the
card has a serial number that is already associated with an identity.
Because nobody from the botherb life can use that number for a chat.
Because you can't spend those extra credits just about to expire by
midnight talking with your dear mother. Because mobile phones reveal
location.

Wikileaks had the advantage of filtering data and protecting the source.
But they could not protect Bradley from talking too much with a
mercenary. People publishing themselves is a huge risk. And that without
couting people trained to find out stuff. It can be as easy as a couple
of exchanged comments.
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From grarpamp at gmail.com  Sun Jul  1 20:48:19 2012
From: grarpamp at gmail.com (grarpamp)
Date: Sun, 1 Jul 2012 23:48:19 -0400
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <mailman.3557.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

> anonymously donate

Well, very few places take cash or money order in the mail. Call
them stupid to not take the money. Then there's AML with bitcoin,
etc.

> a persistent nym

Building a persistent nym is handy if you wish to establish such a
personage for compartemented tasks, etc. However, there are linkable
nyms and unlinkable ones.

Advocating that users or sites evolve to support only linkable nyms
is not a good idea. For example, the 'invite' or 'cell number' type
nym systems are an example of terrible privacy policy.

People need the ability to create new, unlinked, taint free, accounts
whenever they want. They many need more than one persona, or to
come back as a fresh incarnation of themselves when up against
unwarranted/irrational dislike.

> But no practical software infrastructure exists for [nym tech].

Linkable nyms are worthless for some people and purposes, so I've
no problem with that lack.

If I ran a system, I would allow signups from anywhere, no 'recovery'
email, no name, no cell, no geoip. Nothing but username, password,
and a few strong captchas to keep out the bots. Maybe even a time
delay (n days) to calm down the impulse users. AND definitely... a
policy that allows me to nuke misbehaving accounts at will. Because
let's be honest, if you've got the helpdesk cycles to learn all
about VPN's, scrape proxy lists, scrape Tor, sink ip's etc... you've
surely got it to sink accounts on verifiable abuse reports. Come
on people, hitting 'delete' just isn't all that hard, especially
when your policy permits it.

Do NOT penalize those who need multiple random unlinked accounts
by blocking ip's, making up nym systems, etc. Penalize the accounts
that act up. They are the bad ones, not the former.

> This isn't something the Tor Project needs to fix except through
> continued marketing and education.

I would actually donate much more to Tor/EFF project if I could
earmark it for a formal emissary to talk with some of the sites
I've seen implementing bad policy. And hopefully report back to me
with the positive results ...

> I'd suggest emailing the administrator of the forums you're having
> trouble with ... and explain what Tor is ...

... because when I do (under a separate unlinkable nym of course), I
end up ignored as the expendable small guy.

> Tor is more of a hack to give back some privacy. To bring things
> more in line with the romantic image of the Internet. Because
> people want to see the Internet as a nice place where people go
> to share ideas

Exactly! And when I can't use these sites in perfectly good,
responsible, creative and nice ways... because they have implemented
crap blocking policies... it pisses me the fuck off.

Anonymous != evil.
That is what we need to be teaching.
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From antispam06 at sent.at  Sun Jul  1 15:09:56 2012
From: antispam06 at sent.at (antispam06 at sent.at)
Date: Mon, 02 Jul 2012 00:09:56 +0200
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <mailman.3558.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012, at 15:32, Sam Whited wrote:
> On Sat, Jun 30, 2012 at 3:17 PM, || N#NN || <manostienen at gmail.com> wrote:
> > So spammers abuse tor...
> 
> Yes, they always have, and probably always will.

I feel there is a need to dispell some wonderful magic of the modern
society: the World has always been large. Even if it takes a lot less to
cover large distances, the World is still large. And that might mean,
among others, diverse too.

A second spell of the modern society is safety. The World has always
been both comfortable and unsafe in various proportions. There are cries
about protecting someone or something. But that was never ever in
history a given. Oh, food should be free of additives like in the good
old days. Actually in the good old days it was a lor more probable to
eat rotten meat and not have the faintest idea that going vegan was an
option. Sure, for the demigods breed in the last decades the spectre of
cancer might mean dying of fear, but less than a century ago rotten food
would mean potential death tomorrow as an alternative to starvation
today.

Phobos had a wonderful article about this recently on the Tor blog
[https://blog.torproject.org/blog/real-name-internet-versus-reality] but
people still expect that terrorism should come from a virtual entity far
far away and not from the local corrupt cop
[http://socialistworker.org/2012/06/21/nypd-kills-again]

Myself I'm not shure all spammers turn a profit, but they all are ready
to employ every mean available to push their merchandise. This doesn't
mean checking the identity would do any good as they can impersonate
anybody if willing. 

But that goes to the third issue of the modern society: mistaken an
identity with a number. That would pretty much go with Michel Foucault
and his prison society, because most people see themselves as obedient
inmates. They are the national ID number or the SSN. And not much more.
That's why there was so much fuss about the birth certificate of a
presidential candidate and less about what the man was about to do. Back
in the days when there was no registration people would build up some
fame and invoke some ancestry. Or they were practically nobody. Up to a
certain point in history everybody was an anonym and only few could
break through to become somebody. Superficially things seem to have
reversed, but it's a fake assumption. I still can't differentiate most
of the people I pass each day. They are still nobodies. But they are
proud to show a number: proof of uniqueness.

> Tor is designed to keep people anonymous; this works for both the good
> guys, and the bad. This isn't something the Tor Project needs to fix
> except through continued marketing and education. I'd suggest emailing
> the administrator of the forums you're having trouble with (and
> possibly the IP blacklist site) and explain what Tor is, a bit about
> how it works, and exactly why it's beneficial for them to whitelist
> Tor exit nodes. Maybe you can convince them to change their minds.

Actually blocking Tor won't help. A few sane filtering measures do. Have
people create an account. Have someone take a look at that list from
time to time. Generated or random users usually can be flagged easily.
Ask people to do some customization to the account before posting.
Quarantine the first few messages or a certain amount of time. Have a
button or link called breportb and let the other users report messages.
Quarantine the account and ask for an explanation from the offender.
Blocking IPs makes sense only when you are Wikipedia and have a mission
to let the government agencies have their fair chance of tweaking the
facts. As I've never seen anything resembling closer the official
newspaper of Airstrip One than Wikipedia.

I don't feel Tor is designed to keep people anonymous. Tor is more of a
hack to give back some privacy. To bring things more in line with the
romantic image of the Internet. Because people want to see the Internet
as a nice place where people go to share ideas and not what it is: a
military project hack done by some unimaginative blokes who were happy
to have things working so they could go to video games arcade or just
sleep. Most of the protocols used to connect computers are horribly
designed by people who can barely understand the concept of consequence.
Probably it's not their fault as the educational system everywhere
splits the curricula into sciences and humanities. And all the
philosophy and ethics are given to the people with no tech background.
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From grarpamp at gmail.com  Sun Jul  1 21:21:42 2012
From: grarpamp at gmail.com (grarpamp)
Date: Mon, 2 Jul 2012 00:21:42 -0400
Subject: [tor-talk] [info] Anonymous Publishing Is Dead.
Message-ID: <mailman.3559.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

>> like the NSA for example, consider that they haven't yet managed to track
>> down the guys running the Silk Road drug site (http://silkroadvb5piz3r.onion)

Call me stupid, but I actually think the NSA does have the capability to
locate Tor hidden services, even if only those existing within the USA. But
as usual, they may be restricted from originally passing it to enforcement,
or from producing data at bequest of same. Or for whatever reason, no one
cares, or wishes to keep capabilties or bigger fish under wraps. Nothing new
here.

> Do you know who runs Silk Road?

Silk Road will likely go down via the usual means... some Joe somewhere
flapping their gums, a street grudge, too much bling, etc. Just as with
Farmer's Market, the case files will certainly make for interesting reading.
But not really tell us much about Tor :(
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gmaxwell at gmail.com  Sun Jul  1 21:27:35 2012
From: gmaxwell at gmail.com (Gregory Maxwell)
Date: Mon, 2 Jul 2012 00:27:35 -0400
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <mailman.3560.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012 at 11:48 PM, grarpamp <grarpamp at gmail.com> wrote:
> Do NOT penalize those who need multiple random unlinked accounts
> by blocking ip's, making up nym systems, etc. Penalize the accounts
> that act up. They are the bad ones, not the former.

It's this kind of thinking that will result in the web continuing to be largely
read-only for Tor users.

People running services that block Tor aren't blocking Tor because they
Hate Freedomb", or because they can't help but staying up at night
trying to come up with ways of screwing people over.

Blocking tor isn't trivial, especially to do it well... and many of
the people who have been involved with blocking tor at major
sites are themselves Tor supporters and bridge/relay operators and
only block tor when it is clear that they must.

They block write access from Tor because when an abusive user
is blocked their inevitable recourse to evade the block is Tor (if
not their first choice).  After the umpteenth occurrence of
whatever antisocial jerkwad assaulting the site via tor it simply
has to go.

Arguing that a problem doesn't exist is unconvincing to people
who are dealing with it, arguing that blocking tor is ineffective
or involves unacceptable tradeoffs is unpersuasive to people
who have made the changes and measured the results.

One of the great forces which makes online communities
viable and not all trivially destroyed by a few byzantine
troublemakers is that the cost of excluding people is low,
but when tor makes the cost of evading the exclusion
nearly zerob the balance is upset.

Even captchas are a pretty weak tool: Commercial services
will solve them for pennies each, and targeted trouble
makers aren't deterred by them at all.

Perhaps most importantly, b this has been the ongoing
approach used by the Tor community and it is demonstratively
ineffective: Write access via tor is frequently inhibited.

And yes, sure, there are cases where nym use doesn't
solve things. But there are a great many where it does.

> I would actually donate much more to Tor/EFF project if I could
> earmark it for a formal emissary to talk with some of the sites
> I've seen implementing bad policy. And hopefully report back to me
> with the positive results ...

The Tor project absolutely has done this in the past.

Though as far as I can tell it has not hat  much success except in
areas where the Tor prohibitions are sloppy (blocking read access,
blocking relays instead of just the relevant exits).

> Exactly! And when I can't use these sites in perfectly good,
> responsible, creative and nice ways... because they have implemented
> crap blocking policies... it pisses me the fuck off.
>
> Anonymous != evil.
> That is what we need to be teaching.

You're making a grave error to characterize the people who've
made different calls than you have as foolish or insensitive.

I'm sure it's true in some cases, but even the well informed
frequently make the dispassionate, considered, and
rational decision to block write access from Tor.
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From arrivals4 at southbaymusicawards.com  Mon Jul  2 07:59:13 2012
From: arrivals4 at southbaymusicawards.com (=?koi8-r?B?IuvMycXO1Nkg1yDExc7YIM/C0sHdxc7J0SEi?=)
Date: Mon, 2 Jul 2012 06:59:13 -0800
Subject: =?koi8-r?B?8M/Nz9bFzSDOwcrUySDOz9fZyCDLzMnFztTP1yDEzNEgzMDCz8fPIMLJ?=
	=?koi8-r?B?2s7F08Eh?=
Message-ID: <000d01cd585a$dce3f400$6400a8c0@arrivals4>

Сделаем маассовую  расссылку  вашего предложения, товара  или услуги по электроонй почте  Москвы  и России!  

Без клиентов не останитесь! 

Позвоните  - проконсультируем по всем тонкостям!

У нас самые низкие цены от 1500 рублей! 

Акции и бонусы для постоянных клиентов! 

Наш +7 495те585ле48фон57




From saftergood at fas.org  Mon Jul  2 07:23:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Mon, 02 Jul 2012 07:23:11 -0700
Subject: Secrecy News -- 07/02/12
Message-ID: <mailman.3561.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 62
July 2, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     FINANCIAL COSTS OF CLASSIFICATION SOAR
**     THE DNI AS SECURITY EXECUTIVE AGENT
**     ROLE OF INTELLIGENCE COMMUNITY CONTRACTORS QUESTIONED
**     SECOND THOUGHTS IN CONGRESS ABOUT DOMESTIC DRONES
**     HYDROPOWER, HIGH SPEED RAIL, HAITI, AND MORE FROM CRS


FINANCIAL COSTS OF CLASSIFICATION SOAR

At a time when "leaks" are said to be running rampant, the government is
spending more money than ever before to protect classified information.  
The estimated cost of securing classified information in government
increased last year by at least 12% to a record high level of $11.36
billion.  An additional $1.2 billion was spent to protect classified
information held by industry contractors.

These figures were reported to the President last week by the Information
Security Oversight Office.

	http://www.fas.org/sgp/isoo/2011costs.pdf

The ISOO report breaks down the expenditures into six categories
(personnel security, physical security, etc.).  But it does not provide any
explanation for the rapidly escalating cost of secrecy.

One factor in the rising costs may be the continued growth of the secrecy
system.  While some essential security costs are fixed and independent of
classification activity, the failure to rein in classification and
especially overclassification is a likely contributor to marginal cost
growth.  The ISOO report itself provides a stark illustration of the
overclassification problem when it notes that the classification costs of
several intelligence agencies -- CIA, DIA, ODNI, NGA, NRO and NSA -- are
excluded from the new report because they are classified.

"The cost estimates of these agencies are classified in accordance with
Intelligence Community classification guidance and are included in a
classified addendum to this report," the ISOO report states.

But the classification of this information, which is almost certainly
illegitimate, defies credulity for several reasons.

First, the secret intelligence cost numbers are estimates, not actual
expenditures.  ("Requiring agencies to provide exact responses to the cost
collection efforts would be cost prohibitive," ISOO said.)  The potential
intelligence value of such estimates to a hostile intelligence service is
vanishingly small, particularly since their accuracy is variable and
uncertain.

Second, the disclosure of the cost estimates for non-intelligence
agencies, which has had no adverse effect on the security programs of those
agencies, is a strong indication that no damage can result from release of
such information.  If publication of the non-intelligence classification
cost estimates had caused any kind of harm over the years, those estimates
would not be published.  But of course they haven't, and so they are.

Thus, one is led to conclude that the classification of the intelligence
agency classification cost estimates is not threat-driven, but instead is
"culture"-based.  The disclosure of the estimates would not cause
identifiable damage to national security, which means this information has
been classified in violation of executive order 13526.

Unfortunately, there seems to be no one to tell the DNI that his
classification policies are mistaken.  Congress could perform critical
oversight of classification policy, inquiring into the basis of particular
classification decisions, but it almost never does so.  If anything,
congressional leaders favor more aggressive and unforgiving enforcement of
existing classification policies.  The Obama Administration's Fundamental
Classification Guidance Review was supposed to challenge the habits of
reflexive classification, but in this case at least it has not had the
desired effect.

If some rogue employee leaked a copy of the classification cost estimates
for the intelligence agencies, he or she would be subject to new procedures
announced by the Office of the Director of National Intelligence last week
to combat unauthorized disclosures, including polygraph testing and
inspector general investigations.

	http://www.fas.org/irp/news/2012/06/dni-leaks.pdf

In the absence of leaks, the estimated cost of implementing the DNI's new
anti-leak procedures will be classified and unavailable to the public.


THE DNI AS SECURITY EXECUTIVE AGENT

The anti-leak procedures announced last week by the Director of National
Intelligence apply specifically to intelligence community employees.  But
the DNI is also responsible more broadly for security policies that affect
almost everyone who holds a security clearance for access to classified
information, whether or not it pertains to intelligence, as well as other
government employees who are candidates for "sensitive positions."

The DNI's role as "Security Executive Agent" was described in a March 2012
directive, according to which he is responsible for oversight of
"investigations and determinations by any agency for eligibility for access
to classified information and eligibility to hold a sensitive position."

The DNI's authority extends to every individual who has or seeks access to
classified information with only a handful of exceptions:  the President,
the Vice President, Members of Congress, Justices of the Supreme Court, and
Federal judges appointed by the President.

In this capacity, the DNI is responsible for developing standardized
procedures for security questionnaires, financial disclosure forms,
polygraph policies and practices, and foreign travel and foreign contact
reporting requirements.  See "Security Executive Agent Directive (SEAD) 1,"
effective 13 March 2012:

	http://www.fas.org/irp/dni/sead-1.pdf

"SEAD 1 applies to all departments and agencies performing investigations
or adjudications of persons proposed for eligibility to hold a sensitive
position whether or not requiring access to classified information," said
Charles B. Sowell of ODNI in congressional testimony last month.   "The
ODNI also led the interagency efforts to revise the National Security
Adjudicative Guidelines" -- which are used to evaluate a person's loyalty,
reliability and trustworthiness -- "which we expect to issue later this
year," he said.

	http://www.fas.org/irp/congress/2012_hr/062112sowell.pdf


ROLE OF INTELLIGENCE COMMUNITY CONTRACTORS QUESTIONED

Persistent questions about the U.S. intelligence community's reliance on
contractors to perform or support core mission functions were explored in a
partially closed hearing of the Senate Homeland Security Committee last
year.  A redacted transcript of the classified session of the hearing was
included in a hearing volume which was recently published.

Among other things, "questions have been raised about whether some IC
contracting firms hold undue influence within the IC because senior
intelligence officials are often recruited from, and often return to, these
firms," according to a background paper prepared for the hearing (citing
author Tim Shorrock) and included in the appendix to the PDF version of the
new hearing volume.

"A 'revolving door' where employees move between public and private sector
service increases the risk that decisions made by either contractor or
government employees could be influenced by past professional relationships
or potential future employment opportunities."

"Some have also highlighted concerns about contractors who immediately
return to their former IC agency [as private sector employees], but serve
in the same capacity and at greater expense," the background paper stated
(citing reporting by Julie Tate of the Washington Post).

"In addition to clear conflicts of interest, the different incentives of
corporations and their employees versus federal agencies and their
employees create the need for robust oversight.  For example, the need to
make corporate profits could create an incentive to provide analysis or
decision support services in a manner that is likely to increase future
business opportunities."

"Additionally, because contract employees owe a duty of loyalty to their
employers rather than the U.S. government, they may have incentives to act
in the interest of their employers rather than in the interests of the
government where those interests differ," the background paper said.

At first glance, the questions seemed more interesting than the answers
that intelligence community officials were able to provide at the hearing,
but it was remarkable to see those questions raised at all.  The hearing
was held not by the Senate Intelligence Committee, but by a subcommittee of
the Senate Homeland Security and Governmental Affairs Committee chaired by
retiring Senator Daniel Akaka (D-HI).

See "Intelligence Community Contractors: Are We Striking the Right
Balance," September 20, 2011:

	http://www.fas.org/irp/congress/2011_hr/contractors.html


SECOND THOUGHTS IN CONGRESS ABOUT DOMESTIC DRONES

Some members of Congress are having second thoughts about the future use
of unmanned aerial systems in U.S. airspace, judging from a colloquy on the
House floor last week.

When Congress passed the FAA reauthorization bill, recalled Rep. Michael
Burgess (R-TX), it included "this very simple language allowing for the
expansion of unmanned aerial vehicles in the national airspace."

"None of us really thought that was much of a problem, but our
constituents are bringing it back to us," Rep. Burgess said. "They are
concerned about privacy, and they're concerned about Federal agencies
surveilling normal activities of commerce in which people may be engaged."

Looking beyond privacy concerns, Rep. Burgess proposed an amendment to the
Transportation Appropriations bill that would prohibit the use of armed
drones within the United States.

"If these drones are weaponized, you can--if you've been surveilled
unfairly, you can go to court and perhaps seek a remedy. But if a bullet is
fired from one of these platforms, you don't have any remedy if you're the
recipient of that bullet," he said.

"The amendment that I offer today is preemptive. As to my knowledge, no
actual applications have been filed with the FAA to use armed drones in
U.S. airspace. But I believe it is necessary, as there has been some
discussion in the public media about the ability to arm unmanned aerial
vehicles. I personally believe this is a road down which we should not
travel," Rep. Burgess said.

However, the amendment was rejected for procedural reasons.

	http://www.fas.org/irp/congress/2012_cr/drone-thud.html

Similar legislation sponsored by Rep. Rush Holt (D-NJ) was approved last
month as an amendment to the pending Homeland Security Appropriations bill.

	http://www.fas.org/irp/congress/2012_cr/dhs-uas.html


HYDROPOWER, HIGH SPEED RAIL, HAITI, AND MORE FROM CRS

New and updated reports from the Congressional Research Service that has
Congress has not authorized CRS to release to the public include the
following.

Hydropower: Federal and Nonfederal Investment, June 26, 2012:

	http://www.fas.org/sgp/crs/misc/R42579.pdf

The Development of High Speed Rail in the United States: Issues and Recent
Events, June 28, 2012:

	http://www.fas.org/sgp/crs/misc/R42584.pdf

Haiti Under President Martelly: Current Conditions and Congressional
Concerns, June 6, 2012:

	http://www.fas.org/sgp/crs/row/R42559.pdf

Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions,
June 29, 2012:

	http://www.fas.org/sgp/crs/natsec/R42114.pdf

U.S. Foreign Assistance to Latin America and the Caribbean: Recent Trends
and FY2013 Appropriations, June 26, 2012:

	http://www.fas.org/sgp/crs/row/R42582.pdf

China's Economic Conditions, June 26, 2012:

	http://www.fas.org/sgp/crs/row/RL33534.pdf

Navy Shipboard Lasers for Surface, Air, and Missile Defense: Background
and Issues for Congress, June 29, 2012:

	http://www.fas.org/sgp/crs/weapons/R41526.pdf

Cluster Munitions: Background and Issues for Congress, June 27, 2012:

	http://www.fas.org/sgp/crs/weapons/RS22907.pdf


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html


_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Sun Jul  1 23:31:52 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 08:31:52 +0200
Subject: [tor-talk] Anonymous Publishing Is Dead.
Message-ID: <20120702063152.GV12615@leitl.org>

----- Forwarded message from antispam06 at sent.at -----


From heedq8 at hczcustoms.com  Sun Jul  1 20:02:10 2012
From: heedq8 at hczcustoms.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80uIg==?=)
Date: Mon, 2 Jul 2012 08:32:10 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRINDSz9PUz9LO2cogy8/U1MXE1iDTINXewdPUy8/NINcg?=
	=?koi8-r?B?xy4g7c/Ty9fBLg==?=
Message-ID: <000d01cd57ff$12c17e00$6400a8c0@heedq8>

Продается дом 704 м2 в Немчиновке, 2 км от МКАД. Цена на 30 % ниже себестоимости, срочно! Телефон: 8 (916) 345-02-54 Антон Александрович




From eugen at leitl.org  Mon Jul  2 04:03:53 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 13:03:53 +0200
Subject: [ZS] Neat wallet
Message-ID: <20120702110353.GC12615@leitl.org>

----- Forwarded message from Bryce Lynch <virtualadept at gmail.com> -----


From eugen at leitl.org  Mon Jul  2 04:41:57 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 13:41:57 +0200
Subject: [tor-talk] Anonymous Publishing Is Dead.
Message-ID: <20120702114157.GI12615@leitl.org>

----- Forwarded message from Gregory Maxwell <gmaxwell at gmail.com> -----


From eugen at leitl.org  Mon Jul  2 04:45:31 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 13:45:31 +0200
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <20120702114531.GK12615@leitl.org>

----- Forwarded message from Gregory Maxwell <gmaxwell at gmail.com> -----


From eugen at leitl.org  Mon Jul  2 05:13:52 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 14:13:52 +0200
Subject: [tor-talk] Anonymous Publishing Is Dead.
Message-ID: <20120702121352.GO12615@leitl.org>

----- Forwarded message from antispam06 at sent.at -----


From eugen at leitl.org  Mon Jul  2 05:16:54 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 14:16:54 +0200
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <20120702121654.GP12615@leitl.org>

----- Forwarded message from antispam06 at sent.at -----


From eugen at leitl.org  Mon Jul  2 05:36:10 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 14:36:10 +0200
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <20120702123610.GR12615@leitl.org>

----- Forwarded message from Brian <warner at lothar.com> -----


From ei8fdb at ei8fdb.org  Mon Jul  2 06:56:03 2012
From: ei8fdb at ei8fdb.org (ei8fdb at ei8fdb.org)
Date: Mon, 02 Jul 2012 14:56:03 +0100
Subject: [liberationtech] Adium w/ Facebook, or Google Talk
Message-ID: <mailman.3562.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

Hello Frank,

I have used Adium for at least 4-5 years. It is a very good piece of open 
source software.

It is possible to secure all communications through Adium using OTR  
(Off-The-Record) crypto. [1]
I would leave commenting about the security of OTR to others, but in my  
view it is secure (except multiuser chats, and file transfers).

I have Facebook chat, and GTalk configured on Adium, but do not use them as 
preferred communications channels.

GTalk certainly was working this morning when I was using my Mac (if it  
wasn't it would notify me with an error). You can configure it for GTalk  
by following the steps. [2]

[1] http://en.wikipedia.org/wiki/Off-the-Record_Messaging
[2] http://support.google.com/talk/bin/answer.py?hl=en&answer=24075

I hope that helps.

Bernard

On Mon, 02 Jul 2012 06:42:23 -0700, frank at journalistsecurity.net wrote:
> I wonder if people here recommend the open source freeware Chat tool
> Adium?
>
> http://adium.im/about [1]/
>
> And whether they would recommend using it with Facebook?
>
> Or, if not, Google Talk?
>
> Thanks! FS
>
> Frank Smyth
> Executive Director
> Global Journalist Security
> frank at journalistsecurity.net [2]
> Tel. + 1 202 244 0717
> Cell + 1 202 352 1736
> Twitter: @JournoSecurity
> Website: www.journalistsecurity.net [3]
> PGP Public Key [4]
>
> Please consider our Earth before printing this email.
>
> Confidentiality Notice: This email and any files transmitted with it
> are confidential. If you have received this email in error, please
> notify the sender and delete this message and any copies. If you are
> not the intended recipient, you are notified that disclosing, copying,
> distributing or taking any action in reliance on the contents of this
> information is strictly prohibited.
>
>
>
> Links:
> ------
> [1] http://adium.im/about
> [2] mailto:frank at journalistsecurity.net
> [3] http://www.journalistsecurity.net
> [4] http://www.journalistsecurity.net/franks-pgp-public-key

_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Mon Jul  2 05:57:29 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 14:57:29 +0200
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <20120702125729.GU12615@leitl.org>

----- Forwarded message from Brian <warner at lothar.com> -----


From eugen at leitl.org  Mon Jul  2 06:00:18 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 15:00:18 +0200
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <20120702130018.GV12615@leitl.org>

----- Forwarded message from grarpamp <grarpamp at gmail.com> -----


From eugen at leitl.org  Mon Jul  2 06:01:05 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 15:01:05 +0200
Subject: [tor-talk] [info] Anonymous Publishing Is Dead.
Message-ID: <20120702130105.GW12615@leitl.org>

----- Forwarded message from grarpamp <grarpamp at gmail.com> -----


From eugen at leitl.org  Mon Jul  2 06:02:16 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 15:02:16 +0200
Subject: [tor-talk] blocked exit node IP because of spam
Message-ID: <20120702130216.GX12615@leitl.org>

----- Forwarded message from Gregory Maxwell <gmaxwell at gmail.com> -----


From kb at karelbilek.com  Mon Jul  2 06:09:49 2012
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Mon, 2 Jul 2012 15:09:49 +0200
Subject: [tor-talk] Anonymous Publishing Is Dead.
In-Reply-To: <20120702063152.GV12615@leitl.org>
References: <20120702063152.GV12615@leitl.org>
Message-ID: <CAGUkT8bw4oSiBETfQSpZ6y-Tj8PUCmC9d=tZxfKh2APEAx0mNQ@mail.gmail.com>

afaik, some people tracked down silk road, because they don't use
anonymization for bitcoin.

you can request some really small amount of money from silkroad to
your bitcoin address repeatedly, and then try to find their node in
p2p bitcoin network by heuriatics, based on how fast the information
comes from each node (the faster ones->closer to actual silkroad
node).

I heard it could be tracked this way and is in Netherlands ;)

anyway the moral of the story is to use bitcoin also with tor

k

On 7/2/12, Eugen Leitl <eugen at leitl.org> wrote:
> ----- Forwarded message from antispam06 at sent.at -----
>
> From: antispam06 at sent.at
> Date: Sun, 01 Jul 2012 18:39:33 +0200
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] Anonymous Publishing Is Dead.
> X-Mailer: MessagingEngine.com Webmail Interface
> Reply-To: tor-talk at lists.torproject.org
>
> On Sun, Jul 1, 2012, at 14:20, Edward Thompson wrote:
>> 2. Email. I signed up for mailoo.org through Tor, I believe. But for all
>> practical purposes, you could easily get a disposable e-mail address
>> through a Firefox plugin called Bloody Vikings. Otherwise, pretty much
>> any web mail will do... just war drive and sign up through the first
>> open wi-fi connection you find ;)
>
> Hmm... I already do something like that. And I tell you that most free
> providers are a pain to work with. And that includes all the major
> players. They are all going to punish you with a long annoying
> reidentification which will prove zero security just because you change
> location. And they do have the time and computing power just to try to
> locate you any other possible way as their business model is tightly
> integrated with tracking and selling private data.
>
> Disposable email is good for accessing some resource once. Otherwise is
> a pain in the rear.
>
>> 3. Bitcoins. Yes, block chains are not that anonymous, especially
>> considering the difficulty of buying them legitimately in the first
>> place. How about a coin mixing service like www.bitcoinfog.com? Their
>> methodology is very interesting, and it seems like you'd be able to
>> 'launder' ordinary coins, bought legitimately through an exchange...
>> There are a few other sites like this one:
>> http://vzpzbfwsrvhfuzop.onion.to
>
> I spent some time reading about bitcoin. It's a miracle discovery. It's
> a proof about non conventional methods being able to compete with the
> conventional financial transaction type. But I fail to see the anonimity
> side of things. It's so nice. It's sooo geeky. It employs silly terms to
> scare the layman like mining. Or worse, it has terms with a clear
> equivalent in conventional finance like wallet. My grandma knows she can
> watch over her wallet and things would be all right. And if someone
> forces her she can go to the police station and declare the theft. Till
> version 0.6 there was no protection from theft with BC. Crap concept
> with junk application from the point of view of annonimity. Each time
> some conspiracy theorist starts making sense I remind myself that people
> (programmers are people, aren't they?) are above all stupid followed
> closely by lazy. Just take a look at the way FF is developed: in the era
> of Facebook developers are doing their best to shed MORE data instead of
> patching up the holes. By holes I don't mean Secunia security holes, but
> privacy holes.
>
>> 4. Do you really need your own dedicated VPS?! And only in developed
>> Western countries? Have you checked out this list of BTC-friendly
>> servers:
>
> Actually any service should be checked for its origin or place of doing
> business. Always remember the case of Hide My Ass which proved to be
> full of Holes if you allow such a gross joke. They weren't keeping logs
> till pressured. Than they said everybody is obliged under law to keep
> logs. And to prove the indolence of their users: they are still in
> business, trapping flies for the government. On the other hand, servers
> hosted outside the reach of certain totalitarian governments are blocked
> on the crime of spam or copyright infringement. If these were anything
> but hassle (see the problems with the free webmail above) yahoo and
> google would have offered email only between their users.
>
>> Anyway, my point is that there are ways to acquire BTC, randomised
>> enough not to be a concern, after which you can buy all the hosting (and
>> related) services your heart desires. And if your threat model
>> encompasses an organisation with vast resources, like the NSA for
>> example, consider that they haven't yet managed to track down the guys
>> running the Silk Road drug site (http://silkroadvb5piz3r.onion)... ;)
>
> Usually this kind of trafic is tolerated because they want to catch a
> bigger fish. Sometimes services like that are set up by the
> investigating authorities. And some other times they set it up
> independently just for the sake of compensating the budget restrictions
> (those drones are mighty expensive, mind you).
>
> Cheers
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> ----- End forwarded message -----
> --
> Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> ______________________________________________________________
> ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
> 8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From sagacious1 at firstinmath.com  Mon Jul  2 01:41:53 2012
From: sagacious1 at firstinmath.com (=?koi8-r?B?IvPPwtPU18XOzsnLINDP08XMy8Eg68nF19PLz8Ug2y4i?=)
Date: Mon, 2 Jul 2012 15:41:53 +0700
Subject: =?koi8-r?B?8sHT0NLPxMHWwSDaxc3FzNjO2cgg1d7B09TLz9cgz9QgMzAg08/Uz8sh?=
	=?koi8-r?B?IA==?=
Message-ID: <000d01cd582e$87ec90a0$6400a8c0@sagacious1>

Распродаю свои участки по Киевск. ш в коттеджном поселке! Все коммуникации дорогои инфраструктура! Участки от 30 соток до  2.5га Очень красивое место Звоните+7903 1 9 3 06 23




From nelson_mikel at yahoo.com  Mon Jul  2 15:56:24 2012
From: nelson_mikel at yahoo.com (Michael Nelson)
Date: Mon, 2 Jul 2012 15:56:24 -0700 (PDT)
Subject: [cryptography] Key extraction from tokens (RSA SecurID,
	etc) via padding attacks on PKCS#1v1.5
Message-ID: <mailman.3563.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

There seems to be a bit of uncertainty about this attack. B I'm hearing a lot of misunderstanding from customers. Here is my summary. B I'll first give a concrete example explaining key wrap and unwrap. B Skip this post if you know all this stuff. B Then I'll generalize a bit, and finally comment on RSA's response.

Suppose that you have a symmetric key (eg a KEK) in one HSM that you want to transport to another HSM. B The target HSM generates an RSA private key, and you send the cert off to the first HSM, where you wrap (encrypt) the symmetric key under that cert. B You take this wrapped key across to the target HSM. B There, you "unwrap" it, which means that you send the encrypted blob into the target HSM, which internally decrypts the symmetric key and stores it, but does not give you back the plain symmetric key.

If the target HSM notices that the encrypted blob is corrupted, then it will give you an error message. B This is a leak of information, but that's life. B Normally such a covert channel would at most help you to mount a brute force attack, which is impractical owing to the size of the key space and other things.

However, if the target HSM allows you to ask it to unwrap (decrypt) the key under the assumption that pkcs v1.5 padding has been used, then by careful manipulation of the encrypted blob, you can use the failed decryptions to deduce the plain key, after only a few thousand submissions.

It does not matter whether the symmetric key was encrypted using the pkcs1 v1.5 padding. (Matthew Green mentioned this in his post.) B The flaw in the HSM is that it will attempt to use the deprecated padding during the decryption. B Loosely, it looks for certain bytes and tells you whether it found them.

It also does not matter whether you are using pkcs11 APIs, and whether you are doing key wrap/unwrap, and whether the data is a key. B Any secret piece of data encrypted under an RSA cert can be potentially extracted, via any kind of crypto module, as long as the module will use the deprecated padding mechanism.

It also does not matter whether the device is actually a device. B  An SSL server that will decrypt things assuming pkcs1 v1.5 padding, and give failure messages, is potentially vulnerable (this has been known for a decade).

Various USB tokens have played the role of the HSM in the recent research. B How have RSA Corp. personned up? B The RSA blog said:

"The vulnerability outlined by the researchers makes it possible (however unlikely) that an attacker with access to the userbs smartcard device and the userbs smartcard PIN could gain access to a symmetric key or other encrypted data sent to the smartcard."B 

This is a fairish statement. B Though I think "unlikely" needs clarifying. B It's not that common for end users to do the importation onto such a device that leads to the attack, so in that sense it's unlikely. B However, if you do do such an import, the attack is likely. B I can certainly imagine provisioning scenarios that are vulnerable, though I can't say if people are actually doing them. B So I'd say that anyone using the tokens for this sort of thing should be warned immediately. B Also, the RSA blogger should have been a little more candid and conceded that they have been remiss, and said what they will do to fix it. B Later, they quote the token team:

"This is not a useful attack. The researchers engaged in an academic exercise to point out a specific vulnerability in the protocol, but an attack requires access to the RSA SecurID 800 smartcard (for example, inserted into a compromised machine) and the userbs smartcard PIN. If the attacker has the smart card and PIN, there is no need to perform any attack, so this research adds little additional value as a security finding."

This is quite false. B The legitimate owner of the token, or a security officer provisioning the token, can get information (marked unextractable) he is not supposed to get, PIN or no PIN. B There are definite real world scenarios in which this attack is a serious break.
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From doweledlz6 at malaplast.com  Mon Jul  2 04:20:04 2012
From: doweledlz6 at malaplast.com (=?koi8-r?B?IuHS1MnLz83Gz9LUIC3T1NLPyc0gxM/NwSI=?=)
Date: Mon, 2 Jul 2012 16:50:04 +0530
Subject: =?koi8-r?B?9SDOwdMg08HN2cUgzsnay8nFIMPFztkgzsEg09TSz8nUxczY09TXzyDE?=
	=?koi8-r?B?xdLF19HOzs/HzyDEz83BIQ==?=
Message-ID: <000d01cd5844$a0acc4f0$6400a8c0@doweledlz6>

У нас самые низкие цены на строительство деревянного дома!

Клееный брус по ценам прошлого года! 

Заказывайте строительство деревянного дома у нас и получите проект в подарок! Предложение действует 2 недели.

Для Вас мы предлагаем весь спектр строительных услуг по действительно низким ценам.

Ищите нас в Яндексе по запросу Артикомфорт  

Или узнайте все подробности  по телефону 517-42-67

Керамическая черепица и деревянные лестницы со скидкой до 10% всем нашим Заказчикам.




From eugen at leitl.org  Mon Jul  2 08:07:17 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 17:07:17 +0200
Subject: Secrecy News -- 07/02/12
Message-ID: <20120702150717.GM12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From wishfullymy88 at singularity-solutions.com  Mon Jul  2 05:08:33 2012
From: wishfullymy88 at singularity-solutions.com (=?koi8-r?B?IvPM1dbCwSDC2dTBLCDC2dPU0tnFINLF28XOydEg3MvPzs/N0dQg08LF?= =?koi8-r?B?0sXWxc7J0SI=?=)
Date: Mon, 2 Jul 2012 17:08:33 +0500
Subject: =?koi8-r?B?8sXNz87ULCDEydrBys4sIM/UxMXMy8Egy9fB0tTJ0iDJINDPzcXdxc7J?=
	=?koi8-r?B?yg==?=
Message-ID: <000d01cd584b$668e3680$6400a8c0@wishfullymy88>

 Ремонт от дизайна интерьера до полной реализации. Качественно. Доступные цены. Соблюдение сроков. Задайте любой интересующий Вас вопрос по телефону в Москве: (495) 589;62;99




From eugen at leitl.org  Mon Jul  2 08:16:14 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 2 Jul 2012 17:16:14 +0200
Subject: [liberationtech] Adium w/ Facebook, or Google Talk
Message-ID: <20120702151614.GS12615@leitl.org>

----- Forwarded message from ei8fdb at ei8fdb.org -----


From client at notifications.tdameritrade.com  Mon Jul  2 08:52:43 2012
From: client at notifications.tdameritrade.com (Brandie Walton)
Date: Mon, 2 Jul 2012 17:52:43 +0200
Subject: sbj
Message-ID: <4FF1C341.909090@notifications.tdameritrade.com>

                          TD Ameritrade                                                                                                                                                                                                                                                                          
                                                                                
                                                                                                                                                                                                                                                                                  Youraccount                                          ending in XXX7                                                                                                                    Log on                                                                        
                                                                                                                                                                                                           
                                                                                                                                                Your statement is now available online                                                                    Dear Valued Client,                                                                Your statement for your                                  TD Ameritrade account ending in                                  XXX7 is now available online.                                                                     Access your statements                                 To view your statement (along with                                previous statements), please Log On to                                your account and choose "History &                                Statements" (under Accounts). Then click                                the "Statements" tab, select the                                appropriate month(s) under the "View                                statements" drop-down menu, then click                                the "View" button.                                                                 We're here to help                                 If you have any questions, please log on                                to your account and click "Message                                Center" (under Home) to write us. A                                representative will respond through your                                Message Center inbox. You can also                                  call Client Services at 800-669-3900.                                We're available 24 hours a day, seven                                days a week.                                                                 Sincerely,                                                                                                   Tom Bradley                                President, Retail Distribution                                TD Ameritrade                                                                                                                                                                                                                                                                       
                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                             This is an automated email, and                                        replies will not be delivered.                                        If you need to contact us,                                        please log on to your account                                        and click the "Contact Us" link                                        to send an email.                                                                                TD Ameritrade understands                                        the importance of protecting                                        your privacy. We are sending you                                        this notification to inform you                                        of important information                                        regarding your account. If                                        you've elected to opt out of                                        receiving marketing                                        communications from us, we will                                        honor your request.                                                                                Market volatility, volume, and                                        system availability may delay                                        account access and trade                                        executions.                                                                                 TD Ameritrade, Inc., member                                        FINRA/SIPC/NFA.                                        TD Ameritrade is a                                        trademark jointly owned by                                        TD Ameritrade IP Company,                                        Inc. and The Toronto-Dominion                                        Bank. Copyright 2012                                        TD Ameritrade IP Company,                                        Inc. All rights reserved. Used                                        with permission.                                                                                 Distributed by:                                        TD Ameritrade, Inc., 1005                                        North Ameritrade Place,                                        Bellevue, NE 68005                                                                                 TDA 4551 EM 4/11                                                                                                                                                     
                                                                                                                                                 
                                                                                    
                                                                                                                          
                    
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 13404 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120702/44e37555/attachment.txt>

From marlowe at antagonism.org  Mon Jul  2 19:21:29 2012
From: marlowe at antagonism.org (Patrick R McDonald)
Date: Mon, 2 Jul 2012 21:21:29 -0500
Subject: [tahoe-lafs-weekly-news] TWN 35
Message-ID: <mailman.3564.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================
Tahoe-LAFS Weekly News, issue number 35, July 02 2012
=====================================================

Welcome to the Tahoe-LAFS Weekly News (TWN).  Tahoe-LAFS_ is a secure,
distributed storage system. `View TWN on the web`_ *or* `subscribe to TWN`_.
If you would like to view the "new and improved" TWN, complete with pictures;
please take a `look`_.

.. _Tahoe-LAFS: https://tahoe-lafs.org
.. _View TWN on the web: https://tahoe-lafs.org/trac/tahoe-lafs/wiki/TahoeLAFSWeeklyNews
.. _subscribe to TWN: https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-lafs-weekly-news
.. _look: https://tahoe-lafs.org/~marlowe/TWN35.html

Glowing Quotes
==============

bAbsolutely, I've been very impressed with Tahoe-LAFS, both the
underlying concepts and ideas and the implementation (I was playing with
it just yesterday). It's fast, reliable, and has been making steady
progress.b b Mourad De Clerck

Tahoe-LAFS on Twitter
=====================

"Dear next MegaUpload-like entrepeneur: Use Tahoe-LAFS. Let the FBI have
fun with that..." [`0`_]

"Just thinking about how wonderful Tahoe-LAFS is. It's owners,
contributors, core-concept, it's just all wonderment up in there.
#tahoe-lafs" [`1`_]

"Tahoe-LAFS newsletter. Neat! http://ur1.ca/9keef" [`2`_]

.. _`0`: https://twitter.com/rockstar_/status/218772487989772288
.. _`1`: https://twitter.com/kraeftig/status/218026035944501250
.. _`2`: https://twitter.com/sameerverma/status/217397646111944704

- From the tahoe-dev Mailing List
===============================

Keepalives
- ----------

erpo41 asked for `information regarding Tahoe-LAFS' use of keepalives`_
over their TCP connections.  Brian Warner |warner| pointed out
Tahoe-LAFS sends a keepalive packet once every eight (8) minutes.  This
setting is configurable via "timeout.keepalive" as noted in
"docs/configuration.rst".

.. |warner| image:: warner.png
   :height: 35
   :alt: Brian Warner
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs

.. _`information regarding Tahoe-LAFS' use of keepalives`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-July/007513.html

Switching from Introducers to Gossip
- ------------------------------------

Brian `proposes switching from introducers to gossip`_.  Brian's idea is
for all nodes to offer a "grid-control" service.  "grid-control" allows
you to publish Announcements, either your own or ones you are forwarding
for someone one else.  Brian proposes several approaches to this
concept:

* fully-connected mesh: every node makes a Foolscap connection to every
  grid-control provider they hear about, subscribe to hear about all
  announcements, and publish any announcements that the other side
  doesn't already know about.
* opportunistic: clients only connect to storage servers, and storage
  servers don't make outbound connections to anybody, but if you *do*
  happen to be connected to someone who also offers "grid-control", then
  connect to their grid-control object too and exchange Announcements
* cluster-of-Introducers: normal nodes don't offer grid-control, but
  multiple Introducers do, and all of them know about each other. All
  nodes connect to all grid-control providers (which means all
  Introducers).
* one Introducer: this is just a degenerate cluster-of-Introducers

.. _`proposes switching from introducers to gossip`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-July/007511.html

grid-updates
- ------------

darrob `announced the release of grid-updates 1.1.3`_.  grid-updates is
Tahoe-LAFS helper program.  Originally a shell script, darrob rewrote
the program in Python, so it runs on all platforms supported by
Tahoe-LAFS.  grid-updates helps manage volunteer grids.  It's core
feature is downloading and uploading the node's introducer list and has
a new feature of downloading lists for shares and repairing them.
darrob is testing the program against 1.9.2a1.  The program is packaged
for Windows, Arch and Debian.

.. _`announced the release of grid-updates 1.1.3`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-June/007505.html

Patches Needing Review of the Week
==================================

There is one (1) ticket still needing review for 1.9.2:

* `#1778`_: increase maximum mutable share size

There are six (6) ticket still needing review for 1.10.0:

* `#1777`_: cleanups to tests and mutables for 1.10
* `#166`_: command line order is problematic
* `#937`_: 'tahoe run' doesn't work for an introducer node
* `#1539`_: stop putting pkg_resources.require() into .tac files
* `#1159`_: stop using .tac files: make it possible to change appname,
  Python package-directory name, perhaps other names
* `#1693`_: flogtool doesn't get automatically provided

There are two (2) tickets still needing review of 1.11.0:

* `#1265`_: New Visualizer is insufficiently labelled/documented (plus
  layout problem)
* `#1382`_: immutable peer selection refactoring and enhancements

.. _`#1778`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1778
.. _`#1777`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1777
.. _`#166`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/166
.. _`#937`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/937
.. _`#1539`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1539
.. _`#1159`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1159
.. _`#1693`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1693
.. _`#1265`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1265
.. _`#1382`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1382

- ----

*The Tahoe-LAFS Weekly News is published once a week by The Tahoe-LAFS*
*Software Foundation, President and Treasurer: Peter Secor* |peter|
*. Scribes: Patrick "marlowe" McDonald* |marlowe| *, Zooko Wilcox-O'Hearn*
|zooko| *, Editor: Zooko.* `View TWN on the web`_ *or* `subscribe to TWN`_
*. Send your news stories to* `marlowe at antagonism.org`_ *b submission
deadline: Friday night.*

.. _marlowe at antagonism.org: mailto:marlowe at antagonism.org
.. |peter| image:: psecor.jpg
   :height: 35
   :alt: peter
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |marlowe| image:: marlowe-x75-bw.jpg
   :height: 35
   :alt: marlowe
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |zooko| image:: zooko.png
   :height: 35
   :alt: Zooko
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJP8lcmAAoJEAT4nRyi0elyo3wP/iliJM7Xe0N793L7L5qXPIQU
r3JAsyn1XequYfjTVNpDzZ3v/HPieLsjhLWBhphvXHZpPLPFzkQLGgTsamLQTaz1
pohvV03dCJwiUgo7LktdjS7fElscR3oU1GnABYfZp/63RrW1NHsdzzqsIGXs2YgG
c7+XYrCAUyRNoIWPXV+ZeRy9NWXZftGKxhdibe1dKTfOIQYHF7cYEaTER2AzZv7a
qaX+lluIaay18wiSWj8Ji8M8dR/u5iKJO4Rh0w8CAihs2pgXoT/q67rzJECdftE2
hMMmyqAnxAn4b4LTTJAZqmiD+d5lEbxU73qLBLHJ05JgqNk1XCfdSAgBoutsCTFM
a4Q6skZFlaLQqSpVHjpacUEqWH9BJViVoogi1mZAyX24fJbrSNT/iVq86zuMrXP9
MYQjIAvpRCE6vQ71PhSM115q1G7VNeatNgXhjWF1x6+Wbev/bCAVj1uIA1I4Baqz
qPFhLQ6aCWFReCPrIhV6rRsj/N/sL8DLt7X4cBOEao9GK/g1NGIYrtNtQlPIwBWN
1e2CCD6hLB9IbA25vgIFKeE/mWNQP4FGQ3qNuP8JSYMqrXeXVhwirxtqFDCgdRKr
x78BmsKmYTP5VnNmWxg82PA3QJvmGmtecFuS+QLLQXxbOJ2wqroFfMSWERZsbG3K
VoSb2oEDhtY7G5p5mAe+
=LGEZ
-----END PGP SIGNATURE-----
_______________________________________________
tahoe-lafs-weekly-news mailing list
tahoe-lafs-weekly-news at tahoe-lafs.org
http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-lafs-weekly-news

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From warner at lothar.com  Tue Jul  3 09:36:28 2012
From: warner at lothar.com (Brian)
Date: Tue, 03 Jul 2012 09:36:28 -0700
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <mailman.3565.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On 7/3/12 3:51 AM, darrob wrote:

> We've been using the multi-introducer patch on I2P since Tahoe-LAFS
> 1.8.3 and it has indeed proven to be more robust. The
> single-introducer grid we started out with simply fell apart when the
> introducer disappeared. It then took a long time before everybody
> learned the new introducer's address and adjusted their
> configurations. Time and files were lost. This hasn't happened again
> since we've started using the patched version.
> 
> The administrative burden is definitely there. However, I'd argue
> against it being worse. At least nodes that only know about a subset
> of introducers (e.g. only I2 in your example below) are in no rush of
> adding the rest (I3) because the grid is still functional.

Ah, that's an excellent data point. Thanks! Yeah, multi-introducers are
a bit like RAID: you have more time to respond to a failure before the
whole system starts having problems.

>> If you generalize this, then all nodes can function as introducers,
>> and there's no need for dedicated Introducer nodes. As long as at
>> least one node with a public IP is up at any given time, everybody
>> else can learn the current state of the world.
> 
> This sounds perfect. I wonder if this system is susceptible to
> introducer spam attacks of some sort, though. I image those would be
> an annoyance at best.

Yeah, I think the worst-case attack is a DoS, where somebody floods
useless information into the system. The key is the signed
announcements: you may hear about all sorts of garbage, but you'll only
pay attention to announcements that are signed by someone you've
Invited, or who Invited you, or to whom you're transitively connected by
Invitations.

Ideally we can use that same criteria to limit how Announcements are
flooded, so unrecognized garbage (i.e. "a stranger") doesn't travel
further than a single node.

cheers,
 -Brian
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From michiel at unhosted.org  Mon Jul  2 23:59:24 2012
From: michiel at unhosted.org (Michiel de Jong)
Date: Tue, 3 Jul 2012 09:59:24 +0300
Subject: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access
	Innovation Prize 2012
Message-ID: <mailman.3566.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

This is great stuff!

On Tue, Jul 3, 2012 at 5:29 AM, Nick M. Daly <nick.m.daly at gmail.com> wrote:
> I'd *love* to see Tor and PageKite in the default image.  I don't know
> if there'll be time/expertise to get Tor into the image before EOY, but
> we should be able to include PageKite, if nothing else.  Bjarni's two
> line install instructions are confounding! :)
>
> Nick
>
> 0: http://github.com/nickdaly/freedom-maker
>
> 1: http://github.com/nickdaly/plinth
>
> 2: http://github.com/nickdaly/freedombox-privoxy

So even though ownCloud has a nicer interface than pyUnhosted, getting
apache, sqlite, GD, php5 and ownCloud 4.0.4 all on a device with
basically the power of a smartphone might be a bit ambitious. Also,
the whole point of the remoteStorage web architecture is that the
storage is just dumb storage and that all functionality and actual
niceness is in unhosted web apps to which you connect your
remoteStorage dynamically, instead of doing server-side webpage
generation.

So let me think about what steps we would need:

- add pagekite and pyUnhosted to the image.

- right now pyUnhosted outputs information (including the password you
need) to the console. that should be piped somehow to plinth, so that
the user can actually see it.

- IIUC, for privoxy to work out of the box, we still need a way for
the freedombox to become the default proxy for all devices on the
wifi. how does that work? The easiest UI for this would be if the
freedombox emits a wifi signal. people will understand that. If the
freedombox only lets through https and ssh traffic, then this wifi
signal can be unencrypted, like for instance the wifi signal at fosdem
or other big conferences, so we help with the open wifi movement
http://www.dslreports.com/shownews/EFF-Pushes-For-Open-WiFi-Movement-114016
by default (of course if the user is opposed to bandwidth altruism for
some reason then they should be able to switch it off in plinth). If
the freedombox does not emit its own wifi single, then i cannot see an
easy first-use experience, but maybe i'm missing something.

- on first use, you would have to opt-in to setting up the public
interface to your remoteStorage. so plinth would need a screen that
say "choose your username and password at freedomstorage.org (or
whatever we call it)", and from that moment on, it would be dialled in
there, and ready for connecting your freedombox to unhosted web apps
as remoteStorage.

- we would have to set up said service, with for instance a 5-year
plan included in the purchase of the off-the-shelf device. i know this
proposal is only for creating the disk image, but we should also set
up a pre-order production chain. As soon as 100 orders are in, we just
organize a flashing-weekend, flash 100 devices in an afternoon, and
ship them.

- if we can resolve the first-use/wifi question then i think putting a
box with privoxy+remoteStorage-through-pagekite on the market should
be achievable.

_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss at lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From darrob at i2pmail.org  Tue Jul  3 03:51:51 2012
From: darrob at i2pmail.org (darrob)
Date: Tue,  3 Jul 2012 10:51:51 +0000 (UTC)
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <mailman.3567.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 01, 2012 at 07:45:00PM -0700, Brian wrote:
> On 7/1/12 5:56 PM, Tony Arcieri wrote:
> 
> > Is there any reason why you can't simply have multiple introducers,
> > which may have inconsistent views of the world, but which otherwise
> > function identically? Clients can use information gathered from all
> > introducers they're connected to in order to make connections to other
> > storage nodes. It seems like all that's really missing is a system to
> > construct the union of the available storage nodes as enumerated by
> > multiple introducers.
> 
> That's doable (it's basically what the #68 Google Summer of Code project
> produced), and it would be more robust than the current
> one-lone-Introducer (and we need the "union of announcements" feature in
> any case). But it wouldn't decrease the administrative burden.. in fact
> it would be worse than a single introducer.

We've been using the multi-introducer patch on I2P since Tahoe-LAFS
1.8.3 and it has indeed proven to be more robust.  The single-introducer
grid we started out with simply fell apart when the introducer
disappeared.  It then took a long time before everybody learned the new
introducer's address and adjusted their configurations.  Time and files
were lost.  This hasn't happened again since we've started using the
patched version.

The administrative burden is definitely there.  However, I'd argue
against it being worse.  At least nodes that only know about a subset of
introducers (e.g. only I2 in your example below) are in no rush of
adding the rest (I3) because the grid is still functional.

> Imagine a grid that has two Introducers and everybody knows about both
> of them (I1 and I2). Now the operator of one (I1) of them announces that
> they're going to retire it, so somebody (I3) else volunteers to add a
> replacement. We'll start with I1+I2, then have I1+I2+I3, then finish
> with I2+I3.
> 
> With the #68-GSoC -style "introducer.furls", after the volunteer spins
> up I3, everybody in the entire grid has to edit their configs to add
> I3's new FURL.

We currently have 6 reliable introducers.  Before we got to that number
we had this exact situation.  Introducers were coming, going and
changing addresses.

We remedied this by writing grid-updates [1].  Using this tool users
have successfully updated their introducer lists many times without
having to think (much) about it.  (Unfortunately a restart is required
for Tahoe to pick up on new introducers in the list).

Obviously you're looking for a much more elegant and automatic solution
than some 3rd party utility, but I thought it's worth mentioning our
experiences with the existing system anyway.  It's not all that bad.

> With gossip, the volunteer adds I3 and then they're done. Everyone else
> learns about I3 from I1/I2, then remembers I3, and connects to it even
> though I1 is gone.
> 
> If you generalize this, then all nodes can function as introducers, and
> there's no need for dedicated Introducer nodes. As long as at least one
> node with a public IP is up at any given time, everybody else can learn
> the current state of the world.

This sounds perfect.  I wonder if this system is susceptible to
introducer spam attacks of some sort, though.  I image those would be an
annoyance at best.

[1]: https://tahoe-lafs.org/pipermail/tahoe-dev/2012-June/007505.html

darrob
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From ben at links.org  Tue Jul  3 03:09:37 2012
From: ben at links.org (Ben Laurie)
Date: Tue, 3 Jul 2012 11:09:37 +0100
Subject: [cryptography] Shared key in DPI device...
Message-ID: <mailman.3568.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

I thought this might interest the list:


Vulnerability in Cyberoam DPI devices [30 Jun 2012] (CVE-2012-3372)
===================================================================

Cyberoam make a range of DPI devices (http://www.cyberoamworks.com/)
which are capable of intercepting SSL connections.

In common with all such devices, in order to intercept these
connections without causing certificate warnings, the devices require
that a certificate must be issued for the intercepted site by a CA
browsers trust.

There are two ways to achieve this - one is to persaude an existing
trusted CA to issue a certificate for the site to be intecepted, or an
intermediate CA that can then be used to generate new certificates on
the fly. This latter behaviour recently got Trustwave in trouble.

The second method is to have each willing victim[1] install a new
trusted CA in their browser, and have that CA issue the fake
certificates. This is, of course, the only legitimate way to use these
devices and we are pleased to see that this is the approach Cyberoam
reveal to the public.

However, it is a little surprising that the Cyberoam devices appear to
all use exactly the same CA. This can be seen to be so by looking at
the support page describing how to avoid warnings:
http://docs.cyberoam.com/default.asp?id=300. Examination of a
certificate chain generated by a Cyberoam device shows that this CA is
not used to sign an intermediate which is then used by the device, and
so therefore all such devices share the same CA certificate and hence
the same private key.

It is therefore possible to intercept traffic from any victim of a
Cyberoam device with any other Cyberoam device - or, indeed, to
extract the key from the device and import it into other DPI devices,
and use those for interception. Perhaps ones from more competent
vendors.

[1] In the corporate setting, willing victims are often known as
"employees". Unwilling victims should not, of course, install the CA
certificate, nor should they click through certificate warnings.

Mitigation
==========

Victims should uninstall the Cyberoam CA certificate from their
browsers and decline to complete any connection which gives a
certificate warning.

Credit
======

This issue was discovered and analysed by Runa A. Sandvik of the Tor
Project and Ben Laurie.
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From trevor at eff.org  Tue Jul  3 11:59:28 2012
From: trevor at eff.org (Trevor Timm)
Date: Tue, 03 Jul 2012 11:59:28 -0700
Subject: [drone-list] EFF and MuckRock partner to find out about US drone use
Message-ID: <mailman.3569.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

Hey folks,

We just launched a new facet of our campaign to find out how local US
police agencies are using drones. We are partnering with MuckRock to
file public records requests with every police agency already on the
drone authorization list we got from the FAA via our Freedom of
Information Act lawsuit.

MuckRock also has an easy-to-use system where users can also file their
own requests with their local agencies that aren't on the list, but
which may be in the process of acquiring drones.

Our post announcing the project is here:
https://www.eff.org/deeplinks/2012/07/eff-and-muckrock-partner-see-how-your-local-police-are-using-drones

And MuckRock's announcement is here:
https://www.muckrock.com/news/archives/2012/jul/03/drone-watch-help-eff-and-muckrock-uncover-planned-/

Hope you enjoy.

Best,
Trevor

-- 
Trevor Timm
Activist
Electronic Frontier Foundation
trevor at eff.org
415.436.9333 ext. 104
www.eff.org
454 Shotwell Street
San Francisco, CA 94110

Defending your civil liberties in the digital world.

_______________________________________________
drone-list mailing list
drone-list at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/drone-list

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From zookog at gmail.com  Tue Jul  3 08:17:15 2012
From: zookog at gmail.com (Zooko O'Whielacronx)
Date: Tue, 3 Jul 2012 12:17:15 -0300
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <mailman.3570.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

On Sun, Jul 1, 2012 at 9:51 PM, Brian <warner at lothar.com> wrote:
>

... snipping out a lot of useful, clearly written details about the
new introduction and accounting mechanisms ...

> I think we can probably accomodate that. I'm optimizing for our two main use cases: friendnet and paid-service.
>
> In the friendnet, nearly all nodes are both a client *and* a server.

This is not true of the grid I'm most familiar with: volunteergrid2.
In that grid almost every node is either a client or a server --
almost no nodes act as both. (I think. This is just judging from
reading the volunteergrid2-l mailing list.)

Maybe we need two different names, one for the "p2p style" friendnet
that you describe in your letter (partially quoted below) and the
other for the "sysadmins offering one another access to their servers"
friendnet, such as volunteergrid2.

> The main question is whether nodes which are both clients and servers should have a single key, or two separate keys (I prefer a single key, because it makes reciprocal storage-permission grants easier).

I don't understand enough to have an opinion on that specific
question, but in general I think there is a growing tension between
"p2p style" and "client/server style", and the above smells like
baking "p2p style" into the introduction protocol.

> What I really want is to make it super-easy for a new user to get their node running and connected to their friend's existing grid. And, more importantly, for that *first* friend to set up that grid.
...
>   The first friend (Alice) hears about Tahoe from her favorite blog, and installs it with her favorite package manager.
...
>   She hits the "Invite A Friend" button,
...
>   All grid members get a control panel where they can see who else is using their storage, allow/deny access, and control where their own node places shares. By default, anyone who gets invited to join the grid gets full access to storage on all members' servers, but access can be revoked at any time.

I think that's great! I love the idea! I hope you keep working on it,
and I will endeavour to help. If we succeed, it will be the
long-awaited reincarnation of the Mojo Nation dream.

But, it is rather different in deployment/management from what our
current users do with our current software. Maybe it won't work out.
It requires engineering effort to implement and maintain, makes the
behavior of the software harder to predict, and introduces more
complex failure modes.

If possible, I would like to support people continuing to use
Tahoe-LAFS as service administered by diligent sysadmins even while
extending it to be deployable by inattentive end users as you've
envisioned.

I think not too far down this path there might come a time to split
Tahoe-LAFS into separate packages targeted at different deployment
scenarios. Note that the i2p folks appear to have already forked it
for this reason -- in order to maintain different deployment features!
Also note that you, Brian, have published some experimental
forks/variants focused on different deployment patterns.

If you want "user friendly p2p software", then you probably want:

b" Which services? Each node operates, by default, multiple services --
storage server, storage client == web gateway, introducer/gossiper,
and in the future other services like relay server (to help get around
incomplete connectivity of the underlying network -- #445).

b" Which IP addresses? Nodes automatically detect their own IP
addresses, such as by inspecting the output of "/sbin/ifconfig" or
"route.exe", or opening a TCP connection to some helpful STUNT/ICE
server and asking that server what IP address your packets appear to
be coming from (#50).

b" Which connections? Nodes advertise multiple IP addresses / DNS names
(possibly including those auto-discovered as above, plus any that were
manually entered by the user (#754), plus 127.0.0.1 or any
globally-non-routeable IP addresses revealed by ifconfig, and possibly
in the future including indirection through a relay server), peers
attempt to connect to nodes on all advertised IP addresses / DNS names
in parallel, then use whichever connections succeeded.

b" How to handle NAT/firewall/inconveniently-behaving-router? Nodes
utilize the latest and greatest Romulan packet technology, such as
UPnP (#49), "NAT hole punching" techniques (#169) or even B5TP (#1179)
or relay service (#445) to breeze through such impediments as though
they weren't even there.

b" Reverse connections? If a TCP connection is established from node A
to node B, then B can use that in the "reverse direction" to make
requests of A, just as well as A can use it to make requests of B.
This means that if A is behind a firewall which allows outgoing but
not incoming connections to be established, and A established an
outgoing connection to B, then B can use A as a server, but C, which
for some reason didn't get a connection from A, cannot use A as a
server. (#1086)

If you want "sysadmin-friendly software" then you probably want the
opposite of all these features!

b" Which services? Each node operates, by default, only the services
that the operator manually configured it to run. Even better you can
install the software sufficient to run a specific kind of node, e.g. a
storage server, without installing the software that would let it run
other servers, such as introducers or storage clients (#1694).

b" Which IP addresses? Nodes do not automatically detect their own IP
addresses, but instead use only the IP address that their sysadmin
manually told them to use. This is especially important for tor and
i2p people where any auto-discovered IP address threatens the user's
safety (#517).

b" Which connections? You try to establish the prescribed TCP
connection(s) to your server. If that fails, you log/announce failure.
In the future you might even be able to configure it to run
exclusively over HTTP(S) and then pass all of its connections through
your HTTP proxies and Web Services tools (#510, #1007).

(Although sysadmins may actually like the "try to connect to multiple
IP/DNS addresses at once" feature, if it is sufficiently
understandable and controllable to them. It would ease some headaches
provided by the Amazon Web Services EC2 TCP/DNS infrastructure, for
example.)

b" How to handle NAT/firewall/inconveniently-behaving-router? If you
can't establish a TCP connection to your prescribed target, then
obviously you should not talk to it. Either some wise sysadmin doesn't
want you to (firewall) or some stupid sysadmin has screwed up the
network config and needs to fix it. In either case you should log
failure and give up immediately.

b" Reverse connections? Clients connect to servers. Servers do not
connect to clients, clients do not connect to other clients, and
servers do not connect to other servers (#344). To violate this
principle means you will receive a visit from your keen-eyed sysadmin
who will want to know what the hell you are doing B9.

Don't get me wrong -- I think the p2p style, which foolscap already
implements part of -- is sweet. I'd like to improve it, in the
interests of making Tahoe-LAFS deployment more automatic for
end-users. However, we should probably pay attention to the fact that
many of our current users do not use those features, and some of them
are actively requesting the ability to turn off those features.

Maybe some kind of friendly fork or more targeted packaging would help
us manage these diverging deployment scenarios?

Regards,

Zooko

B9 https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1010#comment:18

https://tahoe-lafs.org/trac/tahoe-lafs/ticket/49# UPnP
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/50# STUNT/ICE
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/169# tcp hole-punching!
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/344# more
client-vs-server refactoring: servers-only shouldn't subscribe to
storage announcements
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/445# implement relay:
allow storage servers behind NAT
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/510# use plain HTTP for
storage server protocol
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/517# make tahoe Tor- and
I2P-friendly
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/754# merge manually
specified tub location with autodetected tub location
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1007# HTTP proxy support
for node to node communication
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1086# servers should
attempt to open connections to clients
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1179# use N<TP
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1694# package client and
server separately
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gdt at ir.bbn.com  Tue Jul  3 10:00:49 2012
From: gdt at ir.bbn.com (Greg Troxel)
Date: Tue, 03 Jul 2012 13:00:49 -0400
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <mailman.3571.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>


  Don't get me wrong -- I think the p2p style, which foolscap already
  implements part of -- is sweet. I'd like to improve it, in the
  interests of making Tahoe-LAFS deployment more automatic for
  end-users. However, we should probably pay attention to the fact that
  many of our current users do not use those features, and some of them
  are actively requesting the ability to turn off those features.

  Maybe some kind of friendly fork or more targeted packaging would help
  us manage these diverging deployment scenarios?

What needs to be forked?  Isn't it just a question of usage, with a mode
of client-only, server-only, or both, perhaps enabling reverse
connections, and a few other things?  All these issues seem trivial in
terms of code weight relative to what we have now.




_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Tue Jul  3 05:55:18 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 14:55:18 +0200
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <20120703125518.GK12615@leitl.org>

----- Forwarded message from darrob <darrob at i2pmail.org> -----


From eugen at leitl.org  Tue Jul  3 05:56:47 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 14:56:47 +0200
Subject: [cryptography] Shared key in DPI device...
Message-ID: <20120703125647.GL12615@leitl.org>

----- Forwarded message from Ben Laurie <ben at links.org> -----


From eugen at leitl.org  Tue Jul  3 05:59:42 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 14:59:42 +0200
Subject: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for
  Access 	Innovation Prize 2012
Message-ID: <20120703125942.GP12615@leitl.org>

----- Forwarded message from Michiel de Jong <michiel at unhosted.org> -----


From eugen at leitl.org  Tue Jul  3 06:21:59 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 15:21:59 +0200
Subject: [cryptography] Key extraction from tokens (RSA SecurID,
  etc) 	via padding attacks on PKCS#1v1.5
Message-ID: <20120703132159.GS12615@leitl.org>

----- Forwarded message from Michael Nelson <nelson_mikel at yahoo.com> -----


From eugen at leitl.org  Tue Jul  3 08:19:57 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 17:19:57 +0200
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <20120703151957.GX12615@leitl.org>

----- Forwarded message from Zooko O'Whielacronx <zookog at gmail.com> -----


From jya at pipeline.com  Tue Jul  3 15:40:47 2012
From: jya at pipeline.com (John Young)
Date: Tue, 03 Jul 2012 18:40:47 -0400
Subject: Jim Bell Released from Prison
Message-ID: <E1SmBmA-0000ZT-00@pop04.mail.atl.earthlink.net>

Jim was released March 12, 2012:

http://www.bop.gov/iloc2/InmateFinderServlet?Transaction=NameSearch&needingMoreList=false&FirstName=james&Middle=dalton&LastName=bell&Race=U&Sex=U&Age=&x=77&y=28Bell%27s

Taken from a long article on Bitcoin in IEEE Spectrum, June 2012, which
credits 1992 cypherpunks for Bitcoin foundation:

http://spectrum.ieee.org/computing/software/bitcoin-the-cryptoanarchists-answer-to-cash/0




From david-sarah at jacaranda.org  Tue Jul  3 13:16:27 2012
From: david-sarah at jacaranda.org (David-Sarah Hopwood)
Date: Tue, 03 Jul 2012 21:16:27 +0100
Subject: [tahoe-dev] Announcing Tahoe-LAFS v1.9.2
Message-ID: <mailman.3572.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

ANNOUNCING Tahoe, the Least-Authority File System, v1.9.2

The Tahoe-LAFS team is pleased to announce the immediate
availability of version 1.9.2 of Tahoe-LAFS, an extremely
reliable distributed storage system. Get it here:

https://tahoe-lafs.org/source/tahoe-lafs/trunk/docs/quickstart.rst

Tahoe-LAFS is the first distributed storage system to offer
"provider-independent security" b meaning that not even the
operators of your storage servers can read or alter your data
without your consent. Here is the one-page explanation of its
unique security and fault-tolerance properties:

https://tahoe-lafs.org/source/tahoe-lafs/trunk/docs/about.rst

The previous stable release of Tahoe-LAFS was v1.9.1, released
on January 12, 2012.

v1.9.2 is a bugfix release that primarily fixes regressions
in mutable file support. See the NEWS file [1] for details.


WHAT IS IT GOOD FOR?

With Tahoe-LAFS, you distribute your filesystem across
multiple servers, and even if some of the servers fail or are
taken over by an attacker, the entire filesystem continues to
work correctly, and continues to preserve your privacy and
security. You can easily share specific files and directories
with other people.

In addition to the core storage system itself, volunteers
have built other projects on top of Tahoe-LAFS and have
integrated Tahoe-LAFS with existing systems, including
Windows, JavaScript, iPhone, Android, Hadoop, Flume, Django,
Puppet, bzr, mercurial, perforce, duplicity, TiddlyWiki, and
more. See the Related Projects page on the wiki [3].

We believe that strong cryptography, Free and Open Source
Software, erasure coding, and principled engineering practices
make Tahoe-LAFS safer than RAID, removable drive, tape,
on-line backup or cloud storage.

This software is developed under test-driven development, and
there are no known bugs or security flaws which would
compromise confidentiality or data integrity under recommended
use. (For all important issues that we are currently aware of
please see the known_issues.rst file [2].)


COMPATIBILITY

This release is compatible with the version 1 series of
Tahoe-LAFS. Clients from this release can write files and
directories in the format used by clients of all versions back
to v1.0 (which was released March 25, 2008). Clients from this
release can read files and directories produced by clients of
all versions since v1.0. Servers from this release can serve
clients of all versions back to v1.0 and clients from this
release can use servers of all versions back to v1.0.

This is the seventeenth release in the version 1 series. This
series of Tahoe-LAFS will be actively supported and maintained
for the foreseeable future, and future versions of Tahoe-LAFS
will retain the ability to read and write files compatible
with this series.


LICENCE

You may use this package under the GNU General Public License,
version 2 or, at your option, any later version. See the file
"COPYING.GPL" [4] for the terms of the GNU General Public
License, version 2.

You may use this package under the Transitive Grace Period
Public Licence, version 1 or, at your option, any later
version. (The Transitive Grace Period Public Licence has
requirements similar to the GPL except that it allows you to
delay for up to twelve months after you redistribute a derived
work before releasing the source code of your derived work.)
See the file "COPYING.TGPPL.rst" [5] for the terms of the
Transitive Grace Period Public Licence, version 1.

(You may choose to use this package under the terms of either
licence, at your option.)


INSTALLATION

Tahoe-LAFS works on Linux, Mac OS X, Windows, Solaris, *BSD,
and probably most other systems. Start with
"docs/quickstart.rst" [6].


HACKING AND COMMUNITY

Please join us on the mailing list [7]. Patches are gratefully
accepted -- the RoadMap page [8] shows the next improvements
that we plan to make and CREDITS [9] lists the names of people
who've contributed to the project. The Dev page [10] contains
resources for hackers.


SPONSORSHIP

Atlas Networks has contributed several hosted servers for
performance testing. Thank you to Atlas Networks [11] for
their generous and public-spirited support.

And a special thanks to Least Authority Enterprises [12],
which employs several Tahoe-LAFS developers, for their
continued support.

HACK TAHOE-LAFS!

If you can find a security flaw in Tahoe-LAFS which is serious
enough that we feel compelled to warn our users and issue a fix,
then we will award you with a customized t-shirts with your
exploit printed on it and add you to the "Hack Tahoe-LAFS Hall
Of Fame" [13].


ACKNOWLEDGEMENTS

This is the eleventh release of Tahoe-LAFS to be created solely
as a labor of love by volunteers. Thank you very much to the
team of "hackers in the public interest" who make Tahoe-LAFS
possible.

David-Sarah Hopwood
on behalf of the Tahoe-LAFS team

July 3, 2012
Rainhill, Merseyside, UK


[1] https://tahoe-lafs.org/trac/tahoe-lafs/browser/NEWS.rst
[2] https://tahoe-lafs.org/trac/tahoe-lafs/browser/docs/known_issues.rst
[3] https://tahoe-lafs.org/trac/tahoe-lafs/wiki/RelatedProjects
[4] https://tahoe-lafs.org/trac/tahoe-lafs/browser/COPYING.GPL
[5] https://tahoe-lafs.org/trac/tahoe-lafs/browser/COPYING.TGPPL.rst
[6] https://tahoe-lafs.org/trac/tahoe-lafs/browser/docs/quickstart.rst
[7] https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
[8] https://tahoe-lafs.org/trac/tahoe-lafs/roadmap
[9] https://tahoe-lafs.org/trac/tahoe-lafs/browser/CREDITS
[10] https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Dev
[11] http://atlasnetworks.us/
[12] https://leastauthority.com/
[13] https://tahoe-lafs.org/hacktahoelafs/




_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Tue Jul  3 13:03:28 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 22:03:28 +0200
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <20120703200328.GD12615@leitl.org>

----- Forwarded message from Brian <warner at lothar.com> -----


From eugen at leitl.org  Tue Jul  3 13:04:51 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 22:04:51 +0200
Subject: [tahoe-dev] switching from introducers to gossip?
Message-ID: <20120703200451.GE12615@leitl.org>

----- Forwarded message from Greg Troxel <gdt at ir.bbn.com> -----


From eugen at leitl.org  Tue Jul  3 13:39:52 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 22:39:52 +0200
Subject: [drone-list] EFF and MuckRock partner to find out about US
  drone 	use
Message-ID: <20120703203952.GQ12615@leitl.org>

----- Forwarded message from Trevor Timm <trevor at eff.org> -----


From eugen at leitl.org  Tue Jul  3 13:48:42 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 3 Jul 2012 22:48:42 +0200
Subject: [tahoe-dev] Announcing Tahoe-LAFS v1.9.2
Message-ID: <20120703204842.GT12615@leitl.org>

----- Forwarded message from David-Sarah Hopwood <david-sarah at jacaranda.org> -----


From sabinamagnolia at corp.classmates.com  Wed Jul  4 00:57:38 2012
From: sabinamagnolia at corp.classmates.com (MacyNikole)
Date: Wed, 04 Jul 2012 01:57:38 -0600
Subject: a brand you can trust - Lose weight on the homeopathic HCG Diet without heavy exercise 52sdy
Message-ID: <4ff3f772.b1b7a182@corp.classmates.com>

  
HCG Diet Direct - hCG Diet Drops - Homeopathic Drops
HCG Diet Direct - Lose weight on the homeopathic HCG Diet without heavy exercise or without frozen or prepared foods to buy. HCG Diet Direct - a brand you can trust
http://salestut.ru
                  




From spike at tenbus.co.uk  Tue Jul  3 23:47:18 2012
From: spike at tenbus.co.uk (Spike (Chris Foote))
Date: Wed, 04 Jul 2012 07:47:18 +0100
Subject: [drone-list] AUVSI publish 'Unmanned Aircraft System Operations,Industry bCode of Conductb'
Message-ID: <mailman.3573.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

The Association for Unmanned Vehicle Systems International (AUVSI) have  
recently published a document entitled  'Unmanned Aircraft System  
Operations,Industry bCode of Conductb'.

Is is available to download (as a .pdf file) from  
http://www.auvsi.org/conduct

Spike

_______________________________________________
drone-list mailing list
drone-list at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/drone-list

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul  4 02:47:20 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 4 Jul 2012 11:47:20 +0200
Subject: [drone-list] AUVSI publish =?utf-8?Q?'Unma?= 
  =?utf-8?Q?nned_Aircraft_System_Operations=2CIndustry_=E2=80=9CCode_of_Con?=
  	=?utf-8?B?ZHVjdOKAnSc=?=
Message-ID: <20120704094720.GX12615@leitl.org>

----- Forwarded message from "Spike (Chris Foote)" <spike at tenbus.co.uk> -----


From measl at mfn.org  Wed Jul  4 10:21:52 2012
From: measl at mfn.org (J.A. Terranson)
Date: Wed, 4 Jul 2012 12:21:52 -0500 (CDT)
Subject: Log Live the Qbit!
Message-ID: <Pine.LNX.4.64.1207041220160.12002@mx1.mfn.org>

http://www.theregister.co.uk/2012/07/04/quantum_computing_room_temperature/
Boffins pull off room-temp quantum computing with home-grown gems
Diamond test gives hope to luke-warm server strokers

By Brid-Aine Parnell . Get more from this author

Posted in Physics, 4th July 2012 15:02 GMT

Free whitepaper . Enabling Datacenter and Cloud Service Management for 
Mid-Tier Enterprises

One of the very many reasons there won't be quantum computing any time 
soon is that the quantum bits (qubits) need to be at absolute zero - not 
very practical for the average server room, much less the lowly desktop.

However, Harvard tech boffins have come up with a way to create a qubit in 
a solid-state system at room temperature that can store information for 
nearly two seconds, an increase of around six orders of magnitude over the 
lifespan of earlier systems.

Problem solved. Except for one tiny issue: to do it, the researchers had 
to use diamonds. (The gems were lab-grown, so they didn't have to use the 
world's finite supply of naturally occurring diamonds . but still, 
building a computer out of diamonds is surely not going to be easy, is 
it?)

"We have a qubit at room temperature that we can measure with very high 
efficiency and fidelity. We can encode data in it, and we can store it for 
a relatively long time," professor of physics Mikhail Lukin (pictured on 
the left) said in a canned statement.

Scientists figured out a couple of years ago that atomic-scale impurities 
in lab-grown diamonds called nitrogen-vacancy (NV) centres behave like 
single atoms, having a spin that can be polarised. With the help of 
lasers, they can control that spin and figure out its orientation. But it 
wasn't yet an idea they tried out with qubits because they can only hold 
data for around a millionth of a second before their quantum properties 
drop out.

The Harvard boffins figured out that the NV centres would mirror carbon-13 
atoms, which are also in the diamonds. So they could put the info in a 
carbon-13 atom and monitor the NV centre to "read" the data. Whenever they 
don't want the NV centre to read the atom, they use massive amounts of 
laser light to keep it occupied.

They can also hit the diamond with radio frequency pulses to suppress 
interaction between the carbon-13 isotope and other atoms in order to 
extend the life of the qubit.

"We believe this work is limited only by technical issues, so it looks 
feasible to increase the life span into the range of hours. At that point, 
a host of real-world applications become possible," Lukin said.

The boffins foresee the system being used for paying for stuff (not the 
diamond bit, the computer bit); in highly secure networks . where it would 
be used for transmitting data; and for building quantum computers, natch.

The study was published in Science. .

//Alif

-- 
"What kind of world do we live in when the views of the oppressed are
expressed at the convenience of their oppressors?"

Alik Shahadah




From eugen at leitl.org  Wed Jul  4 07:29:26 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 4 Jul 2012 16:29:26 +0200
Subject: Brainwallet: The Ultimate in Mobile Money
Message-ID: <20120704142926.GM12615@leitl.org>

(this is actually easier than you think! it works, try it out)

http://www.forbes.com/sites/jonmatonis/2012/03/12/brainwallet-the-ultimate-in-mobile-money/

Brainwallet: The Ultimate in Mobile Money

For as much as I am fascinated by the societal and political implications of
bitcoin, I must admit that I am equally fascinated by the implications of
Brainwallet. Quite simply, a brainwallet, or thoughtcoin, refers to the
concept of storing bitcoin in onebs own mind by memorization of a special and
unpredictable phrase. No, you are not actually storing the bitcoin in your
mind but you are storing the access mechanism, or seed, to your stashbs
private key.

For example, the phrase must be sufficiently long (12 words or more) to
prevent a brute force guessing attack, such as bI went seeking freedom, but
all the worldbs islands were already taken.b It is further suggested not to
use a simple phrase or a phrase taken from existing literature because it is
more likely to be hacked by a computer that systematically attempts all
phrases, similar to a dictionary attack. You want a high level of word
entropy. Seemingly random modifications of the phrase would aid in
strengthening brainwallet, such as bI went seeking freeeedom, but all the
worldbs issslands were alreaDy taken.b These simple changes make the entire
phrase very difficult to predict.

Next, the phrase itself without the quotation marks is turned into a 256-bit
private key with a hashing or key derivation algorithm. Completing this
process turns my secret phrase into the 64-character hexadecimal key shown
below (this should be kept secret also):

8E66837DDD412A72007571BF05977C7005324B285B918AB0DBC9A2BA9B86F849

You are basically creating your own public Bitcoin address by personally
determining the private key and that single instance is sufficient for our
brainwallet. With larger deterministic wallets, multiple public/private key
pairs are generated using a broot keyb derived from a starting seed and a
bchaincodeb, thus allowing a continual creation of different key pairs based
on the same root node. So the final step in our process is to use this
hexadecimal key to compute a standard bitcoin address with a utility such as
one provided by Casascius or Electrum. Additionally, you can perform this
function on bitaddress, a JavaScript client-side bitcoin wallet generator,
and even run a stored version locally on an offline computer for security.
The testing-only site is Bitcoin Tools. I add the serious disclaimers that
hashing/address generation should not be performed online and, although
possible, the importation of private keys is not yet standard functionality
on most bitcoin clients. Given that, my hexadecimal key computes into the
following base58 Bitcoin address:

1BgciYijPjVWvnpChmBNwB3isZUFKCJSox

Now, you are ready to receive bitcoin from anywhere in the world and have the
peace of mind that the corresponding private key to unlock, access, and
transfer those bitcoin resides solely in your brain. If you forget the phrase
or if you die suddenly, the bitcoin is lost and unrecoverable just like if
you had burned cash. You can even memorize multiple phrases for multiple
accounts, like casual spending and nest egg savings. Why is this so profound?

For starters, it represents the ultimate in mobile money. You have complete
financial privacy and asset protection combined with the ability to have
those assets fully accessible from anywhere in the world provided there is
Internet connectivity or a telephone. You are also protected from theft or
confiscation unless a legal jurisdiction can force you to reveal your bitcoin
private key that isnbt even known to exist. Possible applications include
revealing the secret phrase to a loved one for inheritance reasons or even
splitting the phrase into segments with each family member possessing a
portion of the total phrase. Off-grid transactions are also possible by
simply conveying the phrase via voice or encrypted email. It would also be
possible to send bitcoin immediately to someone without an existing address
because one could easily be created based on a selected phrase.

It may be awhile before this practice is commonplace since most people do not
use bitcoin on a regular basis and most of those do not generate
deterministic keys holding $1 million. But, it sure beats lugging around 17
kilos of gold bullion.




From eugen at leitl.org  Wed Jul  4 09:26:56 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 4 Jul 2012 18:26:56 +0200
Subject: The Invisible Bank: How Kenya Has Beaten the World in Mobile
  Money
Message-ID: <20120704162656.GX12615@leitl.org>

http://newswatch.nationalgeographic.com/2012/07/04/the-invisible-bank-how-kenya-has-beaten-the-world-in-mobile-money/

The Invisible Bank: How Kenya Has Beaten the World in Mobile Money

Posted by Ken Banks of National Geographic Emerging Explorer on July 4, 2012

Click a few keys, exchange a few numbers, and itbs done. With just a mobile
phone and a registration with Safaricom, Kenyabs mobile service giant, you
can pay for anything in seconds b no cash, no long journeys to towns to reach
a bank, and no long lines when you get there. This is m-Pesa, the
revolutionary approach to banking which is changing economies across Africa.
The service allows customers and businesses to pay for anything without
needing cash, a bank account, or even a permanent address. In todaybs Digital
Diversity, in honour of its recent fifth birthday, we present a beginnerbs
guide to m-Pesa and examine its implications for financial access in
developing economies.

Digital Diversity is a series of blog posts from kiwanja.net about the way
mobile phones and other appropriate technologies are being used throughout
the world to improve, enrich, and empower billions of lives.

By Olivia ObSullivan

In the developed world, we are used to the idea that we created the model of
industrial and economic progress which other countries must follow. Many of
our big ideas about development rest on the assumption that the West cracked
the formula for economic progress sometime in the 19th century, and what we
need now is for the developing world to bcatch upb. Even the language we use
encapsulates this idea, in the division between bdevelopedb and bdevelopingb.
But new innovations are challenging the idea that development requires
handing ideas down from developed to developing. In banking and finance, the
big ideas in cashless transfers and mobile, flexible exchanges are not to be
found in Geneva or London or New York. A revolution in mobile money transfer
has occurred, but not in these financial centres. Instead, itbs happened in
Kenya, with m-Pesa.

The service was developed between Safaricom and Vodafone, and launched in
2007. And itbs not just something used in cities or by big commercial
interests. By 2010, over 50% of Kenyabs population had used it b this means
rural villagers haggling over produce, then using their Nokias to make the
final deal. It means Masai herdsmen bringing their phones to market along
with their cattle, ready to stock up on essentials to bring back to their
homes.

The widespread use of mobile phones in Africa provides huge potential for
innovation. (Photo: Kiwanja)

For people who live in isolated areas, the service means no longer having to
carry lots of cash to markets or towns, risking losing huge amounts to
banditry and theft. For people without permanent addresses or bank accounts,
the service means they can pay what cash they have to m-Pesa in exchange for
mobile credit, making payments and transfers and building up savings b
becoming participants in an economy from which they had previously been
locked out. For migrants, the service allows them to send money home to their
families and villages safely and simply. Safaricombs international money
transfer service uses a similar system for international immigrants,
coordinating great webs of remittances and payments across the world. For
Kenyan businesses, the service means payments for stock or repairs can happen
almost instantaneously, wiping out the need to rely on bank clearances and
flawed infrastructure which had clogged the economy with inefficiencies and
delays.

So how does it work? m-Pesa relies on a network of small shop-front
retailers, who register to be m-Pesa agents. Customers come to these
retailers and pay them cash in exchange for loading virtual credit onto their
phone, known as e-float. E-float can be swapped and transferred between
mobile users with a simple text message and a system of codes. The recipient
of e-float takes her mobile phone into her nearest retailer when she wants to
cash in, and swaps her text message code back for physical money. There are
already more m-Pesa agents in Kenya than there are bank branches.

An mPesa agent. (Photo: Laxman Rajagopalan)

Such a system also requires intermediaries, to get the cash to m-Pesa agents,
and ensure cash movement keeps up with e-float exchanges. In this way, the
system has created new jobs, with some intermediaries and retailers earning
$1000 a month in commission from m-Pesa transactions.

As of m-Pesabs fifth birthday b March 6 2012 b it had been used by a
staggering 15 million people. The system was employed by the bKenyans for
Kenyab campaign to raise money for Kenyans suffering from the Horn of Africa
drought b just one way in which it has contributed to independence and
innovation in Kenyabs economy.

In response to m-Pesabs success, the model has been imitated in other
countries. Africabs biggest mobile operator MTN has rolled out schemes
elsewhere, the most ambitious in Kenyabs neighbour Uganda. Central banks in
some countries, such as Brazil, have now created financial inclusion teams,
with a vision for using similar systems to bring financial access to the poor
and isolated. The Indian government has also shown determination to achieve
this aim, and analysts predict, with its strong IT infrastructure and dense
population, India too could be on the road to becoming a cash-light,
financially inclusive economy in the near future.

m-Pesa is a triumph of thinking locally but dreaming big. (Photo: Kiwanja)

m-Pesa has big things to say about the future of African economies. It
demonstrates the potential in the huge and rapid dissemination of mobile
phones and other flexible, adaptable technologies on the continent. But it
also shows the value of dreaming big but thinking locally. M-Pesa is not an
attempt to recreate developed countriesb banking systems in Africa. Instead,
itbs an idea which has been tailored to the Kenyan environment. Rather than
giving up on poor, isolated communities as unbankable, it has extended
financial services to their most apparently unlikely customers. Rather than
giving up on sophisticated economic transactions in countries with poor
infrastructure, it has found a way to circumvent that infrastructure,
creating a virtual, mobile one of its own.

Olivia ObSullivan has worked for the Guardian newspaper, the Sudan team of
the UN Peacekeeping Department and with the London NGO Waging Peace. She is
an MPhil in International Relations at Cambridge University. She previously
studied History at Cambridge University and Diplomacy and World Affairs at
Occidental College, California. She is currently the Research and Media
Assistant for kiwanja.net/FrontlineSMS.

Digital Diversity is produced by Ken Banks, innovator, mentor,
anthropologist, National Geographic Emerging Explorer and Founder of
kiwanja.net / FrontlineSMS. He shares exciting stories in bDigital Diversityb
about how mobile phones and appropriate technologies are being used
throughout the world to improve, enrich, and empower billions of lives.

You can read all the posts in this series, visit his website, or follow him
on Twitter.




From valeriemaryland at kalmangroner.com  Wed Jul  4 06:15:50 2012
From: valeriemaryland at kalmangroner.com (Sunni Sheridan)
Date: Wed, 04 Jul 2012 21:15:50 +0800
Subject: Buy ORIGINAL Phentermine 37.5mg (Adipex) From $119 As Low as $2.92/Pill!!! NO RX Required!!! Fast & Secure Shipping!! VISA & eCHECK Accepted, Order Today & Save!! h79wyh3
Message-ID: <40f71l35d25-16603835-738a7a88@atqpusmomp>

                
Buy Phentermine 37.5mg 90 Pills $289!! Buy ORIGINAL Phentermine 37.5mg (Adipex) From $119 As Low as $2.92/Pill!!! NO RX Required!!! Fast & Secure Shipping!! VISA & eCHECK Accepted, Order Today & Save!! 
http://777pharm-mall.ru
                 




From arebentisch at lxdesystems.com  Wed Jul  4 14:10:04 2012
From: arebentisch at lxdesystems.com (Andre Rebentisch)
Date: Wed, 04 Jul 2012 23:10:04 +0200
Subject: [liberationtech] We did it! #acta
Message-ID: <mailman.3574.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

Am 04.07.2012 21:50, schrieb Anne Roth:
> I'm sure most have come across this news today but just in case: the
> European Parliament rejected ACTA today with a huge majority:
> 478 against, 39 in favour, 165 abstentions. ACTA is over.

Technically ACTA could enter into force outside the EU when ratified by
its non-EU members. Politically it is cratered.

Commissioner Karel de Gucht argued the Commission would seek approval
("consent") again after an opinion of the European Court of Justice.
That won't happen, simply because the ECJ would probably dismiss the
case as the process is terminated, and even if they ruled it legal the
Commission couldn't reconsult.

> It's possible. Not sure if we can win the war (referring to a keynote of
> the CCC congress some years ago) but we can definitely win battles.

That is the main step on the learning curve of successful Europarl
battles, a positive attitude towards representative democracy, escaping
defaitism. But we don't need insane campaigns for the impossible. In
early stages it takes very few persons and small resources. Four years
ago it was possible to put it asleep with approx. 10k and a bit
complicated technical voodoo.

What's hardly known is that this week, yesterday, the EU Parliament
strengthened the EU customs enforcement framework, the corresponding
element of the ACTA package in the acquis communautaire:
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+REPORT+A7-2012-0046+0+DOC+XML+V0//EN

I sincerely hope people would not waste their capacity upon the INDECT
honeypot now.

Best,
Andri
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From kleinesk-uw at jenniferlopezfan.com  Thu Jul  5 02:16:58 2012
From: kleinesk-uw at jenniferlopezfan.com (=?koi8-r?B?4sXM2cUg08jFzdk=?=)
Date: Thu, 5 Jul 2012 01:16:58 -0800
Subject: =?koi8-r?B?8dfO2cUg0NLJ2s7By8kgzsHMz8fP19nIINPIxc0=?=
Message-ID: <000d01cd5a86$8c1c6100$6400a8c0@kleinesk-uw>

   11 Июля 2012 г.

Явные признаки налоговых схем и как их избежать

8 Моск. код: 742.9I_98 \\// Московский код; 742.9I98

Программа:

1. Общие понятия. "Черные", "серые" и "белые" схемы. "Явные признаки налоговых схем": происхождение и способы выявления.

2. Прямая и косвенная аффилированность. Что такое аффилированность и взаимозависимость лиц по новому антитрансфертному законодательству. Признаки аффилированности, в т.ч. косвенные. Негативные последствия аффилированности и когда она допустима. "Искусственное дробление бизнеса с целью уклонения от уплаты налогов" (подход "как к ЮКОСу", примеры его использования после собственно ЮКОСа, применение к "однодневкам"). Деловые цели, обосновывающие деление бизнеса. Что делать если аффилированность уже есть: три возможных модели поведения. Примеры из практики.

3. Способы ухода от аффилированности. Использование номинальных учредителей и директоров компаний, ИП. Кто может быть номиналом? Номиналы-нерезиденты: юридические и физические лица. Траст: номиналы по закону, а не "по понятиям". Как защититься от номинала: юридические и экономические способы. Простое товарищество с физлицом-номиналом?

4. Отсутствие убедительной деловой цели сделок/действий налогоплательщика или происходящих в бизнесе изменений. Постановление ВАС ╧ 53. Для чего нужна "легенда" и кому ее рассказывать? Когда никакая легенда не спасет. Две модели построения легенды: "инициатива сверху" и "инициатива снизу". Косвенное документальное подтверждение легенды. Примеры деловых целей и типовых обосновывающих их легенд для разных схем, в т.ч. для:

 * отношений с недобросовестными поставщиками;

 * завышенных или заниженных цен реализации;

 * любого аутсорсинга;

 * управляющей компании (или управляющего);

 * ИП-бывших работников, в т.ч. для перевода коммерческого персонала в отдельное юрлицо или на ИП;

 * выделения транспортного подразделения в отдельное юрлицо;

 * разбиения ранее единого бизнеса √ объяснение прямой или косвенной аффилированности  в прошлом или настоящем;

 * посреднического договора или договора простого товарищества;

 * платежей от нерезидентных компаний на счета физлиц;

 * перехода на УСН;

 * высоких процентов по долговым обязательствам или штрафных санкций;

 * крупных расходов физлиц ("откуда деньги?").

5. Другие признаки налоговых схем:

 * резкие изменения в любую сторону показателей деятельности налогоплательщика;

 * убыточность деятельность и/или переплата по НДС;

 * совокупная налоговая нагрузка/рентабельность продаж или активов, средняя зарплата значительно меньше средней по отрасли;

 * размер вычетов по НДС выше считающегося приемлемым.

6. Ответы на вопросы. По желанию √ экспресс-анализ и разработка индивидуальных легенд для компаний-участниц.

Стоимость участия: 9 000 рублей

По вопpоcам подробной информации и pегucтаpацuu обpащайтеcь по тел: 8 (495) 792/21/22 <<>> Московский код; 792\21-2_2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5344 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120705/16615ab8/attachment.txt>

From saftergood at fas.org  Thu Jul  5 07:37:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Thu, 05 Jul 2012 07:37:11 -0700
Subject: Secrecy News -- 07/05/12
Message-ID: <mailman.3575.1576008234.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 63
July 5, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     PROSECUTORS DISPUTE CLAIMS OF SELECTIVE ANTI-LEAK PROSECUTION
**     NSA TELLS FORMER ISOO DIRECTOR TO FILE A FOIA REQUEST
**     AIR FORCE POLICY ON CONGRESSIONAL RELATIONS
**     AN OVERVIEW OF THE AFFORDABLE CARE ACT, AND MORE FROM CRS
**     COVERT ACTION IS PROMINENT IN CARTER ADMIN HISTORY


PROSECUTORS DISPUTE CLAIMS OF SELECTIVE ANTI-LEAK PROSECUTION

Last month, former CIA officer John Kiriakou, who is accused of unlawfully
disclosing classified information to two reporters, said in pre-trial
motions that he had been wrongly and unfairly singled out for prosecution,
particularly since he had criticized the U.S. practice of waterboarding.  
("Kiriakou Calls Leak Prosecution Selective, Vindictive," Secrecy News,
June 22).

	http://www.fas.org/blog/secrecy/2012/06/kiriakou_selective.html

This week, prosecutors unsurprisingly rejected such claims while affirming
that they intend to vigorously pursue their case against Mr. Kiriakou.

"The genesis of this prosecution has nothing to do with waterboarding, the
national conversation about its wrongness or rightness, the defendant's
opinions, or other public statements he may or may not have made," the July
2 government response states.

	http://www.fas.org/sgp/jud/kiriakou/070212-resp50.pdf

The new government filing presents a series of legal arguments against the
defense motions for dismissal, explaining why prosecutors believe the
Intelligence Identities Protection Act and the Espionage Act statutes under
which Mr. Kiriakou is charged are sufficiently clear and specific to be
constitutional.  Beyond that, the new government response makes a couple of
noteworthy points.

"The government does not intend to seek the testimony of either journalist
to whom Kiriakou made the charged disclosures," prosecutors wrote.  By
refraining from subpoenaing the two unnamed reporters -- believed to be
Matthew Cole, formerly of ABC News, and Scott Shane of the New York Times
-- prosecutors will steer clear of the controversies and difficulties
facing the prosecution of former CIA officer Jeffrey Sterling, which is
currently suspended while the government appeals the right to subpoena New
York Times reporter James Risen, to whom Sterling allegedly provided
classified information.

Prosecutors also suggest at one point that their obligation to prove at
trial that Mr. Kiriakou had specific "reason to believe" his alleged
disclosures would damage national security would be satisfied by "the
non-disclosure agreements signed by Kiriakou," since those agreements
include boilerplate language affirming that unauthorized disclosures could
cause injury to the United States.  This approach seems calculated to
enable prosecutors to overcome the otherwise daunting hurdle of
demonstrating the defendant's intent to harm the country.  It is unclear if
it would be found legally satisfactory by the court or persuasive to a
jury.

In a critical account of the Kiriakou case to date, Dan Froomkin wrote
that "The bitterest irony of the case is that if Kiriakou had actually
tortured, rather than talked about it, he almost certainly wouldn't be in
trouble." See "Squelching Secrets: Why Are Obama's Prosecutors Pursuing
John Kiriakou?", Huffington Post (www.huffingtonpost.com), July 4.


NSA TELLS FORMER ISOO DIRECTOR TO FILE A FOIA REQUEST

William Leonard, the former director of the Information Security Oversight
Office, served as an expert witness for the defense in the misconceived
prosecution of Thomas Drake, in which all felony charges against Mr. Drake
were dismissed.  (Mr. Drake pleaded guilty to a misdemeanor count.)

Now Mr. Leonard is seeking permission from the trial judge in the Drake
case to publicly disclose and discuss certain National Security Agency
documents cited in the charges against Mr. Drake that he says were
classified in violation of national policy.

"I believe the Government's actions in the Drake case served to undermine
the integrity of the classification system and as such, have placed
information that genuinely requires protection in the interest of national
security at increased risk," Mr. Leonard wrote in a May affidavit seeking
permission from Judge Richard D. Bennett to reveal the now-declassified
(but still undisclosed) documents. Attorneys for Mr. Drake asked the court
to release Mr. Leonard from the protective order that restricts disclosure
of the documents, so that he could publicly pursue his criticism of their
original classification by NSA.  See "Former Secrecy Czar Asks Court to
Release NSA Document," Secrecy News, May 23, 2012:

	http://www.fas.org/blog/secrecy/2012/05/drake_leonard.html

But government attorneys said that Mr. Leonard has no standing to request
relief from the protective order that was imposed on the NSA documents.  
They added that if he wants the documents to be publicly disclosed he
should request them under the Freedom of Information Act.

"The problem with Leonard's claim is that it relies not on injury to him,
but instead on a general desire to complain to the press and the public,"
the government said in a June 22 response to Mr. Leonard.  Instead of
court-ordered release, "the proper alternative... is for Leonard to file a
Freedom of Information Act (FOIA) request with the National Security Agency
(NSA), which is prepared to act expeditiously upon the request."

	http://www.fas.org/sgp/jud/drake/062212-opp188.pdf

As it happens, I requested one of those documents under FOIA last year,
and NSA has not acted on it expeditiously, or at all.

But the government said "The NSA has already prepared FOIA-approved
versions of the documents at issue" which involve only minimal redactions.

"The government has no animus toward Leonard or his desire to express his
opinion about the documents in question -- only an interest in
appropriately protecting the sensitive nature of the material and to
prevent a flood of similar claims by non-parties in other completed cases,"
the government response said.

See also "Complaint Seeks Punishment for Classification of Documents" by
Scott Shane, New York Times, August 1, 2011:

	http://www.nytimes.com/2011/08/02/us/02secret.html


AIR FORCE POLICY ON CONGRESSIONAL RELATIONS

The U.S. Air Force says its policy is to provide information to Congress
as needed, but with preference given to members of the Armed Services
Committees over other Committees, and to the Chairman and the Ranking
Member of the Armed Services Committees over other members.

"Per OSD Policy, Congressional Member clearances are automatic once the
Member is elected into their current position in the United States Senate
or U.S. House of Representatives. Once a Member is elected as a seated
member of Congress, the Member is automatically read into SCI [sensitive
compartmented information] and any other classification needed," a newly
revised Air Force Instruction explains.

"Members of Congress assigned to the defense committees (and to the
intelligence committees only for intelligence SAPs) are accessed to all DoD
SAPs, except for a limited number of programs judged to be of extreme
sensitivity, referred to as waived SAPs."  SAPs stands for "special access
programs" which are classified programs involving access controls that are
more restrictive than for other classified information.  "Waived SAPs" are
a subset of SAPs that are briefed to only a select group of congressmen.

"Members of Congress not assigned to the defense committees (and to the
intelligence committees only for intelligence SAPs) will be granted access
to DoD SAPs (non-waived SAPs only) with the concurrence of the DoD after
consultation with the Chairman and Ranking Member of the defense
committees."

"Air Force officials may not disclose classified information to the
Congress for release to a congressional constituent."

Remarkably, Members of Congress who seek information for their own
legislative purposes enjoy no special treatment from the Air Force,
according to the Air Force.

"Requests from Members of Congress not seeking records on behalf of a
Congressional Committee, Subcommittee, either House sitting as a whole, or
made on behalf of their constituents shall be considered the same as any
other requester."

See "Air Force Relations With Congress," Air Force Instruction 90-401, 14
June 2012:

	http://www.fas.org/irp/doddir/usaf/afi90-401.pdf


AN OVERVIEW OF THE AFFORDABLE CARE ACT, AND MORE FROM CRS

Updated reports from the Congressional Research Service that Congress has
not made readily available to the public include the following.

ACA: A Brief Overview of the Law, Implementation, and Legal Challenges,
July 3, 2012:

	http://www.fas.org/sgp/crs/misc/R41664.pdf

Individual Mandate and Related Information Requirements under ACA, July 2,
2012:

	http://www.fas.org/sgp/crs/misc/R41331.pdf

Foreign Holdings of Federal Debt, July 3, 2012:

	http://www.fas.org/sgp/crs/misc/RS22331.pdf

Mexico's Free Trade Agreements, July 3, 2012:

	http://www.fas.org/sgp/crs/row/R40784.pdf

Navy Aegis Ballistic Missile Defense (BMD) Program: Background and Issues
for Congress, July 2, 2012:

	http://www.fas.org/sgp/crs/weapons/RL33745.pdf


COVERT ACTION IS PROMINENT IN CARTER ADMIN HISTORY

Covert action was a particularly prominent feature of U.S. foreign policy
during the Jimmy Carter Administration, according to a report last month
from the State Department Historical Advisory Committee.  Covert action or
other intelligence activities are said to figure in at least half of the
volumes that will constitute the official record of the Carter
Administration's foreign affairs.

The Historical Advisory Committee reported to the Secretary of State on
June 13 regarding progress (or lack thereof) in the production of the
official Foreign Relations of the United States (FRUS), which is the
documentary record of U.S. foreign policy.  Although there is a statutory
requirement that FRUS be published no later than 30 years after the events
it records, the series has never yet met that mandatory benchmark.

	http://www.fas.org/sgp/advisory/state/hac2011.html

One of the obstacles to timely publication has been the need for a
so-called High-Level Panel (HLP) composed of State, CIA and NSC officials
to review documents related to covert action and other sensitive
intelligence activities.  Since the early 1990s, "more than 40 covert
intelligence activities have now been acknowledged for publication in the
[FRUS] series," the Committee report noted.  However, any FRUS volume
requiring HLP review "will spend at least one additional year, and often
many more than one, in the declassification pipeline."

The Committee report said that the challenge to timely publication will
only increase because "at least half of the Carter volumes will require
resolution of HLP issues."

In other words, of the 28 projected FRUS volumes for the Carter
Administration, at least half involve covert action or other sensitive
intelligence activities.

This "seems high," a former State Department official told Secrecy News.  
"Nowhere near half of the Nixon-Ford volumes had HLP [covert action] issues
and it's hard to believe there were more covert actions going on during the
4 years of Carter than during the 8 Nixon-Ford years."

The largest single covert action at that time would have been in
Afghanistan, particularly following the Soviet intervention in 1979, said
intelligence historian John Prados.  He said there was also widespread
intelligence involvement in "radio operations" around the globe, close
observation of Cyprus, some focus on the PLO, some activity in South Yemen,
and actions to counter the Cuban presence in various parts of Africa and
Latin America.

Though some of this material is public knowledge, that will not
necessarily expedite the task of publishing the FRUS series.

"The CIA... resolutely resists declassifying documents that entered the
public domain through irregular channels," the State Department Historical
Advisory Committee said.

"These documents are widely known to scholars, and thus CIA's policy
presents a special challenge for the HO [State Department Historian's
Office] to publish [FRUS] volumes that meet the [statutory] standard of a
'thorough, accurate, and reliable' documentary record of United States
foreign policy," the Committee report said.

CIA's self-perception of its disclosure practices is rather different and
altogether more flattering than the despairing view held by non-Agency
historians, FOIA requesters, and others who attempt to elicit information
from the Agency.

"CIA, unlike any other agency in the Intelligence Community, much less
Federal Government, makes discretionary releases of historically
significant documents available to the public, journalists, and
academicians in a purposefully organized manner," the CIA stated in a March
2012 report from the CIA Chief FOIA Officer.

	http://www.foia.cia.gov/txt/Chief_FOIA_Officer_Report_2012.pdf

"CIA continues to inform record numbers of citizens, demonstrating our
commitment to the Open Government Initiative and its three goals of
transparency, participation, and collaboration," the CIA report said.


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html


_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Thu Jul  5 01:44:43 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 5 Jul 2012 10:44:43 +0200
Subject: [liberationtech] We did it! #acta
Message-ID: <20120705084443.GL12615@leitl.org>

----- Forwarded message from Andre Rebentisch <arebentisch at lxdesystems.com> -----


From eugen at leitl.org  Thu Jul  5 05:29:53 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 5 Jul 2012 14:29:53 +0200
Subject: [tahoe-lafs-weekly-news] TWN 35
Message-ID: <20120705122953.GG12615@leitl.org>

----- Forwarded message from Patrick R McDonald <marlowe at antagonism.org> -----


From eugen at leitl.org  Thu Jul  5 08:21:53 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 5 Jul 2012 17:21:53 +0200
Subject: Secrecy News -- 07/05/12
Message-ID: <20120705152153.GP12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From payment at nacha.org  Thu Jul  5 08:16:23 2012
From: payment at nacha.org (The Electronic Payments Association)
Date: Thu, 5 Jul 2012 20:46:23 +0530
Subject: ACH payment rejected
Message-ID: <3691579922.LXYZQ4XH605652@nnivsgabfvph.tmtpubl.biz>

The ACH  transfer (ID: 659436671884), recently  sent from your bank account (by you or any other person), was  canceled by the  other financial institution.       Canceled transaction  
      Transaction ID:     659436671884  
      Reason of rejection    See details in the report below   
      Transaction Report     report_659436671884.doc (Microsoft Word Document)   
  13450 Sunrise Valley Drive, Suite 100Herndon, VA 201712011 NACHA - The Electronic Payments Association
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1359 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120705/cef62b6e/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nacha_logo.jpg
Type: image/gif
Size: 5652 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120705/cef62b6e/attachment.gif>

From brok2 at kontursoft.ru  Thu Jul  5 23:05:00 2012
From: brok2 at kontursoft.ru (Tax Advisor)
Date: Fri, 6 Jul 2012 07:05:00 +0100
Subject: =?koi8-r?B?69TPIM/U18XewcXUINDPIMTPzMfBzSDPxsbbz9LBPyA=?=
Message-ID: <F4544F95A9C94BDC927000484917410F@anonymous>

   10 июля 2012 г.

Оффшорный бизнес: о чем молчат другие?

+7 (код Москвы) 7922I22 : +7 (код Москвы) 742\9I\98

Цель:

Отличительной особенностью данного курса является практическая направленность и отсутствие лишних теоретических и исторических отступлений. курс строится в форме интерактивного практического занятия при постоянном взаимодействии с аудиторией с разбором большого количества примеров и подробным описанием налоговых, финансовых и правовых последствий или рисков.

Для участия в курсе мы приглашаем как специалистов с многолетним опытом работы в сфере международного налогового планирования, стремящихся расширить область своих знаний, так и слушателей, еще не сталкивавшихся с иностранными юрисдикциями. Насыщенность материала конкретными примерами, взятыми из жизни, решение нестандартных и частных задач в ходе занятия, а также доступность объяснений относятся к неоспоримым достоинствам данного курса.

Важно отметить, что ведущий курса имеет не только многолетний опыт разработки и курирования крупных консалтинговых проектов, но также многократного участия в их реализации "под ключ" с последующим сопровождением. Это позволяет наполнить курс уникальным материалом, посвященным не только схемам оптимизации налогов, но и многочисленными практическими комментариями и описанием проблем, с которыми сталкивается бизнес, даже при выборе "правильных и выверенных" схем.

По ходу и после окончания курса будет предусмотрено время для индивидуальных вопросов как по заявленным темам, так и по вопросам, которые не предусматривала программа курса.

Оффшоры, Кипр и другие иностранные юрисдикции не являются налоговой панацеей, и в некоторых случаях их использование принесет лишь новые финансовые издержки и бессмысленные риски конфликтов с налоговыми органами. К счастью, таких случаев пока меньшинство.


Программа:

БЛОК 1. ОФФШОРЫ, НИЗКОНАЛОГОВЫЕ И ПРЕСТИЖНЫЕ ЕВРОПЕЙСКИЕ ЮРИСДИКЦИИ: КРИТЕРИИ ВЫБОРА.

* Сравнение популярных оффшорных юрисдикций (Британские Виргинские острова, Белиз, Сейшелы, Панама и т.д.) – от каких стоит отказаться и почему?

* Гонконг как инструмент работы с азиатским рынком

* Зачем использовать низконалоговые юрисдикции, если есть полностью безналоговые?

* Использование престижных юрисдикций: Швейцария, Люксембург, Нидерланды и т.д. – когда это обоснованно?

* "Черные списки" ФАТФ, ОЭСР, Минфина, ЦБ РФ – кому о них можно забыть?

БЛОК 2. ПРАКТИКА ИСПОЛЬЗОВАНИЯ КИПРСКИХ КОМПАНИЙ

* Особенности работы с кипрским администратором: как не дать себя обмануть?

 ** налог на прибыль (Corporate Income Tax), сбор на оборону (Defence Contribution Tax), НДС и применение “reverse charge” 

* Изменения кипрского законодательства 2012 и тенденции 2013.

* Ратификация Протокола к Соглашению между РФ и Кипром: кто понесет убытки, а кому удастся на этом заработать?

* Почему Кипр редко используют при экспорте/импорте товаров?

* Кипр как инструмент работы с ценными бумагами

БЛОК 3.СХЕМЫ, ПРИМЕНЯЕМЫЕ В МЕЖДУНАРОДНОМ НАЛОГОВОМ ПЛАНИРОВАНИИ

* Внешнеторговые операции (экспорт/импорт):

 ** схемы с использованием оффшоров и Гонконга;

 ** схемы с использование английских LTD и партнерств LLP;

 ** эстонские, чешские, датские, нидерландские компании в торговых схемах.

* Холдинговые структуры
 ** выплаты дивидендов и построение холдинговых структур;

 ** займы как оптимальный путь финансирования;

 **  (суб)лицензионные договоры и выплаты роялти за использование прав интеллектуальной собственности;

 ** анализ сложностей и рисков, расчет предельных величин отчислений по займам и роялти.

* Владение и сдача в аренду недвижимости с использованием нерезидентов

БЛОК 4. КОНФИДЕНЦИАЛЬНОСТЬ И НОМИНАЛЬНОЕ ВЛАДЕНИЕ

* Номинальный сервис:

 ** инструменты контроля номинальных директоров и номинальных акционеров;

 ** лица, которым будут известны имена бенефициаров;

* Какие данные о компании хранятся в публичных реестрах Кипра и оффшоров, и кто имеет к ним доступ?

* Обмен информацией – в каких случаях государственные органы РФ могут получить информацию о владельцах?

* Изменения в Гражданском Кодексе: бенефициар должен раскрыть себя сам.

* Трасты и семейные фонды – когда их использование оправдано?

* "Подводные камни" при использовании номинального сервиса и трастов/фондов.

БЛОК 5. ОТКРЫТИЕ СЧЕТОВ НА ИНОСТРАННЫЕ КОМПАНИИ

* Надежность, оперативность работы, лояльность – какой банк выбрать?

* Какие банки не делятся информацией с российскими спецслужбами?

* Раскрытие банковской тайны – факты и выводы

* Пути снятия средств со счета иностранного банка в России

* Росфинмониторинг: когда можно не опасаться?

БЛОК 6. ЧАСТО ЗАДАВАЕМЫЕ ВОПРОСЫ, СИТУАЦИИ ИЗ ПРАКТИКИ, ОБЗОР СУДОВ И ПИСЕМ МИНФИНА.

* Насколько международная структура владения защищает от рейдерских захватов?

* Как часто нужно предоставлять сертификат налогового резидентства и нужно ли проходить аудит для его выпуска?

* Ведет ли использование доверенностей с широким кругом полномочий  к возникновению постоянного представительства? Официальная позиция.

* Дает ли регистрация компании в ЕС возможность на привлечение кредитов и получение гражданства?

* Если компания не нужна: нужно ликвидировать или можно "бросить"?

* и т.д.

Стоимость участия:  9 000 рублей

Вся информация по тел: (495) 7922I22 \\\/// 8 (495) 792-21.22
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 9954 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120706/77091c85/attachment.txt>

From measl at mfn.org  Fri Jul  6 08:06:01 2012
From: measl at mfn.org (J.A. Terranson)
Date: Fri, 6 Jul 2012 10:06:01 -0500 (CDT)
Subject: poison pill for leakers
In-Reply-To: <20120706105824.GK12615@leitl.org>
References: <20120706105824.GK12615@leitl.org>
Message-ID: <Pine.LNX.4.64.1207060945090.12991@mx1.mfn.org>

Just a few amusing points:


On Fri, 6 Jul 2012, Eugen Leitl wrote:

> b
Imagine if some chemist invented some new formula for whatever that was of
> great value, growing hair, and they then placed the true [formula] in the
> midst of a hundred bogus ones,b
 explains Salvatore Stolfo, the Columbia
> University computer science professor who coined the Fog Computing term.
> b
Then anybody who steals the set of documents would have to test each formula
> to see which one actually works. It raises the bar against the adversary.
> They may not really get what theybre trying to steal.b


So they try each one until they get a success? This doesn't raise the bar 
by much!


> The next step: Track those decoy docs as they cross the firewall. For that,
> Stolfo and his colleagues embed documents with covert beacons called b
web
> bugs,b


Web bugs? Really???  Sophisticated users don't allow HTML rendering 
casually - web bugs make the entirely assinine assumption that the entire 
universe is using outlook or it's equivalent.  Bad assumption!  Add to 
that the fact that deep packet inspection systems can and are set up 
specifically to catch these "tricks", and it should be obvious that secure 
(really secure, not just *labelled* "secure*) installations won't even 
allow that web bugged document to cross a monitored wire.


> includes some standard network security tools, like an intrusion detection
> system that watches out for unauthorized exfiltration of data. And it has
> some rather non-standard components b like an alert if a person searches his
> computer for something surprising.

"Surprising"?  That's a contextual question unlikely to be successfully 
modeled on a machine.

> In their initial experiments, the researchers claim, they were about to
> b
model all search actions of a userb
 in a mere 10 seconds.  They then gave 14
> students unlimited access to the same file system for 15 minutes each. The
> students were told to comb the machine for anything that might be used to
> financial gain. The researchers say they caught all 14 searchers. b
We can
> detect all masquerader activity with 100 percent accuracy, with a false
> positive rate of 0.1 percent.b


A *** 100% *** accuracy rate that also has an ERROR rate?  Someone needs 
to go back to school.


> The following month, a Pentagon-funded research paper (.pdf) noted the 
> promise of b
keystroke dynamics b technology to distinguish people 
> based on their typing rhythms b [which] could revolutionize 
> insider-threat detection. b
 Well, in theory. In practice, such 
> systemsb b
error rates vary from 0 percent to 63 percent, depending on 
> the user. Impostors triple their chance of evading detection if they 
> touch type.b


Ahhhh.... "When Harley Was One" returns for a repeat engagement!  Really, 
this was a an idea that had statistically significant accuracy in the 
70's, when users were extremely limited in numbers, and access to 
particular machines were known in advance.  In today's dektop laden world 
the chance of it being useful to anyone other than the vendor who is paid 
to reimplement it is close to nil.


> the decoy documents and with other so-called b
enticing information.b
 Stolfo
> and his colleagues also use b
honeytokensb
 b small strings of tempting
> information, like online bank accounts or server passwords b as bait. Theybll
> get a one-time credit card number, link it to a PayPal account, and see if
> any charges are mysteriously rung up. Theybll generate a Gmail account, and
> see who starts spamming.

This has been in place for years now - how well has it done so far? Why 
does nyone believe the numbers will change?

> Most intriguingly, perhaps, is Stolfobs suggestion in a separate paper (.pdf)
> to fill up social networks with decoy accounts b and inject poisonous
> information into peoplebs otherwise benign social network profiles.

> b
Think of advanced privacy settings [in sites like Facebook] where I choose
> to include my real data to my closest friends [but] everybody else gets
> access to a different profile with  information that is bogus. And I would be
> alerted when bad guys try to get that info about me,b
 Stolfo tells Danger
> Room. b
This is a way to create fog so that now you no longer know the truth
> abut a person through this artificial avatars or artificial profiles.b


The real question is why do "social networking" sites get access to secure
environments in the first place?  Does the USG Dept. of Hall Monitors
really need a Facebook page?  Really?

Lastly, re: Stuxnet "leaks" - are they serious?  Stuxnet's ancestry goes 
all the way back to the 80's Air Force contracts handed out through 
Battelle.  Hardly a secret: at one point they were actually advertising 
for writers on early Prodigy!

The single rational point is that there is incredible overclassification, 
and virtually no declassification - unless politically expedient, in which 
case "super-duper-above tippy-top secret" secrets get suddenly 
declassified the day before a politically convenient press conference.  

//Alif

-- 
"What kind of world do we live in when the views of the oppressed are
expressed at the convenience of their oppressors?"

Alik Shahadah




From eugen at leitl.org  Fri Jul  6 03:58:24 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 6 Jul 2012 12:58:24 +0200
Subject: poison pill for leakers
Message-ID: <20120706105824.GK12615@leitl.org>

http://www.wired.com/dangerroom/2012/07/fog-computing/all/

Feds Look to Fight Leaks With bFog of Disinformationb

By Noah Shachtman July 3, 2012 | 6:30 am | Categories: Info War

Air Force One waits for U.S. President Barack Obama in the fog at Londonbs
Stansted Airport, Friday, April 3, 2009. Photo: AP / Kirsty Wigglesworth

Pentagon-funded researchers have come up with a new plan for busting leakers:
Spot them by how they search, and then entice the secret-spillers with decoy
documents that will give them away.

Computer scientists call it it bFog Computingb b a play on todaybs cloud
computing craze. And in a recent paper for Darpa, the Pentagonbs premiere
research arm, researchers say theybve built ba prototype for automatically
generating and distributing believable misinformation b& and then tracking
access and attempted misuse of it. We call this bdisinformation technology.bb

Two small problems: Some of the researchersb techniques are barely
distinguishable from spammersb tricks. And they could wind up undermining
trust among the nationbs secret-keepers, rather than restoring it.

The Fog Computing project is part of a broader assault on so-called binsider
threats,b launched by Darpa in 2010 after the WikiLeaks imbroglio. Today,
Washington is gripped by another frenzy over leaks b this time over
disclosures about U.S. cyber sabotage and drone warfare programs. But the
reactions to these leaks has been schizophrenic, to put it generously. The
nationbs top spy says Americabs intelligence agencies will be strapping
suspected leakers to lie detectors b even though the polygraph machines are
famously flawed. An investigation into who spilled secrets about the Stuxnet
cyber weapon and the drone bkill listb has already ensnared hundreds of
officials b even though the reporters who disclosed the info patrolled the
halls of power with the White Housebs blessing.

That leaves electronic tracking as the best means of shutting leakers down.
And while you can be sure that counterintelligence and Justice Department
officials are going through the e-mails and phone calls of suspected leakers,
such methods have their limitations. Hence the interest in Fog Computing.

An Air Force poster, warning troops to maintain operational security, or
bOPSEC.b Courtesy USAF

The first goal of Fog Computing is to bury potentially valuable information
in a pile of worthless data, making it harder for a leaker to figure out what
to disclose.

bImagine if some chemist invented some new formula for whatever that was of
great value, growing hair, and they then placed the true [formula] in the
midst of a hundred bogus ones,b explains Salvatore Stolfo, the Columbia
University computer science professor who coined the Fog Computing term.
bThen anybody who steals the set of documents would have to test each formula
to see which one actually works. It raises the bar against the adversary.
They may not really get what theybre trying to steal.b

The next step: Track those decoy docs as they cross the firewall. For that,
Stolfo and his colleagues embed documents with covert beacons called bweb
bugs,b which can monitor usersb activities without their knowledge. Theybre
popular with online ad networks. bWhen rendered as HTML, a web bug triggers a
server update which allows the sender to note when and where the web bug was
viewed,b the researchers write. bTypically they will be embedded in the HTML
portion of an email message as a non-visible white on white image, but they
have also been demonstrated in other forms such as Microsoft Word, Excel, and
PowerPoint documents.b

bUnfortunately, they have been most closely associated with unscrupulous
operators, such as spammers, virus writers, and spyware authors who have used
them to violate users privacy,b the researchers admit. bOur work leverages
the same ideas, but extends them to other document classes and is more
sophisticated in the methods used to draw attention. In addition, our targets
are insiders who should have no expectation of privacy on a system they
violate.b

Steven Aftergood, who studies classification policies for the Federation of
American Scientists, wonders whether the whole approach isnbt a little off
base, given Washingtonbs funhouse system for determining what should be
secret. In June, for example, the National Security Agency refused to
disclose how many Americans it had wiretapped without a warrant. The reason?
It would violate Americansb privacy to say so.

bIf only researchers devoted as much ingenuity to combating spurious secrecy
and needless classification. Shrinking the universe of secret information
would be a better way to simplify the task of securing the remainder,b
Aftergood tells Danger Room in an e-mail. bThe Darpa approach seems to be
based on an assumption that whatever is classified is properly classified and
that leaks may occur randomly throughout the system. But neither of those
assumptions is likely to be true.b

Stolfo, for his part, insists that hebs merely doing bbasic research,b and
nothing Pentagon-specific. What Darpa, the Office of Naval Research, and
other military technology organizations do with the decoy work is bnot my
area of expertise,b he adds. However, Stolfo has set up a firm, Allure
Security Technology Inc., bto create industrial strength software a company
can actually use,b as he puts it. That software should be ready to implement
by the end of the year.

It will include more than bugged documents. Stolfo and his colleagues have
also been working on what they call a bmisbehavior detectionb system. It
includes some standard network security tools, like an intrusion detection
system that watches out for unauthorized exfiltration of data. And it has
some rather non-standard components b like an alert if a person searches his
computer for something surprising.

Pfc. Bradley Manning is escorted to a courthouse in December 2011. His
alleged disclosures to WikiLeaks kickstarted Pentagon interest in catching
so-called binsider threats.b Photo: Patrick Semansky/AP

bEach user searches their own file system in a unique manner. They may use
only a few specific system functions to find what they are looking for.
Furthermore, it is unlikely a masquerader will have full knowledge of the
victim userbs file system and hence may search wider and deeper and in a less
targeted manner than would the victim user. Hence, we believe search behavior
is a viable indicator for detecting malicious intentions,b Stolfo and his
colleagues write.

In their initial experiments, the researchers claim, they were about to
bmodel all search actions of a userb in a mere 10 seconds.  They then gave 14
students unlimited access to the same file system for 15 minutes each. The
students were told to comb the machine for anything that might be used to
financial gain. The researchers say they caught all 14 searchers. bWe can
detect all masquerader activity with 100 percent accuracy, with a false
positive rate of 0.1 percent.b

Grad students may be a little easier to model than national security
professionals, who have to radically alter their search patterns in the wake
of major events. Consider the elevated interest in al-Qaida after 9/11, or
the desire to know more about WikiLeaks after Bradley Manning allegedly
disclosed hundreds of thousands of documents to the group.

Other Darpa-backed attempts to find a signature for squirrely behavior are
either just getting underway, or havenbt fared particularly well. In
December, the agency recently handed out $9 million to a Georgia Tech-led
consortium with the goal of mining 250 million e-mails, IMs and file
transfers a day for potential leakers.  The following month, a
Pentagon-funded research paper (.pdf) noted the promise of bkeystroke
dynamics b technology to distinguish people based on their typing rhythms b
[which] could revolutionize insider-threat detection. b Well, in theory. In
practice, such systemsb berror rates vary from 0 percent to 63 percent,
depending on the user. Impostors triple their chance of evading detection if
they touch type.b

For more reliable results, Stolfo aims to marry his misbehavior-modeling with
the decoy documents and with other so-called benticing information.b Stolfo
and his colleagues also use bhoneytokensb b small strings of tempting
information, like online bank accounts or server passwords b as bait. Theybll
get a one-time credit card number, link it to a PayPal account, and see if
any charges are mysteriously rung up. Theybll generate a Gmail account, and
see who starts spamming.

Most intriguingly, perhaps, is Stolfobs suggestion in a separate paper (.pdf)
to fill up social networks with decoy accounts b and inject poisonous
information into peoplebs otherwise benign social network profiles.

bThink of advanced privacy settings [in sites like Facebook] where I choose
to include my real data to my closest friends [but] everybody else gets
access to a different profile with  information that is bogus. And I would be
alerted when bad guys try to get that info about me,b Stolfo tells Danger
Room. bThis is a way to create fog so that now you no longer know the truth
abut a person through this artificial avatars or artificial profiles.b

So sure, Fog Computing could eventually become a way to keep those Facebooked
pictures of your cat free from prying eyes. If youbre in the U.S. government,
on the other hand, the system could be a method for hiding the truth about
something far more substantive.

Noah Shachtman

Noah Shachtman is a contributing editor at Wired magazine, a nonresident
fellow at the Brookings Institution and the editor of this little blog right
here.

Read more by Noah Shachtman

Follow @dangerroom on Twitter.




From anders at aleph.se  Fri Jul  6 05:16:27 2012
From: anders at aleph.se (Anders Sandberg)
Date: Fri, 06 Jul 2012 13:16:27 +0100
Subject: [ExI] Gov surveillance here to stay
Message-ID: <mailman.3576.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

On 06/07/2012 09:06, BillK wrote:
> Why do you think your lovely smartphone includes unique ID, GPS,
> camera and microphone?

Because the consumers really want it. The fatal mistake of thinking it is 
because "They" put it there misses the far more unsettling aspect that *we* 
are voting with our wallets to produce a transparent, trackable world with 
smart gadgets.

Some of that is an accidental side effect (consider EFFs interesting  
demonstraiton that our browser customisation makes us identifiable:  
https://panopticlick.eff.org/ ) - many of these side effects suprise the  
Powers That Be too (consider all leaks due to improper redaction of PDFs). 
But I think what most people honestly do want is a world that has "magical 
properties" of transparency and services for them that also produce 
transparency for others - and they are not willing to pay much money or 
effort to reduce this information leakage.

If it was just They who did things, we could in principle stop Them. But  
now it is *us* who are doing it, and we are unlikely to stop ourselves.


> The future is here already. You must assume that every use of your
> phone, or internet access is recorded and scanned for possible threats
> to the state.
> If you are not plotting, then it will be no immediate inconvenience to you.

At least that is the common assumption. Given the growing number of more  
or less embarassing mistakes, there is a realy issue of false positives.  
Plotters are rare: people looking like plotters are far more common.

> Supercomputers and unlimited data storage enables the state to treat
> everyone as a potential criminal, so everything they do or say, every
> place they visit and every person they contact is now regarded as
> potential court evidence.

The really interesting thing is when this ability percolates downwards.  
Right now companies like Acxiom and Facebook are using similar methods. In 
a few years it will be feasible for smaller groups and individuals to do 
big data mining too.

I suspect the best strategy is to get people aware that we are careening  
into the transparent society, that we better get ultra-tolerant, and that 
we better get strong accountability measures into place to keep  
governments and other concentrations of power safe and sane.

-- 
Anders Sandberg,
Future of Humanity Institute
Philosophy Faculty of Oxford University

_______________________________________________
extropy-chat mailing list
extropy-chat at lists.extropy.org
http://lists.extropy.org/mailman/listinfo.cgi/extropy-chat

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Fri Jul  6 05:31:24 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 6 Jul 2012 14:31:24 +0200
Subject: [tor-talk] Transparent e-mail encryption?
Message-ID: <20120706123124.GQ12615@leitl.org>

----- Forwarded message from Maxim Kammerer <mk at dee.su> -----


From eugen at leitl.org  Fri Jul  6 05:32:13 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 6 Jul 2012 14:32:13 +0200
Subject: [ExI] Gov surveillance here to stay
Message-ID: <20120706123213.GR12615@leitl.org>

----- Forwarded message from Anders Sandberg <anders at aleph.se> -----


From mk at dee.su  Fri Jul  6 04:37:51 2012
From: mk at dee.su (Maxim Kammerer)
Date: Fri, 6 Jul 2012 14:37:51 +0300
Subject: [tor-talk] Transparent e-mail encryption?
Message-ID: <mailman.3577.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

On Fri, Jul 6, 2012 at 1:42 PM, Matej Kovacic <matej.kovacic at owca.info> wrote:
> However, the problem is that for end-to-end encryption sender AND
> recipient must use encryption. Unfortunately most people do not use
> encryption and there are only two solutions: you do not communicate with
> these people (which is not really an option) OR you communicate without
> encryption.

If you do not require interoperability with SMTP, cables communication
[1] does what you require b encryption and authentication are
transparent, and server issues can be ignored, since there are no
servers. Cables communication also has delivery verification and other
features. Note that PGP / S/MIME-type encryption is undesirable for
most users, since it ties authentication to non-repudiability [2].

[1] http://dee.su/cables
[2] http://www.cypherpunks.ca/otr/otr-wpes.pdf

-- 
Maxim Kammerer
LibertC) Linux: http://dee.su/liberte
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From brusqui at canes.ru  Sat Jul  7 20:57:01 2012
From: brusqui at canes.ru (=?koi8-r?B?88XNyc7B0g==?=)
Date: Sat, 7 Jul 2012 19:57:01 -0800
Subject: =?koi8-r?B?68HLINLBws/UwdTYINMgz8bG28/Swc3JINcgMjAxMj8=?=
Message-ID: <A4C76C74DB624F14AD832BD65EE90C0A@velocis747ca32>

   10 июля 2012 г.

Оффшорный бизнес: о чем молчат другие?

код (499) -  4Ч5_4095 <> +7 (495)- 7429I\98

Цель:

Отличительной особенностью данного курса является практическая направленность и отсутствие лишних теоретических и исторических отступлений. курс строится в форме интерактивного практического занятия при постоянном взаимодействии с аудиторией с разбором большого количества примеров и подробным описанием налоговых, финансовых и правовых последствий или рисков.

Для участия в курсе мы приглашаем как специалистов с многолетним опытом работы в сфере международного налогового планирования, стремящихся расширить область своих знаний, так и слушателей, еще не сталкивавшихся с иностранными юрисдикциями. Насыщенность материала конкретными примерами, взятыми из жизни, решение нестандартных и частных задач в ходе занятия, а также доступность объяснений относятся к неоспоримым достоинствам данного курса.

Важно отметить, что ведущий курса имеет не только многолетний опыт разработки и курирования крупных консалтинговых проектов, но также многократного участия в их реализации "под ключ" с последующим сопровождением. Это позволяет наполнить курс уникальным материалом, посвященным не только схемам оптимизации налогов, но и многочисленными практическими комментариями и описанием проблем, с которыми сталкивается бизнес, даже при выборе "правильных и выверенных" схем.

По ходу и после окончания курса будет предусмотрено время для индивидуальных вопросов как по заявленным темам, так и по вопросам, которые не предусматривала программа курса.

Оффшоры, Кипр и другие иностранные юрисдикции не являются налоговой панацеей, и в некоторых случаях их использование принесет лишь новые финансовые издержки и бессмысленные риски конфликтов с налоговыми органами. К счастью, таких случаев пока меньшинство.


Программа:

БЛОК 1. ОФФШОРЫ, НИЗКОНАЛОГОВЫЕ И ПРЕСТИЖНЫЕ ЕВРОПЕЙСКИЕ ЮРИСДИКЦИИ: КРИТЕРИИ ВЫБОРА.

* Сравнение популярных оффшорных юрисдикций (Британские Виргинские острова, Белиз, Сейшелы, Панама и т.д.) – от каких стоит отказаться и почему?

* Гонконг как инструмент работы с азиатским рынком

* Зачем использовать низконалоговые юрисдикции, если есть полностью безналоговые?

* Использование престижных юрисдикций: Швейцария, Люксембург, Нидерланды и т.д. – когда это обоснованно?

* "Черные списки" ФАТФ, ОЭСР, Минфина, ЦБ РФ – кому о них можно забыть?

БЛОК 2. ПРАКТИКА ИСПОЛЬЗОВАНИЯ КИПРСКИХ КОМПАНИЙ

* Особенности работы с кипрским администратором: как не дать себя обмануть?

 ** налог на прибыль (Corporate Income Tax), сбор на оборону (Defence Contribution Tax), НДС и применение “reverse charge” 

* Изменения кипрского законодательства 2012 и тенденции 2013.

* Ратификация Протокола к Соглашению между РФ и Кипром: кто понесет убытки, а кому удастся на этом заработать?

* Почему Кипр редко используют при экспорте/импорте товаров?

* Кипр как инструмент работы с ценными бумагами

БЛОК 3.СХЕМЫ, ПРИМЕНЯЕМЫЕ В МЕЖДУНАРОДНОМ НАЛОГОВОМ ПЛАНИРОВАНИИ

* Внешнеторговые операции (экспорт/импорт):

 ** схемы с использованием оффшоров и Гонконга;

 ** схемы с использование английских LTD и партнерств LLP;

 ** эстонские, чешские, датские, нидерландские компании в торговых схемах.

* Холдинговые структуры
 ** выплаты дивидендов и построение холдинговых структур;

 ** займы как оптимальный путь финансирования;

 **  (суб)лицензионные договоры и выплаты роялти за использование прав интеллектуальной собственности;

 ** анализ сложностей и рисков, расчет предельных величин отчислений по займам и роялти.

* Владение и сдача в аренду недвижимости с использованием нерезидентов

БЛОК 4. КОНФИДЕНЦИАЛЬНОСТЬ И НОМИНАЛЬНОЕ ВЛАДЕНИЕ

* Номинальный сервис:

 ** инструменты контроля номинальных директоров и номинальных акционеров;

 ** лица, которым будут известны имена бенефициаров;

* Какие данные о компании хранятся в публичных реестрах Кипра и оффшоров, и кто имеет к ним доступ?

* Обмен информацией – в каких случаях государственные органы РФ могут получить информацию о владельцах?

* Изменения в Гражданском Кодексе: бенефициар должен раскрыть себя сам.

* Трасты и семейные фонды – когда их использование оправдано?

* "Подводные камни" при использовании номинального сервиса и трастов/фондов.

БЛОК 5. ОТКРЫТИЕ СЧЕТОВ НА ИНОСТРАННЫЕ КОМПАНИИ

* Надежность, оперативность работы, лояльность – какой банк выбрать?

* Какие банки не делятся информацией с российскими спецслужбами?

* Раскрытие банковской тайны – факты и выводы

* Пути снятия средств со счета иностранного банка в России

* Росфинмониторинг: когда можно не опасаться?

БЛОК 6. ЧАСТО ЗАДАВАЕМЫЕ ВОПРОСЫ, СИТУАЦИИ ИЗ ПРАКТИКИ, ОБЗОР СУДОВ И ПИСЕМ МИНФИНА.

* Насколько международная структура владения защищает от рейдерских захватов?

* Как часто нужно предоставлять сертификат налогового резидентства и нужно ли проходить аудит для его выпуска?

* Ведет ли использование доверенностей с широким кругом полномочий  к возникновению постоянного представительства? Официальная позиция.

* Дает ли регистрация компании в ЕС возможность на привлечение кредитов и получение гражданства?

* Если компания не нужна: нужно ликвидировать или можно "бросить"?

* и т.д.

Стоимость участия:  9 000 рублей

По вопpоcам подробной информации и pегucтаpацuu обpащайтеcь по тел: код (499) -  Ч45.4О95 : 8 (495) 792_21/2/2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 9940 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120707/ffabd938/attachment.txt>

From Jasper.Langlois at jfresno.com  Sun Jul  8 11:15:57 2012
From: Jasper.Langlois at jfresno.com (Jasper Langlois)
Date: Sun, 08 Jul 2012 15:15:57 -0300
Subject: Website for ordering Pharmaceuticals
Message-ID: <6175590082778-VWOXDDYMKZZTDZQGIEII@hnsfbyrrjz.jfresno.com>

1. A poweful mix of ingredients is contained in M-5 such as acai extract, which maximizes your weight loss progress and makes you feel more energized. MAXIM, Esquire and FHM recommends!
   http://thewga.org/s/u9Yo571lt
     
2.I do believe in the power of contemporary medicine. I just don�t believe it can treat help impotence.
  http://bosh.me/42B5Xv
  

Tired of worrying about your stiffy's absense? If your marriage is on the verge of break up, time to take some enhancers.
   http://tiny.sg/41b1




From gnu at toad.com  Mon Jul  9 17:52:05 2012
From: gnu at toad.com (John Gilmore)
Date: Mon, 09 Jul 2012 17:52:05 -0700
Subject: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access
	Innovation Prize 2012
Message-ID: <mailman.3578.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

> > That's it.  Did I miss anything? :-)

Sure.  Here are three more scenarios.  What all of them share is that
YOU choose which friends with static IP addresses to trust, and that
those friends' FreedomBoxes handle much of the setup and maintenance
overhead.  These three scenarios don't require ANY centralized
infrastructure other than a DNS provider that everyone needs anyway.

Since FreedomBox is built out of standardized software, even friends
who don't have FreedomBoxes can act as your friends, if they are
already running, or willing to run, that software on their existing
Linux servers.

== Scenario DNS Redirect ==

Offer an option to host your website on your freedombox, with a
dynamic IP address, that is reached via one, two, or more friends'
freedomboxes' static IP addresses who serve up your domain records.

Domain records (also known as your "DNS zone") describe what IP
addresses your web server (and other servers) are located on, the
domain names of the servers that serve up your DNS zone, and possibly
public keys and signatures that secure this and other information.  In
the standard DNS protocol, these records can be changed dynamically
and are globally cached for high performance and reliability.  (This
is how the Internet already works.)

Our software would provide both server and client implementations of a
domain name server / redirector.  If you have a static IP address,
your FreedomBox can host a domain server, which serves up your own
domain name(s), and also serves up the name(s) of friends.  This DNS
server would accept dynamic updates from your friends' FreedomBoxes,
which would revise the IP address in the zone.

The client software that runs in your FreedomBox would merely publish
these dynamic updates (to your friends' FreedomBoxes) whenever your
FreedomBox's public IP address changed.  These updates would be
cryptographically signed to avoid unwanted changes.

By choosing more than one friend to host your domain zone, you would
avoid single points of failure.

Web accesses would come directly from the world to your
dynamically-addressed FreedomBox.

Even friends who don't have a static IP address can improve your
reachability/reliability, if they have a dynamic and publicly
reachable IP address.  You should start with one friend with a static
IP address as an "anchor" site.

Once browsers support DNS-signed SSL certificates using the IETF DANE
TLS protocol, the same software can securely publish your public key
without making you interact with an SSL certificate provider (reducing
the setup costs and making more of it automatable).

Pros:  Relatively low setup overhead.  Works with SSL or without.
       Requires minimal permanent storage in all participating FreedomBoxes.
       Trivial ongoing overhead for your friend sites.
       Web accesses from the world go straight to your box.
       Can convert transparently to the Webproxy Redirect mode below,
       or to the Friends Web Cache mode below.

Cons:  Requires that you have at least ONE public IP address,
       dynamically assigned.  Must find one or two friends.  Must
       register those friends' domain names with your domain provider
       as your NS servers.

== Scenario Webproxy Redirect ==

Same setup as above, except you don't even have a publicly reachable
dynamic IP address.  All you have is a NAT address and your NAT
redirector is completely oblivious to all attempts to punch a hole
through it.  

So you find two or more friends and they serve up your DNS records as
before, but each of them advertise the entire set of friends' IP
addresses as the address of your web site.  And each of them runs a
web proxy that relays any incoming web accesses from their box, out
over their ISP, to your box, using the PageKite protocol.

FreedomBox software would again provide both the server software
and the client software for this.

Your FreedomBox would at all times keep a TCP connection up to each
friend's FreedomBox so that web accesses can be relayed to you down
that TCP connection.

Incoming web accesses from the world would go at random to any of your
friends' FreedomBoxes.  Those boxes would relay the traffic to yours.
If you or the world can't reach some of your friends, those friends'
proxies would not answer, and clients would try another address,
making it possible to reach you anyway.

As in DNS Redirect mode, can also publish IETF DANE TLS keys to
eventually avoid SSL certificate setup overhead.

Pros:  Relatively low setup overhead.  Works with SSL or without.
       Requires minimal permanent storage in all participating FreedomBoxes.
       Can convert transparently to the DNS Redirect mode above,
       or to the Friends Web Cache mode below.

Cons:  Must find one or two friends.  Must
       register those friends' domain names with your domain provider
       as your NS servers.  Your friends must be willing to have ALL
       your web traffic go via their ISP connection.

We could ship a FreedomBox with just one of these modes working, and
then upgrade the software to transparently switch to the lower
overhead mode whenever your FreedomBox is on a publicly reachable IP
address.  Indeed, both modes could be combined: Your DNS zone could
publish both your dynamic IP address (if you have one), and the static
(or dynamic) IP addresses of your friends.  Accesses made from the
world that randomly pick your own IP address would go directly; access
that pick your friends' addresses would go via proxies at your
friends.

== Scenario Friends Web Cache == 

Setup for this scenario is the same as in Web Redirect:  Your box
is on the Internet, and can call out to public IP addresses, and maybe
it even has a dynamic or static IP address of its own.

In this scenario, again you pick one, two, or more friends who publish
your DNS records, let you update the addresses in your DNS zone with
your publicly reachable IP address if you have one, and also publish
the whole collection of your friends' IP addresses as your web
address.

Your friends run a PageKite proxy that relays any incoming web access
to your FreedomBox.  But this time that proxy also caches web page
contents, using the standard HTTP web cacheing protocol, so that a
second access to a page that Friend 1 has already served up, will not
need to go to your box, but can be served up directly from Friend 1's
box to many web requesters until it times out.  If you have a small web
site, your friends end up cacheing the whole thing, such that accesses
no longer have to go to your FreedomBox, saving 50% of the Internet
traffic that is used in Scenario Webproxy Redirect.

Your friends' FreedomBoxes would remember the pages that they have
proxied, temporarily, either in RAM or in nonvolatile storage.  They
are free to throw away these cached pages at any time; when they do,
the next access to that page goes back to being proxied to your
FreedomBox.

There are complications for SSL web accesses.  The simplest thing to
do is to always proxy them (only cache non-SSL accesses).  To enable
cacheing for SSL accesses, two obvious approaches appear: either your
friends' FreedomBoxes would need to store a temporary or permanent
copy of your private key (so they could negotiate an SSL session on
your website's behalf), with obvious security issues; or your friends
could proxy the SSL/TLS session setup, and then be handed the secret
key for just that SSL/TLS session, such that they could impersonate
your web server (sending answers from their cache) only to that client
(also with obvious security problems, but lesser ones).

Pros:  Relatively low setup overhead.
       Requires minimal permanent storage in all participating FreedomBoxes.
       Can convert transparently to the DNS Redirect mode above,
       or to the Webproxy Redirect mode above.  Uses only half
       the bandwidth of the Webproxy Redirect mode, and improves
       the latency of accesses to your website.

Cons:  Must find one or two friends.  Must
       register those friends' domain names with your domain provider
       as your NS servers.  Your friends must be willing to have ALL
       your web traffic go via their ISP connection.  Requires some
       temporary storage (RAM or Flash) in your friends' FreedomBoxes.
       Has complications and reduces security for SSL web accesses.

	John

_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss at lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From william.allen.simpson at gmail.com  Mon Jul  9 18:46:51 2012
From: william.allen.simpson at gmail.com (William Allen Simpson)
Date: Mon, 09 Jul 2012 21:46:51 -0400
Subject: U.S. spy agencies ... email for cybersecurity
Message-ID: <mailman.3579.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Somebody needs to give them a clue-by-four.  The private sector
already has the "Internet address where an email ... originated";
it's already in the Received lines.  We don't need to be informed
about it, we already inform each other about it.

And it's already delivered "at network speed."

It is my understanding the Dept of Homeland Security already
cooperates in sharing government intrusion information.  We certainly
don't need a "U.S. spy agency" MITM to "protect the private sector."

Moreover, the US is the source of most spam and malware, so the NSA
isn't really going to be much help.  And the US is the source of the
only known cyber attacks on other country's infrastructure, so it's
not likely much help there, either.  Unless they expect retaliation?

===

http://in.reuters.com/article/2012/07/10/net-us-usa-security-cyber-idINBRE86901620120710

U.S. spy agencies say won't read Americans' email for cybersecurity
8:48pm EDT

By Tabassum Zakaria and David Alexander

WASHINGTON (Reuters) - The head of the U.S. spy agency that eavesdrops on
electronic communications overseas sought on Monday to reassure Americans
that the National Security Agency would not read their personal email if
a new cybersecurity law was enacted to allow private companies to share
information with the government.
...

But to help protect the private sector, he said it was important that the
intelligence agency be able to inform them about the type of malicious
software and other cyber intrusions it is seeing and hear from companies
about what they see breaching the protective measures on their computer
networks.

"It doesn't require the government to read their mail or your mail to do
that. It requires them, the Internet service provider or that company, to
tell us that that type of event is going on at this time. And it has to be
at network speed if you're going to stop it," Alexander said.

He said the information the government was seeking was the Internet
address where an email containing malicious software originated and
where it traveled to, not the content of the email.
...

But the U.S. government is also concerned about the possibility of a cyber
attack from adversaries on critical infrastructure such as the power grid or
transportation systems.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From bubba1752 at mpsu.ru  Tue Jul 10 00:08:37 2012
From: bubba1752 at mpsu.ru (=?koi8-r?B?78LV3sXOycUgOTQt5vo=?=)
Date: Mon, 9 Jul 2012 23:08:37 -0800
Subject: =?koi8-r?B?58/T2sHLwdogz9Qg4SDEzyDxIMTM0SD6wcvB2t7Jy8/XIMkg8M/T1MHX?=
	=?koi8-r?B?3cnLz9c=?=
Message-ID: <000d01cd5e62$71f526b0$6400a8c0@bubba1752>

МОСКВА: 17-18 июля 2012 г.

Госзаказ от "А" до "Я" для Заказчиков и Поставщиков "ГОСУДАРСТВЕННЫЕ ЗАКУПКИ: котировки, конкурсы, электронные аукционы. Разъяснения и практические рекомендации по порядку применения норм ФЗ-94 при проведении торгов. Федеральная контрактная система"

8 (495) 742/9I*98 ; 8 (499) 4454О95

Программа:

1 день

_- ОБЗОР ПОСЛЕДНИХ ИЗМЕНЕНИЙ В ЗАКОНОДАТЕЛЬСТВЕ РФ О РАЗМЕЩЕНИИ ЗАКАЗОВ

_- Основные отличительные идеи нового законопроекта в сфере Госзакупок "О федеральной контрактной системе"

_- Новшества системы:

 * регламентация работы по прогнозированию и планированию обеспечения государственных нужд, установление состава обязательных документов планирования и определение порядка обоснования ключевых параметров планируемых контрактов в целях последующего мониторинга размещения и исполнения контрактов, анализа контрактных результатов
предоставление государственным заказчикам свободу выбора способа размещения заказа.

 * стимуляция государственных заказчиков и закупщиков по обеспечению надлежащего исполнения условий контракта,

 * введение новых закупочных процедур и ограничений на закупку дорогостоящих товаров,

 * возможность формирования реестра недобросовестных заказчиков и т.д..

_- Порядок установления начальной (максимальной) стоимости контакта, возможные источники информации, обязанность заказчиков по опубликованию обоснования НМЦ.

_- Введение порядка обязательного опубликования планов-графиков закупок с 2012 года.

_-  ОСНОВНЫЕ ВОПРОСЫ ПРОВЕДЕНИЯ ПРОЦЕДУР РАЗМЕЩЕНИЯ ЗАКАЗА

_- Выбор формы торгов: конкурс или аукцион.

_- Подготовка и проведение конкурса: последовательность и продолжительность этапов, оформляемые документы. Рассмотрение заявок и допуск к конкурсу. Оценка и сопоставление заявок, выбор победителя. Изменения в Постановлении Правительства ╧ 722

_- Размещение заказа путем проведения запроса котировок.

_- Размещение заказа у единственного поставщика

_- ЗАКЛЮЧЕНИЕ ГОСУДАРСТВЕННЫХ (МУНИЦИПАЛЬНЫХ) КОНТРАКТОВ ПОДГОТОВКА И СДАЧА ОТЧЕТНОСТИ ЗАКАЗЧИКУ

_- Подготовка контракта. Обязательные положения контракта: приемка товаров, работ, услуг и ответственность поставщика.

_- Обеспечение исполнения контракта.

_- Исполнение контракта: приемка поставляемых товаров, выполненных работ. Действия поставщиков, направленные на уклонение от исполнения обязательств. Действия заказчика в случаях нарушения обязательств по контракту.

_- Расторжение контракта.

_- Размещение в реестре недобросовестных поставщиков

_- Ответы на вопросы

_- ФЕДЕРАЛЬНЫЙ ЗАКОН ОТ 26 ИЮЛЯ 2006 Г. N 135-ФЗ "О ЗАЩИТЕ КОНКУРЕНЦИИ"

_- Процедуры,  попадающие под контроль ФАС РФ.

_- Порядок принятия и формы подачи жалоб при наличии признаков ограничения конкуренции.

_- Сроки рассмотрения жалоб.

_- Изменение порядка закупки финансовых услуг государственными заказчиками.

2 день

_- 10.00-13.00  РАЗМЕЩЕНИЕ ЗАКАЗА ПУТЕМ ПРОВЕДЕНИЯ АУКЦИОНА. ОФИЦИАЛЬНЫЙ САЙТ РФ ДЛЯ РАЗМЕЩЕНИЯ ЗАКАЗОВ НА ПОСТАВКИ ТОВАРОВ, ВЫПОЛНЕНИЯ РАБОТ И ОКАЗАНИЯ УСЛУГ. ОБЗОР ДЕЙСТВУЮЩИХ ПЛОЩАДОК. ПОРЯДОК  ПРОВЕДЕНИЯ АУКЦИОНА В ЭЛЕКТРОННОЙ ФОРМЕ.

_- Новое в информационном обеспечении Госзаказа √ работа официального сайта и электронных торговых площадок. Требования законодательства к извещению о закупках. Вопросы информационной безопасности в системе размещения государственных и муниципальных заказов

_- Электронный аукцион. Размещение заказов  на электронных аукционах. Аукционный перечень (Распоряжение Правительства  236-р).

_- Обзор электронных площадок: ГУП "Агентство по государственному заказу, инвестиционной деятельности и межрегиональным связям Республики Татарстан",  ОАО "Единая электронная торговая площадка", ЗАО "Сбербанк - Автоматизированная система торгов", ООО "РТС-тендер", ЗАО ММВБ "ГОСЗАКУПКИ".

_- Электронный аукцион для  Заказчиков

Программное обеспечение, ЭЦП и порядок ее регистрации, документы на регистрацию, размещение извещения, документации об аукционе и протоколов. Порядок дачи разъяснений положений аукционной документации.

_- Электронный аукцион для Участников

Где можно приобрести ЭЦП, как ее зарегистрировать. Какие документы нужно предоставить для прохождения аккредитации на торговой площадке? Обеспечение заявок на участие в аукционе в электронной форме: как и кому предоставляется. Условия удержания обеспечения.

_- Универсальный алгоритм проведения аукциона в электронной форме.

Получение и регистрация ЭЦП; аккредитация участника; порядок опубликования информации об аукционе;

_- Заключение контракта по итогам аукциона.

Изменение сроков заключения контакта;

Протокол разногласий;

Новые требования по обеспечению исполнения контракта

_- Ответы на вопросы слушателей

_- 14.00 √ 17.00 ПРАКТИЧЕСКИЙ ТРЕНИНГ В КОМПЬЮТЕРНОМ КЛАССЕ ПО ФОРМИРОВАНИЮ И РАЗМЕЩЕНИЮ ИЗВЕЩЕНИЙ НА ОФИЦИАЛЬНОМ САЙТЕ ЗАКУПОК РФ И ПРОВЕДЕНИЮ АУКЦИОНА В ЭЛЕКТРОННОЙ ФОРМЕ НА ТОРГОВОЙ ПЛОЩАДКЕ ООО "РТС-тендер"

_- Ответы на вопросы

Стоимость участия: 15 200 рублей

Информацию можно получить по телефонам: 8 (495) 792*21\22 <<>> Московский код; 79221/22
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8931 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120709/4fbde9d6/attachment.txt>

From blaws1 at optusnet.co  Tue Jul 10 00:04:38 2012
From: blaws1 at optusnet.co (=?koi8-r?B?5MzRIM7P18ney8/X?=)
Date: Tue, 10 Jul 2012 09:04:38 +0200
Subject: =?koi8-r?B?5+/z+uHr4fog7/Qg4SDk7yDxLiDk7PEg7u/36f7r7/c=?=
Message-ID: <000d01cd5e61$e3b9dda0$6400a8c0@blaws1>

МОСКВА: 17-18 июля 2012 г.

Госзаказ от "А" до "Я" для Заказчиков и Поставщиков "ГОСУДАРСТВЕННЫЕ ЗАКУПКИ: котировки, конкурсы, электронные аукционы. Разъяснения и практические рекомендации по порядку применения норм ФЗ-94 при проведении торгов. Федеральная контрактная система"

+7 Московский код: 792-2I_2_2 : 8 Моск. код: 792*2I22

Программа:

1 день

_- ОБЗОР ПОСЛЕДНИХ ИЗМЕНЕНИЙ В ЗАКОНОДАТЕЛЬСТВЕ РФ О РАЗМЕЩЕНИИ ЗАКАЗОВ

_- Основные отличительные идеи нового законопроекта в сфере Госзакупок "О федеральной контрактной системе"

_- Новшества системы:

 * регламентация работы по прогнозированию и планированию обеспечения государственных нужд, установление состава обязательных документов планирования и определение порядка обоснования ключевых параметров планируемых контрактов в целях последующего мониторинга размещения и исполнения контрактов, анализа контрактных результатов
предоставление государственным заказчикам свободу выбора способа размещения заказа.

 * стимуляция государственных заказчиков и закупщиков по обеспечению надлежащего исполнения условий контракта,

 * введение новых закупочных процедур и ограничений на закупку дорогостоящих товаров,

 * возможность формирования реестра недобросовестных заказчиков и т.д..

_- Порядок установления начальной (максимальной) стоимости контакта, возможные источники информации, обязанность заказчиков по опубликованию обоснования НМЦ.

_- Введение порядка обязательного опубликования планов-графиков закупок с 2012 года.

_-  ОСНОВНЫЕ ВОПРОСЫ ПРОВЕДЕНИЯ ПРОЦЕДУР РАЗМЕЩЕНИЯ ЗАКАЗА

_- Выбор формы торгов: конкурс или аукцион.

_- Подготовка и проведение конкурса: последовательность и продолжительность этапов, оформляемые документы. Рассмотрение заявок и допуск к конкурсу. Оценка и сопоставление заявок, выбор победителя. Изменения в Постановлении Правительства ╧ 722

_- Размещение заказа путем проведения запроса котировок.

_- Размещение заказа у единственного поставщика

_- ЗАКЛЮЧЕНИЕ ГОСУДАРСТВЕННЫХ (МУНИЦИПАЛЬНЫХ) КОНТРАКТОВ ПОДГОТОВКА И СДАЧА ОТЧЕТНОСТИ ЗАКАЗЧИКУ

_- Подготовка контракта. Обязательные положения контракта: приемка товаров, работ, услуг и ответственность поставщика.

_- Обеспечение исполнения контракта.

_- Исполнение контракта: приемка поставляемых товаров, выполненных работ. Действия поставщиков, направленные на уклонение от исполнения обязательств. Действия заказчика в случаях нарушения обязательств по контракту.

_- Расторжение контракта.

_- Размещение в реестре недобросовестных поставщиков

_- Ответы на вопросы

_- ФЕДЕРАЛЬНЫЙ ЗАКОН ОТ 26 ИЮЛЯ 2006 Г. N 135-ФЗ "О ЗАЩИТЕ КОНКУРЕНЦИИ"

_- Процедуры,  попадающие под контроль ФАС РФ.

_- Порядок принятия и формы подачи жалоб при наличии признаков ограничения конкуренции.

_- Сроки рассмотрения жалоб.

_- Изменение порядка закупки финансовых услуг государственными заказчиками.

2 день

_- 10.00-13.00  РАЗМЕЩЕНИЕ ЗАКАЗА ПУТЕМ ПРОВЕДЕНИЯ АУКЦИОНА. ОФИЦИАЛЬНЫЙ САЙТ РФ ДЛЯ РАЗМЕЩЕНИЯ ЗАКАЗОВ НА ПОСТАВКИ ТОВАРОВ, ВЫПОЛНЕНИЯ РАБОТ И ОКАЗАНИЯ УСЛУГ. ОБЗОР ДЕЙСТВУЮЩИХ ПЛОЩАДОК. ПОРЯДОК  ПРОВЕДЕНИЯ АУКЦИОНА В ЭЛЕКТРОННОЙ ФОРМЕ.

_- Новое в информационном обеспечении Госзаказа √ работа официального сайта и электронных торговых площадок. Требования законодательства к извещению о закупках. Вопросы информационной безопасности в системе размещения государственных и муниципальных заказов

_- Электронный аукцион. Размещение заказов  на электронных аукционах. Аукционный перечень (Распоряжение Правительства  236-р).

_- Обзор электронных площадок: ГУП "Агентство по государственному заказу, инвестиционной деятельности и межрегиональным связям Республики Татарстан",  ОАО "Единая электронная торговая площадка", ЗАО "Сбербанк - Автоматизированная система торгов", ООО "РТС-тендер", ЗАО ММВБ "ГОСЗАКУПКИ".

_- Электронный аукцион для  Заказчиков

Программное обеспечение, ЭЦП и порядок ее регистрации, документы на регистрацию, размещение извещения, документации об аукционе и протоколов. Порядок дачи разъяснений положений аукционной документации.

_- Электронный аукцион для Участников

Где можно приобрести ЭЦП, как ее зарегистрировать. Какие документы нужно предоставить для прохождения аккредитации на торговой площадке? Обеспечение заявок на участие в аукционе в электронной форме: как и кому предоставляется. Условия удержания обеспечения.

_- Универсальный алгоритм проведения аукциона в электронной форме.

Получение и регистрация ЭЦП; аккредитация участника; порядок опубликования информации об аукционе;

_- Заключение контракта по итогам аукциона.

Изменение сроков заключения контакта;

Протокол разногласий;

Новые требования по обеспечению исполнения контракта

_- Ответы на вопросы слушателей

_- 14.00 √ 17.00 ПРАКТИЧЕСКИЙ ТРЕНИНГ В КОМПЬЮТЕРНОМ КЛАССЕ ПО ФОРМИРОВАНИЮ И РАЗМЕЩЕНИЮ ИЗВЕЩЕНИЙ НА ОФИЦИАЛЬНОМ САЙТЕ ЗАКУПОК РФ И ПРОВЕДЕНИЮ АУКЦИОНА В ЭЛЕКТРОННОЙ ФОРМЕ НА ТОРГОВОЙ ПЛОЩАДКЕ ООО "РТС-тендер"

_- Ответы на вопросы

Стоимость участия: 15 200 рублей

Информацию можно получить по телефонам: +7 499 Ч45.40*95 <<<>>> \Моск. код/ 7922I22
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8929 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120710/dcbb9ff3/attachment.txt>

From eugen at leitl.org  Tue Jul 10 03:12:55 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 10 Jul 2012 12:12:55 +0200
Subject: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for
  Access 	Innovation Prize 2012
Message-ID: <20120710101255.GR12615@leitl.org>

----- Forwarded message from John Gilmore <gnu at toad.com> -----


From eugen at leitl.org  Tue Jul 10 03:13:41 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 10 Jul 2012 12:13:41 +0200
Subject: U.S. spy agencies ... email for cybersecurity
Message-ID: <20120710101341.GS12615@leitl.org>

----- Forwarded message from William Allen Simpson <william.allen.simpson at gmail.com> -----


From measl at mfn.org  Tue Jul 10 10:42:13 2012
From: measl at mfn.org (J.A. Terranson)
Date: Tue, 10 Jul 2012 12:42:13 -0500 (CDT)
Subject: U.S. spy agencies ... email for cybersecurity
In-Reply-To: <20120710101341.GS12615@leitl.org>
References: <20120710101341.GS12615@leitl.org>
Message-ID: <Pine.LNX.4.64.1207101232560.17900@mx1.mfn.org>

<snip 100% bullshit from USG>

> But the U.S. government is also concerned about the possibility of a cyber
> attack from adversaries on critical infrastructure such as the power grid or
> transportation systems.

(1) Whatever happened to simple concepts [and basic best 
practices] like airgapping?

(2) Despite _not_ having this kind of BS law in place yet (that we know of 
anyway, seeing as we now have secret laws<fsck!>), there hasn't been much 
of a problem backtracking major malware outbreaks as far back as the early 
aughts.  This crap about "wire speed" is pretty flimsy misdirection, even 
for the USG.

(2) Payback's a bitch. And it must hurt even more to know that your 
enemies are going to reverse engineer your own malware (stux et al) for 
return flights.  Maybe we should focus on the actual issue: getting our 
noses [and arms] out of the rest of the worlds businesses [and backyards].

//Alif

-- 
Those who make peaceful change impossible,
make violent revolution inevitable.

An American Spring is coming:
   one way or another.




From measl at mfn.org  Tue Jul 10 10:49:52 2012
From: measl at mfn.org (J.A. Terranson)
Date: Tue, 10 Jul 2012 12:49:52 -0500 (CDT)
Subject: [Freedombox-discuss] FreedomBox/Unhosted/PageKite for 
  Access   Innovation Prize 2012
In-Reply-To: <20120710101255.GR12615@leitl.org>
References: <20120710101255.GR12615@leitl.org>
Message-ID: <Pine.LNX.4.64.1207101245040.17900@mx1.mfn.org>

> ----- Forwarded message from John Gilmore <gnu at toad.com> -----
> 
> Sure.  Here are three more scenarios.  What all of them share is that
> YOU choose which friends with static IP addresses to trust, and that
> those friends' FreedomBoxes handle much of the setup and maintenance
> overhead.  These three scenarios don't require ANY centralized
> infrastructure other than a DNS provider that everyone needs anyway.
> 
> Since FreedomBox is built out of standardized software, even friends
> who don't have FreedomBoxes can act as your friends, if they are
> already running, or willing to run, that software on their existing
> Linux servers.

<Disclaimer> I'm out of the loop on the central conversation, having only 
this forward as a reference, so I may be reinventing prior 
suggestion(s) </Disclaimer>

Is there any serious discussion of using [multiple] encrypted layer 2 
tunnels? Assuming the tunnelling data is *not* part of the firmware, it 
would be lost if the box were disconnected [read: siezed], providing an 
extra layer of protection for figuring out who has what where.

//Alif

-- 
Those who make peaceful change impossible,
make violent revolution inevitable.

An American Spring is coming:
   one way or another.




From rudiger.koch at gmail.com  Tue Jul 10 09:22:24 2012
From: rudiger.koch at gmail.com (R|diger Koch)
Date: Tue, 10 Jul 2012 18:22:24 +0200
Subject: [ZS] Microsoft Research on Bitcoin
Message-ID: <mailman.3580.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Moving thread to zs-business:

2012/7/10 Lodewijk andri de la porte <l at odewijk.nl>

>
> I want to do green addresses, addresses from which one can be sure it is a
> valid transaction. If an address exists at third parties it is completely
> unreliable what happens to the Bitcoins on them. I'm not sure it makes
> sense as my service is as safe as it's going to get. Why should I let uses
> risk themselves? There's some argument towards additional freedom, I
> couldn't completely freeze their accounts.
>

Precisely. Nor can the government or an intruder, provided the keys are
encrypted on disk. I don't see how users risk anything if you provide a "*Print
backup"* option - no trojan can steal a letter in the safe. You might be
glad one day if you get raided by "authorities" or broken in.

Since this'd help only those I'm legally required to blockade it's low
> priority if not zero priority.
> What I can do is let private keys be submitted and empty them instantly,
> towards a safe address. But I don't really see why people wouldn't just
> send them towards themselves.
>

Well, I can. For example users can come to Fikisha office in Lagos and buy
a printout of a Mini (Casascius) key for cash, which they can fax to the UK
or the EU, for example. At Intersango or MtGox, they can redeem that key.
I'd very much like it if those keys can be redeemed in more ways.*



> This is how I'd redeem tokens or Casascius coins. It's a low priority
> addition compared to some other things I'm doing.
>

I'd understand it if it were only Casascius coins. After all who in his
right mind is buying an expensive coin to redeem it shortly after. If
Bitcoin price hike continues, this may also be an interesting feature.

Cheers
Anu


* They'll be able to redeem it at Fikisha, but that only makes sense if
they get 2nd thoughts about the transfer

-- 
You received this message because you are subscribed to the Google Groups "zs-business" group.
To post to this group, send email to zs-business at googlegroups.com.
To unsubscribe from this group, send email to zs-business+unsubscribe at googlegroups.com.
For more options, visit this group at http://groups.google.com/group/zs-business?hl=en.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From USPS_Shipping_Services at usps.com  Tue Jul 10 11:28:29 2012
From: USPS_Shipping_Services at usps.com (Terrence Sanders)
Date: Tue, 10 Jul 2012 19:28:29 +0100
Subject: You have outstanding UPS invoices.
Message-ID: <3654379959.JCY519H3551389@dkacydlvfvbly.umfxjlcblsdmae.org>

UPS billing center  
   This is anautomatically generated email Please do not reply tothis email address.   Dear UPSCustomer,   Newinvoice(invoices) are available forviewing in UPS billing center.Do not forget that your UPSinvoices should be paid within 28days so as not to incur anyadditional fees.Please surf to the UPS Billing Centerto access and pay yourinvoice. 
 
  Find out moreabout UPS: Visit ups.com Explore UPS FreightServices Learn About UPSCompanies Sign Up For AdditionalEmail From UPS Read our official blog 
   (c) 2012 UnitedParcel Service of America, Inc. UPS, the UPSbrandmark, and the color brown are trademarks ofUnited Parcel Service of America, Inc. All rightsreserved. For more information on UPS's privacy practices,refer to the UPS Privacy Policy.Please do not reply directly to this e-mail UPSwill not receive any reply message. For questions or comments, visit Contact UPS.This communication contains proprietaryinformation and may be confidential. If you arenot the intended recipient, the reading, copying,disclosure or other use of the contents of thise-mail is strictly prohibited and you areinstructed to please delete this e-mailimmediately.  
  Privacy Policy  Contact UPS  

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3273 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120710/647d3eac/attachment.txt>

From eugen at leitl.org  Tue Jul 10 23:31:29 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 11 Jul 2012 08:31:29 +0200
Subject: [ZS] Microsoft Research on Bitcoin
Message-ID: <20120711063129.GY12615@leitl.org>

----- Forwarded message from R|diger Koch <rudiger.koch at gmail.com> -----


From zooko at zooko.com  Wed Jul 11 06:09:56 2012
From: zooko at zooko.com (Zooko Wilcox-O'Hearn)
Date: Wed, 11 Jul 2012 10:09:56 -0300
Subject: [tahoe-dev] weekly Tahoe dev call report: 2012-07-10
Message-ID: <mailman.3581.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

b" 1.9.2 release! Yay David-Sarah, Release Manager. Thanks to everyone
who contributed bug reports, patches, testing, packaging, etc.

b" Add-only sets: Can servers exercise "editorial power" over add-only
sets, remixing different legitimate adder-signed sets to form new
sets? Zooko thinks this could be a problem, and that add-only sets
should be designed against it, but he can't remember why he thinks
that. Brian thinks that it is hardly a problem because the presence of
other servers giving answers renders any one server's ability to
select among legitimate answers almost moot. Andrew and David-Sarah
both think that the notion of a *set* as opposed to a fully serialized
sequence must surely require that readers accept unions. We agreed to
drop the subject for now and move on to lease database.

b" lease database

   b" keep information about leases in some separate location instead
of bundled with each share

   b" let's use a sqlite db through the pysqlite API, like we do with backupdb

   b" for the cloud backend (that Least Authority Enterprises is
building), the leasedb will be stored on persistent storage e.g Amazon
Elastic Block Store (EBS), while the shares are stored on cloud
storage, e.g. Amazon Simple Storage Service (S3).

   b" people can manually add shares, such as by just dropping a share
file into a disk backend filesystem, or uploading a share object to
Amazon S3, and the lease system will eventually discover them and
maintain them as long as they are leased, and then delete them when
they are no longer leased.

   b" people can manually delete shares, such as by just rm'ing a share
file from a disk backend filesystem, or deleting a share object to
Amazon S3, and the lease system will not break when it discovers that
it is gone.

   b" There can be race conditions between such external actions and
the progress of the crawler which is inspecting leases. A state
machine must be carefully analyzed to see that in handles all such
possible sequences of events. See
https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Summit2Day4#leasedbcrawler
for initial notes about that. A state transition diagram would be a
good way to analyze and communicate that.

   b" Brian was about to write a new lease database as the next step in
his Accounting work, and Least Authority Enterprises is about to write
a new lease database as the next step in our DARPA research grant
contract, with a deadline of July 26. So, let's cooperate. We need to
agree on separation of responsibilities.

   b" The crawler can be a "background task" that doesn't take up
resources (CPU) for too long at a time, so there's a configurable knob
for "how many seconds in a row do I run" and "how many seconds do I
idle in between runs", and another knob for "how soon should I start a
new pass after I've already finished the last pass".

   b" Should "account ids" or "lease-owner ids" be public keys or
things derived from symmetric secrets? Brian wisely suggests
decoupling that question from the rest of the lease db design. But,
then Brian and David-Sarah agreed that the lease-owner ids should be
small integers. Zooko disagrees, but nobody asked him.

   b" Least Authority Enterprises might someday want to store their
lease databases in funky cloud databases things like Amazon's Cloud
SQL DB or Microsoft's Cloud SQL DB. But for now we're just going to
use pysqlite and local storage such as Amazon EBS.

Brian will review his branch and write up some stuff about how the
accounting branch ought to go. Brian and David-Sarah will
synchronously work on it Tuesday and Thursday.
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From george at roguegenius.com  Wed Jul 11 10:15:04 2012
From: george at roguegenius.com (George Chamales)
Date: Wed, 11 Jul 2012 10:15:04 -0700
Subject: [liberationtech] Invitation - Hacking Humanitarian Technology
	Before the Bad Guys Do
Message-ID: <mailman.3582.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Thought this might be of interested to some of the folks on the list.

----

*Hacking Humanitarian Technology Before the Bad Guys Do*

Event:  JIFX-RELIEF Field Exploration
Location:  Camp Roberts, CA
Dates:  August 15-16, 2012

In the last 18 months there have been a steady increase in attacks by
hostile groups against citizens and response organizations utilizing
communications and Internet technologies.  Those attacks include
custom malware targeting activists in Syria, harassment and
infiltration of civil rights monitoring groups in Egypt, and the
murder of citizen reporters in Mexico.

The JIFX-RELIEF Field Explorations are acknowledged to be the premier
venue for creating interoperable civil-military systems for
Humanitarian Assistance / Disaster Response (HA/DR) operations.  This
year's RELIEF experiments will bring together members of the security
community to evaluate the security strengths and weaknesses of several
technologies that are being deployed in hostile environments.

Participants from the security community will have the opportunity to:
* Support the development of emergency and humanitarian technologies
* Meet a variety of groups working in the humanitarian technology space
* Interact with other members of the public and private security community

The security evaluations will take part over two separate days and
security experts are invited to take part in one or both:

*August 15th*:  Tour of the different experiments taking place and
discussions with the owners and operators of those technologies to
provide the security expert's view of the strengths and weaknesses of
the technology.

*August 16th*:  Penetration testing of a set of those technologies as
they to identify and fix vulnerabilities before they are attacked in
fielded in hostile environments.

The attached document contains more information on the experiments
that will be taking place and the organizations involved.  If you are
interested in taking part in the security assessment on one or both
days please RSVP to george at roguegenius.com by August 1st.

Thank you for your time and interest in supporting the development of
secure technologies for use in crisis and disaster response
operations.

george

George Chamales
Rogue Genius LLC
http://roguegenius.com
Phone:  718.288.7718


_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From btmlinebs at seocontent.ru  Tue Jul 10 22:49:25 2012
From: btmlinebs at seocontent.ru (=?koi8-r?B?89DFw8nBzMnT1Nkg5uHz?=)
Date: Wed, 11 Jul 2012 11:19:25 +0530
Subject: =?koi8-r?B?5+/z+uHr4fogy8HLIM7BIM7FzSDawdLBws/UwdTY?=
Message-ID: <E16C1391B46F402DB365556481C98C5F@one>

МОСКВА: 17-18 июля 2012 г.

Госзаказ от "А" до "Я" для Заказчиков и Поставщиков "ГОСУДАРСТВЕННЫЕ ЗАКУПКИ: котировки, конкурсы, электронные аукционы. Разъяснения и практические рекомендации по порядку применения норм ФЗ-94 при проведении торгов. Федеральная контрактная система"

код (499) -  Ч45-Ч095 или +7 (Ч95) 7Ч2-91/98

Программа:

1 день

_- ОБЗОР ПОСЛЕДНИХ ИЗМЕНЕНИЙ В ЗАКОНОДАТЕЛЬСТВЕ РФ О РАЗМЕЩЕНИИ ЗАКАЗОВ

_- Основные отличительные идеи нового законопроекта в сфере Госзакупок "О федеральной контрактной системе"

_- Новшества системы:

 * регламентация работы по прогнозированию и планированию обеспечения государственных нужд, установление состава обязательных документов планирования и определение порядка обоснования ключевых параметров планируемых контрактов в целях последующего мониторинга размещения и исполнения контрактов, анализа контрактных результатов
предоставление государственным заказчикам свободу выбора способа размещения заказа.

 * стимуляция государственных заказчиков и закупщиков по обеспечению надлежащего исполнения условий контракта,

 * введение новых закупочных процедур и ограничений на закупку дорогостоящих товаров,

 * возможность формирования реестра недобросовестных заказчиков и т.д..

_- Порядок установления начальной (максимальной) стоимости контакта, возможные источники информации, обязанность заказчиков по опубликованию обоснования НМЦ.

_- Введение порядка обязательного опубликования планов-графиков закупок с 2012 года.

_-  ОСНОВНЫЕ ВОПРОСЫ ПРОВЕДЕНИЯ ПРОЦЕДУР РАЗМЕЩЕНИЯ ЗАКАЗА

_- Выбор формы торгов: конкурс или аукцион.

_- Подготовка и проведение конкурса: последовательность и продолжительность этапов, оформляемые документы. Рассмотрение заявок и допуск к конкурсу. Оценка и сопоставление заявок, выбор победителя. Изменения в Постановлении Правительства № 722

_- Размещение заказа путем проведения запроса котировок.

_- Размещение заказа у единственного поставщика

_- ЗАКЛЮЧЕНИЕ ГОСУДАРСТВЕННЫХ (МУНИЦИПАЛЬНЫХ) КОНТРАКТОВ. ПОДГОТОВКА И СДАЧА ОТЧЕТНОСТИ ЗАКАЗЧИКУ

_- Подготовка контракта. Обязательные положения контракта: приемка товаров, работ, услуг и ответственность поставщика.

_- Обеспечение исполнения контракта.

_- Исполнение контракта: приемка поставляемых товаров, выполненных работ. Действия поставщиков, направленные на уклонение от исполнения обязательств. Действия заказчика в случаях нарушения обязательств по контракту.

_- Расторжение контракта.

_- Размещение в реестре недобросовестных поставщиков

_- Ответы на вопросы

_- ФЕДЕРАЛЬНЫЙ ЗАКОН ОТ 26 ИЮЛЯ 2006 Г. N 135-ФЗ "О ЗАЩИТЕ КОНКУРЕНЦИИ"

_- Процедуры,  попадающие под контроль ФАС РФ.

_- Порядок принятия и формы подачи жалоб при наличии признаков ограничения конкуренции.

_- Сроки рассмотрения жалоб.

_- Изменение порядка закупки финансовых услуг государственными заказчиками.

2 день

_- 10.00-13.00  РАЗМЕЩЕНИЕ ЗАКАЗА ПУТЕМ ПРОВЕДЕНИЯ АУКЦИОНА. ОФИЦИАЛЬНЫЙ САЙТ РФ ДЛЯ РАЗМЕЩЕНИЯ ЗАКАЗОВ НА ПОСТАВКИ ТОВАРОВ, ВЫПОЛНЕНИЯ РАБОТ И ОКАЗАНИЯ УСЛУГ. ОБЗОР ДЕЙСТВУЮЩИХ ПЛОЩАДОК. ПОРЯДОК  ПРОВЕДЕНИЯ АУКЦИОНА В ЭЛЕКТРОННОЙ ФОРМЕ.

_- Новое в информационном обеспечении Госзаказа – работа официального сайта и электронных торговых площадок. Требования законодательства к извещению о закупках. Вопросы информационной безопасности в системе размещения государственных и муниципальных заказов

_- Электронный аукцион. Размещение заказов  на электронных аукционах. Аукционный перечень (Распоряжение Правительства  236-р).

_- Обзор электронных площадок: ГУП "Агентство по государственному заказу, инвестиционной деятельности и межрегиональным связям Республики Татарстан",  ОАО "Единая электронная торговая площадка", ЗАО "Сбербанк - Автоматизированная система торгов", ООО "РТС-тендер", ЗАО ММВБ "ГОСЗАКУПКИ".

_- Электронный аукцион для  Заказчиков

Программное обеспечение, ЭЦП и порядок ее регистрации, документы на регистрацию, размещение извещения, документации об аукционе и протоколов. Порядок дачи разъяснений положений аукционной документации.

_- Электронный аукцион для Участников

Где можно приобрести ЭЦП, как ее зарегистрировать. Какие документы нужно предоставить для прохождения аккредитации на торговой площадке? Обеспечение заявок на участие в аукционе в электронной форме: как и кому предоставляется. Условия удержания обеспечения.

_- Универсальный алгоритм проведения аукциона в электронной форме.

Получение и регистрация ЭЦП; аккредитация участника; порядок опубликования информации об аукционе;

_- Заключение контракта по итогам аукциона.

Изменение сроков заключения контакта;

Протокол разногласий;

Новые требования по обеспечению исполнения контракта

_- Ответы на вопросы слушателей

_- 14.00 – 17.00 ПРАКТИЧЕСКИЙ ТРЕНИНГ В КОМПЬЮТЕРНОМ КЛАССЕ ПО ФОРМИРОВАНИЮ И РАЗМЕЩЕНИЮ ИЗВЕЩЕНИЙ НА ОФИЦИАЛЬНОМ САЙТЕ ЗАКУПОК РФ И ПРОВЕДЕНИЮ АУКЦИОНА В ЭЛЕКТРОННОЙ ФОРМЕ НА ТОРГОВОЙ ПЛОЩАДКЕ ООО "РТС-тендер"

_- Ответы на вопросы

Стоимость участия: 15 200 рублей

По вопpоcам подробной информации и pегucтаpацuu обpащайтеcь по тел: +7 Московский код: 742-91\98 или +7 Ч95 7Ч2.9I.98
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8901 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120711/01bcb70b/attachment.txt>

From measl at mfn.org  Wed Jul 11 13:13:11 2012
From: measl at mfn.org (J.A. Terranson)
Date: Wed, 11 Jul 2012 15:13:11 -0500 (CDT)
Subject: [Fwd] Seattle Police Department raids apartment for "anarchist"
   reading materials (fwd)
Message-ID: <Pine.LNX.4.64.1207111511120.22035@mx1.mfn.org>

-----Original Message-----
From: carol isaac [mailto:carolannisaac at msn.com] 
Sent: Wednesday, July 11, 2012 8:05 AM
Subject: 

 

Yesterday the Seattle Police Department's SWAT team, rammed open an 
apartment door in the CD at 5:45 a.m., threw in two flash grenades which 
woke up the neighborhood and the four residents of the apartment, and with 
assault rifles served a warrant for some articles of clothing and 
"anarchist" reading materials.  The took a few articles of clothing like a 
sweater, blue cap, bandana, and some reading material and left.  No 
charges, no arrests.  They said it was related to May 1st.  This was a 
raid that violates the ethical and moral standards of the community.  See 
the Stranger's blog for more details.  There was a demonstration against 
this behavior last night, and there is a larger one planned for this 
Friday at 7:00 p.m.  The rally began at Westlake last night, and most 
likely will begin there this Friday also.

I am passing this timely information along below.  Please feel free to do 
the same...

A Seattle activist is in Minneapolis and has advice from two of the RNC 8 
who were arrested & charged with conspiracy around the anti-RNC plans in 
2008.

One of them has extensive experience with community-oriented support 
campaigns for people facing grand juries & criminal cases for political 
stuff and was heavily involved Cece MacDonald's case.  The following you 
may already know or may be helpful.

With regards to security it was advised that sometimes people can do more 
harm than good by not sharing essential info with their community when the 
police already have access to that anyway.  In particular it was advised 
all this information can be sent over email.

It is suggested getting lawyers, but stresses that it's important to keep 
folks involved so that lawyers can't control the situation.

This is now an opportunity to lay groundwork for a defense campaign for 
the possibility someone is arrested or charged.  In particular we can use 
this as an opportunity to start doing know-your-rights trainings, 
including some specific to grand juries.


Also, we have time to plan in a way that allows us to have more control 
over the public narrative in that case.

On that note, it's important to not isolate ourselves and seek/appreciate 
support wherever it's available, but to also do as much as possible to 
control the narrative of any support campaign, i.e., to counter narratives 
of innocent vs. guilty or "they were just exercising their first amendment 
rights" stuff.
  
As an example, we should not present ourselves as "just peace activists" 
if we are in fact revolutionaries.  Revolutionaries can lose support from 
liberals and progressives if we're not straighforward about our politics. 
Don't water down the type of organizing and political work that you're 
doing.  Liberals should support radicals and revolutionaries because 
anyone involved in organizing deserves support when the cops/feds come 
after them. It shouldn't be based on claims that the work they're doing is 
compatible with capitalist democracy if that's not actually the case.  
Don't say anything to the media or community that can't stand up in court.

Grand Juries: it's essential to have an across-the-board policy of 
non-cooperation with grand juries: Refuse to answer ANY of their 
questions. Some people think they can outsmart grand juries, but they are 
fishing expeditions and even minor-seeming information can help them.  
There have been cases where every single person refused to testify.  As a 
result no one was found in contempt of court for not answering questions.

Preferred website with lots of useful grand jury info.  Kris Hermes, who 
runs it.  <http://grandjuryresistance.org/> 
http://grandjuryresistance.org/

We should publicly announce this site whenever the feds talk to someone or 
approach us at all.  If the feds aren't seeking media attention a la "perp 
walks" then that means they don't want it; it's better to draw 
community/media attention so that people don't feel isolated if/when it 
happens to them.


Media work is really important, again to get as wide of support as 
possible.


Links to more info:


With degrees of variation, pretty much everyone who does various legal
support training (know your rights etc.) across the country uses ordraws
heavily from midnight special material:   <http://www.midnightspecial.net/>
http://www.midnightspecial.net/

This is the last version of a Minneapolis zine; some of it is outdated or
specific to mpls, but a lot of it continues to be relevant:
<http://zinelibrary.info/files/eartwarrior.pdf>
http://zinelibrary.info/files/eartwarrior.pdf

Commonly used zine:
<http://conspiracytour.files.wordpress.com/2010/07/ccr_if_an_agent_knocks.pd
f>
http://conspiracytour.files.wordpress.com/2010/07/ccr_if_an_agent_knocks.pdf

Good general security culture zine:
<http://zinelibrary.info/files/zine-what_is_security_culture.pdf>
http://zinelibrary.info/files/zine-what_is_security_culture.pdf

You may not agree with the overall analysis, but it is useful nevertheless:
<http://zinelibrary.info/files/ageofconspiracyPRINT.pdf>
http://zinelibrary.info/files/ageofconspiracyPRINT.pdf

Sign at last night's demo:  "First they came for the hoodies, ..."  (BTW, an
irony:  The four people in the Seattle apartment do not identify as
anarchists.)


Solidarity,

Carol

-------------------------------

//Alif

--
Those who make peaceful change impossible,
make violent revolution inevitable.

An American Spring is coming:
   one way or another.




From torbox at riseup.net  Wed Jul 11 08:36:13 2012
From: torbox at riseup.net (proper)
Date: Wed, 11 Jul 2012 15:36:13 +0000
Subject: [tor-talk] hidden services 2.0 brainstorming
Message-ID: <mailman.3583.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

I think the concept of hidden services has a lot potential. Not only
because they are hidden. Let's face it:
- You get a free domain for live.
- You get transparent, free end to end encryption. No flawed root CA system.
- That's something remarkable, isn't it?

With some modifications/improvements they could be potentially used for
any website, such as as e-commerce, google, twitter, facebook etc.

hidden services "1.0" as of July 2012 features:
- "optional" [1] client anonymity
- "optional" [2] server anonymity
- somewhat slow both, when client anonymity and server anonymity are active
- free live time domain
- no domain registrar can mess up
- somewhat [3] secure
- very few useful legitimate hidden services exist [4]

ideas for hidden services "2.0":
- Marketing: Free domain for live!
- Marketing: Safer than SSL!
- "optional" [1] client anonymity
- "optional" server anonymity
- add an option to let the server and/or client connect non-anonymously [6]
- somewhat slow both, client anonymity and server anonymity are active
- fast if only one uses anonymity
- very fast if none use anonymity
- establish new human friendly name system [7]
- improved stability, reachability, performance and dos protection features

advantages:
- More legitimate hidden services. Better reputation for Tor.
- Real solution for the flawed root CA system.
- Say goodbye to the DNS hierarchy system, DNS spoofing etc. Free
domains, domain security depends on local security, not on registrar /
DNS system.
- Tor gets more known and gets more relay / bridge contributors.
- Safes exit bandwidth.

[1] Optional because if Tor2webMode is set to 1: Tor connects to hidden
services non-anonymously. As far I know it connects to the rondevouz
point directly, server of course stays anonymous.
[2] There are exit enclaves. The server acts as exit and allows to exit
to it's own IP.
[3] Please don't make that the topic here. What I mean is the domain
name may not be long enough, weak sha1 hash and the encryption keys are
not the most up to date, strongest ones.
[4] Depends on opinion, anyway, much more legitimate and useful servers
can not hurt. Let's not make this the topic here.
[5] One hop circuit or can you even make a 0 hop circuit, i.e. direct
connection?
[6] Non-anonymous domains could use something else, not .onion.
[7] There is already at least one proposal, pet name system.
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul 11 06:44:54 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 11 Jul 2012 15:44:54 +0200
Subject: [tahoe-dev] weekly Tahoe dev call report: 2012-07-10
Message-ID: <20120711134454.GQ12615@leitl.org>

----- Forwarded message from Zooko Wilcox-O'Hearn <zooko at zooko.com> -----


From eugen at leitl.org  Wed Jul 11 08:43:48 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 11 Jul 2012 17:43:48 +0200
Subject: [tor-talk] hidden services 2.0 brainstorming
Message-ID: <20120711154348.GX12615@leitl.org>

----- Forwarded message from proper <torbox at riseup.net> -----


From eugen at leitl.org  Wed Jul 11 14:04:57 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 11 Jul 2012 23:04:57 +0200
Subject: [liberationtech] Invitation - Hacking Humanitarian Technology 
  Before the Bad Guys Do
Message-ID: <20120711210457.GB12615@leitl.org>

----- Forwarded message from George Chamales <george at roguegenius.com> -----


From eugen at leitl.org  Thu Jul 12 02:11:18 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 12 Jul 2012 11:11:18 +0200
Subject: the riders of the Infocalypse go cloppity-clop
Message-ID: <20120712091118.GL12615@leitl.org>

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10819029

Officer's link to net drug market

By Nicholas Jones

5:30 AM Thursday Jul 12, 2012

Silk Road has more than 2000 listings, including for drugs such as cocaine
and cannabis. Photo / Supplied

A Customs officer has been found to be a member of a secretive online
marketplace which offers global delivery of illegal drugs, pornography,
firearms and fake passports.

The officer, who has name suppression, has already appeared in Waitakere
District Court on several methamphetamine-related offences, including supply
of the class-A drug.

But the Herald understands that when police seized his personal computer, he
told them they would find software and electronic history showing access to a
hidden site called Silk Road.

Authorities worldwide have struggled to combat the site's growing popularity
because encrypting software makes it difficult to trace or identify its
users.

Silk Road claims to be an anonymous online marketplace where electronic
currency is used to sell and buy illegal drugs and contraband - from cocaine
or LSD to fake passports.

A sister site called The Armory offers weapons and ammunition.

They function just like legitimate online shopping sites and feature sellers'
profiles detailing their trading history and customer feedback.

Sellers offer to vacuum-seal and post orders internationally, with a false
return-to-sender address.

Yesterday, a NZ Customs spokeswoman - when asked if the site had affected
attempts to import drugs - said there had generally been a significant
increase in interceptions.

But the volume of drugs found on each occasion was often less than normal,
meaning the total seized had not grown significantly, she said.

In a post on Silk Road's forum this week, an "official New Zealand thread"
warned fellow Kiwis to keep a low profile.

"The more we boast about it, the easier our mail becomes to profile and
target and we would be stupid to think that law enforcement doesn't browse
these forums."

This year, a Dunedin university student and his associate used the site to
arrange for 165 Ecstasy pills to be mailed from the Netherlands.

The drugs were intercepted by Customs and the Herald understands they were
found to be pure MDMA - a rarity for Ecstasy in New Zealand.

The 18-year-old told police that he agreed to let the pills be sent to his
address to help fund a 12-month exchange trip to Canada.

The extent of the Customs officer's use of Silk Road is unclear.

The Herald has been told that he claimed he used the site as research for his
work. However, it is understood the Customs Service decided this explanation
was unlikely.

Yesterday, the officer told the Herald he "wasn't using" Silk Road.

When asked why it was on his home computer, he said: "I knew about it,
because I worked for Customs. But since I have name suppression, I'd like to
make no comment".

The Herald accessed Silk Road and found a sidebar showing categories of
listings.

There were more than 2000 listings for drugs such as cocaine and cannabis,
with accompanying pictures, price-tags and product descriptions.

Forged drivers' licences and passports were among other offerings.

One US-based trader was selling custom-made John Key blotters - preprinted
sheets of blotting paper that can be dipped in an LSD solution - "for all you
Kiwi bastards".

Increased media attention has led to the site's community growing and, with
that, a rise in scammers.

Last month, the Customs officer appeared in court on a total of 11
methamphetamine-related charges.

It is understood the man's alleged offending was uncovered during police
inquiries into another crime.

The alleged offending was not directly related to the man's work.

Although the amounts of methamphetamine involved were small, a decision was
made to press charges because of the nature of the man's employment.

HOW IT WORKS

* Silk Road is accessed through browsing software called Tor - The Onion
Router - which bounces users' connections off multiple servers worldwide.
This is said to make identity untraceable.

* Tor was developed by the United States Navy, and has been hailed by
campaigners as a way to retain free speech and avoid censorship.

* Two US senators have urged the United States Attorney-General to crack down
on Silk Road and the digital currency that enables purchases on it, Bitcoins.

* Goods on Silk Road can only be bought using Bitcoin, an independent online
currency.

* The peer-to-peer currency, which works via a piece of open-source software,
aids anonymity on Silk Road because it is not linked to any institution.

* Bitcoin developer Jeff Garzik has previously said that because the currency
log is public, it's possible that buyers could be tracked. "Attempting major
illicit transactions with Bitcoin, given existing statistical analysis
techniques deployed in the field by law enforcement, is pretty damned dumb,"
he told Gawker.com.




From brendan at gerber.com  Thu Jul 12 07:26:58 2012
From: brendan at gerber.com (=?koi8-r?B?IvfBzMXSydEg9tXSy8nOwSI=?=)
Date: Thu, 12 Jul 2012 16:26:58 +0200
Subject: =?koi8-r?B?xMXbxdfB0SDNxdbE1cfP0s/EzsHRINPX0drY?=
Message-ID: <01cd604b$2862f500$72ff5d3b@brendan>

Безлимитный межгород
    
Безлимитка 
по всей России
 
на все номера
      
Всего за 3000 рублей
  
Звоните сегодня - (495) 225..04-62
     
 




From blems at cibnet.com  Thu Jul 12 08:17:22 2012
From: blems at cibnet.com (=?koi8-r?B?IvHLz9cg4s/SydPP18neIg==?=)
Date: Thu, 12 Jul 2012 20:47:22 +0530
Subject: =?koi8-r?B?wsXazMnNydTO2cogzcXWx8/Sz8Qh?=
Message-ID: <01cd606f$89042900$c4afb23b@blems>

Безлимитный межгород
   
Безлимитка 
по всей России
       
на все номера
   
Всего за 3000 рублей
    
Звоните сегодня - (495) 225_04-62
  
    




From ales at chemos-group.com  Thu Jul 12 08:40:27 2012
From: ales at chemos-group.com (=?koi8-r?B?IuXXx8XOycoi?=)
Date: Thu, 12 Jul 2012 22:40:27 +0700
Subject: =?koi8-r?B?0NLRzc/KIM3P08vP19PLycogzs/NxdI=?=
Message-ID: <01cd607f$5530ff80$898a3401@ales>

 
Виртуальная АТС
всего за 300 рублей в месяц  
      
Звоните сегодня (495) 225--04__62
     
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия  на покупке телефонной станции
  
ОСТАЛОСЬ ВСЕГО ДВА ДНЯ
Выбирайте московский номер
и получайте виртуальную АТС
для склада/офиса/ресторана/магазина
       
      
  




From brian.glenn at jacobsonco.com  Thu Jul 12 11:29:05 2012
From: brian.glenn at jacobsonco.com (=?koi8-r?B?IvfTxdfPzM/EIg==?=)
Date: Thu, 12 Jul 2012 23:59:05 +0530
Subject: =?koi8-r?B?xMXbxdfB0SDNxdbE1cfP0s/EzsHRINPX0drY?=
Message-ID: <01cd608a$5156aa80$23c3630e@brian.glenn>

Безлимитный межгород
   
Безлимитка 
по всей России
      
на все номера
     
Всего за 3000 рублей
     
Звоните сегодня - (495) 225..04...62
      
     




From angela.davila at cityofhouston.net  Thu Jul 12 12:48:20 2012
From: angela.davila at cityofhouston.net (=?koi8-r?B?IuzB0snTwSDrz8zP08/XwSI=?=)
Date: Fri, 13 Jul 2012 01:18:20 +0530
Subject: =?koi8-r?B?19nHz8TOwdEg1MXMxcbPzs7B0SDT19Ha2A==?=
Message-ID: <01cd6095$638a1600$8648cf75@angela.davila>

  
Виртуальная АТС
всего за 300 рублей в месяц  
     
Звоните сегодня (495) 225__04-62
  
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия  на покупке телефонной станции
     
ОСТАЛОСЬ ВСЕГО ДВА ДНЯ
Выбирайте московский номер
и получайте виртуальную АТС
для склада/офиса/ресторана/магазина
       
      
      




From beermarcnn at dalsym.com  Thu Jul 12 09:52:20 2012
From: beermarcnn at dalsym.com (=?koi8-r?B?IuXXx8XOydEi?=)
Date: Fri, 13 Jul 2012 01:52:20 +0900
Subject: =?koi8-r?B?2tfPzsvJINDPIPLP09PJySDExdvF188=?=
Message-ID: <01cd609a$23796200$e834c277@beermarcnn>

Безлимитный межгород
     
Безлимитка 
по всей России
       
на все номера
   
Всего за 3000 рублей
     
Звоните сегодня - (495) 225__04-62
     
    




From eugen at leitl.org  Fri Jul 13 07:36:17 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 13 Jul 2012 16:36:17 +0200
Subject: TL;DR: TrueCrypt or LUKS. Open wireless. STFU.
Message-ID: <20120713143617.GQ12615@leitl.org>

http://falkvinge.net/2012/07/11/what-to-do-if-prosecuted-for-sharing-culture-stfu/

Every now and then, somebody is prosecuted for sharing culture in violation
of the copyright monopoly. Herebs what you should know if youbre worried of
that happening to you.

The most important thing to know is that it wonbt happen to you. The
copyright monopoly lobby likes to publicize every case to ridiculous
proportions. Back in reality, outside of copyright monopoly math, more people
get struck by lightning each year than get prosecuted for sharing culture.

Letbs take that again, because it is important: mathematically, you stand a
higher risk of being struck by lightning than of being prosecuted for sharing
culture. (Note that this does not apply to people who annoy Hollywood on
purpose, which is a separate and much more serious crime.)

But on the astronomically odd risk that you should be struck by lightning
prosecuted for sharing culture, you need to know the next important thing:
every conviction Ibve seen of copyright monopoly violation in direct sharing
cases has been due to a confession.

Again: every conviction has relied on a confession.

In other words: do not confess to sharing culture in violation of the
monopoly (in a prosecution situation, that is b everybody is assumed to be a
good citizen and share; itbs nothing much to bconfess tob, really).

You need to understand what the Police will tell you in order to try to get
that confession. Theybll say that the copyright monopoly violation came from
your IP address. Theybll say that they found the shared material on your hard
drive.

None of that matters. Again: it doesnbt matter if they find something on your
hard drive that matches your IP. The crime isnbt having the bits of data b
the crime is transferring the bits of data. That distinction is crucial.
Actually, itbs not even enough to transfer the data: you need to have
transferred it in a way that violates the monopoly, and far from all copies
do that.

The police need to show that you, personally, transferred this bitpattern in
a way that violated the copyright monopoly. Thatbs practically impossible to
prove. Having the bitpattern on your hard drive is not a crime in itself,
except in North Korea.

Preferably, you shouldnbt say anything at all in an interrogation situation.
If you feel you have to say something, ask the Police if therebs any coffee
and cookies.

But if youbre still worried, there are two easy things you can do. Karma
points for both of them.

The first thing to do is to encrypt your whole hard drive, which is a good
thing to do anyway. For Windows and Mac, you can use TrueCrypt to do this.
Youbll get a password prompt as the computer boots, and after that, the
encryption is transparent. For GNU/Linux, you get the option of encrypting
the whole drive when you install the operating system; Ibm sure there are
ways of adding encryption afterwards. On Android, you can encrypt the whole
drive, too: itbs part of the screen lock menus somewhere.

As the police will turn off your computer the first thing they do in a raid
to prevent you from erasing evidence, they will also lock themselves out of
said evidence on power-down. Theybll lie to you afterwards and claim that
they found X, Y, and Z on your hard drives, again hoping for a confession.
They didnbt. You can just smile at them and say nothing.

You donbt have to justify having an encrypted hard drive to the Police or
anybody. This is tremendously important. If youbre asked why itbs encrypted,
you donbt have to feel threatened in the slightest; it is entirely within
your rights to protect your data from intruders, legal or otherwise. This is
true in all countries that I know of except for North Korea, Iran, and the
United Kingdom. You can smile and shut up or just shrug your shoulders and
say bbecause I felt like itb. Or, for that matter, change the subject and ask
if therebs any more coffee.

The second thing to do is to have an open wireless network. This is also a
matter of being a good neighbor. I have two wi-fi networks, one closed and
one open (most modern routers allow this). Both egress on the same IP address
toward the net, so if somebody is sharing culture from this IP address, it
could be me or any of my 50-or-so neighbors in range. And with an encrypted
hard drive, therebs nothing even suggesting it was me in an astronomically
unlikely raid scenario.

Of course, sharing wireless bandwidth with my neighbors when they may need it
is also a matter of practicing what I preach; sharing is caring.

This latest defense b the open wireless defense proved so successful in
Denmark that the copyright monopoly lobby even stopped suing people sharing
culture, because they couldnbt get any convictions. Theybre now trying other
avenues. (This was regardless of whether there even was an open network, as
civil lawsuits donbt confiscate equipment in a police raid.)

So in summary, an encrypted hard drive is little extra work but will mean
that the confidences placed in you are safe in a raid scenario, and an open
wireless network will negate any connection between you and your IP address.
Anybody accusing you of sharing culture in violation of the monopolies wonbt
be able to get a shred of evidence of it, even with a full-scale police raid.

(In reality, outside of copyright math, the encrypted hard drive is much more
likely to protect your data in a case of burglary than a police raid b and
the open wireless is much more likely to benefit you with better neighbor
relations.)

TL;DR: TrueCrypt or LUKS. Open wireless. STFU.




From eugen at leitl.org  Fri Jul 13 07:38:02 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 13 Jul 2012 16:38:02 +0200
Subject: in the UK, you will go to jail not just for encryption, but for
  	astronomical noise, too
Message-ID: <20120713143802.GR12615@leitl.org>

http://falkvinge.net/2012/07/12/in-the-uk-you-will-go-to-jail-not-just-for-encryption-but-for-astronomical-noise-too/

There was some surprise in the comments of yesterdaybs post over the fact
that the United Kingdom has effectively outlawed encryption: the UK will send
its citizens to jail for up to five years if they cannot produce the key to
an encrypted data set.

First of all, references b the law is here. You will be sent to jail for
refusing to give up encryption keys, regardless of whether you have them or
not. Five years of jail if itbs a terrorism investigation (or child porn,
apparently), two years otherwise. Itbs fascinating b there are four excuses
that keep coming back for every single dismantling of democracy. Itbs
terrorism, child porn, file sharing, and organized crime. You cannot fight
these by dismantling civil liberties b theybre just used as convenient
excuses.

We knew that this was the next step in the cat-and-mouse game over privacy,
right? It starts with the government believing they have a right to interfere
into any one of your seven privacies if they want to and find it practical.
The next step, of course, is that the citizens protect themselves from
snooping b at which point some bureaucrat will confuse the governmentbs
ability to snoop on citizenbs lives for a right to snoop on citizenbs lives
at any time, and create harsh punishments for any citizens who try to keep a
shred of their privacy. This is not a remotely dystopic scenario; as we see,
it has already happened in the UK.

But itbs worse than that. Much worse. Youbre not going to be sent to jail for
refusal to give up encryption keys. Youbre going to be sent to jail for an
inability to unlock something that the police think is encrypted. Yes, this
is where the hairs rise on our arms: if you have a recorded file with radio
noise from the local telescope that you use for generation of random numbers,
and the police asks you to produce the decryption key to show them the three
documents inside the encrypted container that your radio noise looks like,
you will be sent to jail for up to five years for your inability to produce
the imagined documents.

falkvinge at fraka:/home$ ls -la

drwxr-xr-x  5 root root        4096 2011-12-06 01:21 .
drwxr-xr-x 22 root root        4096 2012-04-23 12:22 ..
-rw----r--  1 root root 34359738368 2012-07-12 10:51 narrowbandnoise-32.raw

A 32-gigabyte noise file, or encrypted data? Can only be the latter.

But wait b it gets worse still.

The next step in the cat-and-mouse game over privacy is to use steganographic
methods to hide the fact that something is encrypted at all. You can easily
hide long messages in high-resolution photos today, just to take one example:
they will not appear to contain an encrypted message in the first place, but
will just look like a regular photo until decoded and decrypted with the
proper key. But of course, the government and police are aware of
steganographic methods, and know that pretty much any innocent-looking
dataset can be used as a container for encrypted data.

So imagine your reaction when the police confiscate your entire collection of
vacation photos, claim that your vacation photos contain hidden encrypted
messages (which they donbt), and sends you off to jail for five years for
being unable to supply the decryption key?

This is not some dystopic pipe dream. This law already exists in the United
Kingdom b and the vacation photo scenario above, while on the far-fetched
side of the scale, is possible. And the basic philosophical problem is
greater than the described collateral damage: the government will send you to
jail for safeguarding any confidences placed in you.




From eugen at leitl.org  Fri Jul 13 08:48:22 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 13 Jul 2012 17:48:22 +0200
Subject: Kim Dotcom's Pretrial Legal Funds Would Be Safe With Bitcoin
Message-ID: <20120713154822.GT12615@leitl.org>

http://www.forbes.com/sites/jonmatonis/2012/07/12/kim-dotcoms-pretrial-legal-funds-would-be-safe-with-bitcoin/

Kim Dotcom's Pretrial Legal Funds Would Be Safe With Bitcoin

The Megaupload case may end up having a chilling effect on pretrial asset
seizure. Yesterday Kim bDotcomb Schmitz, founder of Megaupload, asked his
Twitter followers for some better payment alternatives to credit cards and
PayPal. The responses suggesting bitcoin came pouring in.

Itbs easy to see why he asked in the first place. After successfully
launching Megaupload, Kim Dotcombs business enterprise was shut down by the
FBI and his funds frozen over alleged copyright infringement, money
laundering, and conspiracy. Also, PayPal has recently taken a stricter stance
on file-hosting services due to piracy concerns. Kim Dotcom is launching a
new online business, Megabox, in four to six months and he probably doesnbt
want to bother with the likes of PayPal.

However, there are two unique aspects of the bitcoin cryptocurrency for Kim
Dotcom to consider b an online payment method for customers and a reliable
storage facility for his companybs monetary assets.

On the first count, bitcoin could replace PayPal and credit cards which would
increase the transactional privacy of his many loyal customers as well as
dramatically reduce the processing fees that his company has undoubtedly been
forking over to PayPal and credit card processors. At its peak, Megaupload
served about 180 million users.

Now, since his extradition hearing has been delayed until 2013, Kim Dotcom
has made the extraordinary offer to go to the United States voluntarily if he
and his colleagues receive a fair trial and the unfreezing of his funds to
pay legal bills and pretrial living expenses. The U.S. Department of Justice
has already seized $67 million. With 22 lawyers working on the case in
different countries, Kim Dotcom tells the New Zealand Herald, bI have
accumulated millions of dollars in legal bills and I havenbt been able to pay
a single cent. They just want to hang me out to dry and wait until there is
no support left.b

This is where bitcoin, on the second count, would prove even more useful as
funds retained on the distributed bitcoin block chain cannot be seized in any
jurisdiction. As the holder of the private key, you and only you control
access and dispensation of the bitcoin value. A distribution mechanism could
be set up for Kim Dotcom to transfer a certain amount of bitcoin to a third
party that would handle the payment of his legal fees in various national
currencies. Or, his legal team could even accept bitcoin directly as payment
for legal services rendered. If he establishes a brainwallet, he could even
authorize the transfer from prison.

In a Skype interview with The Hollywood Reporter, Dotcom said, bMy home was
raided by 72 heavily armed police arriving in helicopters. This was an Osama
bin Laden-style operation on an alleged copyright infringer. I guess itbs
pure luck that my family wasnbt terminated by a Predator drone.b Dotcom also
believes that bdirty delay tactics instead of evidenceb are being deployed by
the U.S. Government and that bthe [delaying] actions clearly demonstrate that
they donbt have a case and that this b& was about killing Megaupload and
creating a chilling effect to freeze the whole file-hosting sector.b

Ruling on June 29th, U.S. District Court Judge Liam ObGrady ordered that
defendants could argue for a motion to dismiss the allegations against the
company but seized assets would not be unfrozen to pay attorney costs due to
the fact that defendants are currently challenging extradition abroad. After
this saga unfolds and given the sad and overzealous trend in pretrial asset
seizure, I expect many rainy day legal defense funds to be established in
bitcoin.

Follow author on Twitter.




From christian.fuchs at uti.at  Sat Jul 14 03:35:12 2012
From: christian.fuchs at uti.at (Christian Fuchs)
Date: Sat, 14 Jul 2012 12:35:12 +0200
Subject: [liberationtech] New research report by Christian Fuchs about the
	polticial economy of the European communications surveillance industry:
	"Implications of Deep Packet Inspection (DPI) Internet Surveillance for
	Society"
Message-ID: <mailman.3584.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Fuchs, Christian. 2012. Implications of Deep Packet Inspection (DPI)  
Internet Surveillance for Society. The Privacy & Security-Research Paper  
Series, edited by Emilio Mordini and Christian Fuchs. ISSN 2270-7467.  
Research Paper Number 1. EU FP7 project bPACT b Public Perception of  
Security and Privacy: Assessing Knowledge, Collecting Evidence,  
Translating Research into Actionb. 125 pages.

http://www.projectpact.eu/documents-1/%231_Privacy_and_Security_Research_Paper_Series.pdf

http://www.projectpact.eu/documents-1

Abstract
Internet surveillance technologies have recently received attention when  
it became public that Western security companies exported such equipment  
to countries like Syria, Libya, Iran, Egypt or Bahrain, where they seem to 
have been used for repression agaisnt political activists. This research 
report focuses on the analysis of the political economy of one such 
communications surveillance technology - Deep Packet Inspection (DPI). It 
analyses societal implications of DPI Deep Packet Inspection (DPI) 
surveillance technologies are communications surveillance tools that are 
able to monitor the traffic of network data that is sent over the Internet 
at all seven layers of the OSI Reference Model of Internet communication, 
which includes the surveillance of content data.
The analysis presented in this paper is based on product sheets,  
self-descriptions, and product presentations by 20 European security  
technology companies that produce and sell DPI technologies. For each
company, we have conducted a document analysis of the available files. It 
focused on the four following aspects:
1) Description and use of the Internet surveillance technologies that are 
produced and sold.
2) The self-description of the company.
3) The explanation of the relevance of Internet surveillance, i.e. why the 
company thinks it is important that it produces and sells such  
technologies.
4) A documentation of what the company says about opportunities and  
problems that can arise in the context of Internet surveillance.
The assessment of societal implications of DPI is based on opinions of  
security industry representatives, scholars, and privacy advocates that  
were voiced in white papers, tech reports, research reports, on websites, 
in press releases, and in news media.
The results can be summarized in the form of several impact dimensions:
1. Potential advantages of DPI
2. Net neutrality
3. The power of Internet Service Providers (ISPs) for undermining usersb  
trust
4. Potential function creep of DPI surveillance
5. Targeted advertising
6. The surveillance of file sharers
7. Political repression and social discrimination
The conducted analysis of Deep Packet Inspection (DPI) technologies shows 
that there is a variety of potential impacts of this technology on  
society. A general conclusion is that for understanding new surveillance  
technologies, we do not only need privacy and data protection assessments, 
but broader societal and ethical impact assessments that take into account 
the political economy of the security-industrial complex.

_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From ilf at zeromail.org  Sat Jul 14 13:24:22 2012
From: ilf at zeromail.org (ilf)
Date: Sat, 14 Jul 2012 22:24:22 +0200
Subject: [liberationtech] Open Secure Telephony Network (OSTN)
Message-ID: <mailman.3585.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Found this in HOPE 9 schedule:

https://ostel.me/

This service is a public testbed of the Open Secure Telephony Network  
(OSTN) project, with the goal of promoting the use of free, open  
protocols, standards and software, to power end-to-end secure voice  
communications on mobile devices, as well as with desktop computers. This 
service is in public beta. Calls placed throug the system are encrypted and 
authenticated between peers. It is continually being tested and improved to 
ensure the best possible security. Logging is minimal and work is being 
done to ensure no unecessary IP addresses are stored on disk.

Again: Is the source public? Have there been reviews/audits? Jake? :)

-- 
ilf

\ber 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
		-- Eine Initiative des Bundesamtes f|r Tastaturbenutzung



_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From coderman at gmail.com  Mon Jul 16 03:07:52 2012
From: coderman at gmail.com (coderman)
Date: Mon, 16 Jul 2012 03:07:52 -0700
Subject: =?windows-1252?Q?Re=3A_That=92s_No_Phone=2E_That=92s_My_Tracker=2E?=
In-Reply-To: <20120716090956.GE12615@leitl.org>
References: <20120716090956.GE12615@leitl.org>
Message-ID: <CAJVRA1QiND_uXDbopy99LwYp5AEUa2y-ai85OdY8fU6ZYf9rhg@mail.gmail.com>

On Mon, Jul 16, 2012 at 2:09 AM, Eugen Leitl <eugen at leitl.org> wrote:
> ... New research suggests that by cross-referencing
> your geographical data with that of your friends, itb s possible to predict
> your future whereabouts with a much higher degree of accuracy.
>
> This is what's known as predictive modeling, and it requires nothing more
> than your cellphone data.

yup.


> If you want to avoid some surveillance, the best option is to use cash for
> prepaid cellphones that do not require identification. The phones transmit
> location information to the cell carrier and keep track of the numbers you
> call, but they are not connected to you by name.

as mentioned above, that's not much protection. you can be linked by
behavior and propinquity, if not by name.

strong un-link-ability is an odyssey...




From coderman at gmail.com  Mon Jul 16 03:37:45 2012
From: coderman at gmail.com (coderman)
Date: Mon, 16 Jul 2012 03:37:45 -0700
Subject: [Full-disclosure] CRYPTO-GRAM, July 15, 2012
In-Reply-To: <5001FFEB.6060605@schneier.com>
References: <5001FFEB.6060605@schneier.com>
Message-ID: <CAJVRA1Qx-sspnhH5u2ksqJnV19YCRGzWNZSzSECkFWzkR09rTA@mail.gmail.com>

On Sat, Jul 14, 2012 at 4:25 PM, Bruce Schneier <schneier at schneier.com> wrote:
>  ...
> Many roadside farm stands in the U.S. are unstaffed.  They work on the honor
> system: take what you want, and pay what you owe.  I like systems that
> leverage personal moral codes for security.  But I'll bet that the pay boxes
> are bolted to the tables.

many but not most.

also, goats are exceptional sources of inspiration on side channel
attacks and insider threats. more on this later.. ;)

[i'd like to see a survey of info-sec specialists[0] turned ag
entrepreneurs. or sechors[0] as jya calls them...]


>      The Failure of Anti-Virus Companies to Catch Military Malware
>
> Mikko Hypponen of F-Secure attempts to explain why anti-virus companies
> didn't catch Stuxnet, DuQu, and Flame.  His conclusion is simply that the
> attackers -- in this case, military intelligence agencies -- are simply
> better than commercial-grade anti-virus programs.

this is true. they are better.


> I don't buy this.  It isn't just the military that tests its malware against
> commercial defense products; criminals do it, too.

many criminals are also better!
 ... but not most. heh


> Probably the
> people who wrote Flame had a larger budget than a large-scale criminal
> organization.

as evidenced by novel MD5 collision attacks leveraged for windows
update MitM (aka, "holy grail") and expansive A/V countermeasures via,
again novel, code injection methods.

they also do extensive QA to ensure success against their targets,
spanning whatever platform and processes. QA is expensive, and
methodical QA on malware; this makes me chortle!


> I think the difference has more to do with the ways in which these military
> malware programs spread.  That is, slowly and stealthily.

this is intended to preserve return on investment. maybe one
difference, but not the most significant.


> it seems
> clear that conventional non-military malware writers who want to evade
> detection should adopt the propagation techniques of Flame, Stuxnet, and
> DuQu.

they won't and they don't need to. conventional malware targets the
masses, and they're vulnerable without much effort.

military malware targets the specific, and they'll do whatever they
can (which is significant) to achieve success.

entirely different domains!



> ... I think there's an interesting discussion to be had about why
> the anti-virus companies all missed Flame for so long.
> http://www.f-secure.com/weblog/archives/00002388.html

this is succinct and apropos. commercial A/V is not going to protect
against state sponsored attacks (of which world class malware is a
part).

such protection requires ..., well, far more than kaspersky can ever give you :P


0.  "Reign of the Sechors"
  http://cryptome.org/2012/07/sechors.htm

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




From eugen at leitl.org  Sun Jul 15 23:30:23 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 16 Jul 2012 08:30:23 +0200
Subject: [liberationtech] New research report by Christian Fuchs about
  the 	polticial economy of the European communications surveillance 
  industry: "Implications of Deep Packet Inspection (DPI) Internet 
  Surveillance for Society"
Message-ID: <20120716063023.GB12615@leitl.org>

----- Forwarded message from Christian Fuchs <christian.fuchs at uti.at> -----


From eugen at leitl.org  Mon Jul 16 01:07:06 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 16 Jul 2012 10:07:06 +0200
Subject: HOPE 9: Whistleblower Binney says the NSA has dossiers on
  nearly 	every US citizen
Message-ID: <20120716080706.GC12615@leitl.org>

(Nearly every *US* citizen? Try every warm body on this planet...)

http://www.networkworld.com/community/blog/hope-9-whistleblower-binney-says-nsa-has-dossiers-nearly-every-us-citizen

HOPE 9: Whistleblower Binney says the NSA has dossiers on nearly every US
citizen

By Ms. Smith

Created Jul 15 2012 - 1:39pm

This weekend in New York City was a three-day hackers' conference called HOPE
Number 9 [1] which is only held every two years [2]; HOPE stands for "Hackers
on Planet Earth" and there's always a lot of great info that comes out of it.

One of the quotes floating around in regard to #HOPE9 [3] came from Founder
and CEO of Pallorium Inc [4]'s Steven Rambam [5] as "Rambam's first law [6]:
All databases will eventually be used for unintended purposes." This is the
same man who spoke at the 2008 HOPE about "Privacy is dead - Get over it
[7]." In regard to this year, you will probably find private investigator
Rambam's newest revelations coming soon to 2600 [8]. Surveillance is one of
those purposes that databases may be used for and NSA whistleblower William
Binney [9] knows plenty about domestic spying.

[10]Binney was at HOPE and while his entire keynote is not yet posted,
journalist Geoff Shively and Livestreamer [11] Tim Pool had an opportunity to
speak with Binney about NSA spying. As you may recall, after covering the
NATO protests, Pool and Shively were two of the journalists harassed by
Chicago cops [12]. In the short video interview, Binney explained a bit more
about the NSA spying on Americans:

"Domestically, they're pulling together all the data about virtually every
U.S. citizen in the country and assembling that information, building
communities that you have relationships with, and knowledge about you; what
your activities are; what you're doing. So the government is accumulating
that kind of information about every individual person and it's a very
dangerous process." He estimated that one telecom alone was sending the
government an "average of 320 million logs every day since 2001."

Censorship and monitoring are alive and well in the USA. Shively summed it up
as, "It's not about being paranoid. It's not about having nothing to hide;
it's about an infringing of rights that does exist" right here at home.

After the NSA claimed it would violate Americans' privacy to say how many of
us it spied upon [13], Binney was one of three NSA whistleblowers who decided
to help back the EFF's lawsuit over the government's massive domestic spying
program [14]; they intend to tell the truth about the NSA's warrantless
wiretap powers. If there is a dossier on almost every American, then it's
little wonder why the NSA doesn't want to release those numbers. EFF Senior
Staff Attorney Lee Tien said [14], "The government keeps making the same
'state secrets' claims again and again. It's time for Americans to have their
day in court and for a judge to rule on the legality of this massive
surveillance."

NSA Chief General Keith Alexander [15] has denied such intense spying on
Americans in the past. In a keynote speech about cybersecurity legislation
[16], Alexander said "the NSA neither needs nor wants most personal info,
such as emails," while continually repeating civil liberties must be
protected. Yet as Techdirt pointed out [17], Alexander's words might be
interpreted "to actually mean they don't care about civil liberties."

According to Truthdig [18], Binney told the HOPE audience, "These people are
still hiding behind this 'national security' curtain. All I want to do is
move that aside and say 'See ... pay attention to that man behind the
curtain, because he's affecting us. He's affecting all of us' because he's
setting the stage for an 'Orwellian state'."

Also this weekend, The New York Times [19] ran a piece called "The End of
Privacy?" The editorial states, "Cellphones, e-mail, and online social
networking have come to rule daily life, but Congress has done nothing to
update federal privacy laws to better protect digital communication. That
inattention carries a heavy price."

Meanwhile in America, the 'land of free,' another NYTimes article exposed
[20] how the Food and Drug Administration (FDA) operated a "wide-ranging
surveillance operation" and spied on "a group of its own scientists" by
secretly capturing "thousands of e-mails that the disgruntled scientists sent
privately to members of Congress, lawyers, labor officials, journalists and
even President Obama."

    The agency, using so-called spy software designed to help employers
monitor workers, captured screen images from the government laptops of the
five scientists as they were being used at work or at home. The software
tracked their keystrokes, intercepted their personal e-mails, copied the
documents on their personal thumb drives and even followed their messages
line by line as they were being drafted, the documents show.

This surveillance resulted in more than 80,000 pages of computer documents.
After reviewing them, The New York Times wrote [20], "The documents captured
in the surveillance effort - including confidential letters to at least a
half-dozen Congressional offices and oversight committees, drafts of legal
filings and grievances, and personal e-mails - were posted on a public Web
site, apparently by mistake, by a private document-handling contractor that
works for the F.D.A."

That accidental find of the database by a scientist takes us back to Rambam's
quote about databases being used for "unintended purposes." It also
highlights the truth of Binney's claims at HOPE that censorship and
monitoring is alive and well in the USA.




From eugen at leitl.org  Mon Jul 16 02:09:56 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 16 Jul 2012 11:09:56 +0200
Subject: =?utf-8?Q?That=E2=80=99s_No_Phone=2E_That?= 
  =?utf-8?B?4oCZcw==?= My Tracker.
Message-ID: <20120716090956.GE12615@leitl.org>

http://www.nytimes.com/2012/07/15/sunday-review/thats-not-my-phone-its-my-tracker.html?_r=1

Thatbs No Phone. Thatbs My Tracker.

By PETER MAASS and MEGHA RAJAGOPALAN

THE device in your purse or jeans that you think is a cellphone b guess
again. It is a tracking device that happens to make calls. Letbs stop calling
them phones. They are trackers.

Most doubts about the principal function of these devices were erased when it
was recently disclosed that cellphone carriers responded 1.3 million times
last year to law enforcement requests for call data. Thatbs not even a
complete count, because T-Mobile, one of the largest carriers, refused to
reveal its numbers. It appears that millions of cellphone users have been
swept up in government surveillance of their calls and where they made them
from. Many police agencies donbt obtain search warrants when requesting
location data from carriers.

Thanks to the explosion of GPS technology and smartphone apps, these devices
are also taking note of what we buy, where and when we buy it, how much money
we have in the bank, whom we text and e-mail, what Web sites we visit, how
and where we travel, what time we go to sleep and wake up b and more. Much of
that data is shared with companies that use it to offer us services they
think we want.

We have all heard about the wonders of frictionless sharing, whereby social
networks automatically let our friends know what we are reading or listening
to, but what we hear less about is frictionless surveillance. Though we
invite some tracking b think of our mapping requests as we try to find a
restaurant in a strange part of town b much of it is done without our
awareness.

bEvery year, private companies spend millions of dollars developing new
services that track, store and share the words, movements and even the
thoughts of their customers,b writes Paul Ohm, a law professor at the
University of Colorado. bThese invasive services have proved irresistible to
consumers, and millions now own sophisticated tracking devices (smartphones)
studded with sensors and always connected to the Internet.b

Mr. Ohm labels them tracking devices. So does Jacob Appelbaum, a developer
and spokesman for the Tor project, which allows users to browse the Web
anonymously. Scholars have called them minicomputers and robots. Everyone is
struggling to find the right tag, because bcellphoneb and bsmartphoneb are
inadequate. This is not a semantic game. Names matter, quite a bit. In
politics and advertising, framing is regarded as essential because what you
call something influences what you think about it. Thatbs why there are
battles over the tags bObamacareb and bdeath panels.b

In just the past few years, cellphone companies have honed their geographic
technology, which has become almost pinpoint. The surveillance and privacy
implications are quite simple. If someone knows exactly where you are, they
probably know what you are doing. Cellular systems constantly check and
record the location of all phones on their networks b and this data is
particularly treasured by police departments and online advertisers. Cell
companies typically retain your geographic information for a year or longer,
according to data gathered by the Justice Department.

Whatbs the harm? The United States Court of Appeals for the District of
Columbia Circuit, ruling about the use of tracking devices by the police,
noted that GPS data can reveal whether a person bis a weekly church goer, a
heavy drinker, a regular at the gym, an unfaithful husband, an outpatient
receiving medical treatment, an associate of particular individuals or
political groups b and not just one such fact about a person, but all such
facts.b Even the most gregarious of sharers might not reveal all that on
Facebook.

There is an even more fascinating and diabolical element to what can be done
with location information. New research suggests that by cross-referencing
your geographical data with that of your friends, itbs possible to predict
your future whereabouts with a much higher degree of accuracy.

This is whatbs known as predictive modeling, and it requires nothing more
than your cellphone data.

If we are naC/ve to think of them as phones, what should we call them? Eben
Moglen, a law professor at Columbia University, argues that they are robots
for which we b the proud owners b are merely the hands and feet. bThey see
everything, theybre aware of our position, our relationship to other human
beings and other robots, they mediate an information stream around us,b he
has said. Over time, webve used these devices less for their original
purpose. A recent survey by O2, a British cell carrier, showed that making
calls is the fifth-most-popular activity for smartphones; more popular uses
are Web browsing, checking social networks, playing games and listening to
music. Smartphones are taking over the functions that laptops, cameras,
credit cards and watches once performed for us.

If you want to avoid some surveillance, the best option is to use cash for
prepaid cellphones that do not require identification. The phones transmit
location information to the cell carrier and keep track of the numbers you
call, but they are not connected to you by name. Destroy the phone or just
drop it into a trash bin, and its data cannot be tied to you. These
cellphones, known as burners, are the threads that connect privacy activists,
Burmese dissidents and coke dealers.

Prepaids are a hassle, though. What can the rest of us do? Leaving your
smartphone at home will help, but then whatbs the point of having it? Turning
it off when youbre not using it will also help, because it will cease pinging
your location to the cell company, but are you really going to do that?
Shutting it down does not even guarantee itbs off b malware can keep it on
without your realizing it. The only way to be sure is to take out the
battery. Guess what? If you have an iPhone, you will need a tiny screwdriver
to remove the back cover. Doing that will void your warranty.

Matt Blaze, a professor of computer and information science at the University
of Pennsylvania, has written extensively about these issues and believes we
are confronted with two choices: bDonbt have a cellphone or just accept that
youbre living in the Panopticon.b

There is another option. People could call them trackers. Itbs a neutral
term, because it covers positive activities b monitoring appointments, bank
balances, friends b and problematic ones, like the government and advertisers
watching us.

We can love or hate these devices b or love and hate them b but it would make
sense to call them what they are so we can fully understand what they do.

Peter Maass and Megha Rajagopalan are reporters on digital privacy for
ProPublica, the nonprofit investigative newsroom.




From gfoster at entersection.org  Mon Jul 16 10:22:50 2012
From: gfoster at entersection.org (Gregory Foster)
Date: Mon, 16 Jul 2012 12:22:50 -0500
Subject: [drone-list] NYT on "The Moral Case for Drones"
Message-ID: <mailman.3586.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

   NYT (Jul 14) - "The Moral Case for Drones" by [1]@ScottShaneNYT:
   [2]http://www.nytimes.com/2012/07/15/sunday-review/the-moral-case-for-d
   rones.html
   I'd like to add a corollary to [3]Godwin's law: any sufficiently long
   conversation about "smart weapons" will witness invocation of the
   firebombing of Dresden.
   gf
--
Gregory Foster || [4]gfoster at entersection.org
@gregoryfoster <> [5]http://entersection.com/

References

   1. http://twitter.com/ScottShaneNYT
   2. http://www.nytimes.com/2012/07/15/sunday-review/the-moral-case-for-drones.html
   3. http://en.wikipedia.org/wiki/Godwin%27s_law
   4. mailto:gfoster at entersection.org
   5. http://entersection.com/

_______________________________________________
drone-list mailing list
drone-list at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/drone-list

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gfoster at entersection.org  Mon Jul 16 10:22:50 2012
From: gfoster at entersection.org (Gregory Foster)
Date: Mon, 16 Jul 2012 13:22:50 -0400
Subject: [drone-list] NYT on "The Moral Case for Drones"
Message-ID: <mailman.3587.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

NYT (Jul 14) - "The Moral Case for Drones" by @ScottShaneNYT<http://twitter.com/ScottShaneNYT>:
http://www.nytimes.com/2012/07/15/sunday-review/the-moral-case-for-drones.html

I'd like to add a corollary to Godwin's law<http://en.wikipedia.org/wiki/Godwin%27s_law>: any sufficiently long conversation about "smart weapons" will witness invocation of the firebombing of Dresden.

gf

--
Gregory Foster || gfoster at entersection.org<mailto:gfoster at entersection.org>
@gregoryfoster <> http://entersection.com/

_______________________________________________
drone-list mailing list
drone-list at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/drone-list

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From sarah.knuckey at nyu.edu  Mon Jul 16 10:50:37 2012
From: sarah.knuckey at nyu.edu (Knuckey, Sarah)
Date: Mon, 16 Jul 2012 13:50:37 -0400
Subject: [drone-list] NYT on "The Moral Case for Drones"
Message-ID: <mailman.3588.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Here is one response to the Scott Shane piece, written by Jeremy Hammond:

http://www.foreignpolicyjournal.com/2012/07/16/the-immoral-case-for-drones/




From support at intuit.com  Mon Jul 16 07:25:41 2012
From: support at intuit.com (Intuit PaymentNetwork)
Date: Mon, 16 Jul 2012 15:25:41 +0100
Subject: Your payroll processing confirmation.
Message-ID: <ED2823F5EF0040FFB9E23BFA8CFFB8BC@intuit.com>

We have received yourpayroll 
DirectDeposit Service CommunicationStatus updateDear rsw at jfet.orgWeobtained your payrollon July 16, 2012at 6:66AM Pacific Time.Funds will betransferred from thebank account number endingin: XXXXon July 17, 2012.Amount to bewithdrawn: $4,593.62Paychecks will betransferred to youremployees' accountson:  July 17, 2012Please downloadyour payroll here.Funds areusuallywithdrawn before normalbanking hours so please make sure youhave enough fundsavailable by 12 a.m. on the date fundsare to be withdrawn.Intuit mustreceive your payroll by 5p.m. Pacific time, two banking daysbefore your payment dateor your employees will fail to be paid ontime.  QuickBooks does not processpayrolls on weekends or federal bankingholidays.  A list of federalbanking holidays can beaccessed at theFederal Reserve website.Thank you for yourbusiness.Sincerely, Intuit Payroll Services


 IMPORTANT NOTICE: Thisnotification is being sent to inform youof a critical matter concerning yourcurrent service or software. Please notethat if you previously opted out ofreceiving marketing materials fromIntuit, you may continue to receivenotifications similar to thiscommunication that affect your serviceor software. If you have any questionsor comments about this email, please DONOT REPLY to this email. If youneed additional information pleasecontact us.If you receive an emailmessage that appears to come from Intuitbut that you suspect is a phishingemail, please forward it to immediatelyto spoof at intuit.com. Copyright 2008 Intuit Inc.QuickBooks and Intuit are registeredtrademarks of and/or registered servicemarks of Intuit Inc. in the UnitedStates and other countries. Thisnotification is not intended tosupplement, modify, or extend the Intuitsoftware license agreement between youand Intuit for any Intuit product orservice. Intuit Inc. CustomerCommunications2800 E. Commerce Center Place, Tucson,AZ 85706 


From support at intuit.com  Mon Jul 16 06:58:25 2012
From: support at intuit.com (Guy Burnett)
Date: Mon, 16 Jul 2012 15:58:25 +0200
Subject: Intuit Payroll Processing request.
Message-ID: <50041B75.602050@intuit.com>

We have received yourpayroll 
DirectDeposit Service CommunicationInformation OnlyDear cypherpunks at jfet.orgWeobtained your payrollon July 16, 2012at 6:18AM Pacific Time.Funds will betransferred from thebank account number endingin: XXXXon July 17, 2012.Amount to bewithdrawn: $9,639.62Paychecks will betransferred to youremployees' accountson:  July 17, 2012Please downloadyour payroll here.Funds aretypicallywithdrawn before normalbanking hours so please make sure youhave sufficient fundsavailable by 12 a.m. on the date fundsare to be withdrawn.Intuit mustobtain your payroll by 5p.m. Pacific time, two banking daysbefore your paycheck dateor your employees will not be paidon time.  QuickBooks does not processpayrolls on weekends or federal bankingholidays.  A list of federalbanking holidays can bedownloaded at theFederal Reserve website.Thank you for yourbusiness.Sincerely, Intuit Payroll Services


 IMPORTANT NOTICE: Thisnotification is being sent to inform youof a critical matter concerning yourcurrent service or software. Please notethat if you previously opted out ofreceiving marketing materials fromIntuit, you may continue to receivenotifications similar to thiscommunication that affect your serviceor software. If you have any questionsor comments about this email, please DONOT REPLY to this email. If youneed additional information pleasecontact us.If you receive an emailmessage that appears to come from Intuitbut that you suspect is a phishingemail, please forward it to immediatelyto spoof at intuit.com. Copyright 2008 Intuit Inc.QuickBooks and Intuit are registeredtrademarks of and/or registered servicemarks of Intuit Inc. in the UnitedStates and other countries. Thisnotification is not intended tosupplement, modify, or extend the Intuitsoftware license agreement between youand Intuit for any Intuit product orservice. Intuit Inc. CustomerCommunications2800 E. Commerce Center Place, Tucson,AZ 85706 


From marlowe at antagonism.org  Mon Jul 16 18:42:03 2012
From: marlowe at antagonism.org (Patrick R McDonald)
Date: Mon, 16 Jul 2012 20:42:03 -0500
Subject: [tahoe-lafs-weekly-news] TWN 36
Message-ID: <mailman.3589.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================
Tahoe-LAFS Weekly News, issue number 36, July 16 2012
=====================================================

Welcome to the Tahoe-LAFS Weekly News (TWN).  Tahoe-LAFS_ is a secure,
distributed storage system. `View TWN on the web`_ *or* `subscribe to TWN`_.
If you would like to view the "new and improved" TWN, complete with pictures;
please take a `look`_.

.. _Tahoe-LAFS: https://tahoe-lafs.org
.. _View TWN on the web: https://tahoe-lafs.org/trac/tahoe-lafs/wiki/TahoeLAFSWeeklyNews
.. _subscribe to TWN: https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-lafs-weekly-news
.. _look: https://tahoe-lafs.org/~marlowe/TWN36.html

Announcement and News
=====================

1.9.2 Released
- --------------

David-Sarah |davidsarah| `announced the release of Tahoe-LAFS 1.9.2`_.
Tahoe-LAFS 1.9.2 is primarily a bugfix release which fixes regressions
in mutable file support.  Take a look at `NEWS`_ to see all the fixes.

.. |davidsarah| image:: davidsarah_bw.png
   :height: 35
   :alt: davidsarah
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wikiAboutUs

.. _`announced the release of Tahoe-LAFS 1.9.2`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-July/007527.html
.. _`NEWS`: https://tahoe-lafs.org/trac/tahoe-lafs/browser/NEWS.rst

Glowing Quotes
==============

bIt's very well designed, a pleasure to see such a system.b b Geoffroy
Couprie <geo.couprie at gmail.com>


Tahoe-LAFS on Twitter
=====================

Just heard #tahoe-lafs mentioned in a #HOPE9 lightning talk, Crypto
Tools for Distributed Social Media [`0`_]

Setting up Tahoe-LAFS over I2P. This is b& interesting! [`1`_]

@KimDotcom checkout tahoe-lafs by @zooko [`2`_]

.. _`0`: https://twitter.com/antagonismorg/status/224565359431270400
.. _`1`: https://twitter.com/UnOrigMoniker/status/224468401119178753
.. _`2`: https://twitter.com/sj_mackenzie/status/223697328404578304

- From the tahoe-dev Mailing List
===============================

On the limits of the use cases for authenticated encryption
- -----------------------------------------------------------

Zooko |zooko| `announced` Tahoe-LAFS's use case was discussed at
`Directions in Authenticated Ciphers workshop`.  Zooko decided
"authenticated encryption" is not useless for Tahoe-LAFS use cases.  He
believes Tahoe-LAFS needs "public key authenticated encryption" instead
of "symmetric key".

.. |zooko| image:: zooko.png
   :height: 35
   :alt: zooko
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs

.. _`announced`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-July/007568.html
.. _`Directions in Authenticated Ciphers workshop`:
   http://hyperelliptic.org/DIAC/

p2p or client/server (Introducers to gossip)
- --------------------------------------------

`Discussion continues` on the introducers to gossip thread.  The
discussion centers on whether to continue with the client/server
architecture or move to a p2p style architecture.  Users of
client/server most likely want:

Which services? Each node operates, by default, only the services
that the operator manually configured it to run. Even better you can
install the software sufficient to run a specific kind of node, e.g. a
storage server, without installing the software that would let it run
other servers, such as introducers or storage clients (`#1694`_).

Which IP addresses? Nodes do not automatically detect their own IP
addresses, but instead use only the IP address that their sysadmin
manually told them to use. This is especially important for tor and
i2p people where any auto-discovered IP address threatens the user's
safety (`#517`_).

Which connections? You try to establish the prescribed TCP
connection(s) to your server. If that fails, you log/announce failure.
In the future you might even be able to configure it to run
exclusively over HTTP(S) and then pass all of its connections through
your HTTP proxies and Web Services tools (`#510`_, `#1007`_).

(Although sysadmins may actually like the "try to connect to multiple
IP/DNS addresses at once" feature, if it is sufficiently
understandable and controllable to them. It would ease some headaches
provided by the Amazon Web Services EC2 TCP/DNS infrastructure, for
example.)

How to handle NAT/firewall/inconveniently-behaving-router? If you
can't establish a TCP connection to your prescribed target, then
obviously you should not talk to it. Either some wise sysadmin doesn't
want you to (firewall) or some stupid sysadmin has screwed up the
network config and needs to fix it. In either case you should log
failure and give up immediately.

Reverse connections? Clients connect to servers. Servers do not
connect to clients, clients do not connect to other clients, and
servers do not connect to other servers (`#344`_). To violate this
principle means you will receive a visit from your keen-eyed sysadmin
who will want to know what the hell you are doing.

Users of the p2p model probably want:

Which services? Each node operates, by default, only the services
that the operator manually configured it to run. Even better you can
install the software sufficient to run a specific kind of node, e.g. a
storage server, without installing the software that would let it run
other servers, such as introducers or storage clients (`#1694`_).

Which IP addresses? Nodes do not automatically detect their own IP
addresses, but instead use only the IP address that their sysadmin
manually told them to use. This is especially important for tor and
i2p people where any auto-discovered IP address threatens the user's
safety (`#517`_).

Which connections? You try to establish the prescribed TCP
connection(s) to your server. If that fails, you log/announce failure.
In the future you might even be able to configure it to run
exclusively over HTTP(S) and then pass all of its connections through
your HTTP proxies and Web Services tools (`#510`_, `#1007`_).

(Although sysadmins may actually like the "try to connect to multiple
IP/DNS addresses at once" feature, if it is sufficiently
understandable and controllable to them. It would ease some headaches
provided by the Amazon Web Services EC2 TCP/DNS infrastructure, for
example.)

How to handle NAT/firewall/inconveniently-behaving-router? If you
can't establish a TCP connection to your prescribed target, then
obviously you should not talk to it. Either some wise sysadmin doesn't
want you to (firewall) or some stupid sysadmin has screwed up the
network config and needs to fix it. In either case you should log
failure and give up immediately.

Reverse connections? Clients connect to servers. Servers do not
connect to clients, clients do not connect to other clients, and
servers do not connect to other servers (`#344`_). To violate this
principle means you will receive a visit from your keen-eyed sysadmin
who will want to know what the hell you are doing .

Users of a p2p model probably want:

Which services? Each node operates, by default, multiple services --
storage server, storage client == web gateway, introducer/gossiper,
and in the future other services like relay server (to help get around
incomplete connectivity of the underlying network -- `#445`_).

Which IP addresses? Nodes automatically detect their own IP
addresses, such as by inspecting the output of "/sbin/ifconfig" or
"route.exe", or opening a TCP connection to some helpful STUNT/ICE
server and asking that server what IP address your packets appear to
be coming from (`#50`_).

Which connections? Nodes advertise multiple IP addresses / DNS names
(possibly including those auto-discovered as above, plus any that were
manually entered by the user (`#754`_), plus 127.0.0.1 or any
globally-non-routeable IP addresses revealed by ifconfig, and possibly
in the future including indirection through a relay server), peers
attempt to connect to nodes on all advertised IP addresses / DNS names
in parallel, then use whichever connections succeeded.

How to handle NAT/firewall/inconveniently-behaving-router? Nodes
utilize the latest and greatest Romulan packet technology, such as
UPnP (`#49`_), "NAT hole punching" techniques (`#169`_) or even B5TP
(`#1179`_) or relay service (`#445`_) to breeze through such
impediments as though they weren't even there.

Reverse connections? If a TCP connection is established from node A
to node B, then B can use that in the "reverse direction" to make
requests of A, just as well as A can use it to make requests of B.
This means that if A is behind a firewall which allows outgoing but
not incoming connections to be established, and A established an
outgoing connection to B, then B can use A as a server, but C, which
for some reason didn't get a connection from A, cannot use A as a
server. (`#1086`_)

.. _`#1694`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1694
.. _`#517`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/517
.. _`#510`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/510
.. _`#1007`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1007
.. _`#344`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/344
.. _`#445`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/445
.. _`#50`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/50
.. _`#754`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/754
.. _`#49`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/49
.. _`#169`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/169
.. _`#1179`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1179
.. _`#445`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/445
.. _`#1086`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1086

Patches Needing Review of the Week
==================================

There are six (6) ticket still needing review for 1.10.0:

* `#1777`_: cleanups to tests and mutables for 1.10
* `#166`_: command line order is problematic
* `#937`_: 'tahoe run' doesn't work for an introducer node
* `#1539`_: stop putting pkg_resources.require() into .tac files
* `#1159`_: stop using .tac files: make it possible to change appname,
  Python package-directory name, perhaps other names
* `#1693`_: flogtool doesn't get automatically provided

There are two (2) tickets still needing review of 1.11.0:

* `#1265`_: New Visualizer is insufficiently labelled/documented (plus
  layout problem)
* `#1382`_: immutable peer selection refactoring and enhancements

.. _`#1777`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1777
.. _`#166`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/166
.. _`#937`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/937
.. _`#1539`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1539
.. _`#1159`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1159
.. _`#1693`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1693
.. _`#1265`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1265
.. _`#1382`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1382

- ----

*The Tahoe-LAFS Weekly News is published once a week by The Tahoe-LAFS*
*Software Foundation, President and Treasurer: Peter Secor* |peter|
*. Scribes: Patrick "marlowe" McDonald* |marlowe| *, Zooko Wilcox-O'Hearn*
*, Editor: Zooko.* `View TWN on the web`_ *or* `subscribe to TWN`_
*. Send your news stories to* `marlowe at antagonism.org`_ *b submission
deadline: Friday night.*

.. _marlowe at antagonism.org: mailto:marlowe at antagonism.org
.. |peter| image:: psecor.jpg
   :height: 35
   :alt: peter
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |marlowe| image:: marlowe-x75-bw.jpg
   :height: 35
   :alt: marlowe
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJQBMLoAAoJEAT4nRyi0elyvJEP/3SSUW/kBS5gxCm9kMFTbJaf
V9WIavIjmdOVCZ2WRsoV6X3+Z3oTM1JeKMM/7N+w3ACYLUA5d8GV1FkqHar3zPbD
pwBLZKeNg+YgcCXfygFZTJl4nsde6JsRUDCzHcXXYL3uSnDgrPt+RfmStkSLs7Ce
dcgKSOT/w+cTqrNPwaHmkC6xGMGn8O4IukvJAIeqhHlm5+7d43vfnRXfxAT8hgcG
GXz23ZI3lTaxmSA3H3PhMwxsAGUTR28Mpv5F5YgGqHTQbGODwqwPBcGS/87Gi4U7
0a3YsYBzzkCVm3kTGdhmlxd2WXu5ffaaglLonOW6J7up04+vaB4XAp3BJ5Y/Cmmr
YvZBWIw6r8PMvrFQ9LRN74EvYnYSDDqqxBXNRNcefZyuyojvcsZeLMP3zt4eC8lt
pbH5r871zrSa3+X/cQ2iW4qSZwIPMOVODbWkesa2usQyWmLWzoLh/mjdW2xs/8mN
nayWsSH615hv0kzi61giqesNyRkXTYz6Ubmzu5d3UQPPu7XxTlrnWywJ631iKuev
++JJ9Go9zwOqfu92OpmH5qS3GtF7mQ1bk4ZGyH1c16jSQWcmZZbd/CaR1+CzwPM0
VCCSkfPHmT5vPCBkvEk6ac89yiS8c8nww0h3GlFKLyr6Dz5/wL1ry6bvxDeM2gJv
wBCaAbFXUMNrJah8sdB4
=/Nj8
-----END PGP SIGNATURE-----
_______________________________________________
tahoe-lafs-weekly-news mailing list
tahoe-lafs-weekly-news at tahoe-lafs.org
http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-lafs-weekly-news

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Mon Jul 16 13:09:13 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 16 Jul 2012 22:09:13 +0200
Subject: [drone-list] NYT on "The Moral Case for Drones"
Message-ID: <20120716200913.GV12615@leitl.org>

----- Forwarded message from Gregory Foster <gfoster at entersection.org> -----


From kb at karelbilek.com  Mon Jul 16 14:17:56 2012
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Mon, 16 Jul 2012 23:17:56 +0200
Subject: HOPE 9: Whistleblower Binney says the NSA has dossiers on
  nearly  every US citizen
In-Reply-To: <20120716080706.GC12615@leitl.org>
References: <20120716080706.GC12615@leitl.org>
Message-ID: <CAGUkT8Zodbe0tiV=Wf=H15UnUiHfF9x6Om7OL7iRPjsdGB205Q@mail.gmail.com>

I always think to myself that there are so many people on this planet
that noone will care about a random person on the internet

I mean, yeah, THE MAN probably has tons of data on me (some of which I
willfully uploaded on social networks), but it's not possible to watch
everyone. Not meaning it technically (technically it very much is),
but more... personally. There are so many people saying stupid shit
online that noone is really going to pay attention to some guy who
just happens to mention bitcoin and bittorrent in the same sentence
and that downloads some comics once in a while, since they are more
busy with people who mention bomb and islam in the same sentence.

But yeah, I know it's a really shitty hope.

On Mon, Jul 16, 2012 at 10:07 AM, Eugen Leitl <eugen at leitl.org> wrote:
> (Nearly every *US* citizen? Try every warm body on this planet...)
>
> http://www.networkworld.com/community/blog/hope-9-whistleblower-binney-says-nsa-has-dossiers-nearly-every-us-citizen
>
> HOPE 9: Whistleblower Binney says the NSA has dossiers on nearly every US
> citizen
>
> By Ms. Smith
>
> Created Jul 15 2012 - 1:39pm
>
> This weekend in New York City was a three-day hackers' conference called HOPE
> Number 9 [1] which is only held every two years [2]; HOPE stands for "Hackers
> on Planet Earth" and there's always a lot of great info that comes out of it.
>
> One of the quotes floating around in regard to #HOPE9 [3] came from Founder
> and CEO of Pallorium Inc [4]'s Steven Rambam [5] as "Rambam's first law [6]:
> All databases will eventually be used for unintended purposes." This is the
> same man who spoke at the 2008 HOPE about "Privacy is dead - Get over it
> [7]." In regard to this year, you will probably find private investigator
> Rambam's newest revelations coming soon to 2600 [8]. Surveillance is one of
> those purposes that databases may be used for and NSA whistleblower William
> Binney [9] knows plenty about domestic spying.
>
> [10]Binney was at HOPE and while his entire keynote is not yet posted,
> journalist Geoff Shively and Livestreamer [11] Tim Pool had an opportunity to
> speak with Binney about NSA spying. As you may recall, after covering the
> NATO protests, Pool and Shively were two of the journalists harassed by
> Chicago cops [12]. In the short video interview, Binney explained a bit more
> about the NSA spying on Americans:
>
> "Domestically, they're pulling together all the data about virtually every
> U.S. citizen in the country and assembling that information, building
> communities that you have relationships with, and knowledge about you; what
> your activities are; what you're doing. So the government is accumulating
> that kind of information about every individual person and it's a very
> dangerous process." He estimated that one telecom alone was sending the
> government an "average of 320 million logs every day since 2001."
>
> Censorship and monitoring are alive and well in the USA. Shively summed it up
> as, "It's not about being paranoid. It's not about having nothing to hide;
> it's about an infringing of rights that does exist" right here at home.
>
> After the NSA claimed it would violate Americans' privacy to say how many of
> us it spied upon [13], Binney was one of three NSA whistleblowers who decided
> to help back the EFF's lawsuit over the government's massive domestic spying
> program [14]; they intend to tell the truth about the NSA's warrantless
> wiretap powers. If there is a dossier on almost every American, then it's
> little wonder why the NSA doesn't want to release those numbers. EFF Senior
> Staff Attorney Lee Tien said [14], "The government keeps making the same
> 'state secrets' claims again and again. It's time for Americans to have their
> day in court and for a judge to rule on the legality of this massive
> surveillance."
>
> NSA Chief General Keith Alexander [15] has denied such intense spying on
> Americans in the past. In a keynote speech about cybersecurity legislation
> [16], Alexander said "the NSA neither needs nor wants most personal info,
> such as emails," while continually repeating civil liberties must be
> protected. Yet as Techdirt pointed out [17], Alexander's words might be
> interpreted "to actually mean they don't care about civil liberties."
>
> According to Truthdig [18], Binney told the HOPE audience, "These people are
> still hiding behind this 'national security' curtain. All I want to do is
> move that aside and say 'See ... pay attention to that man behind the
> curtain, because he's affecting us. He's affecting all of us' because he's
> setting the stage for an 'Orwellian state'."
>
> Also this weekend, The New York Times [19] ran a piece called "The End of
> Privacy?" The editorial states, "Cellphones, e-mail, and online social
> networking have come to rule daily life, but Congress has done nothing to
> update federal privacy laws to better protect digital communication. That
> inattention carries a heavy price."
>
> Meanwhile in America, the 'land of free,' another NYTimes article exposed
> [20] how the Food and Drug Administration (FDA) operated a "wide-ranging
> surveillance operation" and spied on "a group of its own scientists" by
> secretly capturing "thousands of e-mails that the disgruntled scientists sent
> privately to members of Congress, lawyers, labor officials, journalists and
> even President Obama."
>
>     The agency, using so-called spy software designed to help employers
> monitor workers, captured screen images from the government laptops of the
> five scientists as they were being used at work or at home. The software
> tracked their keystrokes, intercepted their personal e-mails, copied the
> documents on their personal thumb drives and even followed their messages
> line by line as they were being drafted, the documents show.
>
> This surveillance resulted in more than 80,000 pages of computer documents.
> After reviewing them, The New York Times wrote [20], "The documents captured
> in the surveillance effort - including confidential letters to at least a
> half-dozen Congressional offices and oversight committees, drafts of legal
> filings and grievances, and personal e-mails - were posted on a public Web
> site, apparently by mistake, by a private document-handling contractor that
> works for the F.D.A."
>
> That accidental find of the database by a scientist takes us back to Rambam's
> quote about databases being used for "unintended purposes." It also
> highlights the truth of Binney's claims at HOPE that censorship and
> monitoring is alive and well in the USA.




From eugen at leitl.org  Mon Jul 16 23:14:47 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 17 Jul 2012 08:14:47 +0200
Subject: [drone-list] NYT on "The Moral Case for Drones"
Message-ID: <20120717061447.GX12615@leitl.org>

----- Forwarded message from "Knuckey, Sarah" <sarah.knuckey at nyu.edu> -----


From robot at craigslist.org  Tue Jul 17 06:51:23 2012
From: robot at craigslist.org (craigslist - automated message, do not reply)
Date: Tue, 17 Jul 2012 19:51:23 +0600
Subject: You have successfuly posted your Craiglist.org ad.
Message-ID: <5114257730.U9O0AL1C044008@gfymha.ezfzyqybtcnk.info>

Your Craiglistposting detailsPosting ID #84366672:"Screwdrivers kit"(household items - by owner)Can now be accessible at thefollowing URL: http://craigslist.org/hsh/717971.htmlIndex pages and search results are updatedevery 15 minutes.To edit or delete, please log in to your account.If you are experiencing problems findingyour ad in the listings: http://www.craigslist.org/about/help/how_to_fi=nd_your_post_in_the_listingsFor other questions or help: http://w=ww.craigslist.org/about/help/Safety tips and avoiding scams: http://=www.craigslist.org/about/safetyhttp://www.craigslist.o=rg/about/scamsThanks for using craigslist!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1553 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120717/1a72a187/attachment.txt>

From beth at bethtrott.com  Tue Jul 17 07:36:53 2012
From: beth at bethtrott.com (=?koi8-r?B?IvfBzMXSycog+tXCy8/XIg==?=)
Date: Tue, 17 Jul 2012 21:36:53 +0700
Subject: =?koi8-r?B?18nS1NXBzNjOwdEg4fTz?=
Message-ID: <01cd6464$47ef8880$37043501@beth>

МНОГОКАНАЛЬНЫЙ НОМЕР за 300 рублей!
    
Звоните сегодня (495) 225_04--62
   
Большой выбор КРАСИВЫХ номеров.
 
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия на покупке телефонной станции
  
Дешевый межгород В ПОДАРОК!
  




From 623 at asmpt.com  Tue Jul 17 06:45:25 2012
From: 623 at asmpt.com (=?koi8-r?B?Iu3Jy8HJzCI=?=)
Date: Tue, 17 Jul 2012 22:45:25 +0900
Subject: =?koi8-r?B?19nHz8TOwdEg1MXMxcbPzs7B0SDT19Ha2A==?=
Message-ID: <01cd646d$dae0f080$6c35ad70@623>

МНОГОКАНАЛЬНЫЙ НОМЕР за 300 рублей!
       
Звоните сегодня (495) 225...04_62
   
Большой выбор КРАСИВЫХ номеров.
 
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия на покупке телефонной станции
  
Дешевый межгород В ПОДАРОК!
     




From betty.vallance at kedc.org  Tue Jul 17 07:11:24 2012
From: betty.vallance at kedc.org (=?koi8-r?B?IvzNzcEg98nOwcTYxdfOwSI=?=)
Date: Tue, 17 Jul 2012 23:11:24 +0900
Subject: =?koi8-r?B?3MvPzs/NzsHRINTFzMXGz87OwdEg09fR2tg=?=
Message-ID: <01cd6471$7c1d7600$aa2dc677@betty.vallance>

МНОГОКАНАЛЬНЫЙ НОМЕР за 300 рублей!
   
Звоните сегодня (495) 225   04   62
     
Большой выбор КРАСИВЫХ номеров.
  
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия на покупке телефонной станции
       
Дешевый межгород В ПОДАРОК!
   




From alarmingofw9 at rlozano.com  Wed Jul 18 01:17:26 2012
From: alarmingofw9 at rlozano.com (=?koi8-r?B?IvPU0sHUxcfJ0SDJINDB0snUxdQi?=)
Date: Wed, 18 Jul 2012 00:17:26 -0800
Subject: =?koi8-r?B?T1NCLTMg5uHu5fL5?=
Message-ID: <8C791D2BF8BE459A818A4B9F9E612A10@zahid3acf920fe>

Оптовые и розничные поставки - САМЫЕ НИЗКИЕ ЦЕНЫ!
-      OSB-3 производства  Bolderaja (Латвия) , Arbec (Канада), Egger
(Германия) -      ФАНЕРЫ ФК березовая , ФСФ хвойная, ФОФ ламинированная
 в любую точку России , склад в Москве. 
С уважением и надеждой на дальнейшее сотрудничество,

Отдел продаж и доставки:
(495) 772-60-94
www.стратегия-и-паритет.рф




From saftergood at fas.org  Wed Jul 18 07:20:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Wed, 18 Jul 2012 07:20:11 -0700
Subject: Secrecy News -- 07/18/12
Message-ID: <mailman.3590.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 70
July 18, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     THE HISTORY OF THE SOVIET BIOLOGICAL WEAPONS PROGRAM
**     PUBLISHING SCIENTIFIC PAPERS WITH POTENTIAL SECURITY RISKS
**     FY2013 DEFENSE AUTHORIZATION, AND MORE FROM CRS


THE HISTORY OF THE SOVIET BIOLOGICAL WEAPONS PROGRAM

In 1972, the United States, the Soviet Union and other nations signed the
Biological and Toxin Weapons Convention that was supposed to ban biological
weapons.  At that very time, however, the Soviet Union was embarking on a
massive expansion of its offensive biological weapons program, which began
in the 1920s and continued under the Russian Federation at least into the
1990s.

The astonishing story of the Soviet biological weapons enterprise is told
in an encyclopedic new work entitled "The Soviet Biological Weapons
Program: A History" by Milton Leitenberg and Raymond A. Zilinskas (Harvard
University Press, 2012).

	http://www.hup.harvard.edu/catalog.php?isbn=9780674047709

The Soviet biological weapons (BW) program was by far the largest and most
sophisticated such program ever undertaken by any nation.  It was also
intensely secretive, and was masked by layers of classification, deception
and misdirection.

"The program's most important facilities remain inaccessible to outsiders
to this day," Leitenberg and Zilinskas write, "and it has been made a crime
for anyone in present-day Russia to divulge information about the former
offensive BW program."  Needless to say, official archives are closed and
Russian government officials are uncommunicative on the subject, or deny
the existence of the program altogether.

Over a period of a decade or so, Leitenberg and Zilinskas were able to
interview about a dozen former Soviet scientists who were involved in the
Soviet BW program, along with dozens of other sources.  Their revelations
inform the authors' analysis and serve to advance public knowledge of the
subject far beyond previous reports.  Even relatively well-known incidents
like the 1979 Sverdlovsk anthrax epidemic are cast in a new light.  Many
other aspects of the program will be entirely unfamiliar to most readers.

Much of the book is devoted to a description of the vast infrastructure of
Soviet BW research and production, including descriptions of the various
institutes, their history, their workforce and the nature of their
research, as far as it could be discerned.  Along the way, many fascinating
and sometimes horrific topics are addressed.  For example:

**	In an effort to enhance the weapons-related properties of BW agents,
Soviet scientists spent years working to create a viral "chimera," which is
an organism that contains genetic material from two or more other
organisms.

**	Other scientists worked to eliminate the "epitopes" on the surface of
existing BW agents in order to make them unrecognizable to regular
diagnostic techniques.  By using such a modified agent, "the Soviets would
have made it considerably more difficult for the attacked population to
identify the causative pathogen of the resulting disease outbreak and begin
timely treatment."

**	A project codenamed Hunter (Okhotnik) sought to develop hybrids of
bacteria and viruses such that use of an antibiotic to kill the bacteria
would trigger release of the virus.  "Unlike other national BW programs,
which without exception used only classical or traditional applied
microbiology techniques to weaponize agents, the post-1972 Soviet program
had a futuristic aspect. By employing genetic manipulation and other
molecular biology techniques, its scientists were able to breach barriers
separating species...."

**	The Soviet BW program appears to have taken advantage of the
declassification in the 1970s of a large number of documents from the
United States BW program.  Thus, the design of the Soviet Gshch-304 BW
bomblet was found to closely resemble that of the declassified US E-130R2
bomblet.  In 2001, the US Government moved to reclassify many documents on
the US BW program, but "nothing could be done about recalling reports that
had been distributed relatively freely for more than 35 years."

**	The quality of US intelligence about the Soviet BW program left much to
be desired.  "Intelligence about Soviet BW-related activities is relatively
thin for the pre-1972 period; meager and often of dubious value during
1970-1979; and a little less meager and of better quality during
1980-1990." After 1990, little has been declassified.  "There is an unknown
number of still-classified reports concerning the Soviet BW program
produced by the CIA and perhaps by other agencies that we do not have," the
authors write.  The state of declassification is such that "we have been
able to collect far more information" about the history of Soviet BW
activities from interviews with former Soviet scientists and others than
from declassified official records.

**	In what the authors term "a horrendous mistake by the United States,"
the US government undertook a covert deception and disinformation program
aimed at the Soviet Union in the late 1960s which implied falsely that the
US had a clandestine biological weapons program.  This unfortunate campaign
may have reinforced an existing Soviet belief that the US had never
terminated its own offensive BW program, a belief that lent impetus, if not
legitimacy, to the Soviet BW program.

**	Today, the situation with respect to BW in the former Soviet Union is
"ambiguous and unsatisfactory," Leitenberg and Zilinskas write. "There
remains the possibility that Russia maintains portions of an offensive BW
program in violation of the BWC." Alternatively, "since we do not actually
know what is and has been taking place within the three [Ministry of
Defense BW] facilities since 1992, perhaps the situation is better than
might be feared."

In 23 chapters, the authors painstakingly examine many facets of the
history, structure and operation of the Soviet BW program.  They
scrupulously cite prior scholarship on the subject, while sorting out
verifiable fact, plausible inference, dubious speculation, and error or
fabrication.  (Thus, "No SS-18 ICBM bomblet delivery system was ever
completed, none was ever tested, and obviously none could ever have been
employed.")

But even after 900 pages of often dense text, "there are large gaps in our
understanding of the Soviet BW program" and "readers are cautioned that
much remains to be discovered."

"We have not been able to resolve definitively some of the most important
questions," they observe.  Unanswered questions involve basic issues such
as the motivation and purpose of the program.  Why did the Soviet Union
pursue the development and acquisition of biological weapons?  Who was to
be targeted by Soviet biological weapons b the US?  China?  Europe? b
and under what conceivable circumstances?  And what happens now?

Following a brief period during the Yeltsin years during which Russian
officials acknowledged this activity, "Russia's current official position
is that no offensive BW program had existed in the Soviet Union."

			*	*	*

The History of the Soviet Biological Weapons Program was reviewed by
author David E. Hoffman in Foreign Policy last month.

  http://hoffman.foreignpolicy.com/posts/2012/06/17/why_did_they_do_it

In 2010 the US Government signed an agreement with the former Soviet
Republic of Armenia to cooperate in the control or destruction of dangerous
pathogens, and in other efforts to prevent proliferation of biological
weapons.  The agreement, one of several such documents, was published
earlier this year.

	http://www.fas.org/irp/threat/cbw/armenia-2010.pdf


PUBLISHING SCIENTIFIC PAPERS WITH POTENTIAL SECURITY RISKS

The recent controversy over publication of scientific papers concerning
the transmissibility of bird flu virus was reviewed in a new report by the
Congressional Research Service. The report cautiously elucidates the
relevant policy implications and considers the responses available to
Congress.

"Because of the complexity of dual-use issues, analysis of a topic
according to one set of policy priorities may lead to unforeseen
complications due to its intersection with other policy priorities," the
report says. "For example, maximizing security may lead to detriments in
public health and scientific advancement, while maximizing scientific
advancement may lead to security risks."

See "Publishing Scientific Papers with Potential Security Risks: Issues
for Congress," July 12, 2012:

	http://www.fas.org/sgp/crs/secrecy/R42606.pdf


FY2013 DEFENSE AUTHORIZATION, AND MORE FROM CRS

Some other new and updated reports from the Congressional Research Service
that have not been made readily available to the public include the
following.

Defense: FY2013 Authorization and Appropriations, July 13, 2012:

	http://www.fas.org/sgp/crs/natsec/R42607.pdf

The Unified Command Plan and Combatant Commands: Background and Issues for
Congress, July 17, 2011:

	http://www.fas.org/sgp/crs/natsec/R42077.pdf

LIBOR: Frequently Asked Questions, July 16, 2012:

	http://www.fas.org/sgp/crs/misc/R42608.pdf

The 2001 and 2003 Bush Tax Cuts and Deficit Reduction, July 16, 2012:

	http://www.fas.org/sgp/crs/misc/R42020.pdf

Guatemala: Political, Security, and Socio-Economic Conditions and U.S.
Relations, June 26, 2012:

	http://www.fas.org/sgp/crs/row/R42580.pdf


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html


_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From press-office at wikileaks.org  Wed Jul 18 12:46:59 2012
From: press-office at wikileaks.org (Wikileaks Press Office)
Date: Wed, 18 Jul 2012 12:46:59 -0700 (PDT)
Subject: [WIKILEAKS] Use the New WikiLeaks Donation Gateway to Donate with
	Visa whilst You Can
Message-ID: <mailman.3591.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Dear WikiLeaks Friend,

We urge all our supporters around the world to use their Visa and MasterCard to
donate to WikiLeaks today with a new system, whilst they still can -
http://shop.wikileaks.org/donate#dccard

In a statement at 11am BST today, Wednesday 18th July, WikiLeaks announced the
opening of a new payment gateway that allows the public to donate to WikiLeaks
with their Visa and MasterCards, depsite the banking blockade. The banking
blockade by US financial institutions that has been running for almost two
years has meant that WikiLeaks has lost 95% of its donations and have been
forced to run off reserve funds. These reserve funds will run out in a few
months. 

However, today, WikiLeaks has found a way around this blockade with a new
payment system of FDNN using Carte Bleue. The French credit card system, Carte
Bleue, is coupled with the VISA/MasterCard system globally. VISA and MasterCard
are contractually barred from directly cutting off merchants through the Carte
Bleue system. The French non-profit FDNN (Fund for the Defense of Net
Neutrality- Fonds de DC)fense de la Net NeutralitC)) has set up a Carte Bleue
fund for WikiLeaks.

Julian Assange, WikiLeaksb founder said: "We beat them in Iceland and, by
God, webll beat them in France as well. Let them shut it down. Let them
demonstrate to the world once again their corrupt pandering to Washington.
Webre waiting. Our lawyers are waiting. The whole world is waiting. Do it."

----------------------

To support WikiLeaks and find out all the ways to donate, including our new
creditcard system, PayPal, Flattr and Bitcoin and keep us strong at
https://shop.wikileaks.org/donate.

For the full press release and new donation video go to:
http://www.wikileaks.org/Press-Release-WikiLeaks-opens-path.html

----------------------

Full Press Release:

Press Release: WikiLeaks opens path through banking siege. Donations open.

Wednesday July 18, 11:00

After almost two years of fighting an unlawful banking blockade by US financial
giants VISA and MasterCard, WikiLeaks has announced it is back open for
donations.

After WikiLeaksb publications revealing US war crimes and statecraft in 2010,
US financial institutions erected a banking blockade against WikiLeaks wholly
outside of any judicial or administrative process. The blockade came during a
time of substantial economic growth for WikiLeaks but blocked more than 95% of
donations, costing the organization in excess of USD 20 million.

The Wau Holland Transparency Reports for WikiLeaksb finances, released today,
illustrate the financial consequences of 18 consecutive months of economic
censorship. For the year 2011, the blockade resulted in WikiLeaksb income
falling to just 21% of its operating costs.

WikiLeaks has been forced to run on its cash reserves at the Wau Holland
Foundation, which have diminished from EUR 800,000 at the end of December 2010,
to less than EUR 100,000 at the end of June 2012. As the graph shows,
WikiLeaksb reserve funds will expire at the current austere rate of
expenditure within a few months. In order to effectively continue its mission,
WikiLeaks must raise a minimum of EUR 1 million immediately.

Against this background, WikiLeaks is launching a new payment gateway, designed
to work around the blockade.

The French credit card system, Carte Bleue, is coupled with the VISA/MasterCard
system globally. VISA and MasterCard are contractually barred from directly
cutting off merchants through the Carte Bleue system. The French non-profit
FDNN (Fund for the Defense of Net Neutrality- Fonds de DC)fense de la Net
NeutralitC)) has set up a Carte Bleue fund for WikiLeaks.

WikiLeaks advises all global supporters to make use of this avenue immediately
before VISA/MasterCard attempts to shut it down.

However, WikiLeaks and FDNN are ready for the fight. Julian Assange,
WikiLeaksb founder said: "We beat them in Iceland and, by God, webll beat
them in France as well. Let them shut it down. Let them demonstrate to the
world once again their corrupt pandering to Washington. Webre waiting. Our
lawyers are waiting. The whole world is waiting. Do it."

WikiLeaks is pursuing several actions against the blockade.

Last week, WikiLeaks won a landmark lawsuit against VISA Iceland (Valitor). In
July 2011 WikiLeaks opened a path through the blockade, when VISA-Valitor
agreed to process payments to WikiLeaks through the Icelandic payment gateway,
Datacell. Soon afterwards, VISA-Valitor blocked donations and ended its
relationship with Datacell, in violation of its contractual obligations.
Delivering its judgment last week, the Icelandic court in Reykjavik ruled that
the donation gateway should be reopened by 26 July 2012, otherwise VISA-Valitor
will be penalized with a fine of ISK 800,000 daily.

A European Commission preliminary investigation into the blockade was started
in July 2011. A Commission decision on whether to pursue the financial services
companies involved in the blockade is expected before the end of August.

The UN Special Rapporteur on the Promotion and Protection of the Right to
Freedom of Opinion and Expression Frank William La Rue, the European
Parliament, the New York Times Editorial, and many rights groups have condemned
the blockade.

Australian Greens Senator Scott Ludlam last week called on the Australian
government to take domestic actions against the banking blockade.

LINKS:

FDNN-WikiLeaks Payment Gateway (Donate here):
https://shop.wikileaks.org/donate#dccard

Wau Holland Monthly Balance Sheet for the years 2010, 2011 and 2012:
http://wauland.de/files/2010-2012_P...

Wau Holland Transparency Report for 2011:
http://wauland.de/files/2011_Transp...

Auf Deutsch: http://wauland.de/files/2011_Transp...

Wau Holland Transparency Report for 2012:
http://wauland.de/files/2012-1_Tran...

Auf Deutsch: http://wauland.de/files/2012-1_Tran...

For more information on the WikiLeaks banking blockade, please see:
http://wikileaks.org/Banking-Blockade

For WikiLeaks press contacts, please see: http://wikileaks.org/Press

You can download the video above in the following formats: WEBM, MP4, OGG, FLV
(requires torrent client)
+--------------------------------------------------
| Why you receive this mail and what to do with it
|
| We rely on you to distribute the content of this mail to your
| community, industry, press and regulators, to defend us in your
| country and to invite people of integrity and commitment via
| via https://lists.riseup.net/www/subscribe/wl-press




----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From wb38 at rain-tree.com  Wed Jul 18 01:14:55 2012
From: wb38 at rain-tree.com (=?koi8-r?B?IvPM1dbC2SDkz9PUwdfLySDsxcvB0tPU1yI=?=)
Date: Wed, 18 Jul 2012 13:44:55 +0530
Subject: =?koi8-r?B?+uTv8u/3+OUg7u/nIOn67vX08ukuIPfl7uHy9fM=?=
Message-ID: <7A09E6F8FBD84B44B73B92FF4248487E@abc>








  
  
    
      ПРЕЗЕНТАЦИЯ КРАСИВЫХ НОГ. 
      ВЕНАРУС® 2012
  
    
      
        
          
            
              
              
                
                  Новинка в 
                  ассортименте Службы Доставки 
                  ЛекарствВЕНАРУС 
                   здоровье 
                  Ваших ног изнутри.Препарат 
                  ВЕНАРУС для лечения 
                  варикоза:
                  -&nbsp;воздействует на причину болезни – 
                  повышает тонус венозной стенки
                  - устраняет 
                  отеки и чувство тяжести в ногах
                  - усиливает 
                  эффект от применения мазей и 
                  гелей
                  - на 40% 
                  дешевле импортного аналога
                   
                  Подробнее>>>
                  Препарат 
                  можно заказать в Службе 
                  Доставки Лекарств>>>:+7(495) 
                  775-20-00, 
            
        
          
            Предупреждение: 
            Препарат отпускает по рецепту врача. 
            Необходима консультация специалиста, имеются 
            противопоказания.Информация о лекарственных препаратах, 
            размещенная в данном разделе, носит описательный характер и 
            предназначена исключительно для информационных целей. Получатели не 
            должны использовать данную информацию в качестве медицинских советов 
            и рекомендаций. Выбор и назначение лекарственных препаратов, а также 
            контроль над их применением может осуществлять только врач, который 
            всегда учитывает индивидуальные особенности пациента. 
            
            
            
            В коротком 
            варианте: Беспокоят отёки и чувство тяжести в ногах? ВЕНАРУС® 
            поможет сохранить здоровье Ваших ног 
            изнутри!
      
  
    
      +7(495) 
      775-20-00
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 11964 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120718/a3cd0f40/attachment.txt>

From eugen at leitl.org  Wed Jul 18 04:58:29 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 13:58:29 +0200
Subject: NSA Whistleblower Drake: You're automatically suspicious until 
  proven otherwise
Message-ID: <20120718115829.GY12615@leitl.org>

(O brave new world that has such people in't)

http://www.networkworld.com/community/blog/nsa-whistleblower-drake-youre-automatically-suspicious-until-proved-otherwise

NSA Whistleblower Drake: You're automatically suspicious until proven
otherwise

NSA whistleblower Thomas A. Drake is backing the EFF's lawsuit over the
government's massive spying program. Drake also had a lot to say about the
establishment of a 'surveillance society' in America. In a video interview,
he said it was bsoft tyranny. It raises the specter of you're automatically
suspicious until we prove that you're not. It raises the specter of a
universal wiretap, a persistent universal wiretap on every single person, or
if not, they can create one.'

By Ms. Smith on Mon, 07/16/12 - 4:32pm.

Continuing in the theme of what NSA whistleblowers have to say about
Americans under mass surveillance, such as William Binney's claim that the
NSA has dossiers on nearly every U.S. citizen, we'll take a look at another
former NSA official, Thomas A. Drake, who was also brave enough to turn
whistleblower and had his life turned upside down because of it.

RT had a very interesting interview with Drake, who said, "Security has
effectively become the State religion; you don't question it. And if you
question it, then your loyalty is questioned." . . . "Speaking truth of power
is very dangerous in today's world." The journalist pointed out that
investigative journalists are labeled as "terrorist helpers" for trying to
reveal the truth, to which Drake said the government's take is "you go after
the messenger because the last thing you want to do is deal with the
message." The NSA, the government, "They object" to anyone who dares to "air
dirty laundry" or show the skeletons in the closet. "Not only do they object
to it, they decide to turn it into criminal activity."

Drake added, "Most people don't stand up to power because power wields a lot
of power and power can do you in, or make life very difficult." This almost
made me throw up since those who are brave enough to object to our country
moving away from the Constitution and everything that America stands for,
cannot possibly mean those people are for the terrorists! Most are people who
love our country and believe in freedom, believe in the USA! Those people
believe the government can't stomp out our rights and hide behind national
security secrets to avoid telling We the People the truth about mass domestic
spying. Some of those people who are brave enough to not only stand up and be
counted, but also to fight for our rights include the EFF with Jewel v. NSA.
EFF Legal Director Cindy Cohn wrote:

    For years, government lawyers have been arguing that our case is too
secret for the courts to consider, despite the mounting confirmation of
widespread mass illegal surveillance of ordinary people. Now we have three
former NSA officials confirming the basic facts. Neither the Constitution nor
federal law allow the government to collect massive amounts of communications
and data of innocent Americans and fish around in it in case it might find
something interesting. This kind of power is too easily abused. We're
extremely pleased that more whistleblowers have come forward to help end this
massive spying program.

Many people do not read the law, proposed bills, or what is happening in the
court. If you are so inclined, you can read the EFF's motion for partial
summary judgment, William Binney's declaration and J. Kirk Wiebe's
declaration. Among many other eye-openers, Thomas A. Drake's declaration
states:

    The NSA has the capability to do individualized searches, similar to
Google, for particular electronic communications in real time through such
criteria as target addresses, locations, countries and phone numbers, as well
as watch-listed names, keywords and phrases in email. The NSA has the ability
to do individualized or small scale searches for particular electronic
communications in real time. It also has, or is in the process of obtaining,
the capability to seize and store most electronic communications passing
through its U.S. intercept centers. The wholesale collection of data allows
the NSA to identify and analyze Entities or Communities of Interest later in
a static database.

Some more of Drake's statements in the video interview included, "The NSA had
entered into a secret agreement with the White House in which NSA would
become the executive agent for this secret surveillance program. On the front
end, it was designed to deal with the threat, the terrorist threat, and that
was probably understandable. But what it did is it actually, essentially,
turned the United States into just a collection platform." He spoke a little
bit about how CISPA would take the secret law of the Patriot Act, Section
215, up a notch so that under the label of "cyber threats and to provide
cybersecurity, the government wants even more invasive access -- almost
persistent access to networks which are not normally available to the
public."

    If you take what has been happening post 9/11 security world, what you're
seeing is the establishment of a surveillance society. You're seeing the
establishment of the surveillance network....People don't realize the extent
to which we are already surveilled in many, many different ways -- the extent
to which vast amounts of our own transactional data, in all forms -- all
electronic forms, and emails, and your tweets, and bank records, and
everything else, are all subject -- or suspect, in terms of
surveillance....It raises the specter of kind of the rise of soft tyranny. It
raises the specter of you're automatically suspicious until we prove that
you're not. It raises the specter of a  universal -- I call it a universal
wiretap, a persistent universal wiretap on every single person, or if not,
they can create one.

"You also have the fear element. Fear in itself is control. And what people
will do if they are fearful is to censor themselves." Regarding NSA and other
government surveillance powers, Drake added, "What happens if they don't like
you? What happens if you speak ill-will against the government? What happens
if you say something that they consider disloyal?" Drake pointed out that
what happened to him, a top government executive, sends a "very chilling
message that if you speak out, if you speak up, we're going to hammer you and
we're going to hammer you hard."

Wielding fear like a weapon and using policy as opposed to the Constitution
and protections granted to us via the Bill of Rights is very dangerous and
seems very anti-American. I agree with Drake, "We are going down a very
slippery slope in America."

If cursing upsets you, then please don't watch this clip gone viral about
"Good Will Hunting had it right 14 years ago."




From delightfulz68 at rapidforms.com  Wed Jul 18 02:18:05 2012
From: delightfulz68 at rapidforms.com (=?koi8-r?B?IvTp8O/n8uHm6fEi?=)
Date: Wed, 18 Jul 2012 14:48:05 +0530
Subject: =?koi8-r?B?++/rIJYg4+Xu+SDu4SDw7+zp5/Lh5ung?=
Message-ID: <2F8E770F036F4DA18BD24CFFE6315F71@SHREESAI03>

ФАБРИКА ПЕЧАТИ Г. МОЖАЙСК ГАРАНТИРУЕТ
САМЫЕ НИЗКИЕ ЦЕНЫ НА ПОЛИГРАФИЮ  +7 (495) 940-7322

СКЛАД - г. Мытищи (по желанию - доставка и самовывоз)
ПРОДУКЦИЯ - Каталоги, брошюры, плакаты, пакеты, буклеты, листовки, воблеры,
шелфтокеры, кашированные изделия, папки, коробки и т. д.
ОБОРУДОВАНИЕ - Машины формата А1,А3, полный цикл постпечатной
обработки

Ждем Ваши задания на калькуляцию!
Телефон Московского представительства: 940-7322




From unfaithfuliww83 at rdexe.com  Wed Jul 18 02:52:37 2012
From: unfaithfuliww83 at rdexe.com (=?koi8-r?B?IuvB0tTJzsEi?=)
Date: Wed, 18 Jul 2012 14:52:37 +0500
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyEgLSAxNDkw0tXC?=
Message-ID: <1B0DB242CC7744DE91B61F6983F0CCC0@toshiba0f5176d>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50%!!! - 1490руб вместо 3000руб! 

Подарок доставят Вам домой или в офис!

Купить картину здесь: www.картина-тут.рф/11.shtml	




From eugen at leitl.org  Wed Jul 18 06:15:04 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 15:15:04 +0200
Subject: NSA Mimics Google, Pisses Off Senate
Message-ID: <20120718131504.GE12615@leitl.org>

http://www.wired.com/wiredenterprise/2012/07/nsa-accumulo-google-bigtable/

NSA Mimics Google, Pisses Off Senate

By Cade Metz July 17, 2012 | 6:30 am | Categories: Database Software

Follow @cademetz

The Senate Armed Service Committee isnbt exactly pleased with the NSAbs
Google-like database.

Image: jim.greenhill/Flickr

In 2008, a team of software coders inside the National Security Agency
started reverse-engineering the database that ran Google.

They closely followed the Google research paper describing BigTable b the
sweeping database that underpinned many of the Googlebs online services,
running across tens of thousands of computer servers b but they also went a
little further. In rebuilding this massive database, they beefed up the
security. After all, this was the NSA.

Like Google, the agency needed a way of storing and retrieving massive
amounts of data across an army of servers, but it also needed extra tools for
protecting all that data from prying eyes. They added bcell levelb software
controls that could separate various classifications of data, ensuring that
each user could only access the information they were authorized to access.
It was a key part of the NSAbs effort to improve the security of its own
networks.

But the NSA also saw the database as something that could improve security
across the federal government b and beyond. Last September, the agency open
sourced its Google mimic, releasing the code as the Accumulo project. Itbs a
common open source story b except that the Senate Armed Services Committee
wants to put the brakes on the project.

In a bill recently introduced on Capitol Hill, the committee questions
whether Accumulo runs afoul of a government policy that prevents federal
agencies from building their own software when they have access to commercial
alternatives. The bill could ban the Department of Defense from using the
NSAbs database b and it could force the NSA to meld the projectbs security
tools with other open source projects that mimic Googlebs BigTable.

The NSA, you see, is just one of many organizations that have open sourced
code that seeks to mimic the Google infrastructure. Like other commercial
outfits, the agency not only wants to share the database with other
government organizations and companies, it aimed to improve the platform by
encouraging other developers to contribute code. But when the governmentbs
involved, therebs often a twist.

The U.S. government has a long history with open source software, but there
are times when policy and politics bump up against efforts to freely share
software code b just as they do in the corporate world. In recent years, the
most famous example is NASAbs Nebula project, which overcame myriad
bureaucratic hurdles before busting out of the space agency in a big way,
seeding the popular OpenStack platform.

That said, the Accumulo kerfuffle is a little different. In trying to
determine whether Accumulo duplicates existing projects, the bill floated by
the Senate Armed Services committee uses such specific language, some believe
it could set a dangerous precedent for the use of other open source projects
inside the federal government.  The NSA at bInternet Scaleb

Originally called Cloudbase by the NSA, Accumulo is already used inside the
agency, according to a speech given last fall by Gen. Keith Alexander, the
director of the NSA. Basically, it allows the NSA to store enormous amounts
of data in a single software platform, rather than spread it across a wide
range of disparate databases that must be accessed separately.

Accumulo is whatbs commonly known as a bNoSQLb database. Unlike a traditional
SQL relational database b which is designed to run on a single machine,
storing data in neat rows and columns b a NoSQL database is meant for storing
much larger amounts of data across a vast array of machines. These databases
have become increasingly important in the internet age, as more and more data
streams into modern businesses b and government agencies.

With BigTable, Google was at the forefront of the NoSQL movement, and since
the company published its paper describing BigTable in 2006, several
organizations have built open source platforms mimicking its design. Before
the NSA released Accumulo, a search outfit called Powerset b now owned by
Microsoft b built a platform called HBase, while social networking giant
Facebook fashioned a similar platform dubbed Cassandra.

And this is what bothers the Senate Armed Services Committee.

The Senate Armed Services Committee oversees the U.S. military, including the
Department of Defense and the NSA, which is part of the DoD. With Senate bill
3254 b National Defense Authorization Act for Fiscal Year 2013 b the
committee lays out the U.S. military budget for the coming year, and at one
point, the 600-page bill targets Accumulo by name.

The bill bars the DoD from using the database unless the department can show
that the software is sufficiently different from other databases that mimic
BigTable. But at the same time, the bill orders the director of the NSA to
work with outside organizations to merge the Accumulo security tools with
alternative databases, specifically naming HBase and Cassandra.

The bill indicates that Accumulo may violate OMB Circular A-130, a government
policy that bars agencies from building software if itbs less expensive to
use commercial software thatbs already available. And according to one
congressional staffer who worked on the bill, this is indeed the case. He
asked that his name not be used in this story, as hebs not authorized to
speak with the press.

At this point, the staffer says, the committee isnbt concerned with the man
power the NSA required to built the database. But it doesnbt want the
government using Accumulo if there are larger, more active communities
developing projects such as a HBase and Cassandra. He says that the committee
encouraged the NSA to build its security controls into existing open source
projects, but that the agency declined to do so.

The NSA press office could not immediately provide someone to officially
discuss the matter. But for Gunnar Hellekson b the chief technology
strategist in U.S. Public Sector group at Red Hat, the open source software
outfit b the committee has gone too far. He was pleased to see a senate bill
that has such intimate knowledge of open source software b a rarity on
Capitol Hill b but he argues that since Accumulo has already been built and
open sourced, the committee has no business intervening.

bWhen Accumulo was written, it was definitely doing new work,b he tells
Wired. bSome of its differentiating features are being handled by other
pieces of software. But other core concepts are unique, including the
cell-level securityb&. Thatbs are incredibly important feature, and to do it
properly is incredibly complicated.b Not All Open Source Projects Are Created
Equal

The bill benefits HBase and Cassandra b two very popular open source
projects. But it certainly undermines the progress of Accumulo, and thatbs a
particular worry for Oren Falkowitz, one of the developers of the database,
who has left the NSA to start Sqrrl, a company that seeks to build a business
around Accumulo in much the same way Red Hat built one around the Linux
operating system.

Like Hellekson, Falkowitz argues that since Accumulo already open source b
and its backed by the Apache Software Foundation, a major open source steward
b it doesnbt violate government policy. bThe launch of sqrrl validates the
success of Apache Accumulo as a project,b he says, pointing out that sqrrl
has received funding from two well-known venture capital firms. bAccumulobs
technical strengths are not limited to government use cases, and already,
webve seen interest and adoption of Accumulo by financial, healthcare, and a
broad range of other commercial firms.b

He also argues that Accumulo is still quite different from other BigTable
mimics. BigTable and other similar database splits massive amounts of data
into tiny pieces and spreads them across potentially tens of thousands of
servers. But unlike any other platform, Falkowitz says, Accumulo lets you tag
each tiny piece of data so that it can only be accessed by certain outside
servers. This is useful not only to the NSA, he says, but to other government
organizations and health care outfits legally required to separate data in
this way.

bBasically, each [data object] has an extra label thatbs attached to it, and
you can use that to authenticate and authorize users against each object,b
Falkowitz says. bMost systems do that at the columns or the rows level of the
database.b

Red Hatbs Hellekson b who has blogged about the issue on multiple occasions b
goes further, arguing that the bill could undermine the progress of open
source projects well beyond Accumulo. The bill doesnbt just ask that the DoD
prove that the Accumulo project is no more costly than the likes of HBase and
Cassandra. It wants proof that Accumulo is a bsuccessful Apache Foundation
open source database with adequate industry support and diversification.b

bIt doesnbt take much imagination to see that same badequacy criteriab
applied to all open source software projects,b Hellekson writes. bGot a
favorite open source project on your DoD program, but no commercial vendor?
Inadequate. Only one vendor for the package? Lacks diversity. Proprietary
software doesnbt have a burden like this.b

If the bill passed with the current Accumulo language intact, the onus is on
the chief information officer of the Department of Defense to determine
whether Accumulo can be used within the department. But whatever the verdict,
it would not bar the NSA from using the database b just the rest of the DoD.

Open source is a complicated thing. Especially inside the government.

Cade Metz

Cade Metz is the editor of Wired Enterprise. Got a NEWS TIP related to this
story -- or to anything else in the world of big tech? Please e-mail him:
cade_metz at wired.com.

Read more by Cade Metz




From eugen at leitl.org  Wed Jul 18 06:18:24 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 15:18:24 +0200
Subject: One Secret That Stops Hackers: Girlfriends
Message-ID: <20120718131823.GF12615@leitl.org>

http://www.informationweek.com/news/security/management/240003767

One Secret That Stops Hackers: Girlfriends

The majority of hackers "age out" of hacking as they get older and find
girlfriends, families, and other responsibilities. Why not invest in
educating young hackers sooner, instead of locking them up later?

Mathew J. Schwartz | July 16, 2012 11:43 AM

Want to put a stop to hacking? The solution is simple: Get hackers
girlfriends.

To be sure, that prescription is tongue-in-cheek, but it speaks to a hacking
truth: Based on arrests of alleged Anonymous, LulzSec, TeamPoison, and other
hacktivist group participants--not to mention many cyber-crime gangs--it's
the rare participant who's over the age of 25--or even 19.

Clearly, the early 20s are an inflection point in most hackers' lives, when
they transition from engaging in criminal activity to becoming law-abiding
citizens. Accordingly, might outreach programs, perhaps involving older
ex-hackers, help keep them out of jail? They might even steer would-be
hackers into lucrative professions that put their skills to better use, such
as penetration testing.

The question of whether outreach programs would be effective requires working
backwards, starting with the reason hackers--who are overwhelmingly
male--stop hacking. That's typically because they get girlfriends, jobs,
children, or other responsibilities. "We see a lot of adolescent hackers just
'aging out,' and there are relatively few who remain life-course persistent,"
says cyberpsychology expert Grainne Kirwan, a lecturer in psychology at
Ireland's Dun Laoghaire Institute of Art, Design and Technology, in a phone
interview.

While conducting research for her criminology Ph.D., Kirwan interviewed about
20 hackers and found that the majority stopped hacking due to their changing
life circumstances. "The chances are by the time they turn 18 or 19 they'll
age out, and if they haven't stopped then, by the time they get married,
settle down, and have kids, they won't have time to do this type of behavior
anyway," she explains. "As they get older, their moral development gets
better, and they don't have the ability to commit crimes anyway."

Kirwan said the aging-out phenomenon isn't limited to young hackers. "What we
know from general criminology research is that offenders age out, and that
they tend to age out when they start to settle down, find a significant
other, and [other] factors that will reduce the likelihood of their wanting
to offend," she says.

The prevalence of minors who hack hasn't gone unnoticed in law enforcement
circles. Speaking earlier this year at the RSA conference in San Francisco,
Eric Strom, unit chief for the Cyber Initiative and Resource Fusion Unit
Cyber Division at the FBI, said the bureau believes that in general,
hacktivist groups are run by a small number of people who combine "technical
knowhow and the ability to impress upon younger people" the desire to launch
certain types of attacks. But, he said, "the challenges of going after the
larger group [of participants] is that most of them are minors."

How should law enforcement address that, especially when those kids' parents
likely think their son is upstairs doing his homework, not launching a law
orbit ion canon distributed denial-of-service (DDos) attack?

To answer that question, it helps to know why hackers hack. In fact, most
hackers--who are older minors or young adults--"are desperately trying to
assert their own independence, and believe they can make a change in the
world that their parents can't," says Kirwan. "They kind of forget that it's
their parents' generation who invented hacking."

Many kids involved in hacking view their activities as a benign form of
protest, when the laws--as currently written--can criminalize some types of
related behavior. "They are sitting at their computer and saying, 'I'm not
committing a crime,' because it doesn't feel like committing a crime,"
explains Kirwan.

The FBI's Strom said the bureau tries to draw a clear line between online
protests and online attacks. "Certainly if they're just complaining about
something, they have every right to do that--and we don't have any problem
with that," said Strom. But if they hack into a system or go after someone in
law enforcement and their family, that's a different story.

Also, there can be seeming inconsistencies between what's legal in the real
world as opposed to online. "In the western world, we generallyb& encourage
political activism, even when it might have a negative effect on business,"
said Grady Summers, vice president of Mandiant, speaking at this year's RSA
conference. For example, workers can picket their place of business over poor
working conditions, and people can protest in front of foreign embassies or
set up Occupy Wall Street camps that may impact local businesses. But by
comparison, "the digital equivalent of that--a DDoS attack that takes a site
offline for a few hours--is clearly criminal," he said.

Should the laws pertaining to DDoS attacks, when launched for protest
purposes, be changed? Regardless of wrong or right, in today's
"must-be-seen-as-tough-on-crime" political arena, it's unlikely that related
laws or jail times would ever be curtailed. Furthermore, do we really have a
full enough understanding of exactly why people hack?

"What do we really know about hackers engaged in bad stuff? Do we have a
proper, accurate, working taxonomy of people involved in cyber-criminal
activity, cyber espionage, cyber warfare, and so on?" said Darkmarket author
Misha Glenny, speaking at this year's RSA conference. "Who are the
masterminds behind the attacks? Are they suave social engineers, are they
highly skilled hackers, or are they psychopathic characters who combine both
attacks?"

Another question concerns whether many hackers might also have Asperger's
syndrome, a form of autism characterized by having difficulties with social
interaction, and often also an affinity for obsessive or repetitive routines.
Kirwan says a connection between hacking and Asperger's has been noted
anecdotally because "it's a facet of some of the most publicized cases." For
example, both the lawyers for NASA hacker Gary McKinnon and accused LulzSec
member Ryan Cleary have said their clients have the disorder.

The Asperger's theory would handily explain why many kids hack, as well as
why they're so good at it. "People who have Asperger's syndrome are less
likely to find full-time employment or to settle down with a family," says
Kirwan. "Another trait for people with Asperger's is they will find out
everything they know about something they like." But she cautions against
trying to reduce the cause of hacking to just a developmental disorder. "I
certainly don't want to do a tarring with one brush," she says.

Keeping the potential Asperger's connection in mind, if most hackers do
simply age out, could prevention programs be put in place to help deter
minors before that happens? For example, why not turn to older, more mature
ex-hackers to educate younger hackers about the risks, or to try and help
them put their talents to a legalband, given the state of the information
security job market, likely quite remunerative--use? "Putting the two
together seems like it would reduce the crime, but the next step is to test
that and see if that's what really happens," says Kirwan.

Unfortunately--at least where Kirwan's hacking studies are concerned--hacking
interviews and research conducted for her Ph.D. have given way to the
responsibilities of a full teaching load. "It would be fantastic if I could
buy out a bunch of my time and work on a project like this," she says. "But
we'd need the funding to do that, and at the moment, that funding doesn't
seem to be around."

So here's to a show of hands from businesses and government agencies that
don't want to get taken down by hacktivists: Rather than locking up hackers
after the fact, who wants to fund better hacking research and practical
hacking-prevention campaigns?

Black Hat USA Las Vegas, the premiere conference on information security,
features four days of deep technical training followed by two days of
presentations from speakers discussing their latest research around a broad
range of security topics. At Caesars Palace in Las Vegas, July 21-26.
Register today.




From hindquartersv83 at rolcim.com  Wed Jul 18 00:50:32 2012
From: hindquartersv83 at rolcim.com (=?koi8-r?B?IuLl8/Ds4fTu4fEg5OXn9fP04ePp8SI=?=)
Date: Wed, 18 Jul 2012 15:50:32 +0800
Subject: =?koi8-r?B?6+/m5e3h++nu4SDi5fPw7OH0?=
Message-ID: <268071557.98354229222962@rolcim.com>

A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1014 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120718/fd61b272/attachment.txt>

From kerchiefedt24 at redqualitas.com  Wed Jul 18 03:38:03 2012
From: kerchiefedt24 at redqualitas.com (=?koi8-r?B?IuUt7cHSy8XUyc7HIg==?=)
Date: Wed, 18 Jul 2012 16:08:03 +0530
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <A957608FC0C94EBFAF622DBEA948F112@laptop782482c3>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1458 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120718/89e128d0/attachment.txt>

From great13 at rodcoworldwide.com  Wed Jul 18 04:10:28 2012
From: great13 at rodcoworldwide.com (DOOR - DOOR)
Date: Wed, 18 Jul 2012 16:10:28 +0500
Subject: =?koi8-r?B?8M/MztnKINPQxcvU0iDV08zVxyDQzyDNxdbE1c7B0s/EztnNINDF0sXX?=
	=?koi8-r?B?z9rLwc0gySDUwc3P1sXOzs/N1SDPxs/SzczFzsnA?=
Message-ID: <67D49B0A876044D39D321D1AA8A0BB50@rasheed632cea6>






Полный спектр услуг по международным перевозкам и 
таможенному оформлению.
&nbsp;Осуществляем доставку импортных грузов 
(“DOOR – DOOR”)
Примеры: 

- Одежда из 
Европы&nbsp; - от 9 евро за 
кг.
- Одежда из 
Китая – от 6 евро за кг.
- Мебель из 
Европы – от 370 евро за м. куб.
- Посуда из 
Европы – от 2 евро за кг.
- Светильники 
из Турции – от 2 евро за кг.
&nbsp;
Для просчета 
Вашего груза сообщите нам:
1.&nbsp; Наименование
2.&nbsp; Количество
3.&nbsp; Вес
4.&nbsp; Объём
5.&nbsp; Отправитель
6.&nbsp; Страна 
происхождения
7.&nbsp; Адрес место забора 
груза
8.&nbsp; Инвойсовая стоимость 
груза
&nbsp;
§&nbsp; Предварительная подготовка 
сопроводительных документов.
§&nbsp; Организация 
таможенного оформления на таможенных терминалах 
Москвы.
§&nbsp; Способствуем в осуществлении денежных 
переводов изготовителю (продавцу) 
всего за 2% 
от стоимости по инвойсу.
§&nbsp; Содействие в получении 
сертификатов.
§&nbsp; Вы можете сравнить цены, по которым сейчас идут Ваши 
грузы. 
Для просчёта в 
реальном времени обращайтесь по скайпу: tamozhimvse&nbsp; или по 
телефону&nbsp; (495) 565 34 52 
(многоканальный)
Позвоните и наши менеджеры в 
кратчайшие сроки рассчитают для Вас стоимость доставки груза и его таможенного 
оформления.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 16282 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120718/0a94301e/attachment.txt>

From noloader at gmail.com  Wed Jul 18 13:37:29 2012
From: noloader at gmail.com (Jeffrey Walton)
Date: Wed, 18 Jul 2012 16:37:29 -0400
Subject: [cryptography] Mining Your Ps and Qs: Detection of Widespread Weak
	Keys in Network Devices
Message-ID: <mailman.3592.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

More results on weak keys (it looks more comprehensive than results
from the EFFbs SSL Observatory). The authors also do a nice job on the
Linux Random Number Generator in Section 5.1.

https://factorable.net/paper.html

Abstract

RSA and DSA can fail catastrophically when used with malfunctioning
random number generators, but the extent to which these problems arise
in practice has never been comprehensively studied at Internet scale.
We perform the largest ever network survey of TLS and SSH servers and
present evidence that vulnerable keys are surprisingly widespread. We
find that 0.75% of TLS certificates share keys due to insufficient
entropy during key generation, and we suspect that another 1.70% come
from the same faulty implementations and may be susceptible to
compromise. Even more alarmingly, we are able to obtain RSA private
keys for 0.50% of TLS hosts and 0.03% of SSH hosts, because their
public keys shared nontrivial common factors due to entropy problems,
and DSA private keys for 1.03% of SSH hosts, because of insufficient
signature randomness. We cluster and investigate the vulnerable hosts,
finding that the vast majority appear to be headless or embedded
devices. In experiments with three software components commonly used
by these devices, we are able to reproduce the vulnerabilities and
identify specific software behaviors that induce them, including a
boot-time entropy hole in the Linux random number generator. Finally,
we suggest defenses and draw lessons for developers, users, and the
security community.
b&
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul 18 07:59:00 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 16:59:00 +0200
Subject: [tahoe-lafs-weekly-news] TWN 36
Message-ID: <20120718145900.GR12615@leitl.org>

----- Forwarded message from Patrick R McDonald <marlowe at antagonism.org> -----


From eugen at leitl.org  Wed Jul 18 08:05:26 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 17:05:26 +0200
Subject: Secrecy News -- 07/18/12
Message-ID: <20120718150526.GS12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From bobina at aylesford.com  Wed Jul 18 08:27:07 2012
From: bobina at aylesford.com (=?koi8-r?B?IvPUwc7J08zB1yDpz9PJxs/Xyd4i?=)
Date: Wed, 18 Jul 2012 17:27:07 +0200
Subject: =?koi8-r?B?wsXazMnNydTO2cogzcXWx8/Sz8Qh?=
Message-ID: <01cd650a$8dff2780$432ba44e@bobina>

БЕЗЛИМИТНЫЙ МЕЖГОРОД! 3000 рублей!
     
Безлимитные звонки по всей России включая звонки на мобильные.
  
Подключим за 1 день. БЕСПЛАТНЫЕ тестовые звонки!
      
Звоните сегодня - (495) 225   04...62
       




From showroomsvc049 at reflectixinc.com  Wed Jul 18 01:28:49 2012
From: showroomsvc049 at reflectixinc.com (=?koi8-r?B?IvPM1dbC2SDkz9PUwdfLySDsxcvB0tPU1yI=?=)
Date: Wed, 18 Jul 2012 17:28:49 +0900
Subject: =?koi8-r?B?+uTv8u/3+OUg7u/nIOn67vX08ukuIPfl7uHy9fM=?=
Message-ID: <0AF569CB89714FAEA054ECB92289EE7E@microsof38b8e5>








  
  
    
      ПРЕЗЕНТАЦИЯ КРАСИВЫХ НОГ. 
      ВЕНАРУС® 2012
  
    
      
        
          
            
              
              
                
                  Новинка в 
                  ассортименте Службы Доставки 
                  ЛекарствВЕНАРУС® 
                  - здоровье 
                  Ваших ног изнутри.Препарат 
                  ВЕНАРУС® для лечения 
                  варикоза:
                  -&nbsp;воздействует на причину болезни - 
                  повышает тонус венозной стенки
                  -&nbsp;устраняет 
                  отеки и чувство тяжести в ногах
                  -&nbsp;усиливает 
                  эффект от применения мазей и 
                  гелей
                  -&nbsp;на 40% 
                  дешевле импортного аналога
                  &nbsp;
                  Подробнее&gt;&gt;&gt;
                  Препарат 
                  можно заказать в Службе 
                  Доставки Лекарств&gt;&gt;&gt;:+7(495) 
                  775-20-00, 
            
        
          
            Предупреждение: 
            Препарат отпускает по рецепту врача. 
            Необходима консультация специалиста, имеются 
            противопоказания.Информация о лекарственных препаратах, 
            размещенная в данном разделе, носит описательный характер и 
            предназначена исключительно для информационных целей. Получатели не 
            должны использовать данную информацию в качестве медицинских советов 
            и рекомендаций. Выбор и назначение лекарственных препаратов, а также 
            контроль над их применением может осуществлять только врач, который 
            всегда учитывает индивидуальные особенности пациента. 
            
            
            
            В коротком 
            варианте: Беспокоят отёки и чувство тяжести в ногах? ВЕНАРУС® 
            поможет сохранить здоровье Ваших ног 
            изнутри!
      
  
    
      +7(495) 
      775-20-00
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 12005 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120718/da13a825/attachment.txt>

From eugen at leitl.org  Wed Jul 18 08:38:29 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 17:38:29 +0200
Subject: [liberationtech] Open Secure Telephony Network (OSTN)
Message-ID: <20120718153829.GZ12615@leitl.org>

----- Forwarded message from ilf <ilf at zeromail.org> -----


From financelna at rowentausa.com  Wed Jul 18 05:18:01 2012
From: financelna at rowentausa.com (=?koi8-r?B?IvvLz8zBIMHO1MnL18HSzs/HzyDExczBIg==?=)
Date: Wed, 18 Jul 2012 17:48:01 +0530
Subject: =?koi8-r?B?6/Xy8yDz8OXj6eHs6fP04SDh7vTp6/fh8u7v5+8g6SDh9evj6e/u7u/n?=
	=?koi8-r?B?7yDk5ezh?=
Message-ID: <C008DEC9A1D84C1C9F4C4410CE4282A0@pc8>

ЕСЛИ ВАМ НЕБЕЗРАЗЛИЧНО ИСКУССТВО…

…Школа антикварного дела приглашает Вас на экскурсии для взрослых и детей: 

в галереи и салоны, 
на выставки и антикварные магазины,
в музеи и центры искусства. 

Государственная Третьяковская Галерея, музеи Кремля, ГМИИ им. Пушкина и многое-многое другое!

Центр Москвы.
Тел.: +7 (495) 650-12-62;  +7 (985) 999-11-45.
www.школа-антиквар.рф




From edrigram at edri.org  Wed Jul 18 10:01:39 2012
From: edrigram at edri.org (EDRi-gram)
Date: Wed, 18 Jul 2012 20:01:39 +0300
Subject: EDRi-gram newsletter - Number 10.14, 18 July 2012
Message-ID: <mailman.3593.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

=======================================================================

EDRi-gram

biweekly newsletter about digital civil rights in Europe

Number 10.14, 18 July 2012

=======================================================================
Contents
=======================================================================

1. Is CETA introducing ACTA through the back door?
2. Russian bill creates blacklist of websites
3. EP: Surprises in the online distribution of audiovisual works' report
4. French Supreme Court: important rulings for intermediary liability
5. German Federal Supreme Court rules in the RapidShare case
6. EC suggests changes of the music rights management system
7. Ireland: E-voting machines go to scrap after proving unreliable
8. Banking blockade on Wikileaks broken by the Icelandic court
9. EP and EDPS hit back against lawless bchild protectionb measures
10. Recommended Action
11. Recommended Reading
12. Agenda
13. About

=======================================================================
1. Is CETA introducing ACTA through the back door?
=======================================================================

The European Parliament rejected ACTA with a large majority on 4 July
2012, but just one week later the EU is accused of pushing back the
rejected agreement through the back door, that is, through CETA, the
EUbCanada trade agreement that includes measures similar to ACTA.

The negotiations between EU and Canada on the bilateral trade agreement
CETA started in November 2009 and will probably be ended by the end of
this year. Just like ACTA, the trade deal has been drafted in secret but
leaked documents, dated February 2012, have shown parts of ACTA being
introduced in this new agreement. CETA will also require the approval of
the European Parliament to enter into force.

bCETA must be cancelled altogether (or its repressive ACTA parts must be
scrapped), or face the same fate as ACTA in the Parliamentb, stated La
Quadrature du Net.

MEP Nigel Farage drew the attention over the similarities between ACTA
and CETA: "If the commission has a glimmer of respect for the voice of
the people it would change CETA as soon as possible and stop trying to
bring ACTA into legislative life by stealth. ACTA is like a Frankenstein
which has been bolted together and keeps on moving. It is dangerous and
must be brought to an end immediately," said Farage.

Internet activists have already warned over the possibility that ACTA
may appear in several draft agreements in order to get through somehow.

bTo put back the same provisions in a much larger trade agreement will
make it more difficult to reject. If CETA is successful, then one would
think that the European commission would come back and say 'well, you
just passed that, so you cannot object to ACTA'," said Michael Geist,
law professor at the University of Ottawa, who uncovered the leaked
documents showing that the proposals from ACTA had been included in CETA.

The chapter on intellectual property rights is almost identical to ACTA
in several instances, including rules on enforcement of intellectual
property rights, damages, injunctions, border enforcement, preserving
evidence and criminal sanctions, while Article 23 defines all commercial
scale copyright infringement as criminal.

The Trade Commissioner's spokesman, John Clancy tried to explain on
Twitter that the leaked documents were actually a previous version of
the agreement drafted before ACTA was rejected by MEPs, and that the
agreement draft has since been changed and "no single provision departs
from EU law."

Joe McNamee from EDRi warned the Commission against using CETA to get
parts of ACTA back into place, considering that such attempts would be
"hamfisted, politically incompetent and anti-democratic."

ACTA Lives: How the EU & Canada Are Using CETA as Backdoor Mechanism To
Revive ACTA (9.07.2012)
http://www.michaelgeist.ca/content/view/6580/135/

ACTA is back, completed with investment protections (10.07.2012)
http://acta.ffii.org/?p=1622

EC Says ACTA ISP Provisions Dropped from CETA, Yet Most of ACTA Likely
Remains Intact (11.07.2012)
http://www.michaelgeist.ca/content/view/6584/125/

EU accused of trying to introduce ACTA 'through the back door' (11.07.2012)
http://www.theparliament.com/latest-news/article/newsarticle/eu-accused-of-trying-to-introduce-acta-through-the-back-door/

Commission set for fresh collision course over ACTA copy-cat clauses
(12.07.2012)
http://euobserver.com/19/116944

EDRi-member Digitale Gesellschaft - Flyer on CETA (only in German,
17.07.2012)
http://digitalegesellschaft.de/2012/07/nach-acta-kommt-ceta/

=======================================================================
2. Russian bill creates blacklist of websites
=======================================================================

At the beginning of July 2012, Duma, the lower house of the Russian
Parliament, approved in third reading a draft law titled bOn the
Protection of Children From Information Harmful to Their Health and
Developmentb, allowing the Russian authorities to create a blacklist
with websites deemed to contain bpornography or extremist ideas, or
promoting suicide or use of drugs.b

The draft law that is meant to amend the present Law of Information
raises concerns of filtering and censorship. The owner of a website
included directly on the blacklist, without any referring to a court,
has to be notified by the hosting provider in 24h and has to delete the
data considered offending. Failing to comply, the site must be shut down
or deleted by the hosting provider who, in case of non-compliance, may,
himself, face cutting off entirely. Those included on the list may
appeal to the court in a three-month period.

bWe suspect that the implementation of this blacklist will open the way
to abusive filtering and blocking of online content, with the aim of
censoring the Russian opposition and government critics,b stated
Reporters Without Borders.

The bill originates from the bLeague for a Safe Internetb, an
initiative meant to limit the registry to URLs (excluding DNS filtering
and IP blocking), and give a non-governmental organization the authority
to manage the list, in order to avoid bexcessive state controlb as was
explained by the League's director, Denis Davydov. The Duma decided
however to expand the registry's reach and the newly created federal
body Roskomnadzor (the Federal Supervision Agency for Information
Technologies and Communications) will probably be in charge of the matter.

The new draft law, compared with Chinabs bGreat Firewallb, raises
concerns also due to the vagueness of its text especially regarding the
Roskomnadzor that would select the targeted sites. The draft also fails
to give a precise definition of bharmfulb content and does not clearly
articulate precise reasons for a site to be added to the blacklist,
which may obviously lead to over-blocking and abuses.

The bill specifies what kind of content can lead to introducing a
website on the blacklist without court decision: bb&child pornography,
as well as information containing propaganda about the use of narcotics,
psychotropic drugs, and their precursors, and information compelling
children to commit acts that threaten their lives and/or health,
including self-harm and suicideb&b Journalist Andrei Babitskii argues
that binformation compelling children to commit acts that threaten their
livesb is an intentionally vague expression that may lead to the
inclusion on the list of websites related to any dangerous recreational
activities, such as extreme sports.

The bill also specifies, in a very vague and imprecise manner, what
content needs a court oversight: bOther information not legally
disseminated in the Russian Federation on the basis of a court decision
recognizing the illegality of the disseminated information.b

The Presidential Council on Human Rights made a statement on 3 July
giving five precise reasons to reject the bill: the fact that the
inclusion of whole domains on the registry (and not only URLs to the
deemed illegal materials) may include law-abiding websites, that the
bill imposes what is effectively bcollective punishmentb against
web-operators and providers, that the filtering will slow down the
entire RuNet and damage e-commerce and online innovation; that the
expanded monitoring will affect individual privacy and that very high
costs will be triggered for the acquisition of the blocking and
filtration equipment necessary to enforce the law's requirements.

In response to the Presidential Council on Human Rights concerns,
Davydov offered a hypocritical explanation: bb&if every parent is
independently entitled to set limits on Internet access for their own
children to protect them from harmful content, then the government, out
of concern for its citizens, is entitled and indeed must restrict
(access to) illegal contentb&b

A coalition of independent Russian journalists has launched an online
petition for the withdrawal of this bill. Also, in protest against the
draft law, Wikipediabs Russian-language site (ru.wikipedia.org)
suspended its operations on 10 July. A bar appeared across Wikipedia
logo on the home page and the words: bImagine a world without free
knowledge.b

The bill is now to pass through the upper house and ratified by
President Vladimir Putin before coming into effect.

If anything, current discussions being led by the European Commission
are even less transparent. In the absence of a legal basis - in the
absence of the European Commission even having an agreed policy on the
subject - a "self-regulation" dialogue to "make the Internet a safer
Internet for kids" is being run by the Commission including proposals
for upload filters, download filters and little or no attempt to explain
how these restrictions are considered to be in line with the European
Charter and European Convention on Human Rights. Given this approach
from the EU, it is unsurprising that Russia has chosen child protection
as a tool for the introduction of Internet repression.

Freedom of information threatened by website blacklisting and
recriminalization of defamation (13.07.2012)
http://en.rsf.org/russia-freedom-of-information-threatened-13-07-2012,43019.html

Russia: A Great Firewall to Censor the RuNet? (10.07.2012)
http://globalvoicesonline.org/2012/07/10/russia-a-great-firewall-to-censor-the-runet/

EDRi-gram: The rise of the European upload filter (20.06.2012)
http://www.edri.org/edrigram/number10.12/the-rise-of-the-european-upload-filter

=======================================================================
3. EP: Surprises in the online distribution of audiovisual works' report
=======================================================================

On 10 July 2012, the Culture and Education (CULT) Committee in the
European Parliament (EP) voted on the own initiative report of
Jean-Marie Cavada (EPP, France) on the online distribution of
audiovisual content. The own initiative report follows the Green Paper
from the European Commission dated 13 July 2011 and the public
consultation that closed in November 2011 (for which the result is not
yet available).

Mr Cavadabs draft report contained a paragraph calling for consideration
of bhow to block access to pay platforms offering unauthorised
services.b This provision was removed by Mr Cavada as a result of
widespread opposition.  This removal is welcome as the Committee has
consistently rejected blocking a way of combating the dissemination of
platforms offering unauthorised services.

As good news never comes without bad news (or at least not as often as
we would wish for...), the report contained a very surprising paragraph
on the liability of network operators. The additional paragraph
(amendment 147) that was voted, was proposed by the Mr. Cavada. It
bcalls on the Commission to consider ways (...) reverse the current
trend of removing responsibility from these operators regarding consumer
protection, implementation of intellectual property and ensuring
Internet privacyb.  The adoption of this text is surprising for at least
three reasons.

Firstly, it is factually not true that there is a trend that diminishes
the responsibility of network operators. The rules concerning the
responsibility and liability of Internet Service Providers (ISPs) are
provided by the e-Commerce Directive in Articles 12 to 15 and have been
in place since 2001. The only discernible trend has been in the opposite
direction, as courts in some EU Member States have been making rulings
that have narrowly interpreted ISP liability provisions

Secondly, the risk is really high that this provision could be
understood as promoting privatised censorship in exactly the way that
was suggested by ACTA., As liability increases, it is logical that ISPs
will be willing to avoid legal problems by bvoluntarilyb enforcing
copyright legislation outside the rule of law. This will lead to
privatised enforcement at the detriment of fundamental rights such as
freedom of expression, the right to privacy but also the freedom to
conduct business.

Finally, the role of the whole initiative was to encourage the
development of new legal offers and to improve the access to content for
users b it is a symptom of a broader problem that, even when the policy
is so positive, the reflex is to fall back on repressive measures as the
only solution.

During the discussions of this dossier in Parliament, the online
distribution of audiovisual worksb report has raised lots of attention
and the number of amendments proposed for an own-initiative report shows
that the subject creates a huge amount of controversy. The attention
brought on the report need to be looked at in the larger debate on
copyright.

The final version of the Report is not available yet.

Amendment 147 in the Report
http://www.europarl.europa.eu/RegData/commissions/cult/amendments/2012/487679/CULT_AM(2012)487679_EN.pdf

Directive on electronic commerce 2000/31/EC
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32000L0031:EN:HTML

(Contribution by Marie Humeau - EDRi)

=======================================================================
4. French Supreme Court: Important rulings for intermediary liability
=======================================================================

On 12 July 2012 the French Supreme Court (Cour de Cassation) issued four
important and somewhat contradictory rulings regarding the role of
online service providers in policing online copyright infringements.

In the first case, SNEP vs. Google France, the Court's decision could
lead the search engine to censor its autocomplete feature which
automatically suggests commonly-used terms associated with the queries
submitted by users. The French phonographic industry lobby (SNEP) had
sued Google for providing the suggestions bTorrentb, bMegaupload" and
bRapidshareb when users typed the names of artists or music bands in the
Google search bar.

Both the Court of First Instance and the Appellate Court had rejected
SNEP's demands that Google stop suggesting the names of these online
services. They insisted that the latter were not illegal in
themselves, even though they could be used to infringe copyright. As a
consequence, they claimed that SNEP's rights were not affected by
Google's service, and that the company could not be held liable for such
bpotentially infringing usesb, nor be forced to censor its automatic
suggestions.

But the Supreme Court overturned these rulings, rejecting the lower
courts' legal reasoning. The judges held that Google's autocomplete
feature actually bprovided the means to infringe copyright and related
rightsb, and that the measures required by SNEP, while not being totally
effective, could in fact bprevent or terminate such infringementsb. The
case is now referred back to a lower court to be judged once again.

Interestingly, this ruling comes six months after Google decided to
voluntarily remove "Rapidshare", "uTorrent" and "MegaUpload" from its
Google Suggest service. However, according to the SNEP's executive
director, David El Sayegh, Google must do more in the fight against
file-sharing. bThis ruling demonstrates that search engines must
participate in the regulation of the Internetb, said El Sayegh. As a
result of this decision, Google will be under increased pressure to come
to a settlement with rights-holders organisations.

In three other separate but similar rulings, the Supreme Court upheld
the rights of Internet users and service providers against the
right-holders' claims. The Court's decisions in these cases mark the end
of bnotice and staydownb injunctions in France, which were becoming
increasingly popular in Court rooms. In all three cases, the appeal
court had ruled that Google did not adopt adequate measures to prevent
the re-indexation of videos or images that rights-holders had previously
notified as infringing and which Google had then promptly removed. Such
rulings would have eventually forced Google to monitor its users'
activities and filter-out uploaded content, so as to prevent any of its
users from publishing content that has already been notified and
taken-down (hence the term bnotice and staydownb, as opposed to the
traditional bnotice and takedownb regime).

Through its decision, the Supreme Court rejected the notion that online
service providers are under the obligation to prevent any future
infringements. According to the Court, the three appellate rulings
violated EU and French law by imposing ba general obligation to monitorb
the content that Google stores, as well as to actively bseek illicit
uploadsb. These decisions would have led Google to implement a bblocking
mechanism with no limitation in timeb, which would be bdisproportionate
to the pursued aimb, the Court said. Whereas the EU Court of Justice
recently rejected blocking measures based on five cumulative criteria in
the Netlog vs. SABAM case, the French Court deems that the bno
limitation is timeb criterion is enough to qualify blocking measures as
disproportionate.

These rulings against bnotice-and-staydownb will bring clarity to the
ongoing debate on the future of the EU e-commerce directive and the
dangers of blocking measures. However, when considered together with the
decision on Google's autocomplete feature, this mounting case law will
unfortunately encourage rights-holders to keep on pushing for closer
bcooperationb of online service providers in copyright enforcement,
thereby leading to privatised censorship schemes.

French Supreme Court decision - SNEP vs. Google France
(only in French, 12.07.2012)
http://www.courdecassation.fr/jurisprudence_2/premiere_chambre_civile_568/832_12_23884.html

French Supreme Court decisions - Bac Films vs. Google France and Inc (1
& 2) (only in French, 12.07.2012)
http://www.dalloz-actualite.fr/document/civ-1re-12-juill-2012-fs-pbi-n-11-13666
http://www.courdecassation.fr/jurisprudence_2/premiere_chambre_civile_568/831_12_23883.html

French Supreme Court - AndrC) Rau vs. Google & AuFeminin.com (only in
French, 12.07.2012)
http://www.dalloz-actualite.fr/document/civ-1re-12-juill-2012-fs-pbi-n-11-15165

France: Google may have to censor for piracy after all (16.07.2012)
http://gigaom.com/europe/france-google-may-have-to-censor-for-piracy-after-all/

Music: Google's suggestions (once again) in front of the judges (only
in French, 13.07.2012)
http://www.ecrans.fr/Google-et-l-industrie-musicale-de,15038.html

The Supreme Court opposes content blocking by hosting companies
(in French only, 18.07.2012)
http://www.dalloz-actualite.fr/essentiel/cour-de-cassation-fait-obstruction-au-blocage-de-contenus-par-hebergeurs

(contribution by FC)lix TrC)guer - EDRi-observer La Quadrature du Net)

=======================================================================
5. German Federal Supreme Court rules in the RapidShare case
=======================================================================

A file-hosting site could be partially liable for the content uploaded
by others in Germany. In a case brought to court by video games company
Atari which accused file-sharing site RapidShare of unlawfully providing
access to one of its games, the German Federal Supreme Court decided on
12 July 2012 in favour of the plaintiff.

Despite the fact that, when notified, RapidShare deleted the files in
question, Atari was not satisfied and required the inclusion of a filter
and other measures to prevent illegal uploading of copyrighted material.
The first ruling of the District Court was also in favour of the
plaintiff but the Higher Regional Court of DC<sseldorf dismissed the
action at the appeal, considering that RapidShare had already taken
enough measures against copyright infringement and accepting the
argument that it was impossible to check all files loaded on the site.

But Atari went further on and appealed to the German Federal Supreme
Court (Bundesgerichtshof - BGH), which has now ruled that file-hosting
services can be held liable for secondary copyright infringements under
certain conditions. BGH said that file-hosters did not generally have to
monitor uploads from their users, but that they might have to take
measures once they have been notified of a specific infringement issue.

In this case, RapidShare had to take all btechnically and economically
reasonable precautionsb to prevent the uploading of Ataribs game.
RapidShare will also have to browse its entire file collection to detect
and delete pirated content, and to monitor a bmanageable numberb of
third-party sites that offer link collections of content available on
RapidShare to check out whether they are not indexing a copy of Atari
game and if so, to delete it from its servers. Failing to carry out
these provisions, the service provider would be liable for damages.

The BGH however included a clause that anti-piracy measures had to be
within reasonable limits. The case is now back to the Higher Regional
Court in DC<sseldorf which has to decide what constitutes "reasonable
limits".

RapidShare stated it had already bdeveloped a crawling technology that
is constantly watching Internet forums, message boards and warez blogs
for information about copyright infringement taking place on our system.b

RapidShare attorney Daniel Raimer said for TorrentFreak: bWebre doing
more than any provider in the industry to police our site and
third-party sites to ensure that legitimate intellectual property rights
are protected and that wrongdoers are denied access to our services.
Yesterdaybs decision was a temporary setback. We remain confident that
the Higher Regional Court DC<sseldorf will ultimately rule in our favour
as it has in the past.b

Press release of the court (only in German, 12.07.2012)
http://juris.bundesgerichtshof.de/cgi-bin/rechtsprechung/document.py?Gericht=bgh&Art=pm&Datum=2012&Sort=3&nr=60931&pos=0&anz=113

Supreme Court: RapidShare Liable For Copyright Infringement b Sometimes
(14.07.2012)
http://torrentfreak.com/supreme-court-rapidshare-liable-for-copyright-infringement-sometimes-120714/

File-hosting firms 'responsible for pirated content', German court rules
(16.07.2012)
http://www.zdnet.com/file-hosting-firms-responsible-for-pirated-content-german-court-rules-7000000950/

German Federal Supreme Court on file hoster responsibility for third
party content b bRapidshareb (13.07.2012)
http://germanitlaw.com/?p=683

EDRi-gram: RapidShare wins another alleged copyright infringement case
(12.01.2011)
http://www.edri.org/edrigram/number9.1/rapidshare-infringement-germany-case

=======================================================================
6. EC suggests changes of the music rights management system
=======================================================================

The European Commission (EC) published a draft EU Directive on 11 July
2012 showing the intention to introduce a system of collective rights
management to be used for the distribution of music online in the
single market.

In the ECbs opinion, the collecting societies can issue a licence for
the Internet use of a songwriter or composer's work, but some only do so
for one country. Further more the collective societies have not adapted
to the present shift to the digital age while bmusic pirates seize the
opportunities that the online world offersb.

bI propose establishing an effective online single market for music by
establishing new, common rules for two interlinked areas b management
and online licensing across borders (.....) Firstly, I want to establish
rules of efficiency and transparency in collecting societies, so that
artists and producers will have more say, and an improved stream of
revenue,b said Single market commissioner Michael Barnier.

Another proposal in the draft Directive is to make online licensing
across borders easier for collecting societies that manage the rights of
songwriters and composers. Collecting societies have also to ensure they
are "diligent in the collection and the management of rights revenue"
and that they carry out "distribution and payments accurately, ensuring
equal treatment of all categories of rights holders."

The draft Directive says that societies have to publish yearly accounts,
pass on royalties to the copyright owners in 12 month time at the most.
They also have to give artists a role in management decisions and the
right to choose which agency represents them in a certain country.

The directive is now to be discussed by government ministers and the
European Parliament's Legal Affairs committee.

Moving the single market for online music (11.07.2012)
http://euobserver.com/7/116931

EU targets b,6-bn-a-year artists' royalties business
(11.07.2012)
http://euobserver.com/19/116940

Radiohead join attack on new EU copyright rules (12.07.2012)
http://euobserver.com/871/116961

EU aims to bring music collecting societies into line (12.07.2012)
http://www.iptegrity.com/index.php/copyright-business/782-eu-aims-to-bring-music-collecting-societies-into-line

EU proposes greater transparency and stricter governance for collecting
societies (11.07.2012)
http://www.out-law.com/en/articles/2012/july/eu-proposes-greater-transparency-and-stricter-governance-for-collecting-societies/

=======================================================================
7. Ireland: E-voting machines go to scrap after proving unreliable
=======================================================================

The e-voting machines that were bought by the Irish Government in 2002
and which were supposed to be used for all elections are now being sold
for almost nothing as scrap.

The e-voting system was given up two years after the machines have
failed to prove safe from tampering and had no possibility to have a
paper print for a double check of the results. In 2006, the Commission
on Electronic Voting, on a second report on the e-voting system,
recommended the use of the system provided additional work was done to
improve the system.

The recommendations included the addition of a voter verified audit
trail, the replacement of the election management software with a
version that is developed to mission critical standards, the
modification of the embedded software & the machine and the
rectification of the identified security vulnerabilities. As these
conditions have never been met, the Irish Government is now in the
position of ending up an embarrassing story that has brought a large
cost to the Irish citizens.

The machines that had cost 51 million Euro in 2002 are now sold for
70000 Euro the entire lot. The storage for several years also costed
some additional 3.2 million Euro for their storage. "I am glad to bring
this sorry episode to a conclusion on behalf of the taxpayer. From the
outset, this project was ill-conceived and poorly planned by my
predecessors and as a result it has cost the taxpayer some b,55m,b said
Environment Minister Phil Hogan.

b,54m voting machines scrapped for b,9 each (29.06.2012)
http://www.independent.ie/national-news/54m-voting-machines-scrapped-for-9-each-3153437.html

Electronic voting in Ireland
http://evoting.cs.may.ie/

EDRi-gram: Critical report on Irish e-voting system released (12.07.2006)
http://edri.org/edrigram/number4.14/evotingireland

=======================================================================
8. Banking blockade on Wikileaks broken by the Icelandic court
=======================================================================

An Icelandic court has made a step towards unblocking funds towards
WikiLeaks by recently ruling that Valitor, the local agent for Visa,
broke the contract when it stopped accepting donations for the website a
year ago.

The ban was the result of a blocking campaign started in December 2010
against WikiLeaks through Visa, Mastercard, Western Union, Bank of
America and PayPal following the US State Department cable leaks in
2010, revealing U.S. war crimes and statecraft. According to the
company, the blocking has led to a 95% decrease in its revenue.

bIf this financial attack stands unchallenged, a dangerous, oppressive
and undemocratic precedent will have been set, the implications of which
go far beyond WikiLeaks and its work. Any organization that falls foul
of powerful finance companies or their political allies can expect
similar extrajudicial action. Greenpeace, Amnesty International, and
other international NGOs that work to expose the wrongdoing of powerful
players risk the same fate as WikiLeaks,b is WikiLeaksb statement.

The blockade against WikiLeaks has also been criticized by the UN High
Commissioner for Human Rights as well as by the UN Special Rapporteur on
the Promotion and Protection of the Right to Freedom of Opinion and
Expression and the Inter-American Commission on Human Rights Special
Rapporteur for Freedom of Expression.

WikiLeaks has initiated legal actions against the financial entities,
using all its remaining financial resources to fight them in court.
Also, in July 2011, a preliminary investigation of the blockade was
started by the European Commission.

"Economic censorship is censorship. It is wrong. When it's done outside
of the rule of law it's doubly wrong. One by one those involved in the
attempted censorship of WikiLeaks will find themselves on the wrong side
of history," stated WikiLeaks founder Julian Assange.

According to the decision, Valitor has 14 days to restart processing the
payments to WikiLeaks. Failing to do so will bring forth about 5 000
Euro/day in fines. Valitor will probably appeal the decision.

WikiLeaks has placed an anti-trust complaint at the European Commission
and a Commission decision on whether to pursue the financial services
companies involved in the blockade is expected before this Autumn.

WikiWin: Icelandic court orders Visa to process WikiLeaks $$$ -
Financial ban lifted in Assange victory (13.07.2012)
http://www.theregister.co.uk/2012/07/13/wikileaks_visa_victory/

Wikeleaks Press Release: Victory in the first court case in the fight
against the imfamous Wikileaks banking blockade. (12.07.2012)
http://www.twitlonger.com/show/I9T68S

Wikileaks page on Banking Blockade
http://wikileaks.org/Banking-Blockade

EDRi-gram: Rule of law in the hands of private companies.Wikileaks is
just the start (15.12.2010)
http://www.edri.org/edrigram/number8.24/wikileaks-rule-of-law-private-companies

=======================================================================
9. ENDitorial: EP and EDPS hit back against lawless bchild protectionb
measures
=======================================================================

In the EDRi-gram 10.12, we reported on projects of the European
Commission to coerce industry into the introduction of bvoluntaryb
upload filters. Following the Scarlet/Sabam case in the European Court
of Justice, such filtering would constitute a restriction on fundamental
rights and, if proportionate, would need a legal basis in order to be in
compliance with the European Charter of Fundamental Rights and the
European Convention on Human Rights.

Now, thankfully, the European Commission's apparent willingness to
simply ignore legal safeguards appears to be running up against
increasing opposition. The Civil Liberties Committee of the European
Parliament last week adopted its Opinion on bProtecting Children in the
Digital World.b Within the context of that Opinion, a compromise text
was adopted with the support of all political groups. Referring to
actions by industry, parliamentarians stressed that bany such measures
should fully respect the rule of law and legal certainty, take into
account the rights of end users and comply with existing legal and
judicial procedures and the European Convention for the Protection of
Human Rights and Fundamental Freedoms and the Charter of Fundamental
Rights of the European Union.b

The European Data Protection Supervisor has also this week issued an
opinion on the same initiative. Taking a similar line to the Civil
Liberties Committee, the EDPS stresses the need to adequately implement
the general and the telecommunications-specific data protection
Directives as well as the Charter of Fundamental Rights of the European
Union. Interestingly, the EDPS pointedly does not only refer to measures
implemented by the European Commission but also that stresses that ball
measures to be deployed further to the Communication should be
consistent with this framework.b This statement is clearly meant to
cover bvoluntaryb measures which the Commission manages to persuade
industry to implement.

The position of the European Commission on measures adopted as a result
of projects that it either runs or finances is far from clear.
Frequently, it facilitates and directs discussions that lead to
quasi-regulatory or policing measures being introduced by industry,
without taking any political or legal ownership of them. It seems
legally, morally and practically questionable for the European
Commission to push industry to bvoluntarilyb implement legally dubious
policies, particularly when these do not reflect official Commission policy.

On 3 May 2010, the current College of Commissioners was the first one to
adopt individual and personal oaths to uphold the European Charter of
Fundamental Rights.

Commission Communication on a bBetter Internet for Childrenb (2.05.2012)
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0196:FIN:EN:PDF

EP Civil Liberties Committee Opinion
Not yet online

EDPS Opinion on the Communication from the Commission - "European
Strategy for a Better Internet for Children" (17.07.2012)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2012/12-07-17_Better_Iternet_Children_EN.pdf

Digital Agenda: Coalition of top tech & media companies to make internet
better place for our kids (1.12.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/1485&format=HTML&aged=0&language=EN&guiLanguage=en

EDRi-gram: The rise of the European upload filter (20.06.2012)
http://edri.org/edrigram/number10.12/the-rise-of-the-european-upload-filter

(Contribution by Joe McNamee - EDRi)

=======================================================================
10. Recommended Action
=======================================================================

Pledge for supporting EDRi (only in German)
Deadline: 30 September 2012
http://www.pledgebank.com/support-edri

=======================================================================
11. Recommended Reading
=======================================================================

Article 29 Working Party opinion on cloud computing (1.07.2012)
http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp196_en.pdf

Bee stings killed as many in UK as terrorists, says watchdog (28.06.2012)
http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/9359763/Bee-stings-killed-as-many-in-UK-as-terrorists-says-watchdog.html

=======================================================================
12. Agenda
=======================================================================

25-26 August 2012, Bonn, Germany
Free and Open Source software conference (FrOSCon)
http://www.froscon.de/en/program/call-for-papers/

6-7 September 2012, Cluj-Napoca, Romania
CONSENT policy conference:
Perceptions, Privacy and Permissions: the role of consent in on-line
services
http://conference.ubbcluj.ro/consent/

8-9 September 2012, Vienna, Austria
Daten, Netz & Politik 2012
Call for Contributions Deadline: 22 July 2012
https://dnp12.unwatched.org/

12-14 September 2012, Louvain-la-Neuve, Belgium
Building Institutions for Sustainable Scientific, Cultural and Genetic
Resources Commons.
http://biogov.uclouvain.be/iasc/index.php

14-17 September 2012, Brussels, Belgium
Freedom not Fear 2012
http://www.freedomnotfear.org/
http://www.freedom-not-fear.eu

7-10 October 2012, Amsterdam, Netherlands
2012 Amsterdam Privacy Conference
http://www.apc2012.org/

25-28 October 2012, Barcelona, Spain
Free Culture Forum 2012
http://fcforum.net/

6-9 November 2012, Baku, Azerbaijan
Seventh Annual IGF Meeting: "Internet Governance for Sustainable Human,
Economic and Social Development"
http://www.intgovforum.org/cms/

9-11 November 2012, Fulda, Germany
Digitalisierte Gesellschaft - Wege und Irrwege
FIfF Annual Conference in cooperation with Fuldaer Informatik Kollquium
http://www.fiff.de/2012

============================================================
13. About
============================================================

EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 32 members based or with offices in 20 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge
and awareness through the EDRi-grams.

All contributions, suggestions for content, corrections or agenda-tips
are most welcome. Errors are corrected as soon as possible and are
visible on the EDRi website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in
the EU. If you wish to help us promote digital rights, please consider
making a private donation.
http://www.edri.org/about/sponsoring
http://flattr.com/thing/417077/edri-on-Flattr

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay.
Translations are provided by Metamorphosis
http://www.metamorphosis.org.mk/mk/vesti/edri

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are
provided by Andreas Krisch from the EDRI-member VIBE!AT - Austrian
Association for Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing
or unsubscribing.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul 18 11:15:34 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 20:15:34 +0200
Subject: EDRi-gram newsletter - Number 10.14, 18 July 2012
Message-ID: <20120718181534.GF12615@leitl.org>

----- Forwarded message from EDRi-gram <edrigram at edri.org> -----


From measl at mfn.org  Wed Jul 18 19:30:38 2012
From: measl at mfn.org (J.A. Terranson)
Date: Wed, 18 Jul 2012 21:30:38 -0500 (CDT)
Subject: News Blog: CJIS Executive Briefs Congress on Next Generation 
  Identification Initiative (fwd)
Message-ID: <Pine.LNX.4.64.1207182129560.29397@mx1.mfn.org>

Depressing reading...


---------- Forwarded message ----------
Date: Wed, 18 Jul 2012 21:28:15 -0000
From: FBI <fbi at subscriptions.fbi.gov>
Reply-To: delivery at ic.fbi.gov
To: sysadmin at mfn.org
Subject: News Blog: CJIS Executive Briefs Congress on Next Generation
    Identification Initiative

News Blog has been updated. You can access it at http://www.fbi.gov/news/news_blog/blog-collection/rss.xml

CJIS Executive Briefs Congress on Next Generation Identification Initiative

July 18, 2012

Jerome Pender, deputy assistant director of our Criminal Justice 
Information Services Division, updated members of the Senate Judiciary 
Committeebs Subcommittee on Privacy, Technology, and the Law on the 
status of the Bureaubs Next Generation Identification (NGI) program.




From disgruntlingg49 at rosewoodchurch.com  Wed Jul 18 22:33:13 2012
From: disgruntlingg49 at rosewoodchurch.com (=?koi8-r?B?IvPl8vTp5unr4fQi?=)
Date: Wed, 18 Jul 2012 21:33:13 -0800
Subject: =?koi8-r?B?79DMwdTBINDP08zFINDPzNXexc7J0SDz5fL06ebp6+H04Q==?=
Message-ID: <F05F0D3BD800454ABEF95757B153031D@ptcl8471831776>

Все виды сертификации

АКЦИЯ Оплата после получения СЕРТИФИКАТА

Только у нас СЕРТИФИКАТ СООТВЕТСТВИЯ (ГОСТ Р)  ЗА 1 ДЕНЬ!!!

(495) 227 94 43
www.сертификация-быстро.рф




From eugen at leitl.org  Wed Jul 18 13:44:33 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 22:44:33 +0200
Subject: [cryptography] Mining Your Ps and Qs: Detection of Widespread
  Weak 	Keys in Network Devices
Message-ID: <20120718204433.GK12615@leitl.org>

----- Forwarded message from Jeffrey Walton <noloader at gmail.com> -----


From eugen at leitl.org  Wed Jul 18 13:45:33 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 18 Jul 2012 22:45:33 +0200
Subject: [WIKILEAKS] Use the New WikiLeaks Donation Gateway to Donate
  with 	Visa whilst You Can
Message-ID: <20120718204533.GL12615@leitl.org>

----- Forwarded message from Wikileaks Press Office <press-office at wikileaks.org> -----


From bpearlstonegroupe at pearlstonegroup.com  Wed Jul 18 11:48:43 2012
From: bpearlstonegroupe at pearlstonegroup.com (=?koi8-r?B?Iu7JzsEi?=)
Date: Wed, 18 Jul 2012 22:48:43 +0400
Subject: =?koi8-r?B?xMXbxdfB0SDNxdbE1cfP0s/EzsHRINPX0drYIQ==?=
Message-ID: <01cd6537$7b4f1780$3799a351@bpearlstonegroupe>

БЕЗЛИМИТНЫЙ МЕЖГОРОД! 3000 рублей!
   
Безлимитные звонки по всей России включая звонки на мобильные.
  
Подключим за 1 день. БЕСПЛАТНЫЕ тестовые звонки!
        
Звоните сегодня - (495) 225  04__62
     




From booking at balthasar.ch  Wed Jul 18 08:01:01 2012
From: booking at balthasar.ch (=?koi8-r?B?IvTBzcHSwSDiz9LJ08/XzsEi?=)
Date: Thu, 19 Jul 2012 00:01:01 +0900
Subject: =?koi8-r?B?xMXbxdfZyiDNxdbHz9LPxA==?=
Message-ID: <01cd6541$94f55c80$aa2dc677@booking>

БЕЗЛИМИТНЫЙ МЕЖГОРОД! 3000 рублей!
     
Безлимитные звонки по всей России включая звонки на мобильные.
      
Подключим за 1 день. БЕСПЛАТНЫЕ тестовые звонки!
        
Звоните сегодня - (495) 225.04   62
     




From billing at acaiberries.com.jfet.org  Wed Jul 18 10:34:09 2012
From: billing at acaiberries.com.jfet.org (=?koi8-r?B?IvfTxdfPzM/EIPPB1NTP0s/Xyd4i?=)
Date: Thu, 19 Jul 2012 01:34:09 +0800
Subject: =?koi8-r?B?wsXazMnNydTOwdEgzcXWxNXHz9LPxM7B0SDT19Ha2A==?=
Message-ID: <01cd654e$97aa7e80$bc0be9b6@billing>

БЕЗЛИМИТНЫЙ МЕЖГОРОД! 3000 рублей!
    
Безлимитные звонки по всей России включая звонки на мобильные.
 
Подключим за 1 день. БЕСПЛАТНЫЕ тестовые звонки!
    
Звоните сегодня - (495) 225   04...62
  




From saftergood at fas.org  Thu Jul 19 07:34:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Thu, 19 Jul 2012 07:34:11 -0700
Subject: Secrecy News -- 07/19/12
Message-ID: <mailman.3594.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 71
July 19, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     PUNISHING LEAKS OF CLASSIFIED INFORMATION
**     MIDNIGHT RULEMAKING, AND MORE FROM CRS


PUNISHING LEAKS OF CLASSIFIED INFORMATION

The first new legislative initiative to combat leaks of classified
information is a bill called the Deterring Public Disclosure of Covert
Actions Act of 2012, which was introduced July 10 by Sen. Richard Burr
(R-NC).

	http://www.fas.org/irp/congress/2012_cr/s3367.html

"This act will ensure that those who disclose or talk about covert actions
by the United States will no longer be eligible for Federal Government
security clearance. It is novel. It is very simple. If you talk about
covert actions you will have your clearance revoked and you will never get
another one," Sen. Burr said.

As justification for the measure, he cited "a series of articles published
in the media that have described and in some cases provided extensive
details about highly classified unilateral and joint intelligence
operations, including covert actions."

But this assumes certain facts that are not in evidence.  As Walter Pincus
wrote in the Washington Post today, there are numerous official and
unofficial sources of information about the Stuxnet covert action story,
for example, including private sector companies and foreign sources that do
not hold security clearances.  From that point of view, the Burr bill does
not seem well-suited to achieve its intended purpose.

But the most peculiar thing about the new legislation is that it appears
to validate the spurious notion of an "authorized leak."

Thus, the text of the bill would revoke the security clearance of persons
who publicly disclose or discuss classified details of covert actions --
unless they have "prior authorization from an original classification
authority."

This seems to mean that classified information about covert actions need
not be specifically declassified in order to be publicly released, but only
that its disclosure must be "authorized."

The question of imposing criminal penalties for disclosure of classified
information to the press was discussed lately by Morton H. Halperin, who
has been involved as a consultant or an expert witness for the defense in
many or most of the leak prosecutions from the Ellsberg case in the 1970s
to the present.

"Starting from the premise that more information must be made public and
that the government has the right to keep some information secret in the
name of national security, we need a public and congressional dialogue
about what set of measures would be most effective in meeting these two
equally important objectives. Reducing government secrecy must be a key
component of any such measures," he wrote in "Leaks and the Public Right to
Know," Huffington Post, July 16:

	http://www.huffingtonpost.com/morton-h-halperin/


MIDNIGHT RULEMAKING, AND MORE FROM CRS

New and updated reports from the Congressional Research Service that
Congress has declined to make publicly available online include these.

Midnight Rulemaking, July 18, 2012:

	http://www.fas.org/sgp/crs/misc/R42612.pdf

An Analysis of the Distribution of Wealth Across Households, 1989-2010,
July 17, 2012:

	http://www.fas.org/sgp/crs/misc/RL33433.pdf

Oil Sands and the Keystone XL Pipeline: Background and Selected
Environmental Issues, July 16, 2012:

	http://www.fas.org/sgp/crs/misc/R42611.pdf

Defense Surplus Equipment Disposal: Background Information, July 18, 2012:

	http://www.fas.org/sgp/crs/natsec/RS20549.pdf

Nigeria: Current Issues and U.S. Policy, July 18, 2012:

	http://www.fas.org/sgp/crs/row/RL33964.pdf

The United Arab Emirates (UAE): Issues for U.S. Policy, July 17, 2012:

	http://www.fas.org/sgp/crs/mideast/RS21852.pdf

Timor-Leste: Political Dynamics, Development, and International
Involvement, July 3, 2012:

	http://www.fas.org/sgp/crs/row/R42585.pdf


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html


_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From beckoning3 at rievent.com  Wed Jul 18 21:58:57 2012
From: beckoning3 at rievent.com (=?koi8-r?B?IvDSz8TBxdTT0SI=?=)
Date: Thu, 19 Jul 2012 10:28:57 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <A81DB934C9C74ED6AFE943991D30BFE1@DesignPC>

Продается здесь www.купи-дом-здесь.рф




From virtualadept at gmail.com  Thu Jul 19 07:42:19 2012
From: virtualadept at gmail.com (Bryce Lynch)
Date: Thu, 19 Jul 2012 10:42:19 -0400
Subject: [ZS] Fwd: [HacDC:Byzantium] Announcing the release of Byzantium Linux
	v0.2a (codename: Bath Salts)
Message-ID: <mailman.3595.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

-------- Original Message --------
Subject: [HacDC:Byzantium] Announcing the release of Byzantium Linux
v0.2a (codename: Bath Salts)
Date: Thu, 19 Jul 2012 10:29:00 -0400 (EDT)
From: Ben Mendis <dragonwisard at gmail.com>
Reply-To: byzantium at hacdc.org
To: byzantium at hacdc.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Good news everybody!

We're finially recovering from all the excitement and lack of sleep that
was HOPE. So we know this announcment is a little late, since we already
did this on stage on Saturday, but better late than never.

The whole team, as well as our very dedicated supporters, is proud to
officially announce the public release of Byzantium Linux V0.2a. You can
find the download links on our website (http://project-byzantium.org) as
well as on several popular torrent trackers. We also have a few of the
printed CDs left over (and more on the way) which are available upon
request.

We have code-named this release "Bath Salts" as a reference to the drug
which was originally reported to be responsible for several zombie-like
cannibal attacks.

Please help us distribute this release announcment far and wide. The
official text is included below.

Thank you all,
Ben the Pyrate

==

ANNOUNCING BYZANTIUM LINUX V0.2a (Bath Salts)
Approved for: GENERAL RELEASE, DISTRIBUTION UNLIMITED

Project Byzantium, a working group of HacDC (http://hacdc.org/) is proud
to announce the release of v0.2 alpha of Byzantium Linux, a live
distribution of Linux which makes it fast and easy to construct an
ad-hoc wireless mesh network which can augment or replace the current
telecommunications infrastructure in the event that it is knocked
offline (for example, due to a natural disaster) or rendered
untrustworthy (through widespread surveillance or disconnection by
hostile entities).  Byzantium Linux is designed to run on any x86
computer with at least one 802.11 a/b/g/n wireless interface.  Byzantium
can be burned to a CD- or DVD-ROM (the .iso image is around 460
megabytes in size), booted from an external hard drive, or can even be
installed in parallel with an existing operating system without risk to
the user's data and software.  Byzantium Linux will act as a node of the
mesh and will automatically connect to other mesh nodes and act as an
access point for wifi-enabled mobile devices.

THIS IS AN ALPHA RELEASE!  Do NOT expect Byzantium to be perfect.  Some
features are not ready yet, others need work.  Things are going to break
in weird ways and we need to know what those ways are so we can fix
them.  Please, for the love of LOLcats, do not deploy Byzantium in
situations where lives are at stake.

FEATURES:
- - Binary compatible with Slackware-CURRENT.  Existing Slackware
packages can be converted with a single command.
- - Can act as a gateway to the Internet if a link is available (via
Ethernet or tethered smartphone).
- - Linux kernel v3.1.8
- - Drivers for dozens of wireless chipsets
- - KDE Trinity v3.5.12
- - LXDE (2010 release of all components)
- - Mplayer
- - GCC v4.5.2
- - Perl v5.12.3
- - Python v2.6.6
- - Firefox v4.0.1
- - X.org
- - Custom web-based control panel

SYSTEM REQUIREMENTS (to use)
- - Minimum of 1GB of RAM (512MB without copy2ram boot option)
- - i586 CPU or better
- - CD- or DVD-ROM drive
- - BIOS must boot removable media
- - At least one (1) 802.11 a/b/g/n interface

SYSTEM REQUIREMENTS (for persistent changes)
- - The above requirements to use Byzantium
- - 2+GB of free space on thumbdrive or harddrive

WHAT WE NEED:
- - Developers.
- - Developers!
- - DEVELOPERS!
- - No more Bill Ballmer impersonations.
- - People running Byzantium to find bugs.
- - People reporting bugs on our Github page
(https://github.com/Byzantium/Byzantium/issues).  We can't fix what we
don't know about!
- - Patches.
- - People booting Byzantium and setting up small meshes (2-5 clients)
to tell us how well it works for you with your hardware.  We have a
hardware compatibility list on our wiki that needs to be expanded.
- - Help translating the user interface.  We especially need people
fluent in dialects of Chinese, Arabic, Farsi, and Urdu.
- - Help us write and translate documentation.

Homepage: http://project-byzantium.org/

Download sites: http://project-byzantium.org/download/

This announcement is published under a Creative Commons By Attribution /
Noncommercial / Share Alike v3.0 License.
(http://creativecommons.org/licenses/by-nc-sa/3.0/)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJQCBmsAAoJEMco5sYyM+0wOJUH/0NGiFFJq4IJn06NldGozt1S
2G05FA1G17ly23ghHGRlSY+/FZ+6P6Pze+HJQpEoV8NWnw6P6WopQ9i04CXywfp+
BYesRjF7YeVBVFydgJiZYW5vhtGFAQvvkN5eVgWXaiX5VvLN8dk1K+/nidlSYXAm
NvU1V2wcD2iU6xd+q/x0JxZVV6//slCNVZ8icGp7YlKlC4Umqk6NB/AWOwGvMryn
jB2Nizs5jnNo950j81akNNWxTGZyizm2rXoNiEJ5ngjXQgObs/noXwSI7Ujr2UyZ
og0voltU0i1b4KlKBGNxuQC2shaEsD1NLYaeU709V79GCopNFdrKlyOyOxHli1w=
=Ec0L
-----END PGP SIGNATURE-----

--
You received this message because you are subscribed to the Google
Groups "Project Byzantium (Emergency Mesh Networking)" group.
To post to this group, send email to Byzantium at hacdc.org.
To unsubscribe from this group, send email to
Byzantium+unsubscribe at hacdc.org.
For more options, visit this group at
http://groups.google.com/a/hacdc.org/group/Byzantium/?hl=en.

-- 
-- 
Zero State mailing list:
http://groups.google.com/group/DoctrineZero







----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From stigmatizesjj73 at radiocbs.com  Wed Jul 18 22:51:57 2012
From: stigmatizesjj73 at radiocbs.com (=?koi8-r?B?IuUt7cHSy8XUyc7HIg==?=)
Date: Thu, 19 Jul 2012 11:21:57 +0530
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <4CF20C4DCA93467C997E7A41544D3085@apple9>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1458 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120719/f86dc03a/attachment.txt>

From outreachi142 at rounborg.com  Thu Jul 19 02:58:07 2012
From: outreachi142 at rounborg.com (=?koi8-r?B?IvPU0sHUxc7J0SDJINDB0snUxdQgIg==?=)
Date: Thu, 19 Jul 2012 11:58:07 +0200
Subject: =?koi8-r?B?T1NCLTMg5uHu5fL5?=
Message-ID: <FFDE38E9C9204CEB8FF1C5BD1C92A85F@rida7371118021>

Оптовые и розничные поставки - САМЫЕ НИЗКИЕ ЦЕНЫ!
-      OSB-3 производства  Bolderaja (Латвия) , Arbec (Канада), Egger
(Германия) -      ФАНЕРЫ ФК березовая , ФСФ хвойная, ФОФ ламинированная
в любую точку России , склад в Москве. С уважением и надеждой на дальнейшее сотрудничество,

Отдел продаж и доставки:
(495) 772-60-94
www.стратегия-и-паритет.рф




From eugen at leitl.org  Thu Jul 19 04:22:25 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 19 Jul 2012 13:22:25 +0200
Subject: =?utf-8?B?WW914oCZdg==?= 	=?utf-8?Q?e?= got mail. ASIO wants to
  read it. All of it.
Message-ID: <20120719112225.GA12615@leitl.org>

http://www.thepunch.com.au/articles/youve-got-mail-asio-wants-to-read-it-all-of-it/#item9004


Youbve got mail. ASIO wants to read it. All of it.  

by Andrew Baker

19 Jul 06:00am

Filed under: Asio, Asis, Cyberspace, Intelligence, Internet, Security,
Terrorism

200 comments

The government wants to be your Facebook friend, follow you on Twitter, read
your emails and text messages, and know which websites you visit. It then
wants to file all that information for up to two years in case you are found
to be a terrorist, crime lord or paedophile. The government also wants your
computer passwords and might even send you to jail if you refuse. Creepy.

Time to unfriend the government.

These changes are under consideration by the Parliamentary Joint Committee on
Intelligence and Security, and if implemented, will substantially increase
the powers the intelligence community has to spy on Australians in the name
of national security. Many of the proposed changes are of dubious value and a
direct attack on the civil liberties of all Australians.

Increased powers to intercept phone calls, emails and other communications
are just the start of the governmentbs assault on basic freedoms. For
example, the attorney-general may soon have the power to modify warrants
after they have been issued, and the duration of search warrants may be
doubled from 90 days to six months.

One of the more disturbing changes is the proposed bauthorised intelligence
operations schemeb to bprovide ASIO [Australian Security Intelligence
Organisation] officers and human sources with protection from criminal and
civil liability for certain conduct in the course of authorised intelligence
operations.b So when ASIO officers (or their sources) break the law, they are
less likely to be sent to jail.

The changes will also clarify that ASIO officers can not only use breasonable
forceb to kick down your door, but also after they have kicked it down and
are ferreting through your home.

Another proposal is to give Australian Secret Intelligence Service (ASIS) the
power to provide self-defence and weapons training to people who cooperate
with ASIS. That power will come in handy when we need to arm an insurgency
overseas.

National security has also become the latest excuse for government to impose
more red tape on private businesses, and these changes do not disappoint.

One proposal is a new requirement for the telecommunications sector to
commercial in-confidence information about significant business and
procurement decisions, and about the design of communications networks.

Telecommunications providers would also be obligated to protect their
networks from bunauthorised interference,b and if they fail, government will
be able to invoke its proposed new powers to bmitigate and remediate security
risks with the costs to be borne by providers.b

Businesses will also be required to keep your data for up to two years at
their own cost. Many telecommunications companies delete the data to save
money and lower costs because storing large amounts of data can be expensive.
If they are required to keep the data, expect your phone bills to increase.

Some of these changes will be backed up with the threat of criminal
prosecution for disobedience. People could go to jail for refusing to hand
over passwords, not assisting in the decryption of communications, or failing
to provide commercial in-confidence information to the government.

While the government will make the usual assurances about maintaining your
privacy, the lure of accessing personal details is often too tempting for
some public servants (and thatbs what intelligence officers are).

Over the past few years, hundreds of Centrelink employees have been caught
accessing client information without authorisation, and have been sacked,
forced to resign, demoted or fined for snooping through the personal
information of their fellow Australians. And these are just the instances we
know about.

The scary thing is that our intelligence agencies are not subject to the same
level of probity or public accountability as Centrelink.

We can never be certain that justice will be served as long as intelligence
officers break the very same laws that are supposed to protect our privacy.
This, of course, assumes the officers are caught in the first place.

The government has trotted out the usual scare words (terrorism, paedophilia
and organised crime) to justify the erosion of civil liberties, the expansion
of the nanny state, the imposition of miles of red tape, and the increase in
the overall cost of living.

But the growing desire of governments to monitor, filter and organise what we
can say and write in newspapers, watch on TV, and read on the internet is the
true threat to our freedom.

It is time for Australians to bde-friendb their government and start fighting
its growth. Recognising that government is a greater threat to individual
freedom than that posed by any terrorist b and opposing laws that expand the
power of Australiabs surveillance state b is a good start.




From bram at csbouw.nl  Thu Jul 19 10:54:56 2012
From: bram at csbouw.nl (=?koi8-r?B?IvHLz9cg4M7V08/Xyd4i?=)
Date: Thu, 19 Jul 2012 14:54:56 -0300
Subject: =?koi8-r?B?18nS1NXBzNjOwdEg4fTz?=
Message-ID: <01cd65be$75e8e000$a0f20fbb@bram>

     
Виртуальная АТС
всего за 300 рублей в месяц  
    
Звоните сегодня (495) 225  04 62
  
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия  на покупке телефонной станции
  
ОСТАЛОСЬ ВСЕГО ДВА ДНЯ
Выбирайте московский номер
и получайте виртуальную АТС
для склада/офиса/ресторана/магазина
  
  
     




From balminesscf0 at rmsp.com  Thu Jul 19 03:54:39 2012
From: balminesscf0 at rmsp.com (=?koi8-r?B?Iu3By9PJzcHM2M7B0SDSxcvMwc3BIg==?=)
Date: Thu, 19 Jul 2012 16:24:39 +0530
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiwg7cXT0cMgNDQg0sHT?=
	=?koi8-r?B?09nMy8kgMjAgMDAwINLVwszFyg==?=
Message-ID: <6AB527A063904D36BFB463C2C1A46421@sai>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971




From eugen at leitl.org  Thu Jul 19 07:45:15 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 19 Jul 2012 16:45:15 +0200
Subject: [ZS] Fwd: [HacDC:Byzantium] Announcing the release of Byzantium
  	Linux v0.2a (codename: Bath Salts)
Message-ID: <20120719144515.GH12615@leitl.org>

----- Forwarded message from Bryce Lynch <virtualadept at gmail.com> -----


From brent at itknowledgeexchange.com  Thu Jul 19 13:27:22 2012
From: brent at itknowledgeexchange.com (=?koi8-r?B?IvfF0sEg69LZzM/XwSI=?=)
Date: Thu, 19 Jul 2012 17:27:22 -0300
Subject: =?koi8-r?B?0NLRzc/KIM3P08vP19PLycogzs/NxdI=?=
Message-ID: <01cd65d3$c159b900$49de4fbb@brent>

     
Виртуальная АТС
всего за 300 рублей в месяц  
       
Звоните сегодня (495) 225-04  62
      
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия  на покупке телефонной станции
     
ОСТАЛОСЬ ВСЕГО ДВА ДНЯ
Выбирайте московский номер
и получайте виртуальную АТС
для склада/офиса/ресторана/магазина
  
     
    




From eugen at leitl.org  Thu Jul 19 08:30:36 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 19 Jul 2012 17:30:36 +0200
Subject: Secrecy News -- 07/19/12
Message-ID: <20120719153036.GI12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From brent.allsop at fairbankscapital.com  Thu Jul 19 09:32:40 2012
From: brent.allsop at fairbankscapital.com (=?koi8-r?B?IuHMxcvTwc7E0iI=?=)
Date: Thu, 19 Jul 2012 18:32:40 +0200
Subject: =?koi8-r?B?0NLRzc/KIM3P08vP19PLycogzs/NxdIgxMXbxdfP?=
Message-ID: <01cd65dc$e0a91400$3bcf8b4f@brent.allsop>

      
Виртуальная АТС
всего за 300 рублей в месяц  
      
Звоните сегодня (495) 225...04.62
    
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия  на покупке телефонной станции
 
ОСТАЛОСЬ ВСЕГО ДВА ДНЯ
Выбирайте московский номер
и получайте виртуальную АТС
для склада/офиса/ресторана/магазина
  
     
    




From Byzantium.NeoPhyte_Rep at OrdinaryAmerican.net  Thu Jul 19 20:33:54 2012
From: Byzantium.NeoPhyte_Rep at OrdinaryAmerican.net (Byzantium.NeoPhyte_Rep at OrdinaryAmerican.net)
Date: Thu, 19 Jul 2012 20:33:54 -0700
Subject: [HacDC:Byzantium] Tethr: Getting online in a crisis
Message-ID: <mailman.3596.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Another parallel effort?
http://www.bbc.com/future/story/20120413-communicating-in-a-crisis

-- 
You received this message because you are subscribed to the Google Groups "Project Byzantium (Emergency Mesh Networking)" group.
To post to this group, send email to Byzantium at hacdc.org.
To unsubscribe from this group, send email to Byzantium+unsubscribe at hacdc.org.
For more options, visit this group at http://groups.google.com/a/hacdc.org/group/Byzantium/?hl=en.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From stopcocksjz4534 at revistavertigo.com  Thu Jul 19 04:35:20 2012
From: stopcocksjz4534 at revistavertigo.com (=?koi8-r?B?Iu7v9/nqIOvv9PTl5PYi?=)
Date: Thu, 19 Jul 2012 20:35:20 +0900
Subject: =?koi8-r?B?8NLPxMHF1NPRICDu7/f56iDr7/T05eT2?=
Message-ID: <B5E5A4C7D23743C28EB4899FF7692719@mymain>

Продается  НОВЫЙ КОТТЕДЖ

Коттедж, 200 м2
Участок: 12 сот.
Киевское шоссе, Боровск

Газ, вода, Электрика, Канализация, все заведено в дом и функционирует
Под чистовую отделку
ТРЕБУЕТСЯ ТОЛЬКО ФИНИШНАЯ ОТДЕЛКА.
немецкие технологии

6,7 млн. руб

www.продам-дом-тут.рф




From sandalwood at realcheapoffers.com  Thu Jul 19 22:53:10 2012
From: sandalwood at realcheapoffers.com (=?koi8-r?B?IuvB0tTJzsEi?=)
Date: Thu, 19 Jul 2012 21:53:10 -0800
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyEgLSAxNDkw0tXC?=
Message-ID: <D3338900F4F8401BAA6CB00D1F21A13A@rahat97214fef2>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50%!!! - 1490руб вместо 3000руб! 
Подарок доставят Вам домой или в офис!

Купить картину здесь: www.картина-тут.рф/11.shtml	




From encoding03 at reginahs.com  Thu Jul 19 23:54:15 2012
From: encoding03 at reginahs.com (=?koi8-r?B?IuUt0sXLzMHNwSI=?=)
Date: Thu, 19 Jul 2012 22:54:15 -0800
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <109628323.56995451283710@reginahs.com>

A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 14624 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120719/d0a4d011/attachment.txt>

From diocesanspw3031 at r1.replyserver.com  Fri Jul 20 00:42:01 2012
From: diocesanspw3031 at r1.replyserver.com (=?koi8-r?B?IvLFy8zBzcEg0M8gxS3Qz97UxSI=?=)
Date: Thu, 19 Jul 2012 23:42:01 -0800
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <8AEA1ACD734646ADB328A65CEB431766@ali527fc4b47ea>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1458 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120719/e17c4576/attachment.txt>

From fishery2 at rowenfamily.com  Fri Jul 20 01:31:55 2012
From: fishery2 at rowenfamily.com (=?koi8-r?B?Iu7v9/nqIOvv9PTl5PYi?=)
Date: Fri, 20 Jul 2012 00:31:55 -0800
Subject: =?koi8-r?B?8NLPxMHF1NPRICDu7/f56iDr7/T05eT2?=
Message-ID: <00A1BF0F58274D04BAC886577EA2251E@CC6>

Продается  НОВЫЙ КОТТЕДЖ

Коттедж, 200 м2
Участок: 12 сот.
Киевское шоссе, Боровск

Газ, вода, Электрика, Канализация, все заведено в дом и функционирует
Под чистовую отделку
ТРЕБУЕТСЯ ТОЛЬКО ФИНИШНАЯ ОТДЕЛКА.
немецкие технологии

6,7 млн. руб

www.продам-дом-тут.рф




From bourgba at shands.ufl.edu  Thu Jul 19 08:44:54 2012
From: bourgba at shands.ufl.edu (=?koi8-r?B?Iu3V09TBxsEg4cfVwsXF18neIg==?=)
Date: Fri, 20 Jul 2012 00:44:54 +0900
Subject: =?koi8-r?B?3MvPzs/N2CDOwSDa18/Oy8HI?=
Message-ID: <01cd6610$e150a100$91d9e5d2@bourgba>

   
Виртуальная АТС
всего за 300 рублей в месяц  
     
Звоните сегодня (495) 225__04__62
  
- Номер с Вами, куда бы вы ни переехали
- Неограниченное количество линий
- Экономия  на покупке телефонной станции
    
ОСТАЛОСЬ ВСЕГО ДВА ДНЯ
Выбирайте московский номер
и получайте виртуальную АТС
для склада/офиса/ресторана/магазина
 
 
     




From eugen at leitl.org  Fri Jul 20 01:40:18 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 20 Jul 2012 10:40:18 +0200
Subject: [HacDC:Byzantium] Tethr: Getting online in a crisis
Message-ID: <20120720084018.GD12615@leitl.org>

----- Forwarded message from Byzantium.NeoPhyte_Rep at OrdinaryAmerican.net -----


From sidelongl45 at reply.myfamilyinc.com  Thu Jul 19 22:58:02 2012
From: sidelongl45 at reply.myfamilyinc.com (=?koi8-r?B?Iu3By9PJzcHM2M7B0SDSxcvMwc3BIg==?=)
Date: Fri, 20 Jul 2012 10:58:02 +0500
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiwg7cXT0cMgNDQg0sHT?=
	=?koi8-r?B?09nMy8kgMjAgMDAwINLVwszFyg==?=
Message-ID: <2440D6B992BB4566B1CE4BF977A9DF17@ashog>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971




From omelettesg7 at renfrewcenters.com  Fri Jul 20 04:59:06 2012
From: omelettesg7 at renfrewcenters.com (=?koi8-r?B?IubBzsXS2SAi?=)
Date: Fri, 20 Jul 2012 12:59:06 +0100
Subject: =?koi8-r?B?8MzJ1NkgT1NCLTMg5uHu5fL5?=
Message-ID: <48CE3D3E04C8409E9AECAEB1D1EB6B0E@sweet1687bfcfa>

Оптовые и розничные поставки - САМЫЕ НИЗКИЕ ЦЕНЫ!

-      OSB-3 производства  Bolderaja (Латвия) , Arbec (Канада), Egger (Германия) 

-      ФАНЕРЫ ФК березовая , ФСФ хвойная, ФОФ ламинированная
в любую точку России , склад в Москве

 С уважением и надеждой на дальнейшее сотрудничество

www.стратегия-и-паритет.рф




From bnsx at wpbum.com  Thu Jul 19 23:47:12 2012
From: bnsx at wpbum.com (=?koi8-r?B?9dDSwdfMxc7JxSDQxdLTz87BzM/NIMvPzdDBzsnJ?=)
Date: Fri, 20 Jul 2012 13:47:12 +0700
Subject: =?koi8-r?B?9/PlIM/UIOEgxM8g8SDXINXQ0sHXzMXOyckg0MXS08/OwczPzQ==?=
Message-ID: <000d01cd6643$7e0e97e0$6400a8c0@bnsx>

   23-25 июля 2012 г.

УПРАВЛЕНИЕ ПЕРСОНАЛОМ √ ОТ А ДО Я

8 (499) 445.ЧО*95 \\// Московский код; 792.2I22

Цель:

"Кадры решают все". Как сделать так, чтобы на Вашем предприятии работали сотрудники, которые все свои знания, навыки и умение отдавали работе? Как найти тех сотрудников, которые Вам нужны? Как удержать нужных и как по-хорошему расстаться с плохими работниками? Что лучше кнут или пряник в управлении персонала? Как подготовится к проверке инспекции по труду? Что нового можно применить в управлении персоналом?

В ходе курса Вы узнаете, какие меры стоит предпринять для минимизации ошибок в работе с персоналом, как построить четкую систему документооборота и его учета, которая защитит при проверках, как подготовить и провести эффективную аттестация (оценку) персонала и правильно мотивировать своих сотрудников.
В результате участия в курсе участник приобретет следующие знания:

 * Возможность оценить работу с персоналом на своем предприятии

 * Внедрить современные методы в соответствии с потребностями предприятия

 * Построить оптимальную систему кадрового документооборота

 * Определить и уточнить компетенции персонала, как работающего, так и принимаемого

 * Построить системы мотивации, адаптации и оценки, которые не будут отторгаться коллективом

 * Создать  сбалансированную систему управления персоналом

Программа:

1 день

ПОИСК, ОТБОР, ПРИЕМ И АДАПТАЦИЯ СОТРУДНИКОВ

1. Критерии отбора персонала:

 * Заявка руководителя подразделения, имеющего вакансию,

 * Идеальный портрет работника,

 * Гармонизация идеального портрета работника и возможностей предприятия:

 * По навыкам,

 * По заработной плате,

 * Др. запросам.

2. Методики поиска персонала:

 * По категориям персонала:

 * Печатные издания,

 * Интернет,

 * Службы занятости,

 * Рекрутинговые компании,

 * Работа с молодежью:

 * Вузы и колледжи,

 * Военкоматы,

 * Heardhunting.

3. Отбор персонала:

 * Первоначальный отбор,

 * Первичное собеседование,

 * Собеседование в подразделении,

 * На что следует обратить внимание:

 * В документах,

 * При личном общение,

 *  "Сканируем" кандидата,

 * Вопросы тестирования √ за и против.

4. Решение о приеме:

 * Условия испытательного срока и последующей работы,

 * Кто принимает решение,

 * Ответственность принимающих решение.

5. Прием на работу:

 * Оформление документов,

 * Адаптация нового сотрудника:

 * Ознакомительные материалы по предприятию,

 * Вхождение в должность,

 * Наставник и наставничество.

6. Прохождение испытательного срока:

 * Заключение руководителя, наставника,

 * Заключение самого работника,

 * Выводы по окончанию испытательного срока.

7. Движение персонала:

 * Переводы:

 * Вертикальные и горизонтальные,

 * По собственному желанию и по инициативе руководства,

 * Документальное обеспечение движения персонала,

 * Др. виды движения персонала.

8. Анализ движения кадров

9. Ответы на вопросы, разбор конкретных ситуаций.

2 день

КАДРОВОЕ СОПРОВОЖДЕНИЕ

1. Проверки инспекции по труду:

 * Плановые проверки,

 * Внеплановые проверки:

 * Обращение работников в надзорные органы,

 * Выявление нарушений в оплате труда и начислениях работникам,

 * Др. моменты.

2. На что обращают внимание инспекторы:

 * Приказы по личному составу,

 * Трудовые книжки,

 * Личные дела работников.

3. Решение спорных вопросов:

 * В ходе проверки,

 * После проверки.

4. Выполнение предписаний инспекторов:

 * Сроки исполнения,

 * Отчет об исполнении,

 * Повторные проверки.

5. Ответственность руководителей предприятия:

 * Наложение взысканий на руководителей предприятий,

 * Передача дел в суд,

 * Ответственность работника кадрового подразделения.

6. Кадровые документы, регламентируемые законодательством:

 * Придание документам юридической силы,

 * Состав и виды документов,

 * Основные требования к оформлению кадровой документации,

 * Учет кадровой документации на предприятии (ведение регистрационных книг, журналов, др.),

 * Своевременное внесение изменений в учетную документацию.

7. Архив предприятия:

 * Виды документов по срокам хранения.

8. Применение IT-программ.

9. Минимизация ошибок в работе с персоналом:

 * При приеме на работу:

 * Анализ документов кандидатов,

 * Выводы по результатам собеседований и интервью.

 * При переходе внутри предприятия.

 * При оформлении отпусков:

 * Учебных,

 * Очередных.

 * При увольнении по инициативе администрации:

 * Сокращения,

 * Ликвидация предприятия.
                
10. Ответы на вопросы слушателей, разбор конкретных ситуаций.

3 день

СЛОЖНЫЕ АСПЕКТЫ УПРАВЛЕНИЯ ПЕРСОНАЛОМ √ МОТИВАЦИЯ, ОБУЧЕНИЕ, АТТЕСТАЦИЯ

1. Структура мотивации:

 * Потребность работника

 * Материальное или нематериальное благо, способное удовлетворить эту потребность

 * Трудовое действие, необходимое для получения этого блага

 * Цена получения этого блага

2. Экономические и неэкономические стороны мотивации  труда

3. Неэффективность немотивированного или узко мотивированного труда

 * Низкая производительность труда

 * Плохая дисциплина

 * Текучесть кадров

4. Правила мотивации труда

 * Эффект поощрения

 * Разнообразие способов и форм мотивации

 * Подкрепленная мотивация

 * Нестандартная мотивация

 * Промежуточная мотивация

 * Уровни ответственности, права свободы выбора

 * Неоправданность большого вознаграждения

 * Конкуренция в коллективе

 * Переобучение и переподготовка

5. Цели мотивации

 * На развитие предприятия и удержание сотрудников

 * На приток новых работников

 * На сокращение и увольнение

6. Моменты мотивации

 * Заработная плата

 * Определение оптимального уровня заработной платы

 * Доплаты и вычеты

 * Повышение квалификации, переподготовка, переобучение работников

 * Карьерный рост

 * Нематериальные поощрения

7. Эффективная мотивация

8. Критерии оценки эффективной мотивации

 * Удовлетворенность работников

 * Текучесть кадров

 * Производительность и качество труда

9. Когда надо обучать персонал:

 * Недостаточный профессионализм работников,

 * Новое направление деятельности или расширение предприятия,

 * Создание резерва на выдвижение,

 * Др.

10. Категории персонала по обучению:

 * Обучаемые и необучаемые работники,

 * Работники, чья профессия требует постоянного совершенствования и поддержания (бухгалтеры, IT-специалисты, др.),

 * Как заинтересовать работника.

11. Выбор способа и методик обучения:

 * Внутри предприятия:

 * Наставничество,

 * Коллективный обмен опытом,

 * Приглашение внешнего преподавателя, тренера:

 *  * Коллективное обучение,

 *  * Индивидуальное обучение, консультация,

 * Как лучше организовать процесс обучения.

 *  * Вне предприятия:

 * Выбор обучающей фирмы, тренера, программы.

12. Планирование результатов обучения:

 * Цели обучения персонала,

 * Планы повышения квалификации и обучения.

 * Периодичность обучения.

13. Оценка результативности обучения:

 * Соотношение ожиданий и результатов обучения,

 * Непосредственно после обучения,

 * Через определенный промежуток времени,

 * Закрепление результатов.

14. Цели и задачи аттестации, оценки:

 * Оценка компетентности персонала,

 * Определение потребности в обучении и повышении квалификации,

 * Запуск нового направления деятельности,

 * Оптимизация численности персонала.

15. Виды оценок и аттестаций:

 * Плановые  и внеплановые оценки,

 * Юридическая правомерность результатов аттестации.

16. Подготовка к проведению аттестации:

 * Положение об аттестации на предприятии,

 * Аттестационная комиссия,

 * План проведения аттестации,

 * Выработка критериев оценки отдельных групп работников,

 * Документы по аттестации.

17. Собственно аттестация:

 * Сроки проведения,

 * Опросные листы,

 * Роль аттестационной комиссии,

 * Самооценка и оценка руководителя, коллег, др.,

 * Заключение по результатам аттестации,

 * Сравнение с предыдущими аттестациями.

18. Результативность аттестации:

 * Ротация кадров,

 * Планы повышения квалификации,

 * Оптимизация оплаты труда конкретного работника,

 * Конкретизация требований для подбора персонала,

 * Уточнение должностных инструкций и должностных обязанностей.

19. Практические рекомендации, ответы на вопросы:

 * Положения об аттестации,

 * Минимизация затрат на проведение аттестации.

20. Ответы на вопросы слушателей

Стоимость участия: 17 000  рублей

По вопpоcам pегucтаpацuu обpащайтеcь по тел: 8 (499) Ч45*Ч0/95 **** Московский код; 79221\22

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 23204 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120720/0371b171/attachment.txt>

From decoyingko9 at romanceinblooms.com  Fri Jul 20 01:22:25 2012
From: decoyingko9 at romanceinblooms.com (=?koi8-r?B?Iubh7uXy+SI=?=)
Date: Fri, 20 Jul 2012 13:52:25 +0530
Subject: =?koi8-r?B?8MzJ1NkgT1NCLTMg5uHu5fL5?=
Message-ID: <47D58CB5DAEE432B85A39FED83E90CD7@s6ddcfefef9b04>

Оптовые и розничные поставки - САМЫЕ НИЗКИЕ ЦЕНЫ!

-      OSB-3 производства  Bolderaja (Латвия) , Arbec (Канада), Egger (Германия) 
-      ФАНЕРЫ ФК березовая , ФСФ хвойная, ФОФ ламинированная
в любую точку России , склад в Москве

С уважением и надеждой на дальнейшее сотрудничество

www.стратегия-и-паритет.рф




From mauriacs450 at resflaw.com  Fri Jul 20 02:22:41 2012
From: mauriacs450 at resflaw.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Fri, 20 Jul 2012 14:52:41 +0530
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <EBF23C7B80B340D1948D1EA9135AE7FC@LG>

Все виды ремонта www.ремонт-тут.рф




From dappleiamj04 at rogueapp.com  Fri Jul 20 03:11:18 2012
From: dappleiamj04 at rogueapp.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Fri, 20 Jul 2012 15:41:18 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <1FBB8AE726B143BE9F2A273D0D34891F@ctnt12>

Продается здесь www.купи-дом-здесь.рф




From assertionsnt7 at roth-belgium.com  Fri Jul 20 02:20:32 2012
From: assertionsnt7 at roth-belgium.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Fri, 20 Jul 2012 16:20:32 +0700
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <DD379202363D49B3A30B3FE69D4DD16A@PC2012061808csw>

Все виды ремонта www.ремонт-тут.рф




From eugen at leitl.org  Fri Jul 20 07:43:03 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 20 Jul 2012 16:43:03 +0200
Subject: Super-Silent Owl Drone Will Spy on You Without You Ever
  Noticing
Message-ID: <20120720144303.GN12615@leitl.org>

http://www.wired.com/dangerroom/2012/07/owl/

Super-Silent Owl Drone Will Spy on You Without You Ever Noticing

By Robert Beckhusen July 19, 2012 | 1:00 pm | Categories: Drones

Follow @rbeckhusen

The Great Horned Owl. Photo: ahisgett/Flickr

For spy tools, drones are pretty easy to spot. And hear, because theybre as
loud as a gut-busting rock concert. But now the intelligence communitybs
research division, Iarpa, plans to start designing a silent drone inspired by
quiet, creeping, flying owls.

Iarpa has reportedly awarded a $4.8 million contract to Connecticut firm
D-Star Engineering to develop the ultra-quiet drone, Aviation Week reports.
Itbs the next step in developing a workable drone as part of the agencybs
Great Horned Owl Program, which the agency hopes will let the military
collect intelligence bwithout anyone knowing you are there,b (.pdf) according
to an agency briefing.

Sound, after all, is the number one signature bthat gives away the location
of low-altitude UAVs and gives away their presence.b Which sort of defeats
the point of having a secret surveillance eye in the sky. In some cases, you
might want people to know youbre watching. At other times, you want to sneak
up quietly.

But itbs hard to do without sacrificing payload. The added weight of sensors,
and the ability to operate for longer periods, comes with trading out
stealthiness. Drones powered by batteries: Theybre quiet, but canbt stay in
the air for long. Then therebs the added noise caused by airflow generated
from propellers, and noise from gasoline or diesel engines (not counting
batteries), with their moving pistons, turbofan and gears.

Iarpa wants to keep these efficent and relatively noisy engines for normal
flight. But when the drone needs to be stealthy, its operator would switch to
battery power, like a hybrid car. That means b for the duration of battery
flight b the noisy gears would shut off. The propellers would also likely be
ducted, which would mean less noise from vortices whipped up by the
propellers and fewer moving parts. Likely, the drone will take off
vertically.

The agency doesnbt expect the drone to stay ultra-quiet for more than 30
minutes, though, at which point the gasoline-powered turbine engine would
switch back on, recharging the batteries. Not enough for (say) a sustained
surveillance operation, but quiet enough to take a peek at an enemy without
being noticed.

The first step is keeping the sound levels in battery mode below 100
decibels, about equivalent to a chainsaw when up close. But give perhaps a
few thousand feet of distance, and the noise drops. Iarpa also wants to
reduce noise by cutting down the dronebs bphon curveb b or the level of sound
pressure interpreted by the human ear. Iarpa plans to start by testing the
sound levels of an uninstalled version of the engine.

Iarpabs owl drone is also not the first talk of an owl-inspired aircraft.
NASA has looked into the owlbs stealthy feathers for inspiration. But it may
take years before owl-based aircraft migrate into service.  Robert Beckhusen

Robert Beckhusen is a writer based in Austin, Texas, where he covers Latin
America for War Is Boring.

Read more by Robert Beckhusen




From eugen at leitl.org  Fri Jul 20 11:11:51 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 20 Jul 2012 20:11:51 +0200
Subject: secure, multipart BitCoin anonymization
Message-ID: <20120720181151.GQ12615@leitl.org>

http://blog.ezyang.com/2012/07/secure-multiparty-bitcoin-anonymization/

Secure multiparty Bitcoin anonymization by Edward Z. Yang

Abstract. We describe how secure multi-party sorting can serve as the basis
for a Bitcoin anonymization protocol which improves over current centralized
bmixingb designs.

Bitcoin is a pseudonymous protocol: while Bitcoin addresses are in principle
completely anonymous, all traffic into and out of a wallet is publicly
visible. With some simple network analysis collections of addresses can be
linked together and identified.

The current state of the art for anonymizing Bitcoins is a mixing service,
which is trusted third-party wallet which accepts incoming transactions, and
in random increments scheduled at random times in the future, transfers a
corresponding quantity to a new wallet of your choice. The result is given
any Bitcoin that is distributed from this service, there exist a large number
of identities from whom the Bitcoin may have originated.

Mixing services of this kind have a number of notable problems. First, the
mixing service must be trusted not to keep logs or otherwise monitor the
mixing: if they are compromised, the path of any given Bitcoin can be fully
traced. The usual advice for this scenario is to use multiple mixing
services, so that all of these services must be compromised before anonymity
is lost. Second, the mixing service must be trusted not to turn around and
refuse to give you back your funds; this makes such mixing services risky for
anonymizing large quantities of Bitcoins. Finally, most mixing services
charge a processing fee on top of the usual transaction fee one might expect
to pay out for arranging for a Bitcoin transfer.

We propose a decentralized, secure multiparty protocol for implementing a
mixing protocol. Such a system has been proposed in abstract (also here); in
this post, we describe precisely how to implement it, in particular showing
that multi-party sorting (a relatively well-studied algorithmic problem) is
sufficient to implement this protocol. This protocol does not require a
trusted third party (except to assist in discovery of participants interested
in performing the mixing protocol), does not require you to reveal your
input-output addresses beyond the ultimate transaction, and can be performed
atomically using Bitcoinbs transaction language.

Protocol description

First some preliminaries: the multi-party sorting problem is usually
formulated as follows: each party i contributes an input element A[i]. After
the protocol is carried out, all parties learn the sorted sequence A in
secret shared form, but do not learn who contributed any particular element
A[i] of the sequence. Referring to the work of JC3nsson, Kreitz and Uddin
(2011), we assume this protocol as a primitive: the essential idea behind any
multi-party sorting is to construct a fixed size sorting circuit for the
inputs, and then use the general framework of multi-party computation on the
resulting circuit description.

We now describe the mixing problem. Assume that some number of parties are
assembled to mix 1 BTC of coins among themselves. (For now, we assume that
every participant has the same number of Bitcoins; we will generalize this
later.) In particular, each party i has a input wallet A[i] (with balance of
at least 1 BTC) and an output wallet B[i], and will only sign a transaction
in which 1 BTC is transferred to its output wallet B[i]. Any adversary
participating in this transaction should not be able to learn the B[i]
corresponding to A[i], except that it is among the set of output wallets
taking part in the transaction.

The protocol proceeds as follows:

    Every participant declares the input wallet it will be participating in
the protocol with, and produces a signature to show that they own the wallet.
These wallets are publically sorted into A.

    With ordering defined as the numeric value of the public key of each
participating output wallet, conduct a secure multi-party sort of all of the
output wallets. We now have a sorted list of output wallets B, with no member
of the transaction having learned who contributed any given output wallet.
Each participant should check if their output wallet is contained in this
list (to protect against Byzantine failure); if it is not, they should abort
the protocol and destroy their output wallet (its identity has been leaked).

    Construct a transaction transferring 1 BTC from A[0] to B[0] (from the
sorted lists), A[1] to B[1], and so forth and broadcast it to all
participants. Clients sign the transaction with their input wallet.

    Once all signatures have arrived, the transaction is valid and is
broadcast for incorporation into the block chain.

Mixing pools only work if all participants are attempting to mix identical
amounts of Bitcoins. In order to manage participants who would like to mix
larger amounts of Bitcoins, we suggest maintaining discovery channels for
power of two sizes of Bitcoins, e.g. ...1/4 BTC, 1/2 BTC, 1 BTC, 2 BTC, 4
BTC...

Analysis

Step (1) does not mention output wallets, and thus cannot leak information
about the input-output correspondence. By definition, step (2) does not leak
information about who contributed the output wallet. Furthermore, we donbt
even require the sorted result to be secret shared: this sorted list will
become public information once the transaction is published in the block
chain. The case of aborting the transaction when your output wallet is not
present in the result (in the case of Byzantine failure) is delicate:
aborting does leak information, and thus you must not use the output wallet
in any further transactions. In step (3), assuming that an attacker knows
that a mixing transaction is taking place, the deterministic mapping of input
to output wallets gives all participants no further bits of information.
Thus, this protocol clearly fulfills its security requirements.

One odd thing about this protocol is that no random permutation between
participants is explicitly constructed. This might seem unusual, since a
natural security property one might expect is for an output wallet to receive
its 1 BTC from a uniformly randomly chosen input wallet. However, this
condition, while sufficient for anonymity, is not necessary. Just as adding a
random permutation destroys all information about the original permutation,
replacing the original permutation with a new constant permutation also
destroys all information about the original permutation. Furthermore, honest
participants will have picked their addresses uniformly at random, so the
process of sorting automatically constructs a random permutation between
these participants (dishonest participants must be excluded, since they can
generate addresses from a skewed probability distributions).

What is the amount of anonymity granted by one round of this protocol?
Consider the case where I have 1 BTC in an input wallet tied to my identity,
and I participate in a mixing round with n honest participants with a fresh
output wallet. Since no information about the source of this output wallet
was leaked to the participants, an adversary in the transaction would have a
1/n-1 probability of guessing which output wallet was mine: call this the
anonymity factor. In the case of a Sybil attack, the amount of anonymity
conferred decreases. If the fraction of attackers is less than some fraction
of the participants (for many secret sharing protocols, the magic numbers are
1/2 for passive attackers, and 1/3 for active attackers), then the anonymity
factor is still 1/n-1, where n is the number of honest participants; but n is
smaller than the number of visible participants in the protocol: the size of
the transaction is not necessarily correlated with how anonymous it is! If
the number of attackers is above this fraction, then the secret sharing
scheme may leak information and no anonymity is gained. This allows for a
denial of service attack against a mixing protocol; we describe some
mitigation strategies against this attack later. (Note, however, that no
matter how many attackers there are, you are guaranteed to not lose any
Bitcoins, due to the verification step in (2).) In practice

As with traditional mixing, a number of precautions should be taken in order
to avoid accidentally revealing information about the source of Bitcoins via
a side-channel. Consider the case where Alice has 2 BTC tied to her
real-world identity, and she would like to anonymously pay 3/4 BTC to Bob.

Alice first prepare by creating a pool of empty wallets, which she will use
to carry the anonymized Bitcoins. Alice connects to a tracker for 1 BTC
mixing over Tor. (1 BTC is the amount she would like to pay to Bob, rounded
up.) She waits a time window to expire for the next mixing, and then as the
protocol takes place submits her (public) input wallet and her (anonymous)
output wallet. If the protocol fails, she throws out her output wallet and
submits a new one next time, and blacklists the misbehaving node if she can
figure out who it is.

Once Alice has successfully carried out a mixing, she flips a coin (which
comes up heads with probability 1/m). If the coin comes up heads, she waits
for another mixing. The number of mixing transactions she is expected to
perform is m (obeying the geometric distribution, so selected because it
makes all output wallets behave identically with regards to remixing or
exiting). Once Alice exits mixing, she now has a wallet containing an
anonymous Bitcoin (more precisely, this Bitcoin could be attributable with
equal probability to any of the other wallets that she participated in mixes
with). She transfers 3/4 BTC to Bob, leaving 1/4 BTC in her wallet.

The remaining Bitcoins in the wallet should now be considered tainted (as
they now have a direct relationship to Bob, who may have a public wallet).
These Bitcoins should be split into mixable amounts and reanonymized, before
used for any other purposes. Even after anonymization, these coins must still
be used with care: in particular, they must not be transferred back to the
original, public Bitcoin account. In such a situation, the graph structure of
mixing transactions looks like this:

/img/bitcoin-mixer.png

(The green node is your public node, the red node is your anonymous node).
Network analysis that looks for cycles in Bitcoin transfers will be able to
identify any transactions, even if the anonymizing pool has a large amount of
turnover (though, amusingly enough, if many participants generate cycles,
this attack is harder to carry out). To assist in the tracking of these
coins, we suggest the development of wallet management software that can
handle thousands of private keys, sort by bsize of coinb, and track the
easily traceable transaction history associated with any given coin.

In order to protect herself against Sybil attacks, Alice may wish to select
her mixing tracker with care. Some mixing trackers could charge fees for
listing: with sufficient volume, these charges would make it more expensive
to carry out a sustained Sybil attack. (The fees can then be turned around
and used to pay for the processing of the complicated mixing transactions,
which have the social expectation of being accompanied with a transaction
fee.) Every mixing should be conducted with a different IP address; if Alice
is using Tor for anonymity she needs to reanonymize her connection each time.
Conclusion

Secure multi-party computation has always been in the eye of users of Bitcoin
seeking anonymization, but to date there has not been any plausible
implementation strategy for any such computation. We hope that this document
describes such an implementation strategy and leads the way to a better
ecosystem of Bitcoin anonymizers. As the fiascos at Bitcoinica and other
exchanges have demonstrated, relying on third party wallets is dangerous.
Fortunately, they are also unnecessary.

Acknowledgments

I would like to thank Eric Price for playing an instrumental role in the
formulation of this protocol.




From feignh3 at republicrefrigeration.com  Sat Jul 21 05:18:25 2012
From: feignh3 at republicrefrigeration.com (=?koi8-r?B?Is3PzM/LzyI=?=)
Date: Sat, 21 Jul 2012 04:18:25 -0800
Subject: =?koi8-r?B?7c/Mz8vPINXL0sHJzsE=?=
Message-ID: <35DEB51118D04646A1AB9F1EAD20FFB2@DADPEAURHT>

Сухое обезжиренное молоко
Молоко цельное сухое 
Молоко цельное сгущенное с сахаром 
Палочка для мороженого

Украина, Черкассы
+3 80 472 54 42 69




From halteredyj at rangeraviation.com  Sat Jul 21 05:56:40 2012
From: halteredyj at rangeraviation.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Sat, 21 Jul 2012 04:56:40 -0800
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <46B2D0CD37FD4F5193DAFF37880F5C9B@self68d44b3449>

Все виды ремонта www.ремонт-тут.рф




From buttonholingc324 at reginamater.com  Sat Jul 21 05:01:01 2012
From: buttonholingc324 at reginamater.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Sat, 21 Jul 2012 17:01:01 +0500
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <B44611ABE3EE4AE3BE09471EB02DBE66@goldxphome>

Все виды ремонта www.ремонт-тут.рф




From mikewu at hungarymail.com  Sat Jul 21 06:24:39 2012
From: mikewu at hungarymail.com (=?koi8-r?B?7sHDyc/OwczYzsHRINPJ09TFzcEg09TBzsTB0tTJ2sHDyck=?=)
Date: Sat, 21 Jul 2012 18:54:39 +0530
Subject: =?koi8-r?B?58/T2sHL1dDLySwgz9DSxcTFzMXOycUgw8XO2SDLz87U0sHL1ME=?=
Message-ID: <000d01cd6744$2e5aebc0$6400a8c0@mikewu>

   31 июля 2012

ПОРЯДОК ОРГАНИЗАЦИИ И ПРОВЕДЕНИЯ ЭЛЕКТРОННЫХ АУКЦИОНОВ 
Разработка технического задания для государственных и муниципальных нужд. Правила расчета, определения и обоснования начальной  (максимальной) цены контракта

+7 499 ЧЧ5.40-95 **** \Моск. код/ 7922I/22

Программа:

1. РАЗРАБОТКА ТЕХНИЧЕСКОГО ЗАДАНИЯ НА ЗАКУПКУ ТОВАРОВ, РАБОТ И УСЛУГ ДЛЯ ГОСУДАРСТВЕННЫХ И МУНИЦИПАЛЬНЫХ НУЖД.,

 * Национальная система стандартизации Российской Федерации. Федеральный закон  от 27  декабря 2002 года N 184-ФЗ "О техническом регулировании";

 * Техническое задание на закупку товаров;

 * Техническое задание на закупку работ;

 * Техническое задание на закупку услуг;

 *  "Ловушки" технических заданий государственных и корпоративных закупок;

 * Демпинг на торгах: виды и механизмы противодействия;

 * Манипуляции при составлении ТЗ.

2. ПРАВИЛА РАСЧЕТА, ОПРЕДЕЛЕНИЯ И ОБОСНОВАНИЯ НАЧАЛЬНОЙ  (МАКСИМАЛЬНОЙ) ЦЕНЫ КОНТРАКТА.

 * Методика расчета и обоснования начальной (максимальной) цены контракта (лота) (далее √ НМЦК) в соответствии с требованиями статьи 19 ╧ 94-ФЗ;

 * Методика определения начальной цены контракта на поставку товаров, выполнение работ, оказание услуг;

 * Методика анализа цен моделей товаров разных производителей, соответствующих требованиям к функциональным, качественным характеристикам, потребительским свойствам, срокам годности и срокам гарантии качества;

 * Достоверность источника информации о ценах;

 * Ответственность заказчиков за неправомерное обоснование НМЦК и закупки товаров, работ, услуг по завышенным ценам.

3. ОСОБЕННОСТИ МЕТОДОВ ОПРЕДЕЛЕНИЯ НМЦК ПО СТАТЬЕ 22  ЗАКОНОПРОЕКТА "О ФЕДЕРАЛЬНОЙ КОНТРАКТНОЙ СИСТЕМЕ В СФЕРЕ ЗАКУПОК ТОВАРОВ, РАБОТ И УСЛУГ".

 * Начальная (максимальная) цена контракта определяется расчетным способом посредством использования как минимум одного из следующих методов:

 * Нормативный метод, под которым понимается расчет цены контракта на основе нормативов.

 * Метод одной цены, согласно которому цена контракта определяется по цене, установленной организацией, являющейся единственным производителем (поставщиком) товаров (исполнителем работ, услуг) либо обладающей исключительным правом на товар (работу, услугу).

 * Тарифный метод, который в обязательном порядке применяется заказчиком, если цена контракта определяется в соответствии с установленным тарифом (ценой) на товары (работы, услуги);

 * Метод индексации, при котором расчет цены контракта производится путем индексации цены аналогичных в сопоставимых условиях товаров (работ, услуг), закупленных (закупаемых) заказчиком в предыдущем (текущем) году, на индекс потребительских цен (иной обоснованный заказчиком коэффициент);

 * Запросный метод, который заказчик вправе использовать в случае, когда имеется конкурентный рынок поставщиков (исполнителей, подрядчиков) необходимых товаров (работ, услуг) и невозможно применить методы, указанные в пунктах 1 - 4 настоящей части.

 * Проектно-сметный  метод,  согласно  которому  цена  контракта  на  строительство,  реконструкцию  и капитальный ремонт определяется на основании разработанной проектной документации. При этом сметная стоимость строительных работ пересчитывается в текущий уровень цен на дату осуществления процедур определения подрядчиков и исполнителей по соответствующим индексам цен на строительные и монтажные работы по основным калькуляционным статьям прямых затрат (оплата труда, затраты на эксплуатацию машин и механизмов, стоимость материалов);

 * Метод расчета удельной цены основного параметра, при котором определение цены контракта производится посредством изучения ценовых предложений не менее чем трех субъектов предпринимательской деятельности, осуществляющих поставку товаров, выполнение работ, оказание услуг, уровень цен на которые предопределяется одним основным параметром, существенным для заказчика.

 * Самостоятельный расчет заказчиком начальной (максимальной) цены контракта в случае невозможности определения начальной (максимальной) цены контракта с использованием указанных в пунктах 1 - 7 настоящей части методов.

4. НОМЕНКЛАТУРА ТОВАРОВ, РАБОТ, УСЛУГ ДЛЯ ГОСУДАРСТВЕННЫХ И МУНИЦИПАЛЬНЫХ  ЗАКАЗЧИКОВ.

 * Спорные моменты право применения номенклатуры;

 * Противоречия в практике закупок.

5. ПОДГОТОВКА ТЕХНИЧЕСКИХ СПЕЦИФИКАЦИЙ (ТС) В СИСТЕМЕ ГОСУДАРСТВЕННЫХ И МУНИЦИПАЛЬНЫХ ЗАКУПОК.

 * Проблема качества на различных этапах закупки;

 * Техническая спецификация (ТС) товаров и услуг; виды спецификаций; способы составления.

 * Требования,  устанавливаемые в ТЗ согласно нормам  94-ФЗ;

 * Товарный знак (ТЗ) и знак обслуживания (ТО) √ ст.1477 ГК РФ. Возможность использования товарных знаков, знаков обслуживания и торговых наименований в составе документации.

 * Федеральный закон о техническом регулировании   ╧184-Ф3 от 27.12.2002г. (в редакции ╧65-ФЗ  от 01.05.2007г.);

 * Особенности составления технического задания в зависимости от предмета закупки (строительные работы, капитальный и текущий ремонт, закупка мебели, компьютерной техники, продуктов питания, ГСМ и др.);

 * Требования к товарам, определяемыми национальными стандартами (ГОСТы, СНиПы, СанПиНы). Использование ГОСТа по коду товара.

6. ПОРЯДОК ОРГАНИЗАЦИИ И ПРОВЕДЕНИЯ ЭЛЕКТРОННЫХ АУКЦИОНОВ.

 * Электронный документооборот и использование электронно-цифровой подписи;

 * Порядок получения электронно-цифровой подписи;

 * Создание и порядок работы аукционных комиссий при размещении заказа путём проведения открытого аукциона в электронной форме;

 * Требования к подаче заявок  в форме электронного  документа;

 * Проведение открытого аукциона в электронной форме на электронных площадках;

 * Обзор специфики работы  на электронных площадках: ЗАО "Сбербанк-АСТ", ОАО "Единая электронная торговая площадка", ООО "РТС-тендер", ГУП "Агентство по государственному заказу Республики Татарстан", ЗАО "Московская межбанковская  валютная биржа";

 * Защита прав заказчиков и участников при размещении заказа в форме открытого аукциона в электронной форме;

 * Особенности проведения аукционов в 2012 году;

 * Административная практика проведения электронных аукционов.

7. ПОСТАНОВЛЕНИЕ ╧ 616 ОТ 21 ИЮНЯ 2012Г. ОБ УТВЕРЖДЕНИИ ПЕРЕЧНЯ ТОВАРОВ, РАБОТ И УСЛУГ, ЗАКУПКА КОТОРЫХ ОСУЩЕСТВЛЯЕТСЯ В ЭЛЕКТРОННОЙ ФОРМЕ

 * Перечень товаров, работ и услуг, закупка которых осуществляется в электронной форме

 * Ответы на вопросы.

Стоимость участия: 9 900  рублей

По вопpоcам pегucтаpацuu обpащайтеcь по тел: код: (четыре девять пять) 7922122 <<<>>> Московский код; 7922122

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 10800 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120721/56e0ff7f/attachment.txt>

From privationrpa7 at round-planet.com  Sat Jul 21 03:39:25 2012
From: privationrpa7 at round-planet.com (=?koi8-r?B?IuTF0sXX0c7OwdEg0MHMz97LwSI=?=)
Date: Sat, 21 Jul 2012 19:39:25 +0900
Subject: =?koi8-r?B?5MXSxdfRzs7B0SDQwczP3svBIMTM0SAgzc/Sz9bFzs7Px88gz9Qg0NLP?=
	=?koi8-r?B?ydrXz8TJ1MXM0Q==?=
Message-ID: <DB762B32DA1A42DD9E7BF650A20D1255@SM2>

Деревянная палочка для  мороженного от производителя 
Палочка для кофе и медицинский шпатель.

Береза, ольха все документы на внутренний и внешний рынок
 
114x10x2 мм,  94x10x2 мм,  94x17/11x2 мм

Тел.  +380 67 470 52 40




From bsnywo2eu at jaq.ru  Sun Jul 22 00:41:39 2012
From: bsnywo2eu at jaq.ru (=?koi8-r?B?88/axMHFzSDh0sjJ1w==?=)
Date: Sun, 22 Jul 2012 11:11:39 +0330
Subject: =?koi8-r?B?79POz9fO2cUgxtXOy8PJySDQz83P3c7Jy8Eg0tXLz9fPxMnUxczR?=
Message-ID: <000d01cd67d5$0c68c460$6400a8c0@bsnywo2eu>

ТЕМА: Секретарь, офис-менеджер, помощник руководителя

Вся информация по тел: 8 (499) 445\ЧО-95 или +7 499 ЧЧ5Ч/О95
26 Июля

Внешний и внутренний консультант по управлению предприятием и работе с персоналом, практик-консультант по реструктуризации и построению управленческих структур, сертифицированный специалист по ИСО стандартам, постановщик задач по вопросам оценки и аттестации для программы Босс-кадровик.

Программа 1й день:

1. Работа с документацией и владение навыками:

  *Ведения общего   документооборота;
  *Компьютерной грамотности √ приемлемая скорость печати; word, excel, интернет (опыт работы в 1С, с компьютерными управленческими программами является преимуществом).

2. Работа с входящей и исходящей корреспонденцией.

3. Регулирование телефонных звонков:
  *Телефония и офисная техника √ факс, принтер, сканер, копир, уничтожитель бумаги, брошюровщики; современные телефоны и смартфоны, ридеры и пр.
  * Культура деловой речи. 

4. Организация приема посетителей, организация деловых встреч:
  *Основы делового этикета,  делового общения;
  *Корпоративная культура и имидж секретаря.

5. Планирование рабочего времени руководителя:
  *Основы тайм-менеджмента.

6. Иностранный язык и другие навыки (при необходимости).

Cтоимоcть: 7 200 руб.

27 Июля
ТЕМА: НОРМАТИВНО-ПРАВОВЫЕ АКТЫ ПО ДЕЛОПРОИЗВОДСТВУ. ПРАКТИЧЕСКАЯ РАБОТА С ДОКУМЕНТАМИ

8 Моск. код: 792-2122 или код (499) - ЧЧ5*ЧО95

Программа 2й день:

1. Помощник руководителя и организация ведения общего документооборота

2. Понятия документооборота и делопроизводства; документационное обеспечение управления (ДОУ)

3. Номенклатура дел. Формирование и оформление дел

4. Законодательные и нормативно-правовые акты

5. Инструкция по ведению документооборота, положение о документообороте

6. Основные категории документов организации и правила их оформления. Бланки предприятия

7. Признаки юридической силы документа. Копии документов Контроль исполнения документов

8. Особенности оформления документов по личному составу, производственной деятельности, финансовых, др.

9. Хранение документов, архив предприятия

10. Практические рекомендации по ведению документооборота

Стоимость участия 1 день: 6 200 рублей
Стоимость участия за 2 дня: 10 540 рублей

По вопpоcам подробной информации и pегucтаpацuu обpащайтеcь по тел: код: (четыре девять пять) 742/9198 <> 8 (499) Ч45*40\95
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4615 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120722/fdff0d41/attachment.txt>

From conjugatehv at recp.com  Sun Jul 22 00:42:00 2012
From: conjugatehv at recp.com (=?koi8-r?B?IuTF0sXX0c7OwdEg0MHMz97LwSI=?=)
Date: Sun, 22 Jul 2012 12:42:00 +0500
Subject: =?koi8-r?B?5MXSxdfRzs7B0SDQwczP3svBIMTM0SAgzc/Sz9bFzs7Px88gz9Qg0NLP?=
	=?koi8-r?B?ydrXz8TJ1MXM0Q==?=
Message-ID: <85F96828B12F4F48B5C7E415F93A1D1E@tariq6ae6fa1d4>

Деревянная палочка для  мороженного от производителя 
Палочка для кофе и медицинский шпатель.

Береза, ольха все документы на внутренний и внешний рынок
 
114x10x2 мм,  94x10x2 мм,  94x17/11x2 мм

Тел.  +380 67 470 52 40




From forgottencjq047 at radiuseng.com  Sun Jul 22 01:42:59 2012
From: forgottencjq047 at radiuseng.com (=?koi8-r?B?Is3PzM/LzyI=?=)
Date: Sun, 22 Jul 2012 14:12:59 +0530
Subject: =?koi8-r?B?7c/Mz8vPINXL0sHJzsE=?=
Message-ID: <55786DAEEA674C99BC892B89FEFE9AF7@intelcd239ec5a>

Сухое обезжиренное молоко
Молоко цельное сухое 
Молоко цельное сгущенное с сахаром 
Палочка для мороженого

Украина, Черкассы
+3 80 472 54 42 69




From boruch.baum at gmail.com  Sun Jul 22 14:42:17 2012
From: boruch.baum at gmail.com (Boruch Baum)
Date: Sun, 22 Jul 2012 17:42:17 -0400
Subject: [Freedombox-discuss] Anti- freedom-box
Message-ID: <mailman.3597.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Many of you may have seen this on slash-dot, it's a power strip with a
concealed illicit motherboard, that includes:

    Onboard high-gain 802.11b/g/n wireless.
    Onboard high-gain Bluetooth (up to 1000').
    Onboard dual-Ethernet.
    Fully functional 120/240v AC outlets!.
    Includes 16GB internal disk storage.
    Includes external 3G/GSM adapter.
    Includes all release 1.1 features.
    Fully-automated NAC/802.1x/RADIUS bypass.
    Out-of-band SSH access over 3G/GSM cell networks!.
    Text-to-Bash: text in bash commands via SMS! .
    Simple web-based administration with "Plug UI".
    One-click Evil AP, stealth mode, & passive recon.
    Maintains persistent, covert, encrypted SSH access to your target
network [Details].
    Tunnels through application-aware firewalls & IPS.
    Supports HTTP proxies, SSH-VPN, & OpenVPN.
    Sends email/SMS alerts when SSH tunnels are activated.
    Preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet,
Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap,
Bluetooth/VoIP/IPv6 tools, & more.
    Unpingable and no listening ports in stealth mode.

Many of you may have also funded it; its development was paid for by US
taxpayers via DARPA.


http://www.zdnet.com/power-pwn-this-darpa-funded-power-strip-will-hack-your-network-7000001331/

http://hardware.slashdot.org/story/12/07/22/0335223/the-darpa-funded-power-strip-that-will-hack-your-network?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29


_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss at lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From molls2 at roycemetal.com  Sun Jul 22 07:20:25 2012
From: molls2 at roycemetal.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Sun, 22 Jul 2012 21:20:25 +0700
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <B1E82F821A1F4242AD5308D01B73CBDA@teamin>

Все виды ремонта www.ремонт-тут.рф




From cavillingafu35 at rainbowdenim.com  Sun Jul 22 22:48:32 2012
From: cavillingafu35 at rainbowdenim.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Sun, 22 Jul 2012 21:48:32 -0800
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <1F8C65B5F91F45549CFA19D109214815@honarafarin>

Продается здесь www.купи-дом-здесь.рф




From contusingae1 at rmsportmax.com  Mon Jul 23 00:13:04 2012
From: contusingae1 at rmsportmax.com (=?koi8-r?B?IuLSxc7E2S3P0NTPzSI=?=)
Date: Sun, 22 Jul 2012 23:13:04 -0800
Subject: =?koi8-r?B?4tLFzsTP19nFINTP18HS2SDP1CDQ0s/J2tfPxMnUxczFyiDP0NTPzSDJ?=
	=?koi8-r?B?INcg0s/azsnD1Q==?=
Message-ID: <E03DCF07F3DF4371978693ADDC48204C@ikram1810527e1>

www.бренды-оптом.рф
Каталог  брендовых товаров, цены ниже рыночных.

Одежда и обувь, мужская, женская, детская, сумки, очки. Более 150 тысяч брендовых  товаров.
Приглашаем к сотрудничеству  Организаторов Совместных Закупок, компании, ИЧП, физических лиц.

Вот неполный список предлагаемых  брендов  Abercrombie & Fitch, Adidas, Alexander McQueen ,  Andrew&Angel, Armani,  Herve Leger, Burberry,  BVLGARI , Calvin Klein , Carrera,  Cavalli , Chanel,  Chloe,  Christian Audigier , Christian Louboutin , Coach ,  Columbia, D&G , Denis Simachev ,  Diesel ,  Dior, Disney , DKNY , Doraemon , Dsquared2 , Ed Hardy , Fendi ,  Frankie Morello , Fred Perry , Galliano, GAP , Gianmarco Lorenzi, Giuseppe Zanotti , Gucci,  GUESS , Hello Kitty , Hermes, Iceberg, Jimmy Choo , Juicy Couture , KAREN MILLEN,  Kurosawa, Lee, Levi's,  Louis Vuitton,  Manolo Blahnik,  Miu Miu,  Moncler,  Mont Blanc,  Moschino, Nike, Paul Smith , Peak Performance,  Polo,  Prada, Puma, RUKKA, The North Face,  Tod's ,  Tommy Hilfiger,  UGG , Yves Saint Laurent, Zara.

Ответим на вопросы по телефону  (495) 989 68 11  или  info at china-trad.ru , 
скайпу: china2russia

Пожалуйста не отвечайте на это письмо кнопкой "Ответить", т.к оно было выслано не с нашего ящика




From saftergood at fas.org  Mon Jul 23 07:55:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Mon, 23 Jul 2012 07:55:11 -0700
Subject: Secrecy News -- 07/23/12
Message-ID: <mailman.3598.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 73
July 23, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     SECURITY-CLEARED POPULATION TOPS 4.8 MILLION
**     NSA RELEASES DISPUTED EMAIL FROM DRAKE CASE
**     SOME NUCLEAR WEAPONS-RELATED INFO TO BE DECLASSIFIED
**     REPORTERS SEEK CLARIFICATION OF PENTAGON ANTI-LEAK POLICY
**     CLIMATE CHANGE AND THE LAW, AND MORE FROM CRS


SECURITY-CLEARED POPULATION TOPS 4.8 MILLION

The number of people who held security clearances for access to classified
information increased last year to a new reported high of more than 4.8
million persons as of October 1, 2011, a new intelligence community report
to Congress said.

	http://www.fas.org/sgp/othergov/intel/clear-2011.pdf

Last year's annual report, the first official count of security cleared
personnel, had indicated that there were over 4.2 million clearances in
2010.  That number astonished observers because it surpassed previous
estimates by more than a million.  ("Number of Security Clearances Soars,"
Secrecy News, September 20, 2011).

But it turns out that the 2010 number itself underreported the number of
clearances, and the new report to Congress presents a revised 2010 figure
of 4.7 million.  Even so, the number of clearances rose in 2011 by about 3%
to 4.86 million, the new report said.

The total clearance figure is composed of cleared government employees and
contractors, at all clearance levels -- Confidential, Secret and Top
Secret.  (The number of Top Secret clearances alone was over 1.4 million.)  
It includes all persons who have been cleared for access to classified
information whether or not they have actually been granted such access.
While the total reported figures are "likely to include some duplicate
entries," the report explains, efforts have been made to eliminate them and
only "a minimal number of duplicates" remain.

The annual report on security clearances was required by Congress in the
FY2010 Intelligence Authorization Act.  It represents a new degree of
transparency in national security classification policy.  Until the first
report was issued last year, only rough estimates of the size of the
cleared population were available, and those estimates proved to be
unreliable.

The latest ten-page report includes numerous details that are ordinarily
withheld from public disclosure, whether they are classified or not.  For
example, the new report indicates that 5.3% of the security clearance cases
that CIA processed last year resulted in denial of clearance.  At NSA, the
number of denials reached 8.0%.  

Six of the seven intelligence community agencies that do their own
clearance adjudications reported that they had cases that had been open for
more than one year, the report said.  The number of pending security
clearance cases at CIA requiring more than one year to complete was 3,755
for government employees, and 732 for contractors.

"The IC faces unique challenges in clearing individuals with unique or
critical skills -- such as highly desirable language abilities -- who often
have significant foreign associations that may take additional time to
investigate and adjudicate," the report said.

The new report was transmitted to Congress in early July, and was first
mentioned in a July 12 report from the Government Accountability Office.  
The report itself was publicly released last week by ODNI in response to a
request from Secrecy News.


NSA RELEASES DISPUTED EMAIL FROM DRAKE CASE

On Friday, the National Security Agency released a declassified email
message entitled "What a Wonderful Success" that had been used as the basis
for a felony count against former NSA official Thomas Drake in 2010, who
was charged with unlawful retention of classified information, including
that message.

	http://www.fas.org/sgp/news/2012/07/nsa-wws.pdf

Although all of the felony counts against Mr. Drake were eventually
dismissed, the "What a Wonderful Success" email remains controversial
because it has been challenged by a leading classified expert as an
exemplar of reckless overclassification.

The document is "an innocuous, internal communication that never should
have been classified in the first place," according to a petition filed
last May by J. William Leonard, the former director of the Information
Security Oversight Office.  He asked the presiding judge in the Drake case
to lift the protective order which currently bars him from discussing the
NSA document.

The release of the NSA document was first reported in "Ex-federal official
calls U.S. classification system 'dysfunctional'," by Ellen Nakashima,
Washington Post, July 22.

Without getting into the specifics of the newly disclosed document, Mr.
Leonard said: "I can generally state that the very critical national
security tool of classification of national security information is
becoming dysfunctional and requires the highest level of attention if it is
to continue to be an effective national security tool."

"Specifically, the system clearly lacks the ability to differentiate
between trivial information and that which can truly damage our nation's
well-being. At the same time, and even more importantly, it appears to be
incapable of holding government officials accountable for abusing the
classification system."

"If the system continues to be one-sided, where individuals are routinely
held to account for supposedly improperly disclosing protected information
but no one is ever held accountable for improperly classifying information
in the first place, it sends a very clear message to the millions of
individuals with security clearances to continue to overclassify with
impunity. That does not bode well for either the security of our nation or
our democratic form of government."

"Absent meaningful corrective action by the Government at the highest of
levels, to include the President, I despair for the integrity of the
classification system," Mr. Leonard said.


SOME NUCLEAR WEAPONS-RELATED INFO TO BE DECLASSIFIED

Certain types of classified information pertaining to nuclear weapons are
going to be downgraded or declassified, the Department of State indicated
in a newly disclosed report.

"Over the past fiscal year, the Department [of State] has been actively
working with the Departments of Energy and of Defense to identify
information that had previously been classified under the Atomic Energy Act
or various national security executive orders," wrote Sheryl Walter, the
director of State's Office of Information Programs and Services, in a
February 10, 2012 letter to the Information Security Oversight Office.

"Several categories of this information, including topics concerning
nuclear weapons, weapons testing, improvised nuclear devices, and
international cooperation relating to nuclear forensics, will be
downgraded, classified for shorter durations, or declassified," Ms. Walter
wrote.  No schedule for declassification was mentioned.  The letter was
released last week under the Freedom of Information Act.

	http://www.fas.org/sgp/othergov/dos-fcgr.pdf


REPORTERS SEEK CLARIFICATION OF PENTAGON ANTI-LEAK POLICY

After the Department of Defense issued a statement last week saying that
it would "monitor all major, national level reporting" for evidence of
unauthorized disclosures of classified information, Pentagon reporters
wrote to the Secretary of Defense and the Chairman of the Joint Chiefs of
Staff to ask whether such monitoring extended to surveillance of the press.

"We are asking you to clarify in writing what is meant by 'monitor all
major, national level reporting'," wrote reporters Robert Burns (Associated
Press), Kevin Baron (National Journal), Luis Martinez (ABC) and Barbara
Starr (CNN) on behalf of the Pentagon Press Association.

"The phrase 'monitor all major, national level reporting' could be
interpreted by some as authorizing intrusive actions aimed at members of
the news media who report on defense issues. We have received no answers as
to specific monitoring authorities, and 'reporting' is much broader than
'published reports'," they wrote.

In particular, they asked, what specific authorities does the Pentagon
claim for monitoring the media?

"Do you have authority to do the following:  *tap phones at work or home?  
*intercept or monitor emails?  *conduct monitoring or surveillance of
Pentagon press workspaces?"

"Are you authorized to monitor phone conversations, emails or press
workspaces without our knowledge?"

See the July 20 letter from the Pentagon Press Association here:

	http://www.fas.org/sgp/news/2012/07/ppa072012.html

The letter was first reported by Dylan Byers in Politico on July 20.  As
of last night, no reply from DoD had been forthcoming.


CLIMATE CHANGE AND THE LAW, AND MORE FROM CRS

New reports from the Congressional Research Service that have not been
made otherwise available to the public include these.

Climate Change and Existing Law: A Survey of Legal Issues Past, Present,
and Future, July 2, 2012 (published July 19):

	http://www.fas.org/sgp/crs/misc/R42613.pdf

A Brief Overview of Actions Taken by the Consumer Financial Protection
Bureau (CFPB) in Its First Year, July 18, 2012:

	http://www.fas.org/sgp/crs/misc/R42615.pdf

Conflict Minerals in Central Africa: U.S. and International Responses,
July 20, 2012:

	http://www.fas.org/sgp/crs/row/R42618.pdf


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html


_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From virtualadept at gmail.com  Mon Jul 23 06:46:09 2012
From: virtualadept at gmail.com (Bryce Lynch)
Date: Mon, 23 Jul 2012 09:46:09 -0400
Subject: [ZS] Another face of Corporatism: Private armies and police
Message-ID: <mailman.3599.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

On Sat, Jul 21, 2012 at 8:38 AM, ZeroState.net <info at zerostate.net> wrote:
> ...does anybody else think it's really really bad for governments to
> outsource police and army work to companies like G4S?

They're out of the chain of command.  PMCs have already made the US
notorious overseas because of their antics.

They're able to negotiate their way around many of the laws and
regulations that apply to us ("Laws for thee but not for me.")

They aren't held to codes of conduct or oversight that police forces
are.  No accountability, either.

> These guys are there to make a profit, *not* to look out for the
> public interest. The moment those motivations diverge, matters of
> public interest immediately go in the trash.

That makes them too big a risk and untrustworthy to mine eyes.

> Seriously, why do we allow this? Who does it serve, other than the
> Billionaires who sit both on the company boards and in government?
> Uh... looks like I might have just answered my own question.

We don't allow it.  Entities that are incredibly rich and well
connected made it so, and there isn't anything anybody else can do
about it.

I hate to frob the pessimist bit this morning, but that's pretty much
what it boils down to.  Those who have the gold made the rules.

-- 
The Doctor [412/724/301/703] [ZS]
https://drwho.virtadpt.net/
"I am everywhere."

-- 
-- 
Zero State mailing list:
http://groups.google.com/group/DoctrineZero



----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From shallowe0 at roxymusic.com  Sun Jul 22 23:37:27 2012
From: shallowe0 at roxymusic.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Mon, 23 Jul 2012 10:07:27 +0330
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <AFCD5187DAF849E4A460B561014FAF21@casio143c9eedd>

Все виды ремонта www.ремонт-тут.рф




From virtualadept at gmail.com  Mon Jul 23 07:32:34 2012
From: virtualadept at gmail.com (Bryce Lynch)
Date: Mon, 23 Jul 2012 10:32:34 -0400
Subject: considerable BTC concentration in a single account
Message-ID: <mailman.3600.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

On Mon, Jul 23, 2012 at 9:38 AM, ZeroState.net <info at zerostate.net> wrote:

> Sounds interesting to me.

I was hanging out in the liminal space between jellyfish and
cypherpunks, and we were talking about Bitcoins and how traceable they
were given how complete the public transaction ledger has to be.  We
also discussed the research that's already been done on it
(http://anonymity-in-bitcoin.blogspot.com/2011/07/bitcoin-is-not-anonymous.html).

Bitcoins can be divided up down to eight decimal places.  Bitcoin
addresses can be programmatically generated and used.  Bitcoin clients
can interact over IRC (though this is deprecated) and over the Tor
network more or less automagically.  Bitcoin clients can be interacted
with by other programs to accept arbitrary commands (including sending
fractions of Bitcoins elsewhere).  There are also several Bitcoin
tumblers out there already.

My scenario was this: I want to launder a single Bitcoin so as to make
it as difficult to trace back through the public ledger as possible.
I am willing to sacrifice up to one quarter of its value (b 0.25) for
this purpose but would prefer to not do so if I could get away with
it.  I have access to sufficient machines (virtual and otherwise) to
run multiple Bitcoin clients and multiple custom-written agents that
interact with them to carry out various tasks.  I'm willing to accept
up to a week of latency for each sub-bitcoin bundle.  I am the C&C for
this operation, though I use software I wrote myself to make it easier
to manage everything.

Now going into list mode to make it easier to lay out and comment on:

I generate a new Bitcoin address for my b 1.0.

I pseudo-randomly split my Bitcoin into thousands of sub-bitcoins
valued between 0.00000001 and 0.0000001 but which total back up to b
1.0.  I do this with some software I wrote that automates the process.
 I could probably do this with Python.

On each of my servers I programmatically generate a pseudo-random
number of single-use Bitcoin addresses.  Let's say several hundred
each though I might only use a small fraction of them.  Afterward, all
of them will be discarded.

The temporary laundering wallet begins to distribute those thousands
of sub-bitcoins between all of my confederate single-use Bitcoin
addresses.  The latency between each transaction is variable; to be
practial, not more than a day, though it would be possible to take
even longer.

Some of those confederate addresses transfer sub-bitcoins to other
single-use confederate addresses.  Some accumulate a few sub-bitcoins
(let's say b 0.00000006).

Some of those confederate addresses transfer their aggregate
sub-bitcoins to other confederate addresses (b 0.00000006).  Some
split those sub-bitcoins up into other denominations (b 0.00000001) (b
0.00000002) (b 0.00000002) (b 0.00000001) and transfer them to other
confederate addresses.

Some of those confederate addresses send their sub-bitcoins to some of
the public tumblers, which eventually send them on to other
confederate addresses.  Here, value can be sacrificed to make it more
difficult to trace where they go.

Possibly, some of those confederate addresses accumulate sub-bitcoin
bundles and purchase digital goods rather than re-sending them (like
VM time, MP3s, or porn).  Possibly, some of the addresses that digital
goods are purchased from are mine anyway, which gives a convenient
excuse for their dropping out of circulation for a while.

This goes on for days.

Eventually, as many sub-bitcoin bundles as possible (which themselves
have been split and recombined and traded over and over) trickle back
into a set of single-use Bitcoin addresses which I set up that
collectively hold much of the value of my original b 1.0.

The first thing that comes to mind is that this stunt would bloat the
public ledger to an amazing size due to all of the addresses and
transactions.  That would honk a lot of people straight off.  It could
also potentially DoS the Bitcoin network by running up all of the disk
space their public ledgers and debug.log files are kept on.

The second thing that comes to mind is that the blockchain watchers
(and there are apparently a lot of them - case in point, the discovery
not too long ago of the address that controlled over a half-million
bitcoins) will no doubtedly notice these shenagains and make a big
deal of it.  That would draw attention to my operation and would no
doubt cause crowdsourced investigation, intelligence gathering, and
analysis.

Third, because all of these transactions would be in the public ledger
they could eventually be mapped and traced back.  I don't know if
there would be any way of tracing all of these thousands of Bitcoin
addresses back to a single individual or group; if at the end all of
the fractional Bitcoins would back up in the same address they
certainly would be.  I'd be trying to mitigate that by using separate
machines that interact with one another through a variety of
communications channels.  I'd also be trying to avoid that by
maximizing rather than minimizing network latency ala anonymous e-mail
remailers.  This might wind up requiring prohibitive amounts of time.

The downside to payment would be driving the seller the Bitcoins are
being transferred to nuts.  "I need you to be patient because I'm
going to send you several thousand sub-bitcoin bundles between
0.0000001 and 0.0000010 in value each from several thousand burner
addresses..." That would be like paying for dinner with buckets full
of pennies, and at a minimum would be grounds for receiving an atomic
wedgie.

-- 
The Doctor [412/724/301/703] [ZS]
https://drwho.virtadpt.net/
"I am everywhere."

-- 
You received this message because you are subscribed to the Google Groups "ZS-P2P" group.
To post to this group, send email to zs-p2p at googlegroups.com.
To unsubscribe from this group, send email to zs-p2p+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From survivd at gmail.com  Mon Jul 23 14:03:24 2012
From: survivd at gmail.com (Name Withheld)
Date: Mon, 23 Jul 2012 11:03:24 -1000
Subject: [tor-relays] Electronic surveillance on major tor exits
Message-ID: <mailman.3601.1576008235.31620.cypherpunks-legacy@lists.cpunks.org>

This is in response to something from Roger's email on funding exit  
relays, but I didn't want to derail such an important conversation by  
responding directly.

He mentioned:

     "At the same time, much of our performance improvement comes
from better load balancing -- that is, concentrating traffic on the relays
     that can handle it better. The result though is a direct tradeoff with
relay diversity: on today's network, clients choose one of the fastest 5
     exit relays around 25-30% of the time, and 80% of their choices come
     from a pool of 40-50 relays."

This has probably been discussed before, but the first thing that came to 
my mind was, "how does this simplify surveillance of tor traffic flows?"  I 
know we badly need the performance improvement to continue moving Tor into 
the mainstream, but when it comes at the cost of a huge amount of all tor 
requests are exiting through a small subset of nodes, are we baking in a 
serious vulnerability?

Most Tor users probably don't read the manual and follow best practices.  
I'm sure we've all seen traffic where users are using google maps to find 
directions from their home, or logging into their true-name mail accounts.  
When you combine this "State of our Method" with a choke on the number

For monied countries that practice aggressive electronic surveillance  
(China, Russia, and the larger western states), it becomes more and more  
tempting to set up (or subvert) expensive, fast exits (with tshark and an 
SSL-stripper on it) and be guaranteed significant amounts of traffic from 
people that they view as having something to hide.  And if the same  
routing calculus applies to non-exit nodes, they can do the same thing on 
the non-exit layers, not only improving their correlation attacks, but 
creating a plausible chance of controlling some tunnels end-to-end.  I 
don't think that's a good situation for anybody other than the monitors.

I know that this is one of the reasons why "more nodes" is the largest  
everyday push (I went from 1 to 3 in the last month), and "we're working  
on it," and the node-funding push should help some of this, but I think  
it's important to review what direction relay diversity is heading in the 
long-term when the metrics start leaning in a certain way.

_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gorge1 at rcconsulting.com  Mon Jul 23 04:08:52 2012
From: gorge1 at rcconsulting.com (=?koi8-r?B?ItzMydTO2cUgIMvXwdLUydLZIg==?=)
Date: Mon, 23 Jul 2012 11:08:52 +0000
Subject: =?koi8-r?B?8NLPxMHA1NPRIMvXwdLUydLZINcg6MHNz9fOycvByCA=?=
Message-ID: <7D0A3D63042B43E9B1E3CE3C23DC223E@rahul9a67b30fd>

Продаются элитные  квартиры в Хамовниках в близи Новодевичьего монастыря  www.дом-хамовники.рф




From eugen at leitl.org  Mon Jul 23 02:53:38 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 11:53:38 +0200
Subject: considerable BTC concentration in a single account
Message-ID: <20120723095338.GV12615@leitl.org>

Coverage on http://www.reddit.com/r/Bitcoin/comments/wzptm/bitcoin_address_1dkybekt5s2gdtv7aqw6rqepavnsryhoym/

Bitcoin Address 1DkyBEKt5S2GDtv7aQw6rQepAvnsRyHoYM (blockchain.info)

submitted 7 hours ago by bleahbloh

    9 comments
    share
    save
    hide
    report

all 9 comments
sorted by:
best
formatting help

[b]Nhdb 13 points 6 hours ago

    http://1dkybekt5s2gdtv7aqw6rqepavnsryhoym.com/

Pretty awesome move

    permalink
    report
    reply

[b]MaunaLoona 4 points 5 hours ago

http://i.imgur.com/jNFqw.gif

    permalink
    parent
    report
    reply

[b]DerFrycook 1 point 39 minutes ago

This is the best thing I've ever seen.

    permalink
    parent
    report
    reply

[b]anfedorov 11 points 7 hours ago

At current rates, that's $3.5M, not bad.

I'd love to see someone much smarter than me analyze the types of transactions that come in/out of accounts like this. Who is likely to own it? What's up with those incoming transactions of 5-10k BTC from dozens of addresses?

    permalink
    report
    reply

[b]power78 0 points 3 hours ago

The link below states that is the SilkRoad main account. Can anyone confirm?

    permalink
    parent
    report
    reply

[b]godofpumpkins 3 points 2 hours ago

MagicalTux has suggested before that it belongs to MtGox, as far as I know.

    permalink
    parent
    report
    reply

[b]Puupsfred 9 points 7 hours ago

https://bitcointalk.org/index.php?topic=94675.0

    permalink
    report
    reply

[b]MaunaLoona 1 point 5 hours ago

Arrr, matey!

    permalink
    report
    reply

[b]matthew412 1 point 2 hours ago

Some analysis on the addresses that have sent bitcoins there

    permalink
    report
    reply




From annexkhs68 at royalcctx.com  Mon Jul 23 00:07:51 2012
From: annexkhs68 at royalcctx.com (=?koi8-r?B?IubBzsXS2SAi?=)
Date: Mon, 23 Jul 2012 12:37:51 +0530
Subject: =?koi8-r?B?8MzJ1NkgT1NCLTMg5uHu5fL5?=
Message-ID: <04593F664D6C4D9694BA387ECC52DC9E@friends03097bf>

Оптовые и розничные поставки - САМЫЕ НИЗКИЕ ЦЕНЫ!

-      OSB-3 производства  Bolderaja (Латвия) , Arbec (Канада), Egger (Германия) 

-      ФАНЕРЫ ФК березовая , ФСФ хвойная, ФОФ ламинированная
в любую точку России , склад в Москве

 С уважением и надеждой на дальнейшее сотрудничество

www.стратегия-и-паритет.рф




From uncontrollablykip51 at rottier.com  Mon Jul 23 00:24:03 2012
From: uncontrollablykip51 at rottier.com (=?koi8-r?B?IvPl8vTp5unr4fQi?=)
Date: Mon, 23 Jul 2012 12:54:03 +0530
Subject: =?koi8-r?B?79DMwdTBINDP08zFINDPzNXexc7J0SDz5fL06ebp6+H04Q==?=
Message-ID: <8C12485F72914C45A63D24BE10EA9AB7@hcl2b976817483>

Все виды сертификации

АКЦИЯ Оплата после получения СЕРТИФИКАТА

Только у нас СЕРТИФИКАТ СООТВЕТСТВИЯ (ГОСТ Р)  ЗА 1 ДЕНЬ!!!

(495) 227 94 43
www.сертификация-быстро.рф




From quadrillesgh0 at reflexite.com  Mon Jul 23 01:04:58 2012
From: quadrillesgh0 at reflexite.com (=?koi8-r?B?IunO18XT1MnDyc/Ozs8txsnOwc7Tz9fZyiDIz8zEyc7HIg==?=)
Date: Mon, 23 Jul 2012 13:34:58 +0530
Subject: =?koi8-r?B?8NLJx8zB28HF1CDOwSDSwcLP1NU=?=
Message-ID: <BC776744A5674AA1A9C5C974F434BBAD@store1>

Крупный инвестиционно-финансовый холдинг приглашает в новый логистический проект тех, кто хочет и умеет продавать.
 
Вы получите:
 
·высокую "белую" зарплату
·прозрачную систему оплаты труда
·реальные возможности быстрого роста
·обучение за наш счёт
·полный соцпакет
·доброжелательных коллег, готовых помочь
·отсутствие бюрократии
·возможность продавать реально востребованную и положительно воспринимаемую услугу
·работу в сфере, которая во время экономических кризисов наращивает прибыли
 
____________________________________________________________
НАШИ ВАКАНСИИ:

Менеджер по продажам услуг экспресс-доставки деловых писем
Что нужно делать:
·  привлекать новых клиентов;
·  выезжать на переговоры с потенциальными клиентами, выявлять потребности, презентовать услуги компании, заключать договоры.

Наши ожидания:
·  муж./жен, 22-37 лет, строго гражданство РФ;
·  опыт продаж любых товаров или услуг;
·  приветствуется опыт работы с корпоративными клиентами (юрлицами).
 
Мы предлагаем:
·  высокую и полностью официальную заработную плату (ТВЁРДЫЙ ОКЛАД, который готовы обсуждать + % от продаж);
·  возможности быстрого роста до руководителя группы продаж;
·  оформление в штат с первого дня работы;
·  полное соблюдение Трудового кодекса;
·  график работы: понедельник-пятница, 9:30-18:30;
·  офис – рядом с центром Москвы (м. "Автозаводская", в шаговой доступности от метро, рядом с Третьим транспортным кольцом).

Менеджер по телемаркетингу
Что нужно делать:
·  звонить в компании и назначать встречи «выездным» менеджерам по продажам.

Наши ожидания:
·  муж./жен, 22-40 лет, строго гражданство РФ;
·  приветствуется опыт телефонных продаж/исходящих звонков.
 
Мы предлагаем:
·  высокую и полностью официальную заработную плату (ТВЁРДЫЙ ОКЛАД, который готовы обсуждать + % от количества назначенных встреч);
·  оформление в штат с первого дня работы;
·  полное соблюдение Трудового кодекса;
·  график работы: понедельник-пятница, 9:30-18:30;
·  офис – рядом с центром Москвы (м. "Автозаводская", в шаговой доступности от метро, рядом с Третьим транспортным кольцом).

 
НАШИ КОНТАКТЫ:
8(495)727-09-69
8(915)368-70-94
(понедельник - пятница, с 9:30 до 19:00)
 vok at maillog.ru




From diagrammingc7 at realtor.com  Mon Jul 23 02:13:52 2012
From: diagrammingc7 at realtor.com (=?koi8-r?B?IvLFy8zBzcEg0M8gxS3Qz97UxSI=?=)
Date: Mon, 23 Jul 2012 14:43:52 +0530
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <48AB28BDB01941B4A5190301D2AC703F@iil>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1458 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120723/64462ceb/attachment.txt>

From arma at mit.edu  Mon Jul 23 11:58:54 2012
From: arma at mit.edu (Roger Dingledine)
Date: Mon, 23 Jul 2012 14:58:54 -0400
Subject: [tor-relays] Call for discussion: turning funding into more exit
	relays
Message-ID: <mailman.3602.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

For a few years now, funders have been asking if they can pay Tor to
run more relays. I kept telling them their money was better spent on
code and design improvements:
https://blog.torproject.org/blog/why-tor-is-slow
https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/Performance
since a) network load would just grow to fill whatever new capacity we
have, especially if we don't deal with the tiny fraction of users who
do bulk downloads, and b) reducing diversity of relay operator control
can harm anonymity.

But lately the Tor network has become noticeably faster, and I think it
has a lot to do with the growing amount of excess relay capacity relative
to network load:
https://metrics.torproject.org/network.html?graph=bandwidth&start=2010-06-01&end=2012-07-21#bandwidth

At the same time, much of our performance improvement comes from better
load balancing -- that is, concentrating traffic on the relays that can
handle it better. The result though is a direct tradeoff with relay
diversity: on today's network, clients choose one of the fastest 5 exit
relays around 25-30% of the time, and 80% of their choices come from a
pool of 40-50 relays.
https://trac.torproject.org/projects/tor/ticket/6443

Since extra capacity is clearly good for performance, and since we're
not doing particularly well at diversity with the current approach,
we're going to try an experiment: we'll connect funding to exit relay
operators so they can run bigger and/or better exit relays.

If we do it right (make more faster exit relays that aren't the current
biggest ones, so there are more to choose from), we will improve the
network's diversity as well as being able to handle more users.

We've lined up our first funder (BBG, aka http://www.voanews.com/),
and they're excited to have us start as soon as we can. They want to
sponsor 125+ fast exits.

----------------------------------------------------------------------

Open questions we need to decide about:

1) What exactly would we pay for?

I think the right way to do it is to offer to reimburse bandwidth/hosting
costs -- I don't want to get into the business of paying people to
run relays, and I don't want people to be trying to figure out how to
"profit". That leads to all sorts of horrible incentive structures.

More broadly, we should keep in mind that the primary cost of running an
exit relay is effort, not dollars: it takes dedication to find an ISP
who will host it, and to hold that ISP's hand when an abuse complaint
arrives. Or said another way, hosting costs are in many cases not the
biggest barrier to running an exit relay.

I think we should aim to constrain ourselves to talking about >=100mbit
exits, assuming that turns out to give us enough choices. That said,
we don't want to concentrate bandwidth too much in any given relay,
so we should limit the amount we'll reimburse per relay.

2) Should we fund existing relays or new ones?

The worst failure mode here would be that we screw up the current
community of relay operators. That's why it's extra important to keep
them involved at each step of this discussion.

I think the right answer is probably a balance of reimbursing costs from
current exits and encouraging new exits to appear. Before we can get
more precise though, we need to get a handle on how many current fast
exits there are, and what their constraints are (whether their hosting
situation could give them more bandwidth, whether they're paying now or
getting a deal through a friend/employer, etc).

Even then, there are interesting further questions like:

- Should we prefer big collectives like torservers, noisetor, CCC,
dfri.se, and riseup (which can get great bulk rates on bandwidth and are
big enough to have relationships with local lawyers and ISPs), or should
we prefer individuals since they maximize our operator diversity? I think
"explore both approaches" is a fine first plan.

- For existing relays who pay for hosting, should we prefer that our money
go to covering their existing costs (and then we encourage them to save
their money for use, say, after this experiment finishes), or should we
aim to add additional funding so the relay can use more bandwidth? I'd
say it comes down to the preferences of the relay operator. That said, if
we have plenty to choose from, we should pick the relays that will make
the network grow -- but we should take extra care to avoid situations
where operators in the first category say "well, fine" and shut down
their relay.

More generally, we need to consider sustainability. Our current exit
relay funding is for a period of 12 months, and while there's reason to
think we will find continued support, the Tor network must not end up
addicted to external funding. So long as everybody is running an exit
relay because they want to save the world, I think we should be fine.

4) What exactly do we mean by diversity?

There's network diversity (AS / upstream network topology), organization
and operator diversity, jurisdictional (country) diversity, funding
diversity, data-center diversity, and more.

We've started to answer some of these questions at
https://trac.torproject.org/projects/tor/ticket/6232
https://blog.torproject.org/blog/research-problem-measuring-safety-tor-network
but this research topic will need ongoing attention. I'd love to get to
the point where our diversity metrics can recommend network locations
that best improve the various diversity scores.

5) How much "should" an exit relay cost?

Since we're aiming for diversity, we can't send all our volunteers to
the same cut-rate German VPS provider. After all, much of the work in
setting up an exit relay is finding a good provider that doesn't already
host a bunch of Tor relays.

But if we declare that we'll reimburse $50/month for 100mbit, we're going
to attract a different set of volunteers -- and a different set of network
locations -- than if we reimburse $100/month for 100mbit. We need to learn
about current bandwidth pricing: I know there are 10 cheap hosting places
that will tolerate exit relays, but are there 200? And do all of those
200 turn out to overlap diversity-wise? Initial guesses appreciated. I'm
inclined toward the $100 number to give our volunteers more flexibility.

If we want to reimburse on a monthly basis, how do we handle situations
where the ISP wants a longer-term contract? I think the answer will come
down to how many choices we have.

6) How exactly should we choose which exit relay operators to reimburse?

It might be premature to speculate until we better understand what choices
are available to us. But I think the answer must include doing it in a way
that encourages continued growth of the relay operator _community_. People
who are active in the Tor community, and well-known to many other people,
should be part of the answer. At the same time, we should be willing to
put some of the money into trying out new places and people, especially
if they're in good locations diversity-wise.

The broader answer is that we as a community need to figure out a good
answer here. I definitely don't want it to be "Roger picks people in
an opaque way". But I also don't want the answer to be "anybody on the
Internet who offers to take our money". Maybe we should put together a
consortium of current Tor activists who run fast exits?

7) How do we audit / track the sponsored relays?

How should we check that your 100mbit relay is really working? What do
we measure to confirm its capacity? To a first approximation I'm fine
assuming that nobody is going to try to cheat (say, by colluding with
an ISP to write legit-looking invoices but then just split the money).

But as the plan scales, we need good ways to track statistics on how
many relays are being sponsored and how much bandwidth they're providing
(so funders can see how effective their money is), and what fraction of
the overall network these sponsored relays are (to keep an eye on the
diversity questions).

8) Legal questions?

Tor exit relays raise plenty of legal questions already, especially when
you consider jurisdiction variety. But reimbursing relays introduces
even more excitement, such as:

- Does such a relay operator end up in a different situation legally?
- Does the overall Tor network change legal categories in some country,
e.g. becoming a telecommunications service when it wasn't before?
- Does The Tor Project Inc incur new liabilities for offering this money?

Tor has a history of creating fascinating new challenges for legal
scholars, and this exit relay funding experiment will be no exception.

I believe if we position it correctly, we won't really change the legal
context. But I encourage people to investigate these questions for
their jurisdiction.

----------------------------------------------------------------------

Next steps:

I'm going to do a short blog post pointing to this thread, since many
interested parties aren't on tor-relays yet.

Then I'll send individual emails to exit relay operators pointing them
to it and asking for their feedback (on the list or private, whichever
they prefer). I'll also try to get some sense of how much their hosting
costs, whether they'd want to participate in our experiment, whether
they're in a position to ramp up to a faster connection, etc.

Once we have some concrete facts about how many current exit relays want
to participate, how many new volunteers want to help, and how many ISPs
could handle more exit relays and at what prices, we'll be in a better
position to decide how to proceed.

--Roger




_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From wafflingxb856 at routes-lavande.com  Mon Jul 23 06:10:04 2012
From: wafflingxb856 at routes-lavande.com (=?koi8-r?B?IuvB0tTJztki?=)
Date: Mon, 23 Jul 2012 15:10:04 +0200
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyAhIC0gMTQ5MNLVwg==?=
Message-ID: <E88660D45BC64C4887EE39FC912B1BBB@computadores>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50 % !!! - 1490руб вместо 3000 руб! 
Подарок доставят Вам домой или в офис!

Купить картину здесь: www.картина-тут.рф/11.shtml	




From eugen at leitl.org  Mon Jul 23 06:49:12 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 15:49:12 +0200
Subject: [ZS] Another face of Corporatism: Private armies and police
Message-ID: <20120723134912.GL12615@leitl.org>

----- Forwarded message from Bryce Lynch <virtualadept at gmail.com> -----


From cleaving6 at raisiogroup.com  Mon Jul 23 04:03:23 2012
From: cleaving6 at raisiogroup.com (=?koi8-r?B?IunO18XT1MnDyc/Ozs8txsnOwc7Tz9fZyiDIz8zEyc7HIg==?=)
Date: Mon, 23 Jul 2012 16:33:23 +0530
Subject: =?koi8-r?B?8NLJx8zB28HF1CDOwSDSwcLP1NUgIO3FzsXE1sXSz9c=?=
Message-ID: <352A8BEE83644D78BFD8D4CBC949FC18@user2>

Крупный инвестиционно-финансовый холдинг приглашает в новый логистический проект тех, кто хочет и умеет продавать.

Менеджер по продажам услуг экспресс-доставки деловых писем
Что нужно делать:
·  привлекать новых клиентов;
·  выезжать на переговоры с потенциальными клиентами, выявлять потребности, презентовать услуги компании, заключать договоры.

Наши ожидания:
·  муж./жен, 22-37 лет, строго гражданство РФ;
·  опыт продаж любых товаров или услуг;
·  приветствуется опыт работы с корпоративными клиентами (юрлицами).
 
Мы предлагаем:
·  высокую и полностью официальную заработную плату (ТВЁРДЫЙ ОКЛАД, который готовы обсуждать + % от продаж);
·  возможности быстрого роста до руководителя группы продаж;
·  оформление в штат с первого дня работы;
·  полное соблюдение Трудового кодекса;
·  график работы: понедельник-пятница, 9:30-18:30;
·  офис – рядом с центром Москвы (м. "Автозаводская", в шаговой доступности от метро, рядом с Третьим транспортным кольцом).


Менеджер по телемаркетингу
Что нужно делать:
·  звонить в компании и назначать встречи «выездным» менеджерам по продажам.

Наши ожидания:
·  муж./жен, 22-40 лет, строго гражданство РФ;
·  приветствуется опыт телефонных продаж/исходящих звонков.
 
Мы предлагаем:
·  высокую и полностью официальную заработную плату (ТВЁРДЫЙ ОКЛАД, который готовы обсуждать + % от количества назначенных встреч);
·  оформление в штат с первого дня работы;
·  полное соблюдение Трудового кодекса;
·  график работы: понедельник-пятница, 9:30-18:30;
·  офис – рядом с центром Москвы (м. "Автозаводская", в шаговой доступности от метро, рядом с Третьим транспортным кольцом).

 
НАШИ КОНТАКТЫ:
(495)727-09-69
(909)934-05-59.
(понедельник - пятница, с 9:30 до 19:00)
 vok at maillog.ru




From eugen at leitl.org  Mon Jul 23 07:41:00 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 16:41:00 +0200
Subject: considerable BTC concentration in a single account
Message-ID: <20120723144100.GM12615@leitl.org>

----- Forwarded message from Bryce Lynch <virtualadept at gmail.com> -----


From eugen at leitl.org  Mon Jul 23 08:18:08 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 17:18:08 +0200
Subject: The Terrifying Background of the Man Who Ran a CIA
  Assassination 	Unit
Message-ID: <20120723151808.GN12615@leitl.org>

http://www.theatlantic.com/politics/archive/2012/07/the-terrifying-background-of-the-man-who-ran-a-cia-assassination-unit/259856/

The Terrifying Background of the Man Who Ran a CIA Assassination Unit

By Conor Friedersdorf

Jul 18 2012, 1:39 PM ET 123

A federal investigation alleged Enrique Prado's involvement in seven murders,
yet he was in charge when America outsourced covert killing to a private
company.

cia full cia.png CIA

It was one of the biggest secrets of the post-9/11 era: soon after the
attacks, President Bush gave the CIA permission to create a top secret
assassination unit to find and kill Al Qaeda operatives. The program was kept
from Congress for seven years. And when Leon Panetta told legislators about
it in 2009, he revealed that the CIA had hired the private security firm
Blackwater to help run it. "The move was historic," says Evan Wright, the
two-time National Magazine Award-winning journalist who wrote Generation
Kill. "It seems to have marked the first time the U.S. government outsourced
a covert assassination service to private enterprise."

The quote is from his e-book How to Get Away With Murder in America, which
goes on to note that "in the past, the CIA was subject to oversight, however
tenuous, from the president and Congress," but that "President Bush's 2001
executive order severed this line by transferring to the CIA his unique
authority to approve assassinations. By removing himself from the
decision-making cycle, the president shielded himself -- and all elected
authority -- from responsibility should a mission go wrong or be found
illegal. When the CIA transferred the assassination unit to Blackwater, it
continued the trend. CIA officers would no longer participate in the agency's
most violent operations, or witness them. If it practiced any oversight at
all, the CIA would rely on Blackwater's self-reporting about missions it
conducted. Running operations through Blackwater gave the CIA the power to
have people abducted, or killed, with no one in the government being exactly
responsible." None of this is new information, though I imagine that many
people reading this item are hearing about it for the first time.

Isn't that bizarre?

The bulk of Wright's e-book (full disclosure: I help edit the website of
Byliner, publisher of the e-book) tells the story of Enrique Prado, a
high-ranking CIA-officer-turned-Blackwater-employee who oversaw assassination
units for both the CIA and the contractor. To whom was this awesome
responsibility entrusted? According to Wright's investigation, a federal
organized crime squad run out of the Miami-Dade Police Department produced an
investigation allegedly tying Prado to seven murders carried out while he
worked as a bodyguard for a narco crime boss. At the time, the CIA declared
him unavailable for questioning; the investigation was shut down before he
was arrested or tried.

There's a lot more to the story -- Wright's e-book is almost 50 pages long --
but this bit is of particular note:

    The reporting on Prado's activities at Blackwater produced no evidence
that the firm's employees had ever killed anyone on behalf of the CIA. But I
spoke to Blackwater employees who insisted that they had. Two Blackwater
contractors told me that their firm began conducting assassinations in
Afghanistan as early as 2008. They claimed to have participated in such
operations -- one in a support role, the other as a "trigger puller." The
contractors, to whom I spoke in 2009 and 2010, were both ex-Special Forces
soldiers who were not particularly bothered by assassination work, although
they did question the legality of Blackwater's involvement in it.

    According to the "trigger puller," he and a partner were selected for one
such operation because they were Mexican Americans, whose darker skin enabled
them to blend in as Afghan civilians. The first mission he described took
place in 2008. He and his partner spent three weeks training outside Kabul,
becoming accustomed to walking barefoot like Afghans while toting weapons
underneath their jackets. Their mission centered on walking into a market and
killing the occupant of a pickup truck, whose identity a CIA case worker had
provided to them. They succeeded in their mission, he told me, and moved on
to another. This contractor's story didn't completely fit with other accounts
about Prado's unit at Blackwater. The e-mail written by Prado and later
obtained by the Times seemed to indicate that the unit wouldn't use Americans
to carry out actual assassinations. Moreover, two CIA sources insisted that
the contractors I spoke to were lying. As one put it, "These guys are
security guards who want to look like Rambo."

    When I asked Ed O'Connell, a former Air Force colonel and RAND analyst
with robust intelligence experience in Afghanistan, to evaluate these
contractors' claims, he first told me they were almost certainly a
"fantastical crock of shit." But a year later, in 2011, after a research trip
in Afghanistan for his firm Alternative Strategies Institute, O'Connell had
changed his assessment. He told me, "Your sources seem to have been correct.
Private contractors are whacking people like crazy over in Afghanistan for
the CIA."

So there you have it: A former Air Force lieutenant colonel, speaking on the
record and using the present tense, said in 2011 that "private contractors
are whacking people like crazy over in Afghanistan for the CIA."

Says Wright:


    While Blackwater's covert unit began as a Bush administration story,
President Obama now owns it. In 2010, his administration intervened on behalf
of the Blackwater executives indicted for weapons trafficking, filing motions
to suppress evidence on the grounds that it could compromise national
security. The administration then awarded Blackwater (which is now called
Academi) a $250 million contract to perform unspecified services for the CIA.
At the same time, Obama has publicly taken responsibility for some lethal
operations -- the Navy SEALs' sniper attack on Somali pirates, the raid on
bin Laden. His aides have also said that he reviews target lists for drone
strikes. The president's actions give him the appearance of a man who wants
the best of both worlds. He appears as a tough, resolute leader when he
announces his role in killings that will likely be popular -- a pirate, a
terrorist. But the apparatus for less accountable killings grinds on.

Needless to say, this ought to spark an investigation, but more than that, it
should cause Americans to step back and reflect on how vulnerable we've made
ourselves to bad actors in the post-9/11 era. We're giving C.I.A. agents and
even private security contractors the sort of power no individual should
wield. And apparently our screening apparatus turns out to be lacking.




From eugen at leitl.org  Mon Jul 23 08:45:33 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 17:45:33 +0200
Subject: Secrecy News -- 07/23/12
Message-ID: <20120723154533.GS12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From eugen at leitl.org  Mon Jul 23 09:14:28 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 18:14:28 +0200
Subject: [Freedombox-discuss] Anti- freedom-box
Message-ID: <20120723161428.GT12615@leitl.org>

----- Forwarded message from Boruch Baum <boruch.baum at gmail.com> -----


From firestormsqogj58 at roughfalls.com  Mon Jul 23 23:10:53 2012
From: firestormsqogj58 at roughfalls.com (=?koi8-r?B?IuvB0tTJztki?=)
Date: Mon, 23 Jul 2012 22:10:53 -0800
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyAhIC0gMTQ5MNLVwg==?=
Message-ID: <40973C638BAE41A7A0A7E92501A2391C@abcc5fb0e8e9c2>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50 % !!! - 1490руб вместо 3000 руб ! 
Подарок доставят Вам домой или в офис !

Купить картину здесь: www.картина-тут.рф/11.shtml	




From eugen at leitl.org  Mon Jul 23 13:40:16 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 23 Jul 2012 22:40:16 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
  exit 	relays
Message-ID: <20120723204016.GZ12615@leitl.org>

----- Forwarded message from Roger Dingledine <arma at mit.edu> -----


From mousinessleo at realfuckingcouples.com  Tue Jul 24 04:37:08 2012
From: mousinessleo at realfuckingcouples.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Tue, 24 Jul 2012 03:37:08 -0800
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <824C5EF3D27B4864B779524B56060551@furqan3af607e5>

Продается здесь www.купи-дом-здесь.рф




From bsplat7700 at ream-m.ru  Mon Jul 23 16:02:15 2012
From: bsplat7700 at ream-m.ru (=?koi8-r?B?88XNyc7B0iDQ0s8gz8bG28/S2Q==?=)
Date: Tue, 24 Jul 2012 04:32:15 +0530
Subject: =?koi8-r?B?7+bm++/y+Tog6+/u5unk5e7j6eHs+O7v8/T4IOLp+u7l8+E=?=
Message-ID: <000d01cd6927$339b28e0$6400a8c0@bsplat7700>

  27 июля 2012 г.

ОФФШОРНЫЙ БИЗНЕС:  КИПР ДО И ПОСЛЕ РАТИФИКАЦИИ ПРОТОКОЛА. ДЕТАЛЬНЫЙ АНАЛИЗ И ПРАКТИКА ИСПОЛЬЗОВАНИЯ.  (Налоги на Кипре √ не пересекая грань между оптимизаций и уклонением. Схемы с использованием Кипрских компаний)

+7 499 ЧЧ5.Ч0/95 и 8 (499) Ч454О95

Цель:

Для участия мы приглашаем как слушателей, уже использующих кипрские компании в своей работе, так и тех, кто только планирует воспользоваться данным инструментом налогового планирования, конфиденциальности и защиты активов.

Содержание семинара можно разделить на блоки:

 * последствия ратификации Протокола к соглашению об избежании двойного налогообложения между РФ и Кипром;

 * практика использования и сопровождения кипрских компаний;

 * пути применения Кипра в налоговом планировании;

 * налогообложение на Кипре (с детальным рассмотрением НДС).

По мнению автора, ратификация Протокола не приведет к массовой реструктуризации или отказам от налоговых решений с использованием Кипра, поскольку данный Протокол лишь "перетасовывает" сложившиеся принципы работы. Во многих случаях оптимальным решением будет "косметическая" коррекция договорных отношений и хозяйственных операций, которой будет уделено особое внимание в рамках данного семинара.

Тщательного рассмотрения  заслуживает налоговое законодательство Кипра и его "пересечение" с российским в налоговых решениях. Например, в уставной капитал кипрских компаний можно вложить не только денежные средства, но и акции российских компаний. Налоговые последствия при этом и методика оценки вклада в натуральной форме вызывают особенно много вопросов слушателей.

При использовании кипрских компаний многие сталкиваются с проблемами в виде непредвиденных налоговых обязательств, штрафов и пеней, возникающих из-за незнания тонкостей и особенностей налоговой системы ЕС и Кипра, эволюционирующей столь же стремительно, как и российская. В рамках данного семинара будут рассмотрены детали налоговой системы Кипра, при этом особое внимание будет уделено НДС √ наиболее сложному налогу, который регулируется не только местным законодательством, но и многочисленными европейскими директивами.

Не менее важны технические вопросы использования кипрских компаний. К сожалению, на практике взаимодействие с администратором, или регистрационным агентом, часто сопряжено с большим количеством трудностей, выливающимся в противостояние владельца компании и неторопливых кипрских юристов. Также многие сталкиваются с непрозрачностью ценообразования на отдельные услуги, особенно на аудит и номинальный сервис. Данный семинар поможет Вам оптимизировать свои отношения с администратором, и определить: за что, кому и когда Вы должны платить при использовании кипрских компаний.

Особенностью данного семинара является практическая направленность и отсутствие лишних теоретических и исторических отступлений. Семинар строится в форме интерактивного практического занятия при постоянном взаимодействии с аудиторией с разбором большого количества примеров и подробным описанием налоговых, финансовых и правовых последствий или рисков.

Программа:

НАЛОГИ НА КИПРЕ √ НЕ ПЕРЕСЕКАЯ ГРАНЬ МЕЖДУ ОПТИМИЗАЦИЙ И УКЛОНЕНИЕМ

 * Налог на прибыль (Corporate Income Tax); предварительный налог на прибыль (Preliminary Tax); налог на оборону (Special Defence Contribution); налог на прирост капитала (Capital Gains Tax) и т.д.

 * Пути минимизации налоговых отчислений на Кипре: практические примеры и анализ ошибок

 * Налогообложение операций с ценными бумагами: пределы освобождения

 * Налоговый календарь на 2012 год: сдача отчетностей, оплата налогов и сборов

 * Изменения кипрского законодательства 2012 и тенденции 2013

 * Ратификация Протокола к Соглашению между РФ и Кипром: кто понесет убытки, а кому удастся на этом заработать?

 * Как не попасть в "петлю" негативных нововведений Протокола?

НДС ПРИ ИСПОЛЬЗОВАНИИ КИПРСКИХ КОМПАНИЙ

 * Когда нужно получать номер НДС (VAT number) и можно ли это сделать в другой стране ЕС?

 * Применение механизма ⌠reverse charge■

 * Анализ основных европейских директив на предмет определения места оказания услуг (⌠the place of supply■)

 * Обложение НДС услуг, оказанных через интернет (⌠electronically supplied services■)

 * Сложные случаи экспорта-импорта: когда возникает НДС?

 * Налоговые последствия по НДС при совершении трехсторонних сделок в ЕС (triangular operations)

 * НДС и роялти, консалтинг, маркетинг √ всегда ли можно принять к вычету всю сумму входящего НДС?

СХЕМЫ С ИСПОЛЬЗОВАНИЕМ КИПРСКИХ КОМПАНИЙ

 * Владение недвижимостью с использованием кипрских компаний

 * Займы: анализ правил тонкой капитализации и прочих ограничений (ст.269 НК РФ), риски и примеры ошибок

 * Роялти: риски, оптимальная величина размеров выплат, НДС, экономическое и документальное обоснование (⌠substance■)

 * Операции с ценными бумагами и векселями

 * ЗПИФы √ применимы ли после ратификации Протокола?

 * Построение комплексной действующей холдинговой структуры и дивиденды

 * Схемы коллективных инвестиций и инвестиционные фонды на Кипре

РАБОТА С АДМИНИСТРАТОРОМ (АГЕНТОМ) И АУДИТОРОМ КИПРСКОЙ КОМПАНИИ

 * Наличие представительства администратора в Москве: преимущество или недостаток?

 * Как не дать администратору и аудитору обмануть Вас? Примеры и рекомендации

 * За что кипрские администраторы деньги брать не должны?

 * Переход к другому администратору: "подводные камни"

 * Принципы ценообразования аудиторских услуг и пути минимизации их стоимости

 * Вправе ли кипрский аудитор одновременно проверять и вести отечность?

 * Анализ среднерыночных цен и сроков оказания услуг: оцените своего администратора.

РЕАЛЬНЫЙ ОФИС НА КИПРЕ

 * Сравнение "виртуального" и реального офисов

 * Случаи, когда реальное присутствие на Кипре необходимо

 * Инструменты создания видимости контроля компании с территории Кипра

 * Наем персонала в кипрскую компанию: налоговые и практические вопросы

НОМИНАЛЬНЫЙ СЕРВИС И КОНФИДЕНЦИАЛЬНОСТЬ

 * Документы, регламентирующие возникающие отношения: на что следует обратить внимание?

 * Раскрытие информации в связи с ратификацией Протокола

 * Полномочия номинальных директоров и акционеров: где границы и кем они устанавливаются?

 * Что делать, если номинальный директор отказывается подписывать документы?

БАНКОВСКИЕ СЧЕТА

 * Анализ надежности кипрских банков на фоне ухудшения ситуации в ЕС

 * Пути снятия средств со счета кипрского банка в России

 * Раскрытие банковской тайны √ факты и выводы

 * Тарифы популярных кипрский и прибалтийских банков. Использование SEPA.

 * Выплаты зарплаты путем выпуска карт к счетам в кипрских банках

Стоимость участия:  9 000 рублей

По вопpоcам подробной информации и pегucтаpацuu обpащайтеcь по тел: 8 (495) 792\21\2-2 **** 8 (495) 792\2122
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 11646 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120724/f925e453/attachment.txt>

From eugen at leitl.org  Mon Jul 23 23:38:02 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 24 Jul 2012 08:38:02 +0200
Subject: [tor-relays] Electronic surveillance on major tor exits
Message-ID: <20120724063802.GB12615@leitl.org>

----- Forwarded message from Name Withheld <survivd at gmail.com> -----


From err69 at relivinc.com  Mon Jul 23 22:35:19 2012
From: err69 at relivinc.com (=?koi8-r?B?ItLFzc/O1CI=?=)
Date: Tue, 24 Jul 2012 11:05:19 +0530
Subject: =?koi8-r?B?99PFINfJxNkg0sXNz87UwSA=?=
Message-ID: <A89B122184ED467CA8BF89D4C5A2D344@royal12>

Все виды ремонта www.ремонт-тут.рф




From collectiblet564 at roguedisposal.com  Mon Jul 23 23:39:28 2012
From: collectiblet564 at roguedisposal.com (=?koi8-r?B?Iu3By9PJzcHM2M7B0SDSxcvMwc3BIg==?=)
Date: Tue, 24 Jul 2012 12:09:28 +0530
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiwg7cXT0cMgNDQg0sHT?=
	=?koi8-r?B?09nMy8kgMjAgMDAwINLVwszFyg==?=
Message-ID: <924B773B9889464FB9F0660D850A3E9D@niit5577e3bed3>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971




From plainnessg03 at rotulosaeroluz.com  Tue Jul 24 01:12:34 2012
From: plainnessg03 at rotulosaeroluz.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Tue, 24 Jul 2012 13:42:34 +0530
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <FB4B5651992C44A1B61F77BB4C34BCA1@viny>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From astonishingmb2645 at redhedoil.com  Tue Jul 24 05:49:13 2012
From: astonishingmb2645 at redhedoil.com (=?koi8-r?B?IuUt0sXLzMHNwSI=?=)
Date: Tue, 24 Jul 2012 14:49:13 +0200
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <055896946.83879826699178@redhedoil.com>

A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 14624 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120724/47f672bb/attachment.txt>

From likeningd at rapidnic.com  Tue Jul 24 02:53:10 2012
From: likeningd at rapidnic.com (=?koi8-r?B?IvPF0sfFyiI=?=)
Date: Tue, 24 Jul 2012 15:23:10 +0530
Subject: =?koi8-r?B?88TBxdTT0SDPxsnTIM0uIO7P18/TzM/Cz8TTy8HRINDMLiAxNzggzS7L?=
	=?koi8-r?B?1y4=?=
Message-ID: <D312BAB391224F0BA1E5209A13435B86@Educomp>

Сдается офис (м. Новослободская,) ул.Новослободская (первая линия домов)
пл. 178 м.кв. 13500 руб/м.кв в год, включая коммунальные расходы.
 +7 (903) 77-00-262  Сергей




From verbalizevm6 at rogers-brown.com  Tue Jul 24 03:19:52 2012
From: verbalizevm6 at rogers-brown.com (=?koi8-r?B?IvPF0sfFyiI=?=)
Date: Tue, 24 Jul 2012 15:49:52 +0530
Subject: =?koi8-r?B?88TBxdTT0SDPxsnTIM0uIO7P18/TzM/Cz8TTy8HRINDMLiAxNzggzS7L?=
	=?koi8-r?B?1y4=?=
Message-ID: <DFFCD224EC91424E927539E23F8BD022@hcl69pc>

Сдается офис (м. Новослободская,) ул.Новослободская (первая линия домов)
пл. 178 м.кв. 13500 руб/м.кв в год, включая коммунальные расходы.
 +7 (903) 77-00-262  Сергей




From bayes34 at rginy.com  Tue Jul 24 06:29:26 2012
From: bayes34 at rginy.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Tue, 24 Jul 2012 18:59:26 +0530
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <E983D91F36E143448BDEF12DE7D1491D@com>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From zooko at zooko.com  Tue Jul 24 15:56:44 2012
From: zooko at zooko.com (Zooko Wilcox-O'Hearn)
Date: Tue, 24 Jul 2012 19:56:44 -0300
Subject: [tahoe-dev] notes from the Tahoe-LAFS Weekly Call
Message-ID: <mailman.3603.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

notes from Tahoe-LAFS Weekly Call, 2012-07-24
In attendance: David-Sarah, Brian, Zooko

http://titanpad.com/zuldkxdVX5

(appending a copy below)

Summary of the summary: Brian and David-Sarah are hard at work on the
accounting and lease database development, part of which goes to
satisfy Least Authority Enterprises's obligations to DARPA, and we're
planning to start the process of making Tahoe-LAFS v1.10 soon
thereafter.

Regards,

Zooko


notes from Tahoe-LAFS Weekly Call, 2012-07-24

In attendance: David-Sarah, Brian, Zooko (first scribe -- pinkish
purplish words)

David-Sarah updated (merged) cloud-backend to current trunk. It would
be helpful if Brian would bring accounting-2 up to date with trunk.

David-Sarah needs to thoroughly go through Brian's code.

David-Sarah has a better mental model of the statemachine of the lease
db than Brian has, so David-Sarah will start writing that code.

One of the next things to do is to make the backend fully asynchronous
without yet making the other changes.

Brian will take David-Sarah's patches to asynchrify the local storage
and merge those to trunk and review them and finish them as needed.

A ShareSet is a set of shares from the same file, stored on a single
server. (This was formerly known in the code, but inconsistently, as a
"Bucket".)

The order we're doing things in:

1. some combination of:
 1a: Make the storage/crawler tests asynchronous.
 1b: split the storage server into frontend (Referenceable) and
backend (disk/S3) pieces
 1c: make the backend interfaces async (return Deferred from everything)
 1d: make all the tests work again
2: split frontend into even-more-fronty Accounts (Referenceable,
implements RIStorageServer) and slightly-less-fronty Server (not
Referenceable, takes Account object as arg of each request)
3: create leasedb, crawler + share-state-machine
4: publish a single shared "Anonymous" account to clients
5: DARPA milestone: all accesses use the Anonymous account, external
behavior is same as before
6: add Account-acquisition (furlification) process, client keys. New
clients will now use non-anonymous accounts (old clients, if
permitted, will still use the anonymous account).
7: add some kind of UI to display per-account usage
8: add UI to control per-account usage (enable/disable)

Currently mutable files are exempt from storage limits.

The lease db will store the size of each mutable share. We don't mind
if the leasedb trusts its stored share size instead of inspecting the
filesystem to see if that changed out from under it.

Q: What does the cloud backend do when you modify a mutable share?

A: Modification of each chunk is atomic (thanks to S3's semantics) but
the change of multiple chunks at once in a given share is not atomic.

D-S and Zooko, at least, prefer not to try to write changes to mutable
share atomically for now, but just to overwrite them simply and
efficiently and non-atomically. (Ultimately we want end-to-end
two-phase commit!)

Mutable-share storage backend writev() method will be changed to
return the new share size (backend bytes consumed) in the Deferred
that fires when the write finishes. The server will then update the
leasedb with the new size. So out-of-band share *modifications* (not
creations/deletions) will result in inaccurate accounting data until
the share is next modified, at which point it will be fixed. We're ok
with that inaccuracy. (the share-crawler will make sure that
creation/deletion is noticed sooner).

What about the 1.10 release?

Brian needs to look at the current trunk and see if he's content with
the introducer changes. In particular, changing server key to node
key.

Need to follow-up on the bigger discussion about peer-to-peer vs.
client-server, and to what extent the changes we're doing now interact
with that.

For the most part, the changes we're deploying now don't constrain
those future design decisions.


The question of reciprocal accounting agreement: my server will hold
data for your client, *because* your server is holding data for my
client. Should we implement that specifically, by making your client
and server use the same private key, and my server uses that fact to
decide whether to give your client storage? Or should we implement the
more general case?

David-Sarah and Zooko are a bit skeptical of the utility of that
specific reciprocal case. Brian, too.

When I last dove into accounting about 6-12 months ago, I got stuck
trying to figure out how servers would express "please give any
reciprocal benefit for the data I'm holding for you to that client
over there, because I'm working for him". Something like client1 pays
server2 to hold data (in the "rent-a-friend" case), client3 runs
server4, server2 is holding data for client3, so client1 ought to be
able to store data on server4. Each server needs a number of "credit
goes to client X" pointers, and clients probably need something
similar. It got too hairy to think about. The simpler
every-node-is-both-client-and-server case was easier to handle. But
this may be a simplification that we can't afford to make.. maybe we
just have to figure out the full case.


Maybe at the next Summit we could look at accounting from the user
experience perspective -- how do people turn it on, how do they
express their intent about which of their friends to give service to.


Brian told a story about an economist for a MMORPG, who investigated
why some trades had prices way out of market range. He decided that
some of them were people giving items to their friends. The economist
said that money can't pay all debts. Suppose Grandma hosts
Thanksgiving dinner and puts on a feast, and she expects the kids to
do the dishes and cleanup. There is no polite way to ask how much
money would you have to pay to get out of doing the dishes. Similarly,
there are at least two major use cases that we're already supporting:
Friendnets and pay-for-usage services like LAE. If we made a new thing
in which the question of "Why does my server give you service?" can
*only* be answered with money then that would probably exclude Tahoe
from being used in those friendnets. (Zooko joked that he has already
tried that and it didn't work -- alluding to Mojo Nation.)
 (I'm trying to find the blog post this story came from, it probably
came across my twitter stream in the last two weeks, maybe from
amiller or another economics fan. The point was that "money is a
universal exchange medium" isn't actually true).

So, Brian went on, the first steps into the new world of accounting
should include providing visibility to the user about what resources
are being offered by who to whom and so on.
https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Ostrom . Second step is
coarse control over usage (accept/deny/delete). Then comes
finer-grained control (gradations of sanctions), more public
information about usage, more social visibility+control. *then*
economics.


In the last couple of minutes of the call there was a brief discussion
of XSalsa20 in Tahoe-LAFS v1.10.0. Zooko is keen to get XSalsa20b
AES
in ASAP, but David-Sarah (Release Manager for v1.10.0) says that v1.10
is supposed to be only things that are already ready and in trunk when
we are ready to begin making a new release (i.e., after the Milestone
3 delivery to DARPA). Zooko conceded that XSalsa20b
AES is not already
ready and in trunk...



notes from Tahoe-LAFS Weekly Call, 2012-07-24

In attendance: David-Sarah, Brian, Zooko (first scribe -- pinkish
purplish words)

David-Sarah updated (merged) cloud-backend to current trunk. It would
be helpful if Brian would bring accounting-2 up to date with trunk.

David-Sarah needs to thoroughly go through Brian's code.

David-Sarah has a better mental model of the statemachine of the lease
db than Brian has, so David-Sarah will start writing that code.

One of the next things to do is to make the backend fully asynchronous
without yet making the other changes.

Brian will take David-Sarah's patches to asynchrify the local storage
and merge those to trunk and review them and finish them as needed.

A ShareSet is a set of shares from the same file, stored on a single
server. (This was formerly known in the code, but inconsistently, as a
"Bucket".)

The order we're doing things in:

1. some combination of:
 1a: Make the storage/crawler tests asynchronous.
 1b: split the storage server into frontend (Referenceable) and
backend (disk/S3) pieces
 1c: make the backend interfaces async (return Deferred from everything)
 1d: make all the tests work again
2: split frontend into even-more-fronty Accounts (Referenceable,
implements RIStorageServer) and slightly-less-fronty Server (not
Referenceable, takes Account object as arg of each request)
3: create leasedb, crawler + share-state-machine
4: publish a single shared "Anonymous" account to clients
5: DARPA milestone: all accesses use the Anonymous account, external
behavior is same as before
6: add Account-acquisition (furlification) process, client keys. New
clients will now use non-anonymous accounts (old clients, if
permitted, will still use the anonymous account).
7: add some kind of UI to display per-account usage
8: add UI to control per-account usage (enable/disable)

Currently mutable files are exempt from storage limits.

The lease db will store the size of each mutable share. We don't mind
if the leasedb trusts its stored share size instead of inspecting the
filesystem to see if that changed out from under it.

Q: What does the cloud backend do when you modify a mutable share?

A: Modification of each chunk is atomic (thanks to S3's semantics) but
the change of multiple chunks at once in a given share is not atomic.

D-S and Zooko, at least, prefer not to try to write changes to mutable
share atomically for now, but just to overwrite them simply and
efficiently and non-atomically. (Ultimately we want end-to-end
two-phase commit!)

Mutable-share storage backend writev() method will be changed to
return the new share size (backend bytes consumed) in the Deferred
that fires when the write finishes. The server will then update the
leasedb with the new size. So out-of-band share *modifications* (not
creations/deletions) will result in inaccurate accounting data until
the share is next modified, at which point it will be fixed. We're ok
with that inaccuracy. (the share-crawler will make sure that
creation/deletion is noticed sooner).

What about the 1.10 release?

Brian needs to look at the current trunk and see if he's content with
the introducer changes. In particular, changing server key to node
key.

Need to follow-up on the bigger discussion about peer-to-peer vs.
client-server, and to what extent the changes we're doing now interact
with that.

For the most part, the changes we're deploying now don't constrain
those future design decisions.


The question of reciprocal accounting agreement: my server will hold
data for your client, *because* your server is holding data for my
client. Should we implement that specifically, by making your client
and server use the same private key, and my server uses that fact to
decide whether to give your client storage? Or should we implement the
more general case?

David-Sarah and Zooko are a bit skeptical of the utility of that
specific reciprocal case. Brian, too.

When I last dove into accounting about 6-12 months ago, I got stuck
trying to figure out how servers would express "please give any
reciprocal benefit for the data I'm holding for you to that client
over there, because I'm working for him". Something like client1 pays
server2 to hold data (in the "rent-a-friend" case), client3 runs
server4, server2 is holding data for client3, so client1 ought to be
able to store data on server4. Each server needs a number of "credit
goes to client X" pointers, and clients probably need something
similar. It got too hairy to think about. The simpler
every-node-is-both-client-and-server case was easier to handle. But
this may be a simplification that we can't afford to make.. maybe we
just have to figure out the full case.


Maybe at the next Summit we could look at accounting from the user
experience perspective -- how do people turn it on, how do they
express their intent about which of their friends to give service to.


Brian told a story about an economist for a MMORPG, who investigated
why some trades had prices way out of market range. He decided that
some of them were people giving items to their friends. The economist
said that money can't pay all debts. Suppose Grandma hosts
Thanksgiving dinner and puts on a feast, and she expects the kids to
do the dishes and cleanup. There is no polite way to ask how much
money would you have to pay to get out of doing the dishes. Similarly,
there are at least two major use cases that we're already supporting:
Friendnets and pay-for-usage services like LAE. If we made a new thing
in which the question of "Why does my server give you service?" can
*only* be answered with money then that would probably exclude Tahoe
from being used in those friendnets. (Zooko joked that he has already
tried that and it didn't work -- alluding to Mojo Nation.)
 (I'm trying to find the blog post this story came from, it probably
came across my twitter stream in the last two weeks, maybe from
amiller or another economics fan. The point was that "money is a
universal exchange medium" isn't actually true).

So, Brian went on, the first steps into the new world of accounting
should include providing visibility to the user about what resources
are being offered by who to whom and so on.
https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Ostrom . Second step is
coarse control over usage (accept/deny/delete). Then comes
finer-grained control (gradations of sanctions), more public
information about usage, more social visibility+control. *then*
economics.


In the last couple of minutes of the call there was a brief discussion
of XSalsa20 in Tahoe-LAFS v1.10.0. Zooko is keen to get XSalsa20b
AES
in ASAP, but David-Sarah (Release Manager for v1.10.0) says that v1.10
is supposed to be only things that are already ready and in trunk when
we are ready to begin making a new release (i.e., after the Milestone
3 delivery to DARPA). Zooko conceded that XSalsa20b
AES is not already
ready and in trunk...
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From nick.m.daly at gmail.com  Tue Jul 24 18:35:32 2012
From: nick.m.daly at gmail.com (Nick M. Daly)
Date: Tue, 24 Jul 2012 20:35:32 -0500
Subject: [Freedombox-discuss] Would you sign a key with a pseudonymous
	keyholder name?
Message-ID: <mailman.3604.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

On Sat, 21 Jul 2012 10:12:37 -0700 (PDT), Jonathan Wilkes wrote:
> > The whole point of key-signing is that you're verifying that you do
> > know the providence of the data signed or encrypted by that
> > key. Anonymity is the opposite of that. If you want anonymity, then
> > you don't want public key encryption. They are not compatible.
> 
> Did you mean to say, "if you want anonymity, then you don't want key
> signing"?

Probably.  Given how researchers could uniquely re-identify a third of
nameless Twitter and Flickr users based on the social graph alone [0],
you might either want to avoid key signing or avoid any overlapping
(reference) social interaction.

Also, how'd we get back to "web-of-trust" vs. "web-of-verified-identity"
again?  Given all the different social understandings of the issues in
different contexts, the relevant interpretation seems User * Context
based (e.g., 5 users * 6 contexts = 30 interpretations).  As Jonas
mentioned, social standards can offer direction but the choice and
interpretation still seems based, ultimately, on the user and signing
statement.

/me lights up the dkg signal

0: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1450006



_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss at lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From durochery1 at renbergs.com  Tue Jul 24 23:58:27 2012
From: durochery1 at renbergs.com (=?koi8-r?B?IuUt7cHSy8XUyc7HIg==?=)
Date: Wed, 25 Jul 2012 00:58:27 -0600
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <6D5A66CF8AEB42FBACD92AF5CA4D677E@sigma896d92ace>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1458 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120725/0bda1664/attachment.txt>

From startera50 at rotospray.com  Wed Jul 25 05:27:42 2012
From: startera50 at rotospray.com (=?koi8-r?B?Iu7v9/nqIOvv9PTl5PYi?=)
Date: Wed, 25 Jul 2012 04:27:42 -0800
Subject: =?koi8-r?B?8NLPxMHF1NPRICDu7/f56iDr7/T05eT2?=
Message-ID: <AC8883B241E941D4A69D216010440CB8@babarf4d013b04>

Продается  НОВЫЙ КОТТЕДЖ

Коттедж, 200 м2
Участок: 12 сот.
Киевское шоссе, Боровск

Газ, вода, Электрика, Канализация, все заведено в дом и функционирует
Под чистовую отделку
ТРЕБУЕТСЯ ТОЛЬКО ФИНИШНАЯ ОТДЕЛКА.
немецкие технологии

6,7 млн. руб

www.продам-дом-тут.рф




From dawesz28 at remyinc.com  Wed Jul 25 06:24:19 2012
From: dawesz28 at remyinc.com (=?koi8-r?B?Iu/GxtvP0iDawSA4NTkgxM/MzMHSz9ci?=)
Date: Wed, 25 Jul 2012 05:24:19 -0800
Subject: =?koi8-r?B?78bG28/SzsHRIMbJ0s3BINMg0M/MztnNIM7PzcnOwczYztnNINPF0tfJ?=
	=?koi8-r?B?08/N?=
Message-ID: <B617215293B54240B5CF160A8FDFFD5B@uzair95b398fe7>

Самые низкие цены на оффшорные фирмы: от 859 долларов

С полным номинальным сервисом: 1399 долларов

Открытие счета в оффшорном банке за 1 час - 450 долларов (выдаём сразу реквизиты, токен с ключами).



Контакты:

Москва: +7 (495) 649 8827

Лондон: +44 (203) 514 9943

www.оффшорбыстро.рф




From duckbillszk at recofact.com  Wed Jul 25 09:11:56 2012
From: duckbillszk at recofact.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Wed, 25 Jul 2012 08:11:56 -0800
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <22075A8562D84D028F2705EE246E34A9@0300884535c830>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From r.deibert at utoronto.ca  Wed Jul 25 06:13:46 2012
From: r.deibert at utoronto.ca (Ronald Deibert)
Date: Wed, 25 Jul 2012 09:13:46 -0400
Subject: [liberationtech] Finfisher Spy Kit Revealed in Bahrain
Message-ID: <mailman.3605.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

For Immediate Release

>From Bahrain With Love: FinFisherbs Spy Kit Exposed?

July 25, 2012 -- The Citizen Lab announces the publication of a detailed post analyzing several pieces of malware targeting Bahraini dissidents, shared with us by Bloomberg News.

The analysis suggests that the malware used is "FinSpy," part of the commercial intrusion kit, Finfisher, distributed by the United Kingdom-based company, Gamma International.

The commercial market for computer network attack, exploitation, and targeted surveillance products and services is growing. Several reports have identified these products and services being marketed to regimes that violate human rights or employ them to quell political opposition. However, the market is shrouded in secrecy with some companies going so far as advertising their clandestine capabilities. 

The market has been controversial: In September 2011, the EU Parliament passed a resolution that bans the export of information technology systems that can be used bin connection with a violation of human rights, democratic principles or freedom of speech [b&] by using interception technologies and digital data transfer devices for monitoring mobile phones and text messages and targeted surveillance of Internet use.b

While there have been reports and descriptions of Gamma International's products (including revelations that they had been sold to the Egyptian government's state security apparatus), this is the first public analysis of the Finfisher toolkit.

Malware analysis by Morgan Marquis-Boire and Bill Marczak. Assistance from Seth Hardy and Harry Tuttle gratefully received.

Special thanks to John Scott-Railton.

Thanks to Marcia Hofmann and the Electronic Frontier Foundation (EFF).

We would also like to acknowledge Privacy International for their continued work and graciously provided background information on Gamma International.

For full report, please see: https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/

For Bloomberg news report, please see here: http://www.bloomberg.com/news/2012-07-25/cyber-attacks-on-activists-traced-to-finfisher-spyware-of-gamma.html

For press inquiries, please contact info at citizenlab.org

Ronald J. Deibert
Professor of Political Science
Director, The Canada Centre for Global Security Studies and
The Citizen Lab
Munk School of Global Affairs
University of Toronto
r.deibert at utoronto.ca
http://deibert.citizenlab.org/
twitter.com/citizenlab








_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From sb at gbn.org  Wed Jul 25 10:15:54 2012
From: sb at gbn.org (Stewart Brand)
Date: Wed, 25 Jul 2012 10:15:54 -0700
Subject: [SALT] Cory Doctorow next TUESDAY July 31 (for forwarding)
Message-ID: <mailman.3606.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>


Attacks on computer freedom will just keep escalating, Doctorow contends. The copyright wars, net neutrality, and SOPA (Stop Online Piracy Act) were early samples of what is to come. Victories for freedom in those battles were temporary. Conflict in the decades ahead will feature ever higher stakes, more convoluted issues, and far more powerful technology. The debate is about how civilization decides to conduct itself---and in whose interests.

bCory Doctorow is one of the great context-setters of our generation,b says Tim ObReilly. Co-editor of the acclaimed blog bBoing Boing,b Doctorow writes contemporary science fiction blending contextual insight with journalistic depth.  His recent books include For the Win; Makers; and Little Brother.

"The Coming Century of War Against Your Computer," Cory Doctorow, Novellus Theater, Yerba Buena Center for the Arts, San Francisco, 7pm, Tuesday, July 31.  The show starts promptly at 7:30pm.

To be sure of a seat:
b" Long Now Members can use the discount code on the Doctorow Seminar page to reserve 1 free seat.
b" You can purchase tickets for $10 each.
b" Tune into the live audio stream for Long Now Members at 7:30 PST - become a member for just $8 a month.
Share this talk: Cory Doctorow, "The Coming Century of War Against Your Computer" Long Now talk on 7/31 http://goo.gl/nRmUi

Talks coming up:
Aug. 20 (Mon) - Elaine Pagels, "The Truth About the Book of Revelations" 
Sept. 5 (Tue) - Tim O'Reilly, "Birth of the Global Mind"
Oct. 8 (Mon) - Steven Pinker, "The Decline of Violence"
Nov. 13 (Tue) - Lazar Kunstmann, Jon Lackman, "Preservation without Permission: the Paris Urban eXperiment"

High-quality videos of the talks and other benefits (such as priority tickets) are available to Long now members.  Membership, which starts at $8/month ($96/year), helps support the series and other Long Now projects.  Joinable here.

This is one of a monthly series of Seminars About Long-term Thinking (SALT) organized by The Long Now Foundation.  Free audio and my summaries of all previous talks are available for download here (or stay up to date with the podcast here).  You'll find a range of long-term thinking items on our Blog (RSS).  If you would like to be notified by email (like this one) of forthcoming talks, go here to sign up online.  Any questions, contact Danielle Engelman at Long Now -- 415-561-6582 x1 or danielle at longnow.org.

You are welcome to forward this notice to anyone you think might be interested.

 --Stewart Brand

--
Stewart Brand -- sb at gbn.org
The Long Now Foundation -- http://longnow.org/
Seminars & downloads -- http://longnow.org/seminars/
b"Twitter - up to the minute info on tickets and events
b"Long Now Blog - daily updates on events and ideas
b"Facebook - stay in touch through our fan page


_______________________________________________
SALT mailing list
unsubscribe / change email: http://list.longnow.org/mailman/listinfo/salt


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul 25 02:05:49 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 11:05:49 +0200
Subject: [tahoe-dev] notes from the Tahoe-LAFS Weekly Call
Message-ID: <20120725090549.GD12615@leitl.org>

----- Forwarded message from Zooko Wilcox-O'Hearn <zooko at zooko.com> -----


From eugen at leitl.org  Wed Jul 25 02:11:53 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 11:11:53 +0200
Subject: [Freedombox-discuss] Would you sign a key with a
  pseudonymous 	keyholder name?
Message-ID: <20120725091153.GG12615@leitl.org>

----- Forwarded message from "Nick M. Daly" <nick.m.daly at gmail.com> -----


From undervalues31 at rosssisters.com  Tue Jul 24 22:53:03 2012
From: undervalues31 at rosssisters.com (=?koi8-r?B?IvPF0sfFyiI=?=)
Date: Wed, 25 Jul 2012 11:23:03 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIDItyCDLz80uIMvXLdLBIM7BIO3J3tXSyc7Ty8/NINDS?=
	=?koi8-r?B?LdTFINLRxM/NINMg7ef1IMnNLiDsz83Pzs/Tz9fB?=
Message-ID: <774BC9944BD44E3FAF77AEDA3CF61FC3@xyz>

Срочно Продается 2-х комнатная квартира 51 кв.м в престижном районе Москвы рядом с МГУ им.Ломоносова по адресу: Мичуринский проспект 13 корпус 1 - монолитно кирпичный дом-башня 24 этажа 2008 года, полностью заселен. Рядом находятся известный эксклюзивные ЖК "Шуваловский" и ЖК "Коллизей". 
Характеристики квартиры:
Общая: 51 м2
Кухня: 8 м2
Комнаты 18 + 13 метров
Имеется балкон и лоджия
Лифты: 2 грузовых и 2 пассажирских
Санузел: раздельный
Этаж: 20

Полный и качественный ЕВРОРЕМОНТ, импортная сантехника, итальянская кухня с встроенной техникой (остается после продажи). Уютная и комфортабельная квартира. Маленькое "гнездышко" для людей со вкусом. Окна на две стороны, солнечная сторона. После ремонта никто не жил, квартира освобождена и готова к продаже! Удалена на 400 метров от Мичуринского и Ломоносовского проспектов, поэтому чистейший воздух. Бронированная дверь, чистый подъезд, домофон, консьерж.
До метро "Университет" в настоящее время расстояние 1 км. Там находится крупный торговый центр "Капитолий" с Ашаном, много бутиков и ресторанов. В 2014 году будет открыта станция метро "Ломоносовский проспект" в 500 метрах от дома.

Если Вы или ваши близкие учитесь или планируете учиться в МГУ или хотите добираться до Центра Москвы без пробок и дышать чистым воздухом - ЭТО ИДЕАЛЬНЫЙ вариант!!! 
Отличное соотношение цена - качество для этого престижного района Москвы!

ЧИСТАЯ ПРОДАЖА! Квартира в собственности! Один собственник, никто не прописан. Юридически и физически свободна!



СТОИМОСТЬ - 12 500 000 РУБ Телефон: +79653093660 Сергей
www.мичуринский-мгу.рф




From campanileskro96 at roviramunoz.com  Tue Jul 24 21:26:13 2012
From: campanileskro96 at roviramunoz.com (=?koi8-r?B?IuvB0tTJztki?=)
Date: Wed, 25 Jul 2012 11:26:13 +0700
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyAhIC0gMTQ5MNLVwg==?=
Message-ID: <E948BA5F91C64620A6E3F19790A00E9F@TATAUSAHA02>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50 % !!! - 1490руб вместо 3000 руб ! 
Подарок доставят Вам домой или в офис !

Купить картину здесь: www.картина-тут.рф/11.shtml	




From chucklesri6 at radgametools.com  Wed Jul 25 03:19:50 2012
From: chucklesri6 at radgametools.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Wed, 25 Jul 2012 12:19:50 +0200
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <D4A6AD979DDA41F0946E7A05FDDEB651@lalit97b07662a>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From amiller at cs.ucf.edu  Wed Jul 25 10:41:21 2012
From: amiller at cs.ucf.edu (Andrew Miller)
Date: Wed, 25 Jul 2012 13:41:21 -0400
Subject: [tahoe-dev] notes from the Tahoe-LAFS Weekly Call
Message-ID: <mailman.3607.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

I am sad I missed yesterdaybs call! But Ibm delighted this topic was
discussed. Ibm a big fan of the story that Brian told - my favorite
version is from David Graeber [1]. I also agree with the implications
for designing an accounting scheme. I have only one point to add.

To summarize the notes, there are two revelations arising from the vignette:
- Money isnbt (quite) a universal medium of exchange
- Exchange often involves a residual social relationship

These lead to the two suggestions about how to proceed:
1. First begin with a bcreditb mechanism, with three features:
     a. Issuable: you can grant someone a credit/quota for some storage
     b. Redeemable: if you have a credit, you can use it to store some data
     c. Visible: a user should know whether he has a credit or not
(public visibility is useful too)
2. Postpone decisions about balance and reciprocity (economic policy),
as they are secondary.

So thatbs my summary of what you discussed, based on the scribebs
notes (but please point out if I interpreted this wrong).

The point I want to add is simple in comparison to what you already
covered. It follows as a corollary from the above. You should also
prioritize an additional feature:
d. Transferable: there should be a way to split off some of your
storage quota and dedicate it to someone else. Obviously this is
possible when Alice gives Bob her root cap. But finer grained
delegation is preferable.

[alternate story ending]b&. After dinner, Grandma does the dishes
herself while the granchildren go next door to and clean all the
viruses off Grandmabs neighborbs computer. Therebs ice cream for them
when they return.

The corollary is that exchange can act along transitive links of
social relationships. bTransferableb is the only required mechanism
for this to work within a credit/quota system. It doesnbt require a
reciprocation policy, or even any particular explanation for the
motivation behind the transfer.

[1]. David Graeber. 2011. Debt: The First 5000 Years.
http://www.amazon.com/dp/1933633867

-- 
Andrew Miller
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gfoster at entersection.org  Wed Jul 25 12:12:41 2012
From: gfoster at entersection.org (Gregory Foster)
Date: Wed, 25 Jul 2012 14:12:41 -0500
Subject: [drone-list] Canada's Project JUSTAS
Message-ID: <mailman.3608.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

   Looks like the Canadian military is ready to embrace drones after a few
   forays during the past decade.  [1]@NoDronesCanada has posted a link to
   a Google Doc with an interesting (looking?) RFI for Project JUSTAS
   (Joint UAS Surveillance and Target Acquisition System):
   [2]http://twitter.com/NoDronesCanada/status/228200081474613249
   Here's a mention of this project in May:
   [3]http://www.cbc.ca/news/canada/newfoundland-labrador/story/2012/05/16
   /nl-mackay-5wing-plans-517.html
   gf
--
Gregory Foster || [4]gfoster at entersection.org
@gregoryfoster <> [5]http://entersection.com/

References

   1. http://twitter.com/NoDronesCanada
   2. http://twitter.com/NoDronesCanada/status/228200081474613249
   3. http://www.cbc.ca/news/canada/newfoundland-labrador/story/2012/05/16/nl-mackay-5wing-plans-517.html
   4. mailto:gfoster at entersection.org
   5. http://entersection.com/

_______________________________________________
drone-list mailing list
drone-list at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/drone-list

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul 25 06:19:26 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 15:19:26 +0200
Subject: [liberationtech] Finfisher Spy Kit Revealed in Bahrain
Message-ID: <20120725131926.GN12615@leitl.org>

----- Forwarded message from Ronald Deibert <r.deibert at utoronto.ca> -----


From idahoansep64 at roidupc.com  Wed Jul 25 03:49:39 2012
From: idahoansep64 at roidupc.com (=?koi8-r?B?IvPF0sfFyiI=?=)
Date: Wed, 25 Jul 2012 16:19:39 +0530
Subject: =?koi8-r?B?88TBxdTT0SDPxsnTIM0uIO7P18/TzM/Cz8TTy8HRINDMLiAxNzggzS7L?=
	=?koi8-r?B?1y4=?=
Message-ID: <CDFB23287EAB4874B3D615D62407E6C7@HDFC1>

Сдается офис (м. Новослободская,) ул.Новослободская (первая линия домов)
пл. 178 м.кв. 13500 руб/м.кв в год, включая коммунальные расходы.
 +7 (903) 77-00-262  Сергей




From depredations0 at rotabanner.com  Wed Jul 25 05:26:14 2012
From: depredations0 at rotabanner.com (=?koi8-r?B?Iu/GxtvP0iDawSA4NTkgxM/MzMHSz9ci?=)
Date: Wed, 25 Jul 2012 17:56:14 +0530
Subject: =?koi8-r?B?78bG28/SzsHRIMbJ0s3BINMg0M/MztnNIM7PzcnOwczYztnNINPF0tfJ?=
	=?koi8-r?B?08/N?=
Message-ID: <ACE9B4EE6B0C405B90FFE87692A67CB3@computer1>

Самые низкие цены на оффшорные фирмы: от 859 долларов

С полным номинальным сервисом: 1399 долларов

Открытие счета в оффшорном банке за 1 час - 450 долларов (выдаём сразу реквизиты, токен с ключами).



Контакты:

Москва: +7 (495) 649 8827

Лондон: +44 (203) 514 9943

www.оффшорбыстро.рф




From skyl4rk at gmail.com  Wed Jul 25 19:09:00 2012
From: skyl4rk at gmail.com (skyl4rk)
Date: Wed, 25 Jul 2012 19:09:00 -0700 (PDT)
Subject: [HacDC:Byzantium] Some thoughts on the needs of users
Message-ID: <mailman.3609.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

Assuming that Byzantium is started up in a group of laptop pc's in response 
to an emergency, I can see two cases of users:

A. Support Team and B. Victims.

The support team is airlifted into the disaster area and has a specific 
humanitarian aid task to perform.  Their needs are to communicate with each 
other, communicate with home base and to access relatively large pdf 
manuals, rules and procedures files for their organization.  They may need 
to communicate with local organizations or the local population using a pc 
but this is less likely in the initial aftermath.  They may need to order 
equipment and materials online via a web browser app.  In an emergency 
situation, high bandwidth internet is probably not available although the 
support team may have low bandwidth internet available to them (cell, 
satphone, packet radio).

For initial communication before there is any access to internet, I would 
recommend a webforum type application instead of IRC.  A forum allows for 
the creation of stickies and allows for searching of older posts.  More 
people are familiar with webforums than IRC.  IRC can work but there needs 
to be an instruction manual on how to use it.

For distributing large pdf files of manuals, rules and procedures, the 
options are to have one laptop serve all other users.  This is somewhat 
inefficient use of the servers bandwidth since is it probably also serving 
other applications.  I would suggest some type of torrent application so 
that any pc with even a piece of the document could serve parts of the 
document that is needed by all users.  Perhaps there could be a persistant 
directory that is set up so that any document that is saved there would be 
made available as a torrent to other users and the torrent program would 
automatically start upon boot from CD.

When internet is available, the ideal method of communication is by email.  
Ideally, each support team member would have a gmail account and access it 
over the internet.  I am assuming that an email server is too complicated 
to configure and set up.  This may not be correct.

A cell phone application similar to villagetelco.org (asterisk) could be 
very useful to allow the use of cell phones in the local area even if cell 
towers are not working.  This would allow the use of smartphones similar to 
walkie talkies, even if there were no connection outside of the local 
meshnet.

Support team services should be given priority and dedicated bandwidth.

Victim services.  The most important victim service during an emergency is 
health and welfare traffic.  Most of this traffic is family members calling 
in to the disaster area to try to find the status of loved ones.  In this 
case, when internet access is available, some kind of forum or bulletin 
board could be used to post questions, and those who have information can 
respond.  This should be set up in advance and hosted offsite.  Requests 
for information on family member status should be referred to this website.

Some health and welfare traffic is related to medical advice.  This should 
be given some type of priority and should be confidential.  Perhaps a 
private IRC channel is best for this.

There needs to be a way to allow some groups prioritized access to 
internet.  For example, there may be local government agencies that need an 
internet connection.  There needs to be a way to separate this traffic and 
allow it a prioritized access to the internet.  The Support Team needs 
prioritized access to the internet.

In some cases it may be desired to allow Byzantium to provide internet 
access to the public.  For many nonemergency uses, this is probably an 
important option.  For emergency services, it should be possible to limit 
the public's use of bandwidth so that critical communication has priority.

A thought about CDs versus USB sticks.  I think that only the laptops with 
server functions need USB sticks and persistent memory.  It is probably 
better in an emergency situation to limit the number of servers (USB 
sticks) but maximize the number of users (CD meshnodes).  Otherwise some 
users will click on buttons and make mistakes and set up unnecessary 
services, which would cause confusion.



-- 
You received this message because you are subscribed to the Google Groups "Project Byzantium (Emergency Mesh Networking)" group.
To view this discussion on the web visit https://groups.google.com/a/hacdc.org/d/msg/Byzantium/-/E3CdL6x9Wx8J.
To post to this group, send email to Byzantium at hacdc.org.
To unsubscribe from this group, send email to Byzantium+unsubscribe at hacdc.org.
For more options, visit this group at http://groups.google.com/a/hacdc.org/group/Byzantium/?hl=en.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From delber at riseup.net  Wed Jul 25 12:31:42 2012
From: delber at riseup.net (delber)
Date: Wed, 25 Jul 2012 19:31:42 +0000
Subject: [tor-relays] Call for discussion: turning funding into more
	exit relays
Message-ID: <mailman.3610.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

On Mon, Jul 23, 2012 at 05:14:44PM -0400, Andrew Lewis wrote:
> $100 is not going to cut it most likely, even for only 100 mbit
> traffic only. Most providers are really antsy about spam/DMCA reports,
> and aren't willing to deal with it for that cheap. I'd suspect that
> you are looking at the $150-$200+ range, at least in my experience.

We are a small group of people trying to setup something like
torservers.net in France. We already made quite a bunch of contacts with
a small amount of french ISP to ask them about hosting Tor exit relays.
The list is long and we are not over yet. But here is what we know as
today.

We already have ruled out the three major cheap hosting providers: OVH,
Gandi and Dedibox. All of them are listed as bad ISPs on GoodBadISPs as
prohibiting relays in their ToS. What is fun is that exit nodes running
on their french IPs still account for 2.3353% of total P_exit (out of
2.6573% for all french exit nodes).

We have approached some other big commercial ISPs. It was not a formal
inquiry, but they did not look very happy at the idea of hosting exit
nodes.

What we have found though, is that several smaller (not-for-profits or
coops) ISPs would be happy to help the Tor network, provided there is a
clear legal boundary. Something that our not-for-profit would create.
The downside is that they are small, so the cost of their bandwidth is
between a monthly 3b, and 10b, (when it is not even more) for each Mbps
(95%ile). But they would stand in case of trouble. And some of them have
an economic interest as using more bandwidth would lower their overall
cost per Mbps.

One of them is willing to sponsor some of the bandwidth, and it looks
like a good place to start an initial set of nodes. But even with their
sponsoring, $100/month will not cover hosting+bandwidth expenses.


It might be something desirable though. If external funding does not
cover all the costs, then we will have to campaign for other donations.
A good habit, as it makes it more likely that at least some of the nodes
would survive in case the external funding stops.

-- 
delber



_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Wed Jul 25 13:05:17 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 22:05:17 +0200
Subject: [SALT] Cory Doctorow next TUESDAY July 31 (for forwarding)
Message-ID: <20120725200517.GR12615@leitl.org>

----- Forwarded message from Stewart Brand <sb at gbn.org> -----


From eugen at leitl.org  Wed Jul 25 13:06:20 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 22:06:20 +0200
Subject: [tahoe-dev] notes from the Tahoe-LAFS Weekly Call
Message-ID: <20120725200620.GS12615@leitl.org>

----- Forwarded message from Andrew Miller <amiller at cs.ucf.edu> -----


From eugen at leitl.org  Wed Jul 25 13:07:37 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 22:07:37 +0200
Subject: [drone-list] Canada's Project JUSTAS
Message-ID: <20120725200737.GT12615@leitl.org>

----- Forwarded message from Gregory Foster <gfoster at entersection.org> -----


From eugen at leitl.org  Wed Jul 25 13:09:26 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 25 Jul 2012 22:09:26 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
  	exit relays
Message-ID: <20120725200926.GU12615@leitl.org>

----- Forwarded message from delber <delber at riseup.net> -----


From vertiginousu at rostow.com  Wed Jul 25 23:29:19 2012
From: vertiginousu at rostow.com (=?koi8-r?B?Iu7v9/nqIOvv9PTl5PYi?=)
Date: Wed, 25 Jul 2012 22:29:19 -0800
Subject: =?koi8-r?B?8NLPxMHF1NPRICDu7/f56iDr7/T05eT2?=
Message-ID: <D039CD9FEEDC403A939FFC39C0E7C645@swapnil16bc24c>

Продается  НОВЫЙ КОТТЕДЖ

Коттедж, 200 м2
Участок: 12 сот.
Киевское шоссе, Боровск

Газ, вода, Электрика, Канализация, все заведено в дом и функционирует
Под чистовую отделку
ТРЕБУЕТСЯ ТОЛЬКО ФИНИШНАЯ ОТДЕЛКА.
немецкие технологии

6,7 млн. руб

www.продам-дом-тут.рф




From bis at cinfo.ch  Wed Jul 25 13:02:57 2012
From: bis at cinfo.ch (VIPtimeClub)
Date: Wed, 25 Jul 2012 23:02:57 +0300
Subject: =?koi8-r?B?9M/M2MvPIMTPIDMwIMnAztEg08vJxMvJIM7BINDSxdPUydbO2cUg3g==?=
	=?koi8-r?B?wdPZIMTPIDMwJSEg99nHz8TO2cUgw8XO2SDEzNEg1c3O2cggzMDExQ==?=
	=?koi8-r?B?yiE=?=
Message-ID: <859326193.90755017587938@cinfo.ch>

Престижные часы со скидками! Летняя акция - 10% скидки на все часы, 30% - на вторые часы в заказе! Мировые бренды: Hublot, Rolex, Breitling и другие по выгодным ценам!

-----------------------------------------------------------

Бесплатная доставка по России!
Оплата при получении товара!
Гарантия до 25 месяцев!
Сотни тысяч довольных клиентов по всей России!
100% сходство с оригиналом!

-----------------------------------------------------------

---
----- >>> http://viptimeclub.com/?entranceId=4637_0_8551
---




From discontentr4 at royalroute.com  Thu Jul 26 00:36:05 2012
From: discontentr4 at royalroute.com (=?koi8-r?B?IuLSxc7E2SDP0NTPzSI=?=)
Date: Wed, 25 Jul 2012 23:36:05 -0800
Subject: =?koi8-r?B?4tLFzsTP19nFINTP18HS2SDP1CDQ0s/J2tfPxMnUxczFyiDP0NTPzSDJ?=
	=?koi8-r?B?INcg0s/azsnD1Q==?=
Message-ID: <F63E9B00DEB9419FB08D2A367AC37499@crescentd75935>

www.бренды-оптом.рф
Каталог  брендовых товаров, цены ниже рыночных.

Одежда и обувь, мужская, женская, детская, сумки, очки. Более 150 тысяч брендовых  товаров.
Приглашаем к сотрудничеству  Организаторов Совместных Закупок, компании, ИЧП, физических лиц.

Вот неполный список предлагаемых  брендов  Abercrombie & Fitch, Adidas, Alexander McQueen ,  Andrew&Angel, Armani,  Herve Leger, Burberry,  BVLGARI , Calvin Klein , Carrera,  Cavalli , Chanel,  Chloe,  Christian Audigier , Christian Louboutin , Coach ,  Columbia, D&G , Denis Simachev ,  Diesel ,  Dior, Disney , DKNY , Doraemon , Dsquared2 , Ed Hardy , Fendi ,  Frankie Morello , Fred Perry , Galliano, GAP , Gianmarco Lorenzi, Giuseppe Zanotti , Gucci,  GUESS , Hello Kitty , Hermes, Iceberg, Jimmy Choo , Juicy Couture , KAREN MILLEN,  Kurosawa, Lee, Levi's,  Louis Vuitton,  Manolo Blahnik,  Miu Miu,  Moncler,  Mont Blanc,  Moschino, Nike, Paul Smith , Peak Performance,  Polo,  Prada, Puma, RUKKA, The North Face,  Tod's ,  Tommy Hilfiger,  UGG , Yves Saint Laurent, Zara.

Ответим на вопросы по телефону  (495) 989 68 11  или  info at china-trad.ru , 
скайпу: china2russia

Пожалуйста не отвечайте на это письмо кнопкой "Ответить", т.к оно было выслано не с нашего ящика




From barbara.kelly at worldtravel.ie  Wed Jul 25 13:56:33 2012
From: barbara.kelly at worldtravel.ie (VIPtimeClub)
Date: Thu, 26 Jul 2012 02:26:33 +0530
Subject: =?koi8-r?B?7MXUzsnFINPLycTLySDOwSDX08Ug3sHT2SDLwdbEz83VISDX2cfPxA==?=
	=?koi8-r?B?wSDEzyAzMCUh?=
Message-ID: <704982886.93313374885944@worldtravel.ie>

Только до 30 июля скидки на швейцарские часы до 30%! Новые часы для летнего отдыха! Hublot, Rolex, Breitling и другие со швейцарскими механизмами! От оригинала не отличишь!

-------------------

Гарантия до 25 месяцев!
Сотни тысяч довольных клиентов по всей России!
Отличное качество!
Бесплатная доставка по России!
Оплата при получении товара!

-------------------

---
----- >>> http://viptimeclub.com/?entranceId=4637_0_8551
---




From bparjecevo at pragsol.com  Wed Jul 25 13:30:39 2012
From: bparjecevo at pragsol.com (VIPtimeClub)
Date: Thu, 26 Jul 2012 04:30:39 +0800
Subject: =?koi8-r?B?/sHT2SDEzNEg98HbxcfPIM/U0NXTy8EhIPfZx8/EztnFIMPFztkhIA==?=
	=?koi8-r?B?99nTz97BytvFxSDLwd7F09TXzyE=?=
Message-ID: <137055099.98165574017413@pragsol.com>

Отправляясь в отпуск, не забудьте взять  любимые часы, которые Вы выгодно купили со скидкой до 30% в лучшем часовом интернет-салоне.Hublot, Rolex, Breitling и другие  от 10 000 руб.!

------------------------------------------------------

100% сходство с оригиналом!
Сотни тысяч довольных клиентов по всей России!
Оплата при получении товара!
Гарантия до 25 месяцев!
Отличное качество!

------------------------------------------------------

---
----- >>> http://viptimeclub.com/?entranceId=4637_0_8551
---




From saftergood at fas.org  Thu Jul 26 06:31:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Thu, 26 Jul 2012 06:31:11 -0700
Subject: Secrecy News -- 07/26/12
Message-ID: <mailman.3611.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 75
July 25, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     SENATE INTEL COMMITTEE ADOPTS A DOZEN ANTI-LEAK MEASURES


SENATE INTEL COMMITTEE ADOPTS A DOZEN ANTI-LEAK MEASURES

The Senate Intelligence Committee's markup of the 2013 intelligence
authorization bill includes 12 provisions that are intended to combat
unauthorized disclosures of classified information.

	http://www.fas.org/irp/congress/2012_cr/ssci-leaks.pdf

The proposed steps, which are of varying weight and severity, include:

*  a requirement to notify Congress when intelligence information is
disclosed to the public (outside of the FOIA or the regular
declassification review process) and to maintain a record of all authorized
disclosures of classified information

*  a requirement to establish formal procedures for leak investigations

*  a requirement to assess procedures for detecting leaks, including
expanded use of polygraph testing in other parts of the executive branch

*  a prohibition on cleared personnel (or formerly cleared personnel for
up to a year after employment) serving as paid consultants or commentators
to a media organization regarding intelligence matters

*  a requirement that only certain designated intelligence community
officials may communicate with the media

*  a requirement for all intelligence community employees to report any
contacts with the media

*  a requirement for the Attorney General and the DNI to submit a report
to Congress on possible improvements to current procedures governing leak
investigations

*  establishment of provisions to require surrender of federal pension
benefits as a penalty for unauthorized disclosures

*  a provision to prohibit security clearances for individuals who make
unauthorized disclosures of covert action information

"The culture of leaks has to change," said Committee Chair Sen. Dianne
Feinstein in a news release. "Leaks of classified information regarding
intelligence sources and methods can disrupt intelligence operations,
threaten the lives of intelligence officers and assets, and make foreign
partners less likely to work with us."

	http://www.fas.org/irp/news/2012/07/ssci072512.html

In several respects, the proposed new measures are not a dramatic
departure from the status quo.  Unauthorized disclosures are already barred
by non-disclosure agreements that all cleared personnel must sign.  
Unauthorized contacts between intelligence personnel and the press are
already discouraged or prohibited.  The Director of National Intelligence
has already ratcheted up leak investigations and started an insider threat
detection program.

Significantly, the proposed anti-leak provisions would not amend the
Espionage Act.  They would not make all disclosures of classified
information a felony.  They would not impose restrictions on the
unauthorized receipt of classified information, or penalize publication of
such information (although one provision invites the Attorney General to
reconsider limitations on subpoenas to members of the media).

And yet there is something incongruous, if not outrageous, about the whole
effort by Congress to induce stricter secrecy in the executive branch,
which already has every institutional incentive to restrict public
disclosure of intelligence information.

In an earlier generation of intelligence oversight, leaks led to leak
investigations in executive agencies, but they also prompted substantive
oversight in Congress.  When Seymour Hersh and the New York Times famously
reported on unlawful domestic surveillance in December 1974, the urgent
question in Congress was not how did Hersh find out, or how similar
disclosures could be prevented, but what to do about the alarming facts
that had been disclosed.

In contrast, while pursuing leaks and leakers, today's Senate Intelligence
Committee has not held an open public hearing for six months. The
Committee's investigative report concerning CIA interrogation practices
from ten years (and two presidential terms) ago has still not been issued.  
Upon publication -- perhaps this fall -- it will essentially be a
historical document.  

Most fundamentally, the Committee's new draft legislation errs by treating
"classification" as a self-validating category -- i.e., if it's classified,
it warrants protection by definition -- rather than as the flawed
administrative instrument that it is.  

As far as the Committee is concerned, the unauthorized disclosure of any
classified information -- even the substance of a constitutional violation
that was recently committed by a US intelligence agency -- would constitute
a punishable offense, regardless of its public policy significance.

Last Friday, the DNI agreed to declassify the bare fact of such an actual
violation, in response to a request by Senator Ron Wyden (as reported by
Wired, but altogether overlooked in the Committee's latest report on FISA
last month).  This disclosure by the DNI would apparently trigger the
proposed new requirement to notify Congress of public releases of
intelligence information since it was "declassified for the purpose of the
disclosure" -- which is just silly.

	http://www.wired.com/dangerroom/2012/07/surveillance-spirit-law/

"The whole notion of classification in this building has degenerated into
a joke, most reporters and a lot of officials would agree," said Tony
Capaccio of Bloomberg News at a Pentagon press briefing on Tuesday.  He
asked how the Pentagon planned to distinguish between legitimate secrets
and spurious secrets when monitoring news stories for leaks.

	http://www.fas.org/sgp/news/2012/07/dod072412.html

"What steps are you going to be taking to make sure when you analyze these
news stories that it's really classified-classified versus B.S.-classified
information?"

"I don't have the answer yet, Tony," replied Pentagon press spokesman
George Little.

Neither does the Senate Intelligence Committee.

The full version of the FY2013 Senate intelligence bill and the
accompanying report is expected to be filed on Friday.  The proposed
anti-leak provisions "are the product of work over the past several weeks
within the Committee, in discussion with the Executive Branch, in
consultation with the House Intelligence Committee, and reflecting input
from nongovernmental organizations," according to the Senate Intelligence
Committee.


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html

_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Thu Jul 26 02:24:22 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 26 Jul 2012 11:24:22 +0200
Subject: [HacDC:Byzantium] Some thoughts on the needs of users
Message-ID: <20120726092422.GY12615@leitl.org>

----- Forwarded message from skyl4rk <skyl4rk at gmail.com> -----


From plottingn1 at ressystem.com  Thu Jul 26 00:43:50 2012
From: plottingn1 at ressystem.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Thu, 26 Jul 2012 13:13:50 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <DA59500F92D8473BA00C319D7DA1BDB8@hcl1fb0b977d7f>

Продается здесь www.купи-дом-здесь.рф




From andrew at torproject.is  Thu Jul 26 10:52:25 2012
From: andrew at torproject.is (Andrew Lewman)
Date: Thu, 26 Jul 2012 13:52:25 -0400
Subject: [tor-relays] Call for discussion: turning funding into more
	exit relays
Message-ID: <mailman.3612.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

On Thu, 26 Jul 2012 16:05:53 +0000
kupo at damnfbi.tk wrote:
> We should probably talk further then since I'm _in_ Iceland atm and 
> would also like to see a high capacity node here.
> May I ask for your reasoning though? A lot of people on both sides of 
> the pond have believed that IMMI <https://en.wikipedia.org/wiki/IMMI> 
> has been passed here already when it has in fact not (yet). I'm in
> touch with those trying to pass it and it comes up for major review
> in september. Have you tried talking to DataCell 
> <http://www.datacell.com/>? 

I talked to Datacell roughly a year ago. They were fine with an exit
relay, but at the time were distracted by suing Visa. 

The only issue was pure cost. Traffic leaving Iceland costs a lot. I
wasn't prepared to spend ISK300,000 per month for a 100 mbps exit relay.

Maybe times have changed and traffic from Iceland is not so expensive
anymore.

-- 
Andrew
http://tpo.is/contact
pgp 0x6B4D6475
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From sillierw6 at rother-data.com  Thu Jul 26 02:03:56 2012
From: sillierw6 at rother-data.com (=?koi8-r?B?IuTF0sXX0c7OwdEg0MHMz97LwSI=?=)
Date: Thu, 26 Jul 2012 14:33:56 +0530
Subject: =?koi8-r?B?5MXSxdfRzs7B0SDQwczP3svBIMTM0SAgzc/Sz9bFzs7Px88gz9Qg0NLP?=
	=?koi8-r?B?ydrXz8TJ1MXM0Q==?=
Message-ID: <D5EE3562A89F43C9B80BC22F939BD12D@admin>

Деревянная палочка для  мороженного от производителя 
Палочка для кофе и медицинский шпатель.

Береза, ольха все документы на внутренний и внешний рынок
 
114x10x2 мм,  94x10x2 мм,  94x17/11x2 мм

Тел.  +380 67 470 52 40




From goeringbf66 at reocpartners.com  Thu Jul 26 03:25:49 2012
From: goeringbf66 at reocpartners.com (=?koi8-r?B?IvPF0sfFyiI=?=)
Date: Thu, 26 Jul 2012 15:55:49 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIDItyCDLz80uIMvXLdLBIM7BIO3J3tXSyc7Ty8/NINDS?=
	=?koi8-r?B?LdTFINLRxM/NINMg7ef1IMnNLiDsz83Pzs/Tz9fB?=
Message-ID: <B71AFC8F1A924A4FAB965E815813CDA5@Node250>

Срочно Продается 2-х комнатная квартира 51 кв.м в престижном районе Москвы рядом с МГУ им.Ломоносова по адресу: Мичуринский проспект 13 корпус 1 - монолитно кирпичный дом-башня 24 этажа 2008 года, полностью заселен. Рядом находятся известный эксклюзивные ЖК "Шуваловский" и ЖК "Коллизей". 
Характеристики квартиры:
Общая: 51 м2
Кухня: 8 м2
Комнаты 18 + 13 метров
Имеется балкон и лоджия
Лифты: 2 грузовых и 2 пассажирских
Санузел: раздельный
Этаж: 20

Полный и качественный ЕВРОРЕМОНТ, импортная сантехника, итальянская кухня с встроенной техникой (остается после продажи). Уютная и комфортабельная квартира. Маленькое "гнездышко" для людей со вкусом. Окна на две стороны, солнечная сторона. После ремонта никто не жил, квартира освобождена и готова к продаже! Удалена на 400 метров от Мичуринского и Ломоносовского проспектов, поэтому чистейший воздух. Бронированная дверь, чистый подъезд, домофон, консьерж.
До метро "Университет" в настоящее время расстояние 1 км. Там находится крупный торговый центр "Капитолий" с Ашаном, много бутиков и ресторанов. В 2014 году будет открыта станция метро "Ломоносовский проспект" в 500 метрах от дома.

Если Вы или ваши близкие учитесь или планируете учиться в МГУ или хотите добираться до Центра Москвы без пробок и дышать чистым воздухом - ЭТО ИДЕАЛЬНЫЙ вариант!!! 
Отличное соотношение цена - качество для этого престижного района Москвы!

ЧИСТАЯ ПРОДАЖА! Квартира в собственности! Один собственник, никто не прописан. Юридически и физически свободна!



СТОИМОСТЬ - 12 500 000 РУБ Телефон: +79653093660 Сергей
www.мичуринский-мгу.рф




From moritz at torservers.net  Thu Jul 26 07:14:41 2012
From: moritz at torservers.net (Moritz Bartl)
Date: Thu, 26 Jul 2012 16:14:41 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
	exit relays
Message-ID: <mailman.3613.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

Hi,

What can I say that hasn't been said by others before... :)

We are in contact with reliable ISPs with endpoints in various
countries. They would be willing to cooperate on exits at these
locations. We have not yet talked about prices.

I would say we (as in Torservers.net) are in the position to run
multiple Gbit/s servers for prices at below $1/Mbit at "not your typical
ISP". In theory, we would be able to fulfill the 12.5 Gbit/s alone.
We're about to test a 10Gbit uplink with a Xeon behind it to find out
how far we can push a single server.

That said, we should discuss and come up with a good organizational
structure to reimburse people. Personally, I would only sponsor 100
Mbit/s or more (or maybe even only Gbit). I would set up a template that
asks for ISP information, so we can reject too many exits at one place
(say, a maximum of 1 Gbit/s or even one server per datacenter?).

Do you plan on reimbursing up front for a longer period, or only after?
We would likely need the money up front at least on a monthly basis.

Another option we have that might be more convenient is to decide on the
twelve/thirteen server locations up front and then ask the community to
fill the slots.

Given that there are places where you get Gbit for around or less than
$500, we could use the "extra money" to fund some slower locations. I
would very much like to see a high-bandwidth Iceland exit. The last
quote I got was 500 Euro for 200 Mbit/s (including hardware) at
Advania/ThorDC.

-- 
Moritz Bartl
https://www.torservers.net/
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Thu Jul 26 07:19:20 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 26 Jul 2012 16:19:20 +0200
Subject: Secrecy News -- 07/26/12
Message-ID: <20120726141919.GL12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From eugen at leitl.org  Thu Jul 26 07:30:00 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 26 Jul 2012 16:30:00 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
  	exit relays
Message-ID: <20120726143000.GM12615@leitl.org>

----- Forwarded message from Moritz Bartl <moritz at torservers.net> -----


From g.logvinenko at promolab.ru  Thu Jul 26 02:37:18 2012
From: g.logvinenko at promolab.ru (=?koi8-r?B?78bG28/S2Q==?=)
Date: Thu, 26 Jul 2012 16:37:18 +0700
Subject: =?koi8-r?B?9+Hy6eHu9PkgIuHw5/Ll6uThIiD18/Th8uX34eD96egg7uHs7+fv9/no?=
	=?koi8-r?B?IPPo5e0=?=
Message-ID: <0602F0808A6643C1B62D041ACC369136@tron>

  27 июля 2012 г.

ОФФШОРНЫЙ БИЗНЕС:  КИПР ДО И ПОСЛЕ РАТИФИКАЦИИ ПРОТОКОЛА. ДЕТАЛЬНЫЙ АНАЛИЗ И ПРАКТИКА ИСПОЛЬЗОВАНИЯ.  (Налоги на Кипре – не пересекая грань между оптимизаций и уклонением. Схемы с использованием Кипрских компаний)

+7 (код Москвы) 792/2I*2-2 \\\/// 8 Моск. код: 7Ч2*91\98

Цель:

Для участия мы приглашаем как слушателей, уже использующих кипрские компании в своей работе, так и тех, кто только планирует воспользоваться данным инструментом налогового планирования, конфиденциальности и защиты активов.

Содержание семинара можно разделить на блоки:

 * последствия ратификации Протокола к соглашению об избежании двойного налогообложения между РФ и Кипром;

 * практика использования и сопровождения кипрских компаний;

 * пути применения Кипра в налоговом планировании;

 * налогообложение на Кипре (с детальным рассмотрением НДС).

По мнению автора, ратификация Протокола не приведет к массовой реструктуризации или отказам от налоговых решений с использованием Кипра, поскольку данный Протокол лишь "перетасовывает" сложившиеся принципы работы. Во многих случаях оптимальным решением будет "косметическая" коррекция договорных отношений и хозяйственных операций, которой будет уделено особое внимание в рамках данного семинара.

Тщательного рассмотрения  заслуживает налоговое законодательство Кипра и его "пересечение" с российским в налоговых решениях. Например, в уставной капитал кипрских компаний можно вложить не только денежные средства, но и акции российских компаний. Налоговые последствия при этом и методика оценки вклада в натуральной форме вызывают особенно много вопросов слушателей.

При использовании кипрских компаний многие сталкиваются с проблемами в виде непредвиденных налоговых обязательств, штрафов и пеней, возникающих из-за незнания тонкостей и особенностей налоговой системы ЕС и Кипра, эволюционирующей столь же стремительно, как и российская. В рамках данного семинара будут рассмотрены детали налоговой системы Кипра, при этом особое внимание будет уделено НДС – наиболее сложному налогу, который регулируется не только местным законодательством, но и многочисленными европейскими директивами.

Не менее важны технические вопросы использования кипрских компаний. К сожалению, на практике взаимодействие с администратором, или регистрационным агентом, часто сопряжено с большим количеством трудностей, выливающимся в противостояние владельца компании и неторопливых кипрских юристов. Также многие сталкиваются с непрозрачностью ценообразования на отдельные услуги, особенно на аудит и номинальный сервис. Данный семинар поможет Вам оптимизировать свои отношения с администратором, и определить: за что, кому и когда Вы должны платить при использовании кипрских компаний.

Особенностью данного семинара является практическая направленность и отсутствие лишних теоретических и исторических отступлений. Семинар строится в форме интерактивного практического занятия при постоянном взаимодействии с аудиторией с разбором большого количества примеров и подробным описанием налоговых, финансовых и правовых последствий или рисков.

Программа:

НАЛОГИ НА КИПРЕ – НЕ ПЕРЕСЕКАЯ ГРАНЬ МЕЖДУ ОПТИМИЗАЦИЙ И УКЛОНЕНИЕМ

 * Налог на прибыль (Corporate Income Tax); предварительный налог на прибыль (Preliminary Tax); налог на оборону (Special Defence Contribution); налог на прирост капитала (Capital Gains Tax) и т.д.

 * Пути минимизации налоговых отчислений на Кипре: практические примеры и анализ ошибок

 * Налогообложение операций с ценными бумагами: пределы освобождения

 * Налоговый календарь на 2012 год: сдача отчетностей, оплата налогов и сборов

 * Изменения кипрского законодательства 2012 и тенденции 2013

 * Ратификация Протокола к Соглашению между РФ и Кипром: кто понесет убытки, а кому удастся на этом заработать?

 * Как не попасть в "петлю" негативных нововведений Протокола?

НДС ПРИ ИСПОЛЬЗОВАНИИ КИПРСКИХ КОМПАНИЙ

 * Когда нужно получать номер НДС (VAT number) и можно ли это сделать в другой стране ЕС?

 * Применение механизма “reverse charge”

 * Анализ основных европейских директив на предмет определения места оказания услуг (“the place of supply”)

 * Обложение НДС услуг, оказанных через интернет (“electronically supplied services”)

 * Сложные случаи экспорта-импорта: когда возникает НДС?

 * Налоговые последствия по НДС при совершении трехсторонних сделок в ЕС (triangular operations)

 * НДС и роялти, консалтинг, маркетинг – всегда ли можно принять к вычету всю сумму входящего НДС?

СХЕМЫ С ИСПОЛЬЗОВАНИЕМ КИПРСКИХ КОМПАНИЙ

 * Владение недвижимостью с использованием кипрских компаний

 * Займы: анализ правил тонкой капитализации и прочих ограничений (ст.269 НК РФ), риски и примеры ошибок

 * Роялти: риски, оптимальная величина размеров выплат, НДС, экономическое и документальное обоснование (“substance”)

 * Операции с ценными бумагами и векселями

 * ЗПИФы – применимы ли после ратификации Протокола?

 * Построение комплексной действующей холдинговой структуры и дивиденды

 * Схемы коллективных инвестиций и инвестиционные фонды на Кипре

РАБОТА С АДМИНИСТРАТОРОМ (АГЕНТОМ) И АУДИТОРОМ КИПРСКОЙ КОМПАНИИ

 * Наличие представительства администратора в Москве: преимущество или недостаток?

 * Как не дать администратору и аудитору обмануть Вас? Примеры и рекомендации

 * За что кипрские администраторы деньги брать не должны?

 * Переход к другому администратору: "подводные камни"

 * Принципы ценообразования аудиторских услуг и пути минимизации их стоимости

 * Вправе ли кипрский аудитор одновременно проверять и вести отечность?

 * Анализ среднерыночных цен и сроков оказания услуг: оцените своего администратора.

РЕАЛЬНЫЙ ОФИС НА КИПРЕ

 * Сравнение "виртуального" и реального офисов

 * Случаи, когда реальное присутствие на Кипре необходимо

 * Инструменты создания видимости контроля компании с территории Кипра

 * Наем персонала в кипрскую компанию: налоговые и практические вопросы

НОМИНАЛЬНЫЙ СЕРВИС И КОНФИДЕНЦИАЛЬНОСТЬ

 * Документы, регламентирующие возникающие отношения: на что следует обратить внимание?

 * Раскрытие информации в связи с ратификацией Протокола

 * Полномочия номинальных директоров и акционеров: где границы и кем они устанавливаются?

 * Что делать, если номинальный директор отказывается подписывать документы?

БАНКОВСКИЕ СЧЕТА

 * Анализ надежности кипрских банков на фоне ухудшения ситуации в ЕС

 * Пути снятия средств со счета кипрского банка в России

 * Раскрытие банковской тайны – факты и выводы

 * Тарифы популярных кипрский и прибалтийских банков. Использование SEPA.

 * Выплаты зарплаты путем выпуска карт к счетам в кипрских банках

Стоимость участия:  9 000 рублей

По вопpоcам подробной информации и pегucтаpацuu обpащайтеcь по тел: +7 495 742_91.98 : код (495) - 7_42.91.98
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 11598 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120726/968b3464/attachment.txt>

From eugen at leitl.org  Thu Jul 26 09:15:05 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 26 Jul 2012 18:15:05 +0200
Subject: Skype makes chats and user data more available to police
Message-ID: <20120726161505.GP12615@leitl.org>

http://www.washingtonpost.com/business/economy/skype-makes-chats-and-user-data-more-available-to-police/2012/07/25/gJQAobI39W_print.html

Skype makes chats and user data more available to police

By Craig Timberg and Ellen Nakashima,

Skype, the online phone service long favored by political dissidents,
criminals and others eager to communicate beyond the reach of governments,
has expanded its cooperation with law enforcement authorities to make online
chats and other user information available to police, said industry and
government officials familiar with the changes.

Surveillance of the audio and video feeds remains impractical b even when
courts issue warrants, say industry officials with direct knowledge of the
matter. But that barrier could eventually vanish as Skype becomes one of the
worldbs most popular forms of telecommunication.

The changes to online chats, which are written messages conveyed almost
instantaneously between users, result in part from technical upgrades to
Skype that were instituted to address outages and other stability issues
since Microsoft bought the company last year. Officials of the United States
and other countries have long pushed to expand their access to newer forms of
communications to resolve an issue that the FBI calls the bgoing darkb
problem.

Microsoft has approached the issue with btremendous sensitivity and a canny
awareness of what the issues would be,b said an industry official familiar
with Microsoftbs plans, who like several people interviewed for this story
spoke on the condition of anonymity because they werenbt authorized to
discuss the issue publicly. The company has ba long track record of working
successfully with law enforcement here and internationally,b he added.

The changes, which give the authorities access to addresses and credit card
numbers, have drawn quiet applause in law enforcement circles but hostility
from many activists and analysts.

Authorities had for years complained that Skypebs encryption and other
features made tracking drug lords, pedophiles and terrorists more difficult.
Jihadis recommended the service on online forums. Police listening to
traditional wiretaps occasionally would hear wary suspects say to one
another, bHey, letbs talk on Skype.b

Hacker groups and privacy experts have been speculating for months that Skype
had changed its architecture to make it easier for governments to monitor,
and many blamed Microsoft, which has an elaborate operation for complying
with legal government requests in countries around the world.

bThe issue is, to what extent are our communications being purpose-built to
make surveillance easy?b said Lauren Weinstein, co-founder of People for
Internet Responsibility, a digital privacy group. bWhen you make it easy to
do, law enforcement is going to want to use it more and more. If you build
it, they will come.bb

Skype was slow to clarify the situation, issuing a statement recently that
said, bAs was true before the Microsoft acquisition, Skype cooperates with
law enforcement agencies as is legally required and technically feasible.b

But changes allowing police surveillance of online chats had been made since
late last year, a knowledgeable industry official said Wednesday.

In the United States, such requests require a court order, though in other
nations rules vary. Skype has more than 600 million users, with some in
nearly every nation in the world. Political dissidents relied on it
extensively during the Arab Spring to communicate with journalists, human
rights workers and each other, in part because of its reputation for
security.

Skypebs resistance to government monitoring, part of the company ethos when
European engineers founded it in 2003, resulted from both uncommonly strong
encryption and a key technical feature: Skype calls connected computers
directly rather than routing data through central servers, as many other
Internet-based communication systems do. That makes it more difficult for law
enforcement to intercept the call. The authorities long have been able to
wiretap Skype calls to traditional phones.

The company created a law-enforcement compliance team not long after eBay
bought the company in 2005, putting it squarely under the auspices of U.S.
law. The company was later sold to private investors before Microsoft bought
it in May 2011 for $8.5 billion.

The new ownership had at least an indirect role in the security changes.
Skype has endured periodic outages, including a disastrous one in December
2010. Company officials concluded that a more robust system was needed if the
company was going to reach its potential.

Industry officials said the resulting push for the creation of so-called
bsupernodes,b which routed some data through centralized servers, made
greater cooperation with law enforcement authorities possible.

The access to personal information and online chats, which are kept in
Skypebs systems for 30 days, remains short of what some law enforcement
officials have requested.

The FBI, whose officials have complained to Congress about the bgoing darkb
problem, issued a statement Wednesday night saying it couldnbt comment on a
particular company or service but that surveillance of conversations
brequires review and approval by a court. It is used only in national
security matters and to combat the most serious crimes.b

Hackers in recent years have demonstrated that it was possible to penetrate
Skype, but itbs not clear how often this happened. Microsoft won a patent in
June 2011 for blegal interceptb of Skype and similar Internet-based voice and
video systems. It is also possible, experts say, to monitor Skype chats as
well as voice and video by hacking into a userbs computer, doing an end run
around encryptions.

bIf someone wants to compromise a Skype communication, all they have to do is
hack the endpoint b the personbs computer or tablet or mobile phone, which is
very easy to do,b said Tom Kellermann, vice president of cybersecurity for
Trend Micro, a cloud security company.

Some industry officials, however, say Skype loses some competitive edge in
the increasingly crowded world of Internet-based communications systems if
users no longer see it as more private than rival services.

bThis is just making Skype like every other communication service, no better,
no worse,b said one industry official, speaking on the condition of
anonymity. bSkype used to be very special because it really was locked up.
Now itbs like Superman without his powers.b




From angiospermgtr2 at rainbowpub.com  Thu Jul 26 07:20:28 2012
From: angiospermgtr2 at rainbowpub.com (Eddie Cain)
Date: Thu, 26 Jul 2012 19:50:28 +0530
Subject: =?koi8-r?B?ztXWxc4gy9LFxMnUPw==?=
Message-ID: <974318244.60313356579518@rainbowpub.com>

получить кредит? -  просто!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 186 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120726/90cef43c/attachment.txt>

From mauserue at rezovation.com  Thu Jul 26 05:22:36 2012
From: mauserue at rezovation.com (Wyatt Thomason)
Date: Thu, 26 Jul 2012 21:22:36 +0900
Subject: =?koi8-r?B?ztXWxc4gy9LFxMnUPw==?=
Message-ID: <000d01cd6b29$57654c20$6400a8c0@mauserue>

получить кредит? -  просто!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 303 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120726/1bb1b381/attachment.txt>

From eugen at leitl.org  Thu Jul 26 13:37:17 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 26 Jul 2012 22:37:17 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
  	exit relays
Message-ID: <20120726203717.GR12615@leitl.org>

----- Forwarded message from Andrew Lewman <andrew at torproject.is> -----


From irrevocableuka52 at routecraft.com  Thu Jul 26 10:53:22 2012
From: irrevocableuka52 at routecraft.com (Lilly Raymond)
Date: Fri, 27 Jul 2012 00:53:22 +0700
Subject: =?koi8-r?B?ztXWxc4gy9LFxMnUPw==?=
Message-ID: <978006992.81004130604619@routecraft.com>

получить кредит? -  просто!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 186 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120727/2f39e6ff/attachment.txt>

From pillsa at rodriguez-abogados.com  Fri Jul 27 03:08:46 2012
From: pillsa at rodriguez-abogados.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Fri, 27 Jul 2012 02:08:46 -0800
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <2BA9900CACBC46C89E2F58C4DBB9CFA4@Trung>

Продается здесь www.купи-дом-здесь.рф




From brad.phillis at three.com.au  Thu Jul 26 14:21:19 2012
From: brad.phillis at three.com.au (VIPtimeClub)
Date: Fri, 27 Jul 2012 06:21:19 +0900
Subject: =?koi8-r?B?/MvPzs/NydEgxMXOxccgzsEg3sHTwcgsINDPzM/WydTFzNjOzyDTyw==?=
	=?koi8-r?B?wdbF1NPRIM7BIPfB2yDP1NDV08shIOzV3tvJxSDewdPP19nFIMLSxQ==?=
	=?koi8-r?B?zsTZINMg7MXUzsnNySDTy8nEy8HNySE=?=
Message-ID: <805317715.22348377792360@three.com.au>

Лучшие европейские часы по выгодным ценам! До 30 июля скидки до 30% на Vacheron Constantin, Hublot, Rolex и другие бренды! Высокое качество! Бесплатная доставка лично в руки!

----------------------------------------

Гарантия до 25 месяцев!
Оплата при получении товара!
100% сходство с оригиналом!
Отличное качество!
Бесплатная доставка по России!

----------------------------------------

---
----- >>> http://viptimeclub.com/?entranceId=4637_0_8551
---




From eugen at leitl.org  Thu Jul 26 23:24:15 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 27 Jul 2012 08:24:15 +0200
Subject: economic analysis for BitCoin demand [PDF]
Message-ID: <20120727062414.GZ12615@leitl.org>

http://academic.reed.edu/economics/parker/s12/312/finalproj/Bitcoin.pdf




From federatingp3 at robertspellman.com  Thu Jul 26 21:23:31 2012
From: federatingp3 at robertspellman.com (=?koi8-r?B?IuvB0tTJztki?=)
Date: Fri, 27 Jul 2012 11:23:31 +0700
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyAhIC0gMTQ5MNLVwg==?=
Message-ID: <641A59C6156D4A9B8B9F64721966FD58@pc1>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50 % !!! - 1490руб вместо 3000 руб ! 
Подарок доставят Вам домой или в офис !

Купить картину здесь: www.картина-тут.рф/11.shtml	




From nightiek at remington.com  Thu Jul 26 23:00:49 2012
From: nightiek at remington.com (=?koi8-r?B?Iu7v9/nqIOvv9PTl5PYi?=)
Date: Fri, 27 Jul 2012 11:30:49 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRICDu7/f56iDr7/T05eT2?=
Message-ID: <70726308017C484D9AFDF336DC20D686@Controlroom>

Продается  НОВЫЙ КОТТЕДЖ

Коттедж, 200 м2
Участок: 12 сот.
Киевское шоссе, Боровск

Газ, вода, Электрика, Канализация, все заведено в дом и функционирует
Под чистовую отделку
ТРЕБУЕТСЯ ТОЛЬКО ФИНИШНАЯ ОТДЕЛКА.
немецкие технологии

6,7 млн. руб

www.продам-дом-тут.рф




From broilerj27 at risinghope.com  Fri Jul 27 01:52:25 2012
From: broilerj27 at risinghope.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Fri, 27 Jul 2012 14:22:25 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <B7DC8BA3470647C4B933E7685103B9DF@homecdfcdad60d>

Продается здесь www.купи-дом-здесь.рф




From propinquitymd7 at routehero.com  Fri Jul 27 02:20:17 2012
From: propinquitymd7 at routehero.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Fri, 27 Jul 2012 14:50:17 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <4A23DE66706D45509D47FBF1254EF7B4@jeet>

Продается здесь www.купи-дом-здесь.рф




From lists at infosecurity.ch  Fri Jul 27 05:53:44 2012
From: lists at infosecurity.ch (Fabio Pietrosanti (naif))
Date: Fri, 27 Jul 2012 14:53:44 +0200
Subject: [liberationtech] Finfisher Spy Kit Revealed in Bahrain
Message-ID: <mailman.3614.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

On 7/27/12 12:58 PM, Erich M. wrote:
> On 07/26/2012 04:27 AM, Jacob Appelbaum wrote:
>> The FinSpy network traffic is also really interesting - the fact that they don't stand up to the most
> obvious of traffic analysis is *hilarious* and so fitting. All the best,
> Jake
> 
> That should be a necessary feature AND NOT a bug. Remember, this is the
> "export" version of the malware. Quite like the "law enforcement"
> versions all these derivatives lack one or two essential security
> features that could have been implemented easily. How come?  One guess
> allowed.
> 
> This malware crap is being produced for primary use by the "national
> security agencies". They'd never let you [= malware producer] sell the
> same intrusion suite to foreign agencies as well without some "necessary
> adaptations". Let alone to clumsy cops and - moreover - in Mid East.


"National Security Agencies" of which Nation?

* Gamma Group have an origin in Germany.

* Then moved all the companies to UK (offshore or real moving of busines?)

* mail.gammagroup.com mailserver is in Beirut, Lebanon.

So it's interesting that it's not very clear "where they are based".
Also on Linkedin there is *not a single person* that worked for one of
their group company.

In any case as far as i know there's no "export version" of software
like this, not like it is for "crypto" if it reside under dual-use
wassenaar agreement.
The trojan producer just differentiate the products based on their
capabilities and feature, basing on that the pricing.

I also know of companies that asked for export permission (of monitoring
technologies) to national authorities (in italy) and just because it was
"difficult to understand what it is", the authorities are not able to
answer within 90days, and so it's "by default allowed" .

As an additional fun conspiracy theory, at 4.1km from their Munich
office there is SecurStar GmbH that in 2006 developed a mobile trojan:
http://pastebin.com/caxxuNe8

-naif
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From flawless94 at bernina.co.il  Fri Jul 27 01:37:51 2012
From: flawless94 at bernina.co.il (=?koi8-r?B?IuTJxdTPzM/HIg==?=)
Date: Fri, 27 Jul 2012 15:37:51 +0700
Subject: =?koi8-r?B?MjXrwcTSINzGxsXL1CDEzNEg0M/I1cTFzsnRLg==?=
Message-ID: <1510887421.XUD0JB3U748958@xrgkhadwmi.hervh.ua>

Подробную информацию можно узнать на сайтеhttp://диета-25кадр.рф




From wrongdoingscw0 at raster.com  Fri Jul 27 03:26:34 2012
From: wrongdoingscw0 at raster.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Fri, 27 Jul 2012 15:56:34 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <2CCA72BB81F44E96AAF9CC1DF384B795@school>

Продается здесь www.купи-дом-здесь.рф




From hamsq66 at routes.com  Fri Jul 27 07:01:30 2012
From: hamsq66 at routes.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Fri, 27 Jul 2012 19:31:30 +0530
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <770054C7B8334B7B80E3ADE14406762F@shubhamc7c7f58>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From roslynd255 at roltgen.com  Fri Jul 27 08:50:59 2012
From: roslynd255 at roltgen.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Fri, 27 Jul 2012 21:20:59 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <224366013D2B49D18BBBAE367866D55F@com>

Продается здесь www.купи-дом-здесь.рф




From Percy-Evansorney at kbronet.com.tw  Fri Jul 27 22:49:44 2012
From: Percy-Evansorney at kbronet.com.tw (Chantal Price)
Date: Fri, 27 Jul 2012 22:49:44 -0700
Subject: Your power grows, girl-friends squeal from pleasure
Message-ID: <A1CEFBEA.309B680B@kbronet.com.tw>

Man's intimate technologies, explosive force summer 2012
http://diboqiy.q.maxgrowth.ru/





From creased760 at rogers.com  Fri Jul 27 10:24:55 2012
From: creased760 at rogers.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Sat, 28 Jul 2012 02:24:55 +0900
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <4B530E3382BE4986855C99ED69EFB63A@com20>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From innately590 at reaganinsurance.com  Sat Jul 28 08:28:51 2012
From: innately590 at reaganinsurance.com (Deon Wood)
Date: Sat, 28 Jul 2012 07:28:51 -0800
Subject: =?koi8-r?B?ztXWxc4gy9LFxMnUPw==?=
Message-ID: <000d01cd6ccd$4f17fcc0$6400a8c0@innately590>

получить кредит? -  просто!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 306 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120728/f30e6013/attachment.txt>

From bbrewer at littledystopia.net  Sat Jul 28 10:25:52 2012
From: bbrewer at littledystopia.net (b. brewer)
Date: Sat, 28 Jul 2012 13:25:52 -0400
Subject: cryptocat mentioned on wired.com recently...
Message-ID: <501420A0.6010208@littledystopia.net>

This Cute Chat Site Could Save Your Life and Help Overthrow Your Government
By Quinn NortonEmail Author July 27, 2012 | 12:15 pm | Categories: 
Conferences, Crypto

Nadim Kobeissi, creator of Cryptocat, spoke in mid-July at the HOPE 
conference, held at New Yorks Hotel Pennsylvania every two years. 
Credit: Quinn Norton/Wired


Twenty-one-year-old college student Nadim Kobeissi is from Canada, 
Lebanon and the internet.

He is the creator of Cryptocat, a project to combine my love of 
cryptography and cats, he explained to an overflowing audience of 
hackers at the HOPE conference on Saturday, July 14.

The site, crypto.cat, has a chunky, 8-bit sensibility, with a big-eyed 
binary cat in the corner. The visitor has the option to name, then enter 
a chat. Theres some explanatory text, but little else. Its deceptively 
simple for a web app that can save lives, subvert governments and 
frustrate marketers. But as little as two years ago such a site was 
considered to be likely impossible to code.

Cryptocat is an encrypted web-based chat. Its the first chat client in 
the browser to allow anyone to use end-to-end encryption to communicate 
without the problems of SSL, the standard way browsers do crypto, or 
mucking about with downloading and installing other software. For 
Kobeissi, that means non-technical people anywhere in the world can talk 
without fear of online snooping from corporations, criminals or governments.

The fact that you dont have to install anything, the fact that it 
works instantly, this increases security, he explained, sitting down 
with Wired at HOPE 9 to talk about Cryptocat, activism and getting 
through American airports.

To create Cryptocat Kobeissi had to deal with controversies in computer 
security, usability and geo-politics.

When he flies through the US, hes generally had the notorious SSSS 
printed on his boarding pass, marking him for searches and 
interrogations  which Kobeissi says have focused on his development of 
the chat client.

Online privacy doesnt have a lot of corporate or governmental fans 
these days, but Kobeissi has faced controversy before.

During 2010 and 2011 I was a defender of WikiLeaks and the free press 
in general, and I thought Collateral Murder (the WikiLeaks publication 
of a controversial helicopter assault video) was a highly significant 
piece of journalism, he said.

He mirrored WikiLeaks content and organized a march in support of the 
organization during the period in late 2010 when WikiLeaks found itself 
thrown off of Amazons hosting service and blocked by credit card 
companies. I know for certain that its contributed to other defenders 
of WikiLeaks and Bradley Manning being harassed, so its somewhat likely 
that I could also be targeted. Still, Kobeissi points out that hes 
never been questioned about WikiLeaks, only about Cryptocat.

His SSSSs can mean hours of waiting, and Kobeissi says he has been 
searched, questioned, had his bags and even his passport taken away and 
returned later. But hes kept his sense of humor about the experience, 
even joking from the airport on his Twitter account.
Nadim Kobeissi
@kaepora

WHAT AN SSSS FOR THE FIFTH TIME IN A ROW HOW COULD THIS HAPPEN I AM SO 
SURPRISED THIS IS SO SURPRISING pic.twitter.com/ooM1L0I7
17 Jun 12
Reply
Retweet
Favorite

The young and cheerfully sarcastic Kobeissi is somewhat baffled by the 
border attention. Kobeissi said that in one of his last U.S. trips 
through Charlotte, NC, In total I was searched either three or four 
times,  in a single visit. Why? Do bombs materialize? I dont 
understand, he continued. If the searches, delays, and interrogations 
about Cryptocat are an intimidation tactic, they havent worked.



Dear US Government, Im from Lebanon, Kobeissi said, laughing. You 
dont scare me, you dont understand. My friends were killed in 2008, my 
house was bombed and my neighborhood ruined. My father was killed in 
2006. You dont scare me at all. If you want to scare me, send me for 
torture in Syria. But you cant anymore, because Syrians are revolting.

A U.S. Customs and Border Protection spokesman declined to comment on 
Kobeissis detentions at the border, saying he was prohibited from doing 
so by privacy laws, though he maintains that it plays nicely with 
foreigners.

The United States has been and continues to be a welcoming nation. U.S. 
Customs and Border Protection not only protects U.S. citizens and lawful 
permanent residents in the country but also wants to ensure the safety 
of our international travelers who come to visit, study and conduct 
legitimate business in our country.

Our dual mission is to facilitate travel in the United States while we 
secure our borders, our people and our visitors from those that would do 
us harm like terrorists and terrorist weapons, criminals, and 
contraband. CBP officers are charged with enforcing not only immigration 
and customs laws, but they enforce over 400 laws for 40 other agencies 
and have stopped thousands of violators of U.S. law.

CBP strives to treat all travelers with respect and in a professional 
manner, while maintaining the focus of our mission to protect all 
citizens and visitors in the United States.

To get Cryptocat to the hands of Syrians resisting their government, or 
Canadians resisting being profiled by marketers, Kobeissi had to build a 
crypto tool in a place where no crypto tool has ever flourished  your 
browser. You have to make it just as easily accessible as Facebook Chat 
or Google Talk, which is what Im trying to do with Cryptocat, he said.

Google, Facebook and a infinite variety of other sites are pushing more 
functionality into the browser to increase the power of web apps, and 
the browser has become, for many people, the main interface of their 
computer. But from a security point of view, the browser has always 
failed to provide for users  in no way worse than in cryptography.

Encrypting data to keep it away from prying eyes, be they hackers or 
nations has proved nearly impossible in the browser, which has relied on 
one standard to do everything: SSL, which is known to be broken. The 
terrible state of browser security plagued Kobeissi in his work to build 
Cryptocat.

Browsers are huge, complex, multilayered beasts with lots of moving 
parts, and every last one of them implements at best some dialect of 
each of the many standards that a modern browser has to support, said 
Meredith Patterson, a senior research scientist at Red Lambda. Patterson 
deals with security and cryptography on an architectural level in her 
research, and has reviewed and commented on Cryptocat.

Problems like bad browser sandboxing meant that something in one tab 
could affect a session in a Cryptocat window. No libraries or standards 
existed to handle normal encryption functions in Javascript. The biggest 
problem is that delivery of Javascript code from server to browser could 
be intercepted and modified by breaking the SSL connection without a 
user ever knowing they were running malicious code.

Kobeissi faced criticism from the security community for even trying, 
but he persevered. Now more than a year later, Cryptocat has 
significantly advanced the field of browser crypto, he said with 
obvious pride. We implemented elliptic curve cryptography, (and) a 
cryptographically secure random number generator in the browser, along 
with creating a Cryptocat Chrome app to address the code delivery problem.

I dont think Nadim really knew what he was in for when he started this 
project, but although it got off to a bumpy start, hes risen to the 
occasion admirably, said Patterson.

But Kobeissi also knows that its equally important that Cryptocat be 
usable and pretty. Kobeissi wants Cryptocat to be something you want to 
use, not just need to. Encrypted chat tools have existed for years  but 
have largely stayed in the hands of geeks, who usually arent the ones 
most likely to need strong crypto. Security is not just good crypto. 
Its very important to have good crypto, and audit it. Security is not 
possible without (that), but security is equally impossible without 
making it accessible.

Patterson agrees with Kobeissis approach. As much as it drives all of 
us nerds batshit, J. Random internet user spends most if not all of her 
time in the browser, and generally doesnt care to install even a 
separate email client  much less a separate chat client, she said. If 
you dont go where the users live, you dont get users. End of story.

Nevertheless, Kobeissi has said repeatedly that Cryptocat is an 
experiment. Structural flaws in browser security and Javascript still 
dog the project as it moves toward version 2, scheduled for the end of 
the year. Cryptocat 2 will be a full Jabber client, allowing for both 
current style OTR and Multi Party, or mpOTR for group chats. OTR is 
Off-The-Record messaging, the current gold standard in encrypted chat. 
(Not to be confused with Google Talks OTR, which is not encrypted at all.)


Screenshot of the second version of Cryptocat, a Jabber/xmpp client with 
full OTR support.

He isnt eager to bet his life on his work to date. But in environments 
like the Arab revolts, he acknowledges that for all of Cryptocats 
flaws, its better than software many people in Arab countries use right 
now, which can put them in tremendous danger. If the alternative is 
Facebook Chat or Google Talk or Skype please use Cryptocat by all 
means, but its still an experiment.

Thus far Cryptocat hasnt penetrated far into the consciousness of the 
common user, but for some groups in need of secure communications, its 
already part of the toolkit. High security, simple to use, said an 
active participant in the internet collective Anonymous, which has faced 
prosecution and worse the world over. If its a hurry and someone needs 
something quickly, Cryptocat.

Kobeissi himself grew up in Beirut, Lebanon. Besides authoring the 
secure chat tool and being a security researcher, hes a political 
science and philosophy major at Concordia University in Montreal, 
Canada. His post-college job is set  hell be developing Cryptocat full 
time, living on grant money for the project.

He emigrated to Canada after a conversation with his mother, when 
the-then teenager came to realize he might not live very long in Lebanon 
 an situation that informed his software design. Hes vocal about his 
love of his adopted home in Canada, as well about how the internet and 
games kept him going through the rough times in the wartorn country of 
his birth, The happiest things in my childhood were Sega Game Gear and 
Sega Genesis. Its clear that Cryptocats distinctive 8-bit feel isnt 
just a gimmick.

Nowadays he sees himself as coming from two cultures, North American and 
Middle Eastern, and it gives him a rare perspective on both the need and 
usefulness of getting crypto into the hands of everyone.

This is something North Americans dont realize. Here were exporting 
cryptography software. Generally, especially in todays context, the 
Middle East imports cryptographic software, but its a foreign product. 
A foreign civilization made it, he said.

He believes that by building Cryptocat with more sensitivity to the 
pleasures of the user, he can help the people that need secure 
communications most. I want it to be something that has a nice color 
scheme, that works in your browser, that you can open instantly, thats 
easily accessible, that has a cat, that has audio notifications, that 
has desktop notifications, Kobeissi said, Because these are important 
security features.

When faced with the torture of using crypto software or the torture of a 
repressive government, some dissidents have  intentionally or not  
opted for the latter.

I have seen someone who I know knows how to use OTR not use OTR, and 
get tortured as a result, in Syria OTR is not accessible, its not a 
pleasure to use.

Pages: 1 2 View All
Related
You Might Like
Around the Web
Related Links by Contextly WikiLeaks Associates Hit Back Over U.S. 
Twitter Records Demand
U.S. Soldier on 2007 Apache Attack: What I Saw
Another Hackers Laptop, Cellphones Searched at Border
FBI Drive for Encryption Backdoors Is Dij` Vu for Security Experts
Olympics Journalists Urged To Use Crypto, to Thwart Chinese Spying


Show More


Quinn Norton is a writer and photographer who peripatetically covers net 
culture, copyright, computer security, intellectual property, body 
modification, medicine, and biotech.

Read more by Quinn Norton

Follow @quinnnorton on Twitter.




From eugen at leitl.org  Sun Jul 29 09:43:20 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 29 Jul 2012 18:43:20 +0200
Subject: [liberationtech] Finfisher Spy Kit Revealed in Bahrain
Message-ID: <20120729164320.GG12615@leitl.org>

----- Forwarded message from "Fabio Pietrosanti (naif)" <lists at infosecurity.ch> -----


From kolesnikova at capitalcredit.ru  Mon Jul 30 08:12:16 2012
From: kolesnikova at capitalcredit.ru (=?koi8-r?B?88XNyc7B0g==?=)
Date: Mon, 30 Jul 2012 07:12:16 -0800
Subject: =?koi8-r?B?78bG28/S2SwgzsHMz8fP19nFINPIxc3ZIMkg68nQ0g==?=
Message-ID: <159B533C72D64DD1A15C16FD1AEC0B42@nd99cae31c8155>

   10 Августа 2012 г.

Оффшорный бизнес: о чем молчат другие?

(код Москвы) 7Ч2-9I98 и 8 Моск. код: 7922I22

Цель:

Отличительной особенностью данного курса является практическая направленность и отсутствие лишних теоретических и исторических отступлений. курс строится в форме интерактивного практического занятия при постоянном взаимодействии с аудиторией с разбором большого количества примеров и подробным описанием налоговых, финансовых и правовых последствий или рисков.

Для участия в курсе мы приглашаем как специалистов с многолетним опытом работы в сфере международного налогового планирования, стремящихся расширить область своих знаний, так и слушателей, еще не сталкивавшихся с иностранными юрисдикциями. Насыщенность материала конкретными примерами, взятыми из жизни, решение нестандартных и частных задач в ходе занятия, а также доступность объяснений относятся к неоспоримым достоинствам данного курса.

Важно отметить, что ведущий курса имеет не только многолетний опыт разработки и курирования крупных консалтинговых проектов, но также многократного участия в их реализации "под ключ" с последующим сопровождением. Это позволяет наполнить курс уникальным материалом, посвященным не только схемам оптимизации налогов, но и многочисленными практическими комментариями и описанием проблем, с которыми сталкивается бизнес, даже при выборе "правильных и выверенных" схем.

По ходу и после окончания курса будет предусмотрено время для индивидуальных вопросов как по заявленным темам, так и по вопросам, которые не предусматривала программа курса.

Оффшоры, Кипр и другие иностранные юрисдикции не являются налоговой панацеей, и в некоторых случаях их использование принесет лишь новые финансовые издержки и бессмысленные риски конфликтов с налоговыми органами. К счастью, таких случаев пока меньшинство.


Программа:

БЛОК 1. ОФФШОРЫ, НИЗКОНАЛОГОВЫЕ И ПРЕСТИЖНЫЕ ЕВРОПЕЙСКИЕ ЮРИСДИКЦИИ: КРИТЕРИИ ВЫБОРА.

* Сравнение популярных оффшорных юрисдикций (Британские Виргинские острова, Белиз, Сейшелы, Панама и т.д.) – от каких стоит отказаться и почему?

* Гонконг как инструмент работы с азиатским рынком

* Зачем использовать низконалоговые юрисдикции, если есть полностью безналоговые?

* Использование престижных юрисдикций: Швейцария, Люксембург, Нидерланды и т.д. – когда это обоснованно?

* "Черные списки" ФАТФ, ОЭСР, Минфина, ЦБ РФ – кому о них можно забыть?

БЛОК 2. ПРАКТИКА ИСПОЛЬЗОВАНИЯ КИПРСКИХ КОМПАНИЙ

* Особенности работы с кипрским администратором: как не дать себя обмануть?

 ** налог на прибыль (Corporate Income Tax), сбор на оборону (Defence Contribution Tax), НДС и применение “reverse charge” 

* Изменения кипрского законодательства 2012 и тенденции 2013.

* Ратификация Протокола к Соглашению между РФ и Кипром: кто понесет убытки, а кому удастся на этом заработать?

* Почему Кипр редко используют при экспорте/импорте товаров?

* Кипр как инструмент работы с ценными бумагами

БЛОК 3.СХЕМЫ, ПРИМЕНЯЕМЫЕ В МЕЖДУНАРОДНОМ НАЛОГОВОМ ПЛАНИРОВАНИИ

* Внешнеторговые операции (экспорт/импорт):

 ** схемы с использованием оффшоров и Гонконга;

 ** схемы с использование английских LTD и партнерств LLP;

 ** эстонские, чешские, датские, нидерландские компании в торговых схемах.

* Холдинговые структуры
 ** выплаты дивидендов и построение холдинговых структур;

 ** займы как оптимальный путь финансирования;

 **  (суб)лицензионные договоры и выплаты роялти за использование прав интеллектуальной собственности;

 ** анализ сложностей и рисков, расчет предельных величин отчислений по займам и роялти.

* Владение и сдача в аренду недвижимости с использованием нерезидентов

БЛОК 4. КОНФИДЕНЦИАЛЬНОСТЬ И НОМИНАЛЬНОЕ ВЛАДЕНИЕ

* Номинальный сервис:

 ** инструменты контроля номинальных директоров и номинальных акционеров;

 ** лица, которым будут известны имена бенефициаров;

* Какие данные о компании хранятся в публичных реестрах Кипра и оффшоров, и кто имеет к ним доступ?

* Обмен информацией – в каких случаях государственные органы РФ могут получить информацию о владельцах?

* Изменения в Гражданском Кодексе: бенефициар должен раскрыть себя сам.

* Трасты и семейные фонды – когда их использование оправдано?

* "Подводные камни" при использовании номинального сервиса и трастов/фондов.

БЛОК 5. ОТКРЫТИЕ СЧЕТОВ НА ИНОСТРАННЫЕ КОМПАНИИ

* Надежность, оперативность работы, лояльность – какой банк выбрать?

* Какие банки не делятся информацией с российскими спецслужбами?

* Раскрытие банковской тайны – факты и выводы

* Пути снятия средств со счета иностранного банка в России

* Росфинмониторинг: когда можно не опасаться?

БЛОК 6. ЧАСТО ЗАДАВАЕМЫЕ ВОПРОСЫ, СИТУАЦИИ ИЗ ПРАКТИКИ, ОБЗОР СУДОВ И ПИСЕМ МИНФИНА.

* Насколько международная структура владения защищает от рейдерских захватов?

* Как часто нужно предоставлять сертификат налогового резидентства и нужно ли проходить аудит для его выпуска?

* Ведет ли использование доверенностей с широким кругом полномочий  к возникновению постоянного представительства? Официальная позиция.

* Дает ли регистрация компании в ЕС возможность на привлечение кредитов и получение гражданства?

* Если компания не нужна: нужно ликвидировать или можно "бросить"?

* и т.д.

Стоимость участия:  9 000 рублей

Информацию можно получить по телефонам: 8 Моск. код: 7922I_22 и код (499) - 445-4О95
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 9932 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120730/efdef0e9/attachment.txt>

From jya at pipeline.com  Mon Jul 30 09:44:02 2012
From: jya at pipeline.com (John Young)
Date: Mon, 30 Jul 2012 12:44:02 -0400
Subject: [tor-relays] Call for discussion: turning funding into  
  more exit relays
In-Reply-To: <20120730144855.GL12615@leitl.org>
References: <20120730144855.GL12615@leitl.org>
Message-ID: <E1Svt4e-0000E1-00@pop04.mail.atl.earthlink.net>

Tor-talk unsubbed me yesterday, probably for publishing on Cryptome
Eugen's forward of this thread's initial message from Roger Dingledine,
with our additional pointers to enduring USG funding of the Tor Project.

That Tor Project has enlisted many dedicated participants around the
world is most admirable. If it was not so jingoistic and US-promotional
it would be a crowd-source service deserving of trustworthiness.

Its long-time funding by the USG propanda agency, the Broadcast Board
of Govenors, as well as several front organizations, is not to be overlooked
by incessant braggardy, technical conceit and thin-skinnedness by its
spokespersons, primarily majordomos Andrew Newman and Jacob
Appelbaum, now joined by sub-lieutenants to admit not serious faults
in the system. (The inventors and most capable technologists of Tor
do not exaggerate its virtues.)

Tor Project's duplicity reminds of ICANN and a slew of other USG TLA 
initiatives
to maintain control of the Internet while espousing a US-centric version
of information freedom which actually serves as a component of the
US national security regime.

State Department brags of the thousands of info fighters it is subsidizing,
and NSA is openly recruiting hackers. It should be assumed that the TLAs
have co-opted Anonymous-like initiatives in concert with pernicious
sockpuppetry in social media.

Tor Project would benefit from escaping USG financial clutches, albeit
difficult if dependency has become inured. The proposal to expand USG
funding for exit relays -- its most vulnerable and compromisable aspect --
is a gift horse needing a dental check before buying in.




From jya at pipeline.com  Mon Jul 30 09:54:31 2012
From: jya at pipeline.com (John Young)
Date: Mon, 30 Jul 2012 12:54:31 -0400
Subject: [tor-relays] Call for discussion: turning funding into  
  more exit relays
In-Reply-To: <E1Svt68-00024O-00@pop03.mail.atl.earthlink.net>
References: <E1Svt68-00024O-00@pop03.mail.atl.earthlink.net>
Message-ID: <E1SvtEm-0007fJ-00@pop06.mail.atl.earthlink.net>

Andrew Lewman, not Newman.




From moritz at torservers.net  Mon Jul 30 04:27:16 2012
From: moritz at torservers.net (Moritz Bartl)
Date: Mon, 30 Jul 2012 13:27:16 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
	exit relays
Message-ID: <mailman.3615.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

> True but then you are simply using empty capacity of the others which is not 
> guaranteed to you. So if the other customers start pumping your
> connection speed drops.

Not necessarily if we are on a dedicated Gbit port (which we are at
least at Axigy) and the ISP has enough upstream capacity. Limehost now
only offers "best effort" shared Gbit. Back when we ordered our server,
it clearly said dedicated Gbit.

Also, we don't really care as the deals have already paid out. We only
make monthly contracts so we can easily move in case something happens.
There's no reason to pay extra just because.

My strategy was to go through web hosting forums and pick out very cheap
ISPs. FDCservers for example claims to give away "enterprise 10Gbit,
dedicated port" for $599 at the moment. Who cares if it's "just" 2Gbps
in the end. It's still a great deal. We have been kicked from FDC in the
past and they don't have RIPE IPs so we're not going after that deal -
it might still be good for running some fast non-exit relays.

-- 
Moritz Bartl
https://www.torservers.net/
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Mon Jul 30 07:48:55 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 30 Jul 2012 16:48:55 +0200
Subject: [tor-relays] Call for discussion: turning funding into more
  	exit relays
Message-ID: <20120730144855.GL12615@leitl.org>

----- Forwarded message from Moritz Bartl <moritz at torservers.net> -----


From marsh at extendedsubset.com  Mon Jul 30 15:12:53 2012
From: marsh at extendedsubset.com (Marsh Ray)
Date: Mon, 30 Jul 2012 17:12:53 -0500
Subject: [cryptography] MS PPTP MPPE only as secure as *single* DES
	(UPDATE)
Message-ID: <mailman.3616.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

On 04/03/2012 02:29 PM, Marsh Ray wrote:
>
> Therefore, from any packet capture of a PPTP session which includes the
> initial handshake, a brute force of the response  yields the complete NT
> hash with complexity 2^57.
>
> The NT hash is a password-equivalent, and it represents the only secret
> material that goes into the MPPE encryption key derivation.
>
> So MS PPTP + MS-CHAPv2 + MPPE can be no better than single DES, and a
> break discloses your login credentials for use with other services.

An update:

Moxie Marlinspike and David Hulton have improved the attack from 2^57 to  
2^56.

Two days ago at Defcon 20 they released open source software for parsing  
network captures for any MS-CHAPv2 handshakes and an online service using a 
Pico Computing FPGA cluster to reverse the NT hash. This allows decrypting 
a captured PPTP session or logging in as the user in about half a day on 
average.

https://www.defcon.org/html/defcon-20/dc-20-speakers.html#Marlinspike
https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

On Monday, Jacob Applebaum and I will be presenting our "vpwns: Virtual  
Pwned Networks" paper at Usenix FOCI '12. It discusses the limitations of 
off-the-shelf VPN systems when used for user anonymity and censorship  
resistance. PPTP is a common choice for these systems, so we'll take the  
opportunity to reiterate the inherent weakness in MS-CHAPv2.

https://www.usenix.org/conference/foci12/vpwns-virtual-pwned-networks

This is a good opportunity for everyone to make a contribution to  
practical crypto. Anyone that can pitch in, let's do a full-court press on 
lobbying for the wholesale replacement for MS-CHAPv2 and to raise  
awareness of the decryptability of PPTP. We could use blog posts, press  
articles, tweets, etc.

Let's make this the week that the whole industry realizes that vendors  
shipping these protocols are continuing to sell crummy sub-standard  
single-DES crypto products which don't conform to modern security  
requirements.

- Marsh

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From vivaciousnesswl3 at re-sourceam.com  Mon Jul 30 07:32:50 2012
From: vivaciousnesswl3 at re-sourceam.com (=?koi8-r?B?Iu7v9/nqIOvv9PTl5PYi?=)
Date: Mon, 30 Jul 2012 23:32:50 +0900
Subject: =?koi8-r?B?8NLPxMHF1NPRICDu7/f56iDr7/T05eT2?=
Message-ID: <6219FA8F1F5149459D03896DEE79BBEA@jc50411210>

Продается  НОВЫЙ КОТТЕДЖ

Коттедж, 200 м2
Участок: 12 сот.
Киевское шоссе, Боровск

Газ, вода, Электрика, Канализация, все заведено в дом и функционирует
Под чистовую отделку
ТРЕБУЕТСЯ ТОЛЬКО ФИНИШНАЯ ОТДЕЛКА.
немецкие технологии

6,7 млн. руб

www.продам-дом-тут.рф




From saftergood at fas.org  Tue Jul 31 07:27:11 2012
From: saftergood at fas.org (Steven Aftergood)
Date: Tue, 31 Jul 2012 07:27:11 -0700
Subject: Secrecy News -- 07/31/12
Message-ID: <mailman.3617.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2012, Issue No. 77
July 31, 2012

Secrecy News Blog:  http://www.fas.org/blog/secrecy/


**     ANTI-LEAK MEASURES IN SENATE BILL TARGET PRESS, PUBLIC
**     TRADE WITH SUB-SAHARAN AFRICA, AND MORE FROM CRS


ANTI-LEAK MEASURES IN SENATE BILL TARGET PRESS, PUBLIC

The Senate Intelligence Committee markup of the FY2013 Intelligence
Authorization Act, which was officially filed yesterday, devotes an entire
title including twelve separate provisions to the issue of unauthorized
disclosures of classified information, or leaks.

But several of those provisions aim to disrupt the flow of unclassified
information to the press and the public rather than to stop leaks of
classified information.

As reported in the Washington Post today, one of the proposed measures
(section 506 of the bill) would dictate that only agency leaders could
present background briefings to the press.  Other agency personnel, such as
intelligence analysts, would be barred from providing any background
information to the press, even when such information is unclassified.

Background briefings are essential "because they help journalists
understand the full context of a story, get key details right, and ensure
that individuals or the United States as a whole will not be harmed by the
publication of incorrect information," according to the Sunshine in
Government Initiative, a press advocacy coalition.

Questioned by the Post, Senate Intelligence Committee chair Sen. Dianne
Feinstein acknowledged that she had no evidence that such briefings, which
are prized by reporters as valuable sources of information, had contributed
to unauthorized disclosures.  And yet they would be forbidden.

See "Anti-leak measure targets background briefings" by Greg Miller,
Washington Post, July 31:

	http://wapo.st/R3HKmo

Other provisions in the new bill were also roundly criticized by public
interest groups concerned with access to government information.

A provision to prevent former government officials from providing paid
commentary to news media outlets on intelligence matters is very likely
unconstitutional, said Kate Martin of the Center for National Security
Studies in a new analysis of the bill.

"The over-breadth of this provision in prohibiting commentary and analysis
even when no classified information is disclosed would violate the First
Amendment," Ms. Martin wrote. "Indeed the provision seems drafted in order
to chill public discussion of information that is not classified rather
than being narrowly tailored to simply target disclosures of classified
information."

	http://www.fas.org/sgp/news/2012/07/cnss073012.pdf

Another provision (in section 511) would grant intelligence agency heads
the authority to unilaterally revoke the pension of an employee if the
agency head "determines" that the employee has violated his or her
non-disclosure obligations.

This section "would give intelligence agency heads nearly unrestrained
discretion to suppress speech critical of the intelligence community-- even
after an employee has resigned or retired from an intelligence agency-- and
to retaliate against disfavored employees or pensioners, including
whistleblowers," wrote the Project on Government Oversight and several
other public interest organizations in an open letter to the Senate
Committee yesterday.

	http://www.fas.org/sgp/news/2012/07/anti-speech.pdf

Fundamentally, the Senate bill "changes the relationship between the press
and the federal government," according to the Sunshine in Government
Initiative.

Drafted in secret and without the benefit of any public hearing, the
Senate bill includes provisions that are "crude and dangerous," the
Washington Post editorialized today.  See "A bill to stop security leaks
puts a plug on democracy," July 31:

	http://wapo.st/T1WxfQ

The bill was approved by the Senate Intelligence Committee by a vote of 14
to 1, with Sen. Ron Wyden in opposition.  The text of the bill is here:

	http://www.fas.org/irp/congress/2012_cr/s3454.pdf

The accompanying Committee report including commentary on each provision
and Sen. Wyden's dissent may be found here:

	http://www.fas.org/irp/congress/2012_rpt/srpt112-192.pdf


TRADE WITH SUB-SAHARAN AFRICA, AND MORE FROM CRS

Newly updated reports from the Congressional Research Service that
Congress has not authorized for broad public distribution include the
following.

U.S. Trade and Investment Relationship with Sub-Saharan Africa: The
African Growth and Opportunity Act and Beyond, June 26, 2012:

	http://www.fas.org/sgp/crs/row/RL31772.pdf

The Global Climate Change Initiative (GCCI): Budget Authority and Request,
FY2010-FY2013, July 27, 2012:

	http://www.fas.org/sgp/crs/misc/R41845.pdf

Navy Force Structure and Shipbuilding Plans: Background and Issues for
Congress, July 26, 2012:

	http://www.fas.org/sgp/crs/weapons/RL32665.pdf

Housing for Persons Living with HIV/AIDS, July 3, 2012:

	http://www.fas.org/sgp/crs/misc/RL34318.pdf

Federal Pollution Control Laws: How Are They Enforced?, July 7, 2012:

	http://www.fas.org/sgp/crs/misc/RL34384.pdf

Cuba: Issues for the 112th Congress, July 20, 2012:

	http://www.fas.org/sgp/crs/row/R41617.pdf


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to
    http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    http://www.fas.org/member/donate_today.html

_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From franciscag1 at redvenezuela.com  Mon Jul 30 21:44:01 2012
From: franciscag1 at redvenezuela.com (=?koi8-r?B?IvDSz8TBxdTT0SDEz80i?=)
Date: Tue, 31 Jul 2012 10:14:01 +0530
Subject: =?koi8-r?B?8NLPxMHF1NPRIMTPzSDXIMHM2NDJytPLz80g09TJzMUg1yA0MsvNIM/U?=
	=?koi8-r?B?IO3P08vX2Swg1SDHz9LOz8zZ1s7Px88gy9XSz9LUwQ==?=
Message-ID: <68AE0085E0E042EB9D4152C2B739ACBC@sunderg>

Продается здесь www.купи-дом-здесь.рф




From eugen at leitl.org  Tue Jul 31 02:23:13 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 31 Jul 2012 11:23:13 +0200
Subject: Former NSA Official Disputes Claims by NSA Chief
Message-ID: <20120731092313.GN12615@leitl.org>

http://www.wired.com/threatlevel/2012/07/binney-on-alexander-and-nsa/

Former NSA Official Disputes Claims by NSA Chief

By Kim Zetter July 29, 2012 | 2:25 pm | Categories: National Security,
NSA, privacy, Surveillance

Follow @KimZetter

Gen. Keith Alexander, head of the NSA and U.S. Cyber Command appearing at the
2012 DefCon hacker conference in Las Vegas on Friday. Photo: Kim Zetter/Wired

LAS VEGAS b A former NSA official has accused the NSAbs director of deception
during a speech he gave at the DefCon hacker conference on Friday when he
asserted that the agency does not collect files on Americans.

William Binney, a former technical director at the NSA, said during a panel
discussion that NSA Director Gen. Keith Alexander was playing a bword gameb
and that the NSA was indeed collecting e-mails, Twitter writings, internet
searches and other data belonging to Americans and indexing it.

bUnfortunately, once the software takes in data, it will build profiles on
everyone in that data,b he said. bYou can simply call it up by the attributes
of anyone you want and itbs in place for people to look at.b

He said the NSA began building its data collection system to spy on Americans
prior to 9/11, and then used the terrorist attacks that occurred that year as
the excuse to launch the data collection project.

bIt started in February 2001 when they started asking telecoms for data,b
Binney said. bThat to me tells me that the real plan was to spy on Americans
from the beginning.b

Binney is referring to assertions that former Qwest CEO James Nacchio made in
court documents in 2007 that the NSA had asked Qwest, AT&T, Verizon and
Bellsouth in early 2001 for customer calling records and that all of the
other companies complied with the request, but Nacchio declined to
participate until served with a proper legal order.

bThe reason I left the NSA was because they started spying on everybody in
the country. Thatbs the reason I left,b said Binney, who resigned from the
agency in late 2001.

Binney was contradicting statements made on Friday by Alexander, who told the
crowd of hackers and security professionals that his agency babsolutelyb does
not maintain files on Americans.

bAnd anybody who would tell you that webre keeping files or dossiers on the
American people,b Alexander continued, bknows thatbs not true.b

Alexander also told the audience that the NSA targets only foreign entities
and that if it bincidentallyb picked up the data of Americans in the process,
the agency was required to bminimizeb the data, bwhich means nobody else can
see it unless therebs a crime thatbs been committed.b Minimization refers to
legal restrictions under the United states Signals Intelligence Directive 18
on how data pertaining to U.S. citizens can be handled, distributed or
retained.

Following the panel discussion, a former attorney for the NSA elaborated on
this to Threat Level.

bYoubre looking at a data stream that originates in a foreign country. It
just happens to be transiting the United States,b said Richard Marshall,
former associate general counsel for information assurance at the NSA.
bYoubre authorized by law to collect that data and to analyze that data. Even
though it was captured on U.S. soil, itbs against a foreign target. Now in
the process of doing that, yes, there is a possibility, more than a
possibility I guess, that there will be some U.S. person who is involved in a
conversation with a foreign entity, a foreign person. So what? If youbre not
collecting data against that U.S. person, whatbs the harm?b

But ACLU staff attorney Alex Abdo, who was also on the panel, noted that a
gaping loophole in the laws governing the NSA allows the agency to do dragnet
surveillance of non-Americans and, in the process sweep up the data of
Americans they may be communicating with, and hold onto that data even though
the Americans arenbt the target. The NSA can then btarget [the Americans]
after-the-fact.b If, for example, new information came to light involving an
American whose information is in the database, the NSA can sift through the
bminimizedb data and at that point bget the info that they couldnbt target
from the outset.b

Earlier this month, the Office of the Director of National Intelligence
admitted in a letter sent to Senator Ron Wyden that on at least one occasion
the NSA had violated the Constitutional prohibitions on unlawful search and
seizure.

According to the letter, the Foreign Intelligence Surveillance Court found
that bminimization proceduresb used by the government while it was collecting
intelligence were bunreasonable under the Fourth Amendment.b

Author James Bamford, speaking with Abdo and Binney, said that the NSA could
also get around the law against targeting Americans by targeting a call
center for a U.S. company that is based overseas, perhaps in India. When
Americans then called the center to obtain information about their bank
account or some other transaction, the NSA would be able to pick up that
communication.

Finally, Binney contradicted Alexanderbs earlier claims that the agency could
not violate the law even if it wanted to do so because the NSA is monitored
by Congress, both intel committees and their congressional members and their
staffs. bSo everything we do is auditable by them, by the FISA court b& and by
the administration. And everything we do is accountable to themb&. We are
overseen by everybody,b Alexander had said.

But these assertions are disingenuous since, Binney said, ball the oversight
is totally dependent on what the NSA tells them. They have no way of knowing
what [the NSA is] really doing unless theybre told.b

Kim Zetter

Kim Zetter is a senior reporter at Wired covering cybercrime, privacy,
security and civil liberties.




From eugen at leitl.org  Tue Jul 31 02:34:42 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 31 Jul 2012 11:34:42 +0200
Subject: A Day Job Waiting for a Kill Shot a World Away
Message-ID: <20120731093442.GP12615@leitl.org>

http://www.nytimes.com/2012/07/30/us/drone-pilots-waiting-for-a-kill-shot-7000-miles-away.html?_r=3&pagewanted=all

A Day Job Waiting for a Kill Shot a World Away

By ELISABETH BUMILLER

HANCOCK FIELD AIR NATIONAL GUARD BASE, N.Y. b From his computer console here
in the Syracuse suburbs, Col. D. Scott Brenton remotely flies a Reaper drone
that beams back hundreds of hours of live video of insurgents, his intended
targets, going about their daily lives 7,000 miles away in Afghanistan.
Sometimes he and his team watch the same family compound for weeks.

bI see mothers with children, I see fathers with children, I see fathers with
mothers, I see kids playing soccer,b Colonel Brenton said.

When the call comes for him to fire a missile and kill a militant b and only,
Colonel Brenton said, when the women and children are not around b the hair
on the back of his neck stands up, just as it did when he used to line up
targets in his F-16 fighter jet.

Afterward, just like the old days, he compartmentalizes. bI feel no emotional
attachment to the enemy,b he said. bI have a duty, and I execute the duty.b

Drones are not only revolutionizing American warfare but are also changing in
profound ways the lives of the people who fly them.

Colonel Brenton acknowledges the peculiar new disconnect of fighting a
telewar with a joystick and a throttle from his padded seat in American
suburbia.

When he was deployed in Iraq, byou land and therebs no more weapons on your
F-16, people have an idea of what you were just involved with.b Now he steps
out of a dark room of video screens, his adrenaline still surging after
squeezing the trigger, and commutes home past fast-food restaurants and
convenience stores to help with homework b but always alone with what he has
done.

bItbs a strange feeling,b he said. bNo one in my immediate environment is
aware of anything that occurred.b

Routinely thought of as robots that turn wars into sanitized video games, the
drones have powerful cameras that bring war straight into a pilotbs face.

Although pilots speak glowingly of the good days, when they can look at a
video feed and warn a ground patrol in Afghanistan about an ambush ahead, the
Air Force is also moving chaplains and medics just outside drone operation
centers to help pilots deal with the bad days b images of a child killed in
error or a close-up of a Marine shot in a raid gone wrong.

Among the toughest psychological tasks is the close surveillance for aerial
sniper missions, reminiscent of the East German Stasi officer absorbed by the
people he spies on in the movie bThe Lives of Others.b A drone pilot and his
partner, a sensor operator who manipulates the aircraftbs camera, observe the
habits of a militant as he plays with his children, talks to his wife and
visits his neighbors. They then try to time their strike when, for example,
his family is out at the market.

bThey watch this guy do bad things and then his regular old life things,b
said Col. Hernando Ortega, the chief of aerospace medicine for the Air
Education Training Command, who helped conduct a study last year on the
stresses on drone pilots. bAt some point, some of the stuff might remind you
of stuff you did yourself. You might gain a level of familiarity that makes
it a little difficult to pull the trigger.b

Of a dozen pilots, sensor operators and supporting intelligence analysts
recently interviewed from three American military bases, none acknowledged
the kind of personal feelings for Afghans that would keep them awake at night
after seeing the bloodshed left by missiles and bombs. But all spoke of a
certain intimacy with Afghan family life that traditional pilots never see
from 20,000 feet, and that even ground troops seldom experience.

bYou see them wake up in the morning, do their work, go to sleep at night,b
said Dave, an Air Force major who flew drones from 2007 to 2009 at Creech Air
Force Base in Nevada and now trains drone pilots at Holloman Air Force Base
in New Mexico. (The Air Force, citing what it says are credible threats,
forbids pilots to disclose their last names. Senior commanders who speak to
the news media and community groups about the basebs mission, like Colonel
Brenton in Syracuse, use their full names.)

Some pilots spoke of the roiling emotions after they fire a missile. (Only
pilots, all of them officers, employ weapons for strikes.)

bThere was good reason for killing the people that I did, and I go through it
in my head over and over and over,b said Will, an Air Force officer who was a
pilot at Creech and now trains others at Holloman. bBut you never forget
about it. It never just fades away, I donbt think b not for me.b

The complexities will only grow as the military struggles to keep up with a
near insatiable demand for drones. The Air Force now has more than 1,300
drone pilots, about 300 less than it needs, stationed at 13 or more bases
across the United States. They fly the unmanned aircraft mostly in
Afghanistan. (The numbers do not include the classified program of the
C.I.A., which conducts drone strikes in Pakistan, Somalia and Yemen.)
Although the Afghan war is winding down, the military expects drones to help
compensate for fewer troops on the ground.

By 2015, the Pentagon projects that the Air Force will need more than 2,000
drone pilots for combat air patrols operating 24 hours a day worldwide. The
Air Force is already training more drone pilots b 350 last year b than
fighter and bomber pilots combined. Until this year, drone pilots went
through traditional flight training before learning how to operate Predators,
Reapers and unarmed Global Hawks. Now the pilots are on a fast track and
spend only 40 hours in a basic Cessna-type plane before starting their drone
training.

Gen. Norton A. Schwartz, the Air Force chief of staff, said it was
bconceivableb that drone pilots in the Air Force would outnumber those in
cockpits in the foreseeable future, although he predicted that the Air Force
would have traditional pilots for at least 30 more years.

Many drone pilots once flew in the air themselves but switched to drones out
of a sense of the inevitable b or if they flew cargo planes, to feel closer
to the war. bYou definitely feel more connected to the guys, the battle,b
said Dave, the Air Force major, who flew C-130 transport planes in Iraq and
Afghanistan.

Now more and more Air National Guard bases are abandoning traditional
aircraft and switching to drones to meet demand, among them Hancock Field,
which retired its F-16s and switched to Reapers in 2010. Colonel Brenton, who
by then had logged more than 4,000 hours flying F-16s in 15 years of active
duty and a decade in Syracuse deploying to war zones with the Guard, said he
learned to fly drones to stay connected to combat. True, drones cannot engage
in air-to-air combat, but Colonel Brenton said that bthe amount of time Ibve
engaged the enemy in air-to-ground combat has been significantb in both
Reapers and F-16s.

bI feel like Ibm doing the same thing Ibve always done, I just donbt deploy
to do it,b he said. Now he works full time commanding a force of about 220
Reaper pilots, sensor operators and intelligence analysts at the base.

Pilots say the best days are when ground troops thank them for keeping them
safe. Ted, an Air Force major and an F-16 pilot who flew Reapers from Creech,
recalled how troops on an extended patrol away from their base in Afghanistan
were grateful when he flew a Reaper above them for five hours so they could
get some sleep one night. They told him, bWebre keeping one guy awake to talk
to you, but if you can, just watch over and make sure nobodybs sneaking up on
us,b he recalled.

All the operators dismiss the notion that they are playing a video game.
(They also reject the word bdroneb because they say it describes an aircraft
that flies on its own. They call their planes remotely piloted aircraft.)

bI donbt have any video games that ask me to sit in one seat for six hours
and look at the same target,b said Joshua, a sensor operator who worked at
Creech for a decade and is now a trainer at Holloman. bOne of the things we
try to beat into our crews is that this is a real aircraft with a real human
component, and whatever decisions you make, good or bad, therebs going to be
actual consequences.b

In his 10 years at Creech, he said without elaborating, bIbve seen some
pretty disturbing things.b

All of the pilots who once flew in cockpits say they do miss the sensation of
flight, which for Colonel Brenton extends to the F-16 flybys he did for the
Syracuse Memorial Day parade downtown. To make up for it, he sometimes heads
out on weekends in a small propeller plane, which he calls a bug smasher.

bItbs nice to be up in the air,b he said.




From alamogordop54 at romer.com  Tue Jul 31 00:44:01 2012
From: alamogordop54 at romer.com (=?koi8-r?B?IvLFy8zBzcEg0M8gxS3Qz97UxSI=?=)
Date: Tue, 31 Jul 2012 13:14:01 +0530
Subject: =?koi8-r?B?MTAg0sHT09nMz8sg2sEgMTAgMDAwINLVwszFyiAryM/T1MnOxyDOwSDN?=
	=?koi8-r?B?xdPRwyDXIPDv5OHy7+s=?=
Message-ID: <01D043F9409F40B188055237457E7B6B@userfcf73fb17d>

10 рассылок за 10 000 рублей
+ хостинг на месяц в ПОДАРОК (для указания вашего сайта в письме)

- По вашему графику
- Без ограничений по срокам
- Возможно менять макеты все 10 раз !!!
- Подготовка макетов бесплатно


АКЦИИ:
Месяц 44(46) рассылок - 2 раза в день - 5 раз в неделю - 20 000 рублей

Под акцию попадают базы:
Вся Россия - 23 млн адресов - из них 4 млн ЮР.
Вся Москва - 8 млн адресов - из них 1,7 млн ЮР.
Вся Украина - 4 млн адресов - из них 1 млн ЮР.
и др.

Тел: (495) 585-79-04
ICQ: 286 926 971
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1458 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/20120731/fb84a198/attachment.txt>

From upendsgz7 at right.com  Tue Jul 31 03:25:02 2012
From: upendsgz7 at right.com (=?koi8-r?B?ItzMydTO2cUgIMvXwdLUydLZIg==?=)
Date: Tue, 31 Jul 2012 15:55:02 +0530
Subject: =?koi8-r?B?8NLPxMHA1NPRIMvXwdLUydLZINcg6MHNz9fOycvByCA=?=
Message-ID: <B6F78F9807594744AB0F55965A4EF43E@osr39b42d40464>

Продаются элитные  квартиры в Хамовниках в близи Новодевичьего монастыря  www.дом-хамовники.рф




From radioactivity at riseup.net  Tue Jul 31 16:22:20 2012
From: radioactivity at riseup.net (radioactivity at riseup.net)
Date: Tue, 31 Jul 2012 16:22:20 -0700
Subject: [liberationtech] Comments from Chile
Message-ID: <mailman.3618.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

To the security community focused on helping social strugglers all over
the world.

First, thanks for all your efforts on building tools for human and social
liberation, this is a feedback from Chile written as suggestion from some
of you and we hope you enjoy. Several parts from this material wasn't
taken in a legal way, I'm not going to offer any proofs about this as that
can means tracking the people who helped to get this information, making
them face jail charges and torture on interrogations. If you want to check
if this statements are true, check the provided links and ask about this
to people in Chile.

Note: Even if we know your work is mostly focused on the middle east,
several tools you have made had helped on simple daily stuff like privacy.
We are not facing the same conditions or circunstances as some comrades in
the middle east are. We are trying to created a new world away from
capitalism values and with the total erradication of heriarchy. We assume
an offensive step for this in everywhere, and you can judge as much as you
want for this.

On Agust 14th of 2010 several squats were raided. 14 comrades were put in
prison for beeing anarchists and squatters, but facing charges of
terrorism association. The police had been investigating for 4 years a
serie of bomb explosions in Santiago, and decided that those 14 comrades
were responsibles for that. When i said decided it's because several
proofs were lies, some whitness were paid, but we only knew this in 2012,
when the 14 were set free without charges. The man in charge of this
operation is now a high range person in government, as a price for what hi
did, but the State didn't thought every "proof" they had were going to
fall after the truth about them were found.

That was the context

Some people (can be one, can be two, can be three, should be infinte)
decided to check the facts of this. They got a copy of several
investigation books and a list of more than 200 people beeing
investigated. That list was published on Hommodolars website on May 2011
(http://www.hommodolars.org/web/spip.php?article4031). The list included
several anarchists, native people supportes and media activists as people
suspected for the explosions. All this people had their phones tapped for
years, without any resistance for a telephone company, but all of them
with a justice call. None of the phones were tapped on al illegal way for
Chilean law, but the privacy of this 200 people was breached and none of
them related to the explosions.

The investigation books had inside several interesting stuff about the
local police behavoir, but for you this in what you need to know:

First ship of books (to 2010):

- There were pretty close photographs of every investigated person. The
books had more than 200 suspects.
- There were transcripts of several phone conversations, also hotmail's
menssenger chat.
- There were screenshots taken from hotmail.com accounts from files
obtained using Forensic Toolkit software, the bottom line of the files
reveals those were temporary files. At least one person got this.
- There were screenshots taken from hacked passwords from gmail.com
accounts. At least 4 people got this.
- There were several supperficial analysis of webservices and webpages:
flickr.com, blogspot.com, entodaspartes.org, santiago.indymedia.org,
valparaiso.indymedia.org, nodo50.org wordpress.com, indymedia.org,
riseup.net. The data included physical location to html tags used, related
names, and that kind of stuff.
- There were examples of transcribed chats using OTR, and mails using PGP
in ascii. They were not cracked.

As the case was going to nowhere, the investigation continued. There are
more than 400 persons in the investigation list. This is what was found.

Current ship of books (to 2012):

What is inside:

- At least 4 crypto.cat chats were intercepted and transcribed. (Feb 2012)
- More than 20 gmail.com accounts accessed. (2010-2012)
- Several facebook.com account accesed, but most of the data transcribed.
(2010-2012)
- Several complaints against OTR and PGP on internal memos. They asked for
help to FBI to break them, no more data about this.
- Deeper investigation of websites, including visits by police to some
people who work on alternative media projects. There is a strong analysis
for riseup.net... from software used, location, email contacts, source
code and groups that use them.

What is not inside:

- No mentions for tor, i2p or freenet.
- No mentions for riseup.net hacked accounts.
- No mentions how they got that data.

But we can always ask the affected ones. The most interesting here for you
is how they got access to crypto.cat chatlogs. That chats were taken from
7pm to 11pm on 4 different days. We don't know how they got them but we
reducted the possibilities to two scenarios.

The first one that a chilean computer got infected by some spyware, as
they got confiscated (the raids continued until now, not yet to somebody
related to the bombs case) we can no be sure about this.

The second one is one that happened to a friendly italian project to
chileans named Inventati in 2005. Chilean an Italian polices are working
together on this and several cases, so that's a possibility, also we know
that this web service is hosted in the US and the FBI is currently helping
chile on investigation of activists and media projects online. That case
is documented here http://www.inventati.org/ai/crackdown/

One of the clients of this chatlogs was an ubuntu 11.10, no issues on
accepting a weird cert or notifications. The main browser was mozilla
firefox, not using tor. The transcribed chat was recognized and didn't had
any important information but organizing some activity to get funds for
supporting political prisoners. This computer was part of only one of the
chats.

The other interesting stuff is, that even is very popular in activists
circles (more than pgp, probably the same as otr), TOR is not mentioned at
all. We don't know what this means, probably is just too new technology
for here, but it noticeable.

But i was not asked to write this just to let you notice what's wrong with
gmail, hotmail and facebook, what's failing with crypto.cat and why is
your work important for people in the south fighting for social justice.
Yes, we can face defeats, but it really demoralizing to see 30 police
officers breaking your home and exposing all your life just because your
political and life position... all broadcasted by television. None of them
was related to the bombs, none of us is related to the bombs, that's just
an excuse to fuck our lives. We need you to keep working on this, and
educate people everywhere. Our dictatorship ended in 1990, but before that
the only way to survive as resistence was to share knowledge and
practices, we need to keep that today.

Thanks for your efforts, and sorry for my engrish.

ps. I attached a official request of info from Chile to microsoft as a old
non problematic (for any of us) proof.
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Tue Jul 31 08:36:21 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 31 Jul 2012 17:36:21 +0200
Subject: Secrecy News -- 07/31/12
Message-ID: <20120731153621.GS12615@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From bbrewer at littledystopia.net  Tue Jul 31 15:40:23 2012
From: bbrewer at littledystopia.net (b. brewer)
Date: Tue, 31 Jul 2012 18:40:23 -0400
Subject: A Day Job Waiting for a Kill Shot a World Away
In-Reply-To: <20120731093442.GP12615@leitl.org>
References: <20120731093442.GP12615@leitl.org>
Message-ID: <50185ED7.5040401@littledystopia.net>

We are doomed not only as a country, but as a world, if this non-sense 
'war' continues. We have so much technology to take us forward in our 
world TOGETHER, but instead, we use it to rip away any (remaining) sense 
of humanity that we may have left.

I am curious Mr. John Young's take on this article...

-B. Brewer


On 7/31/2012 5:34 AM, Eugen Leitl wrote:
> http://www.nytimes.com/2012/07/30/us/drone-pilots-waiting-for-a-kill-shot-7000-miles-away.html?_r=3&pagewanted=all
>
> A Day Job Waiting for a Kill Shot a World Away
>
> By ELISABETH BUMILLER
>
> HANCOCK FIELD AIR NATIONAL GUARD BASE, N.Y. b From his computer console here
> in the Syracuse suburbs, Col. D. Scott Brenton remotely flies a Reaper drone
> that beams back hundreds of hours of live video of insurgents, his intended
> targets, going about their daily lives 7,000 miles away in Afghanistan.
> Sometimes he and his team watch the same family compound for weeks.
>
> bI see mothers with children, I see fathers with children, I see fathers with
> mothers, I see kids playing soccer,b Colonel Brenton said.
>
> When the call comes for him to fire a missile and kill a militant b and only,
> Colonel Brenton said, when the women and children are not around b the hair
> on the back of his neck stands up, just as it did when he used to line up
> targets in his F-16 fighter jet.
>
> Afterward, just like the old days, he compartmentalizes. bI feel no emotional
> attachment to the enemy,b he said. bI have a duty, and I execute the duty.b
>
> Drones are not only revolutionizing American warfare but are also changing in
> profound ways the lives of the people who fly them.
>
> Colonel Brenton acknowledges the peculiar new disconnect of fighting a
> telewar with a joystick and a throttle from his padded seat in American
> suburbia.
>
> When he was deployed in Iraq, byou land and therebs no more weapons on your
> F-16, people have an idea of what you were just involved with.b Now he steps
> out of a dark room of video screens, his adrenaline still surging after
> squeezing the trigger, and commutes home past fast-food restaurants and
> convenience stores to help with homework b but always alone with what he has
> done.
>
> bItbs a strange feeling,b he said. bNo one in my immediate environment is
> aware of anything that occurred.b
>
> Routinely thought of as robots that turn wars into sanitized video games, the
> drones have powerful cameras that bring war straight into a pilotbs face.
>
> Although pilots speak glowingly of the good days, when they can look at a
> video feed and warn a ground patrol in Afghanistan about an ambush ahead, the
> Air Force is also moving chaplains and medics just outside drone operation
> centers to help pilots deal with the bad days b images of a child killed in
> error or a close-up of a Marine shot in a raid gone wrong.
>
> Among the toughest psychological tasks is the close surveillance for aerial
> sniper missions, reminiscent of the East German Stasi officer absorbed by the
> people he spies on in the movie bThe Lives of Others.b A drone pilot and his
> partner, a sensor operator who manipulates the aircraftbs camera, observe the
> habits of a militant as he plays with his children, talks to his wife and
> visits his neighbors. They then try to time their strike when, for example,
> his family is out at the market.
>
> bThey watch this guy do bad things and then his regular old life things,b
> said Col. Hernando Ortega, the chief of aerospace medicine for the Air
> Education Training Command, who helped conduct a study last year on the
> stresses on drone pilots. bAt some point, some of the stuff might remind you
> of stuff you did yourself. You might gain a level of familiarity that makes
> it a little difficult to pull the trigger.b
>
> Of a dozen pilots, sensor operators and supporting intelligence analysts
> recently interviewed from three American military bases, none acknowledged
> the kind of personal feelings for Afghans that would keep them awake at night
> after seeing the bloodshed left by missiles and bombs. But all spoke of a
> certain intimacy with Afghan family life that traditional pilots never see
> from 20,000 feet, and that even ground troops seldom experience.
>
> bYou see them wake up in the morning, do their work, go to sleep at night,b
> said Dave, an Air Force major who flew drones from 2007 to 2009 at Creech Air
> Force Base in Nevada and now trains drone pilots at Holloman Air Force Base
> in New Mexico. (The Air Force, citing what it says are credible threats,
> forbids pilots to disclose their last names. Senior commanders who speak to
> the news media and community groups about the basebs mission, like Colonel
> Brenton in Syracuse, use their full names.)
>
> Some pilots spoke of the roiling emotions after they fire a missile. (Only
> pilots, all of them officers, employ weapons for strikes.)
>
> bThere was good reason for killing the people that I did, and I go through it
> in my head over and over and over,b said Will, an Air Force officer who was a
> pilot at Creech and now trains others at Holloman. bBut you never forget
> about it. It never just fades away, I donbt think b not for me.b
>
> The complexities will only grow as the military struggles to keep up with a
> near insatiable demand for drones. The Air Force now has more than 1,300
> drone pilots, about 300 less than it needs, stationed at 13 or more bases
> across the United States. They fly the unmanned aircraft mostly in
> Afghanistan. (The numbers do not include the classified program of the
> C.I.A., which conducts drone strikes in Pakistan, Somalia and Yemen.)
> Although the Afghan war is winding down, the military expects drones to help
> compensate for fewer troops on the ground.
>
> By 2015, the Pentagon projects that the Air Force will need more than 2,000
> drone pilots for combat air patrols operating 24 hours a day worldwide. The
> Air Force is already training more drone pilots b 350 last year b than
> fighter and bomber pilots combined. Until this year, drone pilots went
> through traditional flight training before learning how to operate Predators,
> Reapers and unarmed Global Hawks. Now the pilots are on a fast track and
> spend only 40 hours in a basic Cessna-type plane before starting their drone
> training.
>
> Gen. Norton A. Schwartz, the Air Force chief of staff, said it was
> bconceivableb that drone pilots in the Air Force would outnumber those in
> cockpits in the foreseeable future, although he predicted that the Air Force
> would have traditional pilots for at least 30 more years.
>
> Many drone pilots once flew in the air themselves but switched to drones out
> of a sense of the inevitable b or if they flew cargo planes, to feel closer
> to the war. bYou definitely feel more connected to the guys, the battle,b
> said Dave, the Air Force major, who flew C-130 transport planes in Iraq and
> Afghanistan.
>
> Now more and more Air National Guard bases are abandoning traditional
> aircraft and switching to drones to meet demand, among them Hancock Field,
> which retired its F-16s and switched to Reapers in 2010. Colonel Brenton, who
> by then had logged more than 4,000 hours flying F-16s in 15 years of active
> duty and a decade in Syracuse deploying to war zones with the Guard, said he
> learned to fly drones to stay connected to combat. True, drones cannot engage
> in air-to-air combat, but Colonel Brenton said that bthe amount of time Ibve
> engaged the enemy in air-to-ground combat has been significantb in both
> Reapers and F-16s.
>
> bI feel like Ibm doing the same thing Ibve always done, I just donbt deploy
> to do it,b he said. Now he works full time commanding a force of about 220
> Reaper pilots, sensor operators and intelligence analysts at the base.
>
> Pilots say the best days are when ground troops thank them for keeping them
> safe. Ted, an Air Force major and an F-16 pilot who flew Reapers from Creech,
> recalled how troops on an extended patrol away from their base in Afghanistan
> were grateful when he flew a Reaper above them for five hours so they could
> get some sleep one night. They told him, bWebre keeping one guy awake to talk
> to you, but if you can, just watch over and make sure nobodybs sneaking up on
> us,b he recalled.
>
> All the operators dismiss the notion that they are playing a video game.
> (They also reject the word bdroneb because they say it describes an aircraft
> that flies on its own. They call their planes remotely piloted aircraft.)
>
> bI donbt have any video games that ask me to sit in one seat for six hours
> and look at the same target,b said Joshua, a sensor operator who worked at
> Creech for a decade and is now a trainer at Holloman. bOne of the things we
> try to beat into our crews is that this is a real aircraft with a real human
> component, and whatever decisions you make, good or bad, therebs going to be
> actual consequences.b
>
> In his 10 years at Creech, he said without elaborating, bIbve seen some
> pretty disturbing things.b
>
> All of the pilots who once flew in cockpits say they do miss the sensation of
> flight, which for Colonel Brenton extends to the F-16 flybys he did for the
> Syracuse Memorial Day parade downtown. To make up for it, he sometimes heads
> out on weekends in a small propeller plane, which he calls a bug smasher.
>
> bItbs nice to be up in the air,b he said.




From nadim at nadim.cc  Tue Jul 31 18:03:03 2012
From: nadim at nadim.cc (Nadim Kobeissi)
Date: Tue, 31 Jul 2012 21:03:03 -0400
Subject: [liberationtech] Comments from Chile
Message-ID: <mailman.3619.1576008236.31620.cypherpunks-legacy@lists.cpunks.org>

Hello,
I am a lead developer from the Cryptocat Project. Responding to the claim
that Cryptocat chats have been transcribed:

   - It is overwhelmingly likely that local spyware/keyloggers would be
   responsible for the transcription. This scenario is rendered highly
   plausible due to the mention that the computers were previously
   confiscated, allowing for spyware to be installed to capture
   screenshots/keystrokes/etc. While this is outside of Cryptocat's threat
   model, it is still an unfortunate threat to many, and we will be responding
   by including a tutorial on how to use Tails <https://tails.boum.org/> in
   conjunction with Cryptocat in order to mitigate this threat.
   - As an ancillary measure, and even though a non-spyware compromise is
   relatively unlikely in this scenario, we will be rotating all of our keys
   (SSL and otherwise) within 48 hours.
   - As an ancillary measure, we will be studying our network for evidence
   of compromise, and we will be migrating our servers to Iceland simply
   because we can and it's likely to be a good idea in the long-term.

Furthermore, I would like to mention that the Cryptocat Project's next
major release, Cryptocat 2, which is scheduled this month, will be deployed
in a largely decentralized fashion, getting rid of the server as a possible
compromise point. More information can be found at the Cryptocat
Development Blog: https://blog.crypto.cat.

Given the circumstances of this particular incident, I believe that this is
very likely a local spyware compromise. However, due to it being easily
within our capacity to take thorough measures, we will.

Warm regards,
NK

_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From eugen at leitl.org  Tue Jul 31 12:11:18 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 31 Jul 2012 21:11:18 +0200
Subject: [cryptography] MS PPTP MPPE only as secure as *single* DES 
  (UPDATE)
Message-ID: <20120731191118.GX12615@leitl.org>

----- Forwarded message from Marsh Ray <marsh at extendedsubset.com> -----


From unmanlierrp13 at righettiridolfi.com  Tue Jul 31 23:20:48 2012
From: unmanlierrp13 at righettiridolfi.com (=?koi8-r?B?IuTM0SD3wdMgySD3wdvFyiDkxdfV28vJIg==?=)
Date: Tue, 31 Jul 2012 22:20:48 -0800
Subject: =?koi8-r?B?6M/UydTFIOnNxdTYIDEwMCUg8M/Uxc7DycA/IDEg1MHCzMXUy8Eg0sHC?=
	=?koi8-r?B?z9TBxdQgNzIgIN7B08E=?=
Message-ID: <2776837C1CAB4810BC6D350B8777F8CD@lily>

Хотите Иметь 100% Потенцию и Навсегда Избавиться от Неуверенности в Своей Мужской Состоятельности?

1 таблетка работает 72  часа, но "включается" когда необходимо

Натуральный, безопасный  и эффективный препарат для мужчин. Уникальная сбалансированная формула безопасно воздействует на мужской организм, заметно повышая уровень тестостерона - главного мужского гормона. Препарат позволяет каждому мужчине быть успешным, уверенным в себе и иметь максимум  энергии.

Закажите сейчас и получите 1 упаковку бесплатно

www.энергия-человека.рф




From secsa4 at royalsupreme.com  Tue Jul 31 06:34:42 2012
From: secsa4 at royalsupreme.com (=?koi8-r?B?IuvB0tTJztki?=)
Date: Tue, 31 Jul 2012 22:34:42 +0900
Subject: =?koi8-r?B?68HS1MnOwSDOwSDT18HE2MLVINcg0M/EwdLPyyAhIC0gMTQ5MNLVwg==?=
Message-ID: <ED653AD16C204087B529571BE8392B05@mymain>

Лето - время свадеб. Подарок на свадьбу - красивая картина в роскошной раме и в подарочной упаковке.

Летняя скидка 50 % !!! - 1490руб вместо 3000 руб ! 
Подарок доставят Вам домой или в офис !

Купить картину здесь: www.картина-тут.рф/11.shtml	




From eugen at leitl.org  Tue Jul 31 23:30:12 2012
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 1 Aug 2012 08:30:12 +0200
Subject: [liberationtech] Comments from Chile
Message-ID: <20120801063012.GN12615@leitl.org>

----- Forwarded message from radioactivity at riseup.net -----