hacker != cracker (Re: Swartz, Weev & radical libertarian lexicon)

coderman coderman at gmail.com
Sun Jan 12 21:49:33 PST 2014


On Wed, Jan 8, 2014 at 6:04 PM, brian carroll
<electromagnetize at gmail.com> wrote:
> coderman wrote:
>> i am exploring a gambit for disclosure post-statute-of-limitations,
>> but even this protection seems meager and risky.
>
> (that is a beautiful idea)


it may be a very bad idea,
 we'll find out together these months ahead ;)



there are three tales to tell:

the first: wifi security interests crossed paths with power
institutions lacking tact.  2003 Synopsis scanned and vulnerable,
Synopsis providing licensed IP to Intel, the Oregon behemoth, who then
combined a PR ruse[0] with InfraGard pull for a FBI fishing expedition
trying to catch dirt...

the second: monitoring from convenient location unexpectedly colocated
by covert crash pad for $TLA adventure leads to lessons on mutual
authentication assurances.

the third: a "research experiment" widely talked about yet so few know
about.  in 2007 a confluence of factors collided in the perfect storm:
a Tor privacy appliance actively thwarted by VMWare, a Tor summer of
code proposal rejected with prejudice, and a rash of mediocre Tor
vulnerability papers garnering press and pomp for posturing poseurs.
under this cloud of discontent we discovered and maximized a control
port vulnerability to demonstrate both the inherent strength of a
virtualized transparent proxy model, but also just how bad a truly a
truly bad vulnerability can be in practice. (dialed to 11, and
discovered the unbelievable without getting disappeared ;)

in each a discussion of the security lessons learned, perhaps an
insight here or there, much rambling implicitly entwined...


that will do for now, until the future,
   best regards




0.  called for lengthy discussion as background on article for
wireless security, instead used as a scaryhacker caricature in FUD
piece promoting Intel Centrino security features.  never talked to
media since; encourage all to never talk to media as well with rare
exception.  specific quote behind the interest:

"Netstumbling is not against the law, says special agent Mary Kimura
of the Federal Bureau of Investigation (FBI), but it comes awfully
close. "It's not illegal to scan for open networks," Kimura says, "but
once a theft of service, denial of service, or theft of information
occurs, then it becomes a federal violation." Kimura is the Infragard
coordinator in the FBI's San Francisco office."



More information about the cypherpunks mailing list