From sina at redteam.io  Thu Aug  1 06:43:17 2013
From: sina at redteam.io (SiNA Rabbani)
Date: Thu, 1 Aug 2013 06:43:17 -0700
Subject: XKeyscore: NSA tool collects 'nearly everything a user does, on
 the internet
In-Reply-To: <51FA461B.6030809@lavabit.com>
References: <51FA461B.6030809@lavabit.com>
Message-ID: <CAA8U0RQ-Ye_Qso+D7Mfd_SOgCk7n+bnGFkfd0PCCpTHgP37eDg@mail.gmail.com>

For example, In Iran which is funny how its mentioned in slide 16, weak
encryption is common.  Most VPN providers sell PPTP with MSCHAP (thanks to
the built in windows client) which I think is as weak as the password set.

Three VPN logins are being emailed from providers to users in plain text.
It can't be too difficult for NSA or anyone analyzing the traffic to
decrypt the VPN content.

--SiNA
On Aug 1, 2013 4:38 AM, "Faraz" <faraz_mah at lavabit.com> wrote:

> What's are peoples take on slide 17?
>
> "Show me all VPN startups in country X, and give me data so I can
> decrypt and discover user"
>
> http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1146 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130801/425dfed3/attachment.txt>

From jya at pipeline.com  Thu Aug  1 07:40:15 2013
From: jya at pipeline.com (John Young)
Date: Thu, 01 Aug 2013 10:40:15 -0400
Subject: Max Blumenthal on Security Forum (Eugen Leitl)
In-Reply-To: <51F96466.1020503@riseup.net>
References: <mailman.1.1375200002.16509.cypherpunks@cpunks.org>
 <51F96466.1020503@riseup.net>
Message-ID: <E1V4u18-0001O2-4r@elasmtp-dupuy.atl.sa.earthlink.net>

Not  to pry, much, into your book, do you have more of Snowden's
documents than released? If so, is more release in the offing?

Presumbably you are being tapped and metadataed up the kazoo,
except on uber-secure cpunks, these questions in guise of statements
from an appreciative audience:

Docs released by the administration yesterday was goosed by your
and others, the latter identities clearly spoofed,  challenging
releases and threats of more to come. Good outcome, that.

Following the precedential 1970s, with the gradually increasing
journalists probes and manifold late-coming Congressional
committees following the coffee smell, dueling with one another
to grab mics and cameras. Goosedness abounds, hurray!

Finally, hardly, tell me to jump in a lake, are you in touch with
Snowden? How about Glenn, Laura, Jake, Julian, Sarah?
Using OTR/PGP between US, UK, DE, BR? Cpunks need
this to climb out of the too-soon grave from breeding
the likes of today's leaking heroes..

Really, finally, and nobody here will tell, have you been
subpoenaed vis a vis Snowden? For Julian, Glenn,
Laura, Jake, Sarah, Ellsberg, Hersh, for The President's Men?

At 03:24 PM 7/31/2013, you wrote:
>First, glad to be here. Missed the cypherpunks the first time around.
>I'm going to want to get to know you folks for my ongoing coverage of --
>and book project on -- Snowden, NSA and the surveillance-industrial
>revolution.
>
>Second, while it's nice (and rather unexpected) to get a shout-out from
>Alternet, I wouldn't agree that every other journalist at Aspen was an
>acolyte. Michael Isikoff did a good job of pushing his panel, especially
>U.S. Attorney Neil MacBride, who is Snowden's designated prosecutor (and
>is trying to jail James Risen to force testimony in the Sterling leak
>case). Pete Williams is also a terrific reporter. He met charm with
>charm but gently walked Keith Alexander into a corner, eliciting
>unambiguous statements that the NSA will have to defend as time goes on.
>Plus, he called on people he knew would ask tough questions.
>
>Oh, and yes, Aspen covered my travel costs. I assume it did the same for
>others. No speaker fee was offered or requested.
>
>
>On 7/30/13 12:00 PM, Eugen Leitl <eugen at leitl.org>  wrote:
>
>Subject: Max Blumenthal on Security Forum
>
>(it's Alternet, so caveat lector)
>
>http://www.alternet.org/tea-party-and-right/shocking-extermination-fantasies-people-running-americas-empire-full-display?paging=off
>
>[...]
>
>With perhaps one notable exception, none of the high-flying reporters
>junketed to Aspen to act as interlocutors seemed terribly interested in
>interrogating the logic of the war on terror. The spectacle was a perfect
>window into the world of access journalism, with media professionals
>brown-nosing national security elites committed to secrecy and surveillance,
>avoiding overly adversarial questions but making sure to ask the requisite
>question about how much Snowden has caused terrorists to change their
>behavior.
>
>Jeff Harris, the communications director for the Aspen Institute, did not
>respond to questions I submitted about whether the journalists who
>participated in the Security Forum accepted fees. (It is likely that all
>relied on Aspen to at least cover lodging and travel costs).
>
>[...]
>
>"You have to do [domestic surveillance] within a closed bubble in order to do
>it effectively," Dennis Blair, the director of National Intelligence conceded
>under sustained grilling from the Washington Post's Barton Gellman, one of
>the reporters who broke Snowden's leaks and perhaps the only journalist at
>the Security Forum who subjected participants to tough scrutiny.
>
>When Gellman reminded Alexander that none of the oversight mechanisms
>currently in place could determine if the NSA had improperly targeted
>American citizens with no involvement in terror-related activity, the general
>declared, "we self-report those mistakes."
>





From rich at openwatch.net  Thu Aug  1 08:39:07 2013
From: rich at openwatch.net (Rich Jones)
Date: Thu, 1 Aug 2013 11:39:07 -0400
Subject: XKeyscore produced by SAIC, runs on RHEL
Message-ID: <CADJYzxJ20M0C05WoFNOaH5La9axXTtVYUf7C16-=BM5fogxwZg@mail.gmail.com>

http://jobs.saic.com/job/Columbia-XKEYSCORE-Systems-Engineer-Job-MD-21044/2679775/

*Date:* Jul 19, 2013

*Location:* Columbia, MD, US
XKEYSCORE Systems Engineer (Job Number:328432)

*Description:*

The Integrated Systems Group of SAIC has a career opening for a Tier 2
XKEYSCORE Systems Engineer, for the Mission Programs Division (MPD),
located in Columbia, Maryland.

JOB SUMMARY:
The Systems Engineer will provide support for the compartment systems that
encompass the SKIDROWE systems. The successful candidate will be a
self-starter, work well in a dynamic team environment, and be very
organized and detailed oriented.

PRIMARY RESPONSIBILITIES:
•Design and develop large-scale systems, containing multiple subsystems and
requiring integration with external systems and focus on all aspects of
acquisition, requirements definition, system design, development, and
training.
•This candidate will need to have experience in basic SIGINT technology as
well as integrating, installing, configuring, changing, and optimizing HW &
SW solutions into an overall system architecture.
•Support SIGINT systems by performing custom configurations of fielded
mission systems.
•Assist the dataflow team to verify the formats of input and output data
and the flow of data from front end sources and to back end destinations.
•Provide Tier 2 cross function support.
•Troubleshoot network and system problems and a become knowledge expert in
two other components.

Portions of SAIC to be renamed Leidos, Inc., subject to stockholder
approval and consummation of a separation transaction if approved by SAIC
board of directors. SAIC is pursuing a plan to separate into two
independently traded companies;one that provides technical, engineering and
enterprise information technology services primarily to the U.S. government
(new SAIC), and one that delivers technical solutions in national security,
engineering and health (Leidos, Inc)

*Qualifications:*
BASIC QUALIFICATIONS:
•High School diploma or equivalent with 3- 4+ years of related experience
installing, configuring, integrating, and testing software which run on Red
Hat Enterprise Linux (RHEL).
•Software Integration experience with scripting languages (Java, C and
Bourne shell).
•Familiar with VMware ESXi 3.5, 4.1, and 5.0.
•Currently possess an active TS/SCI with Polygraph security clearance.

ADDITIONAL PREFERRED QUALIFICATIONS:
•Bachelor's degree in a relevent technical disciplne.
•Ability to be mobile, work, and travel independently.
•Excellent interpersonal, verbal, and written communication skills with the
ability to successfully interact with internal and external customers.


=====

SKIDROWE?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3127 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130801/d89cc0a4/attachment.txt>

From demonfighter at gmail.com  Thu Aug  1 09:23:50 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Thu, 1 Aug 2013 12:23:50 -0400
Subject: XKeyscore produced by SAIC, runs on RHEL
In-Reply-To: <CADJYzxJ20M0C05WoFNOaH5La9axXTtVYUf7C16-=BM5fogxwZg@mail.gmail.com>
References: <CADJYzxJ20M0C05WoFNOaH5La9axXTtVYUf7C16-=BM5fogxwZg@mail.gmail.com>
Message-ID: <CAOFDsm1tvfa0YzKjTAqA2mDba379N=nWxSsOeYzqKx2idM8OsA@mail.gmail.com>

> SKIDROWE?

Skid mark, maybe. The whole thing is a pile of shit.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 154 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130801/7c2bf32f/attachment.txt>

From jya at pipeline.com  Thu Aug  1 09:25:41 2013
From: jya at pipeline.com (John Young)
Date: Thu, 01 Aug 2013 12:25:41 -0400
Subject: Fwd: XKeyscore produced by SAIC, runs on RHEL
Message-ID: <E1V4vfA-0004bM-Jy@elasmtp-curtail.atl.sa.earthlink.net>

SAIC SKIDROWE job:

https://msepjobs.militaryonesource.mil/jobposting/vpcs-engineer-job

>SKIDROWE?





From lee at guardianproject.info  Thu Aug  1 10:38:23 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Thu, 1 Aug 2013 13:38:23 -0400
Subject: XKeyscore produced by SAIC, runs on RHEL
In-Reply-To: <CAOFDsm1tvfa0YzKjTAqA2mDba379N=nWxSsOeYzqKx2idM8OsA@mail.gmail.com>
References: <CADJYzxJ20M0C05WoFNOaH5La9axXTtVYUf7C16-=BM5fogxwZg@mail.gmail.com>
 <CAOFDsm1tvfa0YzKjTAqA2mDba379N=nWxSsOeYzqKx2idM8OsA@mail.gmail.com>
Message-ID: <CAJq8BAO4auAV5oTNF9P6QTDM+q=KT-JgCwpZcpfbNhpyKPgD-A@mail.gmail.com>

Glad to know C is a "scripting language".

-lee

On Thu, Aug 1, 2013 at 12:23 PM, Steve Furlong <demonfighter at gmail.com> wrote:
>> SKIDROWE?
>
> Skid mark, maybe. The whole thing is a pile of shit.
>




From otr at riseup.net  Thu Aug  1 15:10:41 2013
From: otr at riseup.net (Barton Gellman)
Date: Thu, 01 Aug 2013 18:10:41 -0400
Subject: Max Blumenthal on Security Forum (Eugen Leitl)
In-Reply-To: <E1V4u18-0001O2-4r@elasmtp-dupuy.atl.sa.earthlink.net>
References: <mailman.1.1375200002.16509.cypherpunks@cpunks.org>
 <51F96466.1020503@riseup.net>
 <E1V4u18-0001O2-4r@elasmtp-dupuy.atl.sa.earthlink.net>
Message-ID: <51FADCE1.9040302@riseup.net>

John, et. al.,

I realize my email settings obscured my name in the previous post.
Didn't mean to be mysterious.

As usual, your questions are perceptive, provocative and mischievous. I
respectfully beg off. You know, opsec. I haven't said what materials I
have, and I've said all I want about when and how I talked to Snowden
here: http://wapo.st/11pOHyd. Unless someone puts a hood on me, you'll
know if a subpoena comes my way. Also, Hersh and Ellsberg don't need
subpoenas. They have super powers.

Cheers,
Bart
bartongellman.com
@bartongellman


On 8/1/13 10:40 AM, John Young wrote:
> Not  to pry, much, into your book, do you have more of Snowden's
> documents than released? If so, is more release in the offing?
> [...]
> Finally, hardly, tell me to jump in a lake, are you in touch with
> Snowden? How about Glenn, Laura, Jake, Julian, Sarah?
> Using OTR/PGP between US, UK, DE, BR?
> [...]
> Really, finally, and nobody here will tell, have you been
> subpoenaed vis a vis Snowden? For Julian, Glenn,
> Laura, Jake, Sarah, Ellsberg, Hersh, for The President's Men?
>
> At 03:24 PM 7/31/2013, you wrote:
>> ... while it's nice (and rather unexpected) to get a shout-out from
>> Alternet, I wouldn't agree that every other journalist at Aspen was an
>> acolyte.
...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4207 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130801/dc6aa21a/attachment.bin>

From faraz_mah at lavabit.com  Thu Aug  1 04:27:23 2013
From: faraz_mah at lavabit.com (Faraz)
Date: Thu, 01 Aug 2013 21:27:23 +1000
Subject: XKeyscore: NSA tool collects 'nearly everything a user does,
 on the internet
Message-ID: <51FA461B.6030809@lavabit.com>

What's are peoples take on slide 17?

"Show me all VPN startups in country X, and give me data so I can
decrypt and discover user"
http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation




From bpmcontrol at gmail.com  Thu Aug  1 13:09:08 2013
From: bpmcontrol at gmail.com (sharon)
Date: Thu, 01 Aug 2013 23:09:08 +0300
Subject: XKeyscore: More fun with NSA
In-Reply-To: <CAGUkT8Y6=10KR=MC6cPABAgtAkzYLOOjd=naBzkvqdVqRH6Vqg@mail.gmail.com>
References: <CAGUkT8Y6=10KR=MC6cPABAgtAkzYLOOjd=naBzkvqdVqRH6Vqg@mail.gmail.com>
Message-ID: <51FAC064.9040409@gmail.com>

thanks mate, just mailing you to return the favor.
background:
once upon a time last year, i took my hobby of replying to spammers a
bit to far.
mailed them that i know that they are planning to kill a certain
president, and to stop their jihad.
similar to what you just did. only far worse.
minutes later, my phone, home router, openBSD firewall, and debian
computer all started having issues.
in that order. <will explain more upon request, but its just strange and
not hard proof>
the hdd indicator showed constant disk activity for a few days, the disk
sounded like it too.
couldnt find anything in any log, top or ps.
anyway, i hope its contagious
also, thanks for the link.

On 07/31/2013 05:01 PM, Karel Bílek wrote:
> http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data
>
> http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
>
> (adding some keywords for NSA and the link to the latest issue
> Al-Qaeda Inspire magazine for good measure)
>
> Bin Laden
> أسامة بن محمد بن عوض بن لادن
> Al-Qaeda
> القاعدة
> Jihad
> جهاد‎
> Boston marathon
> تفجيرا ماراثون
> Hamas
> حماس‎
> Hezbollah
> حزب الله
>
> http://azelin.files.wordpress.com/2013/05/inspire-magazine-issue-11.pdf
> http://azelin.files.wordpress.com/2013/05/inspire-magazine-issue-11-ar.pdf
>




From dahanm at gmail.com  Thu Aug  1 14:03:33 2013
From: dahanm at gmail.com (Michael Dahan)
Date: Fri, 2 Aug 2013 00:03:33 +0300
Subject: Fwd: The EW Octagon: A way to test Cognitive EW
In-Reply-To: <1114376007287.1102955221708.14650.2.21153072@scheduler.constantcontact.com>
References: <1114376007287.1102955221708.14650.2.21153072@scheduler.constantcontact.com>
Message-ID: <CAOTtGVh4sm9tgngSbbyjVLQWs8V84itkQMFd8KOLkQF1gougCA@mail.gmail.com>

---------- Forwarded message ----------
From: "Brock Sheets - AOC" <sheets at crows.org>
Date: Aug 1, 2013 10:32 PM
Subject: The EW Octagon: A way to test Cognitive EW
To: <dahanm at gmail.com>
Cc:

        <http://r20.rs6.net/tn.jsp?e=001ApbboAg9oew2IiVvcauCHNznz2RqzY-ds1X8UuvhacyVLCTANrWLP6kWlSltDd77VvjCytgK1zDXMaPME0LJq4RdQF6hEX_J_Ejqzx6KgVJA-kW8du_Et1b_bz1v8Jj-UoF-fnVdVwcBbS1u4JAjFA_dZQ0ZLWHnUpK81WNd7o8CXY5ymHpgu9XkdQeESaiRD8f0EQOHJvP64wDR_sI3C-_QGcRTSclg3r3vXtBlqPwtOSJFqa3XN0mZoj26e7LupqSLOJeP-U1bK4v8B67co0lmzOOrDkT6wtQYikg6GlTNT153AuMzsXqssMupwQ6g1aggEElbhrsBA8PylWhQzNYmLpx6ruh3u86P2ZuyC3pGt0yv4DM-UFvjdIKGQm4pw2pfFdswSpPJ1LHSH3FCimBU11eJz1E-2syK5UqPAynVuiQIG-dgEaEXALv2geJ26nS7PyoR3pMCXXr4TYimU8LeaBJHwgeqdQoXtJk0Qn1eUo_De-jUHobqCK_KoyQLQGzFb5sF_L2kzKKpI8yzNZBYd-jGTtqznlfHpOIckbNZenSOsDxlkaT9AitsoXOtOwBiXvm8H_UYjCrOcR9E-4pNFuFSLQS7mX6se4eDAEuxkCHtQj7KIDAjTWO7Z_Qi7tuS1emRTIBxou7GInfL7W0i9moWDU6_qU436USxLq8R7ikCgfZg9w==>

Greetings!



Please join us for:



*The EW Octagon: *

*A way to test Cognitive EW*

August 22th, 2013   |   1400-1445 EDT



Platinum Sponsorship By:



<http://r20.rs6.net/tn.jsp?e=001ApbboAg9oew2IiVvcauCHNznz2RqzY-ds1X8UuvhacyVLCTANrWLP6kWlSltDd77VvjCytgK1zDXMaPME0LJq4RdQF6hEX_J_Ejqzx6KgVJA-kW8du_Et1b_bz1v8Jj-UoF-fnVdVwcBbS1u4JAjFA_dZQ0ZLWHnUpK81WNd7o8CXY5ymHpgu9XkdQeESaiRD8f0EQOHJvP64wDR_sI3C-_QGcRTSclg3r3vXtBlqPwtOSJFqa3XN0mZoj26e7LupqSLOJeP-U1bK4v8B67co0lmzOOrDkT6wtQYikg6GlTNT153AuMzsXqssMupwQ6g1aggEElbhrsBA8PylWhQzNYmLpx6ruh3u86P2ZuyC3pGt0yv4DM-UFvjdIKGQm4pw2pfFdswSpPJ1LHSH3FCimBU11eJz1E-2syK5UqPAynVuiQIG-dgEaEXALv2geJ26nS7PyoR3pMCXXr4TYimU8LeaBJHwgeqdQoXtJk0Qn1eUo_De-jUHobqCK_KoyQLQGzFb5sF_L2kzKKpI8yzNZBYd-jGTtqznlfHpOIckbNZenSOsDxlkaT9AitsoXOtOwBiXvm8H_UYjCrOcR9E-4pNFuFSLQS7mX6se4eDAEuxkCHtQj7KIDAjTWO7Z_Qi7tuS1emRTIBxou7GInfL7W0i9moWDU6_qU436USxLq8R7ikCgfZg9w==>

 *Presenting the Topic: *
Marine EA-6B Electronic Countermeasures Officer, flight instructor at
VT-86, *Major Kenneth "Beldar" Hollinger.*

*About the Webinar:*
The ability to transmit and receive information to and from nodes on the
battlefield can be the key to winning or losing a fight. The EMS is the
information pathway of choice in any kind of maneuver warfare. With the
exponential increase of sensors on the battlefield, we are quickly running
out of maneuver space within the EMS. It is not hard to imagine a scenario
where a contest between two adversaries is won or lost solely from the
ability to dominate the EMS. The side with EMS dominance will be able to
see the battlefield and communicate-while the other side will be rendered
blind and dumb.

In a contested EMS environment, what is the best strategy to guarantee use
of the EMS while denying the enemy the same? Assuming an equal power
budget, what strategy will give you the correct mix of sensing,
transmitting, jamming, bit checking, and processing to maximize the delta
between you and your enemy's ability to make use of the EMS?

As strategies and theories for EMS dominance are developed it will be
necessary to establish a proving ground in which to test them.

*What is the "EW Octagon"?:*
*A concept to create an environment to facilitate the maturation of
'Cognitive EW' -or the ability to autonomously sense and react to what the
enemy is doing and dominate the EMS.*

The idea is to force two opposing Cognitive EW RF systems to operate within
a contested RF band in order to test and develop Cognitive EW strategies.
Furthermore, force the systems to operate with a restricted amount of power
and enough RF bandwidth to maneuver, but not more bandwidth than each
system could take full advantage of. In other words, the 'Octagon' is a set
of contest rules, and a contest environment, crafted properly in order to
facilitate 'a good fight'.

The 'EW Octagon' is a concept that could be a useful tool for developing
strategies and technologies that will allow us to maintain EMS dominance in
a future, contested EMS environment.




*Can't attend live? *
The entire presentation and Q&A will be recorded for viewing at a later
date.  You can join the conversation and find the link to the recording in
our AOC Virtual Series Subgroup on
LinkedIn.<http://r20.rs6.net/tn.jsp?e=001ApbboAg9oeyaSwla1Q4UMzmWIIhF2JHbP0HnzlHXiHt-GivAmVQuRMFzw-OtPofzcxabsHDAjzuFV0H6P2c-84xfdWfBh7qCU38CuGscKCGYaVSjMcoFdIR5lVzi0_CROINQwyOKfx2wusOjBqNrQIKim9gGITXe8gzofiCVwgY=>

All participants are welcome to attend the AOC Virtual Series at *no charge*.
* *

<http://r20.rs6.net/tn.jsp?e=001ApbboAg9oew2IiVvcauCHNznz2RqzY-ds1X8UuvhacyVLCTANrWLP6kWlSltDd77VvjCytgK1zDXMaPME0LJq4RdQF6hEX_J_Ejqzx6KgVJA-kW8du_Et1b_bz1v8Jj-UoF-fnVdVwcBbS1u4JAjFA_dZQ0ZLWHnUpK81WNd7o8CXY5ymHpgu9XkdQeESaiRD8f0EQOHJvP64wDR_sI3C-_QGcRTSclg3r3vXtBlqPwtOSJFqa3XN0mZoj26e7LupqSLOJeP-U1bK4v8B67co0lmzOOrDkT6wtQYikg6GlTNT153AuMzsXqssMupwQ6g1aggEElbhrsBA8PylWhQzNYmLpx6ruh3u86P2ZuyC3pGt0yv4DM-UFvjdIKGQm4pw2pfFdswSpPJ1LHSH3FCimBU11eJz1E-2syK5UqPAynVuiQIG-dgEaEXALv2geJ26nS7PyoR3pMCXXr4TYimU8LeaBJHwgeqdQoXtJk0Qn1eUo_De-jUHobqCK_KoyQLQGzFb5sF_L2kzKKpI8yzNZBYd-jGTtqznlfHpOIckbNZenSOsDxlkaT9AitsoXOtOwBiXvm8H_UYjCrOcR9E-4pNFuFSLQS7mX6se4eDAEuxkCHtQj7KIDAjTWO7Z_Qi7tuS1emRTIBxou7GInfL7W0i9moWDU6_qU436USxLq8R7ikCgfZg9w==>

We look forward to your attendance and please do not hesitate to contact me
with any questions.





Respectfully,


<http://r20.rs6.net/tn.jsp?e=001ApbboAg9oeywunwchVLbRKcn77hHlI36t4TYEY1-nktwrZt11-kZ9C4wEKB-xd00KDxFPgxgItQHehF-o-HVske8E41H7H-6u5mKMAcB_VruUNXzXZdzh7tUIo_gDz8Om1tc7N1mo-PJhXXYnmuuCwlPn1ZHoBgQ7g4829f8fLmpMTwPYCKc9Qrdb5oMakiK1UvjBC55soRIsy1hWtVh7bV5v6SQpNBLlqaY1gYE-J5tWwqZoLic6gc6L9SRiPpYjL8UgXulgqk=>
 *Brock Sheets*
*AOC  |  Director of Marketing & Communications*

sheets at crows.org

crows.org<http://r20.rs6.net/tn.jsp?e=001ApbboAg9oeywunwchVLbRKcn77hHlI36t4TYEY1-nktwrZt11-kZ9C4wEKB-xd00KDxFPgxgItQHehF-o-HVske8E41H7H-6u5mKMAcB_VruUNXzXZdzh7tUIo_gDz8Om1tc7N1mo-PJhXXYnmuuCwlPn1ZHoBgQ7g4829f8fLmpMTwPYCKc9Qrdb5oMakiK1UvjBC55soRIsy1hWtVh7bV5v6SQpNBLlqaY1gYE-J5tWwqZoLic6gc6L9SRiPpYjL8UgXulgqk=>



*Platinum Sponsorship By:*



*Special Thanks to our Annual Sponsor:*

[image: Northrop Grumman]

<http://visitor.constantcontact.com/do?p=un&mse=001rxf2VXOUUER7IVkvF95It9EFDboGM9CT61OqJ8DrYrU%3D&t=001VcCQ9zrZHxHyPbpKDldhNw%3D%3D&llr=mwecugdab>
<http://www.constantcontact.com/index.jsp?cc=TEM_OFR_001>
This email was sent to dahanm at gmail.com by sheets at crows.org |
Update Profile/Email
Address<http://visitor.constantcontact.com/do?p=oo&mse=001rxf2VXOUUER7IVkvF95It9EFDboGM9CT61OqJ8DrYrU%3D&t=001VcCQ9zrZHxHyPbpKDldhNw%3D%3D&llr=mwecugdab>
| Instant removal with
SafeUnsubscribe<http://visitor.constantcontact.com/do?p=un&mse=001rxf2VXOUUER7IVkvF95It9EFDboGM9CT61OqJ8DrYrU%3D&t=001VcCQ9zrZHxHyPbpKDldhNw%3D%3D&llr=mwecugdab>™
| Privacy Policy <http://ui.constantcontact.com/roving/CCPrivacyPolicy.jsp>.
  | 1000 N. Payne St. | Alexandria | VA | 22314
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 16783 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130802/d39caa95/attachment.txt>

From die at dieconsulting.com  Thu Aug  1 21:52:24 2013
From: die at dieconsulting.com (David I. Emery)
Date: Fri, 2 Aug 2013 00:52:24 -0400
Subject: [cryptography] Radiation Emission Controls
In-Reply-To: <20130731142315.GC29404@leitl.org>
References: <E1V49uL-0003Rj-HH@elasmtp-curtail.atl.sa.earthlink.net>
 <20130730191851.GA21042@jfet.org> <20130731142315.GC29404@leitl.org>
Message-ID: <20130802045224.GB8724@pig.dieconsulting.com>

On Wed, Jul 31, 2013 at 04:23:15PM +0200, Eugen Leitl wrote:
> On Tue, Jul 30, 2013 at 03:18:51PM -0400, Riad S. Wahby wrote:
> 
> Is there any RF sigint at all done at the Utah site? It could
> all well be just a big crunch and storage facility. It would
> help if we had a good fiber map of the general area.

	Guys, there isn't much of interest to listen to in Utah... even
for NSA. Ground based RF sigint is either very local - directed at
things like foreign cellphone networks or other short range
VHF/UHF/Microwave comms systems that are only receivable a perhaps a few
thousand feet to a small number of miles away or aimed at satellites or
LF/MF/HF radio transmissions.   There are only so many satellites and we
have most of those of interest covered by dishes somewhere else
already...  and HF radio carries very little these days and optimum
sites for receiving those signals are also already in place.

	If there is much of any RF at the facility it will likely be
satellite links bringing in material of interest and maybe communicating
with remote surveillance vehicles to receive their take and control
their operation ... but many of the relevant satellites are not visible
from Utah.   And ground operations centers for those vehicles are mostly
elsewhere too...

	By a great many many orders of magnitude the NSA take from
tapping fiber world wide dwarfs almost all traditional radio reception
except maybe collection of cellphone signals from platforms that
perforce have to be more or less line of sight from the cellphone of
interest (and therefore not in Utah).

	Most radio propagation is line of sight.   Quite hard for a
ground based facility to receive much from other ground based
transmitters for more than a relatively few miles (easily less than
around 100).

> I suspect that the NSA is doing a lot of decentral signal
> prefiltering and processing at the network edge, and only uses 
> large central facilities if they're unavoidable.

	They HAVE to limit the edge take and filter, too much to deal
with otherwise.

-- 
  Dave Emery N1PRE/AE, die at dieconsulting.com  DIE Consulting, Weston, Mass 02493
"An empty zombie mind with a forlorn barely readable weatherbeaten
'For Rent' sign still vainly flapping outside on the weed encrusted pole - in 
celebration of what could have been, but wasn't and is not to be now either."




From rsw at jfet.org  Thu Aug  1 22:12:56 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Fri, 2 Aug 2013 01:12:56 -0400
Subject: XKeyscore produced by SAIC, runs on RHEL
In-Reply-To: <CAJq8BAO4auAV5oTNF9P6QTDM+q=KT-JgCwpZcpfbNhpyKPgD-A@mail.gmail.com>
References: <CADJYzxJ20M0C05WoFNOaH5La9axXTtVYUf7C16-=BM5fogxwZg@mail.gmail.com>
 <CAOFDsm1tvfa0YzKjTAqA2mDba379N=nWxSsOeYzqKx2idM8OsA@mail.gmail.com>
 <CAJq8BAO4auAV5oTNF9P6QTDM+q=KT-JgCwpZcpfbNhpyKPgD-A@mail.gmail.com>
Message-ID: <20130802051256.GA6055@jfet.org>

Lee Azzarello <lee at guardianproject.info> wrote:
> Glad to know C is a "scripting language".

What, you've never used #!/usr/bin/tcc scripts before?

-=rsw




From jya at pipeline.com  Thu Aug  1 23:51:23 2013
From: jya at pipeline.com (John Young)
Date: Fri, 02 Aug 2013 02:51:23 -0400
Subject: [cryptography] Radiation Emission Controls
Message-ID: <E1V59Ai-0001t8-1I@elasmtp-masked.atl.sa.earthlink.net>

Inquiry about emissions at NSA UDC and other data centers
was not for external capture but about internal protection from
its own emanating equipment. In particular EM interference by
the big generators at most of the facilities, electrical sub-stations,
processing racks, cabling, switches, personal devices, whatever
is used to run the operation and whatever might be deployed by
those hoping to capture inadvertent emissions by land, air, sat,
mobile. If you will, what does NSA do to capture such emissions
from data centers to data gathering and for unique signatures?

This is not likely overlooked by NSA and maybe at the other
burgeoning worldwide data centers, but what that protection
might involve, ie, Large-scale TEMPEST countermeasures,
somewhat larger than a nuclear submarine, maybe closer
to large-scale array used to snoop on global EM and radio
signals, mundane and heavenly. as with the NRAO.

We have an interest in snooping on the emissions and
protection against snooping of large buildings and infrastructure,
from electrical grids to telecom hubs to internetworks to
scientific networks to intellinks to satellites to space probes.

The usual spy sci-fi beloved of hams.







From jya at pipeline.com  Fri Aug  2 00:13:38 2013
From: jya at pipeline.com (John Young)
Date: Fri, 02 Aug 2013 03:13:38 -0400
Subject: [cryptography] Radiation Emission Controls
In-Reply-To: <20130802045224.GB8724@pig.dieconsulting.com>
References: <E1V49uL-0003Rj-HH@elasmtp-curtail.atl.sa.earthlink.net>
 <20130730191851.GA21042@jfet.org>
 <20130731142315.GC29404@leitl.org>
 <20130802045224.GB8724@pig.dieconsulting.com>
Message-ID: <E1V59WA-0004zO-GH@elasmtp-masked.atl.sa.earthlink.net>

More specifically inadvertent emissions like Non-Stop,
acoustic, vibratory, olfactory, echo, refractory, extent,
periodicity, amplitude, array, those still loosely or firmly
classified. Those somewhat treated of sea and space
borne vessels by degaussing, presumably more difficult
for aged architecture and infrastructure but maybe not
for new facilities like NSA Utah, other data centers and
global research networks.

If NRAO can assign sigs to several billion stars that should
be possible for several billions cellphones, buildings and
infrastructures.





From sina at redteam.io  Fri Aug  2 13:28:17 2013
From: sina at redteam.io (SiNA Rabbani)
Date: Fri, 2 Aug 2013 13:28:17 -0700
Subject: XKeyscore: NSA tool collects 'nearly everything a user does, on
 the internet
In-Reply-To: <CAJq8BAN0mRFG4Gak+kzavg_ahDG013Mxb1p_-R21x6JS+595nA@mail.gmail.com>
References: <51FA461B.6030809@lavabit.com>
 <CAJq8BAN0mRFG4Gak+kzavg_ahDG013Mxb1p_-R21x6JS+595nA@mail.gmail.com>
Message-ID: <CAA8U0RRCVozamkuL0ZAxYiBNffsMbmR-5fZi6qyj2T528nukDw@mail.gmail.com>

I'd say they are referring to some kind of protocol, network or application
fingerprint.

For example, all connections to standard VPN ports.
 On Aug 2, 2013 12:28 PM, "Lee Azzarello" <lee at guardianproject.info> wrote:

> Do you think Amazon and Rackspace count as "VPN Startups"?
>
> -lee
>
> On Thu, Aug 1, 2013 at 7:27 AM, Faraz <faraz_mah at lavabit.com> wrote:
> > What's are peoples take on slide 17?
> >
> > "Show me all VPN startups in country X, and give me data so I can
> > decrypt and discover user"
> >
> http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
> >
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1128 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130802/a4c61789/attachment.txt>

From lee at guardianproject.info  Fri Aug  2 12:18:04 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Fri, 2 Aug 2013 15:18:04 -0400
Subject: XKeyscore: NSA tool collects 'nearly everything a user does, on
 the internet
In-Reply-To: <51FA461B.6030809@lavabit.com>
References: <51FA461B.6030809@lavabit.com>
Message-ID: <CAJq8BAN0mRFG4Gak+kzavg_ahDG013Mxb1p_-R21x6JS+595nA@mail.gmail.com>

Do you think Amazon and Rackspace count as "VPN Startups"?

-lee

On Thu, Aug 1, 2013 at 7:27 AM, Faraz <faraz_mah at lavabit.com> wrote:
> What's are peoples take on slide 17?
>
> "Show me all VPN startups in country X, and give me data so I can
> decrypt and discover user"
> http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
>




From lee at guardianproject.info  Fri Aug  2 13:47:55 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Fri, 2 Aug 2013 16:47:55 -0400
Subject: XKeyscore: NSA tool collects 'nearly everything a user does, on
 the internet
In-Reply-To: <CAA8U0RRCVozamkuL0ZAxYiBNffsMbmR-5fZi6qyj2T528nukDw@mail.gmail.com>
References: <51FA461B.6030809@lavabit.com>
 <CAJq8BAN0mRFG4Gak+kzavg_ahDG013Mxb1p_-R21x6JS+595nA@mail.gmail.com>
 <CAA8U0RRCVozamkuL0ZAxYiBNffsMbmR-5fZi6qyj2T528nukDw@mail.gmail.com>
Message-ID: <CAJq8BAMwNywNSaM25pSt0M9F6KWAMa85qaZ5J4zu+Je7YO86Bg@mail.gmail.com>

Ha! That makes much more sense.

On Fri, Aug 2, 2013 at 4:28 PM, SiNA Rabbani <sina at redteam.io> wrote:
> I'd say they are referring to some kind of protocol, network or application
> fingerprint.
>
> For example, all connections to standard VPN ports.
>
> On Aug 2, 2013 12:28 PM, "Lee Azzarello" <lee at guardianproject.info> wrote:
>>
>> Do you think Amazon and Rackspace count as "VPN Startups"?
>>
>> -lee
>>
>> On Thu, Aug 1, 2013 at 7:27 AM, Faraz <faraz_mah at lavabit.com> wrote:
>> > What's are peoples take on slide 17?
>> >
>> > "Show me all VPN startups in country X, and give me data so I can
>> > decrypt and discover user"
>> >
>> > http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
>> >




From faraz_mah at lavabit.com  Fri Aug  2 01:29:19 2013
From: faraz_mah at lavabit.com (Faraz)
Date: Fri, 02 Aug 2013 18:29:19 +1000
Subject: XKeyscore: NSA tool collects 'nearly everything a user does,
 on the internet
In-Reply-To: <CAA8U0RQ-Ye_Qso+D7Mfd_SOgCk7n+bnGFkfd0PCCpTHgP37eDg@mail.gmail.com>
References: <51FA461B.6030809@lavabit.com>
 <CAA8U0RQ-Ye_Qso+D7Mfd_SOgCk7n+bnGFkfd0PCCpTHgP37eDg@mail.gmail.com>
Message-ID: <51FB6DDF.6040001@lavabit.com>

Right, I made the assumption that most VPNs are using forward secrecy...

which is obviously not the case.

On 01/08/13 23:43, SiNA Rabbani wrote:
>
> For example, In Iran which is funny how its mentioned in slide 16,
> weak encryption is common.  Most VPN providers sell PPTP with MSCHAP
> (thanks to the built in windows client) which I think is as weak as
> the password set.
>
> Three VPN logins are being emailed from providers to users in plain text.
> It can't be too difficult for NSA or anyone analyzing the traffic to
> decrypt the VPN content.
>
> --SiNA
>
> On Aug 1, 2013 4:38 AM, "Faraz" <faraz_mah at lavabit.com
> <mailto:faraz_mah at lavabit.com>> wrote:
>
>     What's are peoples take on slide 17?
>
>     "Show me all VPN startups in country X, and give me data so I can
>     decrypt and discover user"
>     http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
>
> Before digital, there was mechanical. View and purchase fascinating
> mechanical
> antique pocket watches and vintage wrist watches. Visit Bogoff
> Antiques today.
> http://www.bogoff.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2895 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130802/6fd96a4a/attachment.txt>

From matej.kovacic at owca.info  Fri Aug  2 14:23:44 2013
From: matej.kovacic at owca.info (Matej Kovacic)
Date: Fri, 02 Aug 2013 23:23:44 +0200
Subject: XKeyscore: NSA tool collects 'nearly everything a user does,
 on the internet
In-Reply-To: <CAJq8BAMwNywNSaM25pSt0M9F6KWAMa85qaZ5J4zu+Je7YO86Bg@mail.gmail.com>
References: <51FA461B.6030809@lavabit.com>
 <CAJq8BAN0mRFG4Gak+kzavg_ahDG013Mxb1p_-R21x6JS+595nA@mail.gmail.com>
 <CAA8U0RRCVozamkuL0ZAxYiBNffsMbmR-5fZi6qyj2T528nukDw@mail.gmail.com>
 <CAJq8BAMwNywNSaM25pSt0M9F6KWAMa85qaZ5J4zu+Je7YO86Bg@mail.gmail.com>
Message-ID: <51FC2360.4080208@owca.info>

Hi,

>> For example, all connections to standard VPN ports.
OpenVPN for instance wraps its packets into some kind of container
(that's why you can run OpenVPN and web server on the same port - this
is called port sharing).

So it is possible to detect OpenVPN traffic with packet analysis. Some
network appliances can already do that.

BTW, I think there should be the next step in development of privacy
enhaching technologies.

First step was development of encryption techniques for the masses
(credits to cyphepunks movement in 1990's).

Second step was development of anonimisation (Tor).

Third step should be development of techniques for hiding encrypted
traffic. Obfuproxy, which is a part of Tor package, does that, but we
need general purpose standalone tools.

Regards,

Matej




From gfoster at entersection.org  Sat Aug  3 00:12:37 2013
From: gfoster at entersection.org (Gregory Foster)
Date: Sat, 03 Aug 2013 02:12:37 -0500
Subject: Bruce Sterling on the moment
Message-ID: <51FCAD65.9090206@entersection.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Medium (Aug 3) - "The Ecuadorian Library: or, The Blast Shack After
Three Years" by @bruces:
https://medium.com/geek-empire-1/a1ebd2b4a0e5

HT @maupuia,
https://twitter.com/maupuia/status/363499310043774976

gf

- -- 
Gregory Foster || gfoster at entersection.org
@gregoryfoster <> http://entersection.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCgAGBQJR/K1UAAoJEMaAACmjGtgj3agQAIv8XI/+8fnvHopFDbllx5zS
8OxYuTVOGoNnSNxDC77kIH3ZLlYmXWVtG5QzxVwK76pFngxUALmNj1kBEXf0ki7n
9PZ8s88XM9MHBmH15Oh4LA9Rd48Gt9kxw8CmH4NnCUc3Lf42IhhTYUamsdpDyfSp
6z6gyRBhXrUaoHmTfPLWKc65C7endLRqS8r1jVe8uUCsYSWZuK62Ie8zFUhAgZ4C
xVaa8ckc9YWMHlUe9M9nzN28GtRHs9G53P9YRwfVqA7zIX3MxDdY1WpBa+aVLcSD
C0d1hKC+dOkOgWHWHCOgqn6FBdKDa2FPPTjmQWYmsier5iHcheCXDMccyQKrVRMu
Np+4ja7Q1Q65kvNVvzqb82HdfL73d5xxSI1MfNzPx/wDD7ezUYZfVadp40H9QDxb
RQF8xrj16Y9Tc0kci4XNhIaOyyxpDjd63pSgVNk022oNk5NAQ0i157CB705izWxn
FwgEfQzRK8HEHcvNa5bqTa0pb4CTw3/MqmQvpR0U9tQrHC56MkKRxYR+1awq2Oxx
JG5V/cLf/5h7qLMTE2u6eugWEEakx578yW5+do6APXDGs9WEcUOx3DTV0lR0k2YP
J4MVgsfNnkaybK1RaNAHXkzREgBq2tyzuRWvUKBJlK3H0xQX6CChlRek9ySz3Rc7
Po+54S4szz6n8F2/zvJd
=dpfA
-----END PGP SIGNATURE-----




From atagar at torproject.org  Sat Aug  3 16:16:31 2013
From: atagar at torproject.org (Damian Johnson)
Date: Sat, 3 Aug 2013 16:16:31 -0700
Subject: [tor-dev] Damian's Status Report - July 2013
Message-ID: <mailman.4394.1575949049.62801.testlist@lists.cpunks.org>

Hi all. This month was mostly spent on non-tor work including a server
migration, bad service outage at work, and a full week of cleaning my
apartment. Still, plenty of spiffy news in stem land...

======================================================================
Remote Descriptor Fetching
======================================================================

Major feature for this month was the addition of a module to remotely
fetch tor descriptors...

https://stem.torproject.org/api/descriptor/remote.html
https://lists.torproject.org/pipermail/tor-dev/2013-July/005156.html

This works much like tor itself does, downloading descriptor content
from directory authorities and mirrors. With it we can now easily script
against the present state of the tor network without piggybacking on a
live tor instance.

Curious what you can use it for? See our present monitors for some ideas...

https://lists.torproject.org/pipermail/tor-dev/2013-July/005209.html
https://gitweb.torproject.org/atagar/tor-utils.git/tree

This also included a little work with Nick on the spec and tor side...

* Dropped the unimplemented microdescriptor query from the spec. (#9271)

* Noting the max queryable fingerprints/hashes in spec. (#9282)

* We're getting a high failure rate on the downloads we make. A little
  more investigation is needed on my part to help narrow this down. (#9379)

======================================================================

Other news includes...

* Revised the appearance of stem's frontpage. The blue buttons were pretty
  jarring, so switched to something that matches the rest of the page...

  http://www.atagar.com/transfer/stem_frontpage/before.png
  http://www.atagar.com/transfer/stem_frontpage/after.png

* Added Slackware to our download page. Many thanks to Markus for adding us
  to SlackBuilds!

  http://slackbuilds.org/repository/14.0/python/stem/

* Worked with Sreenatha to port Tor Weather to stem. Unfortunately Weather
  does not presently have an active maintainer so I'm not sure how we will
  proceed on this front. (#8264)

  https://lists.torproject.org/pipermail/tor-dev/2013-July/005111.html

* The Munich dev meeting has attracted quite a few potential volunteers. After
  discussing prospective projects with seros I tidied up our volunteer page.
  Changes included...

  * Added Christian's Globe project
  https://lists.torproject.org/pipermail/tor-commits/2013-August/060124.html

  * Dropped Thandy
  https://lists.torproject.org/pipermail/tor-commits/2013-July/059830.html

  * Merged TorStatus into the entry for Atlas
  https://lists.torproject.org/pipermail/tor-commits/2013-July/060003.html

  * General page corrections
  https://lists.torproject.org/pipermail/tor-commits/2013-August/060125.html

* Our automated Jenkins test runs ran into another regression in tor that
  caused it to segfault. (#9298)

* STREAM events mishandled IPv6 addresses. (caught and patched by soult, #9181)

* Thread with Pierre about TorPylle which turned into a discussion with Nick
  regarding future language direction for the tor codebase. I'm looking
  forward to seeing where it goes!

  https://lists.torproject.org/pipermail/tor-dev/2013-July/005161.html

* We just finished with midterms for Google Summer of Code. Chang
  unfortunately did not pass, but the other projects are going well.

* Sorted out travel arrangements for the GSoC mentor summit. Nick and I will
  be going, and Moritz is presently on the waitlist.

* Code reviewed ra's rttprober. He provided some great feedback for which I
  still owe him a reply.

  https://lists.torproject.org/pipermail/tor-dev/2013-July/005183.html

Cheers! -Damian
_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From atagar at torproject.org  Sat Aug  3 16:16:31 2013
From: atagar at torproject.org (Damian Johnson)
Date: Sat, 3 Aug 2013 16:16:31 -0700
Subject: [tor-dev] Damian's Status Report - July 2013
Message-ID: <mailman.4395.1575949049.62801.testlist@lists.cpunks.org>

Hi all. This month was mostly spent on non-tor work including a server
migration, bad service outage at work, and a full week of cleaning my
apartment. Still, plenty of spiffy news in stem land...

======================================================================
Remote Descriptor Fetching
======================================================================

Major feature for this month was the addition of a module to remotely
fetch tor descriptors...

https://stem.torproject.org/api/descriptor/remote.html
https://lists.torproject.org/pipermail/tor-dev/2013-July/005156.html

This works much like tor itself does, downloading descriptor content
from directory authorities and mirrors. With it we can now easily script
against the present state of the tor network without piggybacking on a
live tor instance.

Curious what you can use it for? See our present monitors for some ideas...

https://lists.torproject.org/pipermail/tor-dev/2013-July/005209.html
https://gitweb.torproject.org/atagar/tor-utils.git/tree

This also included a little work with Nick on the spec and tor side...

* Dropped the unimplemented microdescriptor query from the spec. (#9271)

* Noting the max queryable fingerprints/hashes in spec. (#9282)

* We're getting a high failure rate on the downloads we make. A little
  more investigation is needed on my part to help narrow this down. (#9379)

======================================================================

Other news includes...

* Revised the appearance of stem's frontpage. The blue buttons were pretty
  jarring, so switched to something that matches the rest of the page...

  http://www.atagar.com/transfer/stem_frontpage/before.png
  http://www.atagar.com/transfer/stem_frontpage/after.png

* Added Slackware to our download page. Many thanks to Markus for adding us
  to SlackBuilds!

  http://slackbuilds.org/repository/14.0/python/stem/

* Worked with Sreenatha to port Tor Weather to stem. Unfortunately Weather
  does not presently have an active maintainer so I'm not sure how we will
  proceed on this front. (#8264)

  https://lists.torproject.org/pipermail/tor-dev/2013-July/005111.html

* The Munich dev meeting has attracted quite a few potential volunteers. After
  discussing prospective projects with seros I tidied up our volunteer page.
  Changes included...

  * Added Christian's Globe project
  https://lists.torproject.org/pipermail/tor-commits/2013-August/060124.html

  * Dropped Thandy
  https://lists.torproject.org/pipermail/tor-commits/2013-July/059830.html

  * Merged TorStatus into the entry for Atlas
  https://lists.torproject.org/pipermail/tor-commits/2013-July/060003.html

  * General page corrections
  https://lists.torproject.org/pipermail/tor-commits/2013-August/060125.html

* Our automated Jenkins test runs ran into another regression in tor that
  caused it to segfault. (#9298)

* STREAM events mishandled IPv6 addresses. (caught and patched by soult, #9181)

* Thread with Pierre about TorPylle which turned into a discussion with Nick
  regarding future language direction for the tor codebase. I'm looking
  forward to seeing where it goes!

  https://lists.torproject.org/pipermail/tor-dev/2013-July/005161.html

* We just finished with midterms for Google Summer of Code. Chang
  unfortunately did not pass, but the other projects are going well.

* Sorted out travel arrangements for the GSoC mentor summit. Nick and I will
  be going, and Moritz is presently on the waitlist.

* Code reviewed ra's rttprober. He provided some great feedback for which I
  still owe him a reply.

  https://lists.torproject.org/pipermail/tor-dev/2013-July/005183.html

Cheers! -Damian
_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From zookozot at gmail.com  Sun Aug  4 00:44:58 2013
From: zookozot at gmail.com (Zooko Wilcox-O'Hearn)
Date: Sun, 4 Aug 2013 00:44:58 -0700
Subject: [liberationtech] LeastAuthority.com announces a Spy-Proof Storage Service
Message-ID: <mailman.4396.1575949049.62801.testlist@lists.cpunks.org>

Hello again, people of liberationtech.

Nobody replied to my missive. Perhaps it was Too Long; Didn't Read!
But I wanted to mention to you that I subsequently talked to some
young programmers at DefCon. I told them that my claim is that
LeastAuthority.com's S4 is proof against PRISM-style indiscriminate
surveillance, but not proof against targeted surveillance. They
suggested: why not call it “PRISM-proof” then? Good idea! I might do
that.

Regards,

Zooko Wilcox-O'Hearn

Founder, CEO, and Customer Support Representative

https://LeastAuthority.com
--
Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From jacob at appelbaum.net  Sat Aug  3 18:29:45 2013
From: jacob at appelbaum.net (Jacob Appelbaum)
Date: Sun, 04 Aug 2013 01:29:45 +0000
Subject: [tor-dev] augmenting RSA identities/signatures with ECC and beyond
Message-ID: <mailman.4397.1575949049.62801.testlist@lists.cpunks.org>

Hi,

Linus and I had an interesting discussion at IETF 87 this past week in
Berlin. We're both concerned about long term Directory Authority
identity keys as well consensus signing with RSA keys.

We've agreed that we're interested in writing a proposal whereby we add
additional identity keys for authorities. Thus, we'll have whatever
security may be provided by RSA and the security that should be provided
by ECC signatures. The work on ntor should directly assist us in having
almost all the required crypto we'll need for such augmentation.

I tend to think that every directory authority should generate an
additional and new long term ECC identity key. This will require that
tor-gencert is extended to understand both ECC and RSA. We'll want to
add these fingerprints to src/or/config.c for each respective DA.

We'll want each directory authority to sign with both RSA and ECC. We'll
also want to extend the consensus format to handle publication of such
signatures. Older clients should be able to parse the consensus without
worry and they will check RSA signatures as always. Newer clients should
check both and report a mismatch into the logs at a high level. When
combined with ntor, I believe that we will have significantly improved
the cryptography in Tor.

It would be nice to be able to add other signature schemes -
specifically for pq crypto related undertakings. In an ideal world, I'd
like to be able to sign the consensus from my directory authority with
RSA, ECC and some kind of djb approved, tanja tested post-quantum
computer signature construct.

What do you think we should consider as we draft this proposal?

All the best,
Jacob
_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From morlockelloi at yahoo.com  Sun Aug  4 01:57:54 2013
From: morlockelloi at yahoo.com (m)
Date: Sun, 04 Aug 2013 01:57:54 -0700
Subject: Breaking PRISM and friends
In-Reply-To: <E1V5oVl-0003IQ-G1@oak.forest.a5775.uk0.bigv.io>
References: <E1V5oVl-0003IQ-G1@oak.forest.a5775.uk0.bigv.io>
Message-ID: <51FE1792.5090808@yahoo.com>

How is this conceptually different from a 2-node Tor network, where each 
ISP operates one node of the pair linking to every other ISP (so there 
are I^2 pairs)? Additional benefit of using Tor would be mixing and 
making traffic analysis harder. Threat modelling could draw on the 
existing research on Tor vulnerabilities.

Also, an ISP could easily, today, run single-node Tor network to obscure 
end point locations.

The problem does not seem technical at all. The problem is that ISPs 
have physical addresses. What you need is a floating ISP ... go 
anywhere, travel light, get in, get out, wherever there's trouble, a man 
alone.



On 8/3/13 19:57 , Nick Thomas wrote:
> Hi all,
>
> Only a decade or two late to the party... anyway, in the past few days
> since the PRISM / XKeyscore / etc leaks came to my attention, I've been
> considering schemes that breaks the kind of passive, drag-net collection
> of communications data from listening points on submarine cables and the
> like. I think I've found one, so I thought I'd share.
>
> Code is in very, very early stages at the moment;
> https://github.com/lupine/hide-eid has half of a first pass, and a bit
> of documentation on why it might work. I'm hoping to have it in a state
> where you could run a pair of VPN providers servicing a few customers
> each within a few days. As-is, scalability is suspect, though.
>
> The short how-it-works is that it stops the IP header (which typically
> reveals who is talking to whom, even if the IP payload is encrypted)
> from being  personally-identifying information. I! f your access ISP
> runs it, and your hosting ISP runs it too, you benefit from an anonymity
> set equal to all the source's customers. As long as there's no sniffing
> going on in the first and last mile, anyway.
>
> Combined with IPsec on those miles, or a vetted path if it's short
> enough, you can reduce the amount of cable that personally-identifying
> IP headers are sniffable on, from a few thousand miles, to perhaps a
> couple of feet - on which you can focus CCTV, if you're *really*
> paranoid; or even nothing at all, if you have the same box terminating
> the IPsec tunnel and the hide-eid wrapper/unwrapper.
>
> The theoretical background is from the location/identity separation
> protocol stuff. Intermediaries don't actually need to know which person
> (well, EID) the packet is from, or for; they just need to know where to
> send it (which RLOC) so that a person can pick it up. This scheme is
> basically that, imagined as a least-effort over! lay on the existing IP
> network. And it doesn't break as many protocols as cgNAT, since source
> and destination both know the EID of destination and source.
>
> Feedback of any sort is extremely welcome. Particular areas of concern
> are scaling it (especially given how the crypto works), how the crypto
> works and if there's a more sensible way (key exchange with M:N
> different ISPs to take advantage of symmetric ciphers is worrisome), and
> whether there's a better way to get L/ISP with hidden EIDs deployed to a
> subset of the internet  than a hack of this magnitude. I'm still fairly
> skeptical that it can make a noticeable difference, but it seems
> promising enough for me to keep it up in the short term, at least.
>
> If it ends up being useless, there's still tor. There's always tor.
>
> /Nick




From nick at lupine.me.uk  Sat Aug  3 19:57:29 2013
From: nick at lupine.me.uk (Nick Thomas)
Date: Sun, 04 Aug 2013 02:58:29 +0001
Subject: Breaking PRISM and friends
Message-ID: <E1V5oVl-0003IQ-G1@oak.forest.a5775.uk0.bigv.io>

Hi all,

Only a decade or two late to the party... anyway, in the past few days 
since the PRISM / XKeyscore / etc leaks came to my attention, I've been 
considering schemes that breaks the kind of passive, drag-net 
collection of communications data from listening points on submarine 
cables and the like. I think I've found one, so I thought I'd share.

Code is in very, very early stages at the moment; 
https://github.com/lupine/hide-eid has half of a first pass, and a bit 
of documentation on why it might work. I'm hoping to have it in a state 
where you could run a pair of VPN providers servicing a few customers 
each within a few days. As-is, scalability is suspect, though.

The short how-it-works is that it stops the IP header (which typically 
reveals who is talking to whom, even if the IP payload is encrypted) 
from being  personally-identifying information. If your access ISP 
runs it, and your hosting ISP runs it too, you benefit from an 
anonymity set equal to all the source's customers. As long as there's 
no sniffing going on in the first and last mile, anyway.

Combined with IPsec on those miles, or a vetted path if it's short 
enough, you can reduce the amount of cable that personally-identifying 
IP headers are sniffable on, from a few thousand miles, to perhaps a 
couple of feet - on which you can focus CCTV, if you're *really* 
paranoid; or even nothing at all, if you have the same box terminating 
the IPsec tunnel and the hide-eid wrapper/unwrapper. 

The theoretical background is from the location/identity separation 
protocol stuff. Intermediaries don't actually need to know which person 
(well, EID) the packet is from, or for; they just need to know where to 
send it (which RLOC) so that a person can pick it up. This scheme is 
basically that, imagined as a least-effort overlay on the existing IP 
network. And it doesn't break as many protocols as cgNAT, since source 
and destination both know the EID of destination and source.

Feedback of any sort is extremely welcome. Particular areas of concern 
are scaling it (especially given how the crypto works), how the crypto 
works and if there's a more sensible way (key exchange with M:N 
different ISPs to take advantage of symmetric ciphers is worrisome), 
and whether there's a better way to get L/ISP with hidden EIDs deployed 
to a subset of the internet  than a hack of this magnitude. I'm still 
fairly skeptical that it can make a noticeable difference, but it seems 
promising enough for me to keep it up in the short term, at least.

If it ends up being useless, there's still tor. There's always tor.

/Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2847 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130804/ef4bc6a3/attachment.txt>

From triggerhappy at openmail.cc  Sat Aug  3 22:30:34 2013
From: triggerhappy at openmail.cc (Trigger Happy)
Date: Sun, 04 Aug 2013 07:30:34 +0200
Subject: [tor-talk] HS drop
Message-ID: <mailman.4398.1575949049.62801.testlist@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

W dniu 04.08.2013 06:42, grarpamp pisze:
> Noting what is apparently a very large drop in the number of
> onions online. Still checking...
> 

http://www.reddit.com/r/onions/comments/1jmrta/founder_of_the_freedom_hosting_arrested_held/

- -- 
Pzdr

Trigger Happy	
jabber: triggerhappy at jabber.ccc.de

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJR/ebsAAoJEEtm9wC9fGLFZ+8P/i/gN0qwGMspdpChK8Nqhzo/
rdQesEzZNwIaG9h6RvkSSbRBtEBEYbfcijVsLBC5IsoxiIKPAIwLRQDM/v7Ztzzp
aMnFCLwWBjmOFwW2VUcKYoeP+2Q6d9IqLI7FHlsbKbCBHLmRMQouMyAuu65r/rwb
XMjy9D6e/evT+Rx+tvfkgOO7LQoIHj29uKTVDeLbghLKlnZqgFMKYx9NxnDCqbvj
TXllMkO8AjIfh4QIYTzOimC5oEKDRNHw9ci+WSrmUhO5AWBGX2rZn009x0MVO2sg
7X8UuecQ+tFGq/8/W+WGjG9neGrirDeKfesQdNlTiuGqR2K+aa2bR/D6BRLo6vEZ
4T0gZAZcM64xCWEm8GrmGiFWGKW7L71LzIC+gaBSG2qwsCdB0supPE+4uOKQ7WA9
dBKWPQg9R3x0epYwg/9L2mHxaV0oUa0EtQPGvflhpv37Oc/07Xdfml7dZyuYayzY
9lkLX0UGNwIq+CNf3GtHWf2LIBemjGOQx14H5i4vSDLZF09MPERBK4HMRz6ZTnaY
oxK6UAV0CZrOoQMAXZEDm7ywBTi3KK2nlKZvjNvtagtNqmJYx9X17U86HNSh36z6
hDouLDVZQIzZcpI1c2dsmrC+kDKZD5642daXCduyIboZAAjPud07cVI+j4yoGUHx
lQ8IbKX2L4e1iAmFjcsf
=HeQf
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Sun Aug  4 00:23:01 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 4 Aug 2013 09:23:01 +0200
Subject: [tor-talk] HS drop
Message-ID: <20130804072301.GH29404@leitl.org>

----- Forwarded message from Trigger Happy <triggerhappy at openmail.cc> -----


From eugen at leitl.org  Sun Aug  4 02:14:54 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 4 Aug 2013 11:14:54 +0200
Subject: [liberationtech] LeastAuthority.com announces a Spy-Proof
 Storage Service
Message-ID: <20130804091454.GI29404@leitl.org>

----- Forwarded message from Zooko Wilcox-O'Hearn <zookozot at gmail.com> -----


From nick at lupine.me.uk  Sun Aug  4 03:20:45 2013
From: nick at lupine.me.uk (Nick Thomas)
Date: Sun, 04 Aug 2013 11:20:45 +0100
Subject: Breaking PRISM and friends
In-Reply-To: <51FE1792.5090808@yahoo.com>
References: <E1V5oVl-0003IQ-G1@oak.forest.a5775.uk0.bigv.io>
 <51FE1792.5090808@yahoo.com>
Message-ID: <1375611645.22095.18.camel@nlwork.lan>

Hi,

On Sun, 2013-08-04 at 01:57 -0700, m wrote:
> How is this conceptually different from a 2-node Tor network, where each 
> ISP operates one node of the pair linking to every other ISP (so there 
> are I^2 pairs)? Additional benefit of using Tor would be mixing and 
> making traffic analysis harder. Threat modelling could draw on the 
> existing research on Tor vulnerabilities.

It may be misguided, but avoiding I^2 / M:N sessions was a goal. As
numbers go, it's big enough to be uncomfortable (there's ~40K ASNs).

There are other differences; with something like hide-eid, the source IP
isn't hidden from the destination, and vice-versa. This lets SIP and
FTP, for instance, work transparently over it. Also, if a peer or their
ISP objects to the traffic, they know who's responsible for it so can
take action.

That last may be a disadvantage, depending on your preferences ;). My
tor node's exit IP got added to a DNSBL for being the visible peer in
abusive HTTP requests within a day or so of being started up. 

Traditional tor is also dog-slow by comparison; packets through hide-eid
take the same network path as they ordinarily would between wrap and
unwrap. I assume that a 2-node tor network would replicate this
property? I don't feel qualified to comment on scalability potential to
any large degree, but it's something I've got an eye on. Hopefully, it's
easier to scale this kind of limited packet futzing than it is to scale
an onion router. 

> Also, an ISP could easily, today, run single-node Tor network to obscure 
> end point locations.

Would the end-users need to run tor as well, or does it have support for
scooping up a whole network's worth of traffic, transparently? I've only
gotten as far as running it, not using it...

/Nick




From eugen at leitl.org  Sun Aug  4 02:34:05 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 4 Aug 2013 11:34:05 +0200
Subject: [tor-dev] Damian's Status Report - July 2013
Message-ID: <20130804093405.GK29404@leitl.org>

----- Forwarded message from Damian Johnson <atagar at torproject.org> -----


From grarpamp at gmail.com  Sun Aug  4 08:47:46 2013
From: grarpamp at gmail.com (grarpamp)
Date: Sun, 4 Aug 2013 11:47:46 -0400
Subject: Breaking PRISM and friends
In-Reply-To: <51FE1792.5090808@yahoo.com>
References: <E1V5oVl-0003IQ-G1@oak.forest.a5775.uk0.bigv.io>
 <51FE1792.5090808@yahoo.com>
Message-ID: <CAD2Ti28VFtu4W2G2Yh9nR+8T8Tc52L7MUytjbtFu5JMkYrH2+w@mail.gmail.com>

>> Combined with IPsec on those miles, or a vetted path if it's short
>> enough, you can reduce the amount of cable that personally-identifying
>> IP headers are sniffable on, from a few thousand miles, to perhaps a
>> couple of feet

According to the speed of light, anything under a certain maximum time
from you is local. If all you had was a list of nodes, RTT could be used
to determine a global path made up of small hops less likely to be directly
monitored themselves. Hop count would rise with longer paths and
performance drops... so perhaps only useful for creating local clusters.
TTL and RTT above a minimum time are spoofable so not nearly as useful.




From rich at openwatch.net  Sun Aug  4 11:12:53 2013
From: rich at openwatch.net (Rich Jones)
Date: Sun, 4 Aug 2013 14:12:53 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
Message-ID: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>

https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arrested

 Owner arrested in Ireland, FBI makes extradition request, malicious
JavaScript discovered on a number of important hidden services.
 What happened?Eric Eoin Marques, the 28 year old owner and operator of the
Tor-based internet host 'Freedom Hosting' has been arrested in Ireland and
charged with distributing and promoting child pornography on the internet,
reports<http://www.independent.ie/irish-news/courts/fbi-bids-to-extradite-largest-childporn-dealer-on-planet-29469402.html>
 the Independent.
Since the arrest, internet users have
reported<http://www.reddit.com/r/onions/comments/1jmrta/founder_of_the_freedom_hosting_arrested_held/>
 noticing malicious JavaScript <http://pastebin.com/pmGEj9bV> designed to
compromise their identities inserted into pages hosted by Freedom Hosting,
including the 'Tormail' service, as well as a number of pedophile
messageboards.
Why?'Freedom Hosting' provides hosting for anonymous 'hidden services' on
the Tor network. These services can range from everything from anonymous
email and library services, to online marketplaces for drug distribution
and the production and exchange of child pornography.
As this is part of an ongoing FBI investigation, there is no conclusive
evidence that the injection of this JavaScript is the result of a
government operation, however, this does fall under a known pattern of FBI
behavior<http://gizmodo.com/why-the-fbi-ran-a-child-porn-site-for-two-whole-weeks-510247728>
 related to child porn sting operations. It is possible that the attack,
which delivers a weaponized exploit to Firefox users running Windows
systems, is the work of non-government cyber criminals, although the timing
of the arrest and the appearance of this code on a number of hidden
services hosted by Freedom Hosting does seem to imply a government
operation.

The execution of malicious JavaScript inside the Tor Browser Bundle,
perhaps the most commonly used Tor client, comes as a surprise to many
users. Previously, the browser disabled JavaScript execution by default for
security purposes, however this change was recently reverted by developers
in order to make the product more useful for average internet users. As a
result, however, the applications has become vastly more vulnerable to
attacks such as this*. *

What's going to happen next?Although it is difficult to gauge the size of
the anonymous internet, Freedom Hosting did seem to be perhaps the largest
anonymous web host, and its compromise will have serious implications for
the future of Tor hidden services.

We expect there will be a deeper technical analysis of the malware in the
coming days as security researchers examine it in greater detail. Since the
attack was designed at Firefox for Windows, which the Tor Browser Bundle is
based upon, it seems likely that this is not a random occurance, and that
the malware is designed specifically designed to compromise the identities
of anonymous internet users. Although this would be a victory for the FBI
against child pornographers who use the Tor network, it could also mean a
serious security breach for international activists and internet users
living in repressive states who use the services to practice online free
speech.

OpenWatch has been in the early stages of designing a new alternative to
Freedom Hosting, calledOnionCloud <https://github.com/Miserlou/OnionCloud>,
to allow anonymous Heroku-like application hosting. Developers interested
in this idea and other OpenWatch technologies are invited to join the
discussion by joining the openwatch-dev mailing list by sending an email to
openwatch-dev+subscribe at googlegroups.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6563 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130804/b87111d8/attachment.txt>

From eugen at leitl.org  Sun Aug  4 05:42:42 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 4 Aug 2013 14:42:42 +0200
Subject: [tor-dev] augmenting RSA identities/signatures with ECC and beyond
Message-ID: <20130804124242.GO29404@leitl.org>

----- Forwarded message from Jacob Appelbaum <jacob at appelbaum.net> -----


From bbrewer at littledystopia.net  Sun Aug  4 11:48:50 2013
From: bbrewer at littledystopia.net (b. brewer)
Date: Sun, 04 Aug 2013 14:48:50 -0400
Subject: Urea at NSA Utah Data Center
In-Reply-To: <51F519A4.4080907@lne.com>
References: <E1V3QHf-0007aC-GK@elasmtp-kukur.atl.sa.earthlink.net>
 <51F519A4.4080907@lne.com>
Message-ID: <51FEA212.9030609@littledystopia.net>

On 7/28/2013 9:16 AM, Eric Murray wrote:

> It is used to clean diesel exhaust.
>
> Eric
>

Exactly. No doubt they'll have plenty of back-up power options in such a 
place, and hell, we all want 'clean air'.

Super blu to the rescue.

-bbrewer




From rsw at jfet.org  Sun Aug  4 13:26:45 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Sun, 4 Aug 2013 16:26:45 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
Message-ID: <20130804202645.GA16540@jfet.org>

Rich Jones <rich at openwatch.net> wrote:
> https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arrested

A more detailed analysis of what's going on with the JS exploit:
    http://www.twitlonger.com/show/n_1rlo0uu

Hits a vulnerability in the FF17 Javascript implementation. Notable
because FF17 is the long-term support version, and it's the one included
in the TOR bundle (though JS is off by default in the bundle).

This business with the FBI spraying JS hijacks around the web is more
than a little troubling. Is this the first widely-publicized case of the
feds indiscriminately deploying an exploit on this scale?

-=rsw




From eugen at leitl.org  Sun Aug  4 10:09:15 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 4 Aug 2013 19:09:15 +0200
Subject: [silk] The Ecuadorian Library - Bruce Sterling
Message-ID: <20130804170915.GY29404@leitl.org>

----- Forwarded message from Vinayak Hegde <vinayakh at gmail.com> -----


From vinayakh at gmail.com  Sun Aug  4 09:55:09 2013
From: vinayakh at gmail.com (Vinayak Hegde)
Date: Sun, 4 Aug 2013 22:25:09 +0530
Subject: [silk] The Ecuadorian Library - Bruce Sterling
Message-ID: <mailman.4399.1575949049.62801.testlist@lists.cpunks.org>

Some money quotes from the article

"Personal computers can have users, but social media has livestock."

and

"Computers were invented as crypto-ware and spy-ware and control-ware.
That’s what Alan Turing was all about. That’s where computing came
from, that’s the scene’s original sin, and also its poisoned apple."

Article by Bruce Sterling:
https://medium.com/geek-empire-1/a1ebd2b4a0e5
----
The Ecuadorian Library
or, The Blast Shack After Three Years

Back in distant, halcyon 2010, I was asked to write something about
Wikileaks and its Cablegate scandal. So, I wrote a rather melancholy
essay about how things seemed to me to be going — dreadfully,
painfully, like some leaden and ancient Greek tragedy.

In that 2010 essay, I surmised that things were going to get worse
before they got any better. Sure enough, things now are lots, lots
worse. Much worse than Cablegate ever was.

Cablegate merely kicked the kneecap of the archaic and semi-useless US
State Department. But Edward Snowden just strolled out of the Moscow
airport, with his Wikileaks personal escort, one month after ripping
the pants off the National Security Agency.

You see, as it happens, a good half of my essay “The Blast Shack” was
about the basic problem of the NSA. Here was the takeaway from that
essay back in 2010:

One minute’s thought would reveal that a vast, opaque electronic spy
outfit like the National Security Agency is exceedingly dangerous to
democracy. Really, it is. The NSA clearly violates all kinds of
elementary principles of constitutional design. The NSA is the very
antithesis of transparency, and accountability, and free elections,
and free expression, and separation of powers ― in other words, the
NSA is a kind of giant, grown-up, anti-Wikileaks. And it always has
been. And we’re used to that. We pay no mind.

Well, dear readers, nowadays we do pay that some mind. Yes, that was
then, while this is now.

So, I no longer feel that leaden discontent and those grave misgivings
that I felt in 2010. The situation now is frankly exhilarating. It no
longer has that look-and-feel of the Edgar Allen Poe House of Usher.
This scene is straight outta Nikolai Gogol.

This is the kind of comedic situation that Russians find hilarious. I
mean, sure it’s plenty bad and all that, PRISM, XKeyScore, show
trials, surveillance, threats to what’s left of journalism, sure, I
get all that, I’m properly concerned. None of that stops it from being
hilarious.

Few geopolitical situations can ever give the Russians a full, free,
rib-busting belly laugh. This one sure does.

If Snowden had gotten things his own way, he’d be writing earnest
op-ed editorials in Hong Kong now, in English, while dining on Kung
Pao Chicken. It’s some darkly modern act of crooked fate that has
directed Edward Snowden to Moscow, arriving there as the NSA’s
Solzhenitsyn, the up-tempo, digital version of a conscience-driven
dissident defector.

But Snowden sure is a dissident defector, and boy is he ever.
Americans don’t even know how to think about characters like Snowden —
the American Great and the Good are blundering around on the public
stage like blacked-out drunks, blithering self-contradictory rubbish.
It’s all “gosh he’s such a liar” and “give us back our sinister
felon,” all while trying to swat down the jets of South American
presidents.

These thumb-fingered acts of totalitarian comedy are entirely familiar
to anybody who has read Russian literature. The pigs in Orwell’s
“Animal Farm” have more suavity than the US government is
demonstrating now. Their credibility is below zero.

The Russians, by contrast, know all about dissidents like Snowden. The
Russians have always had lots of Snowdens, heaps. They know that
Snowden is one of these high-minded, conscience-stricken,
act-on-principle characters who is a total pain in the ass.

Modern Russia is run entirely by spies. It’s class rule by the
“siloviki,” it’s Putin’s “managed democracy.” That’s the end game for
civil society when elections mean little or nothing, and intelligence
services own the media, and also the oil. And that’s groovy, sure,
it’s working out for them.

When you’re a professional spy hierarch, there are few things more
annoying than these conscience-stricken Winston Smith characters,
moodily scribbling in their notebooks, all about how there might be
hope found in the proles somehow. They’re a drag.

See, dissidence is like Andrei Sakharov. Such a useful guy, modest,
soft-spoken, brainy, built you a hydrogen bomb. This eerie device
straight from hell even works, so it’s all good. Then all of a sudden
he’s like: you know what? The noble science of physics shouldn’t harm
mankind!

What kind of self-indulgent, fatuous gesture is that? Look here, Dr
Labcoat: why was the public’s money given to you, if not to “harm
mankind”? If physics was harmless, you wouldn’t have a damn salary!

That’s what life feels like for the NSA right now. That is the shoe
Snowden laced on their foot. If you’re NSA, as so many thousands are,
you’ve known from the get-go that the planet’s wires and cables are a
weapon of mass surveillance. Because that is their inherent purpose!
You can’t get all conflicted, and start whining that Internet users
are citizens of some place or other! That is not the point at all!

Citizens and rights have nothing to do with elite, covert
technologies! The targets of surveillance are oblivious dorks, they’re
not even newbies! Even US Senators are decorative objects for the NSA.
An American Senator knows as much about PRISM and XKeyScore as a
troll-doll on the dashboard knows about internal combustion.

So, yes, the wry and mordant humor here has not escaped me. But let’s
change perspective a bit. Yes, some time has passed, and the smoke of
2010 has lifted from the scene. The cypherpunk blast shack was blown
to smithereens for good and all.

It’s now clear that the NSA has created its own dissidents. The closer
they get to the actual living fully functional NSA, the bigger, and
hairier, and more consequential these dissidents are.

First let’s consider Bradley Manning, who is not at all close to the
NSA. Bradley was a bored and upset minor military technician who
burned a zillion US documents onto a DVD, and labeled that “Lady
Gaga.”

The authorities finally got around to convicting Bradley this week, of
some randomized set of largely irrelevant charges. But the damage
there is already done; some to Bradley himself, but mostly grave,
lasting damage to the authorities. By maltreating Bradley as their
Guantanamo voodoo creature, their mystic hacker terror beast from
AlQaedaville, Oklahoma, they made Bradley Manning fifty feet high.

At least they didn’t manage to kill him. Bradley’s visibly still on
his feet, and was not so maddened by the torment of his solitary
confinement that he’s reduced to paste. So he’s going to jail as an
anti-war martyr, but time will pass. Someday, some new entity, someone
in power who’s not directly embarrassed by Cablegate, can pardon him.

Some future Administration can amnesty him, once they get around to
admitting that Bradley’s War on Terror is history. The War on Terror
has failed as conclusively as Woodrow Wilson’s League of Nations
failed. There’s terror all over the sands now, terror from Mali to
Xinjiang, and a billion tender-hearted Bradleys couldn’t stop that
bleeding, no matter how much they leak.

Thanks to the modern miracle of fracking, though, the mayhem in the
oil patch means a lot less to K Street. Someday, Bradley Manning will
be as forgotten to them as Monica Lewinsky is. Then they’ll yield to
the hornet-like, persistent buzz of the leftie peaceniks, and let
Bradley go. He’s not dangerous. Bradley Manning will never do anything
of similar consequence again. He’s not a power player. He’s a prisoner
of conscience.

However, unlike poor Monica Lewinsky, Bradley Manning will never lack
for passionate adherents who admire him and love him. Before Bradley
went into his ugly maelstrom, he didn’t have that. Nowadays, he does.
Maybe it’s worth it.

Then there’s Julian Assange. Yeah, him, the silver-haired devil, the
Mycroft Holmes of the Ecuadorian Embassy. Bradley Manning’s not at all
NSA material, he’s just a leaky clerk with a thumb-drive. But Julian’s
quite a lot closer to the NSA — because he’s a career cypherpunk.

If you’re a typical NSA geek, and you stare in all due horror at
Julian, it’s impossible not to recognize him as one of your own breed.
He’s got the math fixation, the stilted speech, the
thousand-yard-stare, and even the private idiolect that somehow allows
NSA guys to make up their own vocabulary whenever addressing Congress
(who don’t matter) and haranguing black-hat hacker security
conventions (who obviously do).

Julian has turned out to be a Tim Leary at the NSA’s psychiatric
convention. He’s a lasting embarrassment who also spiked their
Kool-Aid. Crushing Julian, cutting his funding, that stuff didn’t help
one bit. He’s still got a roof and a keyboard. That’s all he ever
seems to need.

There’s nothing quite like a besieged embassy from which to mock the
empty machinations of the vengeful yet hapless State Department. House
arrest has also helped Julian with this obscure struggle he has, not
to fling himself headlong onto Swedish feminists. The ruthless
confinement has calmed him; it’s helped him to focus. He’s grown and
matured through ardent political struggle.

Julian Assange is still a cranky extremist with a wacky digital
ideology, but he doesn’t have to talk raw craziness any more, because
the authorities are busy doing that for him. They can’t begin to
discuss PRISM and XKeyScore without admitting that their alleged
democratic process is a neon façade from LaLaLand. Instead, they’re
forced to wander into a dizzying area of discourse where Julian staked
out all the high points ten years ago.

More astonishing yet: this guy Assange, and his tiny corps of hacker
myrmidons, actually managed to keep Edward Snowden out of US custody.
Not only did Assange find an effective bolthole for himself, he also
faked one up on the fly for this younger guy.

Assange liberated Snowden, who really is NSA, or rather a civilian
outsourced contractor for the NSA, like there’s any practical
difference.

It’s incredible to me that, among the eight zillion civil society
groups on the planet that hate and fear spooks and police spies, not
one of them could offer Snowden one shred of practical help, except
for Wikileaks. This valiant service came from Julian Assange, a dude
who can’t even pack his own suitcase without having a fit.

I wouldn’t ever have picked Assange as a travel agent, but then just
look at the fellow-travellers — the solemn signatories of the recent
“International Principles on the Application of Human Rights to
Communications Surveillance.” I’ll toss a few in as an ideological
bloc here, just to memorialize their high-minded indignation.

SIGNATORIES

7iber (Amman, Jordan), Access (International), Africa Platform for
Social Protection – APSP (Africa), AGEIA Densi (Argentina),
Agentura.ru (Russia), Aktion Freiheit statt Angst (Germany), All India
Peoples Science Network (India), Alternatif Bilişim Derneği
(Alternatif Bilişim) – Turkey (Turkey), Alternative Law Forum (India),
Article 19 (International), ASL19 (Canada/Iran), Asociación Civil por
la Igualdad y la Justicia – ACIJ (Argentina), Asociación de
Internautas Spain (Spain), Asociación Paraguaya De Derecho Informático
Y Tecnológico – APADIT (Paraguay), Asociación por los Derechos Civiles
– ADC (Argentina), Aspiration (United States), Associação Brasileira
de Centros de inclusão Digital – ABCID (Brasil), Associació Pangea
Coordinadora Comunicació per a la Cooperació (Spain), Association for
Progressive Communications – APC (International), Association for
Technology and Internet – APTI (Romania), Association of Community
Internet Center – APWKomitel (Indonesia), Australia Privacy Foundation
– APF (Australia), Bahrain Center for Human Rights (Bahrain),
Bangladesh NGOs Network for Radio and Communication – BNNRC
(Bangladesh), Big Brother Watch (United Kingdom), Bits of Freedom
(Netherlands), Bolo Bhi (Pakistan), Brasilian Institute for Consumer
Defense – IDEC, (Brasil), British Columbia Civil Liberties Association
– BCCLA (Canada) Bytes for All (Pakistan)…

Just look at them all, and that’s just the A’s and B’s… Obviously, a
planetary host of actively concerned and politically connected people.
Among this buzzing horde of eager online activists from a swarm of
nations, what did any of them actually do for Snowden? Nothing.

Before Snowden showed up from a red-eye flight from Hawaii, did they
have the least idea what was actually going on with the hardware of
their beloved Internet? Not a clue. They’ve been living in a pitiful
dream world where their imaginary rule of law applies to an electronic
frontier — a frontier being, by definition, a place that never had any
laws.

The civil lib contingent here looks, if anything, even stupider than
the US Senate Intelligence Oversight contingent — who have at least
been paying lavishly to fund the NSA, and to invent a pet surveillance
court for it, with secret laws. That silly Potemkin mechanism — it’s
like a cardboard steering wheel in the cockpit of a Predator drone.

While Julian Assange, to do him credit, has the street smarts to
behave as if he’s in a situation of feral realpolitik. Because he is.
And how.

However, Assange now knows that. He’s a hardened veteran of it. And
he’s gonna stay imperiled for the immediate future, because the upshot
of this is pretty easy to see.

The inconvenient truth about the NSA is lying there on a table in the
Ecuadorian Embassy, as stark as a poisoned crow. But it’ll join our
planet’s many other inconvenient truths.

Snowden told the truth to the public — but then again, so did
Solzhenitsyn, and even Al Gore lets on sometimes. The truth doesn’t do
the trick for anybody, the truth is just a complicating factor. The
present geopolitical situation is absolutely cluttered with amazing
lies that didn’t work out for their owners.

The Iraqi weapons of mass destruction never existed. Climate change
does exist, and could drown Wall Street any day now. The abject state
of global finance is obvious, yet it makes no difference to the
ongoing depredations. Drones are stark assassination machines, and
they don’t stay classified. Anyone could go on.

And, yeah, by the way, Microsoft, Apple, Cisco, Google et al, they are
all the blood brothers of Huawei in China — because they are
intelligence assets posing as commercial operations. They are
surveillance marketers. They give you free stuff in order to spy on
you and pass that info along the value chain. Personal computers can
have users, but social media has livestock.

Even the NSA is humiliated by the billowing clouds of ongoing
pretense. Why pick on the NSA, anyway? They’re quiet professionals,
well-trained, well-educated, they’re discreet. NSA guys don’t even
know what the guy in the next NSA office is doing.

So, who made the NSA the scaly Godzilla, besides one loose civilian
contractor who ran off to Hong Kong? What about the National
Reconnaissance Office? The NRO never gets outed for their gorgon-stare
cameras that can pick out the font on any license plate, anywhere from
pole to pole.

What about all the other national cyberwar players, like the Chinese
units, methodically spearphishing every Microsoft vuln on the planet?
What about those truly ferocious coders who wrote Stuxnet, burned up
Iranian atomic factories with raw malware, and who have never been
glimpsed since? They’re a hundred times scarier than the kindly and
gentlemanly NSA.

But can the NSA speak up for themselves, by leveling with the
stakeholders about what really goes on, in the NSA’s actual, lived
experience? Nope. Not even. Before Snowden, their mouths were
duct-taped; after Snowden, it’ll be duct-tape, plus handcuffs and
electronic ankle bracelets.

So, the truth is out there, but nobody’s gonna clean up all that
falsehood. There is no visible way to make a clean break with the
gigantic, ongoing institutional deceits. There’s no mechanism by which
any such honesty could be imposed. It’s like reforming polygamy in the
Ottoman Empire.

Even if the proles rise up in a wave, busily Twittering away, you’re
gonna get an Arab Spring, followed by a regretful military coup once
people figure out that networks just aren’t governments.

Even the electronic civil lib contingent is lying to themselves.
They’re sore and indignant now, mostly because they weren’t consulted
— but if the NSA released PRISM as a 99-cent Google Android app,
they’d be all over it. Because they are electronic first, and civil as
a very distant second.

They’d be utterly thrilled to have the NSA’s vast technical power at
their own command. They’d never piously set that technical capacity
aside, just because of some elderly declaration of universal human
rights from 1947. If the NSA released their heaps of prying spycode as
open-source code, Silicon Valley would be all over that, instantly.
They’d put a kid-friendly graphic front-end on it. They’d port it
right into the cloud.

Computers were invented as crypto-ware and spy-ware and control-ware.
That’s what Alan Turing was all about. That’s where computing came
from, that’s the scene’s original sin, and also its poisoned apple.

There’s not a coherent force on Earth that wants to cork up that
bottle. They all just want another slug out of that bottle — and
they’d rather like to paste their own personal, prestige label onto
the bottle’s glass. You know, like your own attractive face, pasted on
the humming planetary big iron of Facebook.

Digital, globalized societies — where capital and information moves,
and where labor and human flesh doesn’t move — they behave like this.
That is what we are witnessing and experiencing. It’s weird because we
are weird. We’re half actual and half digital now. We’re like the
squirming brood of a tiger mated to a shark.

You can tell that Manning, Assange and Snowden are all the same kind
of irritant, because, somehow, amazingly, the planet’s response is to
physically squish them. They’re all online big-time, and their digital
shadow is huge, so the response is just to squeeze their mortal human
bodies, literally, legally, extra-legally, by whatever means becomes
available.

It’s a wrestling match of virtuality and actuality, an irruption of
the physical into the digital. It’s all about Bradley shivering naked
in his solitary cage, and Julian diligently typing in his book-lined
closet at the embassy, and Ed bagging out behind the plastic seating
of some airport, in a jetlag fit of black globalization that went on
for a solid month.

And, those tiny, confined, somehow united spaces are the moral high
ground. That’s where it is right now, that’s what it looks like these
days.

You can see that in the recent epic photo of Richard Stallman — the
Saint Francis of Free Software, the kind of raw crank who preaches to
birds and wanders the planet shoeless – shoulder-to-shoulder with an
unshaven Assange, sporting his manly work shirt. The two of them,
jointly holding up a little propaganda pic of Edward Snowden.

They have the beatific look of righteousness rewarded. Che Guevara in
his starred beret had more self-doubt than these guys. They are
thrilled with themselves.

People, you couldn’t trust any of these three guys to go down to the
corner grocery for a pack of cigarettes. Stallman would bring you tiny
peat-pots of baby tobacco plants, then tell you to grow your own.
Assange would buy the cigarettes, but smoke them all himself while
coding up something unworkable. And Ed would set fire to himself, to
prove to an innocent mankind that tobacco is a monstrous and cancerous
evil that must be exposed at all costs.

And yet the three of them together, they look just amazing. They are
fantastic figures, like the promise of otherworldly aid from a
superhero comic. They are visibly stronger than they’ve ever been
before. They have the initiative in a world afflicted with
comprehensive helplessness.

And there’s more coming. Lots, lots more.


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From dan at geer.org  Mon Aug  5 11:43:28 2013
From: dan at geer.org (dan at geer.org)
Date: Mon, 05 Aug 2013 14:43:28 -0400
Subject: [cryptography] fwd: Paillier Crypto
Message-ID: <mailman.4400.1575949049.62801.testlist@lists.cpunks.org>


> http://9ac345a5509a.github.io/p2p-paillier/
>
> This is a form of Homomorphic Encryption that might actually scale,
> given the right cloud backend. It verges on the spookiness of
> Quantum.
>
> Support logic that might shed light on the true performance of
> Paillier.
>
> http://plaintext.crypto.lo.gy/article/658/encounter


--dan

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From calebdelisle at lavabit.com  Mon Aug  5 11:55:22 2013
From: calebdelisle at lavabit.com (Caleb James DeLisle)
Date: Mon, 05 Aug 2013 14:55:22 -0400
Subject: [liberationtech] CJDNS hype
Message-ID: <mailman.4401.1575949049.62801.testlist@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

On 08/05/2013 01:26 PM, Michael Rogers wrote:
> Hi Caleb,
> 
> On 03/08/13 01:33, Caleb James DeLisle wrote:
>> We could spend a long time discussing locally effective attacks on social networks and not be any closer to agreement.
> 
>> Instead I think it's worth asking who your attacker is... I find that when people don't stop to ask who the attacker is, what he wants and what resources he can apply on the attack, they end up with a default assumption that the attacker is everywhere and has infinite resources.....
> 
>> If you can give me a clear picture of the person who would use this attack, what they want from the attack and what resources they can bring to bear on the problem, I might be able to speak more to the issue.
> 
> Excellent point! The adversary I have in mind looks something like this:
> 
> * Can create adversarial nodes * Can persuade a limited proportion of users to make direct connections to adversarial nodes


Infecting existing nodes is cheaper than knocking on doors asking people
to connect to your evil nodes because your reputation doesn't suffer when
the trick is discovered.


> * Can co-ordinate the behaviour of all adversarial nodes * Can create low-latency, high-bandwidth connections between adversarial nodes

It doesn't cover whether adversarial nodes are geographically
dispersed or not. If they are then the the attack is significantly
more expensive.

> * Can't monitor or tamper with direct connections between non-adversarial nodes * Can't break standard crypto primitives * Aims to degrade the performance of cjdns for some or all users


This is good from a capabilities standpoint but it doesn't cover
motive which is hugely important to threat modeling. If someone has
significant resources and their motive is "to cause mayhem", securing
infrastructure against them is not really possible which is why
traditional antiterrorism efforts seem incoherent.

Causing localized network disruption is trivial in any ethernet,
you simply answer ARP or DHCP packets. This is done by some malware
but the motive is to carry out a MiTM attack and trick the victim
into installing the malware binary which is disguised as an update.

With cjdns you would not have the ability to MiTM so the same style
attack would just cause a localized network outage.

Another motive for localized DoS is to force users to an unencrypted
channel. If every time the police use encrypted radio you jam it,
they may be tricked into using unencrypted channels. The main defense
against this is not to have an insecure backup.

Also note that localized network outages can be caused by wire cutters
and/or wifi jammers so a protocol attack may never be the most effective
approach.


> 
>>> What heuristics do you have in mind?
> 
> 
>> Given a set of known evil nodes, find the longest common route prefix(es) which contain all of the evil nodes. The last node along each common prefix is probably an edge.
> 
> How would you find a set of known evil nodes?

cat-and-mouse games which is why I don't like this approach.
You could send forwarded packets to nodes to whom you know a direct
path and then send them a direct packet asking if they got the
forwarded packet. You have to try it a few times to be sure the
endpoint is not fooling you and there are still more ways to detect
and work around it.

It's not something I'm interested in ever implementing so it's not
really worth further discussion.

> 
>>> People have put years of research effort into designing automatic Sybil defenses. The solutions they've come up with (SybilGuard, SybilLimit, Gatekeeper, SybilInfer) are complex and heavyweight, and they depend on assumptions about the structure of the social network - in other words they're not off-the-shelf solutions that you could just drop into cjdns later if the need arises.
> 
> 
>> They operate under different constraints.
> 
> Could you elaborate on the differences? The systems I mentioned are designed for use in P2P networks where the edges are based on real-world social relationships and there's no central authority. Isn't that similar to the cjdns setting?


I suppose it is because the same information can be derived, albeit
with some complexity. In cjdns the path through the social network
which is represented by any given node is expressed in the label so
you get it for free.


> 
>> Everybody knows paths to those who are the numerically closest to themselves no matter the physical distance. Since addresses are spread randomly throughout the network, it means that anyone given node is directly reachable from a few nodes in each physical locality of the network.
> 
> Let's consider what happens as the network grows. On average, each node is pointed to by t routing table entries, where t is the size of a node's routing table. As the network grows, the t entries pointing to a given node will be spread more thinly across the network, unless we increase t in direct proportion to the number of nodes. Increasing t like that won't scale indefinitely, but for the sake of argument let's assume it will scale well enough for whatever size cjdns grows to.
> 
> So wherever we start from, there's some nearby node that knows a switching path to the destination. However, the length of that switching path will increase (on average) as the network grows. Even if we had a magic oracle that told us the shortest path to any destination, that path would still be longer on average in a large network than a small network.
> 
> Therefore if some proportion of the nodes are adversarial, the probability of hitting an adversarial node on the way from a randomly chosen source to a randomly chosen destination will increase as the network grows.


It's all true but it's worth noting that in order to maintain the same
proportion of evil nodes in a growing network, the evil net must grow
as well  which brings us back to motive. If somebody is willing and able
to invest a significant amount of money into setting up evil nodes then
he must want something.

It seems more realistic that the evil nodes would be compromised good
nodes, an attack which which scales better.


> 
>>> If the attacker creates a Sybil region of social space that's larger than the non-Sybil region, and you try to ensure that your routing table contains a diverse sampling of the whole social space, then your routing table will tend to contain more Sybils than non-Sybils.
> 
> 
>> The number of nodes and the way they're organized doesn't help. They're all behind a common label prefix (the path to the sybil edge) and that label prefix would cause them to be seen as a cluster.
> 
> Unfortunately it's not that simple. You're assuming that from the point of view of a given node, all the Sybils are behind a single edge (an attack edge, in SybilGuard terminology). But a given Sybil may be reachable via multiple attack edges. That's why SybilGuard and its descendents are so complex: before sampling the network to look for clusters, they have to ensure that there's only a single way for samples to reach each node.

With cjdns there are multiple ways to reach a node but only one best
way so that's mostly a solved problem.

A non-adversarial way to look at this proposal is it attempts to avoid
over-reliance on a single network link. Each edge would just appear as
a link with a disproportionate number of nodes relying on it.


You should check out the network, I think you'd find some interesting
discussions in the dark irc network (irc.hypeirc.net) #hyperboria and
#cjdns you might also find some people interested in helping with briar ;)

Thanks,
Caleb

> 
> Cheers, Michael
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJR//UaAAoJECYAmptlsgnWHtMP/07m2NN2A+vk9isBn9eOzkyN
GcjgJFL0VbcRQXU/sSQnzowcfoGT2bDy2IkscrjrIZYULbzJMGTurkfQK8+t/ZDH
MVCouz6T/p8XVhPjQ8s/sq/JEIS3roV4sE/Qrt+P7vZp7Dv6vL69gAmf+OSTmgLY
K8R1NY9BQD1wv16pwSUfyaccsoftxE3GytKCxMkW4jqa8ENUIDWEJ5qrsbesSTdy
Tl0zaypC2Z1teud8G1plxV7sQvTQjjeV7+RXG39icTdkteyZQr8wcqo/69FUI6yb
MXc2fBYLjnQjr6yJFSZPvhCnD8AR5TLwZC6Oi2x3TbYsBNXqjGxr73y/gRsX/SEv
mHXWCzIa3MIWStVQZTDuM4edLi6ab2ZViMueospfs/sfptMiJkDpPjom8HvHgNZh
9tjScCPZKiOqYU44DYNkCeNKKbuABukkEGh5S0KafSg0YiV4qrogLsfata2+AXjy
joa3YydwcCkjZ2wa5A3LIZV8qwLFVdQ9Y+6dIMOe1xqBF7Cd/5KOtFMpglXU0pdF
tIFxnILYc3B5w71wADDGnC69+iOde3Wv8NVgqmSplu94nq1UKQO4MzQB2hiiMgE9
XG+xBNpqJH0MpTgoH0zSwcdaw5z2E94MQ+stSDi2Ll19pmoTQHIDKcSdnT6Q/UPP
XUOK2ZWn3eP24w9F4Ao9
=Pohw
-----END PGP SIGNATURE-----

--
Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From turbo at bayour.com  Mon Aug  5 09:09:00 2013
From: turbo at bayour.com (Turbo Fredriksson)
Date: Mon, 5 Aug 2013 18:09:00 +0200
Subject: [zfs-discuss] Harddisk hacking - gain root in some bisare way
Message-ID: <mailman.4402.1575949049.62801.testlist@lists.cpunks.org>

Just came across this, thought I'd share...

http://spritesmods.com/?art=hddhack
-- 
Turbo Fredriksson
turbo at bayour.com


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From saftergood at fas.org  Tue Aug  6 06:48:11 2013
From: saftergood at fas.org (Steven Aftergood)
Date: Tue, 06 Aug 2013 06:48:11 -0700
Subject: Secrecy News -- 08/06/13
Message-ID: <mailman.4403.1575949049.62801.testlist@lists.cpunks.org>

Format Note:  If you cannot easily read the text below, or you prefer to
receive Secrecy News in another format, please reply to this email to let
us know.

SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2013, Issue No. 72
August 6, 2013

Secrecy News Blog:  http://blogs.fas.org/secrecy/


**     MILITARY TESTS DATA MINING OF SOCIAL MEDIA FOR SPECIAL OPS
**     U.S. TRADE POLICY, AND MORE FROM CRS


MILITARY TESTS DATA MINING OF SOCIAL MEDIA FOR SPECIAL OPS

The U.S. military has been investigating the use of sophisticated data
mining tools to probe social media and other open sources in order to
support military operations against money laundering, drug trafficking,
terrorism and other threats.  But the window for doing so may be closing as
the social media landscape changes, according to an internal assessment.

U.S. Special Operations Command (SOCOM) National Capital Region (NCR)
conducted a series of experiments over the past year under the rubric
"QUANTUM LEAP" that was intended to test "non-traditional" tools and
techniques to advance the SOCOM mission.

An after-action report on the first experiment said it "was successful in
identifying strategies and techniques for exploiting open sources of
information, particularly social media, in support of a counter threat
finance mission."  Counter threat finance refers to efforts to disrupt an
adversary's finances.  A copy of the SOCOM NCR report was obtained by
Secrecy News.  See "Project QUANTUM LEAP: After Action Report," 12
September 2012:

	http://www.fas.org/irp/eprint/quantum.pdf

"Major lessons learned were the pronounced utility of social media in
exploiting human networks, including networks in which individual members
actively seek to limit their exposure to the internet and social media...,"
the report said.

The QUANTUM LEAP project, which did not utilize classified intelligence,
relied heavily on participation by private sector firms identified in the
report, who demonstrated tools they had developed "to enhance the ability
to discover relationships, human networks, and geospatial features" from
open source data.

A tool called Social Bubble permitted the search of Twitter-related
content "to explore human networks associated with the [counter threat
finance] scenario and enabled identification of various entities...
associated with the moneylaundering network."  A tool called Recon was used
to reconstruct source documents from a raw data stream.  Another tool
served to "collect large quantities of data from the 'deep web', or sources
which are accessible via the internet but not necessarily indexed or linked
via a world wide web page."  And another called Semantica "is capable of
ingesting structured and semi-structured data and displaying it in a
'triplet' format, e.g. two entities and a relationship, such as [A is owned
by B]."

"More than 200 additional open-source tools and sources were identified
relevant to counter threat finance," the SOCOM report said.

The report said that as valuable as the opportunity created by new
techniques for data mining of open sources appears to be, it may prove to
be transient.

"We are currently in a 'window' of opportunity for exploitation of social
media sources for application to CTF [counter threat finance] or other
SOCOM NCR missions. This window could be as narrow as 18-24 months before
the social media phenomenon transforms. This future transformation is
unknown and could offer additional opportunities, or existing opportunities
could be closed, but the only thing that is certain is that there will
continue to be rapid change."

There are also unresolved legal issues.

"Legal review of the appropriate use and application of social media data
is in its infancy. Social media is transforming notions of privacy and
distinctions between personally identifiable information (PII) and
self-reported public information will have to be established by precedent
in case law," the report said.

"Almost all information relevant to the QUANTUM LEAP experiment has a
locative context [revealing the location of the source]. Location based
services (LBS) are becoming integrated into every facet of our lives and
are becoming much more accepted. There is a cultural/generational component
to acceptance of LBS in social media," the report said.

SOCOM Public Affairs did not respond to requests for comment or further
information about the project, and the report describing the effort
(labeled "draft") has not been formally released.  However, the report was
kept unclassified, facilitating its dissemination and discussion among the
interested public.

Meanwhile, the future of SOCOM National Capital Region is itself
uncertain, as Congress has thus far declined to authorize or appropriate
funds that were requested for it in the coming fiscal year.

"The Committee remains unclear about the function, purpose, and costs
associated with the operations, infrastructure, and facilities for this
entity [SOCOM National Capital Region] both in the interim phase and the
final end-state," according to a June 2013 report of the House
Appropriations Committee. "Further, the Committee has received conflicting
information over the course of the last year as to the purpose of this
entity."

Project QUANTUM LEAP derives its name and inspiration from an initiative
in the late 1990s to incorporate advanced technologies into Naval Special
Warfare capabilities.  That earlier Project QUANTUM LEAP was described in
"Stimulating Innovation in Naval Special Warfare by Utilizing Small Working
Groups" by Thomas A. Rainville, Master's Thesis, March 2001.

	http://www.fas.org/irp/eprint/rainville.pdf


U.S. TRADE POLICY, AND MORE FROM CRS

New and newly updated Congressional Research Service reports that Congress
has withheld from online public distribution include the following.

Trade Promotion Authority (TPA) and the Role of Congress in Trade Policy,
August 2, 2013:

	http://www.fas.org/sgp/crs/misc/RL33743.pdf

Trade Adjustment Assistance (TAA) and Its Role in U.S. Trade Policy,
August 5, 2013:

	http://www.fas.org/sgp/crs/misc/R41922.pdf

Trade Adjustment Assistance for Firms: Economic, Program, and Policy
Issues, August 5, 2013:

	http://www.fas.org/sgp/crs/misc/RS20210.pdf

African Growth and Opportunity Act (AGOA): Background and Reauthorization,
August 2, 2013:

	http://www.fas.org/sgp/crs/row/R43173.pdf

International Crises and Disasters: U.S. Humanitarian Assistance Response
Mechanisms, August 1, 2013:

	http://www.fas.org/sgp/crs/row/RL33769.pdf

Chemical Facility Security: Issues and Options for the 113th Congress,
August 2, 2013:

	http://www.fas.org/sgp/crs/homesec/R42918.pdf

Health Care for Veterans: Answers to Frequently Asked Questions, August 1,
2013:

	http://www.fas.org/sgp/crs/misc/R42747.pdf

The MF Global Bankruptcy, Missing Customer Funds, and Proposals for
Reform, August 1, 2013:

	http://www.fas.org/sgp/crs/misc/R42091.pdf


_______________________________________________
Secrecy News is written by Steven Aftergood and published by the
Federation of American Scientists.

The Secrecy News Blog is at:
    http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
    http://blogs.fas.org/secrecy/subscribe/

To UNSUBSCRIBE, go to
    http://blogs.fas.org/secrecy/unsubscribe/

OR email your request to saftergood at fas.org

Secrecy News is archived at:
    http://www.fas.org/sgp/news/secrecy/index.html

Support the FAS Project on Government Secrecy with a donation:
    https://members.fas.org/donate

_______________________
Steven Aftergood
Project on Government Secrecy
Federation of American Scientists
web:    www.fas.org/sgp/index.html
email:  saftergood at fas.org
voice:  (202) 454-4691
twitter: @saftergood




----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From josh at vitriolix.com  Tue Aug  6 11:06:10 2013
From: josh at vitriolix.com (Josh Steiner)
Date: Tue, 6 Aug 2013 11:06:10 -0700
Subject: [guardian-dev] BREACH: SSL is pwnd
Message-ID: <mailman.4404.1575949049.62801.testlist@lists.cpunks.org>

in summary, you need to turn off gzip to mitigate this for now:

http://breachattack.com/

https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/

At last week's Black Hat conference, researchers announced the BREACH
attack<http://breachattack.com/>,
a new attack on web apps that can recover data even when secured with SSL
connections. The BREACH
paper<http://breachattack.com/resources/BREACH%20-%20SSL,%20gone%20in%2030%20seconds.pdf>
(PDF)
contains full details (and is a good and fairly easy read).

Given what we know so far, we believe that *BREACH may be used to
compromise Django's CSRF protection*. Thus, we're issuing this advisory so
that our users can defend themselves.

BREACH takes advantage of vulnerabilities when serving compressed data over
SSL/TLS. Thus, to protect yourself from BREACH, you should disable
compression of web responses. Depending on how your application is
deployed, this could take a couple forms:

   1. Disabling Django's GZip
middleware<https://docs.djangoproject.com/en/dev/ref/middleware/#module-django.middleware.gzip>
   .
   2. Disabling GZip compression in your web server's config. For example,
   if you're using Apache you'd want to disable
mod_deflate<http://httpd.apache.org/docs/2.2/mod/mod_deflate.html>;
   in nginx you'd disable the gzip module<http://wiki.nginx.org/HttpGzipModule>
   .

Additionally, you should make sure you disable TLS compression by adjusting
your server's SSL
ciphers<http://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/>
.

We plan to take steps to address BREACH in Django itself, but in the
meantime we recommend that all users of Django understand this
vulnerability and take action if appropriate.

Posted by *Jacob Kaplan-Moss* on August 6, 2013

_______________________________________________
Guardian-dev mailing list

Post: Guardian-dev at lists.mayfirst.org
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/eugen%40leitl.org

You are subscribed as: eugen at leitl.org


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Tue Aug  6 03:19:45 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 12:19:45 +0200
Subject: [zfs-discuss] Harddisk hacking - gain root in some bisare way
Message-ID: <20130806101945.GU29404@leitl.org>


Potentially useful attack vector. 

----- Forwarded message from Turbo Fredriksson <turbo at bayour.com> -----


From coderman at gmail.com  Tue Aug  6 12:55:43 2013
From: coderman at gmail.com (coderman)
Date: Tue, 6 Aug 2013 12:55:43 -0700
Subject: Cypherpunks
In-Reply-To: <51EDDA50.1010104@jpsecure.net>
References: <E1V091G-00023D-Ti@elasmtp-masked.atl.sa.earthlink.net>
 <20130719115513.GJ29404@leitl.org>
 <E1V09OT-0001Zu-I9@elasmtp-mealy.atl.sa.earthlink.net>
 <CAD2Ti28WY9aLsgwbKQ2KiX58hp6aRoY8nOoZwxbk5YnNVvy6SA@mail.gmail.com>
 <20130719193012.GB10434@jfet.org>
 <E1V0I8F-0006Wu-L7@elasmtp-masked.atl.sa.earthlink.net>
 <CAD2Ti29uSqFRi7ZuPGtNxkmRwWXasoDmUTe9WHhvuE6BWsq3wQ@mail.gmail.com>
 <20130720071720.GB32396@jfet.org>
 <E1V0VAY-0005v4-Ov@elasmtp-masked.atl.sa.earthlink.net>
 <CAD2Ti2-u+thKd_baufVkReviEaa+m5h+fM1TmiJbzKNgtFb1CQ@mail.gmail.com>
 <20130722020043.GB17337@jfet.org>
 <E1V1EVu-0000hu-82@elasmtp-spurfowl.atl.sa.earthlink.net>
 <51EDDA50.1010104@jpsecure.net>
Message-ID: <CAJVRA1Qks8NLbtDVWK7-YiDh4HQBerW79AvwTx=wssZFxyNsEg@mail.gmail.com>

I've encrypted it for you now.

-----BEGIN PGP MESSAGE-----

On Mon, Jul 22, 2013 at 6:20 PM, ilsa bartlett <ilsa at jpsecure.net> wrote:
> Thank You all...
> is this encrypted?  grin, ilsa

-----END PGP MESSAGE-----




From coderman at gmail.com  Tue Aug  6 13:00:13 2013
From: coderman at gmail.com (coderman)
Date: Tue, 6 Aug 2013 13:00:13 -0700
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <20130723123509.GA26566@jfet.org>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
Message-ID: <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>

On Tue, Jul 23, 2013 at 5:35 AM, Riad S. Wahby <rsw at jfet.org> wrote:
> ...
> Most vanilla CMOS processes don't have high quality JFETs available. On
> older nodes maybe you can get away with turning an N-well and a P+
> diffusion into a JFET, but that doesn't work very well in more modern
> processes because the N-wells have strongly retrograde doping, which
> makes it hard to pinch off the "bottom" of the channel. Of course, even
> at older nodes where it might be possible, the fabs don't bother
> characterizing it for you. Sure, you can characterize it yourself, but
> if the fab isn't supporting the device that implicitly means they're not
> monitoring the quality of that device with their PCM structures, so good
> luck with manufacturability long-term.
>
> JFETs are pretty easy to make in high quality bipolar processes because
> the base diffusion makes a decent JFET body. Doesn't add much/any cost
> to have them in this case. Of course, if you have a BiCMOS process, then
> you already have devices with high impedance gates, but for high
> performance analog design a JFET beats the hell out of a MOSFET, since
> the latter brings along with it a shitload of 1/f noise.
>
> One place I've recently seen JFETs is in really high voltage processes.
> Think like a mostly normal 0.18u CMOS process with a 600V (Vds) JFET
> available. Haven't actually worked in such a beast, but you can imagine
> that compared to MOSFETs, JFETs don't make such great power devices---
> who ever heard of a depletion-mode power switch?


this is the most informative and useful post ever made in the
al-qaeda.net discussion...  which happens to be the most ridiculous
discussion full of fear and weakness.

cypherpunks afraid of a domain name...  wtf




From kylem at xwell.org  Tue Aug  6 11:41:09 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Tue, 6 Aug 2013 13:41:09 -0500
Subject: Twitter details on 2FA
Message-ID: <CAESvgEqgDSmqBQiv--5ny6AvEZRHQFNVUas99NHwSnr-o3eMSQ@mail.gmail.com>

I kinda dig the level of detail in Twitter's blog post today on their
new 2FA system. Not really qualified to analyze said details, but
certainly they're not going for the obscurity approach.

https://blog.twitter.com/2013/login-verification-on-twitter-for-iphone-and-android

-- 
@kylemaxwell




From jya at pipeline.com  Tue Aug  6 10:48:22 2013
From: jya at pipeline.com (John Young)
Date: Tue, 06 Aug 2013 13:48:22 -0400
Subject: NSA 2013 Cryptologic History Symposium
Message-ID: <E1V6lMA-0002DS-D0@elasmtp-kukur.atl.sa.earthlink.net>

http://www.nsa.gov/about/cryptologic_heritage/center_crypt_history/news/index.shtml

The theme for the 2013 symposium, to be held on
October 17-18 at the Johns Hopkins Applied Physics
Laboratory's Kossiakoff Conference Center (just west
of Laurel, Maryland) is "Technological Change and
Cryptology: Meeting the Historical Challenges."

The conference will include sessions on "A Tribute to Alan
Turing," a "Roundtable on Cyber History," "Bletchley Park,"
"COMINT and the Civil War," "The Cryptologic Legacy of
the Great War Era," "SIGINT and the Vietnam War Era,"
and "A Technological Advantage: Historical Perspectives
on Cryptologic Research and Development."

In all there will be 21 separate sessions and over 70
presentations. Speakers will include scholars such as
David Kahn and cryptologic pioneers such as Whitfield
Diffie. All symposium sessions are unclassified.

A complete agenda and registration information will be
available on this site in mid-August.

For more information, please contact the Center for Cryptologic
History at 301-688-2336 or via email at 
<mailto:history at nsa.gov>history at nsa.gov.





From lee at guardianproject.info  Tue Aug  6 10:49:13 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Tue, 6 Aug 2013 13:49:13 -0400
Subject: [zfs-discuss] Harddisk hacking - gain root in some bisare way
In-Reply-To: <20130806101945.GU29404@leitl.org>
References: <20130806101945.GU29404@leitl.org>
Message-ID: <CAJq8BANDgjaM-1bmoy+SaJHrAW06P8bDD-8vyF-+u97rTHX4+g@mail.gmail.com>

Wow, this is poetic. Thanks for the reference.

On Tue, Aug 6, 2013 at 6:19 AM, Eugen Leitl <eugen at leitl.org> wrote:
>
> Potentially useful attack vector.
>
> ----- Forwarded message from Turbo Fredriksson <turbo at bayour.com> -----
>
> Date: Mon, 5 Aug 2013 18:09:00 +0200
> From: Turbo Fredriksson <turbo at bayour.com>
> To: zfs-discuss zfs-discuss <zfs-discuss at zfsonlinux.org>
> Subject: [zfs-discuss] Harddisk hacking - gain root in some bisare way
> X-Mailer: Apple Mail (2.1283)
> Reply-To: zfs-discuss at zfsonlinux.org
>
> Just came across this, thought I'd share...
>
> http://spritesmods.com/?art=hddhack
> --
> Turbo Fredriksson
> turbo at bayour.com
>
>
> ----- End forwarded message -----
> --
> Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> ______________________________________________________________
> ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
> AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From jason at crowdstrike.com  Tue Aug  6 12:12:33 2013
From: jason at crowdstrike.com (Jason Geffner)
Date: Tue, 6 Aug 2013 14:12:33 -0500
Subject: [tor-talk] Tortilla
Message-ID: <mailman.4405.1575949049.62801.testlist@lists.cpunks.org>

I'd like to announce the availability of Tortilla, a free open-source tool
that allows users to securely, anonymously, and transparently route all
TCP/IP and DNS traffic through Tor.

 

Though the Tor client natively supports transparent proxying on Linux-based
systems, Tortilla allows Tor users to use Windows for transparent proxying.
Unlike other similar solutions, Tortilla does not rely on API hooks (and as
such does not allow malware to circumvent the Tor tunnel) and does not
require extra hardware, a VPN, or an extra Tor gateway virtual machine.

 

The whitepaper for Tortilla which describes the design goals, architecture,
and usage instructions is available at
https://media.blackhat.com/us-13/US-13-Geffner-Tor...-All-The-Things-WP.pdf

The source code is available at https://github.com/CrowdStrike/Tortilla

A pre-built distribution (compatible with 32-bit and 64-bit versions of
Windows XP through Windows 8) is available at
http://www.crowdstrike.com/community-tools

 

Tortilla is still in beta, but I'd be pleased to answer any questions you
may have about it.

 

Please note that Tortilla is produced independently from the Tor(r)
anonymity software and carries no guarantee from The Tor Project about
quality, suitability or anything else.

 

Sincerely,

Jason Geffner

Sr. Security Researcher, CrowdStrike

-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From gmaxwell at gmail.com  Tue Aug  6 15:39:29 2013
From: gmaxwell at gmail.com (Gregory Maxwell)
Date: Tue, 6 Aug 2013 15:39:29 -0700
Subject: [liberationtech] Tormail in trouble. Experts at Black Hat recommend Elliptic Curves: this is what PassLok 1.3 is based on.
Message-ID: <mailman.4406.1575949049.62801.testlist@lists.cpunks.org>

On Tue, Aug 6, 2013 at 3:20 PM, Francisco Ruiz <ruiz at iit.edu> wrote:
> Hi folks,
>
> Thank you very much for your great feedback on the previous version. The
> next version is now up at http://passlok.com, which redirects to
> https://passlok.site44.com
> This may come in handy now that there are problems with Tor, since PassLok
> allows you to go to any computer to do encrypted mail, because there is
> nothing to install. This is what PassLok was designed to do.
>
> The other unforeseen endorsement came from the recent Black Hat conference.
> Researchers Alex Stamos, Tom Ritter, Thomas Ptacek, and Javed Samuel
> encouraged everyone to base their public key cryptosystems on elliptic
> curves rather than RSA. Here's a link on this:
> http://arstechnica.com/security/2013/08/crytpo-experts-issue-a-call-to-arms-to-avert-the-cryptopocalypse/

Wait. You are using vague popular press FUD about RSA to promote a
website hosted JS encryption tool? Really?

Your code generates random values like this:

	sjcl.random.addEntropy([a.x || a.clientX || a.offsetX || 0, a.y ||
a.clientY || a.offsetY || 0], 2, "mouse")
	sjcl.random.addEntropy((new Date).valueOf(), 2, "loadtime")
try {
    var s = new Uint32Array(32);
    crypto.getRandomValues(s);
    sjcl.random.addEntropy(s, 1024, "crypto['getRandomValues']")
} catch (t) {}

Meaning that if it's used someplace where crypto.getRandomValues()
doesn't exist, it has only pure snake-oil-extract randomness.

Really????

If the randomness is poor, the nonce used in ECDSA will be predictable
and the private key will be recoverable.

This isn't to say I've audited any of it, I just grepped for a couple
likely mistakes. Part of the JS code has been whitespace compressed, I
consider it unauditable.

> up to a whopping
> 200,000 iterations for lousy keys. Since keys made in version 1.2 are no
> longer compatible, this prompts upping the version to 1.3.

So, not implemented in slow-as-dirt JS 200,000 iterations should take
a random desktop cpu about 100ms or so. This is hardly wopping. It's
not far from the minimum I'd start with, for all keys not just weak
ones.  Generally user provided keys are a security disaster and should
be avoided wherever it's possible, strengthening or no. Humans are
horrific entropy sources and really can't self assess how bad they
are.
--
Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Tue Aug  6 10:16:40 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 19:16:40 +0200
Subject: Secrecy News -- 08/06/13
Message-ID: <20130806171640.GA29404@leitl.org>

----- Forwarded message from Steven Aftergood <saftergood at fas.org> -----


From eugen at leitl.org  Tue Aug  6 11:07:47 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 20:07:47 +0200
Subject: [guardian-dev] BREACH: SSL is pwnd
Message-ID: <20130806180747.GD29404@leitl.org>

----- Forwarded message from Josh Steiner <josh at vitriolix.com> -----


From eugen at leitl.org  Tue Aug  6 11:11:52 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 20:11:52 +0200
Subject: [cryptography] fwd: Paillier Crypto
Message-ID: <20130806181152.GE29404@leitl.org>

----- Forwarded message from dan at geer.org -----


From eugen at leitl.org  Tue Aug  6 11:13:13 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 20:13:13 +0200
Subject: [liberationtech] CJDNS hype
Message-ID: <20130806181313.GF29404@leitl.org>

----- Forwarded message from Caleb James DeLisle <calebdelisle at lavabit.com> -----


From torpids at yahoo.com  Tue Aug  6 11:40:11 2013
From: torpids at yahoo.com (Tor Pids)
Date: Tue, 06 Aug 2013 20:40:11 +0200
Subject: [tor-relays] VPS Hardware Specification & Advice
Message-ID: <mailman.4407.1575949049.62801.testlist@lists.cpunks.org>

Hi,

i just saw this post on the web archive and felt I can contribute
something here so I finally registered. Maybe this reply will not be
correctly recognized to the thread, sorry.

The VPS specs you posted should be more than enough - but the price is
too expensive!

I currently run about 20 Tor relays on cheap VPS all around the world:
http://globe.rndm.de/#/search/query=torpids

Basically I just care for the bandwidth/included traffic when choosing
a VPS. 256MB RAM is enough, disk space doesn't matter at all. Tor
doesn't scale that well with CPU cores so 1 core is ok. For only 1 or
2 of my VPS the CPU is the bottleneck (at about 20-30MBit/s), but most
are fast enough. Most cheap VPS are based on the OpenVZ virtualization
which limits you to their old kernel and sometimes they limit the
number of tcp connections (see "cat /proc/user_beancounters"). KVM or
Xen virtualisation is better because you have more control on the VM.
Most VPS providers add up the incoming and outgoing bandwidth, meaning
that you might be able to just send about 500GB with your 1TB plan.

For example with a VPS from www.jiffybox.de for 15€ per month it is
possible to push more than 1TB PER DAY(!) (and not per month as with
the 18€ plan you mentioned). OVH just released a server for £2,99 per
month with unlimited 100MBit/s as well:
https://www.ovh.co.uk/dedicated_servers/kimsufi.xml
Other typical offers are like 10TB for 10$ or 20MBit/s unlimited for 3€.

Good places to find cheap VPS deals:
http://www.lowendbox.com/ and http://lowendtalk.com/categories/offers
http://www.wjunction.com/46-vps
http://www.webhostingtalk.com/forumdisplay.php?f=104

Best,
Torpids
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Tue Aug  6 11:49:55 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 20:49:55 +0200
Subject: [tor-relays] VPS Hardware Specification & Advice
Message-ID: <20130806184955.GH29404@leitl.org>

----- Forwarded message from Tor Pids <torpids at yahoo.com> -----


From eugen at leitl.org  Tue Aug  6 12:14:44 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 21:14:44 +0200
Subject: [tor-talk] Tortilla
Message-ID: <20130806191444.GJ29404@leitl.org>

----- Forwarded message from Jason Geffner <jason at crowdstrike.com> -----


From eugen at leitl.org  Tue Aug  6 12:57:09 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 6 Aug 2013 21:57:09 +0200
Subject: [tor-dev] Damian's Status Report - July 2013
Message-ID: <20130806195708.GO29404@leitl.org>

----- Forwarded message from Damian Johnson <atagar at torproject.org> -----


From tony.arcieri at gmail.com  Wed Aug  7 00:47:20 2013
From: tony.arcieri at gmail.com (Tony Arcieri)
Date: Wed, 7 Aug 2013 00:47:20 -0700
Subject: Former NSA Boss Calls Snowden's Supporters Internet Shut-ins; Equates
 Transparency Activists With Al-Qaeda
Message-ID: <CAHOTMVL9NaBsPJbz4xKY0yRco4ixT3tkqfQRk_O=wW0Ein9Jxw@mail.gmail.com>

Suddenly the al-qaeda.net domain is seeming more appropriate. Apparently
we're terrorists because we like Snowden!

https://www.techdirt.com/articles/20130806/12154724080/former-nsa-director-calls-snowdens-supporters-internet-shut-ins-equates-transparency-activists-with-al-qaida-terrorists.shtml

-- 
Tony Arcieri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 632 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130807/7980315c/attachment.txt>

From adam at cypherspace.org  Tue Aug  6 16:09:07 2013
From: adam at cypherspace.org (Adam Back)
Date: Wed, 7 Aug 2013 01:09:07 +0200
Subject: [cryptography] Paillier Crypto for homomorphic computation
In-Reply-To: <20130806181152.GE29404@leitl.org>
References: <20130806181152.GE29404@leitl.org>
Message-ID: <20130806230907.GA3203@netbook.cypherspace.org>

I dont get it.  Paillier is additively homomorphic only.  (And obviously by
implication multiplyable by non-encrypted constants.)

RSA is multiplicatively homomorphic.  And Elgamal additive.

Why is paillier proposed as "might scale homomorphic" the interesting
property is dual homomorphic crypto which Gentry and variants provide (but
at impractical computational and large space overhead huge).  Dual or fully
homomorphic is the interesting property because then you can do arbitrary
computations (using multiplication as single-bit AND and addition as
single-bit OR and building a CPU from gates - still expensive even if the
base algorithm was as efficient as Paillier/RSA/Elgamal but interesting).

Also why would they send the "encrypted numbers" to two peers and have them
do the encrypted computation?  The whole point is its zero-trust secure from
the point of view of the client - client encrypts, server does computations
on encrypted values, sends encrypted result back to client, client decrypts
- and you dont need to trust the server.  No need for threshold crypto,
having multiple peers do some kind of multi-party computation etc.

Adam

On Tue, Aug 06, 2013 at 08:11:52PM +0200, Eugen Leitl wrote:
>----- Forwarded message from dan at geer.org -----
>
>Date: Mon, 05 Aug 2013 14:43:28 -0400
>From: dan at geer.org
>To: cryptography at randombit.net
>Subject: [cryptography] fwd: Paillier Crypto
>
>
>> http://9ac345a5509a.github.io/p2p-paillier/
>>
>> This is a form of Homomorphic Encryption that might actually scale,
>> given the right cloud backend. It verges on the spookiness of
>> Quantum.
>>
>> Support logic that might shed light on the true performance of
>> Paillier.
>>
>> http://plaintext.crypto.lo.gy/article/658/encounter
>
>
>--dan
>
>_______________________________________________
>cryptography mailing list
>cryptography at randombit.net
>http://lists.randombit.net/mailman/listinfo/cryptography
>
>----- End forwarded message -----
>-- 
>Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
>______________________________________________________________
>ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
>AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From adam at cypherspace.org  Tue Aug  6 16:16:37 2013
From: adam at cypherspace.org (Adam Back)
Date: Wed, 7 Aug 2013 01:16:37 +0200
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
 <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
Message-ID: <20130806231637.GB3203@netbook.cypherspace.org>

Cypherpunks and privacy tech had enough on their plate post 9-11 without
inexplicably using an Al-Qaeda related domain name presumably chosen by
someone's amusement at being controversial.  Its not related to the list,
and it just invites spurious trouble.  Why not the ownder of the domain use
it as his personal address.  Heck he can use the user name osama@ the domain
if he wants.  I have to say I see no upside whatsoever to using that domain
name for a mailing list on any topic.

You only have to look at various court cases to see how everything gets
heavily misinterpreted and nothing spun into something to pause and see why
using such a domain name is a "bad idea" tm.

I appreciate the "fearless crypto coder" mentality, but focus on the crypto,
not inviting stupid fights with authoritarian systems over non-topics eh.

Adam

On Tue, Aug 06, 2013 at 01:00:13PM -0700, coderman wrote:
>On Tue, Jul 23, 2013 at 5:35 AM, Riad S. Wahby <rsw at jfet.org> wrote:
>> ...
>> Most vanilla CMOS processes don't have high quality JFETs available. On
>> older nodes maybe you can get away with turning an N-well and a P+
>> diffusion into a JFET, but that doesn't work very well in more modern
>> processes because the N-wells have strongly retrograde doping, which
>> makes it hard to pinch off the "bottom" of the channel. Of course, even
>> at older nodes where it might be possible, the fabs don't bother
>> characterizing it for you. Sure, you can characterize it yourself, but
>> if the fab isn't supporting the device that implicitly means they're not
>> monitoring the quality of that device with their PCM structures, so good
>> luck with manufacturability long-term.
>>
>> JFETs are pretty easy to make in high quality bipolar processes because
>> the base diffusion makes a decent JFET body. Doesn't add much/any cost
>> to have them in this case. Of course, if you have a BiCMOS process, then
>> you already have devices with high impedance gates, but for high
>> performance analog design a JFET beats the hell out of a MOSFET, since
>> the latter brings along with it a shitload of 1/f noise.
>>
>> One place I've recently seen JFETs is in really high voltage processes.
>> Think like a mostly normal 0.18u CMOS process with a 600V (Vds) JFET
>> available. Haven't actually worked in such a beast, but you can imagine
>> that compared to MOSFETs, JFETs don't make such great power devices---
>> who ever heard of a depletion-mode power switch?
>
>
>this is the most informative and useful post ever made in the
>al-qaeda.net discussion...  which happens to be the most ridiculous
>discussion full of fear and weakness.
>
>cypherpunks afraid of a domain name...  wtf




From arma at mit.edu  Wed Aug  7 00:05:35 2013
From: arma at mit.edu (Roger Dingledine)
Date: Wed, 7 Aug 2013 03:05:35 -0400
Subject: [liberationtech] Anonymity Smackdown: NSA vs. Tor
Message-ID: <mailman.4408.1575949049.62801.testlist@lists.cpunks.org>

On Tue, Aug 06, 2013 at 10:43:39PM -0500, Kyle Maxwell wrote:
> The key, obviously, is the primary assertion that the NSA runs "lots"
> of Tor nodes. I've seen this assertion before, and while it's
> certainly a reasonable assumption, I don't know if anybody outside the
> NSA actually has hard evidence for that.

I remember having this discussion with Bruce Schneier long ago, when
he was about to add the phrase "of *course* NSA runs Tor relays" to a
blog post.

Consider two scenarios. In scenario one, NSA doesn't run any Tor
relays, but they have done deals with AT&T and other networks to be
able to passively monitor those networks -- including the (honest,
well-intentioned) Tor relays that run on those networks. They're able to
monitor some fraction of the Tor network capacity -- whether that's 1%
or 10% or 30% is a fine question, and depends on both Internet topology
and also what deals they've done.

In scenario two, they do that plus also run some relays. They have to
deal with all the red tape of deploying and operating real-world things
on the Internet, and the risk that they'll do it wrong, somebody will
notice, etc. And the benefit is maybe a few percent increase in what
they can watch.

Why would they choose scenario two? Scenario one seems like it would be
working out pretty well for them. And if it's not, their resources would
be better spent fixing that, since it leads to better surveillance of
everything else they care about too.

See
https://lists.torproject.org/pipermail/tor-talk/2013-July/028851.html
for a related discussion.

Oh, and this argument should also lead you to ask "ok, but what
about <smaller country that hasn't yet been reported to have a huge
Internet surveillance program>? Shouldn't they run relays?" Maybe they
should. Maybe we should hope they all do, which could make the network
more diverse assuming they don't share well with each other.

> Assuming that assertion holds, the architectural criticisms start to
> matter more: 3 hops, 1024 bit RSA keys, etc.

Somebody should tell Robert about the recent (Tor 0.2.4.x) shift to much
stronger circuit handshakes and link encryption:
https://gitweb.torproject.org/tor.git/blob/refs/tags/tor-0.2.4.15-rc:/ChangeLog#l678
https://gitweb.torproject.org/tor.git/blob/refs/tags/tor-0.2.4.15-rc:/ChangeLog#l700

And for the "Multiple apps share the same underlying Tor egress" concern,
he should learn about the stream isolation features added in Tor 0.2.3.x:
https://gitweb.torproject.org/tor.git/blob/refs/tags/tor-0.2.4.15-rc:/ChangeLog#l3981

All of this said, I don't want anybody to conclude that Tor is
perfect. Many of the attacks from my 25c3 "security and anonymity
vulnerabilities in Tor" talk remain hard research questions:
https://media.torproject.org/video/

--Roger

--
Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From joss-cypherpunks at pseudonymity.net  Wed Aug  7 01:26:02 2013
From: joss-cypherpunks at pseudonymity.net (Joss Wright)
Date: Wed, 7 Aug 2013 09:26:02 +0100
Subject: [cryptography] Paillier Crypto for homomorphic computation
In-Reply-To: <20130806230907.GA3203@netbook.cypherspace.org>
References: <20130806181152.GE29404@leitl.org>
 <20130806230907.GA3203@netbook.cypherspace.org>
Message-ID: <20130807082602.GB6467@kafka.pseudonymity.local>

On Wed, Aug 07, 2013 at 01:09:07AM +0200, Adam Back wrote:
> I dont get it.  Paillier is additively homomorphic only.  (And obviously by
> implication multiplyable by non-encrypted constants.)

Minor point, but by raising one Paillier ciphertext to the power of
another you get multiplication without revealing the factor.

> 
> RSA is multiplicatively homomorphic.  And Elgamal additive.
> 
> Why is paillier proposed as "might scale homomorphic" the interesting
> property is dual homomorphic crypto which Gentry and variants provide (but
> at impractical computational and large space overhead huge).  Dual or fully
> homomorphic is the interesting property because then you can do arbitrary
> computations (using multiplication as single-bit AND and addition as
> single-bit OR and building a CPU from gates - still expensive even if the
> base algorithm was as efficient as Paillier/RSA/Elgamal but interesting).
> 
> Also why would they send the "encrypted numbers" to two peers and have them
> do the encrypted computation?  The whole point is its zero-trust secure from
> the point of view of the client - client encrypts, server does computations
> on encrypted values, sends encrypted result back to client, client decrypts
> - and you dont need to trust the server.  No need for threshold crypto,
> having multiple peers do some kind of multi-party computation etc.
> 
> Adam
> 
> On Tue, Aug 06, 2013 at 08:11:52PM +0200, Eugen Leitl wrote:
> >----- Forwarded message from dan at geer.org -----
> >
> >Date: Mon, 05 Aug 2013 14:43:28 -0400
> >From: dan at geer.org
> >To: cryptography at randombit.net
> >Subject: [cryptography] fwd: Paillier Crypto
> >
> >
> >>http://9ac345a5509a.github.io/p2p-paillier/
> >>
> >>This is a form of Homomorphic Encryption that might actually scale,
> >>given the right cloud backend. It verges on the spookiness of
> >>Quantum.
> >>
> >>Support logic that might shed light on the true performance of
> >>Paillier.
> >>
> >>http://plaintext.crypto.lo.gy/article/658/encounter
> >
> >
> >--dan
> >
> >_______________________________________________
> >cryptography mailing list
> >cryptography at randombit.net
> >http://lists.randombit.net/mailman/listinfo/cryptography
> >
> >----- End forwarded message -----
> >-- 
> >Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> >______________________________________________________________
> >ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
> >AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

-- 
Joss Wright | @JossWright
http://www.pseudonymity.net




From coderman at gmail.com  Wed Aug  7 10:02:11 2013
From: coderman at gmail.com (coderman)
Date: Wed, 7 Aug 2013 10:02:11 -0700
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <20130806231637.GB3203@netbook.cypherspace.org>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
 <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
 <20130806231637.GB3203@netbook.cypherspace.org>
Message-ID: <CAJVRA1QTiTfFsU14dR1djB_FtbT=J2ngCRhvt3epkKTxghhUng@mail.gmail.com>

On Tue, Aug 6, 2013 at 4:16 PM, Adam Back <adam at cypherspace.org> wrote:
> [...] "Its not related to the list,"

it is related to the list in the sense of embracing epithets and
culling the useless.

you've provided this reasoning in measured fashion and various tone
repeatedly; believe me when i say i understand exactly what you are
concerned about and why you consider this unreasonable.

let me be equally clear: cryptography, privacy, and anonymity
discussions under any name and forum are appropriate. to censor the
medium or message out of fear of misunderstanding is akin to never
exercising rights and liberties for fear they may cause scrutiny and
disapproval.

if this is you: so concerned about unwanted attention, that you'll
always consent to a search of your person without resistance, that
you'll always hand over keys to your system or provide access to your
devices and equipment upon mere request, perhaps when crossing
borders, just so you avoid "trouble".

if this is you: what the fuck are you doing on a cypherpunks list?

cypherpunks write code, especially privacy and anonymity code, which
is a much more contentious endeavor than what you are cowed by.  this
is an impasse, where we agree to disagree.


P.S. if you do operate from a truly backward and hostile domain where
such a keyword alone is grounds for harassment then you're likely
already sub'd via remailers and proxies and multi-hops oh my...




From joss-cypherpunks at pseudonymity.net  Wed Aug  7 02:08:07 2013
From: joss-cypherpunks at pseudonymity.net (Joss Wright)
Date: Wed, 7 Aug 2013 10:08:07 +0100
Subject: [cryptography] Paillier Crypto for homomorphic computation
In-Reply-To: <20130807082602.GB6467@kafka.pseudonymity.local>
References: <20130806181152.GE29404@leitl.org>
 <20130806230907.GA3203@netbook.cypherspace.org>
 <20130807082602.GB6467@kafka.pseudonymity.local>
Message-ID: <20130807090807.GD6467@kafka.pseudonymity.local>

On Wed, Aug 07, 2013 at 09:26:02AM +0100, Joss Wright wrote:
> On Wed, Aug 07, 2013 at 01:09:07AM +0200, Adam Back wrote:
> > I dont get it.  Paillier is additively homomorphic only.  (And
> > obviously by implication multiplyable by non-encrypted constants.)
> 
> Minor point, but by raising one Paillier ciphertext to the power of
> another you get multiplication without revealing the factor.

Sorry, I misremembered the homomorphic properties of Paillier. This
isn't true.

> 
> > 
> > RSA is multiplicatively homomorphic.  And Elgamal additive.
> > 
> > Why is paillier proposed as "might scale homomorphic" the
> > interesting property is dual homomorphic crypto which Gentry and
> > variants provide (but at impractical computational and large space
> > overhead huge).  Dual or fully homomorphic is the interesting
> > property because then you can do arbitrary computations (using
> > multiplication as single-bit AND and addition as single-bit OR and
> > building a CPU from gates - still expensive even if the base
> > algorithm was as efficient as Paillier/RSA/Elgamal but interesting).
> > 
> > Also why would they send the "encrypted numbers" to two peers and
> > have them do the encrypted computation?  The whole point is its
> > zero-trust secure from the point of view of the client - client
> > encrypts, server does computations on encrypted values, sends
> > encrypted result back to client, client decrypts - and you dont need
> > to trust the server.  No need for threshold crypto, having multiple
> > peers do some kind of multi-party computation etc.
> > 
> > Adam
> > 
> > On Tue, Aug 06, 2013 at 08:11:52PM +0200, Eugen Leitl wrote:
> > >----- Forwarded message from dan at geer.org -----
> > >
> > >Date: Mon, 05 Aug 2013 14:43:28 -0400 From: dan at geer.org To:
> > >cryptography at randombit.net Subject: [cryptography] fwd: Paillier
> > >Crypto
> > >
> > >
> > >>http://9ac345a5509a.github.io/p2p-paillier/
> > >>
> > >>This is a form of Homomorphic Encryption that might actually
> > >>scale, given the right cloud backend. It verges on the spookiness
> > >>of Quantum.
> > >>
> > >>Support logic that might shed light on the true performance of
> > >>Paillier.
> > >>
> > >>http://plaintext.crypto.lo.gy/article/658/encounter
> > >
> > >
> > >--dan
> > >
> > >_______________________________________________ cryptography
> > >mailing list cryptography at randombit.net
> > >http://lists.randombit.net/mailman/listinfo/cryptography
> > >
> > >----- End forwarded message ----- -- Eugen* Leitl <a
> > >href="http://leitl.org">leitl</a> http://leitl.org
> > >______________________________________________________________
> > >ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
> > >AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
> 
> -- Joss Wright | @JossWright http://www.pseudonymity.net

-- 
Joss Wright | @JossWright
http://www.pseudonymity.net




From eugen at leitl.org  Wed Aug  7 01:18:12 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 7 Aug 2013 10:18:12 +0200
Subject: [liberationtech] Anonymity Smackdown: NSA vs. Tor
Message-ID: <20130807081812.GV29404@leitl.org>

----- Forwarded message from Roger Dingledine <arma at mit.edu> -----


From eugen at leitl.org  Wed Aug  7 01:52:01 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 7 Aug 2013 10:52:01 +0200
Subject: [liberationtech] Tormail in trouble. Experts at Black Hat
 recommend Elliptic Curves: this is what PassLok 1.3 is based on.
Message-ID: <20130807085201.GY29404@leitl.org>

----- Forwarded message from Gregory Maxwell <gmaxwell at gmail.com> -----


From adam at cypherspace.org  Wed Aug  7 02:05:42 2013
From: adam at cypherspace.org (Adam Back)
Date: Wed, 7 Aug 2013 11:05:42 +0200
Subject: [cryptography] Paillier Crypto for homomorphic computation
In-Reply-To: <20130807082602.GB6467@kafka.pseudonymity.local>
References: <20130806181152.GE29404@leitl.org>
 <20130806230907.GA3203@netbook.cypherspace.org>
 <20130807082602.GB6467@kafka.pseudonymity.local>
Message-ID: <20130807090542.GA11713@netbook.cypherspace.org>

No recall that the simplified paillier is c=g^m*r^n mod n^2 so
multiplication gives addition:

g^a*r1^n * g^b*r2^n = g^{a+b}*(r1*r2)^n

ie multiplication of ciphertexts gives you homomorphic addition of
plaintexts.

but g^a*r1^n ^ (g^b*r2^n) != g^{a*b}*r3^n

(the core part is g^a ^ (g^b) = g^{a*g^b} != g^{a*b}).

what does work is as I said raising to the power of a constant eg k:

(g^m*r^n)^k = g^{k*m}*(r^k)^n so you can still decrypt and the 
operation is multiply by constant k).

Adam

On Wed, Aug 07, 2013 at 09:26:02AM +0100, Joss Wright wrote:
>On Wed, Aug 07, 2013 at 01:09:07AM +0200, Adam Back wrote:
>> I dont get it.  Paillier is additively homomorphic only.  (And obviously by
>> implication multiplyable by non-encrypted constants.)
>
>Minor point, but by raising one Paillier ciphertext to the power of
>another you get multiplication without revealing the factor.
>
>>
>> RSA is multiplicatively homomorphic.  And Elgamal additive.
>>
>> Why is paillier proposed as "might scale homomorphic" the interesting
>> property is dual homomorphic crypto which Gentry and variants provide (but
>> at impractical computational and large space overhead huge).  Dual or fully
>> homomorphic is the interesting property because then you can do arbitrary
>> computations (using multiplication as single-bit AND and addition as
>> single-bit OR and building a CPU from gates - still expensive even if the
>> base algorithm was as efficient as Paillier/RSA/Elgamal but interesting).
>>
>> Also why would they send the "encrypted numbers" to two peers and have them
>> do the encrypted computation?  The whole point is its zero-trust secure from
>> the point of view of the client - client encrypts, server does computations
>> on encrypted values, sends encrypted result back to client, client decrypts
>> - and you dont need to trust the server.  No need for threshold crypto,
>> having multiple peers do some kind of multi-party computation etc.
>>
>> Adam
>>
>> On Tue, Aug 06, 2013 at 08:11:52PM +0200, Eugen Leitl wrote:
>> >----- Forwarded message from dan at geer.org -----
>> >
>> >Date: Mon, 05 Aug 2013 14:43:28 -0400
>> >From: dan at geer.org
>> >To: cryptography at randombit.net
>> >Subject: [cryptography] fwd: Paillier Crypto
>> >
>> >
>> >>http://9ac345a5509a.github.io/p2p-paillier/
>> >>
>> >>This is a form of Homomorphic Encryption that might actually scale,
>> >>given the right cloud backend. It verges on the spookiness of
>> >>Quantum.
>> >>
>> >>Support logic that might shed light on the true performance of
>> >>Paillier.
>> >>
>> >>http://plaintext.crypto.lo.gy/article/658/encounter
>> >
>> >
>> >--dan
>> >
>> >_______________________________________________
>> >cryptography mailing list
>> >cryptography at randombit.net
>> >http://lists.randombit.net/mailman/listinfo/cryptography
>> >
>> >----- End forwarded message -----
>> >--
>> >Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
>> >______________________________________________________________
>> >ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
>> >AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
>
>-- 
>Joss Wright | @JossWright
>http://www.pseudonymity.net




From coderman at gmail.com  Wed Aug  7 20:35:13 2013
From: coderman at gmail.com (coderman)
Date: Wed, 7 Aug 2013 20:35:13 -0700
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <20130808002032.GA17802@netbook.cypherspace.org>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
 <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
 <20130806231637.GB3203@netbook.cypherspace.org>
 <CAJVRA1QTiTfFsU14dR1djB_FtbT=J2ngCRhvt3epkKTxghhUng@mail.gmail.com>
 <20130808002032.GA17802@netbook.cypherspace.org>
Message-ID: <CAJVRA1SUTOmfW_bGo5vZcHBDTpifs4Vz49D5+4S_A416N=Kwgw@mail.gmail.com>

On Wed, Aug 7, 2013 at 5:20 PM, Adam Back <adam at cypherspace.org> wrote:
> ... which would you rather fight: defense of spurious
> attention arising from a stupid domain name, or I dunno operating a
> remailer, a tor exit node, a hidden tor server.

why the false dichotomy? do them both!


> ...  If he
> was prominently using al-qaeda.net you can be sure they'd have spun that
> into the story.

i also hear he was also a ginger lacking a soul...



> There is some history also - recall Jim Bell, he got in some fight over
> taxes or something stupid,... it
> was a political discussion which he thought had some merit vs a losers game
> of tax protestation ending in jail time, anyone can see thats never going to
> work out.

are you stating that "So, say goodnight to Joshua ..." in the context
of a perceived threat against an individuals family is on the same
level of offense as a domain name? really?



> I wouldnt be so sure that using stupid domain names is entirely safe in the
> US, europe etc.  IMO the US is past its peak in terms of a place of freedom
> and others have overtaken it.

all the more reason to resist self censorship and cowardice!



> Not sure how you recover freedoms from a panopticon state with a one dollar
> one vote and a 100 billion dollar+ military-spy-industrial complex and a
> significantly biased politicial- judicial system.

now _this_ is a discussion worthy of the list. and there are lots of ideas :P



> You care about crypto deployment, so
> I dont see the logic in picking the most stupid, unrelated and controversial
> domain name you can think of hitting as many peoples distaste as you can and
> use that?

"embracing epithets and culling the useless."



>  wtf back at you :)

i am indefensible and unreasonable; let's keep me out of this!



> I guess we should go write some code!

agreed;
  on that note a few resources and projects to make this tirade not
entirely useless:


"Selected Papers in Anonymity"
http://freehaven.net/anonbib/author.html
 [why does this not have an HTTPS URL?]

"Bibliography - GNU's Framework for Secure Peer-to-Peer Networking"
https://gnunet.org/bibliography?s=author&o=asc

"pentest-bookmarks"
https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList

"Project Byzantium"
http://project-byzantium.org/faqs/
 [why does this not have an HTTPS URL?]

"Dust: A Censorship-Resistant Internet Transport Protocol"
https://github.com/blanu/Dust

"The Anykernel and Rump Kernels"
https://www.netbsd.org/docs/rump/




From adam at cypherspace.org  Wed Aug  7 17:20:32 2013
From: adam at cypherspace.org (Adam Back)
Date: Thu, 8 Aug 2013 02:20:32 +0200
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <CAJVRA1QTiTfFsU14dR1djB_FtbT=J2ngCRhvt3epkKTxghhUng@mail.gmail.com>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
 <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
 <20130806231637.GB3203@netbook.cypherspace.org>
 <CAJVRA1QTiTfFsU14dR1djB_FtbT=J2ngCRhvt3epkKTxghhUng@mail.gmail.com>
Message-ID: <20130808002032.GA17802@netbook.cypherspace.org>

OK let me put it this way, given each person only has so many hours in the
day, or so much energy and resources for politically-fighting or
write-code-fighting things which would you rather fight: defense of spurious
attention arising from a stupid domain name, or I dunno operating a
remailer, a tor exit node, a hidden tor server.

Apparently operating a hidden tor server as a service is pretty high risk as
the guy in Ireland is finding.  You can see in that they are trying to pin
the content on him, as if he authored it, whereas I am presuming he is no
more responsible for the content than a hosting company or youtube.  If he
was prominently using al-qaeda.net you can be sure they'd have spun that
into the story.

There is some history also - recall Jim Bell, he got in some fight over
taxes or something stupid, that took him out of the picture for a while.  I
wasnt really sold on his assassination politics idea anyway (gotta be a way
to vote someone out of office without assasinating them!), but at least it
was a political discussion which he thought had some merit vs a losers game
of tax protestation ending in jail time, anyone can see thats never going to
work out.

I wouldnt be so sure that using stupid domain names is entirely safe in the
US, europe etc.  IMO the US is past its peak in terms of a place of freedom
and others have overtaken it.  It doesnt seem likely the US will recover its
ranking, seems to be falling year on year.  Probably China itself will
overtake US economically, politically and for freedoms within 50-100 years. 
Not sure how you recover freedoms from a panopticon state with a one dollar
one vote and a 100 billion dollar+ military-spy-industrial complex and a
significantly biased politicial- judicial system.  If you watch RT which
airs a lot of the snowden thing, the stuff the USG is saying about snowden
is just ludicrous.  Pressuring european countries to deny overflight to a
presidents plane is an alarming breach of international law and shows how
far the US rogue state influence goes in seemingly other countries willing
to go along with its actions.

Also why would you even want to do it?  You care about crypto deployment, so
I dont see the logic in picking the most stupid, unrelated and controversial
domain name you can think of hitting as many peoples distaste as you can and
use that?  wtf back at you :)  cypherpunks at child-porn-r-us.com?  what next.

I guess we should go write some code!

Adam

On Wed, Aug 07, 2013 at 10:02:11AM -0700, coderman wrote:
>On Tue, Aug 6, 2013 at 4:16 PM, Adam Back <adam at cypherspace.org> wrote:
>> [...] "Its not related to the list,"
>
>it is related to the list in the sense of embracing epithets and
>culling the useless.
>
>you've provided this reasoning in measured fashion and various tone
>repeatedly; believe me when i say i understand exactly what you are
>concerned about and why you consider this unreasonable.
>
>let me be equally clear: cryptography, privacy, and anonymity
>discussions under any name and forum are appropriate. to censor the
>medium or message out of fear of misunderstanding is akin to never
>exercising rights and liberties for fear they may cause scrutiny and
>disapproval.




From wrightalexw at gmail.com  Thu Aug  8 03:07:07 2013
From: wrightalexw at gmail.com (alex wright)
Date: Thu, 8 Aug 2013 06:07:07 -0400
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <CAJVRA1SUTOmfW_bGo5vZcHBDTpifs4Vz49D5+4S_A416N=Kwgw@mail.gmail.com>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
 <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
 <20130806231637.GB3203@netbook.cypherspace.org>
 <CAJVRA1QTiTfFsU14dR1djB_FtbT=J2ngCRhvt3epkKTxghhUng@mail.gmail.com>
 <20130808002032.GA17802@netbook.cypherspace.org>
 <CAJVRA1SUTOmfW_bGo5vZcHBDTpifs4Vz49D5+4S_A416N=Kwgw@mail.gmail.com>
Message-ID: <CAJpBq5NosQyDP2uSi5wS5K9NQuA1Fj6Oppb4nmGC4Q3w2vV_Gw@mail.gmail.com>

Accept anyone's right to say (or register) as they please but reserve
the right to think it's dumb.

On 8/7/13, coderman <coderman at gmail.com> wrote:
> On Wed, Aug 7, 2013 at 5:20 PM, Adam Back <adam at cypherspace.org> wrote:
>> ... which would you rather fight: defense of spurious
>> attention arising from a stupid domain name, or I dunno operating a
>> remailer, a tor exit node, a hidden tor server.
>
> why the false dichotomy? do them both!
>
>
>> ...  If he
>> was prominently using al-qaeda.net you can be sure they'd have spun that
>> into the story.
>
> i also hear he was also a ginger lacking a soul...
>
>
>
>> There is some history also - recall Jim Bell, he got in some fight over
>> taxes or something stupid,... it
>> was a political discussion which he thought had some merit vs a losers
>> game
>> of tax protestation ending in jail time, anyone can see thats never going
>> to
>> work out.
>
> are you stating that "So, say goodnight to Joshua ..." in the context
> of a perceived threat against an individuals family is on the same
> level of offense as a domain name? really?
>
>
>
>> I wouldnt be so sure that using stupid domain names is entirely safe in
>> the
>> US, europe etc.  IMO the US is past its peak in terms of a place of
>> freedom
>> and others have overtaken it.
>
> all the more reason to resist self censorship and cowardice!
>
>
>
>> Not sure how you recover freedoms from a panopticon state with a one
>> dollar
>> one vote and a 100 billion dollar+ military-spy-industrial complex and a
>> significantly biased politicial- judicial system.
>
> now _this_ is a discussion worthy of the list. and there are lots of ideas
> :P
>
>
>
>> You care about crypto deployment, so
>> I dont see the logic in picking the most stupid, unrelated and
>> controversial
>> domain name you can think of hitting as many peoples distaste as you can
>> and
>> use that?
>
> "embracing epithets and culling the useless."
>
>
>
>>  wtf back at you :)
>
> i am indefensible and unreasonable; let's keep me out of this!
>
>
>
>> I guess we should go write some code!
>
> agreed;
>   on that note a few resources and projects to make this tirade not
> entirely useless:
>
>
> "Selected Papers in Anonymity"
> http://freehaven.net/anonbib/author.html
>  [why does this not have an HTTPS URL?]
>
> "Bibliography - GNU's Framework for Secure Peer-to-Peer Networking"
> https://gnunet.org/bibliography?s=author&o=asc
>
> "pentest-bookmarks"
> https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
>
> "Project Byzantium"
> http://project-byzantium.org/faqs/
>  [why does this not have an HTTPS URL?]
>
> "Dust: A Censorship-Resistant Internet Transport Protocol"
> https://github.com/blanu/Dust
>
> "The Anykernel and Rump Kernels"
> https://www.netbsd.org/docs/rump/
>


-- 
"On two occasions I have been asked, 'Pray, Mr. Babbage, if you put into the
machine wrong figures, will the right answers come out?' I am not able
rightly
to apprehend the kind of confusion of ideas that could provoke such a
question."

-Charles Babbage, 19th century English mathematician, philosopher, inventor
and mechanical engineer who originated the concept of a programmable
computer.




From cipher at jim.com  Wed Aug  7 20:27:49 2013
From: cipher at jim.com (James A. Donald)
Date: Thu, 08 Aug 2013 13:27:49 +1000
Subject: [cryptography] a Cypherpunks comeback
In-Reply-To: <20130808002032.GA17802@netbook.cypherspace.org>
References: <20130721090726.GY29404@leitl.org>
 <20130722074114.GA22908@netbook.cypherspace.org>
 <CAD2Ti28L-8QOd8XwbWMtrm6O1tqUPE4A2dQC18-+MjWeF2tTTQ@mail.gmail.com>
 <20130723050147.BC32CDA16@a-pb-sasl-quonix.pobox.com>
 <20130723123509.GA26566@jfet.org>
 <CAJVRA1T=Dvf6HeApvQ3kJye=9OBpNdPOYB3VbSAUnSAQAyGWUQ@mail.gmail.com>
 <20130806231637.GB3203@netbook.cypherspace.org>
 <CAJVRA1QTiTfFsU14dR1djB_FtbT=J2ngCRhvt3epkKTxghhUng@mail.gmail.com>
 <20130808002032.GA17802@netbook.cypherspace.org>
Message-ID: <52031035.1000400@jim.com>

On 2013-08-08 10:20 AM, Adam Back wrote:
>
> I wouldnt be so sure that using stupid domain names is entirely safe 
> in the
> US, europe etc.  IMO the US is past its peak in terms of a place of 
> freedom
> and others have overtaken it.  It doesnt seem likely the US will 
> recover its
> ranking, seems to be falling year on year.  Probably China itself will
> overtake US economically, politically and for freedoms within 50-100 
> years. 

If you want to discuss western politics, you are already safer in 
China.  Chinese politics, not so much.

There is a noticeable tendency for neoreactionary blogs to be hosted on 
servers outside the US and Europe.




From kylem at xwell.org  Thu Aug  8 12:45:15 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Thu, 8 Aug 2013 14:45:15 -0500
Subject: Lavabit down ...
In-Reply-To: <5203F1D2.3070105@openmail.cc>
References: <51F8427E.1070206@lavabit.com> <51F852C8.3070304@lavabit.com>
 <51F87A7C.70204@headstrong.de> <5203F1D2.3070105@openmail.cc>
Message-ID: <CAESvgErL2Y1TzkSDzt2rSQWM0=o-89hsjhKEo44ACOfxaEL+8g@mail.gmail.com>

Likely related to Snowden:
http://boingboing.net/2013/07/12/so-apparently-edward-snowden.html

On Thu, Aug 8, 2013 at 2:30 PM, Trigger Happy <triggerhappy at openmail.cc> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> what I saw today lavabit.com
>
> My Fellow Users,
>
> I have been forced to make a difficult decision: to become complicit
> in crimes against the American people or walk away from nearly ten
> years of hard work by shutting down Lavabit. After significant soul
> searching, I have decided to suspend operations. I wish that I could
> legally share with you the events that led to my decision. I cannot. I
> feel you deserve to know what’s going on--the first amendment is
> supposed to guarantee me the freedom to speak out in situations like
> this. Unfortunately, Congress has passed laws that say otherwise. As
> things currently stand, I cannot share my experiences over the last
> six weeks, even though I have twice made the appropriate requests.
>
> What’s going to happen now? We’ve already started preparing the
> paperwork needed to continue to fight for the Constitution in the
> Fourth Circuit Court of Appeals. A favorable decision would allow me
> resurrect Lavabit as an American company.
>
> This experience has taught me one very important lesson: without
> congressional action or a strong judicial precedent, I would
> _strongly_ recommend against anyone trusting their private data to a
> company with physical ties to the United States.
>
> Sincerely,
> Ladar Levison
> Owner and Operator, Lavabit LLC
>
>
> - --
> Trigger Happy
> jabber: triggerhappy at jabber.ccc.de
> otr: 85e6d794bbf77f6defd7e6648a6e48ebba6f0ffd
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJSA/HMAAoJEEtm9wC9fGLFxDkP/RQiZyIXv3sXHgYoocGEv+w3
> K4P+z5o1t7RVJBuSSu3AOwqBvKVZczgJsUJ2u/TT96KAGw/9zflCIqrsFDFHOA1T
> g2LdZ2qs8jxYEs9DWCNBSOmK964LmRpsJoyncwoXS0BYGD8eM0bN7v8HuR69GNbG
> IAMnI7WRiiQQnX8wpO0VIA0/V50pgIsFbZJt6swK2emuGRBzDgVedWNPTGpbLHbM
> +iDVAVGi4OLkT2DVUsne+pJOq3JDtpjASTo7y6VhxxS6v5i6lLbjDto2eXyS1/zM
> GW4iTLTqM7YY7nj3X4bpjeGM4G5i+gx74paq3o3hqbqwlKs30ehltAJiNpjleUWu
> FlvD5fuUWEYWjMzddfOFuidVXjRKhcRsuoeGvPIP+AifgKekqnKU1Pjrdx+9oU0q
> WCVjF4dDl7tebVPrdlNVjCDlUXTPhpCrpuMrjbkk/N44E7E/ik+ObraX0A8JGcDp
> +gOAXOPT3J/hVFwRm6ksqfi9lXe5HijHNXspuTQ4QLBqhVhS5O+WqnWo8xVCpVF6
> VQt0e8YCYrPD34A9WCodHaidy4kGtO2BOJq0VNqrJ/atAtPcBx4IHD9hRhlFJbqJ
> TCi7WBn++dtbYMiVYjSOq2Y9DDlO9WoSNaWC90Ae86ZnUfKmYTsj7TK+ynxfenR/
> X8t6xQ+Mp40MSLueVM8q
> =tzgx
> -----END PGP SIGNATURE-----



-- 
@kylemaxwell




From grarpamp at gmail.com  Thu Aug  8 15:54:43 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 8 Aug 2013 18:54:43 -0400
Subject: Lavabit down ...
In-Reply-To: <CAESvgErL2Y1TzkSDzt2rSQWM0=o-89hsjhKEo44ACOfxaEL+8g@mail.gmail.com>
References: <51F8427E.1070206@lavabit.com> <51F852C8.3070304@lavabit.com>
 <51F87A7C.70204@headstrong.de> <5203F1D2.3070105@openmail.cc>
 <CAESvgErL2Y1TzkSDzt2rSQWM0=o-89hsjhKEo44ACOfxaEL+8g@mail.gmail.com>
Message-ID: <CAD2Ti2_pzGawqn20kVn1qg4FyCGVCds2fKbdkDd1dGhEqGBZbQ@mail.gmail.com>

> On Thu, Aug 8, 2013 at 3:45 PM, Kyle Maxwell <kylem at xwell.org> wrote:

...by top posting.


> http://boingboing.net/2013/07/12/so-apparently-edward-snowden.html

>> On Thu, Aug 8, 2013 at 2:30 PM, Trigger Happy <triggerhappy at openmail.cc> wrote:
>>
>> what I saw today lavabit.com

>>> quote: lavabit.com
>>>
>>> I cannot share my experiences over the last six weeks

Hushmail is certainly under the same pressure for the same reason.


>>> in crimes against the American people

In addition to the above singular news reference, this plurality seems to
perhaps imply a further prism/verizon like all-data situation as well. Not
an unexpected thing these days.


>>> the first amendment is
>>> supposed to guarantee me the freedom to speak out in situations like
>>> this. Unfortunately, Congress has passed laws that say otherwise.
>>> I have twice made the appropriate requests.

>>> What’s going to happen now? We’ve already started preparing the
>>> paperwork needed to continue to fight for the Constitution in the
>>> Fourth Circuit Court of Appeals. A favorable decision would allow me
>>> resurrect Lavabit as an American company.

The US first amendment... it's time more people started exercising it.
Excepting order of precedence as it may apply to the risk averse, the
permission of appeal, against that which would (or should, if that is
your politic) be struck down, isn't required to do so.

Links:
http://www.law.cornell.edu/constitution/first_amendment
http://www.law.cornell.edu/wex/first_amendment
http://www.law.cornell.edu/anncon/html/amdt1toc_user.html
https://encrypted.google.com/?q="ladar+levison"


>>> _strongly_ recommend against anyone trusting their private data to a
>>> company with physical ties to the United States.

Remove the ability of services to see the data and this legacy problem
of entrusting cleartext goes away. Maybe at that point everything
becomes just node services for hidden applications.

Mail is a big one. Maintaining interoperation while integrating client side
encryption is a nice goal but fails to hide the @talkers. Whoever comes
up with a fully anonymous, encrypted, defined-persistance p2p strong
replacement that people actually use will get a lot of credit.
Recent news has opened people up such that a good window of adoption
opportunity will exist for a while. Same for storage/block services using
an open client side encryption API.

There's still plenty of room, need, and reason for people to make stands
with traditional mail services too.




From grarpamp at gmail.com  Thu Aug  8 15:56:59 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 8 Aug 2013 18:56:59 -0400
Subject: Lavabit down ...
In-Reply-To: <CAD2Ti2_pzGawqn20kVn1qg4FyCGVCds2fKbdkDd1dGhEqGBZbQ@mail.gmail.com>
References: <51F8427E.1070206@lavabit.com> <51F852C8.3070304@lavabit.com>
 <51F87A7C.70204@headstrong.de> <5203F1D2.3070105@openmail.cc>
 <CAESvgErL2Y1TzkSDzt2rSQWM0=o-89hsjhKEo44ACOfxaEL+8g@mail.gmail.com>
 <CAD2Ti2_pzGawqn20kVn1qg4FyCGVCds2fKbdkDd1dGhEqGBZbQ@mail.gmail.com>
Message-ID: <CAD2Ti287y7x9M0PnqB+1NDbfUpQC4yH40AmEBbPi+MOoEjhbaw@mail.gmail.com>

>> There's still plenty of room, need, and reason for people to make stands
>> with traditional mail services too.

> On lavabit.com:
> Defending the constitution is expensive! Help us by donating to the Lavabit Legal Defense Fund here.
> https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=7BCR4A5W9PNN4




From l at odewijk.nl  Thu Aug  8 10:17:18 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Thu, 8 Aug 2013 19:17:18 +0200
Subject: Malware Keylogger
In-Reply-To: <CAPkBPbA-S1V-N1kqnyCOt7764aYfNTvvmm5NdTqLE5ijca_g9Q@mail.gmail.com>
References: <CAPkBPbA-S1V-N1kqnyCOt7764aYfNTvvmm5NdTqLE5ijca_g9Q@mail.gmail.com>
Message-ID: <CAHWD2rLVCiBe9jqXHxxYuxk=m4w4+fm5vQAkZBs4sykqP-t-qg@mail.gmail.com>

Are you targeting the BIOS or the OS? Are you targeting it during boot or
while running?

I suppose targeting the BIOS would be cool. I guess it'd be easier to
(through booting the pendrive) write your malware to the OS.

I'd suggest replacing the default keyboard drivers with your own special
flavor. In case of signed drivers you have a problem. Maybe you can modify
the OS's routines for checking signatures.

The lamer method would be getting some malware for Mac and some for Linux
and placing everything in the right folders. Similar but different.

Still you're only targeting OSs, never all OSs.

You could instead target only BIOSs or UEFIs. Your choice.

2013/8/8 Yush Bhardwaj <yushbhardwaj91 at gmail.com>

> Guys I was trying to setup a pendrive as malware which works for all OS
> (Windows/Linux/Mac).
>
> I know how to do it for windows but I am still searching to get my setup
> done for mac and linux.
> Any her knows anything about it
>
>
>
>
>
> *
> *
> *
> *
> *
> *
> *Yush Bhardwaj*
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1998 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130808/774b88d1/attachment.txt>

From l at odewijk.nl  Thu Aug  8 10:24:17 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Thu, 8 Aug 2013 19:24:17 +0200
Subject: Urea at NSA Utah Data Center
In-Reply-To: <51FEA212.9030609@littledystopia.net>
References: <E1V3QHf-0007aC-GK@elasmtp-kukur.atl.sa.earthlink.net>
 <51F519A4.4080907@lne.com> <51FEA212.9030609@littledystopia.net>
Message-ID: <CAHWD2rK+vtkXCHjyoUYZdQL6h4gBPs2-uVrSfexBTLni4Fjf9g@mail.gmail.com>

2013/8/4 b. brewer <bbrewer at littledystopia.net>

> we all want 'clean air'.


This is what concerned me too. They're in the middle of the desert. I doubt
they really care about the air that much : /

Just use the spy-sats to see if they move the right amount of urea. Seeing
the trucks doesn't guarantee anything, but at least it looks legit. (Oh I
wish I was a spy sometimes)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 660 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130808/c0534cac/attachment.txt>

From triggerhappy at openmail.cc  Thu Aug  8 12:30:26 2013
From: triggerhappy at openmail.cc (Trigger Happy)
Date: Thu, 08 Aug 2013 21:30:26 +0200
Subject: Lavabit down ...
In-Reply-To: <51F87A7C.70204@headstrong.de>
References: <51F8427E.1070206@lavabit.com> <51F852C8.3070304@lavabit.com>
 <51F87A7C.70204@headstrong.de>
Message-ID: <5203F1D2.3070105@openmail.cc>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


what I saw today lavabit.com

My Fellow Users,

I have been forced to make a difficult decision: to become complicit
in crimes against the American people or walk away from nearly ten
years of hard work by shutting down Lavabit. After significant soul
searching, I have decided to suspend operations. I wish that I could
legally share with you the events that led to my decision. I cannot. I
feel you deserve to know what’s going on--the first amendment is
supposed to guarantee me the freedom to speak out in situations like
this. Unfortunately, Congress has passed laws that say otherwise. As
things currently stand, I cannot share my experiences over the last
six weeks, even though I have twice made the appropriate requests.

What’s going to happen now? We’ve already started preparing the
paperwork needed to continue to fight for the Constitution in the
Fourth Circuit Court of Appeals. A favorable decision would allow me
resurrect Lavabit as an American company.

This experience has taught me one very important lesson: without
congressional action or a strong judicial precedent, I would
_strongly_ recommend against anyone trusting their private data to a
company with physical ties to the United States.

Sincerely,
Ladar Levison
Owner and Operator, Lavabit LLC


- -- 
Trigger Happy	
jabber: triggerhappy at jabber.ccc.de
otr: 85e6d794bbf77f6defd7e6648a6e48ebba6f0ffd

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSA/HMAAoJEEtm9wC9fGLFxDkP/RQiZyIXv3sXHgYoocGEv+w3
K4P+z5o1t7RVJBuSSu3AOwqBvKVZczgJsUJ2u/TT96KAGw/9zflCIqrsFDFHOA1T
g2LdZ2qs8jxYEs9DWCNBSOmK964LmRpsJoyncwoXS0BYGD8eM0bN7v8HuR69GNbG
IAMnI7WRiiQQnX8wpO0VIA0/V50pgIsFbZJt6swK2emuGRBzDgVedWNPTGpbLHbM
+iDVAVGi4OLkT2DVUsne+pJOq3JDtpjASTo7y6VhxxS6v5i6lLbjDto2eXyS1/zM
GW4iTLTqM7YY7nj3X4bpjeGM4G5i+gx74paq3o3hqbqwlKs30ehltAJiNpjleUWu
FlvD5fuUWEYWjMzddfOFuidVXjRKhcRsuoeGvPIP+AifgKekqnKU1Pjrdx+9oU0q
WCVjF4dDl7tebVPrdlNVjCDlUXTPhpCrpuMrjbkk/N44E7E/ik+ObraX0A8JGcDp
+gOAXOPT3J/hVFwRm6ksqfi9lXe5HijHNXspuTQ4QLBqhVhS5O+WqnWo8xVCpVF6
VQt0e8YCYrPD34A9WCodHaidy4kGtO2BOJq0VNqrJ/atAtPcBx4IHD9hRhlFJbqJ
TCi7WBn++dtbYMiVYjSOq2Y9DDlO9WoSNaWC90Ae86ZnUfKmYTsj7TK+ynxfenR/
X8t6xQ+Mp40MSLueVM8q
=tzgx
-----END PGP SIGNATURE-----




From yushbhardwaj91 at gmail.com  Thu Aug  8 09:59:28 2013
From: yushbhardwaj91 at gmail.com (Yush Bhardwaj)
Date: Thu, 8 Aug 2013 22:29:28 +0530
Subject: Malware Keylogger
Message-ID: <CAPkBPbA-S1V-N1kqnyCOt7764aYfNTvvmm5NdTqLE5ijca_g9Q@mail.gmail.com>

Guys I was trying to setup a pendrive as malware which works for all OS
(Windows/Linux/Mac).

I know how to do it for windows but I am still searching to get my setup
done for mac and linux.
Any her knows anything about it





*
*
*
*
*
*
*Yush Bhardwaj*
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 794 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130808/e06e45f1/attachment.txt>

From lists at silent1.net  Thu Aug  8 14:33:38 2013
From: lists at silent1.net (Silent1)
Date: Thu, 8 Aug 2013 22:33:38 +0100
Subject: Urea at NSA Utah Data Center
In-Reply-To: <CAHWD2rK+vtkXCHjyoUYZdQL6h4gBPs2-uVrSfexBTLni4Fjf9g@mail.gmail.com>
References: <E1V3QHf-0007aC-GK@elasmtp-kukur.atl.sa.earthlink.net>
 <51F519A4.4080907@lne.com> <51FEA212.9030609@littledystopia.net>
 <CAHWD2rK+vtkXCHjyoUYZdQL6h4gBPs2-uVrSfexBTLni4Fjf9g@mail.gmail.com>
Message-ID: <000001ce947e$f3c42030$db4c6090$@net>

If I am remembering correctly, the ratio of AdBlue to diesel is 100 parts diesel to 1 part AdBlue, does anyone have a guesstimate on the volume of the tanks?

 

 

From: cypherpunks [mailto:cypherpunks-bounces at cpunks.org] On Behalf Of Lodewijk andré de la porte
Sent: Thursday, August 08, 2013 6:24 PM
To: b. brewer
Cc: cypherpunks at cpunks.org
Subject: Re: Urea at NSA Utah Data Center

 

2013/8/4 b. brewer <bbrewer at littledystopia.net>

we all want 'clean air'.


This is what concerned me too. They're in the middle of the desert. I doubt they really care about the air that much : /

 

Just use the spy-sats to see if they move the right amount of urea. Seeing the trucks doesn't guarantee anything, but at least it looks legit. (Oh I wish I was a spy sometimes)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3493 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130808/b4ebd4fa/attachment.txt>

From jacob at appelbaum.net  Thu Aug  8 17:22:54 2013
From: jacob at appelbaum.net (Jacob Appelbaum)
Date: Fri, 09 Aug 2013 00:22:54 +0000
Subject: [tahoe-dev] Tahoe-LAFS, Tor and Tails
Message-ID: <mailman.4409.1575949049.62801.testlist@lists.cpunks.org>

Greetings from Berlin,

Leif and I have been working on ways to deploy, use and sync data with
Tahoe on Tails. Tails[0] is a live CD based on Debian GNU/Linux that is
supported by the Tor Project. It is intended to lose state after every
shutdown, unless a user configures it to keep certain bits of
information in a so-called Persistent container. This is usually a LUKS
encrypted partition on the same bootable medium that contains Tails.

To start - we worked through bootstrapping Tahoe on a Tails system - the
Tahoe package in Debian and thus available in Tails as of the Tails 0.19
release is 1.9.2-1. This is a bit older than we'd like, so we
bootstrapped from source with only a few Debian packages from the
packaging system.

Here is the git repo for the script that we used to bootstrap Tahoe-LAFS
on Tails 0.19:

  https://github.com/leif/tahoe-tails-utils

The following ticket covers the overall issues of actually trying to
bootstrap Tahoe safely on any network at all:

  https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2055

The issues outlined in the above ticket should cover Tor users, though
likely it equally applies to a VPN user, an i2p user and really, anyone
barebacking with the internet.

Once this bootstrapping process was completed, we connected the Tails
machine to a Tahoe-LAFS grid that is Tor aware. The introducer runs as a
Tor hidden service. Each of the Storage Nodes also presents their
respective addresses as Tor hidden services through the previously
mentioned introducer.

We found that the open browser command uses the system browser included
with Tails. We weren't thrilled about the main browser being used for
local system daemon or system service related activities. I dislike that
it talks to the loopback interface, while other content it loads may go
over the Tor network or even try to do other things with stored data in
the browser or on the file system.

This ticket is an example of why total browser isolation is a good idea:

  https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1942

We prefer that at least this browser data should be isolated from any
other web browsing I might perform with this machine. We wrote a quick
little hack to use a different profile - we added a wrapper called
`tahoe-browser` written in bash and stuffed it into
/usr/local/bin/tahoe-browser. We then set BROWSER in the environment to
point to it:

  export BROWSER="/usr/local/bin/tahoe-browser"

This allows me to use `tahoe webopen grid-news/Latest/index.html` in a
completely separate browser profile. Hooray. What is grid-news? A useful
news service on our local Tor grid - any url would have the same issues
as noted.

Is this useful? Should we generalize this and add it to Tahoe? It would
be easy enough to extend src/allmydata/scripts/tahoe_webopen.py to do
this job with the addition of another small class. No such tahoe-browser
program would be required - though it surely wouldn't hurt to keep them
completely separated.

An interesting trick would be to put that browser profile itself inside
of a user's Tahoe grid. It would provide some on-the-go anti-forensics
and keep all Tahoe related url data, bookmarks and so on inside of the
grid itself. Leif isn't so hot on this idea because of Tahoe's Magic
Folders idea isn't implemented. Abstractly, I like the idea but I'm not
sure if it is practical.

As it stands, we've now managed to bootstrap Tahoe on Tails - so it is
basically possible to do all grid related activity over Tor. We don't
have to worry about exit nodes as we're using Tor Hidden Services for
all of the services. Though generally, I'm not really worried about Tor
Exit nodes in the context of Tahoe-LAFS.

In an ideal world, we'd use the Tails persistence feature to store a
user's Tahoe's introducer furl and a few other important bits. This
could then in turn be used to store all of the other Tails persistance
data - things like web browser history, .{ssh,gnupg,pidgin,etc}, and/or
even added Debian packages. To do this, we need to add persistence
support for Tahoe related configuration in Tails and we need to ensure
that Tahoe ships as part of Tails.

Here are a few bugs related to this in the Tails bug tracker:

  https://labs.riseup.net/code/issues/5514
  https://labs.riseup.net/code/issues/5804

Adding '/home/amnesia/.tahoe' to the Tails persistence seems to be
possible from an existing Tails system. We've filed a bug to add this
discuss adding Tahoe as a default option in the persistence
configuration dialog:

  https://labs.riseup.net/code/issues/6227

There are a few interesting improvements that came up for discussion
during this process.

One such idea relates to changing the way that the Storage Nodes publish
data to introducers.

Wouldn't it be nice if we could reduce the authority of the introducer
even more? With a little bit of effort, we could ensure that an attacker
who learns about the introducer is only able to learn the number of
Storage Servers but not any other information.

For an all Tor Hidden Service grid with such an introducer, an attacker
who takes the introducer will learn very little beyond a rough count of
the total Storage Nodes connecting to that introducer. The clients are
all protected by Tor and the Storage Nodes are similarly protected by
Tor. The Storage Nodes would stay not only geographically anonymous as
provided by Tor but it wouldn't be possible to learn their .onion names
and even begin to have any way to connect with them at all. To do this,
we'd need to encrypt the furls shared by the introducer in some way.
This requires that clients share a symmetric key or publish a public key
or something similar. Thus the introducer could even be shared by a few
groups who do not trust each other. If we merge the multi-introducer
patch, heavily used by the i2p folks, we could really do interesting
things along these lines. These ideas obviously require a design that is
beyond the scope of this email.

Additionally, we thought it useful to extend Tahoe to be aware of a grid
that uses Tor Stealth Hidden Services[1][2]. This essentially adds a
layer of authentication between a client and a server at the Tor layer.
Thus even if an attacker were to learn of a Storage Nodes's .onion,
without the corresponding shared secret - no one will be able to connect
to the Storage node or even elicit a reply from that server. This is a
bit tricky in the sense that the Storage Node will make outbound
connections to the introducer - so Tahoe Storage Node client side
exploitation is probably a concern. However, if an introducer were
stolen, the Storage Node's .onion would not be useful to the attacker
without the Tor Hidden Service authorization keys. Those keys should
only be available on the Tahoe client's Tor client, and the Tor Hidden
Service Storage Server's Tor client and not on the introducer.

We of course want to ensure that Tails has the newest version of Tahoe -
though there is some debate about using Tahoe-LAFS or Leif's Truckee
Tahoe-LAFS branch. Any thoughts on this topic would be appreciated.

What else should we be thinking about?

All the best,
Jacob

[0] https://tails.boum.org/
[1] https://www.torproject.org/docs/tor-hidden-service.html.en
[2] https://www.torproject.org/docs/hidden-services.html.en
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From coderman at gmail.com  Fri Aug  9 00:39:03 2013
From: coderman at gmail.com (coderman)
Date: Fri, 9 Aug 2013 00:39:03 -0700
Subject: [tor-talk] Secure email with limited usable metadata
Message-ID: <mailman.4410.1575949049.62801.testlist@lists.cpunks.org>

On Mon, Jul 1, 2013 at 10:10 PM, coderman <coderman at gmail.com> wrote:
> ...
> my contempt for email should be evident by provider; ...  ;)
>   [OTR, ZRTP, others preferable many years now]


another one decides email is inherently insecure:
  https://silentcircle.wordpress.com/2013/08/09/to-our-customers/

"""
Silent Mail has thus always been something of a quandary for us. Email
that uses standard Internet protocols cannot have the same security
guarantees that real-time communications has. There are far too many
leaks of information and metadata intrinsically in the email protocols
themselves. Email as we know it with SMTP, POP3, and IMAP cannot be
secure.
"""


use other tools and protocols for private communication!  here's to
hoping TorMail stays dormant...
-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From grarpamp at gmail.com  Fri Aug  9 03:50:08 2013
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 9 Aug 2013 06:50:08 -0400
Subject: [tor-talk] Secure email with limited usable metadata
In-Reply-To: <20130809092325.GS29404@leitl.org>
References: <20130809092325.GS29404@leitl.org>
Message-ID: <CAD2Ti2_S16Hi5NSqVK0Br02aWAcNK8-svFvfKZKKuxZc6Baugw@mail.gmail.com>

> On Mon, Jul 1, 2013 at 10:10 PM, coderman <coderman at gmail.com> wrote:
>> my contempt for email should be evident by provider; ...  ;)

Gmail seems intent on refusing signups via Tor without
supplying other linkable and not rationally expendable
data such as phone. I expect they'll bleed off users who
need this to other providers through attrition, and incur
negative publicity from prospective new users for failing
to support it in these days.

There were a few threads over on tor-talk in which a
gmail staff participated. Some community suggestion
was made for refundable bitcoin deposit to appease
the google claims, not sure where that went.

> use other tools and protocols for private communication!

Amongst your convinceable and tutorable peers, yes
of course. Amongst the rest of the world..

> here's to hoping TorMail stays dormant...

..I don't agree. It will be a long time before anything
replaces traditional email worldwide. Until then traditional
email services do need to be out there... accessible via
Tor and free / donation based for basic messaging use.
Independant mail nodes can work if done well, that's
essentially what TorMail, Lavabit, SC, Hush, etc are.
And though you may encrypt the body, there are uses
for which you don't want to (non crypto peers). Know
the weaknesses, your tools, and pick the right one for
the right use. TorMail was in some sense the most
interesting thing since the mail mixes. And other services
that try to do crypto for you, can't, it's impossible hype.
Better to continue building OpenPGP etc into traditional
mail clients smoother.

note: Last I saw TorMail up was Aug 5 early UTC.




From neil.johnson at erudicon.com  Fri Aug  9 07:11:00 2013
From: neil.johnson at erudicon.com (Neil Johnson)
Date: Fri, 9 Aug 2013 09:11:00 -0500
Subject: The Guardian: Fears over NSA surveillance revelations endanger US
 cloud computing industry
Message-ID: <CAE0H02rd9EoobZw4nvYf+89s_JmbuR2yfAMqmb=Guh3kfw-W_g@mail.gmail.com>

http://www.theguardian.com/world/2013/aug/08/nsa-revelations-fears-cloud-computing?CMP=twt_fd&CMP=SOCxx2I2

-- 
Neil Johnson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 355 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130809/35e6cad1/attachment.txt>

From sean at alexan.org  Fri Aug  9 07:43:10 2013
From: sean at alexan.org (Sean Alexandre)
Date: Fri, 9 Aug 2013 10:43:10 -0400
Subject: Lavabit and End-point Security
Message-ID: <20130809144310.GA29800@tuzo>

I find some comfort in the fact that they had to serve papers to Lavabit to get
the information they wanted. To me this says Lavabit's security was so good they
couldn't back door his machines.

Or, maybe it was cover-up, to get the information "legally." But I'm guessing
they really couldn't get what they wanted.

I'd love to see some kind of write-up by Ladar about how he did this...maybe
even a book. 

I expect he was just doing all the standard things any sys-admin should be
doing. It would be great to see it all written down in one place, though, as
a case study with details.

Even better: Edward Swowden as a co-author.




From wilfred at vt.edu  Fri Aug  9 13:43:55 2013
From: wilfred at vt.edu (Wilfred Guerin)
Date: Fri, 9 Aug 2013 10:43:55 -1000
Subject: Nuclear Weapons Control Systems and NATO Super-Radar shut down by
 occupy group NOMOUS at NISCEMI, SICILY Re: [cryptome] NSA Today on Missions,
 Authorities, Oversight, Partnershps
Message-ID: <CAG+6jOaTSq6JL99m=fUYfXh7DMsDOqvzsgr49Ljr4C0tWRZrrw@mail.gmail.com>

Nuclear Weapons Control Systems and NATO Super-Radar shut down by occupy
group NOMOUS at NISCEMI, SICILY



On Fri, Aug 9, 2013 at 10:14 AM, John Young <jya at pipeline.com> wrote:

> NSA statement today on Missions, Authorties, Oversight, Partnerships:
>
> http://cryptome.org/2013/08/**nsa-13-0809.pdf<http://cryptome.org/2013/08/nsa-13-0809.pdf>
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 652 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130809/ac8efeef/attachment.txt>

From jya at pipeline.com  Fri Aug  9 07:52:36 2013
From: jya at pipeline.com (John Young)
Date: Fri, 09 Aug 2013 10:52:36 -0400
Subject: The Guardian: Fears over NSA surveillance revelations
 endanger US cloud computing industry
In-Reply-To: <CAE0H02rd9EoobZw4nvYf+89s_JmbuR2yfAMqmb=Guh3kfw-W_g@mail.g
 mail.com>
References: <CAE0H02rd9EoobZw4nvYf+89s_JmbuR2yfAMqmb=Guh3kfw-W_g@mail.gmail.com>
Message-ID: <E1V7o2f-0007z8-OS@elasmtp-scoter.atl.sa.earthlink.net>

This fear of US cloud service was deployed against US crypto
back then. Exemplified in the CryptoAG revelation. Then it
was "revealed," as now, the competitors were even more
devious. Meanwhile all of the spies and contractors got more
funding to spy on each other and PR the mil-grade security,
backslapping at how easy it was to spook the public, you
know, spook as in spy on to assure freaking was effective.

In 2000 it was "revealed" that CIA and NSA with the joint
Special Collection Service, were running eavesdropping
and burgling ops out of US embassies and at home from
suburban Maryland and now, holy shit, it is "revealed" that
PRISM and XKeyscore does that cyberwarly with browsers.

You know, too, revealed as in leaked most industriously
by a Special Distribution Service, another codeword for
smoking the cloud, why even the CIA uses vaporware.

Guardian is a fine mouthpiece for Official Secrets freaking.





At 10:11 AM 8/9/2013, you wrote:
><http://www.theguardian.com/world/2013/aug/08/nsa-revelations-fears-cloud-computing?CMP=twt_fd&CMP=SOCxx2I2>http://www.theguardian.com/world/2013/aug/08/nsa-revelations-fears-cloud-computing?CMP=twt_fd&CMP=SOCxx2I2
>
>--
>Neil Johnson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1449 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130809/78560d40/attachment.txt>

From nettime at kein.org  Fri Aug  9 10:57:45 2013
From: nettime at kein.org (nettime's paranoid reader)
Date: Fri, 09 Aug 2013 10:57:45 +020§
Subject: <nettime> Statement: Why Secure Email Provider Lavabit closes down
Message-ID: <mailman.4411.1575949050.62801.testlist@lists.cpunks.org>


http://lavabit.com

My Fellow Users,

I have been forced to make a difficult decision: to become complicit in 
crimes against the American people or walk away from nearly ten years of 
hard work by shutting down Lavabit. After significant soul searching, I 
have decided to suspend operations. I wish that I could legally share 
with you the events that led to my decision. I cannot. I feel you 
deserve to know what?s going on--the first amendment is supposed to 
guarantee me the freedom to speak out in situations like this. 
Unfortunately, Congress has passed laws that say otherwise. As things 
currently stand, I cannot share my experiences over the last six weeks, 
even though I have twice made the appropriate requests.

What?s going to happen now? We?ve already started preparing the 
paperwork needed to continue to fight for the Constitution in the Fourth 
Circuit Court of Appeals. A favorable decision would allow me resurrect 
Lavabit as an American company.

This experience has taught me one very important lesson: without 
congressional action or a strong judicial precedent, I would _strongly_ 
recommend against anyone trusting their private data to a company with 
physical ties to the United States.

Sincerely,
Ladar Levison
Owner and Operator, Lavabit LLC

Defending the constitution is expensive! Help us by donating to the 
Lavabit Legal Defense Fund here [1].

[1] https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=7BCR4A5W9PNN4


#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime at kein.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Fri Aug  9 02:08:01 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 9 Aug 2013 11:08:01 +0200
Subject: <nettime> Statement: Why Secure Email Provider Lavabit closes down
Message-ID: <20130809090801.GL29404@leitl.org>

----- Forwarded message from nettime's paranoid reader <nettime at kein.org> -----


From eugen at leitl.org  Fri Aug  9 02:23:25 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 9 Aug 2013 11:23:25 +0200
Subject: [tor-talk] Secure email with limited usable metadata
Message-ID: <20130809092325.GS29404@leitl.org>

----- Forwarded message from coderman <coderman at gmail.com> -----


From eugen at leitl.org  Fri Aug  9 03:06:42 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 9 Aug 2013 12:06:42 +0200
Subject: [tahoe-dev] Tahoe-LAFS, Tor and Tails
Message-ID: <20130809100642.GB29404@leitl.org>

----- Forwarded message from Jacob Appelbaum <jacob at appelbaum.net> -----


From StealthMonger at nym.mixmin.net  Fri Aug  9 06:18:13 2013
From: StealthMonger at nym.mixmin.net (StealthMonger)
Date: Fri,  9 Aug 2013 14:18:13 +0100 (BST)
Subject: [tor-talk] Secure email with limited usable metadata
In-Reply-To: <20130809092325.GS29404@leitl.org> (Eugen Leitl's message of
 "Fri, 9 Aug 2013 11:23:25 +0200")
References: <20130809092325.GS29404@leitl.org>
Message-ID: <20130809131813.5965AEAB01@snorky.mixmin.net>


> Date: Fri, 9 Aug 2013 00:39:03 -0700
> From: coderman <coderman at gmail.com>
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] Secure email with limited usable metadata
> Reply-To: tor-talk at lists.torproject.org

> Email that uses standard Internet protocols cannot have the same
> security guarantees that real-time communications has.

Precisely the opposite is the case.  Email can go by way of anonymizing
remailers, while real-time communications are vulnerable to IP packet
time and volume correlation at the end points.  With email, the security
is in the message, not in the connection.

-- 


 -- StealthMonger <StealthMonger at nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?
   http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html


Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130809/b56bf4af/attachment.sig>

From coderman at gmail.com  Fri Aug  9 15:59:38 2013
From: coderman at gmail.com (coderman)
Date: Fri, 9 Aug 2013 15:59:38 -0700
Subject: [cryptography] NSA Today on Missions, Authorities, Oversight,
 Partnershps
In-Reply-To: <E1V7t3n-0003MC-8L@elasmtp-masked.atl.sa.earthlink.net>
References: <E1V7t3n-0003MC-8L@elasmtp-masked.atl.sa.earthlink.net>
Message-ID: <CAJVRA1QPVTscS4h5ANs_xLtP+hN7S1_yinn+=oJgCjWf-6SnZw@mail.gmail.com>

On Fri, Aug 9, 2013 at 1:14 PM, John Young <jya at pipeline.com> wrote:
> NSA statement today on Missions, Authorties, Oversight, Partnerships:
>
> http://cryptome.org/2013/08/nsa-13-0809.pdf



some interesting stats, also interesting copy / paste behavior:

"Scope and Scale of NSA Collection
According to figures published by a major tech provider, the Internet
carries 1,826 Petabytes of
information per day. In its foreign intelligence mission, NSA touches
about 1.6% of that. However,
of the 1.6% of the data, only 0.025% is actually selected for review.
The net effect is that NSA
DQDO\VWVORRNDWRIWKHZRUOG¶VWUDIILFLQFRQGXFWLQJWKHLUPLVVLRQ±
WKDW¶VOHVVWKDQRQH
part in a million. Put another way, if a standard basketball court
represented the global
FRPPXQLFDWLRQVHQYLURQPHQW16$¶VWRWDO collection would be
represented by an area smaller than a
dime on that basketball court."

to read:

"""
Scope and Scale of NSA Collection
According to figures published by a major tech provider, the Internet
carries 1,826 Petabytes of
information per day. In its foreign intelligence mission, NSA touches
about 1.6% of that. However,
of the 1.6% of the data, only 0.025% is actually selected for review.
The net effect is that NSA
analysts look at 0.00004% of the world's traffic in conducting their
mission - that's less than one
part in a million. Put another way, if a standard basketball court
represented the global
communications environment, NSA's total collection would be
represented by an area smaller than a
dime on that basketball court.
"""


again we see the fallacy of "not a search/collection until reviewed by
an analyst."...




From jya at pipeline.com  Fri Aug  9 13:14:08 2013
From: jya at pipeline.com (John Young)
Date: Fri, 09 Aug 2013 16:14:08 -0400
Subject: NSA Today on Missions, Authorities, Oversight, Partnershps
Message-ID: <E1V7t3n-0003MC-8L@elasmtp-masked.atl.sa.earthlink.net>

NSA statement today on Missions, Authorties, Oversight, Partnerships:

http://cryptome.org/2013/08/nsa-13-0809.pdf





From nick at lupine.me.uk  Fri Aug  9 12:03:06 2013
From: nick at lupine.me.uk (Nick Thomas)
Date: Fri, 09 Aug 2013 20:03:06 +0100
Subject: hide-eid update
In-Reply-To: <1375611645.22095.18.camel@nlwork.lan>
References: <E1V5oVl-0003IQ-G1@oak.forest.a5775.uk0.bigv.io>
 <51FE1792.5090808@yahoo.com> <1375611645.22095.18.camel@nlwork.lan>
Message-ID: <1376074986.13542.25.camel@den.lupine.me.uk>

On Sun, 2013-08-04 at 11:20 +0100, Nick Thomas wrote:

> It may be misguided, but avoiding I^2 / M:N sessions was a goal. As
> numbers go, it's big enough to be uncomfortable (there's ~40K ASNs).

Quick update - the code is now in a state where it can tunnel arbitrary
IPv4 datagrams, and does path MTU discovery / fragmentation as suggested
by RFC6830. Traceroute doesn't work yet, though. IPv6 is TODO; it should
be trivial to add support for IPv6 EIDs. IPv6 RLOCs are a tiny bit
harder.

Crypto is - very slowly -  starting to look sane:

 - 160-bit EC private keys per RLOC
 - public keys -> registry (for now)
 - ECDH for shared secret generation for any RLOC pair
 - SHA256 the secret, use as secret key for symmetric cipher
 - Fragment packet into packets, if needed
 - Each packet gets 128-bit pseudo-random IV ( RAND_pseudo_bytes() )
 - aes256gcm block cipher on first 512 bytes of each packet 
 - On the wire:
   [ IP header, proto 99 ] [ len(iv+ciphertext+tag) ]
   [ iv ] [ ciphertext ] [ tag ] [ plaintext ]

Obviously, the current code doesn't scale at all well, but this is
in-principle parallelisable, and amenable to hardware cypto use as well.
Unloaded, it adds <1ms to rtt. I'm hoping to be able to get it running
at ~100Mbit/sec sometime in the next week or two. If I can get it to
gigabit rates, I can start talking to small ISPs about running it,
opt-in, with a straight face. 

If you fancy experimenting with a hide-eid node, just poke me with a
public key and a range + RLOC IP (or set up your own pair, of course).
I'd quite like to see it spanning large sections of the real Internet
successfully. I'd also love to know if you can get it to break any IP
protocols; I've only really been playing with TCP and ICMP so far. 

More broadly, I've still not been dissuaded against the notion that it
plugs a gap in the current range of tools against widespread,
generalised internet surveillance. The value of being a member of even a
small anonymity set can't be understated, especially when getting into
the set is more-or-less zero effort and zero cost. If anyone can
convince me otherwise, well, at least I'd get my evenings (and mornings)
back :)

/Nick





From adam at cypherspace.org  Fri Aug  9 17:56:15 2013
From: adam at cypherspace.org (Adam Back)
Date: Sat, 10 Aug 2013 02:56:15 +0200
Subject: [cryptopolitics] Silent Circle and Secure Email
In-Reply-To: <CAH8yC8mxz5ED4fbjN3JeGtbH9K0J07N0++CrUNtRabu9WSCvHw@mail.gmail.com>
References: <CAH8yC8mNmLzM2vMAN-Gw8mJyjQ6cKs3eDkmC+sdLMs_uTw8m-g@mail.gmail.com>
 <4A091400-8A42-498E-B5FC-696B13CB92A8@goldmark.org>
 <CAH8yC8mxz5ED4fbjN3JeGtbH9K0J07N0++CrUNtRabu9WSCvHw@mail.gmail.com>
Message-ID: <20130810005615.GA15128@netbook.cypherspace.org>

Reading what Jon Callas wrote he said silent circle interoperated with
unencrypted SMTP email (unencrypted other than SSL over the transport), and
they used some bump in the wire PGP thingy that encrypts incoming email with
the silent circle users public key, and presumably sends out cleartext
possibly SSL SMTP where available, for non silent-circle recipients. 
Clearly therefore anyone tampering with the SSL (and often those mail
transport systems are not that smart about SSL as there is no security UI)
or just getting the NSA camel's nose inside the silent circle SSL
termination point prior to encrytion.

As they didnt think that would end well they decided to close it down. 
Alternatively they might have considered disabling the mail-in and mail-out
features.

Its less clear what lavabit were talking about.  Perhaps something similar
in terms of an SMTP interoperability encryption gap, or alternatively about
being pressured to modify code (which people seem to assume, but I didnt see
explicitly stated).

There were some hushmail rumors about code modification some years back -
does anyone know what actually at hushmail?

Adam

On Fri, Aug 09, 2013 at 08:46:57PM -0400, Jeffrey Walton wrote:
>On Fri, Aug 9, 2013 at 2:43 PM, Jeffrey Goldberg <Jeffrey at goldmark.org> wrote:
>> On Aug 9, 2013, at 11:45 AM, Jeffrey Walton <noloader at gmail.com> wrote:
>>
>>> I'd be interested in hearing more with respect to Silent Circle
>>> complicity in crimes against the American people if they supplied
>>> secure email.
>>
>> I think you may have missed the point in the Lavabit wording of this announcement.
>>
>> It looks like they were saying that complying with law enforcement requests (handing
>> over data or putting a back door in their systems) would be "complicity in crimes
>> against the American people.”
>>
>Thanks Jeffrey. I thought it might have been that, but the word
>"crime" removed the possibility in my mind's eye. I guess I would have
>worded it differently.




From adam at cypherspace.org  Fri Aug  9 18:19:59 2013
From: adam at cypherspace.org (Adam Back)
Date: Sat, 10 Aug 2013 03:19:59 +0200
Subject: [cryptopolitics] Silent Circle and Secure Email
In-Reply-To: <CAH8yC8=SF+rjZwQFqDTLEkPYGjq5x_dQcjLaZ+vM-mguezX+bQ@mail.gmail.com>
References: <CAH8yC8mNmLzM2vMAN-Gw8mJyjQ6cKs3eDkmC+sdLMs_uTw8m-g@mail.gmail.com>
 <4A091400-8A42-498E-B5FC-696B13CB92A8@goldmark.org>
 <CAH8yC8mxz5ED4fbjN3JeGtbH9K0J07N0++CrUNtRabu9WSCvHw@mail.gmail.com>
 <20130810005615.GA15128@netbook.cypherspace.org>
 <CAH8yC8=SF+rjZwQFqDTLEkPYGjq5x_dQcjLaZ+vM-mguezX+bQ@mail.gmail.com>
Message-ID: <20130810011959.GA15348@netbook.cypherspace.org>

(Thanks for the link.)  It says hushmail had a simplified web-only version (no
java applet) and that the disclosure of client emails did not involve
pressured code changes (at least code shipped to clients), rather that as a
natural consequence of the way passwords would be processed on the server
side and decryption happened on the server side so hushmail had the
passwords, private keys, and decrypted plaintexts at leas in memory to hand
over on request.

Adam

On Fri, Aug 09, 2013 at 08:59:53PM -0400, Jeffrey Walton wrote:
>On Fri, Aug 9, 2013 at 8:56 PM, Adam Back <adam at cypherspace.org> wrote:
>> ...
>>
>> Its less clear what lavabit were talking about.  Perhaps something similar
>> in terms of an SMTP interoperability encryption gap, or alternatively about
>> being pressured to modify code (which people seem to assume, but I didnt see
>> explicitly stated).
>>
>> There were some hushmail rumors about code modification some years back -
>> does anyone know what actually at hushmail?
>Encrypted E-Mail Company Hushmail Spills to Feds,
>http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/.




From jya at pipeline.com  Sat Aug 10 08:11:58 2013
From: jya at pipeline.com (John Young)
Date: Sat, 10 Aug 2013 11:11:58 -0400
Subject: Obama On NSA 9 August 2013
Message-ID: <E1V8Aow-0001EQ-PT@elasmtp-spurfowl.atl.sa.earthlink.net>

http://cryptome.org/2013/08/obama-nsa-13-0809.htm





From l at odewijk.nl  Sat Aug 10 03:42:16 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Sat, 10 Aug 2013 12:42:16 +0200
Subject: Lavabit and End-point Security
In-Reply-To: <20130809144310.GA29800@tuzo>
References: <20130809144310.GA29800@tuzo>
Message-ID: <CAHWD2rJdV=LNhCrBKgAtksyW4K5fxqqv=e_dQMju4cLXFFUBUg@mail.gmail.com>

2013/8/9 Sean Alexandre <sean at alexan.org>

> Or, maybe it was cover-up, to get the information "legally." But I'm
> guessing
> they really couldn't get what they wanted.
>

This. They don't want to show people what power they have. So they use the
"most public method", letters. They are very, very, very aware of what you
might guess. You have to remember they could legally prevent him from
saying he even received letters, they have done so in the past.

Why haven't they now? Might it have to do with you assumptions? Or is it as
innocent as genuinely not wanting to cause more harm than needed?

Do you think the NSA is innocent?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 985 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130810/d65425bd/attachment.txt>

From sean at alexan.org  Sat Aug 10 10:32:02 2013
From: sean at alexan.org (Sean Alexandre)
Date: Sat, 10 Aug 2013 13:32:02 -0400
Subject: Lavabit and End-point Security
In-Reply-To: <CAHWD2rJdV=LNhCrBKgAtksyW4K5fxqqv=e_dQMju4cLXFFUBUg@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAHWD2rJdV=LNhCrBKgAtksyW4K5fxqqv=e_dQMju4cLXFFUBUg@mail.gmail.com>
Message-ID: <20130810173202.GA9012@tuzo>

On Sat, Aug 10, 2013 at 12:42:16PM +0200, Lodewijk andré de la porte wrote:
> 2013/8/9 Sean Alexandre <sean at alexan.org>
> 
> > Or, maybe it was cover-up, to get the information "legally." But I'm
> > guessing
> > they really couldn't get what they wanted.
> >
> 
> This. They don't want to show people what power they have. So they use the
> "most public method", letters. They are very, very, very aware of what you
> might guess. You have to remember they could legally prevent him from
> saying he even received letters, they have done so in the past.
> 
> Why haven't they now? Might it have to do with you assumptions? Or is it as
> innocent as genuinely not wanting to cause more harm than needed?
> 
> Do you think the NSA is innocent?

I can't really argue with that. I think it's very possible this is just
"parallel contruction" where they want to cover their tracks and say they got
things "legally."

Still, I have to hope it's possible to run a service such as Lavabit and have
it be so locked down that it can't be backdoored. Nothing can be 100% secure,
but secure enough that it's very, very unlikely.

I'd like to see a github project that has scripts (puppet?) to take a fresh Debian 
box and lock it down as much as possible, running only ssh. 

Those scripts could be used to create a CTF box sitting out on the open
Internet, for others to try and hack into. Pen test it to death. Update the
scripts. Make the config as perfect as possible.

Then others could take those scripts and add more modules to them, for other
services: exim, dovecot, apache, roundcube. People could pick and choose which
they want to run.

Put different boxes out there, as other CTF machines to pentest. 

Make it fun. Give people rewards, or some kind of recognition, if they can break
into the box.

"Encryption works," we know. End-point security's the weak link. This could be
a way to shore that up.

Thoughts?




From albin.olsson at gmail.com  Sat Aug 10 04:32:10 2013
From: albin.olsson at gmail.com (Albin Olsson)
Date: Sat, 10 Aug 2013 13:32:10 +0200
Subject: [cryptography] NSA Today on Missions, Authorities, Oversight,
 Partnershps
In-Reply-To: <CAJVRA1QPVTscS4h5ANs_xLtP+hN7S1_yinn+=oJgCjWf-6SnZw@mail.gmail.com>
References: <E1V7t3n-0003MC-8L@elasmtp-masked.atl.sa.earthlink.net>
 <CAJVRA1QPVTscS4h5ANs_xLtP+hN7S1_yinn+=oJgCjWf-6SnZw@mail.gmail.com>
Message-ID: <CAGFRu2ms5dEwnAbBeVyyFZL4E8nNknmubJ7TBA24oFcsi=kP5Q@mail.gmail.com>

On Sat, Aug 10, 2013 at 12:59 AM, coderman <coderman at gmail.com> wrote:
> Scope and Scale of NSA Collection
> According to figures published by a major tech provider, the Internet
> carries 1,826 Petabytes of
> information per day. In its foreign intelligence mission, NSA touches
> about 1.6% of that. However,
> of the 1.6% of the data, only 0.025% is actually selected for review.
> The net effect is that NSA
> analysts look at 0.00004% of the world's traffic in conducting their
> mission - that's less than one
> part in a million. Put another way, if a standard basketball court
> represented the global
> communications environment, NSA's total collection would be
> represented by an area smaller than a
> dime on that basketball court.
> """
>
>
> again we see the fallacy of "not a search/collection until reviewed by
> an analyst."...
>

Also, only 20 percent of that basketball court is web, email, IM and
other consumer data excluding file sharing, gaming and video. So if we
adjust the figure they "touch" 8 percent of our sensitive
communications. Assuming the figures are true in the first place.




From sean at alexan.org  Sat Aug 10 11:13:10 2013
From: sean at alexan.org (Sean Alexandre)
Date: Sat, 10 Aug 2013 14:13:10 -0400
Subject: Moonlet
Message-ID: <20130810181310.GA9105@tuzo>

---------------------------------------------------------------------
Moonlet
>From http://moonlet.is/:
---------------------------------------------------------------------

Moonlet will be a small scale personal cloud services collective. Our goal is
to pool together about 20-40 peoples' resources to pay for the hosting and
sysadmin time necessary to replace most or all of the cloud services we use
with ones we can trust.

Our goals are:
* To offer cloud-replacement services at a reasonable price to members
* Security and privacy are primary priorities
* Ensure a useable and well-integrated solution that replicates the hassle-free
  convenience of the better existing cloud services
* Document the process clearly so other people can replicate the experience

Why

The impetus for this is twofold:

First, cloud providers are proving unreliable in terms of continued provision
of services and respect for user privacy.

Second, paying for it on one's own is either expensive in terms of time, or
money. Almost all the software exists to duplicate all the cloud offerings one
might want to use, but getting it up and working is time consuming.  Current
status

As of June 2013, we are actively recruiting members to get this collective
started. When we have enough people able to commit to a year of membership, we
will set definitive pricing for the first year, hire an administrator and
announce a launch date.  How to get involved...

---------------------------------------------------------------------
Moonlet FAQ
>From http://eldan.co.uk/moonlet/faq.html
---------------------------------------------------------------------

We are currently recruiting members. When we have enough people, we anticipate
creating a legal entity to hold money, hire the sysadmin and so on. This will
probably be a co-op, though details are to be confirmed. Everything that
follows will be shaped by the needs of the group.  Service set

This set will evolve as we get feedback from members, but it will look something like:
* Email, with a solid webmail interface and IMAPS (GMail)
* Caldav, with a web calendar interface (Google Calendar)
* Secure online https file share (Dropbox/etc.)
* Encrypted backup, based on Tahoe-LAFS (Dropbox/etc.)
* VPN Endpoint
* Hosted to-do list (RTM/Google calendar tasks)
* XMPP/Jabber (Google Talk)
* VM instances (personal web hosting/other private services)
* Secured etherpad lite instance (Google docs)
* Shell access within VMs
* Hosted RSS reader (Google Reader)
* Hosted photo sharing (Flickr)
* Hosted wordpress instances (Blogger/etc.)
* Status.net instance (Twitter)
* SIP server, with assistance in configuring ZRTP (Skype)
* Wiki instances (PBWiki/etc.)
* Hosted bookmarking tool (Del.icio.us/Pininterest)
* Local configuration of hosted services (not tech support)
* Configuration of mobile devices

As we learn which are most important to people, and what the resource needs
& prerequisites are for some, we will decide which to include at launch, add
later or drop.

For some things, for instance etherpad lite, we may decide to offer a feature
bounty as a group to developers to make the software a better replacement -- in
that case, to support a bit more formatting, for working on more complex
documents. Some stuff, like getting a mobile device working without any public
cloud accounts, may take some time and integration research, but in general,
we're targeting a relatively tech-savvy audience, at least to start with. If
you've already got a lot of this stuff set up, the benefit for you is that you
get to not think about it any more.  Hosting

Tentatively, the primary hosting location will be Iceland because of its
favorable legal jurisdiction and good international connectivity. We are
considering a second jurisdiction for redundancy, potentially in the
Netherlands. Unfortunately for North Americans, nowhere on our continent is
suitable.

The server(s) will be running appropriately hardened Linux installs with
services segmented into VMs and encrypted physical disks and backups, etc.
We'll probably recruit both a primary and a backup admin, for human fault
tolerance.  Costs

Exact pricing will depend on both the number of people who join and the exact
costs for sysadmin time and hosting. We anticipate a range of EUR50-100 per
month, with a strong impetus to reach the lower end of the range. If costs come
in higher than expected we may recruit a larger number of members to spread the
burden.

We generally favor simplicity in pricing, but may have to itemize charges for
services that are costly to provide and used at wildly varying rates by
different individuals - most likely backup beyond a modest initial disk quota.
Discounts

We are considering asking initial members to pay for a year of service in
advance, to help handle setup costs, in exchange for which we will offer
a discount. We anticipate prices dropping after all services have been rolled
out, but can not guarantee this.

We will offer some sort of group discount, but are figuring out details. If you
have suggestions for how to take advantage of group signups to streamline the
admin work, please let us know - the more we can achieve that, the bigger
a group discount it makes sense to offer.  Questions, suggestions? ...




From sandyinchina at gmail.com  Sat Aug 10 12:37:06 2013
From: sandyinchina at gmail.com (Sandy Harris)
Date: Sat, 10 Aug 2013 15:37:06 -0400
Subject: [Freedombox-discuss] [James Vasile] tinc rollout and fbox
Message-ID: <mailman.4412.1575949050.62801.testlist@lists.cpunks.org>

Nick Daly <nick.m.daly at gmail.com> wrote:

> There's been some recent work on Tinc that I'm really excited about.
> ...

> Poke at it, let me know what you think.

Their docs include this paragraph:

" On the 15th of September 2003, Peter Gutmann posted a security
analysis of tinc 1.0.1. He argues that the 32 bit sequence number used
by tinc is not a good IV, that tinc’s default length of 4 bytes for
the MAC is too short, and he doesn’t like tinc’s use of RSA during
authentication. We do not know of a security hole in this version of
tinc, but tinc’s security is not as strong as TLS or IPsec. We will
address these issues in tinc 2.0.

Gutmann is a well-known and respected expert. His best-known
paper was one back in the 90s on reading "erased" disk drives
and what bit patterns it took to block that. Most "secure erase"
utilities around use those suggestions (even though current
drives are quite different, so those may be inappropriate now).
He has done /a lot/ of other stuff as well.

The current Tinc release is 1.0.21

My reading of that is that Tinc has known problems and
they probably will not be fixed soon. To me, that means
it is not ready for serious consideration as a component
for FreedomBox.

_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss at lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From tbiehn at gmail.com  Sat Aug 10 12:44:37 2013
From: tbiehn at gmail.com (Travis Biehn)
Date: Sat, 10 Aug 2013 15:44:37 -0400
Subject: Lavabit and End-point Security
In-Reply-To: <20130810173202.GA9012@tuzo>
References: <20130809144310.GA29800@tuzo>
 <CAHWD2rJdV=LNhCrBKgAtksyW4K5fxqqv=e_dQMju4cLXFFUBUg@mail.gmail.com>
 <20130810173202.GA9012@tuzo>
Message-ID: <CAKtE3zfQnz2-=9R__p7rSALtNHn9GZtkxjuaPkraWxx0YPSGbA@mail.gmail.com>

Its usually easier to gain access to a resource by exploiting those who
have the perms you seek.
On Aug 10, 2013 1:37 PM, "Sean Alexandre" <sean at alexan.org> wrote:
>
> On Sat, Aug 10, 2013 at 12:42:16PM +0200, Lodewijk andré de la porte
wrote:
> > 2013/8/9 Sean Alexandre <sean at alexan.org>
> >
> > > Or, maybe it was cover-up, to get the information "legally." But I'm
> > > guessing
> > > they really couldn't get what they wanted.
> > >
> >
> > This. They don't want to show people what power they have. So they use
the
> > "most public method", letters. They are very, very, very aware of what
you
> > might guess. You have to remember they could legally prevent him from
> > saying he even received letters, they have done so in the past.
> >
> > Why haven't they now? Might it have to do with you assumptions? Or is
it as
> > innocent as genuinely not wanting to cause more harm than needed?
> >
> > Do you think the NSA is innocent?
>
> I can't really argue with that. I think it's very possible this is just
> "parallel contruction" where they want to cover their tracks and say they
got
> things "legally."
>
> Still, I have to hope it's possible to run a service such as Lavabit and
have
> it be so locked down that it can't be backdoored. Nothing can be 100%
secure,
> but secure enough that it's very, very unlikely.
>
> I'd like to see a github project that has scripts (puppet?) to take a
fresh Debian
> box and lock it down as much as possible, running only ssh.
>
> Those scripts could be used to create a CTF box sitting out on the open
> Internet, for others to try and hack into. Pen test it to death. Update
the
> scripts. Make the config as perfect as possible.
>
> Then others could take those scripts and add more modules to them, for
other
> services: exim, dovecot, apache, roundcube. People could pick and choose
which
> they want to run.
>
> Put different boxes out there, as other CTF machines to pentest.
>
> Make it fun. Give people rewards, or some kind of recognition, if they
can break
> into the box.
>
> "Encryption works," we know. End-point security's the weak link. This
could be
> a way to shore that up.
>
> Thoughts?
>
Its usually easier to gain access to a resource by exploiting those who
have the perms you seek.

These types of competitions are neat; skilled attackers aren't really
incentivized to sink 0days on CTF games when there's a huge payoff for
responsibly disclosing / not to mention the potential payoff of malicious
use of an Apache code exec.

Your best bet is relying on operating systems with a good track record,
using a capabilities based security model (pax + grsec on nix). Routine
administrative bits: least privileges, patches, hardened binaries,
isolation.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3378 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130810/95e0db94/attachment.txt>

From coderman at gmail.com  Sat Aug 10 15:50:42 2013
From: coderman at gmail.com (coderman)
Date: Sat, 10 Aug 2013 15:50:42 -0700
Subject: [tor-talk] Secure email with limited usable metadata
In-Reply-To: <CAFhH=NaFujp_NKA1qS5Jp9QKNaNyhGUz+csGOUqKKJYXY-63Zw@mail.gmail.com>
References: <20130809092325.GS29404@leitl.org>
 <CAD2Ti2_S16Hi5NSqVK0Br02aWAcNK8-svFvfKZKKuxZc6Baugw@mail.gmail.com>
 <CAFhH=NaFujp_NKA1qS5Jp9QKNaNyhGUz+csGOUqKKJYXY-63Zw@mail.gmail.com>
Message-ID: <CAJVRA1SVwDFGnr=pkFks+4jcZEKyoEfwfkOgekf60GtiHGkOAg@mail.gmail.com>

On Sat, Aug 10, 2013 at 4:34 AM, Mike Hearn <hearn at google.com> wrote:
>...
> You may be interested in checking out Pond...
> https://pond.imperialviolet.org/
>
> It is an email-like messaging system that runs over Tor, has forward
> security, tries to beat traffic analysis, ...


this is the kind of messaging i would use - leaving all the
complexities and drawbacks of traditional email behind.

and StealthMonger: while the theory and design of latest generation
anonymous remailers are suitable for secure mail, the practical
realities render them unusable.


effort on real-time protocols that can defend against traffic
analysis, or other non-email systems like pond would be better spent.




From noloader at gmail.com  Sat Aug 10 18:17:42 2013
From: noloader at gmail.com (Jeffrey Walton)
Date: Sat, 10 Aug 2013 21:17:42 -0400
Subject: [cryptopolitics] Silent Circle and Secure Email
Message-ID: <mailman.4413.1575949050.62801.testlist@lists.cpunks.org>

On Fri, Aug 9, 2013 at 2:43 PM, Jeffrey Goldberg <Jeffrey at goldmark.org> wrote:
> On Aug 9, 2013, at 11:45 AM, Jeffrey Walton <noloader at gmail.com> wrote:
>
>> I'd be interested in hearing more with respect to Silent Circle
>> complicity in crimes against the American people if they supplied
>> secure email.
>
> I think you may have missed the point in the Lavabit wording of this announcement.
>
This was much clearer. "Silent Circle Ends Silent Mail Service To
Preempt Surveillance Threats,"
http://www.darkreading.com/privacy/silent-circle-ends-silent-mail-service-t/240159779:

    Silent Circle, the global encrypted communications firm
    revolutionizing mobile security for organizations and
    individuals alike, today announced it has discontinued
    its Silent Mail e-mail encryption service in order to
    preempt governments' demands for customer information
    in the escalating surveillance environment targeting
    global communications.

Jeff
_______________________________________________
cryptopolitics mailing list
cryptopolitics at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptopolitics

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From nettime at kein.org  Sat Aug 10 14:26:02 2013
From: nettime at kein.org (nettime's secret court staffer)
Date: Sat, 10 Aug 2013 23:26:02 +0200
Subject: <nettime> Interview with Lavabit's Ladar Levison
Message-ID: <mailman.4414.1575949050.62801.testlist@lists.cpunks.org>



On an phone interview with CNET and Jesse Binnall, Levison's 
Virginia-based attorney, about the decision to shutter Lavabit, Levison 
spoke about the connection between Lavabit and the Patriot Act, how he 
thinks the laws regarding privacy ought to change, and how the American 
government is failing to uphold the U.S. Constitution.

http://news.cnet.com/8301-1009_3-57597954-83/lavabit-chief-predicts-long-fight-with-feds-q-a/

__What's the key issue here? Why did you shut down Lavabit?

Levison: For me it wasn't about protecting a single user, but protecting 
the privacy of all my users, coupled with the fact that I wasn't able to 
discuss it publicly.

I believe that people have the right to know what their government is 
doing. I had an issue with me doing what they wanted me to do without 
them disclosing it.

We've had a couple of dozen court orders served to us over the past 10 
years, but they've never crossed the line...

__Until now?

Levison: I can neither confirm nor deny "until now." Are you familiar 
with the case of Aaron Swartz, familiar with the accusations of 
prosecutorial misconduct? There may be parallels between that case and this.

__If you could write the legislation covering privacy and electronic 
communication, what would it say?

Levison: One of the things that would be nice to come out of this would 
be that the court shouldn't be able to make binding decisions that are 
secret. If there's going to be legislation from the bench, so to speak, 
it needs to be open to review from the American public.

Just the idea of secret laws, so to speak, bothers me tremendously. That 
should almost be a constitutional change.

We've shown that some of our most important freedoms can't be trusted to 
Congress, they need to be placed in the Constitution. Going beyond that, 
as an Internet service provider, there needs to be a more clear 
definition of our protections.

Right now, as a third-party litigation, we effectively have no rights. 
There's no legal framework that we can fight with or against anything 
that is unjust. They're abusing their secrecy to hide their surveillance 
methods.

I think that there's a lot more that will come out, and that needs to 
come out. I obviously can't tell you what was happening and what I know, 
and I was uncomfortable with it. I'd rather shut down my service and my 
primary source of income than be complicit in crimes against the 
American people.

__In the current situation, are there any bright red lines that you 
wouldn't cross?

Levison: It's unfortunate that even our own lawmakers don't have a good 
understanding of what's going on.

Philosophically, I put myself in a position that I was comfortable 
turning over the information that I had. I built Lavabit in a reaction 
to the original Patriot Act. I didn't want to be in a position to turn 
[user data] over without judicial review.

Where the government would hypothetically cross the line is to violate 
the privacy of all of my users. This is not about protecting a single 
person or persons, it's about protecting all my users. What level of 
access to this nation does the government have?

__How did the Patriot Act influence your e-mail service?

It played a big role in how I designed the custom platform. All I needed 
when somebody registers was a name and a password. I didn't need a real 
name, address, social security number, credit card number... Why should 
I collect that info if I didn't need it? [That philosophy] also governed 
what kind of information I logged.

Speaking philosophically, I think people who hold other people's private 
information and money have an obligation to be more open to the public. 
That principle of openness has become a key issue. It's definitely 
become an issue as it relates to some of the recent coverage in the media.

The current administration is not being transparent and open about what 
it is they're doing, even to members of Congress.

__How have Lavabit's users reacted?

Levison: It's overwhelmingly positive. Some of them are understandably 
frustrated that I had to shut down without notice. I lost my one and 
only e-mail account over the past 10 years, as well. I feel my decision 
was the lesser of two evils.

__What happens to your customer's e-mails and data?

Levison: I'm looking into setting up a site where users can download 
their data and set up a forwarding [e-mail] address, but that may take a 
week or two to set up. That's all I can do until I feel confident that I 
can resume the service without having to compromise its integrity.

I will make it clear that I don't plan to use any encryption for that 
site. [People] should only use it if they feel comfortable with the 
information being intercepted. And yes, I do plan to have that 
disclaimer on the site.

Unfortunately, what's become clear is that there's no protections in our 
current body of law to keep the government from compelling us to provide 
the information necessary to decrypt those communications in secret.

I'm still looking at seeing if that's even logistically feasible -- 
there's half a billion messages [sent in the 10 years Lavabit operated]. 
By shutting down the service, I will be losing the infrastructure that I 
used to support all those people.

There's stuff that I can't share with my own lawyer. This is going to be 
a long fight.

__What made Lavabit successful?

Levison: Lavabit at the time of the shutdown had 410,000 users, with 
40,000 weekly log-ins, 200,000 e-mails sent a day -- 1.4 million e-mails 
a week.

We were in a very narrow category of what I like to call medium-sized 
providers. Once you get over the 50,000 to 100,000 user threshold, 
e-mail becomes a very difficult problem of scale. It's why you see so 
many e-mail providers come and go.

We managed to break through that barrier by building a custom platform 
to handle it. It's similar in architecture to some of the big guys 
[Google, Yahoo, and Microsoft, which combined provide Web mail to more 
than 1 billion people].

__How did Lavabit get started?

Levison: I've been a geek my entire life. I was with a group of college 
friends of mine, that was how an e-mail service by geeks, for geeks, 
came about. [It was called] Nerdshack, with an emphasis on security and 
privacy. It had POP and IMAP access. For a long time we were the only 
free POP service.

__How do you identify yourself politically?

Levison: I'm a conservative Republican. I believe in small government 
and keeping our government out of our business. But I'm from California, 
and if there's one thing we love in California, it's being able to speak 
our mind. I love God and guns, too. Texans are big on freedom. I'm 
probably a blend of [California and Texas] at this point.


#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime at kein.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From coderman at gmail.com  Sun Aug 11 02:27:54 2013
From: coderman at gmail.com (coderman)
Date: Sun, 11 Aug 2013 02:27:54 -0700
Subject: Lavabit and End-point Security
In-Reply-To: <20130809144310.GA29800@tuzo>
References: <20130809144310.GA29800@tuzo>
Message-ID: <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>

On Fri, Aug 9, 2013 at 7:43 AM, Sean Alexandre <sean at alexan.org> wrote:
> ... this says Lavabit's security was so good they
> couldn't back door his machines....
>
> I'd love to see some kind of write-up by Ladar about how he did this...maybe
> even a book.

i've been contemplating a write up about this, but the problem is once
you advertise your methods they become less effective.

there really is "security through obscurity" in this sense; when at a
resource disadvantage, every little bit counts...


if i were to summarize what i have found effective against dedicated
and resourceful attackers (again, i can't go into details :) this
would be the top 5:

1. use a common distro, but rebuild critical components - bootloader,
initramfs, openssl, openssh, the kernel, gnutls, libgmp, use 64bit,
etc.

2. use isolation and RBAC, Qubes, VirtualBox, VMWare, Parallels,
remember that VM escapes are available and expected. defense in depth
can never be too deep.

3. use constrained network access - identify anomalies, control
bandwidth, firewall ingress and egress aggressively. this implies
constant monitoring to detect such events. (another exercise left to
the reader)

4. rootkit and backdoor your own systems - use the dirty tricks to
observe and constrain your system before someone else uses dirty
tricks to compromise your system.

5. don't forget physical security - this is the universal oversight
and most effective end run around all other operational and technical
security measures. there is a reason physical access so often implies
"game over" and why black bag jobs are still and will continue to be
effective against all targets.


perhaps more later,




From coderman at gmail.com  Sun Aug 11 05:45:02 2013
From: coderman at gmail.com (coderman)
Date: Sun, 11 Aug 2013 05:45:02 -0700
Subject: Lavabit and End-point Security
In-Reply-To: <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
Message-ID: <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>

some questions, some answers, ...

On Sun, Aug 11, 2013 at 2:27 AM, coderman <coderman at gmail.com> wrote:
> ...
> 1. use a common distro, but rebuild critical components - bootloader,
> initramfs, openssl, openssh, the kernel, gnutls, libgmp, use 64bit,
> etc.

this means rebuild hardened versions of these libraries from source;
  excluding insecure cipher suites in an OpenSSL build for example,
  altering architecture optimizations, supported features, in others,

the goal being that an exploit targeted to a vanilla distribution will
more likely fail with observable error or crash, rather than succeed
silently.

many exploits are very brittle in this respect, with any change in
symbol offsets or capabilities rendering them completely ineffective.



> 2. use isolation and RBAC, Qubes, VirtualBox, VMWare, Parallels,
> remember that VM escapes are available and expected. defense in depth
> can never be too deep.

virtualization implies chained exploits for full compromise. combined
with the above you've drastically increased the cost of a successful
attack with modest effort. the likelihood of detection (by appearing
vulnerable yet not being so) is also increased.

remember that VMMs and hypervisors are themselves potentially
vulnerable software systems suitable for hardening and customization.



> 3. use constrained network access - identify anomalies, control
> bandwidth, firewall ingress and egress aggressively. this implies
> constant monitoring to detect such events. (another exercise left to
> the reader)

data exfiltration can be very visible via network behavior if you're
paying attention.  cross referencing connection state in your upstream
router vs. local OS view of sockets can identify discrepancies where
compromise has concealed covert connections. malware communicating
directly on an ethernet or wireless adapter outside of the OS is also
visible at this junction.



> 4. rootkit and backdoor your own systems - use the dirty tricks to
> observe and constrain your system before someone else uses dirty
> tricks to compromise your system.

this is mostly a variant of #1 at a kernel / system level.  like
notepad.exe connecting to the internet, there are some syscall, file
access, and network requests which are clearly anomalous and
indicators of compromise.



> 5. don't forget physical security - this is the universal oversight
> and most effective end run around all other operational and technical
> security measures. there is a reason physical access so often implies
> "game over" and why black bag jobs are still and will continue to be
> effective against all targets.

this is a storied tangent unto itself...


last but not least: you must develop a routine of continuous hardening
and improvement. these steps are not done once and finished; they are
elements within a larger strategy of operational rigor defending
against motivated and capable attackers. asking for my "hardened linux
build" is missing the point entirely!




From demonfighter at gmail.com  Sun Aug 11 03:51:32 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Sun, 11 Aug 2013 06:51:32 -0400
Subject: Lavabit and End-point Security
In-Reply-To: <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
Message-ID: <CAOFDsm0BY=mhOp-YNQsNa-66AEqfvHTANVr3qn+JaWK1QgfjxA@mail.gmail.com>

On Sun, Aug 11, 2013 at 5:27 AM, coderman <coderman at gmail.com> wrote:

> if i were to summarize what i have found effective against dedicated
> and resourceful attackers (again, i can't go into details :) this
> would be the top 5:
>
> 1. use a common distro, but rebuild critical components - bootloader,
> initramfs, openssl, openssh, the kernel, gnutls, libgmp, use 64bit,
> etc.
>

By "rebuild" do you mean compile it yourself or are you talking full-up
review and rewrite? The former should be no problem for anyone capable of
setting up a secure hosting service. The latter is probably beyond the
means of small teams in any commercially reasonable timeframe.

-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1134 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130811/43634e24/attachment.txt>

From sean at alexan.org  Sun Aug 11 04:30:29 2013
From: sean at alexan.org (Sean Alexandre)
Date: Sun, 11 Aug 2013 07:30:29 -0400
Subject: Moonlet
In-Reply-To: <20130810181310.GA9105@tuzo>
References: <20130810181310.GA9105@tuzo>
Message-ID: <20130811113029.GB14031@tuzo>

I should say I'm not affiliated with this project. Their contact info is here:
http://moonlet.is/:

On Sat, Aug 10, 2013 at 02:13:10PM -0400, Sean Alexandre wrote:
> ---------------------------------------------------------------------
> Moonlet
> From http://moonlet.is/:
> ---------------------------------------------------------------------
...




From jya at pipeline.com  Sun Aug 11 05:30:08 2013
From: jya at pipeline.com (John Young)
Date: Sun, 11 Aug 2013 08:30:08 -0400
Subject: DIY Spy Germicide
Message-ID: <E1V8Ulr-00012Z-OS@elasmtp-scoter.atl.sa.earthlink.net>

DIY Germicide:

http://prism-break.org
http://lockerproject.org/
https://securityinabox.org/
http://eyebeam.org/research/calls/request-for-proposals-prism-break-up





From dan at geer.org  Sun Aug 11 05:43:12 2013
From: dan at geer.org (dan at geer.org)
Date: Sun, 11 Aug 2013 08:43:12 -0400
Subject: [FoRK] <nettime> Statement: Why Secure Email Provider Lavabit closes down
Message-ID: <mailman.4415.1575949050.62801.testlist@lists.cpunks.org>



Only founders, like Ladar and the Silent Circle folks, can have
the combination of integrity and guts that chooses shutdown over
complicity.  Corporations with significant market capitalization
and global footprint simply cannot -- take MSFT / Skype if needing
a current example.
  
   
   "The finest steel has to go through the hottest fire."
	-- Richard M. Nixon
	   
	    
_______________________________________________
FoRK mailing list
http://xent.com/mailman/listinfo/fork

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From adi at hexapodia.org  Sun Aug 11 08:55:42 2013
From: adi at hexapodia.org (Andy Isaacson)
Date: Sun, 11 Aug 2013 08:55:42 -0700
Subject: Lavabit and End-point Security
In-Reply-To: <20130811143955.GA17288@tuzo>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
 <20130811143955.GA17288@tuzo>
Message-ID: <20130811155541.GF27178@hexapodia.org>

On Sun, Aug 11, 2013 at 10:39:55AM -0400, Sean Alexandre wrote:
> your more typical sys admin could find
> and use. They might not have everything, but enough to make their services
> 99.99% secure. Those that provide the info would probably still have some
> things to their own and be 99.9999% secure. 

Security doesn't work that way.  Keeping your system secure is like
walking a tightrope across a gorge filled with ravenous tigers every
morning.  There are a billion ways to fuck up and get owned/eaten by the
tigers, and asking someone who's successfully walked the tightrope every
day for 40 years "tell me your secret?" completely misses the point.

The expert can share advice and point out when you're about to step off
the tightrope, but no kind of advice can substitute for your own caution
and experience.  Pretending that a magic balance bar, or a magic
technique that can be applied without careful thought, or a magic shoe
that will make you stick to the rope, will save you is the kind of thing
that works in a fairy tale but not in real life.

The analogy breaks down, though, because in fact you can get totally
owned, through and through; exfiltrated, impersonated, and strung up
by a prosecutor before a secret grand jury before you even learn that
your security has failed.  At least the tiger has the courtesy of giving
you pain when you fail.

-andy




From albill at openbuddha.com  Sun Aug 11 09:57:03 2013
From: albill at openbuddha.com (Al Billings)
Date: Sun, 11 Aug 2013 09:57:03 -0700
Subject: Moonlet
In-Reply-To: <20130811113029.GB14031@tuzo>
References: <20130810181310.GA9105@tuzo> <20130811113029.GB14031@tuzo>
Message-ID: <EF826B092861483EBB4F62EEC48E10C8@openbuddha.com>

I'm affiliated but we are mainly just gathering people now to get the money together. Our email list is the best way to talk to folks. 

-- 
Al Billings
http://makehacklearn.org


On Sunday, August 11, 2013 at 4:30 AM, Sean Alexandre wrote:

> I should say I'm not affiliated with this project. Their contact info is here:
> http://moonlet.is/:
> 
> On Sat, Aug 10, 2013 at 02:13:10PM -0400, Sean Alexandre wrote:
> > ---------------------------------------------------------------------
> > Moonlet
> > From http://moonlet.is/:
> > ---------------------------------------------------------------------
> > 
> 
> ...
> 
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1169 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130811/72172c0f/attachment.txt>

From sean at alexan.org  Sun Aug 11 07:39:55 2013
From: sean at alexan.org (Sean Alexandre)
Date: Sun, 11 Aug 2013 10:39:55 -0400
Subject: Lavabit and End-point Security
In-Reply-To: <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
Message-ID: <20130811143955.GA17288@tuzo>

On Sun, Aug 11, 2013 at 05:45:02AM -0700, coderman wrote:
> some questions, some answers, ...

Thanks. I appreciate your point about how "security through obscurity" factors
into this.

I wonder, though, about putting as much of possible of this online somewhere with
tutorials, scripts, forums, etc. that your more typical sys admin could find
and use. They might not have everything, but enough to make their services
99.99% secure. Those that provide the info would probably still have some
things to their own and be 99.9999% secure. 

Included in the scripts and info would be ways to record artifacts of an
exploit, and quickly and securely store them where they could be used to patch.
The cost for dropping a 0day on a service provider goes through the roof.




From adi at hexapodia.org  Sun Aug 11 11:50:45 2013
From: adi at hexapodia.org (Andy Isaacson)
Date: Sun, 11 Aug 2013 11:50:45 -0700
Subject: Moonlet
In-Reply-To: <EF826B092861483EBB4F62EEC48E10C8@openbuddha.com>
References: <20130810181310.GA9105@tuzo> <20130811113029.GB14031@tuzo>
 <EF826B092861483EBB4F62EEC48E10C8@openbuddha.com>
Message-ID: <20130811185045.GL27178@hexapodia.org>

On Sun, Aug 11, 2013 at 09:57:03AM -0700, Al Billings wrote:
> I'm affiliated but we are mainly just gathering people now to get the
> money together. Our email list is the best way to talk to folks. 

Are you referring to the google group
https://groups.google.com/forum/?fromgroups#!aboutgroup/moonlet

or is there another, less cloudy, mailing list?

-andy




From adam at cypherspace.org  Sun Aug 11 03:13:28 2013
From: adam at cypherspace.org (Adam Back)
Date: Sun, 11 Aug 2013 12:13:28 +0200
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
Message-ID: <20130811101328.GA386@netbook.cypherspace.org>

About physical access - there is one non-physical solution to this - hide
the location of the server behind tor, proxies etc.  Seems to work
remarkably well for pirate bay.  I cant imagine its that big a secret as to
where the packets are routed from the current proxy to the current physical
host, but seemingly NSA type resources have not been brought to bear against
it.  Step one for the attacker is to find it.  Maybe physical tamper
detection can wipe the RAM, cold reboot as the cage unlocked, or box is
opened, and immediately switch to the back up server in a different tor
hidden physical location.

One thing that occurs to me is that aside from the laundering of NSA tip
offs to FBI etc with faked plausible trails, that have been reported on
lately; there was an aspect that they would be hesitant to reveal what they
could tap, correlate etc, or under what circumstances they would abuse
national security (military) resources for various levels of criminal
activity (major, organized to minor, petty, or political misuse).  

But the very fact that Snowden did the world a favour in disclosing the
illegal activities of the NSA and global partners, now people know what they
are doing or can better imagine, and not discount as paranoia, consequently
maybe once the dust has settled they will feel freer to feed ever more petty
or political or corporate espionage related information.  After all they'd
no longer be risking knowledge of information capability, or political
willingness.  Everyone pretty much figures they're in it up to their elbows
with corporate espionage (boeing vs airbus wiretaps), minor crimes with
fabricated evidence trails (maybe they wont bother fabricating them even in
future) and perhaps the political stuff though that is really evil and
anti-democractic (eg tea-party member IRS audits, blackmail etc).

It seems to me companies need to delegate code review and signing to a civil
society charitable organization with smart use of jurisdictions.  eg Germany
(chaos computer club code signing silent circle code?), Switzerland,
Iceland, or psuedonymous but high reputation individuals or groups.  Or
privacy groups which may have a more clear disinterest and immunity from
financial blackmail (like USG will cancel contracts if ISP, internet
service, or softwre company doesnt fold to NSL or other extra-legal
threats).  Or maybe EFF, privacy international etc.  Via their lawyers they
could retain a highly competent and pseudonymous team of technical reviews
and code signing that companies that care to demonstrate their alignment to
providing end to end secure services to their users would if it became
popular given an explanation of why they were not protected by independent
review based code signatures.

Adam

On Sun, Aug 11, 2013 at 02:27:54AM -0700, coderman wrote:
>5. don't forget physical security - this is the universal oversight
>and most effective end run around all other operational and technical
>security measures. there is a reason physical access so often implies
>"game over" and why black bag jobs are still and will continue to be
>effective against all targets.




From sean at alexan.org  Sun Aug 11 09:18:53 2013
From: sean at alexan.org (Sean Alexandre)
Date: Sun, 11 Aug 2013 12:18:53 -0400
Subject: Lavabit and End-point Security
In-Reply-To: <20130811155541.GF27178@hexapodia.org>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
 <20130811143955.GA17288@tuzo>
 <20130811155541.GF27178@hexapodia.org>
Message-ID: <20130811161853.GA22306@tuzo>

On Sun, Aug 11, 2013 at 08:55:42AM -0700, Andy Isaacson wrote:
> Security doesn't work that way.  Keeping your system secure is like
> walking a tightrope across a gorge filled with ravenous tigers every
> morning.  There are a billion ways to fuck up and get owned/eaten by the
> tigers, and asking someone who's successfully walked the tightrope every
> day for 40 years "tell me your secret?" completely misses the point.
> 
> The expert can share advice and point out when you're about to step off
> the tightrope, but no kind of advice can substitute for your own caution
> and experience.  Pretending that a magic balance bar, or a magic
> technique that can be applied without careful thought, or a magic shoe
> that will make you stick to the rope, will save you is the kind of thing
> that works in a fairy tale but not in real life.

I'm simply advocating for resources that would help sys admins develop the
skills they need. Nothing more. 




From albill at openbuddha.com  Sun Aug 11 12:22:07 2013
From: albill at openbuddha.com (Al Billings)
Date: Sun, 11 Aug 2013 12:22:07 -0700
Subject: Moonlet
In-Reply-To: <20130811185045.GL27178@hexapodia.org>
References: <20130810181310.GA9105@tuzo> <20130811113029.GB14031@tuzo>
 <EF826B092861483EBB4F62EEC48E10C8@openbuddha.com>
 <20130811185045.GL27178@hexapodia.org>
Message-ID: <4B8FA1B7A0F84421A6262C7CFA3A2233@openbuddha.com>

That's the only list.  

-- 
Al Billings
http://makehacklearn.org


On Sunday, August 11, 2013 at 11:50 AM, Andy Isaacson wrote:

> On Sun, Aug 11, 2013 at 09:57:03AM -0700, Al Billings wrote:
> > I'm affiliated but we are mainly just gathering people now to get the
> > money together. Our email list is the best way to talk to folks. 
> > 
> 
> 
> Are you referring to the google group
> https://groups.google.com/forum/?fromgroups#!aboutgroup/moonlet
> 
> or is there another, less cloudy, mailing list?
> 
> -andy 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1370 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130811/2997b236/attachment.txt>

From coderman at gmail.com  Sun Aug 11 13:28:53 2013
From: coderman at gmail.com (coderman)
Date: Sun, 11 Aug 2013 13:28:53 -0700
Subject: Lavabit and End-point Security
In-Reply-To: <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
Message-ID: <CAJVRA1TV+4wxBT3tp0zmYViz5vW5K_fqs=C_+JDoW8zGSAGVwQ@mail.gmail.com>

one last cautionary tale:

some time back i used the techniques discussed to harden some Android
phones brought with me into a hostile environment. i had kernel level
protections in place, hardened the system configuration and services,
pared down apps to the minimum and constrained their access to the
file system and network. this was months of effort.

the first adversarial encounter went very well in my favor - all of
the attempts to exploit my devices were thwarted at these various
layers and via these protections, with the sole exception of a Google
Voice Search hack that kept voice search active in an "open mic night"
eavesdropping capability.  this was quickly nullified via kill -STOP
(Android won't re-spawn an app that is already running, and a stopped
process proved quite effective at halting this repeated invocation of
search used to capture audio.)


fast forward to round two, and i doubled down on the kernel, system,
and application level protections. even more scrutiny is applied to
applications to avoid the misuse of legitimate functionality for
malicious purpose.  i am feeling confident!


... and then a baseband exploit easily walks under all of my
protections at every layer, completely and fully 0wning my devices,
with the only hint at anything amiss being the elevated thermal
dissipation and power consumption from the radios performing data
transmission, all while the Android OS believed the devices were
silent in airplane mode.

[informative interlude: software defined transceivers should be in
every hacker toolbox; radio level attacks are otherwise invisible to
you. they are also useful for many other purposes, perhaps one day
even providing a solution to the untrustworthy proprietary firmware
and baseband systems crammed into every mobile device these days.]


---


incidentally, this also demonstrates why IOMMU / VT-d guest isolation
of devices on the host bus is very useful, as a vulnerable NIC could
otherwise provide complete access to privileged memory and interfaces
just like the baseband exploit above...  assuming your CPU itself is
trustworthy!

"trusting trust" continues to be a persistent and difficult problem,
leaving us all vulnerable to some degree or another - it's just a
function of cost and skill to compromise.  turtles all the way down!


;P




From jerzyma at interia.eu  Sun Aug 11 08:40:49 2013
From: jerzyma at interia.eu (Jerzy Łogiewa)
Date: Sun, 11 Aug 2013 17:40:49 +0200
Subject: [liberationtech] Secure Android guide?
Message-ID: <mailman.4416.1575949050.62801.testlist@lists.cpunks.org>

I read this: http://www.wired.co.uk/news/archive/2013-08/09/recycling-bins-are-watching-you

"The unique identifying numbers of over half a million smartphones have been recorded by a network of recycling bins in central London. Hundreds of thousands of pedestrians walking past 12 locations unknowingly had the unique MAC address of their smartphones recorded by Renew London."

Maybe also it should be added to this list, some thought about MAC and DHCP randomness? Is this feature included in any of tools recommended?

--
Jerzy Łogiewa -- jerzyma at interia.eu

-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Sun Aug 11 10:26:59 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 11 Aug 2013 19:26:59 +0200
Subject: [Freedombox-discuss] [James Vasile] tinc rollout and fbox
Message-ID: <20130811172659.GH29404@leitl.org>

----- Forwarded message from Sandy Harris <sandyinchina at gmail.com> -----


From l at odewijk.nl  Sun Aug 11 12:46:16 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Sun, 11 Aug 2013 21:46:16 +0200
Subject: Lavabit and End-point Security
In-Reply-To: <20130811161853.GA22306@tuzo>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
 <20130811143955.GA17288@tuzo> <20130811155541.GF27178@hexapodia.org>
 <20130811161853.GA22306@tuzo>
Message-ID: <CAHWD2r+cx40SZK_imRNSwZ=+9fi+7dXkSDpL2QPTigKdJc5VyA@mail.gmail.com>

I disagree with the walking a thin bar analogy.

The problem with security is that if it's open it's really open. I think
it's better to compare the security with the skin. The more skin you hide
the less easily it'll get poked through, but if you miss some spots you can
still get all the blood unless you have something to keep it in.

I suppose an analogy to the human body is the server is more explanatory.

So I tend to want to ask "are there any holes anywhere" or "where is my
armor the thinnest?". And I've found that "other person software" is the
mayor hole in everything. Honestly, it's hardly ever the code you write
yourself that's the problem. Also because hard lifting is done for you, but
the point remains that there's something about big-kernels and systems
packed with bulging software packages are just.. It's hell. So much skin.
So hard to check.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1010 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130811/9a770c3d/attachment.txt>

From checker at panix.com  Sun Aug 11 15:02:47 2013
From: checker at panix.com (Frank Forman)
Date: Sun, 11 Aug 2013 22:02:47 +0000 (GMT)
Subject: [tt] NS 2929: Meshnet activists rebuilding the internet from scratch
Message-ID: <mailman.4417.1575949050.62801.testlist@lists.cpunks.org>

NS 2929: Meshnet activists rebuilding the internet from scratch
http://www.newscientist.com/article/mg21929294.500-meshnet-activists-rebuilding-the-internet-from-scratch.html

* 08 August 2013 by Hal Hodson

Worried about the NSA snooping on your email? Maybe you need to start
creating your own personal internet

THE internet is neither neutral nor private, in case you were in any
doubt. The US National Security Agency can reportedly collect nearly
everything a user does on the net, while internet service providers
(ISPs) move traffic according to business agreements, rather than
what is best for its customers. So some people have decided to take
matters into their own hands, and are building their own net from
scratch.

Across the US, from Maryland to Seattle, work is underway to
construct user-owned wireless networks that will permit secure
communication without surveillance or any centralised organisation.
They are known as meshnets and ultimately, if their designers get
their way, they will span the country.

Dan Ryan is one of the leaders of the Seattle Meshnet project, where
sparse coverage already exists thanks to radio links set up by fellow
hackers. Those links mean that instead of communicating through
commercial internet connections, meshnetters can talk to each other
through a channel that they themselves control.

Each node in the mesh, consisting of a radio transceiver and a
computer, relays messages from other parts of the network. If the
data can't be passed by one route, the meshnet finds an alternative
way through to its destination. Ryan says the plan is for the Seattle
meshnet to extend its coverage by linking up two wireless nodes
across Lake Union in downtown Seattle. And over the country at the
University of Maryland, Baltimore County, student Alexander Bauer is
hoping to build a campus meshnet later this year. That will give his
fellow students an alternative communications infrastructure to the
internet.

While these projects are just getting off the ground, a mesh network
in Catalonia, Spain, is going from strength to strength. Guifi was
started in the early 2000s by Ramon Roca, an Oracle employee who
wanted broadband at his rural home. The local network now has more
than 21,000 wireless nodes, spanning much of Catalonia. As well as
allowing users to communicate with each other, Guifi also hosts web
servers, videoconferencing services and internet radio broadcasts,
all of which would work if the internet went down for the rest of the
country.

So successful is the community model that Guifi is now building
physical fibre-optic links to places like hospitals and town halls
where it can help carry the heaviest traffic.

Earlier this month, the General Hospital in the Catalan town of Gurb
was wired up to Guifi with a fibre-optic link, and cable is being
rolled out into the nearby town of Calldetenes too.

In the US, people can generally already get online with relative
ease, so meshnets there are less about facilitating access and more
about security, privacy and net neutrality - the idea that ISPs
should treat all traffic equally, and not charge more for certain
types.

After the extent of the NSA's clandestine PRISM program was revealed,
privacy advocates like the Electronic Frontier Foundation urged users
to start using relatively simple email encryption programs like
Pretty Good Privacy and GNU Privacy Guard. But even those can be
daunting to set up. A better idea would be a decentralised network
that relies on encryption by default.

This is the case with Hyperboria, the virtual layer that underpins
meshnet efforts in the US. Hyperboria is a virtual meshnet because it
runs through the existing internet, but is purely peer-to-peer. This
means people who use it exchange information with others directly
over a completely encrypted connection, with nothing readable by any
centralised servers.

When physical meshnet nodes like those in Maryland and Seattle are
set up, existing Hyperboria connections can simply be routed through
them. At the moment, Hyperboria offers a blogging platform, email
services, and even forums similar to reddit.

Encryption is the starting point. Computer researcher Caleb James
DeLisle wrote software called cjdns which allows the Seattle Meshnet
nodes to use Hyperboria and keep all communications between them
encrypted. Instead of letting other computers connect to you through
a shared IP address which anyone can use, cjdns only lets computers
talk to one other after they have verified each other
cryptographically. That means there is no way anyone can be
intercepting your traffic.

The Seattle Meshnet has just completed a successful crowdfunding
campaign for meshboxes - routers that come preloaded with the cjdns
software needed to join Hyperboria. Users will just plug the routers
into their existing internet connection and be ready to go on the
virtual meshnet - or a local physical meshnet when one becomes
available.

Some form of encryption is already in use across much of the
internet, but to be useful it has to be ubiquitous. Web services like
Gmail, for example, let you log in using an encrypted connection. But
when you send an email it leaves Google's encrypted garden and hits
the open web in clear text for anyone to read. With Hyperboria's
peer-to-peer connections, every single link in the chain of
communication is fully encrypted. Intermediaries that handle traffic
cannot even see what kind of traffic it is, let alone read any email.
Use the purpose-built hyperboria.name email service, and your
communication becomes untraceable.

Instead of a few established players building network infrastructure,
DeLisle wants anyone to be able to do it. For him, decentralised
internet access in the hands of the people is just a start. The
services they use must be decentralised, too. "If people continue to
use Facebook, they will continue to be spied on, that's just the
reality of the world."

Into the darknet

Visions of a decentralised internet come with a seedier side - the
darknet. One way to access it is through the anonymising routing
service Tor, which lets a user find hidden web pages that have .onion
addresses, rather than IP addresses. But anonymisation like this can
facilitate otherwise unacceptable activities. Illegal drug market,
Silk Road can only be accessed using its .onion address. But
Alexander Bauer, who works on a meshnet in Maryland thinks meshnets
are less likely to carry this content. Any website that can
successfully run on a meshnet must be socially acceptable to every
peer they connect with, making it less attractive for child
pornographers or websites like Silk Road.

"That's why we don't think the network will be taken over by child
porn. You have to have someone accept what's on your node in order
for them to pass your traffic around," he says.
_______________________________________________
tt mailing list
tt at postbiota.org
http://postbiota.org/mailman/listinfo/tt

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From nettime at kein.org  Sun Aug 11 16:23:00 2013
From: nettime at kein.org (nettime's_orchid_man)
Date: Sun, 11 Aug 2013 22:23:00 -0100
Subject: <nettime> Adam Curtis: BUGGER
Message-ID: <mailman.4418.1575949050.62801.testlist@lists.cpunks.org>

< http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER>

BUGGER: MAYBE THE REAL STATE SECRET IS THAT SPIES AREN'T VERY GOOD
AT THEIR JOBS AND DON'T KNOW VERY MUCH ABOUT THE WORLD

   Thursday 8 August 2013, 17:31

     Adam Curtis

   The recent revelations by the whistleblower Edward Snowden were
   fascinating. But they -- and all the reactions to them -- had one
   enormous assumption at their heart.

   That the spies know what they are doing.

   It is a belief that has been central to much of the journalism about
   spying and spies over the past fifty years. That the anonymous figures
   in the intelligence world have a dark omniscience. That they know
   what's going on in ways that we don't.

   It doesn't matter whether you hate the spies and believe they are
   corroding democracy, or if you think they are the noble guardians of
   the state. In both cases the assumption is that the secret agents know
   more than we do.

   But the strange fact is that often when you look into the history of
   spies what you discover is something very different.

   It is not the story of men and women who have a better and deeper
   understanding of the world than we do. In fact in many cases it is the
   story of weirdos who have created a completely mad version of the world
   that they then impose on the rest of us.

   I want to tell some stories about MI5 -- and the very strange people who
   worked there. They are often funny, sometimes rather sad -- but always
   very odd.

   The stories also show how elites in Britain have used the aura of
   secret knowledge as a way of maintaining their power. But as their
   power waned the "secrets" became weirder and weirder.

   They were helped in this by another group who also felt their power was
   waning -- journalists. And together the journalists and spies concocted
   a strange, dark world of treachery and deceit which bore very little
   relationship to what was really going on. And still doesn't.

          [image: Secret Squirrel]

   PROLOGUE -- SALISBURY PLAIN 1991

   In January 1991, as the Gulf War began, MI5 became convinced they had
   discovered a secret Iraqi terror organisation based in Britain.

   They had found a list of thirty three Iraqis who were studying for PhDs
   in London. The list had been sent by the Iraq embassy in London to the
   Bank of England to ask the Bank not to freeze the grants the students
   lived on. The Bank sent the list to MI5 and the agents quickly realised
   that actually they were looking at something far worse -- a nationwide
   Iraqi military terror cell.

   The reason they knew this was because the person who sent the list was
   the deputy military attache at the embassy.

   Immediately the police were told to swoop on the 33 "students" -- and
   they were taken to a disused military camp at Rollestone in the middle
   of Salisbury plain and interned as prisoners of war. They were
   surrounded by two levels of high security razor wire and guarded by a
   hundred heavily armed soldiers.

   It was the first time anyone had been held like this in Britain since
   the Second World War.

          [movie]

   In fact the letter showed nothing of the kind. The Iraqi military
   attache was also in charge of administering student grants for Iraqis
   studying in Britain.

   Some of them did get funding from the Iraqi military -- for studying
   things like the structure of polymers. But, as a British professor
   pointed out, if that same interpretation were applied to British
   science students, over half of them would be immediately re-classified
   as terrorists.

   Here is part of a programme made later that year about the absurdity of
   what happened. It shows how neither the detainees or their lawyers were
   even allowed to know what the evidence was that had led to them being
   imprisoned.

   The man who defends MI5 with such fervor will turn up later in this
   story -- playing a very odd role. he is called Nigel West -- but his real
   name is Rupert Allason.

   I've added on the news reports of the same Iraqis suddenly being
   released from the heavily fortified camp. But now everyone is referring
   to them as "students".

          [movie]

   An inquiry was held later that year into the scandal. It asked MI5 to
   produce its evidence. Other than the letter, the secret agents came up
   with nothing.

   They had imagined the whole thing. But they justified it by saying

   "It was best to err on the side of caution".

   NEARLY A HUNDRED YEARS EARLIER

   THE DAILY MAIL CIRCULATION DEPARTMENT 1906

   William Le Queux was a popular novelist in the early part of the
   twentieth century. He was half French, half British and he wrote books
   with wonderful titles like Strange Tales of a Nihilist.

          [image: Strange Tales of a Nihilist]

   Le Queux had started off as a journalist on the Daily Mail -- but then
   had travelled around Europe getting to know lots of famous and infamous
   people. But as he did so he became convinced that many of the European
   countries, but most of all Germany, envied Britain and wanted to get
   their hands on the wealth of the Empire.

   The trouble was that the British people didn't realise this. So Le
   Queux set out to warn them -- above all by telling them that the Germans
   were sending spies to Britain to prepare for an invasion.

          [image: Le Queux book covers]

   But the ruling classes in Britain laughed at Le Queux. They said it was
   just fiction -- which it was. Plus he wasn't really British and he
   hadn't been to a proper school, he was far too vulgar and insistent in
   his patriotism. In short he was a bore.

   So Le Queux did what anyone in their right mind would do in such a
   situation. He turned to the Daily Mail.

   He wrote a gripping account of a future German invasion of Britain and
   took it to Lord Northcliffe who ran the Mail. It was called "The
   Invasion of 1910" and it described how the Germans landed in East
   Anglia and marched on London.

   Northcliffe loved it -- but the Mail's circulation department said that
   many of the towns on Le Queux's invasion route didn't have many actual
   or potential Daily Mail readers in them.

   So Lord Northcliffe changed the route of the invasion to make sure that
   all the towns that were sacked and pillaged had lots of Daily Mail
   readers. Here is the map of the invasion as agreed with the circulation
   department.
   
     [image: Le Quex map]

   The serialisation was an enormous success. The prime minister got up in
   the House of Commons and said Le Queux was "a pernicious scaremonger"
   and that the story was "calculated to alarm the more ignorant public
   opinion at home."

   Result.

   Then things started getting out of control. Thousands of Daily Mail
   readers sent Le Queux letters telling him that they had spotted people
   acting suspiciously -- which meant they must be German spies.

   The letters were mirror images of what Le Queux had written in his
   books. But rather than making him suspicious, Le Queux decided that
   this proved that what he had written as fiction must actually be true.
   There was a gigantic German spy ring in Britain.

   Thousands of Daily Mail readers couldn't be wrong.

   The man whose job it was to uncover spies in Britain was very excited
   by all this. he was called Colonel Edmonds. He had a tiny budget and
   two assistants -- and noone on the General Staff bothered with him.

   But now Col. Edmonds saw his chance. He teamed up with Le Queux and
   together they bombarded the Committee for Imperial Defence with the
   evidence from the Daily Mail readers. Edmonds said that the government
   should set up a "secret service bureau" to combat the threat.

   The head of the Committee -- Lord Haldane -- said this was ridiculous.
   But even he couldn't stand against the wave of spy fever that was
   sweeping the country. He gave in -- and MI5 was set up -- created in
   large part by the dreams of a socially excluded novelist, and the
   paranoid imaginings of the readers of the Daily Mail.

     [image: Le Quex title page, Spies of the Kaiser]

   But the problem for MI5 was that the spy network didn't exist. The
   Germans did have some agents in Britain -- but nothing like the 5000
   that Le Queux had described.

   When war against Germany was declared in 1914 -- MI5 immediately rounded
   up 21 alleged German spies and proudly announced they had broken the
   network. But a brilliant piece of historical research by the historian
   Nicholas Hiley has shown that this wasn't true.

   Hiley doesn't mince his words. Here are his conclusions (Kell and Holt
   Wilson were the director and deputy directors):

   "One of the most famous successes of the British Security Service was
   its great spy round-up of August 1914. The event is still celebrated by
   MI5, but a careful study of the recently-opened records show it to be a
   complete fabrication -- MI5 created and perpetuated this remarkable lie.

   The great spy round-up of August 1914 never took place -- as it was a
   complete fabrication designed to protect MO5(G) from the interference
   of politicians or bureaucrats.

   The claim made next day that all but one had been arrested was false,
   and its constant repetition by Kell and Holt-Wilson was a lie."

   In other words -- MI5 had followed the shining example of William Le
   Queux and made it all up.

   But that didn't matter -- because it made a great story, and journalists
   loved it. Even in 1997 the BBC made a breathless documentary -- using
   the recently released files -- about how in 1914 MI5 had brilliantly
   rounded up the Kaiser's spy network on the eve of the first world war.

   Aside from perpetuating a fiction, the film has two great moments -- one
   is an interview with the grandson of the deputy head of MI5 who has an
   immortal line about his grandfather -- "of course he was very private
   about MI5 -- so the family knew nothing".

   And the end the programme has some wonderful stills of the party MI5
   held to celebrate the end of the war -- it's on their rooftop. Their
   faces are great.

          [movie]

   After the first world war MI5 declined in importance. But with the
   growing fears of communism in the 1920s and 30s a new threat emerged -
   not just communist agents from abroad, but British communists who might
   betray their own country.

   In many cases they came from the same upper classes as those running
   the secret services. And a strange dance began -- of toffs suspecting
   toffs.

   But even then MI5 couldn't get it right.

   Take the case of Cecil Day Lewis -- who was Daniel Day Lewis' father.
   Back in the 1930s he was a teacher at Cheltenham College -- one of the
   great Victorian public schools.

   But, despite his job, Cecil was convinced that he was really a
   revolutionary. And in 1933 he decided to foment revolutionary action in
   Britain -- by writing a poem. It was an epic he called "The Magnetic
   Mountain". He said his aim was to create

   "A violently revolutionary poem with abundant images (for example) of a
   barren, cancerous land led by 'getters not begetters', demanding 'It is
   now or never, the hour of the knife/ The break with the past, the major
   operation."

   Here is Cecil Day-Lewis looking both poetic and radical -- alongside
   some of the poem -- (you can see where Daniel Day Lewis gets it all
   from).

          [image: Cecil Day Lewis with poem]

   But Day-Lewis was disappointed by the lack of reaction. He admitted
   that the poem "did not create the slightest ripple of outrage amongst
   the guardians of Cheltenham."

   Even though the communist magazine -- the Partisan Review -- had said
   that it was "perhaps the most important revolutionary poem as yet
   written by an Englishman".

   And then MI5 noticed Cecil Day-Lewis. Not because of the poem -- but
   because he had sent ?5 as a donation to the headquarters of the
   Communist Party in London. So MI5 decided to put Day-Lewis under
   intense surveillance.

   The historian James Smith has written a wonderful book about how MI5
   spent a lot of time covertly watching many upper class British writers
   between 1930 and 1960. It is a great book because what it records is a
   strange and confused dance of manners among different parts of the
   British elite.

   Smith describes how MI5 got the local police to spend weeks watching
   Day-Lewis' house and intercepting his post. But they found nothing
   suspicious. Their report said that:

   "Day-Lewis seldom wears a hat, and is not altogether of smart
   appearance in dress. He is a good singer. He has moved into his cottage
   after having considerable structural improvements done there."

   MI5 were completely incompetent. They didn't discover the poem that
   Day-Lewis hoped would help to bring about a communist uprising in
   Britain.

   And not only did they miss the poem -- they didn't even realise he was a
   poet. All in all MI5 found nothing dangerous or revolutionary about
   Cecil Day-Lewis. It was humiliating.

   But they might have been right. James Smith describes how a few years
   later in 1940 Cecil Day Lewis was getting his mistress Rosamund Lehmann
   to pull strings in the British establishment so he could avoid getting
   called up to go and fight the fascists.

          [image: MI5 vol 1 secret]

   But in 1940 MI5 had its greatest success. It not only found a real
   German spy network in Britain -- but managed to persuade many of the
   German agents to switch sides.

   It was called the Double-Cross system -- and it is celebrated in
   histories of MI5 as a brilliant use of espionage. The German agents
   carried on spying for their masters in Berlin -- sending back detailed
   reports. But the information was all fake, designed to mislead and
   confuse the Nazis.

   But something else happened to all the intelligence agencies during the
   war -- MI6 as well as MI5. As they grew massively in size they became
   riddled with factions and infighting. And because all this happened
   behind a wall of secrecy, there was little to stop things becoming
   vicious and poisonous.

   The journalist Phillip Knightley has written a really good history of
   spies -- called The Second Oldest Profession. In it he quotes an agent
   describing what happened during the war years:

   "The whole organisation was riddled with nepotism -- dim, dreary people
   of utter unmemorability; sub-men who were doubled up with other sub-men
   to create an illusion of strength and only doubled the weakness; others
   made memorable only by poisonous, corrupt malevolence or crass, mulish
   stupidity; the whole run by a chain of command remarkable for its
   feebleness. The entire service was decrepit and incompetent."

   At the end of the war the new Labour government knew that something had
   to be done to sort out MI5. So they went and found Percy Sillitoe -- who
   was running a sweet shop in Eastbourne

     [image: Sillitoe]

   Sillitoe had retired after being Chief Constable of Glasgow -- where he
   had become famous as the only policeman brave enough to take on the
   "Razor Gangs" in the eastern part of the city.

   The gangs had names like The Bingo Boys and The Baltic Fleet -- and they
   terrorised Glasgow as they fought each other with hatchets, swords,
   open razors -- and razor blades stitched into the brims of their hats.

   You can get a sense of Sillitoe from this short film where he shows the
   BBC a new kind of armoured car he has invented to stop criminals
   holding up vans carrying cash. He invented the security van.

   I very much like how he says he is "concerned for the little man".

   I've also added an odd bit from a BBC film about graphology where the
   expert -- a "psycho-graphologist" -- analyses Percy Sillitoe's signature,
   and compares it to J Edgar Hoover's signature. Hoover was Sillitoe's
   American counterpart.

          [movie]

   The government asked Sillitoe to come and sort out the chaos in MI5 -
   and he agreed. But he quickly found that it was a very odd place -- all
   the insiders hated him, and they ridiculed him by speaking in Latin
   (which he didn't understand) in front of him. Plus they deliberately
   gave him the wrong papers when he went to see the Prime Minister.

   Sillitoe came back and told his wife -- "I sometimes think I am working
   in a madhouse." But he realised that he was dealing with very much the
   same situation that he had found in the slums of Glasgow -- different
   factions locked together in a strange, poisonous bubble.

   Here is a section of a very good film, made much later, about the
   successors to the razor gangs of Glasgow -- the gangs that Sillitoe had
   tried to suppress in the 1930s. And you can see the similarity to the
   world of the spies -- as one of the gang members puts it, "it's two ends
   of the same street at war with each other".

   I also love the pigeon-fancier who shows off the most high-security
   pigeon loft you have ever seen. He then reveals that he doesn't breed
   the pigeons for racing. Their job is to go and kidnap the pigeons from
   the other gangs.

          [movie]

   But before Sillitoe could do anything, it all went terribly wrong.
   Suddenly traitor after traitor was revealed in the very heart of the
   British establishment. It wasn't just pretentious radical poets who
   were a threat -- it was spies, diplomats and nuclear scientists within
   the system itself who had been giving away secrets to the Russians.

   There was a high-flying diplomat called Donald McLean, a nuclear
   scientist at the heart of Britain's atomic bomb project called Klaus
   Fuchs, plus two of MI6's top agents -- Guy Burgess and Kim Philby.

   One of MI5's main jobs was to find traitors -- but the awful truth was
   that it had failed to spot any of them.

   Percy Sillitoe was booted out. But things got even worse. In 1964 MI5
   were told that one of their own men had been a spy for the Russians. He
   was called Sir Anthony Blunt -- and not only had he been high-up in MI5
   -- but he had gone on to work in Buckingham Palace looking after the
   Queen's art collection. And even worse than that he was the Queen
   Mother's cousin.

          [image: Anthony Blunt]

   MI5 interrogated Sir Anthony and he calmly said that it was all true -
   he had been a traitor. MI5 was so embarrassed that they kept it all
   quiet, gave Blunt immunity from prosecution, and he carried on working
   at Buckingham Palace.

   The Daily Mail later said that the Royal Family had known all along
   anyway. That as far back as 1948 Sir Alan Lascelles -- the most senior
   aide to the Royal family -- had whispered "that's our Russian spy" to
   someone else as they passed Blunt in the palace.

   But that could have been a misinterpretation. Blunt had shocked the
   Queen Mother by telling her that he was an atheist -- and she had
   immediately assumed that meant he must be a communist.

   Clever Queen Mother -- wrong but right.

   Blunt had also become a bit of a TV star. Starting in the early 60s the
   BBC went to him regularly to take the viewers on a tour of the
   treasures of Buckingham Palace -- a sort of early Fiona Bruce.

   Here is part of one programme from 1962 -- two years before he was
   exposed as a traitor. Followed by a bit of another programme from 1972
   -- when a self-confessed KGB agent takes the viewers round Buckingham
   palace. Spot the difference.

   And at the end there is footage from 1979 -- when Blunt was exposed as a
   traitor. It's from some rushes I found in the library. The press
   chasing Sir Anthony are straight out of a British movie. And I love the
   interviewer's obsession that it was Blunt's "homosexual leanings" that
   made him betray his country.

   Blunt, though, doesn't bat an eyelid. It's as though he is still
   talking about some painting.

          [movie]

   Then, in 1971, MI5 got another big shock to the system. Most of their
   opponents -- Russian secret agents in Britain -- were kicked out, leaving
   MI5 with little to do. The irony was that it happened as a result of
   one of their few successes.

   In August 1971 an ordinary London policeman arrested a man who was
   driving drunkenly down Tottenham Court Road. He turned out to be Oleg
   Lyalin who was a KGB agent. Lyalin spent a lot of his time buying socks
   in the West Midlands -- pretending to be a member of the Soviet Trade
   delegation. But really he was spying.

   Lyalin panicked and offered to tell MI5 the names of all the Russian
   spies in Britain. In return he wanted to stay and live in Britain with
   his mistress. MI5 agreed -- and the Home Secretary expelled 105 other
   members of the trade delegation, because Lyalin said they were spies.

   Here are the reports -- plus a "News Special" which is an early example
   of the way TV journalism would report the hidden world of spying. It's
   got an anonymous British "research scientist" called "Jim Walker" who
   got caught up in all this -- and has some great MI5 surveillance footage
   of Jim and his controller Viktor leaving information at a "dead letter
   drop."

   Plus a very good telephone non-interview with the British Ambassador in
   Moscow.

          [movie]

   But the problem for MI5 is that the expulsions pretty much destroyed
   the KGB presence in Britain.

   The historian Stephen Dorril who has written a series of brilliant
   detailed histories of the intelligence agencies says that a later KGB
   defector called Oleg Gordievsky admitted that "the London residency
   never recovered from the expulsions".

   Dorril also says that the British government and its civil servants
   were well aware of this, and they became deeply suspicious of claims
   from MI5 and it's K Branch -- whose job was to monitor foreign agents -
   that there was still a big Soviet threat in Britain:

   "Senior civil servants dealing with the intelligence community were
   therefore aware that K Branch claims about the penetration of British
   political life and the threat to security from Soviet bloc operations
   were generally exaggerated."

   The brutal fact was that by the early 1970s MI5 not only had very
   little to do -- but also it's political masters were beginning to
   question whether it might be seriously incompetent.

   Edward Heath -- who had been Prime Minister when all this was happening
   -- later got up in the House of Commons and said bluntly what he had
   discovered about MI5 officers:

   "They talked the most ridiculous nonsense, and their whole philosophy
   was ridiculous nonsense.

   If some of them were on the tube and saw someone reading the Daily
   Mirror they would say -- 'Get after him, that man is dangerous, we must
   find out where he bought it.' "

   But those in charge in Britain also realised that there was nothing
   they could do to question or control the spies. The next prime minister
   in the 1970s -- Harold Wilson -- wrote a very serious book called The
   Governance of Britain full of long serious chapters.

   But when he got to chapter nine -- about

   THE PRIME MINISTER AND NATIONAL SECURITY

   This is what it looked like.

     [image: Wilson chapter]

   There are two paragraphs explaining that the prime minister has
   ultimate responsibility for the security agencies. And it ends with two
   more that simply say this:

   "The prime minister is occasionally questioned on matters arising out
   of his responsibility. His answers may be regarded as uniformly
   uninformative.

   There is no further information that can usefully or properly be added
   before bringing this Chapter to an end."

   In response to these kind of doubts and attacks MI5 turned inwards.

   The problem for the MI5 men -- stuck in their secret bubble -- was that
   they just couldn't believe that their failure was due to them being
   useless at their job. Not only had they failed to find any of the
   traitors, but operation after operation had ended in failure. And they
   convinced themselves that this meant there had to have been another
   traitor lurking somewhere in their building -- the MI5 HQ in Mayfair.

   They began a mad search for enemies inside the organisation itself -
   seeking to find more hidden traitors who could be used to explain why
   MI5 kept failing to do its job properly.

   It was the search for "Fifth Man" -- to go with the other four already
   exposed, Burgess, McLean, Philby and Blunt

          [image: MI5 building]

   A small group of MI5 men went to their boss and said they wanted to
   investigate all the past failures looking for evidence of treachery.
   Their boss was called Sir Roger Hollis -- and he said no. His argument
   was that operations often went wrong because of simple human failure,
   and to re-examine them on the basis that failure was evidence of
   treachery would tear the agency apart.

   Imagine what it would feel like he said to know you are being watched
   because a past operation you were involved with had gone wrong. "It's
   like the Gestapo" he said.

   So the small group of Mi5 agents decided he must be the traitor.

   Here is a picture of Roger Hollis.

          [image: Hollis]

   The small group in MI5 now became convinced that their organisation was
   not just penetrated by the Russians, it was actually run by a Soviet
   agent. They knew they had to get the truth out somehow even if it meant
   breaking the law. So they found a friendly journalist called Chapman
   Pincher and told him the hidden truth.

          [image: Hollis papers]

   Here is Chapman Pincher being interviewed on the Wogan programme about
   what then happened. Up to this point Pincher had been the Defence
   correspondent on the Daily Express. He was successful for getting
   "scoops" from "inside sources" -- although the historian EP Thompson
   said that really Chapman Pincher was:

   "A kind of official urinal in which ministers and intelligence and
   defence chiefs could stand patiently leaking."

   What the dissident MI5 agents now told Pincher was like super
   high-grade piss. Or, as he puts it in the Wogan interview, "it was like
   walking into an Aladdin's Cave". But what Pincher wrote was going to
   open the floodgates to a new kind of conspiracy journalism that still
   holds sway over large parts of the media imagination.

   Have a look at him and decide yourself -- high grade toilet or
   investigative journalist? Or maybe often they are the same thing?

   I've also included Pincher being interviewed on the TV news reports as
   the scandal unfolded. Everyone tries to get in on the act. The BBC
   presenter quotes Kim Philby as saying that Hollis wasn't very good at
   his job. But the presenter says that this is "ambiguous" -- and might be
   proof that Hollis really was a Soviet agent.

          [movie]

   The leading MI5 dissident who was leaking the information to Pincher
   was called Peter Wright. He was one of the most senior members of MI5
   but he was also somewhat paranoid.

   To get a sense of Peter Wright and how he saw the world I have put
   together some bits of him being interviewed in the 1980s about another
   of his conspiracy theories. This was that the Prime Minister -- Harold
   Wilson -- had also been a Soviet agent.

   In Wright's mind much of the British establishment had been directly or
   indirectly taken over by the Soviet Union. He had no hard evidence for
   this -- but he was driven by an underlying mind-set that was going to
   spread throughout much of the intelligence agencies -- and journalism -
   over the next twenty years.

   This said that if you imagined the other side was doing something
   devilish and deceptive -- then they probably were. It meant that in the
   dark world of intelligence, imagination was more powerful than obvious
   facts. Because if you couldn't find the evidence it proved how clever
   the enemy had been at covering their tracks.

   It was a fevered romantic view of the world that would both entrance
   the readers of newspapers -- but would also lead the intelligence
   agencies into the disaster of the weapons of mass destruction in Iraq
   in 2003

   Here is the grandaddy of that conviction -- Peter Wright. The person
   called Angleton he refers to was an even odder American equivalent of
   Wright who was high up in the CIA -- and who also was convinced Wilson
   was a Soviet agent.

   The tone of Wright's plaintive child like statement about Angleton -
   "he believed it -- he did" tells you a great deal about the emotions
   driving these strange men in their spy-bubbles.

          [movie]

   But as in all organisations -- egos started to come into play. Other MI5
   agents started leaking other names to other journalists. Pincher's main
   rival was a writer called Nigel West.

   Nigel upped the stakes. He began to publish books and articles alleging
   that all sorts of other people had been traitors. Here he is on
   Nationwide in 1981 in full flow. He says that a man called Leo Long was
   a traitor, and then goes on to suggest that others -- including even the
   former Governor of Uganda, Sir Andrew Cohen -- might be traitors.

   It's worth looking closely at what Nigel West says about Sir Andrew
   Cohen -- because it shows how weird this paranoid outpouring from the
   secret world was becoming. When he was an undergraduate at Cambridge in
   the 1930s Cohen had been a member of an intellectual society called The
   Apostles. So had two of the spies -- Burgess and Blunt.

   The interviewer asks Nigel how he knows Sir Andrew might be a traitor.
   Nigel says:

   "I haven't named him (Sir Andrew) up to now because it's not known
   whether he was a Soviet agent. But I think it's worth saying that
   anybody, if you are talking about the Apostles, many of them were
   Soviet agents. And he would undoubtedly have been questioned since he
   rose to a very senior position in the Department of Overseas
   Development"

   That's it. But Nigel does have a fabulous haircut.

          [movie]

   In the early to mid 80s more and more names poured out -- all accused of
   being KGB agents in the heart of the British establishment.

   One newspaper grouped them under headings

   "CONFESSED" -- "PARTIALLY CONFESSED" -- "UNRESOLVED"

   There was one great apology

   "Our list of MI5 spy suspects included Cedric Belfrage who MI5 officers
   said had made a partial confession and we said was dead.

   We are glad to make it clear he is alive, never made any confession and
   maintains he should not have been on the MI5 list at all."

   And Mrs Thatcher also got involved. Because it seemed to prove to her
   the thing she had believed all along -- that the British establishment
   were weak, spineless and easily corruptible. She happily admitted in
   Parliament that Anthony Blunt had been a traitor. And here she is in
   1986 merrily joining in with the latest accusation -- that Lord
   Rothschild had been the 5th Man.

   It later turned out that he wasn't.

          [movie]

   It became farce. The journalists who had started the mole-hunt went to
   war. Nigel West wrote a whole book announcing that he had discovered
   that the 5th man wasn't really Hollis, but was actually Hollis' deputy.
   He was a man called Graham Mitchell who in his spare time was a grand
   master in correspondence chess.

   Apparently the dissidents in MI5 were convinced that the letters he
   sent his chess-friends were his way of contacting his Soviet
   controllers. The moves he typed out were actually secret codes that
   disguised his treachery.

   Here is one of Graham Mitchell's games that he played in 1950. You are
   looking at a complicated code, whether it was secret messages to the
   Russians has never been proved.

          [image: Graham Mitchell chess]

   Another writer then found a letter in an old government file that had
   been written by Roger Hollis in the 1940s saying that the Russians
   shouldn't be trusted. Some journalists said that this proved he wasn't
   a traitor. But others said that Hollis had put the letter there
   deliberately so it could be found and throw MI5 off the scent.

   Here are the TV reports -- both of the Graham Mitchell "revelation", and
   the Hollis letter. The leader of the pack -- Chapman Pincher -- still
   insists Hollis is the 5th man. Nigel West says he is innocent.

   But Nigel now has a very good late 80s haircut.

          [movie]

   Then another writer called W. J. West wrote a book saying that the 5th
   man was Hollis after all.

   W J West turns out to have been an ex-hippie whose early years were
   memorably captured in a semi-autobiographical novel by another
   ex-hippie -- called "Ten Men". She describes a road trip across America
   as she desperately but unsuccessfully tries to shag him.

   Here's his book about the Fifth Man.

          [image: West book]

   But then -- in the midst of all these weirdos -- a dissenting voice
   emerged.

   James Rusbridger had been a spy back in the 50s and 60s -- and he now
   wrote a book called The Intelligence Game arguing that all this was
   rubbish -- and that all the journalists had been conned by a crazy gang
   of right-wing nutters in MI5.

   Rusbridger said that the newspapers and TV were being used to promote
   the obsessive belief of MI5 officers that their failure to do anything
   worthwhile for a quarter of a century was the consequence of there
   being a Russian spy in MI5.

   They couldn't face the fact that they were completely useless and
   incompetent.

   At last a voice of sanity.

   But unfortunately James Rusbridger was then found dead in his garden
   shed -- apparently the victim of an auto-erotic game that had gone
   wrong. He was naked apart from a rubber coat and a gas mask -- and his
   feet and legs were attached to the wall by a complicated system of
   pulleys.

   Of course it might have been a fiendishly clever assassination.

   Or just another spy-world weirdo.

          [image: Rusbridger]

   But this crazed witch hunt didn't harm MI5 at all. Quite the opposite -
   because together the spies and the journalists created an image in the
   public imagination of a dark world full of hidden treachery. The spy
   world became a fascinating other universe that was full of layer upon
   layer of deception, where the men who inhabited it spent their time
   trying to penetrate through the circles of falsehood to the inner
   sanctum of truth.

   It was an image that was powerfully helped by John Le Carre's novels -
   and his anti-hero George Smiley. Le Carre's novels were a clever piece
   of PR -- because they appeared to be more gritty and realistic than the
   glamourised James Bond image.

   But it was just another layer of deception -- because Smiley and his
   search for a hidden mole expressed powerfully the paranoid and
   unfounded fantasies of the dissident MI5 agents.

   But it was a world that was all made-up. Le Carre -- who had himself
   been a spy -- admitted this, and described what the true reality of the
   spy world was:

   "For a while you wondered whether the fools were pretending to be fools
   as some kind of deception, or whether there was a real efficient
   service somewhere else.

   Later in my fiction, I invented one.

   But alas the reality was the mediocrity. Ex-colonial policemen mingling
   with failed academics, failed lawyers, failed missionaries and failed
   debutantes gave our canteen the amorphous quality of an Old School
   outing on the Orient express. Everyone seemed to smell of failure."

          [image: Smiley covers]

   But this new image couldn't conceal MI5's incompetence for long.

   Because at the very same time that everyone was talking excitedly about
   completely invented moles, MI5 missed the real moles at the heart of
   the intelligence services -- even though they were completely obvious,
   and almost screaming to be noticed.

   Michael Bettaney worked in counter-espionage in MI5. He had been
   recruited when he was at Oxford university -- where he had been an
   admirer of Adolf Hitler and had a habit of singing the Nazi Party
   anthem in local pubs.

   Here is Bettaney back then.


          [image: Bettaney]

   MI5 did a thorough check on him -- called positive vetting -- and decided
   he was fine. Perfect MI5 material. Bettaney was then sent off to
   Northern Ireland to fight terrorism where he was wounded by a car bomb.
   He then had a horrible experience. Hidden in a cupboard he had to watch
   in silence as one of his informants was shot through the kneecaps boy
   other terrorists.

   Here is Bettaney later -- after he had been working for MI5.

          [image: Bettaneyi 2]

   Bettaney came back to London a changed man. He decided that MI5 was
   both corrupt and incompetent. He started drinking heavily and told his
   colleagues loudly that he was no longer a fascist -- but he had become a
   communist.

   So MI5 decided to promote him. He was positively vetted again -- found
   to be perfect MI5 material, and sent to the Russian desk.

   Bettaney became more and more unstable. In October 1982 he was
   convicted of being drunk and disorderly. The next week he was convicted
   for fare-dodging. Finally MI5 did begin to notice -- and two separate
   inquiries were set up to look into Bettaney's behaviour. But each was
   unaware of the other's existence.

   Neither of them noticed that he had been stealing a huge amount of MI5
   top secret documents and stashing them at his home. Bettaney was only
   caught when he took some of the best of these secrets and tried to
   stuff them into the letter box of the Second Secretary of the Russian
   Embassy -- Mr Gouk.

   This is a picture of Mr Gouk.

          [image: Gouk]

   Mr Gouk was so confused by this that, instead of passing them on to the
   KGB, he went round to MI5 and gave them back, and told them where they
   had come from. MI5 arrested Bettaney and he was put on trial.

   The man who was in charge of the vetting of government employees -- like
   Michael Bettaney -- was then allowed to vet the members of the jury at
   Bettaney's trial. Luckily this time he got it right -- and Bettaney was
   sent to prison on the Isle of Sheppey for 23 years.

   Here are some of the reports. Including Nigel West turning up yet again
   on Breakfast Time. Even Nigel is shocked by how MI5 didn't spot
   Bettaney. And he's having a bad hair day.

          [movie]

   The terrible truth that began to dawn in the 1980s was that MI5 -- whose
   job it was to catch spies that threatened Britain -- had never by its
   own devices caught a spy in its entire history.

   The case that really shocked Mrs Thatcher was the traitor Geoffrey
   Prime. In the 1970s he had worked at the top secret listening centre
   GCHQ and had been selling all it's secrets to the Russians.

          [image: Prime]

   And yet again it wasn't MI5 who uncovered his treachery -- it was the
   local police in Cheltenham.

   In 1982 a policeman came to his house enquiring about his car -- a
   rather distinct two-tone brown and white Mk IV Cortina -- a which had
   been seen in the vicinity of an assault on a young girl.

   Prime told the policeman that he had been at home all day. But that
   evening he and his wife Rhona went for a drive to the top of Cleeve
   Hill. As they sat in the twilight Prime told Rhona that he was the man
   the police were looking for. And not only that, he was also a Russian
   spy.

   Here is part of a very powerful interview Rhona Prime gave to the BBC
   where she describes that day -- and what she then did.

          [movie]

   Prime was a paedophile -- and had used spying techniques to monitor the
   activities of thousands of young girls around Cheltenham. He had
   created a vast set of index cards which showed when the girls were most
   likely to be alone at home. He then went round to their houses in his
   two tone Cortina and sexually assaulted them.

   Despite this Prime had been positively vetted six times.

   Even the Russians got worried about his paedophile activities and
   seemed to want to dump him. In 1980 Prime had gone to Vienna to meet
   the KGB. Instead of meeting him secretly as they normally did, the
   Russians took him openly to the best restaurants where they knew
   Western intelligence agents would recognise them as KGB agents.

   But even then noone noticed them -- or Prime.

   Prime's wife Rhona wrestled with her conscience -- and in the end went
   to the police and told them everything about Prime. He was sent to jail
   for 35 years for spying and 3 years for the assaults on young girls -
   which says a lot about the priorities of the British establishment at
   that time.

          [movie]

   The cases of Bettaney and Prime revealed not only just how incompetent
   MI5 was -- but also how sad and seedy the secret world of spies really
   was.

   But even in the midst of all this treachery -- a surprising thing
   happened.

   Rhona Prime decided to stand by her husband. Here is Rhona describing
   how her deep christian beliefs gave her the strength to stand by her
   husband. She is very calm and composed, and somehow her dignity makes
   you realise just how odd the whole spy thing was. A strange hysteria
   driven by totally inadequate men -- both agents and journalists -- who
   were incapable of dealing with real human emotions like love and
   loyalty.

   Rhona talks about something else -- unconditional love. Receiving
   unconditional love, she says, makes us whole and beautiful people
   because we are totally accepted. The very opposite of treachery.

          [movie]

   At the same time, one of the original traitors -- Kim Philby -- died in
   the Soviet Union. The BBC cameraman Phil Goodwin has given me the
   unedited rushes recording Philby's funeral in Moscow. He found it in
   the back of a cupboard in the BBC's Moscow office.

   It's an amazing record of a weird communist state funeral -- held for an
   upper class Englishman in a Moscow graveyard in 1987. Standing all
   around are the faces of the Russian side of the spy world -- and it is
   great to look at their faces, peeking out for a moment from their
   traditional secrecy.

   Then Philby's coffin arrives accompanied by a military band and members
   of the KGB holding all Philby's Soviet medals on orange cushions. It's
   an extraordinary scene. But also watch the woman with red hair. She is
   Philby's widow -- Rufina -- who had lived with him and helped him through
   alcoholism and depression.

   Watch what Rufina does. It's really moving. Love and loyalty breaking
   through again into this narrow, nasty world.

          [movie]

   And even Michael Bettaney found love. Marion Johnstone, who was a
   research scientist and also a communist, wrote to him in prison in
   1985. She began to visit him -- and they became engaged.

   But in 1995 there was a security scare that reawakened all the spy
   journalists on papers like the Mail -- and made them huff and puff
   again. Marion was found to have taken some photos and made some
   drawings of the landscape on Sheppey around the prison and given them
   to Bettaney.

   The prison authorities confiscated them, and the journalists
   immediately said that this was part of an escape plan to spring the
   traitor from jail. Marion denied this -- she insisted that because
   Bettaney was kept in solitary confinement she just wanted to show him
   how beautiful the landscape was outside.

   And she is right. The landscape around Bettaney's prison, Swaleside, is
   extraordinary and beautiful. A little while ago I managed to get onto
   Deadman's Island which is nearby on the river Swale.

   It is a moody place because it is where prisoners from a long time ago
   -- the Napoleonic wars of the 1800s -- were buried. They had been held on
   the "hulks", floating prisons off the coast of Sheppey.

   What makes the island so strange is that it is covered by water every
   high tide -- and that washes away the mud and opens up the prisoners'
   graves. It means that the island is littered with human bones.

   The warden of Deadman's Island very kindly showed me round -- and here
   he is showing me the open graves and the bones of prisoners, other
   kinds of traitors, from a very different war of long ago.

          [movie]

   But what really did for all of the intelligence agencies at the end of
   the eighties is that none of them predicted the collapse of communism.

   Mrs Thatcher's advisor -- Charles Powell -- summed up the extraordinary
   failure:

   "The biggest single failure of intelligence of that era was the failure
   of almost everybody to foresee the end of communism. it caught us
   completely on the hop. All that intelligence about their war-fighting
   capabilities was all very well, but it didn't tell us the one thing we
   needed to know -- that it was all about to collapse.

   It was a colossal failure of the whole Western system of intelligence
   assessment and political judgement."

   But the real reason that the intelligence agencies didn't predict the
   collapse of the Soviet system was because many of the people at the top
   of the agencies couldn't believe it was true.

   Sir Percy Cradock was one of the most powerful figure in the British
   establishment. He was the chairman of the Joint Intelligence Committee
   -- which co-ordinated the activities of MI5, MI6 and other intelligence
   groups. Even at the end of the eighties when everyone else was
   realising that the Soviet Union was collapsing, Sir Percy remained
   convinced that this was all a trick. That the Soviet Union was still
   aiming for communist domination of the world.

   Here is Sir Percy

          [image: Percy Cradock]

   Cradock -- along with a number of others high up in the intelligence
   agencies -- really believed that Gorbachev's reforms were just a cunning
   ruse to deceive the West. And -- as Mark Urban has pointed out in his
   book UK Eyes Alpha -- Sir Percy used his position to make sure that this
   view dominated the Joint Intelligence Committee.

   But as Urban also points out -- Sir Percy and his allies had no secret
   evidence for this. They relied on what was pompously called "analysing
   open source data". Otherwise known as reading the newspapers and
   watching TV. Except they interpreted that data in a mad way -- driven by
   their own fevered imaginings of a world completely possessed by
   infinite levels of deception

   Mrs Thatcher realised this was bonkers -- and she finally gave up on the
   spies.

   And that really should have been that for MI5.

   Except ten years later it was saved by the War on Terror -- and since
   then MI5 has grown massively. But what no-one seems to know is whether
   MI5 has changed.

   For most of the twentieth century the combination of ineptitude and
   secrecy created an organisation that retreated more and more into a
   world of fictional conspiracies in order to disguise it's repeated
   failures. The question is whether the same is true today?

   Disasters like the total intelligence failure over the WMD in Iraq
   would suggest that nothing much had changed. But the trouble is there
   is no way we can ever find out. The spies live behind a wall of secrecy
   and when anyone tries to criticise them, the spies respond by saying
   that they have prevented attacks and saved us from terrible danger. But
   they can't show us the evidence because that is secret.

   It was recently revealed that back in the 1970s -- at the height of the
   obsession with traitors -- MI5 trained a specially bred group of Gerbils
   to detect spies. Gerbils have a very acute sense of smell and they were
   used in interrogations to tell whether the suspects were releasing
   adrenaline -- because that would show they were under stress and lying.

   Then they tried the Gerbils to see if they could detect terrorists who
   were about to carry a bomb onto a plane. But the gerbils got confused
   because they couldn't tell the difference between the terrorists and
   ordinary people who were frightened of flying who were also pumping out
   adrenaline in their sweat.

   So the gerbils failed as well.

   Perhaps MI5 shouldn't have given up so easily. Maybe what we need is a
   better class of gerbil to find out the truth? But maybe we have them
   already -- they're called journalists.

          [image: gerbil]

   But the saddest thing in this whole story is that Rhona Prime did not
   stay with her husband Geoffrey. In 1995 she met and fell in love with
   someone else.



#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime at kein.org


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From cryptofreak at cpunk.us  Sun Aug 11 22:24:34 2013
From: cryptofreak at cpunk.us (CryptoFreak)
Date: Mon, 12 Aug 2013 00:24:34 -0500
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <3645214.aNOC3WAsbX@laptosid>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
Message-ID: <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>

On Aug 11, 2013, at 6:44 PM, rysiek <rysiek at hackerspace.pl> wrote:

> Dnia niedziela, 4 sierpnia 2013 14:12:53 Rich Jones pisze:
>> https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arreste
>> d
>
> Well, dang.
>
> Also:
>
> "We have analyzed the security properties of Tor hidden
> services and shown that attacks to deanonymize hidden
> services at a large scale are practically possible with only
> a moderate amount of resources. We have demonstrated
> that collecting the descriptors of all Tor hidden services is
> possible in approximately 2 days by spending less than USD
> 100 in Amazon EC2 resources. Running one or more guard
> nodes then allows an attacker to correlate hidden services
> to IP addresses using a primitive traffic analysis attack.
> Furthermore, we have shown that attackers can impact the
> availability and sample the popularity of arbitrary hidden
> services not under their control by selectively becoming their
> hidden service directories."
>
> http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
>
> This is even more troubling, as apparently does not require any  
> exploits.

While I'm certainly not saying "I don't buy it", how does this  
reconcile with the reality of The Silk Road still being in existance.  
One would think that governments would use these techniques against  
the site if for nothing more than to catch/punish them for all the tax  
evasion going on.

If this paper is true, the only reason I could think of why TSR is  
still alive is because it is some kind of government front, though  
there is no evidence of that at all.

CryptoFreak




From rysiek at hackerspace.pl  Sun Aug 11 16:44:27 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 12 Aug 2013 01:44:27 +0200
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
Message-ID: <3645214.aNOC3WAsbX@laptosid>

Dnia niedziela, 4 sierpnia 2013 14:12:53 Rich Jones pisze:
> https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arreste
> d

Well, dang.

Also:

"We have analyzed the security properties of Tor hidden
services and shown that attacks to deanonymize hidden
services at a large scale are practically possible with only
a moderate amount of resources. We have demonstrated
that collecting the descriptors of all Tor hidden services is
possible in approximately 2 days by spending less than USD
100 in Amazon EC2 resources. Running one or more guard
nodes then allows an attacker to correlate hidden services
to IP addresses using a primitive traffic analysis attack.
Furthermore, we have shown that attackers can impact the
availability and sample the popularity of arbitrary hidden
services not under their control by selectively becoming their
hidden service directories."

http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf

This is even more troubling, as apparently does not require any exploits.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130812/fe99d0cf/attachment.sig>

From loki at obscura.com  Mon Aug 12 08:52:35 2013
From: loki at obscura.com (Lance Cottrell)
Date: Mon, 12 Aug 2013 08:52:35 -0700
Subject: Information theoretically secure communication networks
In-Reply-To: <1376317284.3276.24.camel@localhost.localdomain>
References: <1376317284.3276.24.camel@localhost.localdomain>
Message-ID: <A564CFE5-5BB0-4E54-8537-B1B6425A5B26@obscura.com>

There was a lot of analysis like this back in the 1990's on this list. You could probably look for it in the archives.

In general, store and forward anonymity services, like Mixmaster, have much better anonymity characteristics than real time systems like TOR, basically for the reasons you outline.

	-Lance

--
Lance Cottrell
loki at obscura.com



On Aug 12, 2013, at 7:21 AM, John Preston <gizmoguy1 at gmail.com> wrote:

> Hi all,
> 
> Long-time follower, first time poster. I have an interest in darknets
> and saw this paper
> (http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf) today in a
> message under "Freedom Hosting Owner Arrested, Tormail Compromised,
> Malicious JS Discovered", which naturally got me quite worried. It did
> remind, however, about a few ideas I have had in the past about
> guarantees of anonymity in a network.
> 
> Consider a broadcast network: an eavesdropper cannot tell who a message
> is intended for from just the transmission itself. By using asymmetric
> encryption, the contents of the message can also be made unreadable to
> the eavesdropper and all unintended recipients, still preserving perfect
> single fact anonymity.
> 
> Over time, an attacker could determine the intended recipient by looking
> at who sent messages within a certain time frame from receiving a
> message: the information gain from this is increased substantially if
> certain information about the protocol of the messages is known (e.g. if
> we're anonymising a real-time protocol, timed traffic analysis can
> reveal an intended recipient with a high degree of certainty). This can
> be defeated by including noise in the network: peers constantly produce
> garbage packets.
> 
> I believe that this would yield information theoretically secure
> anonymity, as an attacker is looking for hay in a haystack, so to speak.
> Obviously, the problem with this protocol is that it is horrendously
> inefficient.
> 
> I am inclined to believe that we can preserve the anonymity properties
> of this protocol while reducing its network load, in exchange for
> reliability. The original protocol implies that the intended recipient
> will always get the message, but if we allow for the possibility of
> delivery failure we can reduce traffic.
> 
> The protocol I propose is thus as follows: peers send hop-to-hop
> encrypted packets to a subset of the other nodes on the network. Each
> packet contains the payload (encrypted for the intended recipient) and a
> TTL counter. If a peer cannot decrypt the payload, the message is not
> intended for them and so the TTL is decreased and the new message is
> then broadcast out to another random subset of the peers on the network.
> Again, we include noise packets.
> 
> For a TTL of t and a subset network ratio of s, we thus expect ts
> transmissions for a single packet, where we intend ts < n so as to
> obtain a more efficient solution.
> 
> Other possible considerations are non-fully connected networks, although
> I believe that a theoretically secure routing protocol must fulfil at
> least one of the two axioms:
> 1) all peers must eventually receive the message; or
> 2) the message is not guaranteed to reach its intended recipient.
> 
> Thoughts? Also, is there any literature on or implementations of
> theoretically secure networks?
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4649 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130812/e169bf21/attachment.txt>

From kylem at xwell.org  Mon Aug 12 07:25:20 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Mon, 12 Aug 2013 09:25:20 -0500
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
Message-ID: <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>

Or that different departments / teams have different enforcement
priorities, or that they don't cooperate well with each other...

On Mon, Aug 12, 2013 at 8:47 AM, David Vorick <david.vorick at gmail.com> wrote:
> It's possible that the attack in the paper isn't perfectly effective.
> It's also possible that the government isn't aware of the paper, or at least
> hasn't organized enough yet to mount an attacked based off of this paper.
> (some beauracrat in power is spending money on this piece of malware, wants
> all resources behind it, or maybe other political bullshit, and so as always
> the government is slowing itself down)
>
> And finally, it's possible that TSR uses additional layers of protection,
> like VPN through countries outside of US jurisdiction, so that even when you
> unwrap tor TSR remains hidden.



-- 
@kylemaxwell




From david.vorick at gmail.com  Mon Aug 12 06:47:14 2013
From: david.vorick at gmail.com (David Vorick)
Date: Mon, 12 Aug 2013 09:47:14 -0400
Subject: Fwd: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
Message-ID: <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>

It's possible that the attack in the paper isn't perfectly effective.
It's also possible that the government isn't aware of the paper, or at
least hasn't organized enough yet to mount an attacked based off of this
paper. (some beauracrat in power is spending money on this piece of
malware, wants all resources behind it, or maybe other political bullshit,
and so as always the government is slowing itself down)

And finally, it's possible that TSR uses additional layers of protection,
like VPN through countries outside of US jurisdiction, so that even when
you unwrap tor TSR remains hidden.


On Mon, Aug 12, 2013 at 9:46 AM, David Vorick <david.vorick at gmail.com>wrote:

> It's possible that the attack in the paper isn't perfectly effective.
> It's also possible that the government isn't aware of the paper, or at
> least hasn't organized enough yet to mount an attacked based off of this
> paper. (some beauracrat in power is spending money on this piece of
> malware, wants all resources behind it, or maybe other political bullshit,
> and so as always the government is slowing itself down)
>
> And finally, it's possible that TSR uses additional layers of protection,
> like VPN through countries outside of US jurisdiction, so that even when
> you unwrap tor TSR remains hidden.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1696 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130812/a5413a2a/attachment.txt>

From rysiek at hackerspace.pl  Mon Aug 12 01:30:43 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 12 Aug 2013 10:30:43 +0200
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
Message-ID: <4472797.fdJLsJXBOm@laptosid>

Dnia poniedziałek, 12 sierpnia 2013 00:24:34 CryptoFreak pisze:
> On Aug 11, 2013, at 6:44 PM, rysiek <rysiek at hackerspace.pl> wrote:
> > Dnia niedziela, 4 sierpnia 2013 14:12:53 Rich Jones pisze:
> >> https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arre
> >> ste d
> > 
> > Well, dang.
> > 
> > Also:
> > 
> > "We have analyzed the security properties of Tor hidden
> > services and shown that attacks to deanonymize hidden
> > services at a large scale are practically possible with only
> > a moderate amount of resources. We have demonstrated
> > that collecting the descriptors of all Tor hidden services is
> > possible in approximately 2 days by spending less than USD
> > 100 in Amazon EC2 resources. Running one or more guard
> > nodes then allows an attacker to correlate hidden services
> > to IP addresses using a primitive traffic analysis attack.
> > Furthermore, we have shown that attackers can impact the
> > availability and sample the popularity of arbitrary hidden
> > services not under their control by selectively becoming their
> > hidden service directories."
> > 
> > http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
> > 
> > This is even more troubling, as apparently does not require any
> > exploits.
> 
> While I'm certainly not saying "I don't buy it", how does this
> reconcile with the reality of The Silk Road still being in existance.
> One would think that governments would use these techniques against
> the site if for nothing more than to catch/punish them for all the tax
> evasion going on.

Yeah, that's a conundrum.

> If this paper is true, the only reason I could think of why TSR is
> still alive is because it is some kind of government front, though
> there is no evidence of that at all.

Well, it can also simply be *used* as a government front. If they can monitor 
it without SR's consent (or knowledge), they do not need it to control it, do 
they...

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130812/44cb0eed/attachment.sig>

From eugen at leitl.org  Mon Aug 12 04:26:50 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 12 Aug 2013 13:26:50 +0200
Subject: <nettime> Adam Curtis: BUGGER
Message-ID: <20130812112650.GW29404@leitl.org>

----- Forwarded message from nettime's_orchid_man <nettime at kein.org> -----


From eugen at leitl.org  Mon Aug 12 04:36:47 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 12 Aug 2013 13:36:47 +0200
Subject: [tt] NS 2929: Meshnet activists rebuilding the internet from scratch
Message-ID: <20130812113646.GZ29404@leitl.org>

----- Forwarded message from Frank Forman <checker at panix.com> -----


From eugen at leitl.org  Mon Aug 12 04:43:16 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 12 Aug 2013 13:43:16 +0200
Subject: <nettime> Interview with Lavabit's Ladar Levison
Message-ID: <20130812114316.GC29404@leitl.org>

----- Forwarded message from nettime's secret court staffer <nettime at kein.org> -----


From eugen at leitl.org  Mon Aug 12 04:44:24 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 12 Aug 2013 13:44:24 +0200
Subject: [liberationtech] Secure Android guide?
Message-ID: <20130812114424.GD29404@leitl.org>

----- Forwarded message from Jerzy Łogiewa <jerzyma at interia.eu> -----


From tedks at riseup.net  Mon Aug 12 11:06:41 2013
From: tedks at riseup.net (Ted Smith)
Date: Mon, 12 Aug 2013 14:06:41 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <4472797.fdJLsJXBOm@laptosid>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
Message-ID: <1376330801.10168.1.camel@anglachel>

On Mon, 2013-08-12 at 10:30 +0200, rysiek wrote:
> > While I'm certainly not saying "I don't buy it", how does this
> > reconcile with the reality of The Silk Road still being in
> existance.
> > One would think that governments would use these techniques against
> > the site if for nothing more than to catch/punish them for all the
> tax
> > evasion going on.
> 
> Yeah, that's a conundrum.

No it isn't. The government agencies that could potentially attack Tor
to bust the Silk Road would *never* care about the level of drugs moved
through it. They care about the people multiple levels above TSR,
drastically higher up in the supply chain. 

Remember, TSR sends drugs *through the mail*. You can't successfully
*mail* enough drugs for the NSA/DEA to care.


-- 
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130812/bc776bb3/attachment.sig>

From coderman at gmail.com  Mon Aug 12 14:50:26 2013
From: coderman at gmail.com (coderman)
Date: Mon, 12 Aug 2013 14:50:26 -0700
Subject: Lavabit and End-point Security
In-Reply-To: <CAJVRA1TV+4wxBT3tp0zmYViz5vW5K_fqs=C_+JDoW8zGSAGVwQ@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <CAJVRA1T70nTYojfD7BjBk0QSJrPeRibgR8xdv20pGsdyP01tsQ@mail.gmail.com>
 <CAJVRA1TV+4wxBT3tp0zmYViz5vW5K_fqs=C_+JDoW8zGSAGVwQ@mail.gmail.com>
Message-ID: <CAJVRA1T2noJbs3V+04aShtWC3zSpBRZcm4qsOchZ6Q3_m37OFA@mail.gmail.com>

On Sun, Aug 11, 2013 at 1:28 PM, coderman <coderman at gmail.com> wrote:
> ... and then a baseband exploit easily walks under all of my
> protections at every layer, completely and fully 0wning my devices,

"I'm sorry. My responses are limited. You must ask the right questions."


weaponized baseband exploits are difficult, expensive, architecture
specific, and not used capriciously.

this, among other reasons, is why there is such a dearth of
information on them despite being proven exploitable with a wide
attack surface for many years.


related:

"""
Rupp said state-sponsored attackers are already using baseband
processor attacks in airports but declined to go into details beyond
saying that attacks could be carried out without the need to trick
smartphones owners into opening an email or visiting a malicious
website. Attacks might involve building a rogue GSM base-station from
commodity hardware or run from the infrastructure of a 'co-operative"
telco. It might also be possible to run attacks against baseband
processors of phones using Wi-Fi or Bluetooth interfaces, according to
GSMK Cryptophone.

"Once you have control over the app CPU, you can in principle use that
to load any code you want from the network," Rupp explained. "Since
you have already successfully escalated your privileges on the system,
no user interaction is necessary."
"""
http://www.theregister.co.uk/Print/2013/03/07/baseband_processor_mobile_hack_threat/


"Baseband Attacks: Remote Exploitation of Memory Corruptions in
Cellular Protocol Stacks"
https://www.usenix.org/system/files/conference/woot12/woot12-final24.pdf


"Anatomy of contemporary GSM cellphone hardware"
https://gnumonks.org/trunk/presentation/2010/gsm_phone-anatomy/gsm_phone-anatomy-v0.4.pdf


"Cellular baseband security"
https://smartech.gatech.edu/handle/1853/43766


"Run-time firmware integrity verification: what if you can't trust
your network card"
http://cansecwest.com/csw11/Duflot-Perez_runtime-firmware-integrity-verification.pdf




From eugen at leitl.org  Mon Aug 12 06:05:50 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 12 Aug 2013 15:05:50 +0200
Subject: [cryptopolitics] Silent Circle and Secure Email
Message-ID: <20130812130550.GP29404@leitl.org>

----- Forwarded message from Jeffrey Walton <noloader at gmail.com> -----


From gizmoguy1 at gmail.com  Mon Aug 12 07:21:24 2013
From: gizmoguy1 at gmail.com (John Preston)
Date: Mon, 12 Aug 2013 15:21:24 +0100
Subject: Information theoretically secure communication networks
Message-ID: <1376317284.3276.24.camel@localhost.localdomain>

Hi all,

Long-time follower, first time poster. I have an interest in darknets
and saw this paper
(http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf) today in a
message under "Freedom Hosting Owner Arrested, Tormail Compromised,
Malicious JS Discovered", which naturally got me quite worried. It did
remind, however, about a few ideas I have had in the past about
guarantees of anonymity in a network.

Consider a broadcast network: an eavesdropper cannot tell who a message
is intended for from just the transmission itself. By using asymmetric
encryption, the contents of the message can also be made unreadable to
the eavesdropper and all unintended recipients, still preserving perfect
single fact anonymity.

Over time, an attacker could determine the intended recipient by looking
at who sent messages within a certain time frame from receiving a
message: the information gain from this is increased substantially if
certain information about the protocol of the messages is known (e.g. if
we're anonymising a real-time protocol, timed traffic analysis can
reveal an intended recipient with a high degree of certainty). This can
be defeated by including noise in the network: peers constantly produce
garbage packets.

I believe that this would yield information theoretically secure
anonymity, as an attacker is looking for hay in a haystack, so to speak.
Obviously, the problem with this protocol is that it is horrendously
inefficient.

I am inclined to believe that we can preserve the anonymity properties
of this protocol while reducing its network load, in exchange for
reliability. The original protocol implies that the intended recipient
will always get the message, but if we allow for the possibility of
delivery failure we can reduce traffic.

The protocol I propose is thus as follows: peers send hop-to-hop
encrypted packets to a subset of the other nodes on the network. Each
packet contains the payload (encrypted for the intended recipient) and a
TTL counter. If a peer cannot decrypt the payload, the message is not
intended for them and so the TTL is decreased and the new message is
then broadcast out to another random subset of the peers on the network.
Again, we include noise packets.

For a TTL of t and a subset network ratio of s, we thus expect ts
transmissions for a single packet, where we intend ts < n so as to
obtain a more efficient solution.

Other possible considerations are non-fully connected networks, although
I believe that a theoretically secure routing protocol must fulfil at
least one of the two axioms:
 1) all peers must eventually receive the message; or
 2) the message is not guaranteed to reach its intended recipient.

Thoughts? Also, is there any literature on or implementations of
theoretically secure networks?




From eugen at leitl.org  Mon Aug 12 06:32:32 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 12 Aug 2013 15:32:32 +0200
Subject: [FoRK] <nettime> Statement: Why Secure Email Provider Lavabit
 closes down
Message-ID: <20130812133232.GV29404@leitl.org>

----- Forwarded message from dan at geer.org -----


From lee at guardianproject.info  Mon Aug 12 12:59:10 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Mon, 12 Aug 2013 15:59:10 -0400
Subject: Information theoretically secure communication networks
In-Reply-To: <A564CFE5-5BB0-4E54-8537-B1B6425A5B26@obscura.com>
References: <1376317284.3276.24.camel@localhost.localdomain>
 <A564CFE5-5BB0-4E54-8537-B1B6425A5B26@obscura.com>
Message-ID: <CAJq8BANTof=fw55MDCTRPhavD16j20PJVoM_pLtK3ceJjrpt1A@mail.gmail.com>

An interesting exercise in anonymous and secure email is mixnym. It's
a fun afternoon activity, though the use cases are very thin. It hits
the "all peers must eventually receive the message" bullet.

-lee

On Mon, Aug 12, 2013 at 11:52 AM, Lance Cottrell <loki at obscura.com> wrote:
> There was a lot of analysis like this back in the 1990's on this list. You
> could probably look for it in the archives.
>
> In general, store and forward anonymity services, like Mixmaster, have much
> better anonymity characteristics than real time systems like TOR, basically
> for the reasons you outline.
>
> -Lance
>
> --
> Lance Cottrell
> loki at obscura.com
>
>
>
> On Aug 12, 2013, at 7:21 AM, John Preston <gizmoguy1 at gmail.com> wrote:
>
> Hi all,
>
> Long-time follower, first time poster. I have an interest in darknets
> and saw this paper
> (http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf) today in a
> message under "Freedom Hosting Owner Arrested, Tormail Compromised,
> Malicious JS Discovered", which naturally got me quite worried. It did
> remind, however, about a few ideas I have had in the past about
> guarantees of anonymity in a network.
>
> Consider a broadcast network: an eavesdropper cannot tell who a message
> is intended for from just the transmission itself. By using asymmetric
> encryption, the contents of the message can also be made unreadable to
> the eavesdropper and all unintended recipients, still preserving perfect
> single fact anonymity.
>
> Over time, an attacker could determine the intended recipient by looking
> at who sent messages within a certain time frame from receiving a
> message: the information gain from this is increased substantially if
> certain information about the protocol of the messages is known (e.g. if
> we're anonymising a real-time protocol, timed traffic analysis can
> reveal an intended recipient with a high degree of certainty). This can
> be defeated by including noise in the network: peers constantly produce
> garbage packets.
>
> I believe that this would yield information theoretically secure
> anonymity, as an attacker is looking for hay in a haystack, so to speak.
> Obviously, the problem with this protocol is that it is horrendously
> inefficient.
>
> I am inclined to believe that we can preserve the anonymity properties
> of this protocol while reducing its network load, in exchange for
> reliability. The original protocol implies that the intended recipient
> will always get the message, but if we allow for the possibility of
> delivery failure we can reduce traffic.
>
> The protocol I propose is thus as follows: peers send hop-to-hop
> encrypted packets to a subset of the other nodes on the network. Each
> packet contains the payload (encrypted for the intended recipient) and a
> TTL counter. If a peer cannot decrypt the payload, the message is not
> intended for them and so the TTL is decreased and the new message is
> then broadcast out to another random subset of the peers on the network.
> Again, we include noise packets.
>
> For a TTL of t and a subset network ratio of s, we thus expect ts
> transmissions for a single packet, where we intend ts < n so as to
> obtain a more efficient solution.
>
> Other possible considerations are non-fully connected networks, although
> I believe that a theoretically secure routing protocol must fulfil at
> least one of the two axioms:
> 1) all peers must eventually receive the message; or
> 2) the message is not guaranteed to reach its intended recipient.
>
> Thoughts? Also, is there any literature on or implementations of
> theoretically secure networks?
>
>




From tom at ritter.vg  Mon Aug 12 13:23:51 2013
From: tom at ritter.vg (Tom Ritter)
Date: Mon, 12 Aug 2013 16:23:51 -0400
Subject: Information theoretically secure communication networks
In-Reply-To: <1376317284.3276.24.camel@localhost.localdomain>
References: <1376317284.3276.24.camel@localhost.localdomain>
Message-ID: <CA+cU71m+z7=q_UEaxT5ZimXjwwvEqn7udDZ+7SbjYXWbE6dMpA@mail.gmail.com>

On 12 August 2013 10:21, John Preston <gizmoguy1 at gmail.com> wrote:
> Consider a broadcast network: an eavesdropper cannot tell who a message
> is intended for from just the transmission itself. By using asymmetric
> encryption, the contents of the message can also be made unreadable to
> the eavesdropper and all unintended recipients, still preserving perfect
> single fact anonymity.
>
> Over time, an attacker could determine the intended recipient by looking
> at who sent messages within a certain time frame from receiving a
> message: the information gain from this is increased substantially if
> certain information about the protocol of the messages is known (e.g. if
> we're anonymising a real-time protocol, timed traffic analysis can
> reveal an intended recipient with a high degree of certainty). This can
> be defeated by including noise in the network: peers constantly produce
> garbage packets.
>
> I believe that this would yield information theoretically secure
> anonymity, as an attacker is looking for hay in a haystack, so to speak.
> Obviously, the problem with this protocol is that it is horrendously
> inefficient.

As Lance said, this is pretty close to what alt.anonymous.messages
evolved into in the 90s and early 00's.

I gave a talk two weeks ago looking at 10 years of messages there and
finding user errors, weak passwords, user-segmenting settings, and
traffic patterns.  Details are over here:
http://ritter.vg/blog-deanonymizing_amm.html

-tom




From ben at links.org  Tue Aug 13 08:17:04 2013
From: ben at links.org (Ben Laurie)
Date: Tue, 13 Aug 2013 11:17:04 -0400
Subject: [cryptography] Certificate Transparency Hack Day
Message-ID: <mailman.4419.1575949050.62801.testlist@lists.cpunks.org>

The Certificate Transparency hack day will take place at Google’s London
offices on Wednesday, the 28th of August, 2013.

Please sign up on this
form<https://docs.google.com/a/google.com/forms/d/1jvO5OdkvRhyTV6XU4Q-YaRKlTSF7rh94LzRFbICHRg8/viewform>
by
August 22nd, to let us know you plan to attend.

Where & When:

The hack day will be at Google’s offices in Belgrave House, 76 Buckingham
Palace Road, London, SW1W
9TQ<https://plus.google.com/110793544615967733816/about?gl=uk&hl=en&e=EnableEventsPresenterMode>
.

Breakfast is at 8:30am, badges will be handed out at Belgrave House
reception.

The day itself will start with Ben’s introduction at 9am, ending by 6pm,
with a lunch break at around 1:30pm. There’ll be drinks at a nearby pub
afterwards.

What to prepare:

In order to make the most of the time we have on the day, you’ll need to do
a little preparation.

Please bring your own laptop with either:

* A copy of the CT
repository<http://code.google.com/p/certificate-transparency/>- check
you have all the necessary dependencies and are able to compile
it(instructions
here<https://code.google.com/p/certificate-transparency/source/browse/src/README>),
or

* A copy of CT development Linux VMware image (available with instructions
here <https://sites.google.com/site/certificatetransparency/hackday>)

Regards,

Ben and the Certificate Transparency team at Google

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From nico at cryptonector.com  Tue Aug 13 13:10:36 2013
From: nico at cryptonector.com (Nico Williams)
Date: Tue, 13 Aug 2013 15:10:36 -0500
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage service
Message-ID: <mailman.4420.1575949050.62801.testlist@lists.cpunks.org>

On Tue, Aug 13, 2013 at 12:02 PM, ianG <iang at iang.org> wrote:
> Super!  I think a commercial operator is an essential step forward.

A few points:

 - if only you access your own files then there's much less interest
for a government in your files: they might contain evidence of crimes
and conspiracies, but you can always be compelled to produce those

 - if you share files then traffic analysis will reveal much about
what you're up to, and there may be much interest in getting at your
files' contents.

 - commercial operators who give you software to run can compromise
(or allow governments to compromise) you even if they are not
technically an end-point[*] for your end-to-end protocols.

 - it's really not easy to defeat the PRISMs.  the problem is
*political* more than technological.

 - i'm not trying to detract from Tahoe-LAFS -- it's a spectacular
idea, I wish it well, and I generally endorse filesystems of this
sort.

[*]  In Tahoe-LAFS, ZFS, and any other similar filesystems, there is
only one end-point: the client(s); the server, in particular, is NOT
an end-point.

Nico
--
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From moritz at torservers.net  Tue Aug 13 06:25:45 2013
From: moritz at torservers.net (Moritz Bartl)
Date: Tue, 13 Aug 2013 15:25:45 +0200
Subject: [liberationtech] Swiss VPNs
Message-ID: <mailman.4421.1575949050.62801.testlist@lists.cpunks.org>

On 13.08.2013 14:20, taxakis wrote:
> Oligarchs and privacy advocates have something in common.  
> If you got a better place, please name it.  

I don't. I still believe we should stop being naive and promote Iceland
or Switzerland, just because we think they offer better privacy. In
general, just because you read something in the news, don't just believe it.

I never said Germany was a better place.

Yes, I should have quotable sources at hand, but at the moment I don't.
A good address for a more detailed answer would be the Chaos Computer
Club Switzerland, http://www.ccc-ch.ch/ , and, for Iceland, try the
people behind IMMI, https://immi.is/ .

The interesting part about Iceland is that there is a slight chance of
*making it* a privacy-friendly jurisdiction. It is not, yet. If media
always convey the picture of a privacy-friendly country, its own
politicians will start believing it and fight for it, hopefully.

-- 
Moritz Bartl
https://www.torservers.net/
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Tue Aug 13 09:56:29 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 13 Aug 2013 18:56:29 +0200
Subject: [cryptography] Certificate Transparency Hack Day
Message-ID: <20130813165629.GB29404@leitl.org>

----- Forwarded message from Ben Laurie <ben at links.org> -----


From eugen at leitl.org  Tue Aug 13 10:32:47 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 13 Aug 2013 19:32:47 +0200
Subject: [liberationtech] Swiss VPNs
Message-ID: <20130813173247.GC29404@leitl.org>

----- Forwarded message from Moritz Bartl <moritz at torservers.net> -----


From moritz at torservers.net  Tue Aug 13 11:59:22 2013
From: moritz at torservers.net (Moritz Bartl)
Date: Tue, 13 Aug 2013 20:59:22 +0200
Subject: [liberationtech] Zwiebelfreunde take over popular onion.to Tor gateway
Message-ID: <mailman.4422.1575949050.62801.testlist@lists.cpunks.org>

Hi Libtechies,

I hope you don't mind me putting this press release here. Please spread
if you like it.

----------------------------------------------------------------------

# Zwiebelfreunde take over popular onion.to Tor gateway

(Dresden, 13.8.2013) The non-profit organization Zwiebelfreunde e.V. is
known for the “Torservers” project, which over the past years has grown
into a global network of organizations that maintain server
infrastructure for the open anonymization network Tor. Today,
Zwiebelfreunde has taken over a very popular web gateway for Tor hidden
services, onion.to.

Tor hidden services provide anonymity for website owners, mail
providers, chat systems and other Internet services. Hidden services are
designed to be accessed using Tor Browser, which additionally provides
anonymity for users of the service. Web gateways such as onion.to
provide a convenient way to reach hidden services using a regular
browser without having to install Tor. A side effect is that the broad
world of hidden services are exposed to search engines and can thus be
indexed and found. The trade-off is that users lose anonymity: Both the
gateway and the hidden service can track users across visits, and
determine the user's IP address. That is why Zwiebelfreunde strongly
encourages people to download Tor Browser instead.

“By exposing hidden services to the public, we hope to attract even more
users and widen the spectrum of available services within the Tor
network.”, says Zwiebelfreunde founder and president Moritz Bartl. “I
can imagine privacy-friendly email services to be based fully on hidden
services in the future, for example.”

The current gateway server is located in Iceland, and another one will
be added in the near future.

https://www.onion.to/

An example hidden service can be found at https://duskgytldkxiuqc6.onion.to/

# Zwiebelfreunde e.V.

The German non-profit association Zwiebelfreunde e.V. serves as a
platform for projects in the area of safe and anonymous communication.
The organization facilitates and participates in educational events
about technological advances in the area of privacy, and connects
professionals to spread knowledge and experience on these fields.

“Zwiebelfreunde” is German for “Friends of the Onion”, as a reference to
Onion Routing, the name of the concept behind Tor for anonymizing
communication: Messages are passed through relays that each removes one
layer of encryption, like peeling the skin of an onion.
Contact

# Contact

Moritz Bartl
Zwiebelfreunde e.V.
c/o DID Dresdner Institut für Datenschutz
Palaisplatz 3
D-01097 Dresden
Germany

press at torservers.net
Tel.: +49-(0)351 / 212 960 18
Fax.: +49-(0)911 / 308 4466 748
http://www.torservers.net/
http://www.twitter.com/torservers/

-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From checker at panix.com  Tue Aug 13 14:19:39 2013
From: checker at panix.com (Frank Forman)
Date: Tue, 13 Aug 2013 21:19:39 +0000 (GMT)
Subject: [tt] NYT: Microsatellites: What Big Eyes They Have
Message-ID: <mailman.4423.1575949050.62801.testlist@lists.cpunks.org>

Microsatellites: What Big Eyes They Have
http://www.nytimes.com/2013/08/11/business/microsatellites-what-big-eyes-they-have.html

By ANNE EISENBERG

PEOPLE already worried about the candid cameras on Google Glass and
low-flying drones can add a new potential snooper to the list:
cameras on inexpensive, low-orbiting microsatellites that will soon
be sending back frequent, low-cost snapshots of most of Earth's
populated regions from space.

They won't be the first cameras out there, of course. Earth-imaging
satellites the size of vans have long circled the globe, but those
cost millions of dollars each to build and launch, in part because
of their weight and specialized hardware. The new satellites, with
some of the same off-the-shelf miniaturized technology that has made
smartphones and laptops so powerful, will be far less expensive.

The view from high up is rich in untapped data, said Paul Saffo, a
forecaster and essayist. He expects the new satellite services to
find many customers.

Insurance companies, for example, could use the satellites' "before"
and "after" views to monitor insured property and validate claims
after a disaster. Businesses that update online maps for geologists,
city planners or disaster relief officials could be customers, too.
The images could also be used to monitor problems like
deforestation, melting icecaps and overfishing.

And food companies and commodities traders could use the images to
keep track of crops and agricultural yields all over the planet, Mr.
Saffo predicted.

But the images are also likely to be viewed as the latest mixed
blessing by people already apprehensive of Big Brother-like
surveillance in their lives.

First into space in the microsatellite business will be the San
Francisco company Planet Labs, which plans to launch a fleet of 28
small satellites at the end of the year that will photograph the
planet around the clock, with frequent updates. The company has
already sent up two trial satellites for test runs, and will
dispatch the entire set, called Flock-1, in December, said Will
Marshall, a co-founder of the company and a former NASA scientist.

The Planet Labs' satellites won't be able to distinguish your face
or read your license plate--the cameras don't have that level of
resolution. But the frequency with which images can be updated could
raise privacy questions, said Timothy Edgar, a visiting fellow at
the Watson Institute for International Studies at Brown University
and a former director of privacy and civil liberties in the Obama
administration.

Mr. Edgar contrasted the satellite images with those provided by
Google Earth--the ones that people zoom in on to see, for example,
an aerial view of their homes."That's just an image of your house
that was probably taken a few years ago," he said. "It may feel like
you are being watched, but you aren't. It's just a static picture
that's most likely several years old."

But a satellite that regularly passes over your cabin deep in the
woods and photographs a car that is sometimes parked there--and
sometimes not--has different ramifications. "It can show a
pattern, for example, when you appear to be at home and when you're
away," he said.

Planet Labs' technology, like that at other microsatellite companies
such as Skybox Imaging, are benefiting from the progressive
miniaturization of consumer electronic components, along with a
federal effort to commercialize space. "What we are seeing are
smaller satellites that have similar capabilities to much larger,
traditional satellites," said Glenn Lightsey, a professor at the
University of Texas who founded and directs the Texas Spacecraft Lab
there. "Since putting a satellite in orbit is a function of its
size, these new satellites are able to get into orbit at a much
lower cost," he said.

The lightweight satellites have another advantage: the companies
don't have to spend millions of dollars for a rocket to get them
into space. Instead, they can hitch a ride as a secondary payload on
a rocket already making the trip. Planet Labs will send its
satellites on an Antares rocket when it heads out on a cargo
transportation flight to the International Space Station.

Investors have flocked to the new satellite companies, though
neither Planet Labs nor Skybox Imaging has disclosed what it will
charge customers. Planet Labs has obtained $13.1 million in funding,
led by Steve Jurvetson, managing director of Draper Fisher
Jurvetson. Other backers include O'Reilly AlphaTech Ventures, Data
Collective and First Round Capital.

Five ground stations will receive the Planet Labs imagery as the
satellites pass overhead. Dr. Marshall would not disclose how often
the satellites would pass the same spot. "The point is that by
putting up lots of satellites, we can image the whole Earth on a
much more frequent basis," he said.

Skybox Imaging, in Mountain View, Calif., aims to provide sharply
detailed images as well as high-definition video with its
satellites. The company, which has raised about $91 million, expects
to put its SkySat-1 and SkySat-2 satellites into orbit later this
year, said Dan Berkenstock, a co-founder, and then follow with a
group totaling 24 satellites. Customers will be able to buy images
or an appliance to download information directly from the satellite.
"They can log onto our satellite and ask it to take pictures," he
said.

Japan Space Imaging, a subsidiary of the Mitsubishi Corporation,
recently signed a contract with Skybox allowing it to directly
downlink imagery for agricultural and maritime monitoring as well as
for disaster response.

Microsatellite services promise a new, accessible way to monitor
global changes such as crop growth, said Anthony Janetos, director
of Boston University's Pardee Center for the Study of the
Longer-Range Future. "You can't understand these forces if you can't
measure them," he said. "These services will be useful in gathering
those measurements."

The new satellites are yet another stage in the expansion of the
human view aided by powerful cameras and digital communication, said
Mitchell Stephens, a journalism professor at New York University and
author of "The Rise of the Image, the Fall of the Word."

This change has pluses and minuses, he observed. People who try to
build a private hideaway in the woods might come to realize that it
isn't so private. But such images could also spot illegal logging in
remote spots.

"Now we can have a Godlike view, looking down from the heavens," he
said. "I can understand why people would be nervous. But the cameras
can make the world more transparent and open. I'm for that."

E-mail: novelties at nytimes.com.
_______________________________________________
tt mailing list
tt at postbiota.org
http://postbiota.org/mailman/listinfo/tt

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From rsw at jfet.org  Tue Aug 13 20:03:19 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Tue, 13 Aug 2013 23:03:19 -0400
Subject: changing computers
Message-ID: <20130814030319.GA19476@jfet.org>

All,

I'll be moving the list from one machine to another in the next day or
so. There may be some brief outages. Thanks for understanding.

-=rsw




From ilsa.bartlett at gmail.com  Tue Aug 13 21:51:15 2013
From: ilsa.bartlett at gmail.com (ilsa)
Date: Wed, 14 Aug 2013 05:51:15 +0100
Subject: changing computers
In-Reply-To: <20130814030319.GA19476@jfet.org>
References: <20130814030319.GA19476@jfet.org>
Message-ID: <CAN3PQpFtBd1uHTn3fT-Tv-HkWMsh+z+9gVutBh2JMoEE8WT9WQ@mail.gmail.com>

Thank you!
On Aug 13, 2013 8:09 PM, "Riad S. Wahby" <rsw at jfet.org> wrote:

> All,
>
> I'll be moving the list from one machine to another in the next day or
> so. There may be some brief outages. Thanks for understanding.
>
> -=rsw
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 486 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/2fb339a6/attachment.txt>

From nathan at guardianproject.info  Wed Aug 14 05:38:09 2013
From: nathan at guardianproject.info (Nathan of Guardian)
Date: Wed, 14 Aug 2013 08:38:09 -0400
Subject: [guardian-dev] ChatSecure "Burner" accounts
Message-ID: <mailman.4424.1575949050.62801.testlist@lists.cpunks.org>


One of the new features, I am finishing implementation on is the ability
to quickly create "burner" accounts within ChatSecure v12.

As of last nights alpha, you can now create new accounts directly from
the app, on supported services such as Jabber.ccc.de and Dukgo.com. In
the default mode, you choose a username, password, etc, yourself.

The concept of a burner account is that you can quickly create a new
clean account with no identifying or memorable details, and have that
account only exist on your device, within the encrypted ChatSecure
SQLCipher data store.

In the burner mode, a random username and password will be generated,
all registration and communication will be required to be done over
Orbot/Tor, and possibly, we will only support using an XMPP service that
has a Tor hidden service.

One you are logged in, you can then use the typical invite/add contact
feature to start a chat with someone, either on the same box, or any
other federated XMPP service. Ideally, the other person is also using a
burner account.

Any other thoughts on this feature? Other similar implementations or
concepts to consider? Perhaps this should be a Force OTR-only as well,
and maybe the account auto-deletes after a time period or when you exit
the app?

Thanks for your feedback, and please, try the latest alpha if you have
not yet moved onto v12. It is getting very close to stable, and we are
very nearly done with all the new features.

+n
_______________________________________________
Guardian-dev mailing list

Post: Guardian-dev at lists.mayfirst.org
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/eugen%40leitl.org

You are subscribed as: eugen at leitl.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From lunar at torproject.org  Tue Aug 13 23:46:07 2013
From: lunar at torproject.org (Lunar)
Date: Wed, 14 Aug 2013 08:46:07 +0200
Subject: [tor-talk] Tor Weekly News — August, 14th 2013
Message-ID: <mailman.4425.1575949050.62801.testlist@lists.cpunks.org>

========================================================================
Tor Weekly News                                        August 14th, 2013
========================================================================

Welcome to the seventh issue of Tor Weekly News, the weekly newsletter
that covers what is happening in the fast-paced Tor community.

New Tor Browser Bundle releases
-------------------------------

Mozilla released Firefox version 17.0.8esr [1] on August 6th, fixing
several release critical bugs. Three days later, the stable, beta and
alpha versions of the Tor Browser Bundle were updated, along with Tails
(see below).

The stable 2.3.25-11 and 2.4.15-beta-2 also updates HTTPS Everywhere,
PDF.js, NoScript and libpng to their latest version. Both bundles had a
localization issue which was fixed in the subsequently released
2.3.25-12 and 2.4.16-beta-1 [2].

Before updating your browser to the latest version, please pause and
admire the enhanced download page [3]. Kudos to J.M. Todaro for the
design and patches [4] and Andrew for the final integration.

The pluggable transports bundles have also been updated to
2.4.15-beta-2-pt1 [5]. Like previously, they contains flash proxy and
obfsproxy configured to run by default. Using flash proxy requires a few
extra steps [6], as before.

For more experimental matters, the new 3.0 series has seen the release
of alpha3 [7]. On top of the previous updates, several other small
improvements were made: in the new launcher and build system, in
fingerprinting fixes and in a possible anonymity threat for Windows
users coming from cloud anti-virus solutions [8]. This is another
opportunity to play with the new build system that should produce
byte-to-byte identical results. Please have a try [9] and report any
discrepancies with Mike Perry’s builds.

   [1] https://www.mozilla.org/en-US/firefox/17.0.8/releasenotes/
   [2] https://blog.torproject.org/blog/new-tor-02416-rc-packages-and-updated-stable-tor-browser-bundles
   [3] https://www.torproject.org/projects/torbrowser.html.en#downloads
   [4] https://blog.torproject.org/blog/pluggable-transports-bundles-2415-beta-2-pt1-firefox-1708esr
   [5] https://trac.torproject.org/projects/tor/wiki/FlashProxyHowto
   [6] https://trac.torproject.org/projects/tor/ticket/2109#comment:7
   [7] https://blog.torproject.org/blog/tor-browser-bundle-30alpha3-released
   [8] https://bugs.torproject.org/9195
   [9] https://gitweb.torproject.org/builders/tor-browser-bundle.git/blob/HEAD:/README

Tails 0.20 has been released
----------------------------

The 32nd release of Tails is out [10]. It fixes several security issues,
and all users are advised to upgrade [11].

Among other small bugfixes, minor improvements and translation updates,
this release tightens the security around Pidgin — by removing support
for protocols other than IRC and XMPP — and restricting access to the
ptrace(2) system call for unprivileged users.

Download [12], burn, and upgrade [13]!

  [10] https://tails.boum.org/news/version_0.20/
  [11] https://tails.boum.org/security/Numerous_security_holes_in_0.19/
  [12] https://tails.boum.org/download/
  [13] https://tails.boum.org/doc/first_steps/usb_upgrade/

New release candidate for the 0.2.4 tor branch
----------------------------------------------

Roger Dingledine announced the release of tor 0.2.4.16-rc [14], the
latest incarnation of the 0.2.4 series. This release include several
major and minor bugfixes.

The most important one is probably a crash that can be triggered
remotely via badly formatted INTRODUCE1 cells. Roger advises: “Anybody
running a hidden service on the experimental 0.2.4.x branch should
upgrade”.

Erinn Clark has updated the beta version of the Tor Browser Bundle [2]
for a wider audience of testers.

  [14] https://lists.torproject.org/pipermail/tor-talk/2013-August/029344.html

About Tor Browser usability
---------------------------

Last week events [15] sparked a good amount of discussions on Tor
Browser usability.  Several discussions on tor-talk and in other places
revolved around the idea that “JavaScript should be disabled by
default”. scarp wrote a good summary [16] on why it is not so simple: “I
understand that JavaScript was enabled globally in the Tor Browser
Bundle for usability reasons as well as to prevent browser
fingerprinting. […] If the torproject were to disable it by default,
that would not ensure that users are protected in the future by similar
methods. Sites can be written in a way that if you do not allow
JavaScript they simply won’t work at all. If I was writing an exploit
I’d do this to frustrate users so hopefully they enable JavaScript and
accept my exploit.“ Roger Dingledine also improved [17] the relevant
question in Tor FAQ [18].

One possible solution to satisfy contradicting requirements would be to
add a “security slider” [19] that would allow users to easily trade off
web compatibility over security. The slider would have three or four
different positions that would gradually deactivate more and more
features of the browser. One has to understand that the “most secure”
should probably disable loading of any pictures. This also impacts the
Tor Browser anonymity set but this is probably a trade off that can be
afforded given the actual size of the Tor Browser user base.

scarp had also pined another big usability problem related to updating:
“This exploit wasn’t new. […] Users running the latest Tor Browser
Bundle didn’t have any issues as their browsers had been patched. It is
inappropriate for a web browser to not be automatically updated.” Nick
Mathewson went back [20] on the latest plan that was discussed during
the last summer dev. meeting [21] to simply build upon Firefox update
mechanism. The next step is to do a proper review. Hopefully, given it
is “mature and widespread” and has been “proven to update Firefox”, we
will not “run screaming for the hills” when looking at the
disadvantages.

On a more general level, an unexpected comment came from Brendan Eich
(Mozilla’s chief technology officer) on Twitter [22]: “Maybe we should
just adopt, support, and bundle Tor in Firefox...”  David Dahl
subsequently opened a bug report in Mozilla’s tracker to discuss a way
forward [23]. Mike Perry commented on a thread [24] on the
liberationtech mailing list: “In short, I am excited by this news, and I
look forward to improving our communication and cooperation with Mozilla
on this front.”

  [15] https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-august-7th-2013
  [16] https://lists.torproject.org/pipermail/tor-talk/2013-August/029266.html
  [17] https://lists.torproject.org/pipermail/tor-talk/2013-August/029364.html
  [18] https://www.torproject.org/docs/faq.html.en#TBBJavaScriptEnabled
  [19] https://bugs.torproject.org/9387
  [20] https://lists.torproject.org/pipermail/tor-dev/2013-August/005228.html
  [21] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting/BundleUpdatePlan
  [22] https://twitter.com/BrendanEich/status/364265592112414720
  [23] https://bugzilla.mozilla.org/show_bug.cgi?id=901614
  [24] https://mailman.stanford.edu/pipermail/liberationtech/2013-August/010650.html

Tails 2013 summit
-----------------

The Tails team has sent a report on their 2013 development summit [25]
for which “a bunch of people spend a dozen days together in July”.

Read the report in full for all the details. Some highlights: task
tracking have been moved to Redmine [26], tasks fit for new contributors
has been better identified [27], progress has been made to move Tails to
the current Debian stable release [28], the roadmap has been
updated [29].

Communication channels are going to change a little bit “to ease
involvement of new contributors, to make more workload sharing possible,
and to be able to provide better user support”. As a start a new user
support mailing list was created [30]. Subscribe if you have questions
or want to help fellow Tails users.

A lot of discussions revolved around “the growth of the project: given
the growing number of users and our super-short release cycle, it is a
challenge to keep the project sustainable and maintainable in the
mid/long term.” Give the current project exposure, the report rightfully
concludes: “Tails is living decisive times, so we expect the next year
to be pretty interesting. You can perhaps make the difference, so do not
hesitate joining the dance [31]!”.

  [25] https://tails.boum.org/news/summit_2013/
  [26] https://labs.riseup.net/code/projects/tails
  [27] https://labs.riseup.net/code/projects/tails/issues?query_id=112
  [28] https://labs.riseup.net/code/issues/6015
  [29] https://labs.riseup.net/code/projects/tails/roadmap
  [30] https://tails.boum.org/support/tails-support/
  [31] https://tails.boum.org/contribute/

Three new proposals
-------------------

On Monday, Nick Mathewson robbed everyone of his “I’m a little teapot”
performance [32] by releasing the following three new proposals:

Proposal 219 [33] has been written a year ago by Ondrej Mikle. It is
currently at draft stage. Its goal is to make Tor support any DNS query
type and also support full DNSSEC resolution. The latter is important as
it provides “protection against DNS cache-poisoning attacks” but is made
tricky given a routine hostname resolution with DNSSEC “can require
dozens of round trips across a circuit”.

In another draft proposal [34], Nick Mathewson describes a plan for a
smooth transition from the current 1024-bit RSA keys used for router
identity and TLS links to Ed25519-SHA-512 [35] keys. Several small
details still have to be ironed out.  This proposal does not address
hidden service keys. They will have to be addressed in another proposal
once an agreement has been reached regarding the best crypto
scheme [36].

Now that the ntor onionskin handshake [37] has been implemented in
0.2.4, we could get better forward secrecy by having clients top sending
CREATE_FAST cells. Nick Mathewson has issued proposal 221 [38] to detail
the reasons and the implications of such change.

All these proposals are now up for discussions on the tor-dev mailing
list.

  [32] https://twitter.com/nickm_tor/status/365527533627777025
  [33] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/219-expanded-dns.txt
  [34] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/220-ecc-id-keys.txt
  [35] https://bugs.torproject.org/8106
  [36] http://ed25519.cr.yp.to/
  [37] https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/216-ntor-handshake.txt
  [38] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/221-stop-using-create-fast.txt

Miscellaneous news
------------------

Jens Kubieziel researched how to get a GnuPG version for Windows in a
secure way [39], something needed for users that would like to properly
verify the Tor Browser Bundle signatures on Windows systems.

  [39] https://lists.torproject.org/pipermail/tor-talk/2013-August/029256.html

George Kadianakis wrote on “how to deploy your very own pluggable
transport” [40] explaining what to do before, while and after coding a
new pluggable transport. Given they were designed to be “pluggable”, “it
should be easy to write new [ones]”. So be sure to read these advices
and start experimenting!

  [40] https://lists.torproject.org/pipermail/tor-dev/2013-August/005231.html

A new round of GSoC reports arrived to the tor-dev mailing list:
Johannes Fürmann about EvilGenius [41], Cristian-Matei Toader about Tor
capabilities [42], Hareesan about the Steganography Browser
Extension [43], and Kostas Jakeliunas about the searchable metrics
archive [44]. All of them seems to be making good progress. Let’s wish
them success for the last six weeks!

  [41] https://lists.torproject.org/pipermail/tor-dev/2013-August/005237.html
  [42] https://lists.torproject.org/pipermail/tor-dev/2013-August/005238.html
  [43] https://lists.torproject.org/pipermail/tor-dev/2013-August/005243.html
  [44] https://lists.torproject.org/pipermail/tor-dev/2013-August/005244.html

More reports came from the July 2013 wave: the Tor Help Desk by Runa
Sandvik [45], and Moritz Bartl [46].

  [45] https://lists.torproject.org/pipermail/tor-reports/2013-August/000310.html
  [46] https://lists.torproject.org/pipermail/tor-reports/2013-August/000311.html

Andrew Lewman gave a talk during the US National Network to End Domestic
Violence’s (NNEDV) annual technology summit. His presentation [47]
covered “a quick overview of Tor, why I’m here talking about domestic
violence and intimate partner abuse, and what we’re doing to help.”. Be
sure to read his report [48] in full.

  [47] https://svn.torproject.org/svn/projects/presentations/2013-07-30-NNEDV-Presentation.pdf
  [48] https://blog.torproject.org/blog/nnedv-tech-summit-2013-report

Thanks to Paul Templeton from CoffsWiFi [49], and nsane [50] for running
new Tor website mirrors.

  [49] https://lists.torproject.org/pipermail/tor-commits/2013-August/060352.html
  [50] https://lists.torproject.org/pipermail/tor-commits/2013-August/060583.html

Several people are trying to assemble localization teams for Tails:
Miriam Matar for Arabic [51], irregulator for Greek [52], hemlockii for
Turkish [53]. Tails policy regarding website translations [54] specifies
that “a team of translators, not just one person, is necessary”, so
please join if you can help!

  [51] https://mailman.boum.org/pipermail/tails-l10n/2013-August/000637.html
  [52] https://mailman.boum.org/pipermail/tails-l10n/2013-August/000646.html
  [53] https://mailman.boum.org/pipermail/tails-l10n/2013-August/000652.html
  [54] https://tails.boum.org/contribute/how/translate/

Help Desk Roundup
-----------------

Below is a summary of some frequent questions received at the Tor help
desk this past week:

Users are frequently confused by the message they receive from GetTor.
Currently the Tor Browser Bundle is too large to send over GetTor, so
users instead receive three mirrors with a link to a page with all
available translations of the Tor Browser Bundle. Many users email the
help desk unsure of what this page means or which package they need.

A number of users asked whether or not they needed to disable JavaScript
in the Tor Browser Bundle. While the vulnerability in Firefox does not
affect the latest Tor Browser Bundle, disabling JavaScript globally will
reduce one’s risk of being affected by future JavaScript exploits. Users
were asked to choose for themselves between greater protection inside
the browser or a browsing experience with more functionality enabled.

Upcoming event
--------------

Aug 14    | Roger at 22nd USENIX Security Symposium
          | Washington, DC, USA
          | https://www.usenix.org/conference/usenixsecurity13



This issue of Tor Weekly News has been assembled by Lunar, malaparte,
mttp, Phoul, Tails developers, David Fifield, Nick Mathewson, and
Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [55], write down your
name and subscribe to the team mailing list [56] if you want to
get involved!

  [55] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
  [56] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team



-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Wed Aug 14 02:19:08 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 14 Aug 2013 11:19:08 +0200
Subject: [liberationtech] Zwiebelfreunde take over popular onion.to Tor gateway
Message-ID: <20130814091908.GF29404@leitl.org>

----- Forwarded message from Moritz Bartl <moritz at torservers.net> -----


From eugen at leitl.org  Wed Aug 14 02:25:57 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 14 Aug 2013 11:25:57 +0200
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage
 service
Message-ID: <20130814092557.GI29404@leitl.org>

----- Forwarded message from Nico Williams <nico at cryptonector.com> -----


From eugen at leitl.org  Wed Aug 14 02:30:47 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 14 Aug 2013 11:30:47 +0200
Subject: [tt] NYT: Microsatellites: What Big Eyes They Have
Message-ID: <20130814093047.GL29404@leitl.org>

----- Forwarded message from Frank Forman <checker at panix.com> -----


From g13005 at gmail.com  Wed Aug 14 09:44:16 2013
From: g13005 at gmail.com (Chris Olesch)
Date: Wed, 14 Aug 2013 11:44:16 -0500
Subject: Switching power supplies
Message-ID: <CAPcht6OHvq-Pw1QciaokR=g0o1fvkCsL0F24FNmTuKikqzcVBA@mail.gmail.com>

I'm in the process of researching current power supply technologies to
create a robust  bench supply for my father.

My dad is an rc quad copter enthusiast and enlisted me to create him a
supply. His requirements are 13-48v with a max wattage of 1200w.

Can anyone recommend any good reading materials on switching designs?  I'm
also reading thru rsw's thesis as well.

In an ideal world I'd like to make the supply modular and also have built
in freq width/delay speed control.

I'm also looking to build a 6 amp dc supply for my solid state peltier
experiment (currently using an old dell ps, but this isn't very
portable...lol)

-Chris.


-- 
-- 
-- 
-Christopher Olesch

*"Affordable IT Services for Non-Profit & Small Business"*
|| http://www.ngotechnology.org/
|| http://www.linkedin.com/in/chrisoleschjr

*Masonic Affiliations:*
|| http://www.scottishritechicago.org
|| http://www.supremecouncil.org/
|| http://www.ilmason.org/

*Online Artistic Portfolio*
|| http://cjolesch.deviantart.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1635 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/734bff5f/attachment.txt>

From nelson_mikel at yahoo.com  Wed Aug 14 11:45:08 2013
From: nelson_mikel at yahoo.com (Michael Nelson)
Date: Wed, 14 Aug 2013 11:45:08 -0700 (PDT)
Subject: Google threat analysis selectively applied
In-Reply-To: <CAOFDsm15NtdR1VZz8xYuNvX4-onjfRga5isWwh0WkKgM_k8H1w@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
 <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>
 <520BBB1F.2060508@virtadpt.net>
 <CAOFDsm15NtdR1VZz8xYuNvX4-onjfRga5isWwh0WkKgM_k8H1w@mail.gmail.com>
Message-ID: <1376505908.68781.YahooMailNeo@web160201.mail.bf1.yahoo.com>



A friend of mine, not a security jock, recently needed to cleanse her system (computer system, that is). She was advised to download Malwarebytes.  So she went to Google, and selected the top hit.  It had the pale green background that indicates (to those who know) that it was a commercial hit.  Of course, she did not know that, but so what?  She merrily clicked on it.  It's Google's top hit, right?  Must be well-vetted, safe, etc.

The install led her through all sorts of other installs, and the end result was that she had a quite old version of Malwarebytes, and loads of adware on her computer.  She needed a very thorough cleaning then, to get rid of that stuff. Hope there's no malware left. Sheesh.

The point is that Google was boasting recently about its wonderful machine learning that, unprompted, detected bogus used car ads in China.  It's perfectly clear that they could check the nasty Malwarebytes repackager that paid them.  Pretty poor behavior on Google's part.

Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1987 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/9d7fbd5d/attachment.txt>

From eugen at leitl.org  Wed Aug 14 02:46:27 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 14 Aug 2013 11:46:27 +0200
Subject: [tor-talk] Tor Weekly News =?utf-8?B?4oCU?= =?utf-8?Q?_August=2C?=
 14th 2013
Message-ID: <20130814094627.GO29404@leitl.org>

----- Forwarded message from Lunar <lunar at torproject.org> -----


From drwho at virtadpt.net  Wed Aug 14 10:14:13 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 14 Aug 2013 13:14:13 -0400
Subject: Fwd: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
Message-ID: <520BBAE5.4030608@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/12/2013 09:47 AM, David Vorick wrote:

> And finally, it's possible that TSR uses additional layers of 
> protection, like VPN through countries outside of US jurisdiction,
> so that even when you unwrap tor TSR remains hidden.

It's also possible that they found a way to compromise FH and tamper
with other sites running on that service.  If you ask for hosting
(which they offered), and they give it to you, and you deliberately
upload a web application that you know you can use to execute
arbitrary code on the server side, it suddenly becomes a lot easier to
spike popular sites on the same machine.

Or, set up your own site as a sting and pack all the exploits you want
behind the frontpage.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"This time we're using four times the Kevlar."

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlILuuUACgkQO9j/K4B7F8E3gACgi6o7EUn1Y6fX6nNgif1rXYsu
QJMAn3zJHIfYfaOkqA+NcPG5ltytXnmL
=QAcu
-----END PGP SIGNATURE-----




From drwho at virtadpt.net  Wed Aug 14 10:15:11 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 14 Aug 2013 13:15:11 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
 <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>
Message-ID: <520BBB1F.2060508@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/12/2013 10:25 AM, Kyle Maxwell wrote:
> Or that different departments / teams have different enforcement 
> priorities, or that they don't cooperate well with each other...

Sometimes the right hand and left hand don't know what each other are
doing.

Sometimes the right and left hands are on entirely different bodies on
different sides of the continent.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"This time we're using four times the Kevlar."

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlILux8ACgkQO9j/K4B7F8ENUACg9GuTHxEksVnGaltChD/B4Bhy
qIMAoIZAcaQ+MAZl9hSmjJCWRLesPGOq
=IOxH
-----END PGP SIGNATURE-----




From drwho at virtadpt.net  Wed Aug 14 10:17:00 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 14 Aug 2013 13:17:00 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <1376330801.10168.1.camel@anglachel>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid> <1376330801.10168.1.camel@anglachel>
Message-ID: <520BBB8C.5040009@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/12/2013 02:06 PM, Ted Smith wrote:

> Remember, TSR sends drugs *through the mail*. You can't
> successfully *mail* enough drugs for the NSA/DEA to care.

The NSA?  Probably not, no.  The DEA?  Most definitely.  Trafficking
and shipping of drugs from point 'a' to points elsewhere are a part of
their mission.

I just thought of something: It's just come out that NSA intel is
being given to other agencies, and classes are being held to launder
that intel so that it looks like it came from somewhere else.  How
likely could it be that the DEA is one of those agencies?

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"This time we're using four times the Kevlar."

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlILu4wACgkQO9j/K4B7F8Fj3QCeKOvFHKDbp4OcYlLF8eRI3vLX
msIAnRcuGDKIc9m7YOhUCb/0fP/g6egL
=NRGZ
-----END PGP SIGNATURE-----




From rsw at jfet.org  Wed Aug 14 10:20:33 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Wed, 14 Aug 2013 13:20:33 -0400
Subject: List formatting
In-Reply-To: <52018061.6010007@jps.net>
References: <52018061.6010007@jps.net>
Message-ID: <20130814172033.GA29140@jfet.org>

Edgar Swank <cryoprez at jps.net> wrote:
> After the first article, remaining articles are greyed out with very
> light hard-to-read type.

Do you mean in the archive or in the mail from the list? If the latter,
it's just plaintext; any formatting is happening on your end.

-=rsw




From apexcp at gmail.com  Wed Aug 14 10:27:59 2013
From: apexcp at gmail.com (Patrick)
Date: Wed, 14 Aug 2013 13:27:59 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <520BBB8C.5040009@virtadpt.net>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid> <1376330801.10168.1.camel@anglachel>
 <520BBB8C.5040009@virtadpt.net>
Message-ID: <CAOHwwFKArxbhA11Q6vkauyVDCpmU092tZdxBF1tx21_eQkXPtg@mail.gmail.com>

>Remember, TSR sends drugs *through the mail*. You can't
successfully *mail* enough drugs for the NSA/DEA to care.

All estimates point to tens of millions of dollars in business per year. Do
you think the estimates are off or that that's still too low?


On Wed, Aug 14, 2013 at 1:17 PM, The Doctor <drwho at virtadpt.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 08/12/2013 02:06 PM, Ted Smith wrote:
>
> > Remember, TSR sends drugs *through the mail*. You can't
> > successfully *mail* enough drugs for the NSA/DEA to care.
>
> The NSA?  Probably not, no.  The DEA?  Most definitely.  Trafficking
> and shipping of drugs from point 'a' to points elsewhere are a part of
> their mission.
>
> I just thought of something: It's just come out that NSA intel is
> being given to other agencies, and classes are being held to launder
> that intel so that it looks like it came from somewhere else.  How
> likely could it be that the DEA is one of those agencies?
>
> - --
> The Doctor [412/724/301/703] [ZS]
> Developer, Project Byzantium: http://project-byzantium.org/
>
> PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
> WWW: https://drwho.virtadpt.net/
>
> "This time we're using four times the Kevlar."
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.20 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlILu4wACgkQO9j/K4B7F8Fj3QCeKOvFHKDbp4OcYlLF8eRI3vLX
> msIAnRcuGDKIc9m7YOhUCb/0fP/g6egL
> =NRGZ
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2409 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/0c42f0e6/attachment.txt>

From demonfighter at gmail.com  Wed Aug 14 10:34:26 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Wed, 14 Aug 2013 13:34:26 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <520BBB1F.2060508@virtadpt.net>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
 <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>
 <520BBB1F.2060508@virtadpt.net>
Message-ID: <CAOFDsm15NtdR1VZz8xYuNvX4-onjfRga5isWwh0WkKgM_k8H1w@mail.gmail.com>

On Wed, Aug 14, 2013 at 1:15 PM, The Doctor <drwho at virtadpt.net> wrote:
>
> On 08/12/2013 10:25 AM, Kyle Maxwell wrote:
> > Or that different departments / teams have different enforcement
> > priorities, or that they don't cooperate well with each other...
>
> Sometimes the right hand and left hand don't know what each other are
> doing.
>
> Sometimes the right and left hands are on entirely different bodies on
> different sides of the continent.
>

In my limited experience with the spook agencies, this understates the
case. The left hand refuses to share a thing, making the smug claim "We're
listeners, not talkers."

The right hand is working to stab the left in the back and take control of
the two fingers it thinks are doing anything useful. The left hand is doing
the same to the right.

I could go on, but I think the analogy is starting to fall apart. Eugen
Leitl pasted up an article recently, describing the delusions,
incompetence, dirty dealing, and dirty characters involved in Britain's
MI5. That matched pretty well what I know of my own knowledge of US
operations.


Please note that my experience was entirely on the US Army side of things,
as a low-ranking officer. I was mostly insulated from political
considerations except for budget battles. However, I dealt with other
groups and I kept my eyes and ears open and couldn't help noticing things.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1894 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/c74357fe/attachment.txt>

From rsw at jfet.org  Wed Aug 14 10:44:25 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Wed, 14 Aug 2013 13:44:25 -0400
Subject: Switching power supplies
In-Reply-To: <CAPcht6OHvq-Pw1QciaokR=g0o1fvkCsL0F24FNmTuKikqzcVBA@mail.gmail.com>
References: <CAPcht6OHvq-Pw1QciaokR=g0o1fvkCsL0F24FNmTuKikqzcVBA@mail.gmail.com>
Message-ID: <20130814174424.GA29305@jfet.org>

Chris Olesch <g13005 at gmail.com> wrote:
> reading thru rsw's thesis as well. 

I doubt you want to use anything so zany :)

What you're talking about is a relatively high power design, which means
that in addition to worrying about designing the switching supply,
you're going to have to sweat the practical details regarding PCB
layout, et cetera.

I'd have a look at some of the reference designs and application notes
from the usual suspects (onsemi.com, ti.com, maxim-ic.com, linear.com),
since they will have a lot of good practical information on getting the
supply built. For example,
    http://www.onsemi.com/PowerSolutions/taxonomy.do?id=448
seems to have a substantial amount of reference material available.

For more general information on theory and practice of dc/dc converter
design, "Fundamentals of Power Electronics 2e" by Erickson and
Maksimovic is my go-to reference. It more or less assumes you're already
an electrical engineer, which may or may not be useful to you. Along
these lines there's also "Principles of Power Electronics" by Kassakian
et al, a book dear to me but certainly not to all.

If you're looking for a gentler introduction, Google should be able to
point you to a few tutorials, e.g.,
    http://www.maximintegrated.com/app-notes/index.mvp/id/2031

I've been kicking around an idea for a weird little buck converter
controller that I haven't actually built yet. It's not particularly well-
suited for kW converters, though, since the most basic form of the idea
involves using a P-channel device for the high side switch. For any
reasonable amount of power you end up wanting to use an N-ch, as they're
generally higher performance devices than their P-ch counterparts (in
silicon, hole mobility is about 1/3 of electron mobility, so devices
that control electrons are generally higher performance than devices
that control holes).

Cypherpunks build circuits,

-=rsw




From mike at plan99.net  Wed Aug 14 05:26:27 2013
From: mike at plan99.net (Mike Hearn)
Date: Wed, 14 Aug 2013 14:26:27 +0200
Subject: [Bitcoin-development] bitcoinj 0.10
Message-ID: <mailman.4426.1575949050.62801.testlist@lists.cpunks.org>

Hello,

I'm pleased to announce version 0.10 of bitcoinj, a Java library for
writing Bitcoin applications. BitcoinJ has been used to create everything
from end-user wallet apps to network crawlers to SatoshiDice.

To learn how to obtain bitcoinj 0.10, please see the following page:

   https://code.google.com/p/bitcoinj/wiki/UsingMaven

The v0.10 release is signed by Andreas Schildbach's GPG key. The git hash
of the release is 777e6781d789. This paragraph is signed by the same
Bitcoin key as with previous releases (check their release announcements to
establish continuity).

Signature: H9Nl7FPnmrUOmjhUZ0+xB4YW3q5F5gIkGdvllsDWmWYvOkNQHAE9jZE0I/qE1VfLPeMV+Rzo7geTB43uDSFSMek=

*New in this release*

   - An implementation of *micropayment channels* was added. There have
   been many bugfixes and improvements since the first announcement. This
   feature allows you to set up a 1:1 payment relationship with a remote
   server and after a short setup process send very tiny payments, very
   rapidly. It's suitable for metered billing applications. An article,
   "Working with micropayments" explains how to use it. This work was a joint
   effort between Matt and myself.
   - A simple sublibrary has been added that provides async IO based
   client/server classes that transmit length prefixed protocol buffers.
   - Thanks to Matija Mazi, some classes have been added that implement *the
   BIP 32 deterministic wallet algorithm*. Note that these classes are not
   yet used elsewhere in the system and full deterministic wallet support is
   therefore not available, however, a low level API is available for
   experimentation. That API is very likely to change in future releases so
   don't get too attached to it.
   - Thanks to Gary Rowe, we have integrated *a new Maven plugin* that
   checks the SHA1 hashes of downloaded dependencies against a hard-coded
   list. This means that even if an upstream Maven repository or developer
   were to be compromised, library dependencies could not be switched out for
   corrupted versions without someone noticing. For 0.10 the dependency hashes
   were just initialised based on what was already downloaded. In future,
   reproducible builds of upstream dependencies and auditing of changes would
   provide better security. You can and should use Gary's
plugin<https://github.com/gary-rowe/BitcoinjEnforcerRules> in
   your own projects to defend against a possible compromise of the bitcoinj
   repository.
   - *Callback handling* has been much improved. Each event listener can
   have an Executor specified which takes responsibility for running the
   callback. If you don't specify one they run by default on a single
   background thread, the "user thread", instead of the origin framework
   threads. This means your callbacks no longer need to be thread safe as
   they're always run serially. You can also change the default executor if
   you would like to control the thread on which callbacks run, for example to
   marshal them into your GUI toolkit thread automatically. This fixes some of
   the most painful parts of the pre-0.10 API, for instance that transaction
   confidence listeners were not allowed to re-enter the library.
   - *Exception handling* has also improved. You can assign a global
   Thread.UncaughtExceptionHandler which receives any exceptions thrown on
   the user thread (i.e. by your own event listeners), as well as any internal
   exceptions thrown by network threads (like inability to parse a message
   sent by a remote peer). Because your listeners now run on a separate thread
   by default, you can no longer accidentally cause internal data corruption
   or prevent other callbacks from running by leaking exceptions out of your
   callbacks; a subtle knife-edge in the previous API.
   - Support for *automatic wallet key rotation* has been added.
   - We now require Bloom-capable (0.8+) peers by default and will
   disconnect from older nodes. This avoids accidental bandwidth saturation on
   mobile devices.
   - The wallet now accepts timelocked transactions if it created them
   itself.
   - The wallet can be told to empty itself out, in which case the fee will
   be subtracted from the total amount instead of added. This simplifies the
   common case of wanting to send your entire balance whilst still including a
   fee.
   - Some JNI peers for event listeners were added. Auto-generated JNI
   bindings are experimental and not yet merged in to the mainline codebase:
   for now they are available as part of a separate project on github. This
   work allows you to access the bitcoinj API using relatively natural looking
   C++ code and an embedded JVM.
   - You can now register custom PeerFilterProvider implementors to add
   things to Bloom filters that aren't necessarily in wallets.
   - We have begun adding nullity annotations to the API. Combined with a
   strong static analysis engine like FindBugs or the IntelliJ Inspector, you
   can find cases where you aren't handling possible null pointers. Note that
   you should configure your static analysis system to understand the Guava
   Preconditions assertions, as otherwise you will get false positives.
   - You can now control how much information Wallet toString() dumps
   contain more precisely. Extensions can contribute to a wallets debug dump
   as well, and transaction data is now optional.
   - Documentation: The getting started tutorial and PingService example
   were rewritten. New articles were added that cover optimising chain sync
   and using the library from non-Java languages. Existing articles were also
   extended and refreshed.
   - Many bug fixes and new methods. You should upgrade as soon as possible
   to get the bug fixes, in particular, one that could cause transactions
   inside the same block to be incorrectly re-ordered when using Bloom
   filtering (which can affect the wallet). The library code now has more
   internal annotations to help static analysis engines, and several bugs were
   fixed as a result of that.

*API Changes*

   - The ScriptBuilder class now takes TransactionSignature objects, these
   wrap a raw ECDSA signature and the SIGHASH flags together, with utility
   methods to work with them.
   - The Locks class has been renamed to Threading. The thread on which
   callbacks run has been changed, see above.
   - The WalletEventListener.onKeyAdded method became onKeysAdded and now
   takes a list, to make processing of bulk adds more efficient.
   - BitcoinURIParseException is now checked so you can't forget to handle
   bogus URIs.
   - The Wallet.toString(..) method has additional parameters now so you
   can control what is included in the dump.

*Known issues*
*
*
Please see the limitations and missing
features<https://code.google.com/p/bitcoinj/wiki/Limitations> page.
This page has been fleshed out since the last release with common issues
and missing features. A few issues were also fixed and removed.

------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead. 
Download for free and get started troubleshooting in minutes. 
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk

_______________________________________________
Bitcoin-development mailing list
Bitcoin-development at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From kylem at xwell.org  Wed Aug 14 13:02:01 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Wed, 14 Aug 2013 15:02:01 -0500
Subject: Google threat analysis selectively applied
In-Reply-To: <1376505908.68781.YahooMailNeo@web160201.mail.bf1.yahoo.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
 <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>
 <520BBB1F.2060508@virtadpt.net>
 <CAOFDsm15NtdR1VZz8xYuNvX4-onjfRga5isWwh0WkKgM_k8H1w@mail.gmail.com>
 <1376505908.68781.YahooMailNeo@web160201.mail.bf1.yahoo.com>
Message-ID: <CAESvgEoTGeBmbEraROKH494Nw8yF6sRZtB_Jn-N5FK4LECmjNA@mail.gmail.com>

IIRC Google happened to run across it, and they spend a lot of time
(and money) trying to detect bad ads, but it's certainly not
foolproof. The arms race continues. There are many areas where we
can't really consider Google one of the "good guys" (insofar as that
label means anything), but fighting malware is an area where they
certainly seem to be on the side of good.

On Wed, Aug 14, 2013 at 1:45 PM, Michael Nelson <nelson_mikel at yahoo.com> wrote:
>
> A friend of mine, not a security jock, recently needed to cleanse her system
> (computer system, that is). She was advised to download Malwarebytes.  So
> she went to Google, and selected the top hit.  It had the pale green
> background that indicates (to those who know) that it was a commercial hit.
> Of course, she did not know that, but so what?  She merrily clicked on it.
> It's Google's top hit, right?  Must be well-vetted, safe, etc.
>
> The install led her through all sorts of other installs, and the end result
> was that she had a quite old version of Malwarebytes, and loads of adware on
> her computer.  She needed a very thorough cleaning then, to get rid of that
> stuff. Hope there's no malware left. Sheesh.
>
> The point is that Google was boasting recently about its wonderful machine
> learning that, unprompted, detected bogus used car ads in China.  It's
> perfectly clear that they could check the nasty Malwarebytes repackager that
> paid them.  Pretty poor behavior on Google's part.
>
> Mike



-- 
@kylemaxwell




From dahonig at cox.net  Wed Aug 14 15:39:30 2013
From: dahonig at cox.net (David Honig)
Date: Wed, 14 Aug 2013 15:39:30 -0700
Subject: see something, say something stamps
Message-ID: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>



see something, say something US custom stamps

Featuring Sysadmin E. Snowden and a typical meme font.

Any copyright issues to be aware of?



I wish to God these calculations could be done by a
steam engine," Babbage complained 




From rsw at jfet.org  Wed Aug 14 13:37:34 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Wed, 14 Aug 2013 16:37:34 -0400
Subject: changing computers
In-Reply-To: <20130814030319.GA19476@jfet.org>
References: <20130814030319.GA19476@jfet.org>
Message-ID: <20130814203734.GA28096@antiproton.jfet.org>

"Riad S. Wahby" <rsw at jfet.org> wrote:
> I'll be moving the list from one machine to another in the next day or
> so. There may be some brief outages. Thanks for understanding.

The list *should* be fully operational and is on a new host.

Never fear if you're still resolving the MX as 69.60.117.34, I'm abusing
iptables to make things work until everyone's DNS updates.

-=rsw




From rvh40 at insightbb.com  Wed Aug 14 15:24:14 2013
From: rvh40 at insightbb.com (Randall Webmail)
Date: Wed, 14 Aug 2013 18:24:14 -0400 (EDT)
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <1376330801.10168.1.camel@anglachel>
Message-ID: <1509058007.319550.1376519054151.JavaMail.root@md13.insight.synacor.com>



From wb8foz at nrk.com  Wed Aug 14 15:59:50 2013
From: wb8foz at nrk.com (David)
Date: Wed, 14 Aug 2013 18:59:50 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <1376330801.10168.1.camel@anglachel>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid> <1376330801.10168.1.camel@anglachel>
Message-ID: <520C0BE6.6010307@nrk.com>

On 8/12/13 2:06 PM, Ted Smith wrote:

> Remember, TSR sends drugs*through the mail*. You can't successfully
> *mail*  enough drugs for the NSA/DEA to care.

Ask Mayor Cheye Calvo of Berwyn Heights:

<http://reason.com/blog/2008/07/31/mayors-dogs-killed-in-drug-raid>





From tom at ritter.vg  Wed Aug 14 16:12:24 2013
From: tom at ritter.vg (Tom Ritter)
Date: Wed, 14 Aug 2013 19:12:24 -0400
Subject: [guardian-dev] An email service that requires GPG/PGP?
Message-ID: <mailman.4427.1575949050.62801.testlist@lists.cpunks.org>

On 14 August 2013 18:01, Richard <rz at linux-m68k.org> wrote:
> On the other end of the paranoia scale I would like to remind folks of the
> the mixmaster remailer chaining technique which does much more than plain
> encryption - as far as I can see it is theoretically completely untraceable.

That statement is not correct.  Mix networks require more effort to
trace than normal packets or Onion Routing, but are not even close to
"theoretically completely untraceable".  I'll point to Syverson's
papers (Why I'm not an entropist, and Sleeping dogs lie in a bed of
onions) and Serjantov's "From a Trickle to a Flood."



On 14 August 2013 10:17, Ralph Holz <holz at net.in.tum.de> wrote:
> Hi Tom
>
>> Aside from StartCom (free) most CAs have roughly the same price and
>> service.  Since service is equivalent, you're free to choose a CA
>> based on your political opinion, and not worry about missing out on
>> 'features'. It's basically like voting in an election - elections are
>> won by tens or hundreds of thousands of votes, so it seems like one
>> vote doesn't matter.  But it can add up.
>
> Not sure if you know this one, but this article paints a somewhat more
> complex picture of the HTTPS economics. In particular, companies buy
> from the big players because, alas and behold, they're too big to fail
> and will never be removed from root stores:
>
> @INPROCEEDINGS{Asghari2013,
>   author = {Asghari, Hadi and van Eeten, Michel J. G. and Arnbak, Axel
> M. and van Eijk, Nico A. N. M.},
>   year = {2013},
>   month = {March},
>   title = {Security Economics in the {HTTPS} value chain},
>   location = {Washington, D.C., USA},
>   booktitle = {Proc. 12th Ann. Workshop on the Economics of Information
> Security (WEIS 2013)},
> }


I had not seen that paper, that's cool thanks.  However, it seems
they're observing data (EFF Observatory and Market Prices) and drawing
conclusions about why companies make decisions.  It would be easier
and more reliable to just... ask the companies why they do what they
do.  They seem to omit that somewhat important step to support their
conclusions.

-tom
_______________________________________________
Guardian-dev mailing list

Post: Guardian-dev at lists.mayfirst.org
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/eugen%40leitl.org

You are subscribed as: eugen at leitl.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From tedks at riseup.net  Wed Aug 14 18:11:53 2013
From: tedks at riseup.net (Ted Smith)
Date: Wed, 14 Aug 2013 21:11:53 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <CAOHwwFKArxbhA11Q6vkauyVDCpmU092tZdxBF1tx21_eQkXPtg@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid>
 <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid> <1376330801.10168.1.camel@anglachel>
 <520BBB8C.5040009@virtadpt.net>
 <CAOHwwFKArxbhA11Q6vkauyVDCpmU092tZdxBF1tx21_eQkXPtg@mail.gmail.com>
Message-ID: <1376529113.5899.0.camel@anglachel>

On Wed, 2013-08-14 at 13:27 -0400, Patrick wrote:
> >Remember, TSR sends drugs *through the mail*. You can't
> successfully *mail* enough drugs for the NSA/DEA to care.
> 
> 
> All estimates point to tens of millions of dollars in business per
> year. Do you think the estimates are off or that that's still too low?

That's distributed over all the users. The site is making a killing, but
the individual deals and dealers are all way too small-fry for any
three-letter agency to care.

> On Wed, Aug 14, 2013 at 1:17 PM, The Doctor <drwho at virtadpt.net>
> wrote:
>         -----BEGIN PGP SIGNED MESSAGE-----
>         Hash: SHA1
>         
>         
>         On 08/12/2013 02:06 PM, Ted Smith wrote:
>         
>         > Remember, TSR sends drugs *through the mail*. You can't
>         > successfully *mail* enough drugs for the NSA/DEA to care.
>         
>         
>         The NSA?  Probably not, no.  The DEA?  Most definitely.
>          Trafficking
>         and shipping of drugs from point 'a' to points elsewhere are a
>         part of
>         their mission.
>         
>         I just thought of something: It's just come out that NSA intel
>         is
>         being given to other agencies, and classes are being held to
>         launder
>         that intel so that it looks like it came from somewhere else.
>          How
>         likely could it be that the DEA is one of those agencies?
>         
>         - --
>         The Doctor [412/724/301/703] [ZS]
>         Developer, Project Byzantium: http://project-byzantium.org/
>         
>         PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B
>         807B 17C1
>         WWW: https://drwho.virtadpt.net/
>         
>         "This time we're using four times the Kevlar."
>         
>         -----BEGIN PGP SIGNATURE-----
>         Version: GnuPG v2.0.20 (GNU/Linux)
>         Comment: Using GnuPG with Thunderbird -
>         http://www.enigmail.net/
>         
>         
>         iEYEARECAAYFAlILu4wACgkQO9j/K4B7F8Fj3QCeKOvFHKDbp4OcYlLF8eRI3vLX
>         msIAnRcuGDKIc9m7YOhUCb/0fP/g6egL
>         =NRGZ
>         -----END PGP SIGNATURE-----
> 
> 

-- 
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/bc927865/attachment.sig>

From wb8foz at nrk.com  Wed Aug 14 18:13:44 2013
From: wb8foz at nrk.com (David)
Date: Wed, 14 Aug 2013 21:13:44 -0400
Subject: Switching power supplies
In-Reply-To: <E1V9lka-0001CD-J6@login01.fos.auckland.ac.nz>
References: <E1V9lka-0001CD-J6@login01.fos.auckland.ac.nz>
Message-ID: <520C2B48.1070105@nrk.com>

On 8/14/13 8:49 PM, Peter Gutmann wrote:

> Another thing about switchmode design is that unless it's pretty
> simple, you're better off outsourcing it (meaning, get a pre-built
> one).

WhatHeSaid. Switchers are notorious for being persnickety about components 
tolerances, and are sheer hell to troubleshoot as well.

And the bigger you get, the harder they fail...

I love the smell of burning bakelite^H^H glass-fiber^H^H electrolyte in the 
morning...




From g13005 at gmail.com  Wed Aug 14 20:46:02 2013
From: g13005 at gmail.com (Chris Olesch)
Date: Wed, 14 Aug 2013 22:46:02 -0500
Subject: Switching power supplies
In-Reply-To: <520C2B48.1070105@nrk.com>
References: <E1V9lka-0001CD-J6@login01.fos.auckland.ac.nz>
 <520C2B48.1070105@nrk.com>
Message-ID: <CAPcht6Pt6eEcPKsT6aNSOFKSN9hAkeF8EHQqdG_nkGxUKXLt7A@mail.gmail.com>

I had considered building it as a linear for the very same reason David
pointed out, "hell to troubleshoot."



On Wed, Aug 14, 2013 at 8:13 PM, David <wb8foz at nrk.com> wrote:

> On 8/14/13 8:49 PM, Peter Gutmann wrote:
>
>  Another thing about switchmode design is that unless it's pretty
>> simple, you're better off outsourcing it (meaning, get a pre-built
>> one).
>>
>
> WhatHeSaid. Switchers are notorious for being persnickety about components
> tolerances, and are sheer hell to troubleshoot as well.
>
> And the bigger you get, the harder they fail...
>
> I love the smell of burning bakelite^H^H glass-fiber^H^H electrolyte in
> the morning...
>
>


-- 
-- 
-- 
-Christopher Olesch

*"Affordable IT Services for Non-Profit & Small Business"*
|| http://www.ngotechnology.org/
|| http://www.linkedin.com/in/chrisoleschjr

*Masonic Affiliations:*
|| http://www.scottishritechicago.org
|| http://www.supremecouncil.org/
|| http://www.ilmason.org/

*Online Artistic Portfolio*
|| http://cjolesch.deviantart.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1969 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/e52140fe/attachment.txt>

From g13005 at gmail.com  Wed Aug 14 21:27:06 2013
From: g13005 at gmail.com (Chris Olesch)
Date: Wed, 14 Aug 2013 23:27:06 -0500
Subject: Switching power supplies
In-Reply-To: <20130814174424.GA29305@jfet.org>
References: <CAPcht6OHvq-Pw1QciaokR=g0o1fvkCsL0F24FNmTuKikqzcVBA@mail.gmail.com>
 <20130814174424.GA29305@jfet.org>
Message-ID: <CAPcht6NYTBQz9YeGoJ8oiUcE2Edxo4Do0GcAbL+WQpkoca9LEA@mail.gmail.com>

Thanks for the links & design pointers. I'll willing to admit that I'm not
an expert, but always eager and willing to learn something new!

 [yes I know the lurker finally speaks...lol] I'll try yo keep this brief.

A little history about my background. I was born in the chicago area a dual
citizen (American/German[Transylvanian]), from good stock. Ingenuity,
design, art, music, and sciences, are some of the traits I share with my
family & relatives.

I studied electrical engineering for 3 years in high school (graduated
early), then 2 more in college before switching into the computer network
field. While in college I worked at the sba patent office, reviewing
patents and researching designs.

Going back a little further, when I was a kid I ran a small repair shop,
fixing tv's stereos, etc (anything with cord or ran on batteries). I had a
real knack for fixing broken electronics so they wouldn't break again.

In the early 80's I got interested in computers and have been online since
1985. I used to be an avid reader of 2600, and frequented the meeting in
chicago during the 90's. [I admit I still have my first redbox]. It was
also during this time frame I became heavily involved in amateur and cb
radio.

The radio experience led me down the path of becoming an On-Air
personality, where my first radio program attracted 3 million listeners. :)

I'm not afraid to learn theory and good design before embarking on a new
electronics project or any project for that matter. I do admit to suffering
from hobby overload from time to time, especially since I'm interested in
almost everything. I have learned almost everything I know by reverse
engineering.

At my present job I am well known for having the ability to reverse
engineer a new technical process, document it and train others.

Lately I've found myself burning out of the network engineering field, so
starting projects such as these help me keep things in perspective [house,
car, food, wife, etc]



-Christopher Olesch

*"Affordable IT Services for Non-Profit & Small Business"*
|| http://www.ngotechnology.org/
|| http://www.linkedin.com/in/chrisoleschjr

*Masonic Affiliations:*
|| http://www.scottishritechicago.org
|| http://www.supremecouncil.org/
|| http://www.ilmason.org/

*Online Artistic Portfolio*
|| http://cjolesch.deviantart.com/

On Wed, Aug 14, 2013 at 12:44 PM, Riad S. Wahby <rsw at jfet.org> wrote:

> Chris Olesch <g13005 at gmail.com> wrote:
> > reading thru rsw's thesis as well.
>
> I doubt you want to use anything so zany :)
>
> What you're talking about is a relatively high power design, which means
> that in addition to worrying about designing the switching supply,
> you're going to have to sweat the practical details regarding PCB
> layout, et cetera.
>
> I'd have a look at some of the reference designs and application notes
> from the usual suspects (onsemi.com, ti.com, maxim-ic.com, linear.com),
> since they will have a lot of good practical information on getting the
> supply built. For example,
>     http://www.onsemi.com/PowerSolutions/taxonomy.do?id=448
> seems to have a substantial amount of reference material available.
>
> For more general information on theory and practice of dc/dc converter
> design, "Fundamentals of Power Electronics 2e" by Erickson and
> Maksimovic is my go-to reference. It more or less assumes you're already
> an electrical engineer, which may or may not be useful to you. Along
> these lines there's also "Principles of Power Electronics" by Kassakian
> et al, a book dear to me but certainly not to all.
>
> If you're looking for a gentler introduction, Google should be able to
> point you to a few tutorials, e.g.,
>     http://www.maximintegrated.com/app-notes/index.mvp/id/2031
>
> I've been kicking around an idea for a weird little buck converter
> controller that I haven't actually built yet. It's not particularly well-
> suited for kW converters, though, since the most basic form of the idea
> involves using a P-channel device for the high side switch. For any
> reasonable amount of power you end up wanting to use an N-ch, as they're
> generally higher performance devices than their P-ch counterparts (in
> silicon, hole mobility is about 1/3 of electron mobility, so devices
> that control electrons are generally higher performance than devices
> that control holes).
>
> Cypherpunks build circuits,
>
> -=rsw
>



-- 
-- 
-- 
 <http://cjolesch.deviantart.com/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6027 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/dbc539f6/attachment.txt>

From l at odewijk.nl  Wed Aug 14 14:30:59 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Wed, 14 Aug 2013 23:30:59 +0200
Subject: Google threat analysis selectively applied
In-Reply-To: <CAESvgEoTGeBmbEraROKH494Nw8yF6sRZtB_Jn-N5FK4LECmjNA@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <3645214.aNOC3WAsbX@laptosid> <1DDE7520-AD79-4130-8F82-85B4C6448519@cpunk.us>
 <4472797.fdJLsJXBOm@laptosid>
 <CAFVRnypVmjEOAAPmpHLbhrvSCri70hgg40cHRevRudhhK96-Vw@mail.gmail.com>
 <CAFVRnyr6GmpjWPdi0X8x8tRGFK9RTa3NFfw5bLnnpwGssr99hg@mail.gmail.com>
 <CAESvgEpXoMrELqGf1rQ19LGAtX7T+7rVLH9LdGeU0VaN14=N9g@mail.gmail.com>
 <520BBB1F.2060508@virtadpt.net>
 <CAOFDsm15NtdR1VZz8xYuNvX4-onjfRga5isWwh0WkKgM_k8H1w@mail.gmail.com>
 <1376505908.68781.YahooMailNeo@web160201.mail.bf1.yahoo.com>
 <CAESvgEoTGeBmbEraROKH494Nw8yF6sRZtB_Jn-N5FK4LECmjNA@mail.gmail.com>
Message-ID: <CAHWD2rLSzasLFZ_jU6hzS2DB-KgWv4m4T0gy42xpBEvs9_u4OQ@mail.gmail.com>

Google might very well have given that add -10k LarryPoints. It just had to
compete with the other paid ads, and there were none. So it won.

Google is capable of automatically crawling websites and running a full
virus-and-maleware-scan sweep. Especially for their ads. But they don't do
this at all AFAIK. Probably not worth it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 382 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130814/42bd67b7/attachment.txt>

From demonfighter at gmail.com  Thu Aug 15 04:17:26 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Thu, 15 Aug 2013 07:17:26 -0400
Subject: see something, say something stamps
In-Reply-To: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
References: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
Message-ID: <CAOFDsm1YzoXWr4u4Y25B-dM3dVQEvu7f4kPETrsMHM3y70_Nng@mail.gmail.com>

On Wed, Aug 14, 2013 at 6:39 PM, David Honig <dahonig at cox.net> wrote:

> Any copyright issues to be aware of?


I would think that this would be commercial misappropriation of likeness. (
http://itlaw.wikia.com/wiki/Commercial_misappropriation) I guess that the
USPS being sort-of a part of the US federal government might get them an
out, and I'd guess that no federal judge in the US would find in Snowden's
favor lest he, too, be deemed a traitor. Procedural hurdles could be thrown
up, such as making him appear in court in person, and of course he'd be
arrested before he got that far. And even if Snowden did somehow win a
judgement he'd find it impossible to collect. Short answer, anyone in the
US wanting to make money off of Snowden can likely get away with it.

(been to law school, blah blah, not a lawyer, blah blah)

--
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1392 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130815/63376c49/attachment.txt>

From lynX at time.to.get.psyced.org  Thu Aug 15 00:38:36 2013
From: lynX at time.to.get.psyced.org (carlo von lynX)
Date: Thu, 15 Aug 2013 09:38:36 +0200
Subject: [liberationtech] We'll make ourselves a GNU Internet.. GADS, PSYC, distributed search
Message-ID: <mailman.4428.1575949050.62801.testlist@lists.cpunks.org>

You broke the Internet.
We'll make ourselves a GNU one.

    https://gnunet.org/internetistschuld
    http://internetistschuld.de
    http://www.reddit.com/search?q=gnu+internet

This is the video from the talks given by Christian Grothoff, Carlo
von lynX, Jacob Appelbaum and Richard Stallman in Berlin on August 1st.
The talks are in English, even though the welcoming words are in German.

Christian Grothoff's talk summarized the recent revelations about PRISM
and their implications for non-American citizens, industries and
governments. It then presented technical solutions towards a secure
and fully decentralized future Internet, which would address key challenges
for self-determined life created by the world-wide police state.

Interesting details on this:
    - A new cryptographic method for a privacy-capable DNS/DNSSEC
      replacement, called GADS.
    - A faster and smarter extensible messaging syntax than XML
      and JSON, called PSYC.
    - A strategy for distributed and liberated Internet search,
      called RegEx.

Carlo von lynX gave a presentation on how secushare intends to provide
messaging and Facebook-like functionality on top of GNUnet.
    Keywords: Scalability by multicast;
	      Social graph vs. Onion routing;
	      Unsafety of your own server.

Richard Stallman and Jacob Appelbaum added closing notes of free
software and free hardware and responded to questions.


    It's not about how much you want to make
    believe you got nothing to hide. It's about your
    civic duty to not be a predictable populace.


Big thanks to the Pirate Party for providing the venue and the
recording technology.

-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From drwho at virtadpt.net  Thu Aug 15 07:27:50 2013
From: drwho at virtadpt.net (The Doctor)
Date: Thu, 15 Aug 2013 10:27:50 -0400
Subject: see something, say something stamps
In-Reply-To: <CAOFDsm1YzoXWr4u4Y25B-dM3dVQEvu7f4kPETrsMHM3y70_Nng@mail.gmail.com>
References: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
 <CAOFDsm1YzoXWr4u4Y25B-dM3dVQEvu7f4kPETrsMHM3y70_Nng@mail.gmail.com>
Message-ID: <520CE566.8000502@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/15/2013 07:17 AM, Steve Furlong wrote:

> I would think that this would be commercial misappropriation of 
> likeness. (http://itlaw.wikia.com/wiki/Commercial_misappropriation)
> I

On the other hand, you could go to a service like Zazzle, get a few
sheets of postage stamps made (cheap) and use them yourself to mail
things through the mail.  You'll have to set up a Zazzle store but you
don't have to make it public (i.e., only you can use it) so that
dodges copyright violations (or at least it does for the stuff they
make for me while I'm screwing around).  They're perfectly good
postage stamps, too - one of my wedding gifts were custom stamps from
them and everything we mailed with them went through as expected.

tl;dr - Possible and easy.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Activate interlock! Dynotherms connected! Infracells up! Megathrusters
are go!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIM5WYACgkQO9j/K4B7F8FpQACg7MsIDocUyd1JiepSjFW0ydAS
S3wAn2va4lji6z8nmkXV/LzrALmLqE5L
=zClT
-----END PGP SIGNATURE-----




From eugen at leitl.org  Thu Aug 15 02:29:30 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 15 Aug 2013 11:29:30 +0200
Subject: [Bitcoin-development] bitcoinj 0.10
Message-ID: <20130815092930.GA29404@leitl.org>

----- Forwarded message from Mike Hearn <mike at plan99.net> -----


From eugen at leitl.org  Thu Aug 15 02:55:45 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 15 Aug 2013 11:55:45 +0200
Subject: [liberationtech] We'll make ourselves a GNU Internet.. GADS, PSYC,
 distributed search
Message-ID: <20130815095545.GD29404@leitl.org>

----- Forwarded message from carlo von lynX <lynX at time.to.get.psyced.org> -----


From eugen at leitl.org  Thu Aug 15 03:02:53 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 15 Aug 2013 12:02:53 +0200
Subject: [guardian-dev] ChatSecure "Burner" accounts
Message-ID: <20130815100253.GG29404@leitl.org>

----- Forwarded message from Nathan of Guardian <nathan at guardianproject.info> -----


From pgut001 at cs.auckland.ac.nz  Wed Aug 14 17:49:16 2013
From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Date: Thu, 15 Aug 2013 12:49:16 +1200
Subject: Switching power supplies
In-Reply-To: <20130814174424.GA29305@jfet.org>
Message-ID: <E1V9lka-0001CD-J6@login01.fos.auckland.ac.nz>

"Riad S. Wahby" <rsw at jfet.org> writes:

>What you're talking about is a relatively high power design, which means that
>in addition to worrying about designing the switching supply, you're going to
>have to sweat the practical details regarding PCB layout, et cetera.

Another thing about switchmode design is that unless it's pretty simple,
you're better off outsourcing it (meaning, get a pre-built one).  Back when
all you needed was a 78S40 and a few capacitors, resistors, and inductors it
was simple enough, but nowadays you can get a high-efficiency (90+% rather
than ~70%, look for one advertised as efficiency class V), over-voltage, over-
current, short-circuit protected power supply module for less than the cost of
the parts, it's really not worth doing yourself unless you need something
particularly exotic.

>Cypherpunks build circuits,

Cypherpunks assemble systems out of existing modules that someone else has
spent the time to develop and tune.

Peter.




From desnacked at riseup.net  Thu Aug 15 05:25:41 2013
From: desnacked at riseup.net (George Kadianakis)
Date: Thu, 15 Aug 2013 15:25:41 +0300
Subject: [tor-talk] Flattor: A practical crowdfunded Flattr-like incentive scheme for Tor relays
Message-ID: <mailman.4429.1575949050.62801.testlist@lists.cpunks.org>

==tldr (Too Long, Didn't Read)

Where will Tor's bandwidth come from in 20 years? Will solo volunteers
still exist, or will all the bandwidth come from Tor-friendly
organizations?

Tor incentive schemes are interesting. There are many proposed schemes
but their crypto needs to be reviewed and lots of code/spec needs to
be written before they can be deployed.

This document describes the idea of a Flattr-like crowdfunding model
for tor relays.

==Intro (skip if you know why Tor incentive schemes might be useful)

One of the goals of Tor is to increase its reach and get tens of
millions of Tor users. This makes sense from an anonymity point of
view, since an increase on the number of users is also an increase on
Tor's anonymity set.

One of the problems of scaling Tor to tens of millions of users is
that Tor's bandwidth capacity is finite. The current total relay
bandwidth is about 4GB/s [0], and it's donated by kind volunteers and
various organizations [1]. As the number of users increases, Tor's
bandwidth must also increase.

Lately the bandwidth coming out of Tor-friendly organizations (like
torservers.net, universities, etc.) seems to increase. Currently,
there is 50% chance of exiting from an org-controlled exit node, as
can be seen in slide 30 of http://freehaven.net/~arma/slides-dimacs13.pdf       

If this trend continues, Tor might end up looking like the Bitcoin
network -- where a number of organizations (mining pools) drive the
network. Unfortunately, in contrast with the coin minting of Bitcoin,
there is no incentives for organizations to contribute to the Tor
network.

At the moment, organizations and solo volunteers pay out of their own
pocket (or accept donations) to maintain their Tor relays. There must
be ways to help reimburse their costs.

==Incentive schemes (feel free to skip if you know this stuff)

Incentive schemes for anonymous networks have been extensively
researched and there are multiple papers for systems that apply
specifically to Tor [2].

Most of those systems require to modify the code of the Tor network,
to be able to give "contribution tokens" to relay operators. Then
those tokens can be exchanged to get "premium Tor service" or other
goods.

These systems have a few issues that make them hard to implement and
deploy:
a) Baking anything inside Tor is a lengthy procedure. Secure designs
   and code must be written, time must pass for the new code to be
   deployed and used by the majority of the network, etc.
b) These schemes might cause anonymity issues, since the set of people
   who have "contribution tokens" is smaller than the set of Tor
   users. The proposed incentive schemes try to fix these issues; for
   example, LIRA solves it by creating a lottery system (yes, on top
   of Tor) that rewards "contribution tokens" to random relays.
c) Alternative currencies, like "contribution tokens", are not easy to
   get right. Baking them inside the Tor network is not a trivial task

While these proposed "complex" schemes might be The Right Thing for
the long-term, we might be able to create an incentive scheme based on
already existing technologies; like the bandwidth authorities and
Bitcoin.

==Flattor: A simple incentive scheme

Flattor is (fictional) software (or a website) that given a Bitcoin
wallet and a number of Bitcoins that the user is willing to spend,
splits those Bitcoins in chunks and sends them to contributing relay
operators.

The idea assumes that there is some way to find the Bitcoin address of
relay operators. There is no standard way to do so, but operators who
are interested in getting reimbursed can put their address in the
Contact field of their relay.

Flattor uses the bandwidth estimations of Tor to find the contribution
factor of each relay. We will assume that these estimates are
accurate, since the security of Tor depends on them anyway.

As a simplified example, if the Tor network has 4 relays with
bandwidth contribution 0.05, 0.05, 0.3 and 0.6 respectively, and the
user is willing to spend 1 bitcoin, Flattor will send 0.05, 0.05, 0.3
and 0.6 bitcoins to each relay operator respectively.

Of course, this gets more complicated as the number of relays
increases, or when only a subset of the relays have a registered
bitcoin address, etc.

==Why this might be a good idea

It's simple to implement and easy to understand, it doesn't require
any Tor code to be written and it can even be started as an unofficial
project.

Furthermore, it doesn't cause anonymity issues, there are no
middlemen, and it doesn't centralize bandwidth to a single relay
operator.

==Why this might be a bad idea

(This concern is based on a discussion with gmaxwell.)

Incentivising Tor relay operators with money is not a good way to run
an anonymity network

Currently, (we want to believe that) the Tor network is run by a bunch
of cypherpunks that are contributing bandwidth because they believe in
the Cause.

If relay operators start getting money for their bandwidth, we might
end up with relay operators that are just in for the money. It might
then be easier for a three-letter org to persuade those relay
operators to snoop on their users (by giving them double the money
they are currently getting).

While I agree that this concern is legitimate, I would say that it's
pretty far off at the moment: I doubt that anything like Flattor will
ever generate a considerable income for anyone. Still, it's something
that we should have in mind.

(Furthermore, since the Bitcoin blockchain is public you can see how
much money each relay operator has gotten so far. Maybe there should
be some kind of limit on the number of money each operator should get
per time period.)

==Final thoughts

There are many details that must be sorted out before Flattr can be
implemented. There are also multiple improvements that can be applied
on top of the simple model described above. Also, there are ethical
issues that spawn up when real money is given to relay operators.

My plan was to expand on all these issues in this paragraph, but it
seems like I've already spent too many hours writing this document.

I'm not planning to implement this system before I hear some opinions
from other people. To be honest, I'm not even sure if such an
incentive scheme is a good idea, but posting bad ideas to mailing
lists is what the Internet is for, right?

Thoughts?

[0]: https://metrics.torproject.org/network.html#bandwidth
[1]: https://metrics.torproject.org/bubbles.html#contact
[2]: https://blog.torproject.org/blog/two-incentive-designs-tor
     http://www-users.cs.umn.edu/~jansen/papers/lira-ndss2013.pdf
     (see section 'VI. RELATED WORK' of the LIRA paper)
-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From mk at dee.su  Thu Aug 15 05:38:56 2013
From: mk at dee.su (Maxim Kammerer)
Date: Thu, 15 Aug 2013 15:38:56 +0300
Subject: [liberationtech] Google confirms critical Android crypto flaw
Message-ID: <mailman.4430.1575949050.62801.testlist@lists.cpunks.org>

On Thu, Aug 15, 2013 at 2:34 PM, Nathan of Guardian
<nathan at guardianproject.info> wrote:
> The best description is here:
> http://armoredbarista.blogspot.ch/2013/03/randomly-failed-weaknesses-in-java.html

Unbelievable… It seems that PRNG implementers suffer from NIH
syndrome. If you are going to use /dev/urandom, then use it all the
time, and rely on code that's reviewed and maintained by thousands of
kernel people, not just your favorite buggy seeded PRNG du-jour. And
even sans the bugs, consider something like the following in Apache
Harmony (precursor of Dalvik's class library) [1, p. 131]:

  iv = sha1(iv,concat(state, cnt));
  cnt = cnt + 1;
  return iv;

So they're essentially constructing a state-based bit stream that
varies in each block, and hash it with SHA-1 — exposing each
intermediate hash value in the middle. Who the hell told them it's
safe from cryptanalysis POV? E.g., SP800-90A's Hash_DRBG [2, p. 40]
resembles nothing of the sort.

[1] http://dx.doi.org/10.1007/978-3-642-36095-4_9
[2] http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Thu Aug 15 07:24:38 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 15 Aug 2013 16:24:38 +0200
Subject: [tor-talk] Flattor: A practical crowdfunded Flattr-like incentive
 scheme for Tor relays
Message-ID: <20130815142438.GS29404@leitl.org>

----- Forwarded message from George Kadianakis <desnacked at riseup.net> -----


From eugen at leitl.org  Thu Aug 15 07:25:49 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 15 Aug 2013 16:25:49 +0200
Subject: [liberationtech] Google confirms critical Android crypto flaw
Message-ID: <20130815142549.GT29404@leitl.org>

----- Forwarded message from Maxim Kammerer <mk at dee.su> -----


From stephan.neuhaus at tik.ee.ethz.ch  Thu Aug 15 08:52:37 2013
From: stephan.neuhaus at tik.ee.ethz.ch (Stephan Neuhaus)
Date: Thu, 15 Aug 2013 17:52:37 +0200
Subject: [liberationtech] Google confirms critical Android crypto flaw
In-Reply-To: <20130815142549.GT29404@leitl.org>
References: <20130815142549.GT29404@leitl.org>
Message-ID: <520CF945.6060502@ee.ethz.ch>

On 15.08.2013 16:25, Eugen Leitl wrote:
> ----- Forwarded message from Maxim Kammerer <mk at dee.su> -----
>
> Date: Thu, 15 Aug 2013 15:38:56 +0300
> From: Maxim Kammerer <mk at dee.su>
> To: liberationtech <liberationtech at lists.stanford.edu>
> Subject: Re: [liberationtech] Google confirms critical Android crypto flaw
> Reply-To: liberationtech <liberationtech at lists.stanford.edu>
>
> On Thu, Aug 15, 2013 at 2:34 PM, Nathan of Guardian
> <nathan at guardianproject.info> wrote:
>> The best description is here:
>> http://armoredbarista.blogspot.ch/2013/03/randomly-failed-weaknesses-in-java.html


> Unbelievable… It seems that PRNG implementers suffer from NIH
> syndrome. If you are going to use /dev/urandom, then use it all the
> time, and rely on code that's reviewed and maintained by thousands of
> kernel people, not just your favorite buggy seeded PRNG du-jour.

Or, if you decide to roll your own, at LEAST read Peter Gutmann's 1998 
Usenix Security paper on the topic [1] or read the respective chapter in 
his book [2].

Stephan

[1] http://www.cs.auckland.ac.nz/~pgut001/pubs/usenix98.pdf
[2] Peter Gutmann, Cryptographic Security Architecture, Springer Verlag, 
2004.




From maxp at trystero.is  Fri Aug 16 10:37:18 2013
From: maxp at trystero.is (Max R.D Parmer)
Date: Fri, 16 Aug 2013 10:37:18 -0700
Subject: New Wikileaks insurance files
Message-ID: <20130816173718.GA45304@trystero.is>

Quite a lot. Around 400G.

Initial tweets:
https://twitter.com/wikileaks/status/368411280622620672
https://twitter.com/wikileaks/status/368411399053008896
https://twitter.com/wikileaks/status/368411566229577728

Probably Snowden's collection, given the size.

Maybe indicates the heat on WL/Snowden is cranking up?

Did WL entrust the passphrase(s) to folks more or less likely to randomly
publish them this time?[1]

> $ for file in `cat dl.txt`; do echo $file; curl -I $file; done;
> http://wlstorage.net/file/wlinsurance-20130815-A.aes256
> HTTP/1.1 200 OK
> Server: nginx/0.7.67
> Date: Fri, 16 Aug 2013 17:05:09 GMT
> Content-Type: text/plain; charset=utf-8
> Connection: keep-alive
> Content-Length: 3565158464
> Last-Modified: Thu, 15 Aug 2013 20:38:46 GMT
> X-CDN: a
> Accept-Ranges: bytes
> 
> http://wlstorage.net/file/wlinsurance-20130815-B.aes256
> HTTP/1.1 200 OK
> Server: nginx/0.7.67
> Date: Fri, 16 Aug 2013 17:05:09 GMT
> Content-Type: text/plain; charset=utf-8
> Connection: keep-alive
> Content-Length: 49912218080
> Last-Modified: Thu, 15 Aug 2013 15:10:48 GMT
> X-CDN: a
> Accept-Ranges: bytes
> 
> http://wlstorage.net/file/wlinsurance-20130815-C.aes256
> HTTP/1.1 200 OK
> Server: nginx/0.7.67
> Date: Fri, 16 Aug 2013 17:05:15 GMT
> Content-Type: text/plain; charset=utf-8
> Connection: keep-alive
> Content-Length: 349385526464
> Last-Modified: Thu, 15 Aug 2013 19:08:57 GMT
> X-CDN: a
> Accept-Ranges: bytes

[1]: http://www.wikileaks.org/Guardian-journalist-negligently.html
--
@maximus_freeman 0x7D964D3361142ACF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 966 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130816/4cdcc92f/attachment.sig>

From kylem at xwell.org  Fri Aug 16 11:04:54 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Fri, 16 Aug 2013 13:04:54 -0500
Subject: "Don't use LastPass"
Message-ID: <CAESvgEoFLFd=x4p_6MVzBreJyaNgNu5M0a2xMYZQ_ohdzKMi_g@mail.gmail.com>

Anyone more qualified than me (read: nearly everyone on this list)
wish to comment on this analysis of a crypto-related vulnerability
disclosure in LastPass?

http://tobtu.com/lastpass.php

-- 
@kylemaxwell




From eugen at leitl.org  Fri Aug 16 08:22:11 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 16 Aug 2013 17:22:11 +0200
Subject: [guardian-dev] An email service that requires GPG/PGP?
Message-ID: <20130816152211.GI29404@leitl.org>

----- Forwarded message from Tom Ritter <tom at ritter.vg> -----


From eugen at leitl.org  Fri Aug 16 12:15:33 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 16 Aug 2013 21:15:33 +0200
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage
 service
Message-ID: <20130816191533.GM29404@leitl.org>

----- Forwarded message from zooko <zooko at zooko.com> -----


From eugen at leitl.org  Fri Aug 16 12:15:41 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 16 Aug 2013 21:15:41 +0200
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage
 service
Message-ID: <20130816191541.GN29404@leitl.org>

----- Forwarded message from zooko <zooko at zooko.com> -----


From rudiger.koch at gmail.com  Fri Aug 16 12:38:29 2013
From: rudiger.koch at gmail.com (Rüdiger Koch)
Date: Fri, 16 Aug 2013 21:38:29 +0200
Subject: [Doctrinezero] A brief note on ZS ideas and the relationship with Marxism, Communism, & The Zeitgeist Movement
Message-ID: <mailman.4431.1575949050.62801.testlist@lists.cpunks.org>

Power comes from control over the monetary system. Remove that - walk away
from the bank and their power gets diminished. That is why Austria stomped
on the Wörgl experiment. That is why they go against Bitcoin and other
alternatives with such a vengeance - it is by no means justified by the
actual size of the currency. Money is their power and their Achilles' heel.
Try to overthrow them - the Stasi knows about your plans before you know
them - failure at a very early stage is inevitable. Violence is futile. But
get them at the money - by walking away from it, and they will be as
powerful as the ancient gods. How did they lose their power? People walked
away from them.

What can we do? We define our own money. Bitcoin is a start. Zero Reserve
is a perfect complement. It closes the main vulnerability of Bitcoin -  the
centralizen exchanges. Zero Reserve has the potential to obsolete the
banks. It can democratize money. It allows everyone, literally everyone, to
act like a bank.

Zero Reserve is real. It is a workable plan. We can do it without
parliaments, lobbying or anything - by simply doing it. Will it create a
perfect world? No. Miracles are for religion. This is it:
https://github.com/zeroreserve/ZeroReserve/wiki

You can keep talking about the perfect world. You can talk about
redistributing money. I talk about *distributing the monetary system*. And
I am not just talking - I am programming the means to it.

Distributing the monetary system is one of the few good chances I see to
avert the desaster of the coming crash. Much of the value that is produced
is consumed by the monetary system. Make this system obsolete and everyone
can be much richer than today.

We need not fear the robotic revolution if access to the means of
production is possible for everyone. But to permit that, first we have to
obsolete the monetary system.

-Anu

_______________________________________________
Doctrinezero mailing list
Doctrinezero at zerostate.is
Unsubscribe: https://lists.zerostate.is/mailman/listinfo/doctrinezero


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From zooko at leastauthority.com  Fri Aug 16 14:46:10 2013
From: zooko at leastauthority.com (Zooko Wilcox-OHearn)
Date: Fri, 16 Aug 2013 21:46:10 +0000
Subject: [cryptography] open letter to Phil Zimmermann and Jon Callas of Silent Circle, re: Silent Mail shutdown
Message-ID: <mailman.4432.1575949050.62801.testlist@lists.cpunks.org>

also posted here: https://leastauthority.com/blog/open_letter_silent_circle.html


This open letter is in response to the `recent shutdown of Lavabit`_ ,
the ensuing `shutdown of Silent Circle's “Silent Mail” product`_, `Jon
Callas's posts about the topic on G+`_, and `Phil Zimmermann's
interview in Forbes`_. Also, of course, all of this is unfolding in
the context of the `2013 Mass Surveillance Scandal`_.


Dear Phil and Jon: Hello there! It is good to have a chance to chat
with you in public.

Please accept the following in the spirit of constructive criticism in
which it is intended.

For those readers who don't know, I've known you both, personally and
professionally for decades. You've each written texts that I've
learned from, inspired me to follow your example, we've worked
together successfully, and you've mentored me. I have great respect
for your technical abilities, your integrity, and your general
reasonableness. Thank you for the all of that and for holding fast to
your principles today, when we need it more than ever.

Now:

Your job is not yet done. Your customers are currently vulnerable to
having all of their communications secretly monitored.

I just subscribed to the service at https://SilentCircle.com, and
after I paid $120 for one year of service, it directed me to install
the Silent Text app from Silent Circle on my android phone, which I
did. Now, when I use that Silent Circle app to send text messages to
other Silent Circle customers, I have no way of verifying whether it
is really encrypting my message on my own phone, and if it is really
keeping the encryption key only for me, or if it is leaking the
contents of my messages or my encryption keys to you or to others.

If some attacker, for example the U.S. Federal Government — or to pick
a different example the Zetas Mexican drug cartel — were to coerce
Silent Circle into cooperating with them, then that attacker would
simply require Silent Circle to distribute an update to the app,
containing a backdoor.

There is no way for me to verify that any given version of Silent
Text, including the one that I just installed, is correctly generating
strong encryption keys and is protecting those keys instead of leaking
them.

Therefore, how are your current products any safer for your users that
the canceled Silent Mail product was? The only attacker against whom
your canceled Silent Mail product was vulnerable but against whom your
current products are safe is an attacker who would require you to
backdoor your server software but who wouldn't require you to backdoor
your client software.

Does that constraint apply to the U.S. Federal Government entities who
are responsible for PRISM, for the shut-down of Lavabit, and so much
else? No, that constraint does not apply to them. This was
demonstrated in the Hushmail case in which the U.S. DEA asked Hushmail
(a Canadian company) to turn over the plaintext of the email of one of
its customers. Hushmail complied, shipping a set of CDs to the DEA
containing the customer's messages.

The President of Hushmail `emphasized`_ in interviews with journalists
at the time that Hushmail would be able to comply with such orders
regardless of whether the customer used Hushmail's “client-to-server”
(SSL) encryption or its “end-to-end” (Java applet) encryption.

.. _emphasized: http://www.wired.com/threatlevel/2007/11/hushmail-to-war/

Phil had been Chief Cryptographer of Hushmail years earlier, and was
still a member of the Advisory Board of Hushmail at the time of that
case. He commented about the case at that time, and he also `stated`_,
correctly, that the Hushmail model of *unverified* end-to-end
encryption was vulnerable to government coercion. That's the same
model that Silent Circle uses today.

.. _stated: http://www.wired.com/threatlevel/2007/11/pgp-creator-def/

You have just taken the courageous act of publicly shutting down the
Silent Mail product, and publicly stating your reasons for doing so.
This, then, is your opportunity to make your stance consistent by
informing your customers of the similar dangers posed by the software
distribution practices currently used by Silent Circle (along with
most of the rest of the industry).

I don't know the perfect solution to the problem of the
*unverifiability* of today's software. But being frank about the
current approach and the vulnerability that it imposes on users is the
first step. People will listen to you about this, now. Let's start
talking about it and we can start finding solutions.

Also, warn your users. Don't tell them the untruth that it is
impossible for you to eavesdrop on their communications even if you
try (as your company seems to be on the borderline of doing in public
statements like these: [ `¹`_, `²`_]).

.. _¹: http://www.forbes.com/sites/parmyolson/2013/07/15/corporate-customers-flock-to-anti-snooping-app-silent-circle/
.. _²: http://techcrunch.com/2013/08/08/silent-circle-preemptively-shuts-down-encrypted-email-service-to-prevent-nsa-spying/

We're trying an approach to this problem, here at LeastAuthority.com,
of “*verifiable* end-to-end security”. For our data backup and storage
service, all of the software is Free and Open Source, and it is
distributed through channels which are out of our direct control, such
as Debian and Ubuntu. Of course this approach is not perfectly secure
— it doesn't guarantee that a state-level actor cannot backdoor our
customers. But it does guarantee that *we* cannot backdoor our
customers.

This currently imposes inconvenience on our customers, and I'm not
saying it is the perfect solution, but it shows that there is more
than one way to go at this problem.

Thank you for your attention to these important matter, and your
leadership in speaking out about them.

(By the way, LeastAuthority.com is not a competitor to Silent Circle.
We don't offer voice, text, video, or email services, like Silent
Circle does/did. What we offer is simply secure offsite *backup*, and
a secure cloud storage API that people use to build other services.)

Regards,

Zooko Wilcox-O'Hearn

.. _recent shutdown of Lavabit:
http://boingboing.net/2013/08/08/lavabit-email-service-snowden.html

.. _shutdown of Silent Circle's “Silent Mail” product:
http://silentcircle.wordpress.com/2013/08/09/to-our-customers/

.. _Jon Callas's posts about the topic on G+:
https://plus.google.com/112961607570158342254/posts/9uySMokvg7k

.. _Phil Zimmermann's interview in Forbes:
http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-problem-qa-with-silent-circle-co-founder-phil-zimmermann/

.. _2013 Mass Surveillance Scandal:
https://en.wikipedia.org/wiki/2013_mass_surveillance_scandal
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Fri Aug 16 12:59:40 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 16 Aug 2013 21:59:40 +0200
Subject: [Doctrinezero] A brief note on ZS ideas and the relationship
 with Marxism, Communism, & The Zeitgeist Movement
Message-ID: <20130816195940.GS29404@leitl.org>

----- Forwarded message from Rüdiger Koch <rudiger.koch at gmail.com> -----


From jon at callas.org  Fri Aug 16 23:04:38 2013
From: jon at callas.org (Jon Callas)
Date: Fri, 16 Aug 2013 23:04:38 -0700
Subject: [cryptography] Reply to Zooko (in Markdown)
Message-ID: <mailman.4433.1575949050.62801.testlist@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Also at http://silentcircle.wordpress.com/2013/08/17/reply-to-zooko/


# Reply to Zooko

(My friend and colleague, [Zooko Wilcox-O'Hearn](https://leastauthority.com/blog/author/zooko-wilcox-ohearn.html) wrote an open letter to me and Phil [on his blog at LeastAuthority.com](https://leastauthority.com/blog/open_letter_silent_circle.html). Despite this appearing on Silent Circle's blog, I am speaking mostly for myself, only slightly for Silent Circle, and not at all for Phil.)

Zooko,

Thank you for writing and your kind words. Thank you even more for being a customer. We're a startup and without customers, we'll be out of business. I think that everyone who believes in privacy should support with their pocketbook every privacy-friendly service they can afford to. It means a lot to me that you're voting with your pocketbook for my service.

Congratulations on your new release of [LeastAuthority's S4](https://leastauthority.com) and [Tahoe-LAFS](https://tahoe-lafs.org/trac/tahoe-lafs). Just as you are a fan of my work, I am an admirer of your work on Tahoe-LAFS and consider it one of the best security innovations on the planet.

I understand your concerns, and share them. One of the highest priority tasks that we're working on is to get our source releases better organized so that they can effectively be built from [what we have on GitHub](https://github.com/SilentCircle/). It's suboptimal now. Getting the source releases is harder than one might think. We're a startup and are pulled in many directions. We're overworked and understaffed. Even in the old days at PGP, producing effective source releases took years of effort to get down pat. It often took us four to six weeks to get the sources out even when delivering one or two releases per year.

The world of app development makes this harder. We're trying to streamline our processes so that we can get a release out about every six weeks. We're not there, either.

However, even when we have source code to be an automated part of our software releases, I'm afraid you're going to be disappointed about how verifiable they are. 

It's very hard, even with controlled releases, to get an exact byte-for-byte recompile of an app. Some compilers make this impossible because they randomize the branch prediction and other parts of code generation. Even when the compiler isn't making it literally impossible, without an exact copy of the exact tool chain with the same linkers, libraries, and system, the code won't be byte-for-byte the same. Worst of all, smart development shops use the *oldest* possible tool chain, not the newest one because tool sets are designed for forwards-compatibility (apps built with old tools run on the newest OS) rather than backwards-compatibility (apps built with the new tools run on older OSes). Code reliability almost requires using tool chains that are trailing-edge.

The problems run even deeper than the raw practicality. Twenty-nine years ago this month, in the August 1984 issue of "Communications of the ACM" (Vol. 27, No. 8) Ken Thompson's famous Turing Award lecture, "Reflections on Trusting Trust" was published. You can find a facsimile of the magazine article at <https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf> and a text-searchable copy on Thompson's own site, <http://cm.bell-labs.com/who/ken/trust.html>.

For those unfamiliar with the Turing Award, it is the most prestigious award a computer scientist can win, sometimes called the "Nobel Prize" of computing. The site for the award is at <http://amturing.acm.org>.

In Thompson's lecture, he describes a hack that he and Dennis Ritchie did in a version of UNIX in which they created a backdoor to UNIX login that allowed them to get access to any UNIX system. They also created a self-replicating program that would compile their backdoor into new versions of UNIX portably. Quite possibly, their hack existed in the wild until UNIX was recoded from the ground up with BSD and GCC.

In his summation, Thompson says:

    The moral is obvious. You can't trust code that you did not totally
    create yourself. (Especially code from companies that employ people
    like me.) No amount of source-level verification or scrutiny will
    protect you from using untrusted code. In demonstrating the
    possibility of this kind of attack, I picked on the C compiler. I
    could have picked on any program-handling program such as an
    assembler, a loader, or even hardware microcode. As the level of
    program gets lower, these bugs will be harder and harder to detect.
    A well installed microcode bug will be almost impossible to detect.

Thompson's words reach out across three decades of computer science, and yet they echo Descartes from three centuries prior to Thompson. In Descartes's 1641 "Meditations," he proposes the thought experiment of an "evil demon" who deceives us by simulating the universe, our senses, and perhaps even mathematics itself. In his meditation, Descartes decides that the one thing that he knows is that he, himself, exists, and the evil demon cannot deceive him about his own existence. This is where the famous saying, "*I think, therefore I am*" (*Cogito ergo sum* in Latin) comes from.

(There are useful Descartes links at: <http://www.anselm.edu/homepage/dbanach/dcarg.htm> and <http://en.wikipedia.org/wiki/Evil_demon> and <http://en.wikipedia.org/wiki/Brain_in_a_vat>.)

When discussing thorny security problems, I often avoid security ratholes by pointing out Descartes by way of Futurama and saying, "I can't prove I'm not a head in a jar, but it's a useful assumption that I'm not." 

Descartes's conundrum even finds its way into modern physics. It is presently a debatable, yet legitimate theory that our entire universe is a software simulation of a universe . Martin Savage of University of Washington <http://www.phys.washington.edu/~savage/> has an interesting paper from last November on ArXiV <http://arxiv.org/pdf/1210.1847v2.pdf>.

You can find an amusing video at  <http://www.huffingtonpost.com/2012/12/24/universe-computer-simulation_n_2339109.html> in which Savage even opines that our descendants are simulating us to understand where they came from. I suppose this means we should be nice to our kids because they might have root.

Savage tries to devise an experiment to show that you're actually in a simulation, and as a mathematical logician I think he's ignoring things like math. The problem is isomorphic to writing code that can detect it's on a virtual machine. If the virtual machine isn't trying to evade, then it's certainly possible (if not probable -- after all, the simulators might want us to figure out that we're in a simulation). Unless, of course, they don't, in which case we're back not only to Descartes, but Godel's two Incompleteness Theorems and their cousin, The Halting Problem.

While I'm at it, I highly, highly recommend Scott Aaronson's new book, "Quantum Computing Since Democritus" <http://www.scottaaronson.com/democritus/> which I believe is so important a book that I bought the Dead Tree Edition of it. ([Jenny Lawson](http://thebloggess.com) has already autographed my Kindle.)

Popping the stack back to security, the bottom line is that you're asking for something very, very hard and asking for a solution to an old philosophical problem as well as suggesting I should prove Godel wrong. I'm flattered by the confidence in my abilities, but I believe you're asking for the impossible. Or perhaps I'm programmed to think that.

This limitation doesn't apply to just *my* code. It applies to *your* code, and it applies to all of us. (Tahoe's architecture makes it amazingly resilient, but it's not immune.) It isn't just mind-blowing philosophy mixed up with Ken Thompson's Greatest Hack.

Whenever we run an app, we're trusting it. We're also trusting the operating system that it runs on, the random number generator, the entropy sources, and so on. You're trusting the CPU and its microcode. You're trusting the bootloader, be it EFI or whatever as well as [SMM](http://en.wikipedia.org/wiki/System_Management_Mode) on Intel processors -- which could have completely undetectable code running, doing things that are scarily like Descartes's evil demon. The platform-level threats are so broad that I could bore people for another paragraph or two just enumerating them.

You're perhaps trusting really daft things like [modders who slow down entropy gathering](http://hackaday.com/2013/01/04/is-entropy-slowing-down-your-android-device/) and [outright bugs](http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html). 

Ironically, the attack vector you suggest (a hacked application) is one of the harder ways for an attacker to feed you bad code. On mobile devices, apps are digitally signed and delivered by app stores. Those app stores have a vetting process that makes *targeted* code delivery hard. Yes, someone could hack us, hack Google or Apple, or all of us, but it's very, very hard to deliver bad code to a *specific* person through this vector, and even harder if you want to do it undetectably.

In contrast, targeted malware is easy to deploy. Exploits are sold openly in exploit markets, and can be bundled up in targeted advertising. Moreover, this *has* happened, and is known to be a mechanism that's been used by the FBI, German Federal Police, the Countries Starting With the Letter 'I' (as a friend puts it), and everyone's favorite The People's Liberation Army. During Arab Spring, a now-defunct government just procured some Javascript malware and dropped it in some browsers to send them passwords on non-SSL sites.

Thus, I think that while your concern does remind me to polish up my source code deployment, if we assume an attacker like a state actor that targets people and systems, there are smarter ways for them to act.

I spend a lot of time thinking, "*If I were them, what would I do?*" If you think about what's possible, you spend too much time on low-probability events. Give yourself that thought experiment. Ask yourself what you'd do if you were the PLA, or NSA, or a country starting with an 'I.' Give yourself a budget in several orders of magnitude. A grand, ten grand, a hundred grand, a million bucks. What would you do to hack yourself? What would you do to hack your users without hacking you? That's what I think about.

Over the years, I've become a radical on usability. I believe that usability is all. It's easy to forget it now, but PGP was a triumph because you didn't have to be a cryptographer, you only had to be a techie. We progressed PGP so that you could be non-technical and get by, and then we created PGP Universal which was designed to allow complete ease of use with a trusted staff. That trusted staff was the fly in the ointment of Silent Mail and the crux of why we shut it down -- we created it because of usability concerns and killed it because of security concerns. Things that were okay ideas in May 2013 were suddenly not good ideas in August. I'm sure you've noted when using our service our belief in usability. Without usability that is similar to the non-secure equivalent, we are nothing because the users will just not be secure.

I also stress Silent Circle is a *service*, not an app. This is hard to remember and even we are not as good at it as we need to be. The service is there to provide its users with a secure analogue of the phone and texting apps they're used to. The difference is that instead of having utterly no security, they have a very high degree of it.

Moreover, our design is such to minimize the trust you need to place in us. Our network includes ourselves as a threat, which is unusual. You're one of the very few other people who do something similar. We have technology and policy that makes an attack on *us* to be unattractive to the adversary. You will soon see some improvements to the service that improve our resistance to traffic analysis.

The flip side of that, however, is that it means that the device is the most attractive attack point. We can't help but trust the OS (from RNG to sandbox), bootloader, hardware, etc.

Improvements in our transparently (like code releases) compete with tight resources for improvements in the service and apps. My decisions in deploying those resources reflect my bias that I'd rather have an A grade in the service with a B grade in code releases than an A in code releases and a B service. Yes, it makes it harder for you and others, but I have to look at myself in the mirror and my emphasis is on service quality first, reporting just after that. Over time, we'll get better. We've not yet been running for a year. Continuous improvement works.

I'm going to sum up with the subtitle of the ACM article of Ken Thompson's speech. It's not on his site, but it is on the facsimile article:

    To what extent should one trust a statement that a program is free
    of Trojan horses? Perhaps it is more important to trust the people
    who wrote the software.

Thank you very much for your trust in us, the people. Earning and deserving your trust is something we do every day.

Regards,
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii

wj8DBQFSDxJ+sTedWZOD3gYRAiDiAJ0bR0EOetfQpPSTDtWX1qyn6wcIcACfbi5Z
M9oM0D1yL77QHaw6RnEEFIU=
=7StS
-----END PGP SIGNATURE-----
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From zooko at zooko.com  Fri Aug 16 12:05:24 2013
From: zooko at zooko.com (zooko)
Date: Fri, 16 Aug 2013 23:05:24 +0400
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage service
Message-ID: <mailman.4434.1575949050.62801.testlist@lists.cpunks.org>

On Tue, Aug 13, 2013 at 01:52:38PM -0500, Nicolai wrote:
> 
> Zooko: Congrats on the service.  I'm wondering if you could mention on the site which primitives are used client-side.  All I see is that combinations of sftp and ssl are used for data-in-flight.

Thanks!

I'm not sure what your question is. The available interfaces to the gateway -- i.e. the cleartext side that is marked in red on [1] -- are:

* the "tahoe" command-line tool [2]

* your unadorned web browser, even with JavaScript turned off, pointed at the gateway over localhost (or over SSL to a remote host, or whatever you want)

* your FTP or SFTP client

* FUSE (although in a Rube Goldberg-esque setup where FUSE is chained to the aforementioned SFTP server through the "sshfs" tool; Like a Rube Goldberg device, it actually does work once you get all the pieces set up next to each other.)

The semantics of what you can do with this are described in summary here:

https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst#access-control

And in much more detail in the documentation pages linked from there.

Does that answer your question?

Regards,

Zooko

[1] https://tahoe-lafs.org/trac/chrome/LAFS.svg

[2] https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/frontends/CLI.rst

P.S. This is a test of charset handling through GNU screen, mutt, and GNU mailman: ¹

(That should be a superscript "1".)

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From zooko at zooko.com  Fri Aug 16 12:11:22 2013
From: zooko at zooko.com (zooko)
Date: Fri, 16 Aug 2013 23:11:22 +0400
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage service
Message-ID: <mailman.4435.1575949050.62801.testlist@lists.cpunks.org>

On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
> 
> Nothing really gets anyone past the enormous supply of zero-day vulns in their complete stacks.  In the end I assume there's no technological PRISM workarounds.

I agree that compromise of the client is relevant. My current belief is that
nobody is doing this on a mass scale, pwning entire populations at once, and
that if they do, we will find out about it.

My goal with the S4 product is not primarily to help people who are being
targeted by their enemies, but to increase the cost of indiscriminately
surveilling entire populations.

Now maybe it was a mistake to label it as "PRISM-Proof" in our press release
and media interviews! I said that because to me "PRISM" means mass surveillance
of innocents. Perhaps to other people it doesn't mean that. Oops!

Regards,

Zooko

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From cryptofreak at cpunk.us  Sat Aug 17 03:01:07 2013
From: cryptofreak at cpunk.us (CryptoFreak)
Date: Sat, 17 Aug 2013 05:01:07 -0500
Subject: Is the Wikileaks Party a cypherpunk party?
Message-ID: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>

While I'm American, I've been paying close attention to the Wikileaks  
Party in Australia. Could it be the political embodiment of the  
cypherpunk movement?

Regardless of what some think of Julian Assange, he certainly holds  
true to the cp ethic and the parties belief in accountability,  
privacy, and justice, seem well aligned with the movement.

So what do you think? Is their finally a political party more closely  
aligned with the cypherpunk ideal than the Libertarians?

Regards,
CryptoFreak




From jya at pipeline.com  Sat Aug 17 04:31:51 2013
From: jya at pipeline.com (John Young)
Date: Sat, 17 Aug 2013 07:31:51 -0400
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
Message-ID: <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>

Sure, that works as well as any other initiative to avoid the
classic and inevitably corrupt political parties. It too will become
corrupt as inevitable with politics which is nothing but organized
corruption which empowers itself to fuck the public dead as a
wise person beautifully articulates the aim of politics.

No political leader or party is worth supporting except to get in
on the fucking. And as with other political parties, the WikiLeaks
party is enlisting adherents with the same classical and
corrupt methods: an opportunistic, eloquent, mesmerizing star
surrounded and advocated by the most venal of advisors, funders,
lawyers, promoters, shills, double-crossers, lobbyists, thugs, rats,
snakes, vermin, scum, thieves, liars, cheats, priests, apologists,
yellow-red-blue dogs, magicians, whores, cunts, dicks, pussies,
vultures, hyenas, racists, sexists, on into the thousands and then
millions of fuckers eager to kill, hurt, steal, and savage those
less organized to do unto others under a banner of beneficience,
rooting out corruption, protecting the weak, punishing the powerful,
making the world a better place.

Cryptoanarchy is an alternative to politics, a deadly enemy,
disorganized, any one of a cryptoanarchist is a politician's
worst nightmare, inside the organization, the most trusted,
the most likely to fuck the star dead. As Schwarz and Assange
has found, along with Manning, Snowden, Anonymous, Lulzsec,
Sabu, Tor, Lavabit, Silent Circle, among many in jail,
indicted, exiled, tortured, disappeared. Others went to the
other side for officially assured continual fucking.




At 06:01 AM 8/17/2013, you wrote:
>While I'm American, I've been paying close attention to the Wikileaks
>Party in Australia. Could it be the political embodiment of the
>cypherpunk movement?
>
>Regardless of what some think of Julian Assange, he certainly holds
>true to the cp ethic and the parties belief in accountability,
>privacy, and justice, seem well aligned with the movement.
>
>So what do you think? Is their finally a political party more closely
>aligned with the cypherpunk ideal than the Libertarians?
>
>Regards,
>CryptoFreak





From cryptofreak at cpunk.us  Sat Aug 17 05:37:51 2013
From: cryptofreak at cpunk.us (CryptoFreak)
Date: Sat, 17 Aug 2013 07:37:51 -0500
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
Message-ID: <E7ED0292-33E4-4B31-B9D6-EDB6FF780F92@cpunk.us>

There's definately a chance it could become corrupt. But I think the  
big difference between the Wikileaks Party and other, more traditional  
parties, is that the WLP is focused on more than just grabbing power.  
The whole organization is about speaking truth to power, destroying  
secrets, informing the populace, and holding those in power  
accountable. That a little different than most others.

Of course that could all be hyperbole just like Obama's promises of  
change but we don't know yet.  While I agree that a cryptoanarchist  
poses a bigger threat to the power structure than a political party  
does, could this not be a good forward step?


On Aug 17, 2013, at 6:31 AM, John Young <jya at pipeline.com> wrote:

> Sure, that works as well as any other initiative to avoid the
> classic and inevitably corrupt political parties. It too will become
> corrupt as inevitable with politics which is nothing but organized
> corruption which empowers itself to fuck the public dead as a
> wise person beautifully articulates the aim of politics.
>
> No political leader or party is worth supporting except to get in
> on the fucking. And as with other political parties, the WikiLeaks
> party is enlisting adherents with the same classical and
> corrupt methods: an opportunistic, eloquent, mesmerizing star
> surrounded and advocated by the most venal of advisors, funders,
> lawyers, promoters, shills, double-crossers, lobbyists, thugs, rats,
> snakes, vermin, scum, thieves, liars, cheats, priests, apologists,
> yellow-red-blue dogs, magicians, whores, cunts, dicks, pussies,
> vultures, hyenas, racists, sexists, on into the thousands and then
> millions of fuckers eager to kill, hurt, steal, and savage those
> less organized to do unto others under a banner of beneficience,
> rooting out corruption, protecting the weak, punishing the powerful,
> making the world a better place.
>
> Cryptoanarchy is an alternative to politics, a deadly enemy,
> disorganized, any one of a cryptoanarchist is a politician's
> worst nightmare, inside the organization, the most trusted,
> the most likely to fuck the star dead. As Schwarz and Assange
> has found, along with Manning, Snowden, Anonymous, Lulzsec,
> Sabu, Tor, Lavabit, Silent Circle, among many in jail,
> indicted, exiled, tortured, disappeared. Others went to the
> other side for officially assured continual fucking.
>
>
>
>
> At 06:01 AM 8/17/2013, you wrote:
>> While I'm American, I've been paying close attention to the Wikileaks
>> Party in Australia. Could it be the political embodiment of the
>> cypherpunk movement?
>>
>> Regardless of what some think of Julian Assange, he certainly holds
>> true to the cp ethic and the parties belief in accountability,
>> privacy, and justice, seem well aligned with the movement.
>>
>> So what do you think? Is their finally a political party more closely
>> aligned with the cypherpunk ideal than the Libertarians?
>>
>> Regards,
>> CryptoFreak
>
>
>




From measl at mfn.org  Sat Aug 17 06:33:11 2013
From: measl at mfn.org (J.A. Terranson)
Date: Sat, 17 Aug 2013 08:33:11 -0500 (CDT)
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <E7ED0292-33E4-4B31-B9D6-EDB6FF780F92@cpunk.us>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
 <E7ED0292-33E4-4B31-B9D6-EDB6FF780F92@cpunk.us>
Message-ID: <Pine.LNX.4.64.1308170830430.24402@mx1.mfn.org>


On Sat, 17 Aug 2013, CryptoFreak wrote:

> There's definately a chance it could become corrupt.

A *chance*?  It's *already corrupt by definition: do you undeerstand what 
is required to organize and run a political (read: Organized Crime) party?

> But I think the big difference between the Wikileaks Party and other, 
> more traditional parties, is that the WLP is focused on more than just 
> grabbing power. The whole organization is about speaking truth to power, 
> destroying secrets, informing the populace, and holding those in power 
> accountable. That a little different than most others.

Where have I heard that before I wonder?  Whigs? Republicans? Democrats 
(Obama as recently as 2008 even)?

> Of course that could all be hyperbole just like Obama's promises of change but
> we don't know yet.  While I agree that a cryptoanarchist poses a bigger threat
> to the power structure than a political party does, could this not be a good
> forward step?

It *could*. But I doubt it.

//Alif

-- 
Those who make peaceful change impossible,
make violent revolution inevitable.

An American Spring is coming:
   one way or another.






From jya at pipeline.com  Sat Aug 17 05:47:33 2013
From: jya at pipeline.com (John Young)
Date: Sat, 17 Aug 2013 08:47:33 -0400
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
Message-ID: <E1VAftn-0006Rb-J1@elasmtp-dupuy.atl.sa.earthlink.net>

Two early cypherpunk heroic casualities were omitted: Jim Bell and
Carl "CJ" Johnson for, apropros, "Assassination Politics."

Not jailed, politics-defiers John Gilmore, Peter Junger (RIP), Phil Karn.

On parallel paths, politics-hounded Phil Zimmermann and Dan Bernstein.

And others, less celebrated enemies of ever-corrupting politics.

Not to say if its your very own political corruption then it's okay,
says a truly dedicated anarchist of the Party of One.





From jya at pipeline.com  Sat Aug 17 07:52:01 2013
From: jya at pipeline.com (John Young)
Date: Sat, 17 Aug 2013 10:52:01 -0400
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <E1VAftn-0006Rb-J1@elasmtp-dupuy.atl.sa.earthlink.net>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
 <E1VAftn-0006Rb-J1@elasmtp-dupuy.atl.sa.earthlink.net>
Message-ID: <E1VAhpl-0001rv-Bp@elasmtp-dupuy.atl.sa.earthlink.net>

I would definitely support Assange and the WikiLeaks Party (if TCM
and a few stalwart others rebuff a draft) as superior to status quo
politics enforced by US and allies worldwide.

He and it will be assassinated, bribed, tricked, flattered into
submission unless successfully undermining that long-running
machine of bloodthirsty spies using the Internet and other willing
ploys to solicit political candidates able to memerize believers
and assassins, the former contemned as citizens and subjects
and followers, the latter spies military industry media.

Cant politic without Kant cant. -- Immanuel Kant's Wife





From iang at iang.org  Sat Aug 17 01:52:58 2013
From: iang at iang.org (ianG)
Date: Sat, 17 Aug 2013 11:52:58 +0300
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage service
Message-ID: <mailman.4436.1575949050.62801.testlist@lists.cpunks.org>

On 16/08/13 22:11 PM, zooko wrote:
> On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
>> 
>> Nothing really gets anyone past the enormous supply of zero-day vulns in their complete stacks.  In the end I assume there's no technological PRISM workarounds.
> 
> I agree that compromise of the client is relevant. My current belief is that
> nobody is doing this on a mass scale, pwning entire populations at once, and
> that if they do, we will find out about it.
> 
> My goal with the S4 product is not primarily to help people who are being
> targeted by their enemies, but to increase the cost of indiscriminately
> surveilling entire populations.
> 
> Now maybe it was a mistake to label it as "PRISM-Proof" in our press release
> and media interviews! I said that because to me "PRISM" means mass surveillance
> of innocents. Perhaps to other people it doesn't mean that. Oops!


My understanding of PRISM is that it is a voluntary & secret
arrangement between the supplier and the collector (NSA) to provide
direct access to all information.

By 'voluntary' I mean that the supplier hands over the access, it
isn't taken in an espionage or hacker sense, or leaked by an insider.
I include in this various techniques of court-inspired voluntarianism
as suggested by recent FISA theories [0].

I suspect it is fair to say that something is PRISM-proof if:

  a) the system lacks the capability to provide access
  b) the operator lacks the capacity to enter into the voluntary
arrangement, or
  c) the operator lacks the capacity to keep the arrangement (b) secret

The principle here seems to be that if the information is encrypted on
the server side without the keys being held or accessible by the
supplier, then (a) is met [1].

Encryption-sans-keys is an approach that is championed by Tahoe-LAFS
and Silent Circle.  Therefore I think it is reasonable in a marketing
sense to claim it is PRISM-proof, as long as that claim is explained
in more detail for those who wish to research.

In this context, one must market ones product, and one must use simple
labels to achieve this.  Otherwise the product doesn't get out there,
and nobody is benefited.



iang


[0] E.g., the lavabit supplier can be considered to have not
volunteered the info, and google can be considered to have not
volunteered to the Chinese government.
[1]  In contrast, if an operator is offshore it would meet (b) and if
an operator was some sort of open source distributed org where
everyone saw where the traffic headed, it would lack (c).




> Regards,
> 
> Zooko
> 
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
> 

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From parker at eff.org  Sat Aug 17 16:30:33 2013
From: parker at eff.org (Parker Higgins)
Date: Sat, 17 Aug 2013 13:30:33 -1000
Subject: see something, say something stamps
In-Reply-To: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
References: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
Message-ID: <52100799.4030802@eff.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Not copyright, but "See something, say something" is a registered
trademark of the New York City MTA, sub-licensed (with permission for
additional sub-licenses) to the Department of Homeland Security
explicitly for use in anti-terrorism campaigns.

Parker

On 8/14/13 12:39 PM, David Honig wrote:
> 
> 
> see something, say something US custom stamps
> 
> Featuring Sysadmin E. Snowden and a typical meme font.
> 
> Any copyright issues to be aware of?
> 
> 
> 
> I wish to God these calculations could be done by a steam engine,"
> Babbage complained
> 

- -- 
Parker Higgins
Activist
Electronic Frontier Foundation
https://eff.org

Please note our new address:
815 Eddy Street
San Francisco, CA 94109-7701
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSEAeZAAoJEJQzX4iaNncJvUEQAJgwALtE73kVQTA3m4ndDIzh
NwgQCY9Sk5NGQlRBOrse1EoTcvOw/TtMDH/vmJWkSXpoXGe4CHWfUehahF6MZMBm
lwVlcljHIljZdpIqdXRc4m4uRr4haVvqN4zIbWtC1JOqWDeHK8enldSOTJDb/+4z
crQn65Bc7WUvnzmlcu2YrybkVakhJrP6V2AzsmUFDJsEISvks/drIpLgeKVFxZSx
YcukP9G39O3R4i5waOLnikxF0pllJc2Dai9M3gHdBmgdGlZraSnmq787Y3/krHnM
WSC6G/f0SeB9u8iA5JimyJfhpZPf9Li4jaUHU4oxWn1SEuunUw53MeQSbWOrqEv6
gZ7tkqXtCKERwLkp9Bg8VSJ0IPWSphIfT3TbyB7mRv9McVb2Gf4d33BIxWsbvxH0
eFgxeiXtCmfuVn45881diiykJVuJ/2JoJuys3MQmborOiXQhcXlIfpAMw8sGZhwQ
oa0Tl/Gy9kMskCtmX/fe8S/Z0HD+ZJPEzpiGHZx6lKAB5Zhjwd0+68gCKb1ND8L5
lf5Lpa+SCROYv6C31oQPzcuhRGHaa9yypW7MLaqm8AsaUEqdd8JB8fM4jUXPsK0Y
Fv/mFfO+8ii8aoJbleOnQ1g7mnAC7jgCyhPNZX4eY1wBseRfUifq8IOQomU4VTRL
k35nUBqN4R1P7HcJcCOp
=3ThH
-----END PGP SIGNATURE-----




From coderman at gmail.com  Sat Aug 17 20:17:11 2013
From: coderman at gmail.com (coderman)
Date: Sat, 17 Aug 2013 20:17:11 -0700
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <E1VAhpl-0001rv-Bp@elasmtp-dupuy.atl.sa.earthlink.net>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
 <E1VAftn-0006Rb-J1@elasmtp-dupuy.atl.sa.earthlink.net>
 <E1VAhpl-0001rv-Bp@elasmtp-dupuy.atl.sa.earthlink.net>
Message-ID: <CAJVRA1QGPffKkcRcST8Rahk3YPb5BHXPuvmt6V1SCjRUwvcy8Q@mail.gmail.com>

On Sat, Aug 17, 2013 at 7:52 AM, John Young <jya at pipeline.com> wrote:
> I would definitely support Assange and the WikiLeaks Party (if TCM
> and a few stalwart others rebuff a draft) as superior to status quo
> politics enforced by US and allies worldwide.


i read this as: "i would rather smash my thumb with a hammer than
stick my dick in a lamp socket"




From skquinn at rushpost.com  Sat Aug 17 22:39:34 2013
From: skquinn at rushpost.com (Shawn K. Quinn)
Date: Sun, 18 Aug 2013 00:39:34 -0500
Subject: see something, say something stamps
In-Reply-To: <52100799.4030802@eff.org>
References: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
 <52100799.4030802@eff.org>
Message-ID: <1376804374.20386.11054377.268D1969@webmail.messagingengine.com>

On Sat, Aug 17, 2013, at 06:30 PM, Parker Higgins wrote:
> Not copyright, but "See something, say something" is a registered
> trademark of the New York City MTA, sub-licensed (with permission for
> additional sub-licenses) to the Department of Homeland Security
> explicitly for use in anti-terrorism campaigns.

How the hell can they trademark something that generic?

Would the NYC MTA really sue for trademark infringement in a case like
this? Seems to me it would be asking for loads of bad PR. (And
unfortunately, should I travel to NYC I don't have many other reasonable
choices for transportation...)

-- 
  Shawn K. Quinn
  skquinn at rushpost.com




From l at odewijk.nl  Sat Aug 17 16:06:38 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Sun, 18 Aug 2013 01:06:38 +0200
Subject: [info] [tt] NYT: Microsatellites: What Big Eyes They Have
In-Reply-To: <20130814093047.GL29404@leitl.org>
References: <20130814093047.GL29404@leitl.org>
Message-ID: <CAHWD2rLhOyBus_7sS8yUqmJ6arXjvo7fuHfoK552yurRHfDLPg@mail.gmail.com>

And think of all the freely recordable wildlife fun you could sell! (People
having sex outside)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 117 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/16202d5a/attachment.txt>

From l at odewijk.nl  Sat Aug 17 16:09:50 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Sun, 18 Aug 2013 01:09:50 +0200
Subject: [info] [tt] NYT: Microsatellites: What Big Eyes They Have
In-Reply-To: <CAHWD2rLhOyBus_7sS8yUqmJ6arXjvo7fuHfoK552yurRHfDLPg@mail.gmail.com>
References: <20130814093047.GL29404@leitl.org>
 <CAHWD2rLhOyBus_7sS8yUqmJ6arXjvo7fuHfoK552yurRHfDLPg@mail.gmail.com>
Message-ID: <CAHWD2rJMEww6T3LNNfCKY87QOY25tA6DAk0wkvh8pxCFHYAivQ@mail.gmail.com>

More seriously though:

This is what I've been saying all along, technology for observation will
become too cheap to counter. We must expect that in a decade our entire
lives can be reconstructed from the data kept in various places for various
reasons indefinitely. The question is more of how to deal with it. And of
course we must reject all bad ways this will happen. There will be plenty.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 445 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/08fb1892/attachment.txt>

From rvh40 at insightbb.com  Sat Aug 17 23:46:08 2013
From: rvh40 at insightbb.com (Randall Webmail)
Date: Sun, 18 Aug 2013 02:46:08 -0400 (EDT)
Subject: see something, say something stamps
In-Reply-To: <1376804374.20386.11054377.268D1969@webmail.messagingengine.com>
Message-ID: <1209772427.342751.1376808368024.JavaMail.root@md13.insight.synacor.com>

From: "Shawn K. Quinn" <skquinn at rushpost.com>

On Sat, Aug 17, 2013, at 06:30 PM, Parker Higgins wrote:
>> Not copyright, but "See something, say something" is a registered
>> trademark of the New York City MTA, sub-licensed (with permission for
>> additional sub-licenses) to the Department of Homeland Security
>> explicitly for use in anti-terrorism campaigns.

>How the hell can they trademark something that generic?

Morton Salt trademarked "When it rains, it pours".

Nike trademarked "Just do it".




From bbrewer at littledystopia.net  Sun Aug 18 03:07:44 2013
From: bbrewer at littledystopia.net (Bbrewer)
Date: Sun, 18 Aug 2013 06:07:44 -0400
Subject: see something, say something stamps
In-Reply-To: <1209772427.342751.1376808368024.JavaMail.root@md13.insight.synacor.com>
References: <1209772427.342751.1376808368024.JavaMail.root@md13.insight.synacor.com>
Message-ID: <14090e5099f.275a.8becf219b5dc41f44ffebd949699882f@littledystopia.net>

On August 18, 2013 2:46:08 AM Randall  Webmail <rvh40 at insightbb.com> wrote:

>
> Morton Salt trademarked "When it rains, it pours".
>
> Nike trademarked "Just do it".
>

McDonalds. "I'm lovin' it"

The list goes on and on.

They're loving it.


Sent with AquaMail for Android
http://www.aqua-mail.com





From shelley at misanthropia.info  Sun Aug 18 07:07:38 2013
From: shelley at misanthropia.info (Shelley)
Date: Sun, 18 Aug 2013 07:07:38 -0700
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <E1VB1Hn-00062I-Jd@elasmtp-kukur.atl.sa.earthlink.net>
Message-ID: <20130818140743.BD2DB680117@frontend2.nyi.mail.srv.osa>

Ginsberg himself would be envious of John's talent of turning a phrase while ranting wise. &nbsp;That's pure poetry.


On Aug 18, 2013 4:43 AM, John Young &lt;jya at pipeline.com&gt; wrote: 

Cryptome beats its stick frustrated in a dim cotton pick weigh shed.

WikiLeaks wails, release me, dog-fuck-stuck in a worldwide power grid.



Manning and Snowden got the humongous brass balls leak exploiters

lack exactly like leaker defenders and fans.








-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 911 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/53275280/attachment.txt>

From jya at pipeline.com  Sun Aug 18 04:38:06 2013
From: jya at pipeline.com (John Young)
Date: Sun, 18 Aug 2013 07:38:06 -0400
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAJVRA1QGPffKkcRcST8Rahk3YPb5BHXPuvmt6V1SCjRUwvcy8Q@mail.g
 mail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E1VAeio-0003uE-VL@elasmtp-banded.atl.sa.earthlink.net>
 <E1VAftn-0006Rb-J1@elasmtp-dupuy.atl.sa.earthlink.net>
 <E1VAhpl-0001rv-Bp@elasmtp-dupuy.atl.sa.earthlink.net>
 <CAJVRA1QGPffKkcRcST8Rahk3YPb5BHXPuvmt6V1SCjRUwvcy8Q@mail.gmail.com>
Message-ID: <E1VB1Hn-00062I-Jd@elasmtp-kukur.atl.sa.earthlink.net>

Cryptome beats its stick frustrated in a dim cotton pick weigh shed.
WikiLeaks wails, release me, dog-fuck-stuck in a worldwide power grid.

Manning and Snowden got the humongous brass balls leak exploiters
lack exactly like leaker defenders and fans.



At 11:17 PM 8/17/2013, you wrote:
>On Sat, Aug 17, 2013 at 7:52 AM, John Young <jya at pipeline.com> wrote:
> > I would definitely support Assange and the WikiLeaks Party (if TCM
> > and a few stalwart others rebuff a draft) as superior to status quo
> > politics enforced by US and allies worldwide.
>
>
>i read this as: "i would rather smash my thumb with a hammer than
>stick my dick in a lamp socket"





From cipher at jim.com  Sat Aug 17 20:06:04 2013
From: cipher at jim.com (James A. Donald)
Date: Sun, 18 Aug 2013 13:06:04 +1000
Subject: Is the Wikileaks Party a cypherpunk party?
Message-ID: <52103A1C.3090105@jim.com>

On 2013-08-17 8:01 PM, CryptoFreak wrote:
> While I'm American, I've been paying close attention to the Wikileaks 
> Party in Australia. Could it be the political embodiment of the 
> cypherpunk movement?
>
> Regardless of what some think of Julian Assange, he certainly holds 
> true to the cp ethic and the parties belief in accountability, 
> privacy, and justice, seem well aligned with the movement.
>
> So what do you think? Is their finally a political party more closely 
> aligned with the cypherpunk ideal than the Libertarians?
>
> Regards,
> CryptoFreak
>

Libertarian Party, and its organs, such as "Reason" Magazine, have not 
been libertarian for some considerable time.

As the inner party (Democrats) and the Outer Party (Republicans) 
continue to move left on racial and sexual differences and on sexual 
preferences, the "Libertarians" attempt to maintain a a "balanced" 
position between them - which means that they steadily move left on 
these issues, adopting ever less libertarian positions, positions that a 
decade or two ago would have been seen not merely as statist, but as 
insanely statist.

They theoretically support the abolition of welfare and open borders, 
but actually support open borders with welfare for underclass immigrant 
bastard spawn, a disturbingly different proposition.  In California, we 
are getting more Indios than Mestizos.  They did not work in Mexico, and 
even less are they working in California.

They theoretically support freedom of speech, but repression of speech 
on racial and sexual differences is just fine by them.

They theoretically oppose welfare, but do not actually oppose welfare.

They oppose profiling - you are allowed to reason about some matters, 
but not others.

The took a "balanced" position on the Zimmerman case

"President Obama spoke some undeniable truths when he noted that the 
African-American community’s intense reaction to the case must be seen 
in the context of a long, terrible history of racism"

"No one except Zimmerman knows whether he continued to track Martin—or, 
as he claims, headed back to his truck only to have Martin confront him. 
No one but Zimmerman knows who initiated physical violence"

In fact we have compelling forensic and circumstantial evidence that 
Zimmerman spoke the truth on both of these questions.  Reason Magazine 
is lying, they are merely lying less egregiously than the rest of the 
mainstream media.  Their position is "reasonable doubt", whereas in fact 
we have enough evidence to convict Martin Trayvon, a drug addled 
burglar, had he lived.

When discussing this case "Reason" regularly make the pious affirmation 
that the poor blacks are being victimized by evil whites, while, Martin 
Trayvon exemplifies black privilege, both in his reaction that Zimmerman 
dissed him by profiling him as the drug addled burglar that he in fact 
was, and in that for affirmative action reasons he was not charged with 
burglary under circumstances where a white boy at the same school would 
have certainly been charged with burglary.  (The government did not like 
the criminal system having disparate impact on the kids in that school, 
and were taking affirmative action measures to correct the disturbing 
fact that lots of black kids were being imprisoned, and few or no white 
kids - since equal discipline and law enforcement had unequal 
consequences, they were applying unequal discipline and law enforcement. )

When reason magazine discusses the curious anomalies leading to 
massively unequal university education for males and females, their 
explanation for all discrepancies favoring women is that women are 
wonderful, even though many of these discrepancies are demonstrably the 
result of systematic discrimination against males and intentional 
penalization of males for being male.

All increases in female representation in academia and decreases in male 
representation, are, according to reason magazine, sunshine, lollypops 
and rainbows, a manifestation of the fact that decreases in evil sexism 
now allow women to demonstrate their true abilities, which are of course 
equal to men, except that women, being wonderful, are a lot more equal 
than men.





From rvh40 at insightbb.com  Sun Aug 18 11:36:35 2013
From: rvh40 at insightbb.com (Randall Webmail)
Date: Sun, 18 Aug 2013 14:36:35 -0400 (EDT)
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <0F692BED-AF3B-407C-8D44-7DA301A21113@gmail.com>
Message-ID: <879210803.344488.1376850995805.JavaMail.root@md13.insight.synacor.com>

Don't be so sure you understand it still. It is often tough to tell what John says, but it is never unclear what he means. 

----- Original Message -----
From: "jd cypherpunks" <jd.cypherpunks at gmail.com> 
To: "Shelley" <shelley at misanthropia.info> 
Cc: "cpunks" <cypherpunks at cpunks.org> 
Sent: Sunday, August 18, 2013 7:20:49 AM 
Subject: Re: Is the Wikileaks Party a cypherpunk party? 



yes, but sometimes I've to read it more than one time to understand it. :) 


--Michael 

Am 18.08.2013 um 16:07 schrieb Shelley < shelley at misanthropia.info >: 




Ginsberg himself would be envious of John's talent of turning a phrase while ranting wise. That's pure poetry. 



On Aug 18, 2013 4:43 AM, John Young < jya at pipeline.com > wrote: 

Cryptome beats its stick frustrated in a dim cotton pick weigh shed. 
WikiLeaks wails, release me, dog-fuck-stuck in a worldwide power grid. 

Manning and Snowden got the humongous brass balls leak exploiters 
lack exactly like leaker defenders and fans. 




-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1921 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/caf2e18f/attachment.txt>

From jd.cypherpunks at gmail.com  Sun Aug 18 07:20:49 2013
From: jd.cypherpunks at gmail.com (jd.cypherpunks at gmail.com)
Date: Sun, 18 Aug 2013 16:20:49 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <20130818140743.BD2DB680117@frontend2.nyi.mail.srv.osa>
References: <20130818140743.BD2DB680117@frontend2.nyi.mail.srv.osa>
Message-ID: <0F692BED-AF3B-407C-8D44-7DA301A21113@gmail.com>


yes, but sometimes I've to read it more than one time to understand it. :)

--Michael

Am 18.08.2013 um 16:07 schrieb Shelley <shelley at misanthropia.info>:

> Ginsberg himself would be envious of John's talent of turning a phrase while ranting wise.  That's pure poetry.
> 
> 
> On Aug 18, 2013 4:43 AM, John Young <jya at pipeline.com> wrote: 
> 
> Cryptome beats its stick frustrated in a dim cotton pick weigh shed. 
> WikiLeaks wails, release me, dog-fuck-stuck in a worldwide power grid. 
> 
> Manning and Snowden got the humongous brass balls leak exploiters 
> lack exactly like leaker defenders and fans. 
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1374 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/4e69cae8/attachment.txt>

From pgut001 at cs.auckland.ac.nz  Sun Aug 18 00:59:26 2013
From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Date: Sun, 18 Aug 2013 19:59:26 +1200
Subject: see something, say something stamps
In-Reply-To: <1376804374.20386.11054377.268D1969@webmail.messagingengine.com>
Message-ID: <E1VAxtW-0007xt-AT@login01.fos.auckland.ac.nz>

"Shawn K. Quinn" <skquinn at rushpost.com> writes:

>Would the NYC MTA really sue for trademark infringement in a case like this?
>Seems to me it would be asking for loads of bad PR.

On the remote chance that they'd even notice it, and the equally remote chance
that they'd bother threatening legal action, all you'd need to do is send a
link to the Wikipedia article on Streisand Effect and they'd go back to
pretending they didn't see it.

In any case since it's use in this case is for satirical purposes (IANAL), it
may be OK anyway.  I just want to get it on a t-shirt.

Peter.




From gfoster at entersection.org  Sun Aug 18 20:49:47 2013
From: gfoster at entersection.org (Gregory Foster)
Date: Sun, 18 Aug 2013 22:49:47 -0500
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <879210803.344488.1376850995805.JavaMail.root@md13.insight.synacor.com>
References: <879210803.344488.1376850995805.JavaMail.root@md13.insight.synacor.com>
Message-ID: <521195DB.9020608@entersection.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Crikey (Aug 19) - "WikiLeaks Party’s ‘administrative errors’ incense
Greens" by @BernardKeane:
http://www.crikey.com.au/2013/08/19/wikileaks-partys-administrative-errors-incense-greens/

Pirate Party Australia (Aug 18) - "Preferencing Statement for Federal
Election 2013":
http://pirateparty.org.au/2013/08/18/preferencing-statement-for-federal-election-2013/

I don't know much about Australian politics, but it sounds like the
current election is interesting.
gf


On 8/18/13 1:36 PM, Randall Webmail wrote:
> Don't be so sure you understand it still.   It is often tough to
> tell what John says, but it is never unclear what he means.
> 
> ------------------------------------------------------------------------
>
> 
*From: *"jd cypherpunks" <jd.cypherpunks at gmail.com>
> *To: *"Shelley" <shelley at misanthropia.info> *Cc: *"cpunks"
> <cypherpunks at cpunks.org> *Sent: *Sunday, August 18, 2013 7:20:49
> AM *Subject: *Re: Is the Wikileaks Party a cypherpunk party?
> 
> 
> yes, but sometimes I've to read it more than one time to understand
> it. :)
> 
> --Michael
> 
> Am 18.08.2013 um 16:07 schrieb Shelley <shelley at misanthropia.info 
> <mailto:shelley at misanthropia.info>>:
> 
> Ginsberg himself would be envious of John's talent of turning a 
> phrase while ranting wise.  That's pure poetry.
> 
> 
> ------------------------------------------------------------------------
>
> 
On Aug 18, 2013 4:43 AM, John Young <jya at pipeline.com
> <mailto:jya at pipeline.com>> wrote:
> 
> Cryptome beats its stick frustrated in a dim cotton pick weigh
> shed. WikiLeaks wails, release me, dog-fuck-stuck in a worldwide
> power grid.
> 
> Manning and Snowden got the humongous brass balls leak exploiters 
> lack exactly like leaker defenders and fans.


- -- 
Gregory Foster || gfoster at entersection.org
@gregoryfoster <> http://entersection.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCgAGBQJSEZXZAAoJEMaAACmjGtgjLCcP/Rsq3ZK43iASoUl5suaCvJFE
ipZTFksgiNSVSxCxVipxJ/ze00m+UtBvBswTrF2/7plp7f8Q1R+LHmoTxJZd4VFb
EsFBikMWaTRqXNdmb7jWWfqCwTnNS9zcAKzejd0+JnXxGd0Nf0oR/Ii+WH8V7rfK
y1uq5FUVnebLEvRoEfTMSXuxzCpmXenFE/oJMmjJhPPoJaNRW7iI4GJev6CTvLsV
1eKQIBRgJiEEcE+jXt1b8F233+MflUOgLY3QSV39cujkncHAd/M8FB67mCO0t4AJ
9T3I1MlunChGZRyAjdHxnIHNOKii8oPKvpSuJhDFkI5EvP4L4TKQtg0N4usxgDLr
G+++cSzNjYTg2t7g+M7nYKBXk///g5EqVorJOZFwjEJi1tVSqB8SWVquZ4RqoVrc
qvKuGS6w/yyWhe3rcC3JVS/UzCeAwuvDAHMAJh1X5LKxLlH13cf4zqrSCGVvjHaJ
LBKw2UOUNorYsbTvZy0PpxrIK0Mm9VzqObThv9flWwuyRVndZ7tzU/BBBohrLiQg
q8++zDYsRgNCRWghXsx83YAfsBrlHiLP+HfZztwqKTUyMEeVeuXRV+ZFFRmdBMmU
EtqTPa2e/PBXmjTrhabStJ8ZUJI3GBBJ5omXQTaRku4aH30U43OG9KRMvdx760Jo
2TFuI7bwsUC4uy8TcrKs
=B9Pr
-----END PGP SIGNATURE-----




From rysiek at hackerspace.pl  Sun Aug 18 14:48:58 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Sun, 18 Aug 2013 23:48:58 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
Message-ID: <7753449.v5aJnrzhsU@laptosid>

OHAI,

I happen to be on Avaaz's info distribution list, and I got an e-mail lately 
that Avaaz is in "grave danger" as GMail will now filter mailings like that 
out to a separate folder for similar spam-ish (yet not spam per se) mailings.

So what they're asking people to do is to reply directly to that e-mail, so 
that GMail will note that Avaaz's mailings are not to be messed around with.

Instead of telling people, you know, to decentralise and use other, smaller 
providers.

I facepalmed so hard I could cry. It's Stockholm Syndrome if I ever saw one. 
"GMail fucks us in the arse, so let's ask them politely to use some 
lubricant".

My question is: does *anybody* on this list have some kind of contact within 
Avaaz? I'd *love* to talk to them about it. It's simply disingenuous to do 
such a campaign and *not* at least signal "oh and by the way, had we all been 
still using different, dispersed, decentralised e-mail services we wouldn't 
get even close to having this problem".

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/81731698/attachment.sig>

From rysiek at hackerspace.pl  Sun Aug 18 14:55:37 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Sun, 18 Aug 2013 23:55:37 +0200
Subject: Google to encrypt cloud storage
Message-ID: <2189975.UDeXjrTKxJ@laptosid>

OHAI,

PRISM caused a ot of fear but now we can finally feel safe again -- Google 
will encrypt all Google Drive storage with user-supplied keys:
http://it.slashdot.org/story/13/08/16/239253/

So our data will be perfectly safe with them, right?
Right?.. ;)

Seriously, though, this is very, very bad for us. Normals will point to that 
and say "hey, Google does the Right Thing and we can be safe there, so we 
should all use Google now. They have encryption and stuff."

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130818/72ef9fb0/attachment.sig>

From me at staticsafe.ca  Mon Aug 19 02:36:43 2013
From: me at staticsafe.ca (staticsafe)
Date: Mon, 19 Aug 2013 05:36:43 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <7753449.v5aJnrzhsU@laptosid>
References: <7753449.v5aJnrzhsU@laptosid>
Message-ID: <20130819093642.GA19173@uriel.asininetech.com>

On Sun, Aug 18, 2013 at 11:48:58PM +0200, rysiek wrote:
> OHAI,
> 
> I happen to be on Avaaz's info distribution list, and I got an e-mail lately 
> that Avaaz is in "grave danger" as GMail will now filter mailings like that 
> out to a separate folder for similar spam-ish (yet not spam per se) mailings.
> 
> So what they're asking people to do is to reply directly to that e-mail, so 
> that GMail will note that Avaaz's mailings are not to be messed around with.
> 
> Instead of telling people, you know, to decentralise and use other, smaller 
> providers.
> 
> I facepalmed so hard I could cry. It's Stockholm Syndrome if I ever saw one. 
> "GMail fucks us in the arse, so let's ask them politely to use some 
> lubricant".
> 
> My question is: does *anybody* on this list have some kind of contact within 
> Avaaz? I'd *love* to talk to them about it. It's simply disingenuous to do 
> such a campaign and *not* at least signal "oh and by the way, had we all been 
> still using different, dispersed, decentralised e-mail services we wouldn't 
> get even close to having this problem".
> 
> -- 
> Pozdr
> rysiek


Gmail's new e-mail sorting system divides mail into three categories by
default - "primary", "social", and "promotions". The user can train the
filter by dragging and dropping and by creating new categories.

A quick look at avaaz.org's SPF record shows that they are using
Sendgrid, I doubt they will be having difficulties with deliverability.
-- 
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post.
Please don't CC! I'm subscribed to whatever list I just posted on.




From danstaples at disman.tl  Mon Aug 19 05:02:38 2013
From: danstaples at disman.tl (Dan Staples)
Date: Mon, 19 Aug 2013 08:02:38 -0400
Subject: Google to encrypt cloud storage
In-Reply-To: <4532732.EFXkRjH4gU@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid> <3401335.AHYfE3qVP8@laptosid>
 <CAHWD2rJMxQgmC9-hkrOF8kX9Q1_CnU6P3fwCh3nNqoWUat4j+g@mail.gmail.com>
 <4532732.EFXkRjH4gU@laptosid>
Message-ID: <5212095E.3080707@disman.tl>

On Mon 19 Aug 2013 07:35:10 AM EDT, rysiek wrote:
> Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte pisze:
>> AES-128 is obviously not secure enough against NSA-type attacks. It works
>> against the random raid of the servers, the exploitative sysadmin and
>> perhaps even the remote exploit in the software. It also allows Google to
>> run storage nodes at a lower security level, which might help them smooth
>> operations.
>>
>> Nothing there to help against the agencies.
>
> But the algo is really completely irrelevant here. They could have used
> OMGWTF-8096 and it would still be irrelevant. If the keys are being held by
> Google -- and as far as I understand, they have to -- the whole encryption is
> moot.
>
> They don't have to give the government the keys. They can just hand over the
> cleartext...
>
> The point about running nodes at a lower security level is interesting,
> though. Maybe that's the whole point:
>
>  - Hey Joe, if we encrypt user data (and hold the keys), we could care less
>    about these nodes' security.
>  - Hey, yeah, Jack, this seems to be a good idea; and we could sell it to
>    people as a "security enhancement", esp. after PRISM.
>  - Oooh, I like this. I'll be talking to PR dept right away!
>

Not so sure we need to be quite so cynical. Obviously this encryption 
is useless against state-level agencies, since data is encrypted 
server-side and Google manages the keys ( although the fact that they 
think they won't be obligated to hand the keys over to the gov't is 
bullshit). However, what I think is important to see in this story, is 
that Google is responding to pressure from the public to take privacy 
and encryption more seriously. This is an opportunity for security and 
privacy activists to push for real security solutions for user data 
storage, that involve strong *client-side encryption* of data.

--
http://disman.tl
OpenPGP key: http://disman.tl/pgp.asc
Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9




From kylem at xwell.org  Mon Aug 19 07:31:54 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Mon, 19 Aug 2013 09:31:54 -0500
Subject: Google to encrypt cloud storage
In-Reply-To: <1588295.tBdiXPo2eh@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid> <4532732.EFXkRjH4gU@laptosid>
 <5212095E.3080707@disman.tl> <1588295.tBdiXPo2eh@laptosid>
Message-ID: <CAESvgEpP-wZr3GcZXix8dVKpf+-3Okhv-DMOAeiL8oDLB8CQHQ@mail.gmail.com>

Keep in mind that not all law enforcement (or the broader class of
potential adversaries) will have access to NSA/FBI-type capabilities
or even NSLs and such, not to mention that it provides additional
protection in case a Google server is breached. Having spent time
chatting with some of their security people, including members of
their incident response team, I'm not so cynical that they view
anything like this as a reason not to secure their stuff. I find it
far more likely that they see this as adding an additional hurdle for
adversaries to clear.

On Mon, Aug 19, 2013 at 7:30 AM, rysiek <rysiek at hackerspace.pl> wrote:
> Dnia poniedziałek, 19 sierpnia 2013 08:02:38 Dan Staples pisze:
>> On Mon 19 Aug 2013 07:35:10 AM EDT, rysiek wrote:
>> > Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte
> pisze:
>> >> AES-128 is obviously not secure enough against NSA-type attacks. It works
>> >> against the random raid of the servers, the exploitative sysadmin and
>> >> perhaps even the remote exploit in the software. It also allows Google to
>> >> run storage nodes at a lower security level, which might help them smooth
>> >> operations.
>> >>
>> >> Nothing there to help against the agencies.
>> >
>> > But the algo is really completely irrelevant here. They could have used
>> > OMGWTF-8096 and it would still be irrelevant. If the keys are being held
>> > by
>> > Google -- and as far as I understand, they have to -- the whole encryption
>> > is moot.
>> >
>> > They don't have to give the government the keys. They can just hand over
>> > the cleartext...
>> >
>> > The point about running nodes at a lower security level is interesting,
>> >
>> > though. Maybe that's the whole point:
>> >  - Hey Joe, if we encrypt user data (and hold the keys), we could care
>> >  less
>> >
>> >    about these nodes' security.
>> >
>> >  - Hey, yeah, Jack, this seems to be a good idea; and we could sell it to
>> >
>> >    people as a "security enhancement", esp. after PRISM.
>> >
>> >  - Oooh, I like this. I'll be talking to PR dept right away!
>>
>> Not so sure we need to be quite so cynical. Obviously this encryption
>> is useless against state-level agencies, since data is encrypted
>> server-side and Google manages the keys ( although the fact that they
>> think they won't be obligated to hand the keys over to the gov't is
>> bullshit). However, what I think is important to see in this story, is
>> that Google is responding to pressure from the public to take privacy
>> and encryption more seriously. This is an opportunity for security and
>> privacy activists to push for real security solutions for user data
>> storage, that involve strong *client-side encryption* of data.
>
> I see it purely as a PR stunt, a pre-emptive strike against services that are
> bound to spring-up, offering *real encryption* and *real security*. Now Google
> can say "we're already offering that" and good luck with explaining to John
> Doe why this is not quite the same...
>
> --
> Pozdr
> rysiek



-- 
@kylemaxwell




From cryptofreak at cpunk.us  Mon Aug 19 09:32:14 2013
From: cryptofreak at cpunk.us (CryptoFreak)
Date: Mon, 19 Aug 2013 11:32:14 -0500
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130819155528.GB19173@uriel.asininetech.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
Message-ID: <5212488E.5070807@cpunk.us>

On 08/19/2013 10:55 AM, staticsafe wrote:
> On Mon, Aug 19, 2013 at 01:26:36PM +0200, rysiek wrote:
>> Dnia poniedziałek, 19 sierpnia 2013 13:10:05 Lodewijk andré de la porte pisze:
>>> That's why he said spam-ish, not spam.
>>>
>>> Regardless it will make them be viewed much less. I think they're just
>>> "taking eggs for their money". They know it's a lot to ask from people to
>>> switch away from gmail. They love their arsefuckings.
>>>
>>> They might not have thought about the "big ridiculously high, then concede
>>> to something high"-tactic. "Please, people, stop using gmail". Everyone:
>>> "Noo! We love Gmail!". "Then at least send an e-mail back to fix gmail".
>>> Everyone: "That sounds reasonable." instead of "please fix gmail". Everyone
>>> "naah too much effort".
>>
>> This. Also, it wouldn't cost them a dime to add a sentence or two explaining 
>> why centralisation is the problem and how using other e-mail providers can 
>> help.
>>
>> -- 
>> Pozdr
>> rysiek
> 
> 
> Sure, lets tell them to move their e-mail from Gmail....to where? To
> another big mail provider (whats the point then?). Lavabit, Silent
> Circle, Hushmail, Tormail? Nope. Self host their own e-mail? Hah. Most
> people don't have the resources and/or the ability to do something like
> that. 
> 
> There is also the matter of trust, why should I trust $MAILHOST over
> Google?
> 
> What is the solution then?
> 
> I hope I got my point across.

The solution *could* be to host their own mail server if it were made
easy enough for them. I'm thinking something like a Raspberry Pi with
very well designed web UI for simple configuration and management.
Include a nice webmail client and even most non-techies could probably
do this.




From me at staticsafe.ca  Mon Aug 19 08:55:28 2013
From: me at staticsafe.ca (staticsafe)
Date: Mon, 19 Aug 2013 11:55:28 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <2231951.HaiaVyPRDn@laptosid>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
Message-ID: <20130819155528.GB19173@uriel.asininetech.com>

On Mon, Aug 19, 2013 at 01:26:36PM +0200, rysiek wrote:
> Dnia poniedziałek, 19 sierpnia 2013 13:10:05 Lodewijk andré de la porte pisze:
> > That's why he said spam-ish, not spam.
> > 
> > Regardless it will make them be viewed much less. I think they're just
> > "taking eggs for their money". They know it's a lot to ask from people to
> > switch away from gmail. They love their arsefuckings.
> > 
> > They might not have thought about the "big ridiculously high, then concede
> > to something high"-tactic. "Please, people, stop using gmail". Everyone:
> > "Noo! We love Gmail!". "Then at least send an e-mail back to fix gmail".
> > Everyone: "That sounds reasonable." instead of "please fix gmail". Everyone
> > "naah too much effort".
> 
> This. Also, it wouldn't cost them a dime to add a sentence or two explaining 
> why centralisation is the problem and how using other e-mail providers can 
> help.
> 
> -- 
> Pozdr
> rysiek


Sure, lets tell them to move their e-mail from Gmail....to where? To
another big mail provider (whats the point then?). Lavabit, Silent
Circle, Hushmail, Tormail? Nope. Self host their own e-mail? Hah. Most
people don't have the resources and/or the ability to do something like
that. 

There is also the matter of trust, why should I trust $MAILHOST over
Google?

What is the solution then?

I hope I got my point across.
-- 
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post.
Please don't CC! I'm subscribed to whatever list I just posted on.




From rysiek at hackerspace.pl  Mon Aug 19 03:15:24 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 12:15:24 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <Pine.LNX.4.64.1308170830430.24402@mx1.mfn.org>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <E7ED0292-33E4-4B31-B9D6-EDB6FF780F92@cpunk.us>
 <Pine.LNX.4.64.1308170830430.24402@mx1.mfn.org>
Message-ID: <1600919.MFZkNMqdC0@laptosid>

Dnia sobota, 17 sierpnia 2013 08:33:11 J.A. Terranson pisze:
> On Sat, 17 Aug 2013, CryptoFreak wrote:
> > There's definately a chance it could become corrupt.
> 
> A *chance*?  It's *already corrupt by definition: do you undeerstand what
> is required to organize and run a political (read: Organized Crime) party?
> 
> > But I think the big difference between the Wikileaks Party and other,
> > more traditional parties, is that the WLP is focused on more than just
> > grabbing power. The whole organization is about speaking truth to power,
> > destroying secrets, informing the populace, and holding those in power
> > accountable. That a little different than most others.
> 
> Where have I heard that before I wonder?  Whigs? Republicans? Democrats
> (Obama as recently as 2008 even)?

This. Pirate Party anyone? Granted, the PP does have some great, active, 
ideologically pure chapters (Iceland, Sweden to large extent). But looking ta 
the Pirate Party in Poland -- there is no hope.

What this all boils down to is this:
Party/logo stays, people change.

If we start trusting the WikiLeaks party, or the Pirate Party, or any other 
centralised entity, inevitably at some point people that created these and 
might have even had their hearts and minds in the right place -- will go away, 
others will come in and take over. That's a natural process.

Problem is, political processes tend to reward those able to compromise (in 
both senses), those able to lie, cheat and deceive. And this is what we will 
get at some point in the future, we can be certain of that.

So once we start putting too much trust and hope in a logo (WikiLeaks party; 
Pirate Party), we're in for some serious disappointment.

> > Of course that could all be hyperbole just like Obama's promises of change
> > but we don't know yet.  While I agree that a cryptoanarchist poses a
> > bigger threat to the power structure than a political party does, could
> > this not be a good forward step?
> 
> It *could*. But I doubt it.

Only if it would indeed be created in a way that ensures that it will be 
disruptive and will not become a career party like the others. This would 
require clear set of *achievable* goals, and a time limit written-in into the 
statute.

Something along the lines of:
http://rys.io/en/78
http://rys.io/en/80

Both texts are a bit naive, I grant you that, since I hadn't had enough time 
to work on them yet.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/ca25e9fc/attachment.sig>

From boklm at mars-attacks.org  Mon Aug 19 03:27:51 2013
From: boklm at mars-attacks.org (Nicolas Vigier)
Date: Mon, 19 Aug 2013 12:27:51 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <2189975.UDeXjrTKxJ@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid>
Message-ID: <20130819102751.GY4589@mars-attacks.org>

On Sun, 18 Aug 2013, rysiek wrote:

> OHAI,
> 
> PRISM caused a ot of fear but now we can finally feel safe again -- Google 
> will encrypt all Google Drive storage with user-supplied keys:
> http://it.slashdot.org/story/13/08/16/239253/
> 
> So our data will be perfectly safe with them, right?
> Right?.. ;)

I don't understand against who it is supposed to protect your data. It
cannot be against google as they have all the keys. Does it mean google
admit that there are other people with direct access to their data
storage ?




From rysiek at hackerspace.pl  Mon Aug 19 03:31:02 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 12:31:02 +0200
Subject: see something, say something stamps
In-Reply-To: <52100799.4030802@eff.org>
References: <20130814223932.DHXB3871.eastrmfepo202.cox.net@eastrmimpo210>
 <52100799.4030802@eff.org>
Message-ID: <1490896.vdaBv5AFfQ@laptosid>

Dnia sobota, 17 sierpnia 2013 13:30:33 Parker Higgins pisze:
> Not copyright, but "See something, say something" is a registered
> trademark of the New York City MTA, sub-licensed (with permission for
> additional sub-licenses) to the Department of Homeland Security
> explicitly for use in anti-terrorism campaigns.

Seriously, *LET THEM SUE*. MTA, please meet Mrs. Barbra Streisand... ;)
http://en.wikipedia.org/wiki/Streisand_effect

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/840473b8/attachment.sig>

From rysiek at hackerspace.pl  Mon Aug 19 03:38:50 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 12:38:50 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <20130819102751.GY4589@mars-attacks.org>
References: <2189975.UDeXjrTKxJ@laptosid>
 <20130819102751.GY4589@mars-attacks.org>
Message-ID: <3401335.AHYfE3qVP8@laptosid>

Dnia poniedziałek, 19 sierpnia 2013 12:27:51 Nicolas Vigier pisze:
> On Sun, 18 Aug 2013, rysiek wrote:
> > OHAI,
> > 
> > PRISM caused a ot of fear but now we can finally feel safe again -- Google
> > will encrypt all Google Drive storage with user-supplied keys:
> > http://it.slashdot.org/story/13/08/16/239253/
> > 
> > So our data will be perfectly safe with them, right?
> > Right?.. ;)
> 
> I don't understand against who it is supposed to protect your data. It
> cannot be against google as they have all the keys. Does it mean google
> admit that there are other people with direct access to their data
> storage ?

This is *precisely* why I wrote:

"Seriously, though, this is very, very bad for us. Normals will point to that
 and say 'hey, Google does the Right Thing and we can be safe there, so we
 should all use Google now. They have encryption and stuff.'"

We know this is bogus; but for a normal person this sounds like a Great Idea: 
just imagine, all your data encrypted, easily managed and with Google prowess 
to back it technologically! What's not to love?..

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/d3ac2ea4/attachment.sig>

From rysiek at hackerspace.pl  Mon Aug 19 03:42:03 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 12:42:03 +0200
Subject: MailPile: self-hosted webmail with built-in PGP/GPG
Message-ID: <1446595.958Acanylv@laptosid>

Hi there,

As the topic states -- there's a neat project of a webmail that has PGP/GPG 
support built-in from the start with the idea of making it as easy to use as 
possible (or more). MailPile:
http://www.mailpile.is/

There's an IndieGoGo campaign to fund its development, 3/4 funded already:
http://www.indiegogo.com/projects/mailpile-taking-e-mail-back

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/00586180/attachment.sig>

From me at staticsafe.ca  Mon Aug 19 09:44:36 2013
From: me at staticsafe.ca (staticsafe)
Date: Mon, 19 Aug 2013 12:44:36 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
Message-ID: <20130819164436.GC19173@uriel.asininetech.com>

On Mon, Aug 19, 2013 at 06:37:33PM +0200, Lodewijk andré de la porte wrote:
> 2013/8/19 CryptoFreak <cryptofreak at cpunk.us>
> 
> > The solution *could* be to host their own mail server if it were made
> > easy enough for them. I'm thinking something like a Raspberry Pi with
> > very well designed web UI for simple configuration and management.
> > Include a nice webmail client and even most non-techies could probably
> > do this.
> >
> 
> ~30 bucks, energy, outages, slower, less functions, maybe problems. Good
> luck selling that.

The biggest problem being spam. We need to educate typical e-mail users
about e-mail hygiene and spam fighting.
-- 
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post.
Please don't CC! I'm subscribed to whatever list I just posted on.




From demonfighter at gmail.com  Mon Aug 19 10:04:49 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Mon, 19 Aug 2013 13:04:49 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130819164436.GC19173@uriel.asininetech.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
 <20130819164436.GC19173@uriel.asininetech.com>
Message-ID: <CAOFDsm1Aq8ir4HWWD+-KgoTLObJ+uZkk5+jQ7inN_x5h3O+SSw@mail.gmail.com>

On Mon, Aug 19, 2013 at 12:44 PM, staticsafe <me at staticsafe.ca> wrote:
> The biggest problem being spam. We need to educate typical e-mail users
> about e-mail hygiene and spam fighting.

Over the past two decades, efforts to educate the average user have
had limited success at best. I think it's time to give up on educating them
and simply drive them off the internet. We can frame them for various
crimes, loot their bank accounts or credit cards so they're too poor to get
online, or get them kicked off of their ISPs. Conveniently, the people who
are too dumb to be allowed online are the very same people who will be easy
to attack online.

Why, yes, I did major in sophistry in college. Why do you ask?

-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1182 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/d36130ce/attachment.txt>

From l at odewijk.nl  Mon Aug 19 04:10:05 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 19 Aug 2013 13:10:05 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130819093642.GA19173@uriel.asininetech.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
Message-ID: <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>

That's why he said spam-ish, not spam.

Regardless it will make them be viewed much less. I think they're just
"taking eggs for their money". They know it's a lot to ask from people to
switch away from gmail. They love their arsefuckings.

They might not have thought about the "big ridiculously high, then concede
to something high"-tactic. "Please, people, stop using gmail". Everyone:
"Noo! We love Gmail!". "Then at least send an e-mail back to fix gmail".
Everyone: "That sounds reasonable." instead of "please fix gmail". Everyone
"naah too much effort".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 726 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/3d477536/attachment.txt>

From l at odewijk.nl  Mon Aug 19 04:12:35 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 19 Aug 2013 13:12:35 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <3401335.AHYfE3qVP8@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid>
 <20130819102751.GY4589@mars-attacks.org>
 <3401335.AHYfE3qVP8@laptosid>
Message-ID: <CAHWD2rJMxQgmC9-hkrOF8kX9Q1_CnU6P3fwCh3nNqoWUat4j+g@mail.gmail.com>

AES-128 is obviously not secure enough against NSA-type attacks. It works
against the random raid of the servers, the exploitative sysadmin and
perhaps even the remote exploit in the software. It also allows Google to
run storage nodes at a lower security level, which might help them smooth
operations.

Nothing there to help against the agencies.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 396 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/344050b0/attachment.txt>

From rysiek at hackerspace.pl  Mon Aug 19 04:26:36 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 13:26:36 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
Message-ID: <2231951.HaiaVyPRDn@laptosid>

Dnia poniedziałek, 19 sierpnia 2013 13:10:05 Lodewijk andré de la porte pisze:
> That's why he said spam-ish, not spam.
> 
> Regardless it will make them be viewed much less. I think they're just
> "taking eggs for their money". They know it's a lot to ask from people to
> switch away from gmail. They love their arsefuckings.
> 
> They might not have thought about the "big ridiculously high, then concede
> to something high"-tactic. "Please, people, stop using gmail". Everyone:
> "Noo! We love Gmail!". "Then at least send an e-mail back to fix gmail".
> Everyone: "That sounds reasonable." instead of "please fix gmail". Everyone
> "naah too much effort".

This. Also, it wouldn't cost them a dime to add a sentence or two explaining 
why centralisation is the problem and how using other e-mail providers can 
help.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/e340d6ff/attachment.sig>

From rysiek at hackerspace.pl  Mon Aug 19 04:35:10 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 13:35:10 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <CAHWD2rJMxQgmC9-hkrOF8kX9Q1_CnU6P3fwCh3nNqoWUat4j+g@mail.gmail.com>
References: <2189975.UDeXjrTKxJ@laptosid> <3401335.AHYfE3qVP8@laptosid>
 <CAHWD2rJMxQgmC9-hkrOF8kX9Q1_CnU6P3fwCh3nNqoWUat4j+g@mail.gmail.com>
Message-ID: <4532732.EFXkRjH4gU@laptosid>

Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte pisze:
> AES-128 is obviously not secure enough against NSA-type attacks. It works
> against the random raid of the servers, the exploitative sysadmin and
> perhaps even the remote exploit in the software. It also allows Google to
> run storage nodes at a lower security level, which might help them smooth
> operations.
> 
> Nothing there to help against the agencies.

But the algo is really completely irrelevant here. They could have used 
OMGWTF-8096 and it would still be irrelevant. If the keys are being held by 
Google -- and as far as I understand, they have to -- the whole encryption is 
moot.

They don't have to give the government the keys. They can just hand over the 
cleartext...

The point about running nodes at a lower security level is interesting, 
though. Maybe that's the whole point:

 - Hey Joe, if we encrypt user data (and hold the keys), we could care less
   about these nodes' security.
 - Hey, yeah, Jack, this seems to be a good idea; and we could sell it to
   people as a "security enhancement", esp. after PRISM.
 - Oooh, I like this. I'll be talking to PR dept right away!

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/6be4b89d/attachment.sig>

From johndown at i2pmail.org  Mon Aug 19 07:02:27 2013
From: johndown at i2pmail.org (John Down)
Date: Mon, 19 Aug 2013 14:02:27 +0000 (UTC)
Subject: Google to encrypt cloud storage
In-Reply-To: <20130819111452.D3771AE23F@smtp.postman.i2p>
References: <2189975.UDeXjrTKxJ@laptosid>
 <20130819102751.GY4589@mars-attacks.org>
 <3401335.AHYfE3qVP8@laptosid>
 <20130819111452.D3771AE23F@smtp.postman.i2p>
Message-ID: <20130819140227.59DCAAE23E@smtp.postman.i2p>

If memory serves me right, when was revealed information about Colossus 2 (built in 1940x), it was pretty astonishing that it has computation power as very specialised computation device same as 
compared generic computation device with Pentium platform running C program which is doing same. So they were equal in solving these specific problem of decrypting messages. Now you can make 
assumptions what they should have very specialised hardware-based for solving tasks of decrypting AES, etc

On Mon, Aug 19, 2013 at 11:14:52AM +0000, Lodewijk andré de la porte wrote:
> AES-128 is obviously not secure enough against NSA-type attacks. It works
> against the random raid of the servers, the exploitative sysadmin and
> perhaps even the remote exploit in the software. It also allows Google to
> run storage nodes at a lower security level, which might help them smooth
> operations.
> 
> Nothing there to help against the agencies.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: Digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/7a8a89ef/attachment.sig>

From rysiek at hackerspace.pl  Mon Aug 19 05:30:07 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 14:30:07 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <5212095E.3080707@disman.tl>
References: <2189975.UDeXjrTKxJ@laptosid> <4532732.EFXkRjH4gU@laptosid>
 <5212095E.3080707@disman.tl>
Message-ID: <1588295.tBdiXPo2eh@laptosid>

Dnia poniedziałek, 19 sierpnia 2013 08:02:38 Dan Staples pisze:
> On Mon 19 Aug 2013 07:35:10 AM EDT, rysiek wrote:
> > Dnia poniedziałek, 19 sierpnia 2013 13:12:35 Lodewijk andré de la porte 
pisze:
> >> AES-128 is obviously not secure enough against NSA-type attacks. It works
> >> against the random raid of the servers, the exploitative sysadmin and
> >> perhaps even the remote exploit in the software. It also allows Google to
> >> run storage nodes at a lower security level, which might help them smooth
> >> operations.
> >> 
> >> Nothing there to help against the agencies.
> > 
> > But the algo is really completely irrelevant here. They could have used
> > OMGWTF-8096 and it would still be irrelevant. If the keys are being held
> > by
> > Google -- and as far as I understand, they have to -- the whole encryption
> > is moot.
> > 
> > They don't have to give the government the keys. They can just hand over
> > the cleartext...
> > 
> > The point about running nodes at a lower security level is interesting,
> > 
> > though. Maybe that's the whole point:
> >  - Hey Joe, if we encrypt user data (and hold the keys), we could care
> >  less
> >  
> >    about these nodes' security.
> >  
> >  - Hey, yeah, Jack, this seems to be a good idea; and we could sell it to
> >  
> >    people as a "security enhancement", esp. after PRISM.
> >  
> >  - Oooh, I like this. I'll be talking to PR dept right away!
> 
> Not so sure we need to be quite so cynical. Obviously this encryption
> is useless against state-level agencies, since data is encrypted
> server-side and Google manages the keys ( although the fact that they
> think they won't be obligated to hand the keys over to the gov't is
> bullshit). However, what I think is important to see in this story, is
> that Google is responding to pressure from the public to take privacy
> and encryption more seriously. This is an opportunity for security and
> privacy activists to push for real security solutions for user data
> storage, that involve strong *client-side encryption* of data.

I see it purely as a PR stunt, a pre-emptive strike against services that are 
bound to spring-up, offering *real encryption* and *real security*. Now Google 
can say "we're already offering that" and good luck with explaining to John 
Doe why this is not quite the same...

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/2661a127/attachment.sig>

From me at staticsafe.ca  Mon Aug 19 13:47:58 2013
From: me at staticsafe.ca (staticsafe)
Date: Mon, 19 Aug 2013 16:47:58 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <52127CA8.1020409@krugar.info>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
Message-ID: <20130819204758.GG19173@uriel.asininetech.com>

On Mon, Aug 19, 2013 at 10:14:32PM +0200, Alexander R. Krug wrote:
> i don't quite get why everyone purportedly loves webmail clients so much?

Ease of access as opposed to setting up a client like
Thunderbird/Outlook/mutt etc.
-- 
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post.
Please don't CC! I'm subscribed to whatever list I just posted on.




From rysiek at hackerspace.pl  Mon Aug 19 07:56:17 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 16:56:17 +0200
Subject: Google threat analysis selectively applied
In-Reply-To: <CAHWD2rLSzasLFZ_jU6hzS2DB-KgWv4m4T0gy42xpBEvs9_u4OQ@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <CAESvgEoTGeBmbEraROKH494Nw8yF6sRZtB_Jn-N5FK4LECmjNA@mail.gmail.com>
 <CAHWD2rLSzasLFZ_jU6hzS2DB-KgWv4m4T0gy42xpBEvs9_u4OQ@mail.gmail.com>
Message-ID: <2702329.zc9XBCBuNq@laptosid>

Dnia środa, 14 sierpnia 2013 23:30:59 Lodewijk andré de la porte pisze:
> Google might very well have given that add -10k LarryPoints. It just had to
> compete with the other paid ads, and there were none. So it won.
> 
> Google is capable of automatically crawling websites and running a full
> virus-and-maleware-scan sweep. Especially for their ads. But they don't do
> this at all AFAIK. Probably not worth it.

First and foremost, dow e REALLY want Google to censor the results? I know, I 
am using a very strong word here, but I believe there is something to it. If 
we expect Google to censor our Internet for us, they will, and then we shall 
weep.

The right way of handling this is education. For example getting media and 
information competencies[1] courses to schools so that people would be able to 
better filter out the bogus ads themselves.

[1] http://ifapcom.ru/files/News/Images/2013/mil_eng_web.pdf p. 351 onwards
    DISCLAIMER: I'm one of the co-authors of that catalogue; comments welcome

also, inb4 "iFap" jokes ;)

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/c95676e9/attachment.sig>

From rysiek at hackerspace.pl  Mon Aug 19 07:59:07 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 16:59:07 +0200
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <520BBB8C.5040009@virtadpt.net>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <1376330801.10168.1.camel@anglachel> <520BBB8C.5040009@virtadpt.net>
Message-ID: <1667278.03mGxC4lYX@laptosid>

Dnia środa, 14 sierpnia 2013 13:17:00 The Doctor pisze:
> On 08/12/2013 02:06 PM, Ted Smith wrote:
> > Remember, TSR sends drugs *through the mail*. You can't
> > successfully *mail* enough drugs for the NSA/DEA to care.
> 
> The NSA?  Probably not, no.  The DEA?  Most definitely.  Trafficking
> and shipping of drugs from point 'a' to points elsewhere are a part of
> their mission.

I like the idea of DEA's mission being traficking of drugs, well played, Sir. 
;)

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/cb438bd6/attachment.sig>

From ericm at lne.com  Mon Aug 19 17:01:58 2013
From: ericm at lne.com (Eric Murray)
Date: Mon, 19 Aug 2013 17:01:58 -0700
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
 <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
 <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>
 <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
Message-ID: <5212B1F6.3090103@lne.com>

On 08/19/2013 03:54 PM, Steve Furlong wrote:
> . I still haven't figured out whether that means that email encryption 
> is too difficult to set up and use or it means that most everyone is 
> mostly too stupid.

Matt Blaze posted a tweet that's appropos yesterday:

"anyone who thinks users who misunderstand technology don't "deserve" 
privacy doesn't "deserve" to be a security engineer."

Eric




From grarpamp at gmail.com  Mon Aug 19 14:06:23 2013
From: grarpamp at gmail.com (grarpamp)
Date: Mon, 19 Aug 2013 17:06:23 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130819204758.GG19173@uriel.asininetech.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
Message-ID: <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>

>> i don't quite get why everyone purportedly loves webmail clients so much?
>
> Ease of access as opposed to setting up a client like
> Thunderbird/Outlook/mutt etc.

I can tell you gmail's interface completely sucks now.
Every change they make is a whole new world of ruin.

Webmail dates back to providers not offering imap/submission,
no small part because it's harder to force feed ads down those
interface channels than with captive eyeballs in webmail. Many
other reasons but most of them are the provider choosing/forcing
webmail, not the user. Never forget the AOL captive UI.




From wrightalexw at gmail.com  Mon Aug 19 14:12:33 2013
From: wrightalexw at gmail.com (alex wright)
Date: Mon, 19 Aug 2013 17:12:33 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
Message-ID: <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>

I put text in a box.  I click a button.  That text is transported to people
across the globe.  Fucking people need to get over some UI shit.


On Mon, Aug 19, 2013 at 5:06 PM, grarpamp <grarpamp at gmail.com> wrote:

> >> i don't quite get why everyone purportedly loves webmail clients so
> much?
> >
> > Ease of access as opposed to setting up a client like
> > Thunderbird/Outlook/mutt etc.
>
> I can tell you gmail's interface completely sucks now.
> Every change they make is a whole new world of ruin.
>
> Webmail dates back to providers not offering imap/submission,
> no small part because it's harder to force feed ads down those
> interface channels than with captive eyeballs in webmail. Many
> other reasons but most of them are the provider choosing/forcing
> webmail, not the user. Never forget the AOL captive UI.
>



-- 
"On two occasions I have been asked, 'Pray, Mr. Babbage, if you put into the
machine wrong figures, will the right answers come out?' I am not able
rightly
to apprehend the kind of confusion of ideas that could provoke such a
question."

-Charles Babbage, 19th century English mathematician, philosopher, inventor
and mechanical engineer who originated the concept of a programmable
computer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1677 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/a0a5ac79/attachment.txt>

From grarpamp at gmail.com  Mon Aug 19 14:20:30 2013
From: grarpamp at gmail.com (grarpamp)
Date: Mon, 19 Aug 2013 17:20:30 -0400
Subject: Google to encrypt cloud storage
In-Reply-To: <1588295.tBdiXPo2eh@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid> <4532732.EFXkRjH4gU@laptosid>
 <5212095E.3080707@disman.tl> <1588295.tBdiXPo2eh@laptosid>
Message-ID: <CAD2Ti28zFkSFtpo=F3t1OgGywWJRhHPgtJhq8srkm2kj3iLQRQ@mail.gmail.com>

>> since data is encrypted
>> server-side and Google manages the keys ( although the fact that they
>> think they won't be obligated to hand the keys over to the gov't is
>> bullshit). However, what I think is important to see in this story, is
>> that Google is responding to pressure from the public to take privacy
>> and encryption more seriously. This is an opportunity for security and
>> privacy activists to push for real security solutions for user data
>> storage, that involve strong *client-side encryption* of data.
>
> I see it purely as a PR stunt, a pre-emptive strike against services that are
> bound to spring-up, offering *real encryption* and *real security*. Now Google
> can say "we're already offering that" and good luck with explaining to John
> Doe why this is not quite the same...

With the same dev money Google could be funding open source projects
like tahoelafs, p2p messaging, etc that put the keys in the hands of the user
for easy use. Yet no, they compete against them. They're a business, they've
become and catered to more corporate/gov base, that's normal, write around
them and claim the user base.




From l at odewijk.nl  Mon Aug 19 09:37:33 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 19 Aug 2013 18:37:33 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5212488E.5070807@cpunk.us>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
Message-ID: <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>

2013/8/19 CryptoFreak <cryptofreak at cpunk.us>

> The solution *could* be to host their own mail server if it were made
> easy enough for them. I'm thinking something like a Raspberry Pi with
> very well designed web UI for simple configuration and management.
> Include a nice webmail client and even most non-techies could probably
> do this.
>

~30 bucks, energy, outages, slower, less functions, maybe problems. Good
luck selling that.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 782 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/bf02294e/attachment.txt>

From l at odewijk.nl  Mon Aug 19 09:38:40 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 19 Aug 2013 18:38:40 +0200
Subject: Google threat analysis selectively applied
In-Reply-To: <2702329.zc9XBCBuNq@laptosid>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <CAESvgEoTGeBmbEraROKH494Nw8yF6sRZtB_Jn-N5FK4LECmjNA@mail.gmail.com>
 <CAHWD2rLSzasLFZ_jU6hzS2DB-KgWv4m4T0gy42xpBEvs9_u4OQ@mail.gmail.com>
 <2702329.zc9XBCBuNq@laptosid>
Message-ID: <CAHWD2rJE6q9UUP54dT92N=Y0Fe1av=7zgsVP6c64u1m3a3y6aw@mail.gmail.com>

2013/8/19 rysiek <rysiek at hackerspace.pl>

> First and foremost, dow e REALLY want Google to censor the results? I
> know, I
> am using a very strong word here, but I believe there is something to it.
> If
> we expect Google to censor our Internet for us, they will, and then we
> shall
> weep.


They do already. They call it "pagerank". They purposely influence it to
achieve the "right" results. They don't have to remove it, just moving it
to page 200 is enough.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 855 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/b7518278/attachment.txt>

From demonfighter at gmail.com  Mon Aug 19 15:54:30 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Mon, 19 Aug 2013 18:54:30 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
 <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
 <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>
Message-ID: <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>

On Mon, Aug 19, 2013 at 6:24 PM, Lodewijk andré de la porte <l at odewijk.nl>wrote:

>
> And regarding blackhatting all nooblet users, yeah I kinda think that's
> actually a fairly legitimate argument. If only things went bad all the time
> people would care more about security. Simplistic worldviews. If only they
> were ever real.
>

To be clear, I was joking, earlier. Well, mostly.

Aside from that, you're right about just about all of your points. It's
fun, running your own mail server and being blacklisted -- more accurately,
not whitelisted -- and having outgoing mail dropped silently. Or connecting
to my home mail server from a client site. "Trying to connect", that is,
because the client's firewall blocks everything not specifically allowed.
Gmail is allowed. Steves-home-server is not. And so on. I just go with
gmail for most things despite the philosophical and technical problems.
I'll use methods other than email for anything sensitive, or point people
at my own server if needed, or worst case encrypt the email. (That's a
worst case because email encryption seems to be beyond the ability of 90%
of everyone. I still haven't figured out whether that means that email
encryption is too difficult to set up and use or it means that most
everyone is mostly too stupid.)

-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1828 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/ed6b326f/attachment.txt>

From rysiek at hackerspace.pl  Mon Aug 19 11:14:14 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 19 Aug 2013 20:14:14 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAOFDsm1Aq8ir4HWWD+-KgoTLObJ+uZkk5+jQ7inN_x5h3O+SSw@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819164436.GC19173@uriel.asininetech.com>
 <CAOFDsm1Aq8ir4HWWD+-KgoTLObJ+uZkk5+jQ7inN_x5h3O+SSw@mail.gmail.com>
Message-ID: <4849621.LFcAugpP6n@laptosid>

Dnia poniedziałek, 19 sierpnia 2013 13:04:49 Steve Furlong pisze:
> On Mon, Aug 19, 2013 at 12:44 PM, staticsafe <me at staticsafe.ca> wrote:
> > The biggest problem being spam. We need to educate typical e-mail users
> > about e-mail hygiene and spam fighting.
> 
> Over the past two decades, efforts to educate the average user have
> had limited success at best. I think it's time to give up on educating them
> and simply drive them off the internet. We can frame them for various
> crimes, loot their bank accounts or credit cards so they're too poor to get
> online, or get them kicked off of their ISPs. Conveniently, the people who
> are too dumb to be allowed online are the very same people who will be easy
> to attack online.
> 
> Why, yes, I did major in sophistry in college. Why do you ask?

Philosophy major here, and you are a gentleman and a scholar.

For a while now I have been pondering the idea of "fuck that, can't save the 
world, just let proles get all the shit they are bound to get, and let us 
techie kind just dance between the raindrops as we know how".

So far the realisation that the same can be pondered from (for example) a 
medical professional's perspective (i.e. "fuck that, the proles will never 
learn, I'll just wash my hands and not bother myself with their well-being"), 
and that in that case I would be the prole, was enough to keep me on my 
altruistic path.

Not to mention that the more and better people are educated, the better we're 
all off (as it's harder for politicos to paint us techies/hackers as 
criminals).

Using the stated tactic against politicos (OHAI, Mr Censormoron...) would be 
something I am sure some of the less peacefully inclined could indeed find 
interesting, I guess. *cough*

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130819/6ca054d5/attachment.sig>

From krugar at krugar.info  Mon Aug 19 13:14:32 2013
From: krugar at krugar.info (Alexander R. Krug)
Date: Mon, 19 Aug 2013 22:14:32 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5212488E.5070807@cpunk.us>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
Message-ID: <52127CA8.1020409@krugar.info>

On 19.08.2013 18:32, CryptoFreak wrote:
> On 08/19/2013 10:55 AM, staticsafe wrote:
>> On Mon, Aug 19, 2013 at 01:26:36PM +0200, rysiek wrote:
>>> Dnia poniedziałek, 19 sierpnia 2013 13:10:05 Lodewijk andré de la porte pisze:
>>>> That's why he said spam-ish, not spam.
>>>>
>>>> Regardless it will make them be viewed much less. I think they're just
>>>> "taking eggs for their money". They know it's a lot to ask from people to
>>>> switch away from gmail. They love their arsefuckings.
>>>>
>>>> They might not have thought about the "big ridiculously high, then concede
>>>> to something high"-tactic. "Please, people, stop using gmail". Everyone:
>>>> "Noo! We love Gmail!". "Then at least send an e-mail back to fix gmail".
>>>> Everyone: "That sounds reasonable." instead of "please fix gmail". Everyone
>>>> "naah too much effort".
>>>
>>> This. Also, it wouldn't cost them a dime to add a sentence or two explaining 
>>> why centralisation is the problem and how using other e-mail providers can 
>>> help.
>>>
>>> -- 
>>> Pozdr
>>> rysiek
>>
>>
>> Sure, lets tell them to move their e-mail from Gmail....to where? To
>> another big mail provider (whats the point then?). Lavabit, Silent
>> Circle, Hushmail, Tormail? Nope. Self host their own e-mail? Hah. Most
>> people don't have the resources and/or the ability to do something like
>> that. 
>>
>> There is also the matter of trust, why should I trust $MAILHOST over
>> Google?
>>
>> What is the solution then?
>>
>> I hope I got my point across.
> 
> The solution *could* be to host their own mail server if it were made
> easy enough for them. I'm thinking something like a Raspberry Pi with
> very well designed web UI for simple configuration and management.
> Include a nice webmail client and even most non-techies could probably
> do this.
> 

i don't quite get why everyone purportedly loves webmail clients so much?




From sganush at me.com  Mon Aug 19 13:43:55 2013
From: sganush at me.com (Sylvia Ganush)
Date: Mon, 19 Aug 2013 22:43:55 +0200
Subject: David and Glenn in Berlin
Message-ID: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>

After all, the UK were right to suspect David Miranda, Glenn Greenwald's
honey, of terrorism. While in Berlin the pair infiltrated the
President's innermost security perimiter. Look at this photo:

http://www.flickr.com/photos/whitehouse/9314671291/lightbox/

David is checking out the Inspire magazine on his laptop, as Glenn is
fixing wires to a pressure cooker. If this is not a terror plot, I don't
know what is.

Sylvia




From l at odewijk.nl  Mon Aug 19 15:24:13 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 20 Aug 2013 00:24:13 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
 <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
Message-ID: <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>

2013/8/19 alex wright <wrightalexw at gmail.com>

> I put text in a box.  I click a button.  That text is transported to
> people across the globe.  Fucking people need to get over some UI shit.


I preferred it when I could do:

THIS


With only 1 button click.

And that it doesn't appear like '>'

And that my inbox state is the same on my windows box, linux box, vm's,
laptop, school/uni/office computer, grandmother's weird laptop, ancient Mac
boxes and my phone.

Hasn't been bad not having a single outage since forever either.

I tried setting up a mail_server_ once. That was fun. Haha. I'm even likely
to get spamfiltered when I send something. Great!

So, do I want to deal with the idiots at my ISP? Nah. Do I want to deal
with Google, which offer imap, pop3, whatever and webmail and also
everything I could wish for? Kinda!

I think we need to have an alternative to e-mail that takes the bullocks
out of it, and makes it properly distributed somehow. And then somehow
migrate everyone. Maybe make some
servers-that-are-also-bridges-to-the-evil-world-of-email.

If anybody is ever interested in the software I propose, e-mail me and we
can work on it. (the irony of discussing alternatives to e-mail over e-mail)

And regarding blackhatting all nooblet users, yeah I kinda think that's
actually a fairly legitimate argument. If only things went bad all the time
people would care more about security. Simplistic worldviews. If only they
were ever real.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2226 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/96befe06/attachment.txt>

From l at odewijk.nl  Mon Aug 19 16:44:31 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 20 Aug 2013 01:44:31 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
 <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
 <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>
 <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
Message-ID: <CAHWD2rJ1NcoSBwwf3CkhKcgD1YTkitBVF8FcG_fmywNXpPD5vg@mail.gmail.com>

2013/8/20 Steve Furlong <demonfighter at gmail.com>

> that email encryption is too difficult to set up and use or it means that
> most everyone is mostly too stupid.


The tools are just pretty damn stupid. I also hate it when the tools
(implicitly) tell the user "I'm about to do something complicated" or
"okay, now I'm performing magic". I understand it was hard for you to make
a GUI, don't make it hard for me to use. Please. I just wanna feel like I'm
in a sea of butterflies. And I want to adjust the butterflies if they don't
feel nice (iow: give me settings if I want them, else I just want to do
what I came for and don't complain to me about stuff I barely know. Or in
my case I actually know, but I know why users wouldn't ever get it. And for
me it's annoying too. Do I want a low grade of security? No. Do we (the dev
and I) know what's high and what's low grade? Yes. So why didn't the dev
default to choosing the secure option? Speed? Seriously? Wtf?)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1321 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/0510bb54/attachment.txt>

From ei8fdb at ei8fdb.org  Mon Aug 19 17:49:04 2013
From: ei8fdb at ei8fdb.org (Bernard Tyers - ei8fdb)
Date: Tue, 20 Aug 2013 01:49:04 +0100
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5212B1F6.3090103@lne.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
 <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
 <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>
 <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
 <5212B1F6.3090103@lne.com>
Message-ID: <C6E9D3E7-CC40-45C9-9C85-9B56C33854A3@ei8fdb.org>

On 20 Aug 2013, at 01:01, Eric Murray <ericm at lne.com> wrote:

> On 08/19/2013 03:54 PM, Steve Furlong wrote:
>> . I still haven't figured out whether that means that email encryption is too difficult to set up and use or it means that most everyone is mostly too stupid.
> 
> Matt Blaze posted a tweet that's appropos yesterday:
> 
> "anyone who thinks users who misunderstand technology don't "deserve" privacy doesn't "deserve" to be a security engineer."

[I guess you're jokign Steve, but I'll kinda bite :)]

(At the risk of being flamed…actually, fuck it..)

He is damn fucking right. He posted the following a few minutes before:

"Small silver lining in NSA revelations: hardly anyone's carping that those who can't figure out crypto apps don't "deserve" privacy anymore."

Users are not idiots - they do not focus on this because it is hard. If* there is stupidity, it's the security engineers who develop tools that people can't use.  

Security people need to understand their ultimate goal is to get tools they build (and build damn well for the most part) into the hands of people, real people. I know this is 

The majority of people (Yes! None crypto-technology focused people too!) don't see crypto as a goal - they see using their software as a tool to task to succeeding their goal - sending the e-mail, receiving the SMS. Security and crypto should be by default.

Steve, to start your reading:

http://hornbeam.cs.ucl.ac.uk/hcs/people/documents/Angela%20Publications/1999/p40-adams.pdf
http://www.gaudior.net/alma/MakingSecurityUsable.pdf
http://www.cs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Encrypt/OReilly.pdf

include http://www.computer.org/portal/web/computingnow/securityandprivacy

If there is anything positive to come out of all this it's two things: non-security peopel realising those "nerds" can help, and security grasping the realisation that they need people too.

Talk to people. Find out what it is they need to accomplish and help them do it securely and privately. You'd be amazed how much it'll do.

Bernard

* Not something that I think will contribute to the overall conversation.
--------------------------------------
Bernard / bluboxthief / ei8fdb

IO91XM / www.ei8fdb.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/d6ecb53d/attachment.sig>

From me at staticsafe.ca  Tue Aug 20 05:43:56 2013
From: me at staticsafe.ca (staticsafe)
Date: Tue, 20 Aug 2013 08:43:56 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <52135DE3.70203@pencil.allmail.net>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
 <20130819164436.GC19173@uriel.asininetech.com>
 <52135DE3.70203@pencil.allmail.net>
Message-ID: <20130820124356.GB9448@uriel.asininetech.com>

On Tue, Aug 20, 2013 at 02:15:31PM +0200, Moon Jones wrote:
> On 19.08.2013 18:44, staticsafe wrote:
> >The biggest problem being spam. We need to educate typical e-mail users
> >about e-mail hygiene and spam fighting.
> 
> What do you mean by «e-mail hygiene» and «spam fighting»?

E-mail hygiene:
- Using aliases for every company you deal with, or using recipient
  delimiters like "+" so it is easier to find out which company sold you
  out.
- Exercise more caution when handing out your "primary" address
- Avoid services that like to spam your addressbook (see: LinkedIn etc.)

Spam fighting:
- Using DNSBLs to cut down on the crap
- Training spamassassin's DB with ham and spam.
- Enact rate limiting policies so that a compromised account can only do
  limited amount of damage.


-- 
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post.
Please don't CC! I'm subscribed to whatever list I just posted on.




From bill.stewart at pobox.com  Tue Aug 20 09:04:04 2013
From: bill.stewart at pobox.com (Bill Stewart)
Date: Tue, 20 Aug 2013 09:04:04 -0700
Subject: Freedom Hosting Owner Arrested, Tormail Compromised,
 Malicious JS Discovered
In-Reply-To: <1667278.03mGxC4lYX@laptosid>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <1376330801.10168.1.camel@anglachel>
 <520BBB8C.5040009@virtadpt.net> <1667278.03mGxC4lYX@laptosid>
Message-ID: <20130821035913.D147DD458@a-pb-sasl-quonix.pobox.com>


> > > Remember, TSR sends drugs *through the mail*. You can't
> > > successfully *mail* enough drugs for the NSA/DEA to care.
> >
> > The NSA?  Probably not, no.  The DEA?  Most definitely.  Trafficking
> > and shipping of drugs from point 'a' to points elsewhere are a part of
> > their mission.
>
>I like the idea of DEA's mission being traficking of drugs, well played, Sir.
>;)

No, no, no, trafficking the drugs has traditionally been a CIA job.




From rysiek at hackerspace.pl  Tue Aug 20 00:58:34 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 20 Aug 2013 09:58:34 +0200
Subject: Changing IP address to access public website ruled violation of US law
Message-ID: <2720294.KleNO5h4bA@laptosid>

Hi there,

You have probably already heard about that, but... Changing IP address to 
access public website ruled violation of US law:

http://arstechnica.com/tech-policy/2013/08/changing-ip-address-to-access-public-website-ruled-violation-of-us-law/

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/36d83925/attachment.sig>

From rsw at jfet.org  Tue Aug 20 08:44:21 2013
From: rsw at jfet.org (Riad S. Wahby)
Date: Tue, 20 Aug 2013 11:44:21 -0400
Subject: Groklaw shuts down
Message-ID: <20130820154421.GA18516@antiproton.jfet.org>

http://www.groklaw.net/article.php?story=20130818120421175

    " My personal decision is to get off of the Internet to the degree
    it's possible. I'm just an ordinary person. But I really know, after
    all my research and some serious thinking things through, that I
    can't stay online personally without losing my humanness, now that I
    know that ensuring privacy online is impossible. I find myself
    unable to write. I've always been a private person. That's why I
    never wanted to be a celebrity and why I fought hard to maintain
    both my privacy and yours. "

-=rsw




From demonfighter at gmail.com  Tue Aug 20 09:13:08 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Tue, 20 Aug 2013 12:13:08 -0400
Subject: Groklaw shuts down
In-Reply-To: <20130820154421.GA18516@antiproton.jfet.org>
References: <20130820154421.GA18516@antiproton.jfet.org>
Message-ID: <CAOFDsm3cLKJ3guXS6A+BMFoYuQrDUd7S5cv6=mMXnfFviTJmrQ@mail.gmail.com>

On Tue, Aug 20, 2013 at 11:44 AM, Riad S. Wahby <rsw at jfet.org> wrote:

> http://www.groklaw.net/article.php?story=20130818120421175
>
>     " My personal decision is to get off of the Internet to the degree
>     it's possible. ... now that I
>     know that ensuring privacy online is impossible.


Well, nuts. I'd been thinking that one unintended consquence of the
revelation of the snoops' snooping is that thoughtful, serious people would
get off the internet, or at least stop putting content on the internet. And
here we have confirmation, like an hour after I had that thought. Thus the
government impoverishes us all. Again.

Meanwhile, brainless chatterboxes will continue to spatter their lives all
over Facebook and clamor for more location-enabled apps for their phones.

-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1451 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/23753393/attachment.txt>

From jya at pipeline.com  Tue Aug 20 09:32:00 2013
From: jya at pipeline.com (John Young)
Date: Tue, 20 Aug 2013 12:32:00 -0400
Subject: Groklaw shuts down
In-Reply-To: <20130820154421.GA18516@antiproton.jfet.org>
References: <20130820154421.GA18516@antiproton.jfet.org>
Message-ID: <E1VBoqW-0002Sm-Ho@elasmtp-curtail.atl.sa.earthlink.net>

To each his/her own escapism. These voluntary shutdowns
are not the way to go for the authorities really really like that.

Nor expecting to give or receive digital or analogue security
and privacy beyond one's own capability to verify or endure
the consequences. That is not limited to communications between
misconfigured androids who wonder where the hell did
that admission of defeat come from. Why it came from
the birth chip of mortality, dear.

No matter, the security hustlers are never going away
for good, only to reappear in new disguises of law,
religion, politics, frock, cape, code, retreat in another
direction, feint, trick, cheat, cry crocodile tears, cash in
the scam, go to the dark side to move up from public service
panhandling to fleecing baaramewes.

Keeping secret about this security skinning alive is the
price of entry to the gold vault. That is why privacy
policies and anonymizing services are so misleading.

Bluntly, anybody who peddles security is a cheat.
Those withdraw it are worse.





At 11:44 AM 8/20/2013, you wrote:
>http://www.groklaw.net/article.php?story=20130818120421175
>
>     " My personal decision is to get off of the Internet to the degree
>     it's possible. I'm just an ordinary person. But I really know, after
>     all my research and some serious thinking things through, that I
>     can't stay online personally without losing my humanness, now that I
>     know that ensuring privacy online is impossible. I find myself
>     unable to write. I've always been a private person. That's why I
>     never wanted to be a celebrity and why I fought hard to maintain
>     both my privacy and yours. "
>
>-=rsw





From demonfighter at gmail.com  Tue Aug 20 09:59:13 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Tue, 20 Aug 2013 12:59:13 -0400
Subject: Changing IP address to access public website ruled violation of
 US law
In-Reply-To: <2720294.KleNO5h4bA@laptosid>
References: <2720294.KleNO5h4bA@laptosid>
Message-ID: <CAOFDsm1KgSm0bPMr=XVO2GtdQH3DEJZxxyc2KGS6N2XxJ-aOSQ@mail.gmail.com>

On Tue, Aug 20, 2013 at 3:58 AM, rysiek <rysiek at hackerspace.pl> wrote:

> Hi there,
>
> You have probably already heard about that, but... Changing IP address to
> access public website ruled violation of US law:
>
>
> http://arstechnica.com/tech-policy/2013/08/changing-ip-address-to-access-public-website-ruled-violation-of-us-law/
>

>From the EFF's remark at the bottom of the article:

"Without this change, the government could've prosecuted everyday Americans
for violating low-level terms of service violations... In short, everyone
would be a criminal, leaving it up to the government to decide when and
where to bring down the hammer."

Ding-ding-ding-ding-ding!

-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1345 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/d9dcda85/attachment.txt>

From sina at redteam.io  Tue Aug 20 13:34:25 2013
From: sina at redteam.io (SiNA Rabbani)
Date: Tue, 20 Aug 2013 13:34:25 -0700
Subject: David and Glenn in Berlin
In-Reply-To: <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <5213B55B.7010509@redteam.io>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
Message-ID: <CAA8U0RSnFEWfWa5fwoF6pEna3T+A12ajUOf-2dd1BQtVo=KB6g@mail.gmail.com>

It is a shame, indeed!
On Aug 20, 2013 1:23 PM, "grarpamp" <grarpamp at gmail.com> wrote:

> > T word
>
> The word is TERRORIST aka: criminal.
> A shame that some words cannot be said or
> that some cannot say them.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 469 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/e52b2650/attachment.txt>

From mjones at pencil.allmail.net  Tue Aug 20 05:15:31 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 14:15:31 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130819164436.GC19173@uriel.asininetech.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
 <20130819164436.GC19173@uriel.asininetech.com>
Message-ID: <52135DE3.70203@pencil.allmail.net>

On 19.08.2013 18:44, staticsafe wrote:
> The biggest problem being spam. We need to educate typical e-mail users
> about e-mail hygiene and spam fighting.

What do you mean by «e-mail hygiene» and «spam fighting»?




From mjones at pencil.allmail.net  Tue Aug 20 05:18:42 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 14:18:42 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <7753449.v5aJnrzhsU@laptosid>
References: <7753449.v5aJnrzhsU@laptosid>
Message-ID: <52135EA2.9050103@pencil.allmail.net>

On 18.08.2013 23:48, rysiek wrote:
> I facepalmed so hard I could cry. It's Stockholm Syndrome if I ever saw one.
> "GMail fucks us in the arse, so let's ask them politely to use some
> lubricant".

HOW does «GMail fucks us in the arse»? Please expand.




From mjones at pencil.allmail.net  Tue Aug 20 05:22:09 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 14:22:09 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <7753449.v5aJnrzhsU@laptosid>
References: <7753449.v5aJnrzhsU@laptosid>
Message-ID: <52135F71.9080809@pencil.allmail.net>

On 18.08.2013 23:48, rysiek wrote:
> I happen to be on Avaaz's info distribution list,

Weird. «Happen to be» sounds like you were waiting for a bus and 
overhearing a talk behind you.

> My question is: does *anybody* on this list have some kind of contact within
> Avaaz? I'd *love* to talk to them about it.

One of you does have a BIG problem. Either you are subscribed to some 
spam corporation with no way to contact them, or you are just using this 
list to raise awarness about some corporation by making others look for 
solutions for you. Or is it something else?




From mjones at pencil.allmail.net  Tue Aug 20 05:30:52 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 14:30:52 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <2189975.UDeXjrTKxJ@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid>
Message-ID: <5213617C.9000206@pencil.allmail.net>

On 18.08.2013 23:55, rysiek wrote:
> PRISM caused a ot of fear but now we can finally feel safe again --
> Google will encrypt all Google Drive storage with user-supplied keys:
> http://it.slashdot.org/story/13/08/16/239253/

I know slashdot does not generate articles. It only links to articles,
sometimes in a VERY misleading paragraph, than leaves some uninformed
geeks debate about the misleading text.

The article you most probably missed is some other place[1]

And the text supports that first paragraph of yours. But nothing of the
rest of your text.

> So our data will be perfectly safe with them, right? Right?.. ;)
>
> Seriously, though, this is very, very bad for us. Normals will point
> to that and say "hey, Google does the Right Thing and we can be safe
> there, so we should all use Google now. They have encryption and
> stuff."

Could you expand on «this is very, very bad for us»?

[1]
http://www.itworld.com/cloud-computing/369304/google-encrypt-cloud-storage-data-default




From rysiek at hackerspace.pl  Tue Aug 20 05:52:25 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 20 Aug 2013 14:52:25 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <5213617C.9000206@pencil.allmail.net>
References: <2189975.UDeXjrTKxJ@laptosid> <5213617C.9000206@pencil.allmail.net>
Message-ID: <1391057.GVGtPiW13a@laptosid>

Dnia wtorek, 20 sierpnia 2013 14:30:52 Moon Jones pisze:
> On 18.08.2013 23:55, rysiek wrote:
> > PRISM caused a ot of fear but now we can finally feel safe again --
> > Google will encrypt all Google Drive storage with user-supplied keys:
> > http://it.slashdot.org/story/13/08/16/239253/
> 
> I know slashdot does not generate articles. It only links to articles,
> sometimes in a VERY misleading paragraph, than leaves some uninformed
> geeks debate about the misleading text.
> 
> The article you most probably missed is some other place[1]
> 
> And the text supports that first paragraph of yours. But nothing of the
> rest of your text.

Humm, true. Not Google Drive, but Google Cloud Storage. My bad.

> > So our data will be perfectly safe with them, right? Right?.. ;)
> > 
> > Seriously, though, this is very, very bad for us. Normals will point
> > to that and say "hey, Google does the Right Thing and we can be safe
> > there, so we should all use Google now. They have encryption and
> > stuff."
> 
> Could you expand on «this is very, very bad for us»?

Well, if it's the developer-oriented GCS, not Google Drive, it's just a bit 
less bad for us.

Thing is, this encryption scheme (in which, from what I read, Google has 
access to "master keys" and has the technical ability to decrypt data once 
it's subpoenad) brings no additional safety to users. It sounds great ("we 
support encryption! and we're doing it with several keys! that has to be safe, 
eh?"), but it does effectively nothing to actually protect users and their 
data from PRISM and similar programmes.

And that means it will be this harder for us to explain why this is a bad 
scheme ("wait, you're saying encryption is evil? now I am confused!") and why 
people should use other methods of protecting their privacy and their data.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/89e0ddc4/attachment.sig>

From rysiek at hackerspace.pl  Tue Aug 20 06:32:35 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 20 Aug 2013 15:32:35 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <52135EA2.9050103@pencil.allmail.net>
References: <7753449.v5aJnrzhsU@laptosid> <52135EA2.9050103@pencil.allmail.net>
Message-ID: <3916294.bbjaUUOBuG@laptosid>

Dnia wtorek, 20 sierpnia 2013 14:18:42 Moon Jones pisze:
> On 18.08.2013 23:48, rysiek wrote:
> > I facepalmed so hard I could cry. It's Stockholm Syndrome if I ever saw
> > one. "GMail fucks us in the arse, so let's ask them politely to use some
> > lubricant".
> 
> HOW does «GMail fucks us in the arse»? Please expand.

By introducing policies that are disruptive to legitimate activities. Why they 
are disruptive? Because GMail is being used by a huge part of e-mail users.

I am not assuming malice on Google's part, at least not in this particular 
context. But the real problem here is not that the policy is being introduced, 
it's that of centralisation and overly broad de facto control Google has over 
(in this case) e-mail communication.

Had such a centralisation not occured, there would be no serious problem. One 
of the providers introduces such policies? Fine, whatever, they have a few 
percent of users at the most, we can live with that. And users can switch, no 
problemo.

However, with GMail having such a huge slice of the pie, they can literally 
make or break organisations like Avaaz.

And the right way to deal with that is at least telling the users "look, the 
problem is related to centralisation, considering moving to a different mail 
provider would be a good idea".

Instead, what we get is "please, dear users, play according to rules set by 
this behemoth that can do with e-mail whatever the hell it wants". Hence my 
(overly ribald for some, as it turns out) metaphor.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/4c5ba5bd/attachment.sig>

From rysiek at hackerspace.pl  Tue Aug 20 06:41:14 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 20 Aug 2013 15:41:14 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <52135F71.9080809@pencil.allmail.net>
References: <7753449.v5aJnrzhsU@laptosid> <52135F71.9080809@pencil.allmail.net>
Message-ID: <4241288.YMACrrPFez@laptosid>

Dnia wtorek, 20 sierpnia 2013 14:22:09 Moon Jones pisze:
> On 18.08.2013 23:48, rysiek wrote:
> > I happen to be on Avaaz's info distribution list,
> 
> Weird. «Happen to be» sounds like you were waiting for a bus and
> overhearing a talk behind you.

Or, I am just using a figure of speech.

I could have used "once upon a time in a galaxy far, far away I have 
apparently signed up for"; or "I must've been drunk, as I don't remember 
signing-up, but it must've sounded like a good idea back then"; or "as a 
strong supporter of Avaaz I look forward to each and every single one of their 
magnificent mailings".

For no particular reason I have happened to chose this particular figure of 
speech, however.
/ see what I did just there? ;) /

> > My question is: does *anybody* on this list have some kind of contact
> > within Avaaz? I'd *love* to talk to them about it.
> 
> One of you does have a BIG problem. Either you are subscribed to some
> spam corporation with no way to contact them, or you are just using this
> list to raise awarness about some corporation by making others look for
> solutions for you. Or is it something else?

Or, I'm just asking on a pretty technical mailing list if anybody has any 
contact to an organisation that brushes shoulders with techies on a regular 
basis, which I would like to contact.

I found many, many times that such a strategy is not problematic to other list 
members while offering decent probability of success. If it has caused you any 
distress or anguish, I apologise with utmost sincerity.

Please note that the "contact info" question was just "by the way", and had I 
not gotten the idea to ask that question I would have sent ("I would have 
happened to send"?) my e-mail either way (granted, with a bit different 
ending).

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/ef9ed859/attachment.sig>

From grarpamp at gmail.com  Tue Aug 20 13:14:39 2013
From: grarpamp at gmail.com (grarpamp)
Date: Tue, 20 Aug 2013 16:14:39 -0400
Subject: David and Glenn in Berlin
In-Reply-To: <5213B55B.7010509@redteam.io>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <5213B55B.7010509@redteam.io>
Message-ID: <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>

> T word

The word is TERRORIST aka: criminal.
A shame that some words cannot be said or
that some cannot say them.




From eugen at leitl.org  Tue Aug 20 07:15:25 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 20 Aug 2013 16:15:25 +0200
Subject: [cryptography] open letter to Phil Zimmermann and Jon Callas of
 Silent Circle, re: Silent Mail shutdown
Message-ID: <20130820141525.GZ29404@leitl.org>

----- Forwarded message from Zooko Wilcox-OHearn <zooko at leastauthority.com> -----


From eugen at leitl.org  Tue Aug 20 07:34:58 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 20 Aug 2013 16:34:58 +0200
Subject: [cryptography] Reply to Zooko (in Markdown)
Message-ID: <20130820143458.GA29404@leitl.org>

----- Forwarded message from Jon Callas <jon at callas.org> -----


From gfoster at entersection.org  Tue Aug 20 15:29:46 2013
From: gfoster at entersection.org (Gregory Foster)
Date: Tue, 20 Aug 2013 17:29:46 -0500
Subject: [drone-list] German activists drone NSA complex
Message-ID: <mailman.4437.1575949051.62801.testlist@lists.cpunks.org>

A Parrot AR.Drone sortie over a German NSA complex from a nearby
activist picnic last month.

YouTube (Jul 22) - "Dagger Complex - Directors Cut":
http://www.youtube.com/watch?v=SOjJ3BM1pt0

via @marymad,
gf

-- 
Gregory Foster || gfoster at entersection.org
@gregoryfoster <> http://entersection.com/
--
Want to unsubscribe? Want to receive a weekly digest instead of daily emails? Change your preferences:  https://mailman.stanford.edu/mailman/listinfo/drone-list  or email companys at stanford.edu

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From tedks at riseup.net  Tue Aug 20 14:34:00 2013
From: tedks at riseup.net (Ted Smith)
Date: Tue, 20 Aug 2013 17:34:00 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5213DABF.9090308@pencil.allmail.net>
References: <7753449.v5aJnrzhsU@laptosid>
 <52135EA2.9050103@pencil.allmail.net> <3916294.bbjaUUOBuG@laptosid>
 <5213DABF.9090308@pencil.allmail.net>
Message-ID: <1377034440.27382.22.camel@anglachel>

On Tue, 2013-08-20 at 23:08 +0200, Moon Jones wrote:
> Than they should break Avaaz.
> 
> If one company depends so much on another, than you can call the first
> one a parasyte. If it's existence depends on Google, than they should
> ask nicely and maybe forward a nice sum of money. Or they have quite
> some nerve to try to impose rules from the position of parasyte.
> 
> Hopefuly for you their niche might be filled afterwards by a company
> that can stand on its own.

Avaaz depends on Google delivering all mail sent to the user to the
user. Possibly modulo unsolicited or "spam" mail.

In a similar sense, Google could break this list, by censoring it on
Gmail. Should it do that?

Any infrastructure provider can break any company or organization that
uses its infrastructure. But we expect infrastructure to be fair.

FYI, Avaaz is a liberal activist group. They send people who sign up
with them various petitions to sign or campaigns to donate to. If their
emails are shunted into a "bulk mailings" folder, then they'll be
effectively crippled.

-- 
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/5c334115/attachment.sig>

From rich at openwatch.net  Tue Aug 20 18:03:39 2013
From: rich at openwatch.net (Rich Jones)
Date: Tue, 20 Aug 2013 18:03:39 -0700
Subject: no encryption even worse? (Re: Groklaw shuts down)
In-Reply-To: <20130821005102.GB12063@netbook.cypherspace.org>
References: <20130820154421.GA18516@antiproton.jfet.org>
 <E1VBoqW-0002Sm-Ho@elasmtp-curtail.atl.sa.earthlink.net>
 <20130821005102.GB12063@netbook.cypherspace.org>
Message-ID: <CADJYzxK56ZwUi+N0yq7gvwr0=itQxWRtZFOdK5eSUvHqocMoCA@mail.gmail.com>

I think the point that they're making is that one communicates differently
when one knows the line is tapped. Better self censorship than blabbering
with delusions of security. This isn't a philosophy which I personally
agree with, but I believe this was their intention.


On Tue, Aug 20, 2013 at 5:51 PM, Adam Back <adam at cypherspace.org> wrote:

> On Tue, Aug 20, 2013 at 12:32:00PM -0400, John Young wrote:
>
>> Bluntly, anybody who peddles security is a cheat.
>> Those withdraw it are worse.
>>
>
> I was thinking something like that about the silent circle shutdown.  It
> seems to me their problem case was the mail in (they would be encrypting
> that to the user PGP key or equivalent, after sender optional use of SSL to
> deliver it to them).  So would not a more sensible change be to disable
> mail in?  So then only silent circle users could encrypt messages to each
> other.  Even that would add pressure to other users to also get a silent
> circle account and so be a business advantage.
>
> Puzzlingly spun "to protect our users privacy we removed their encryption
> feature" - so they'll probably send it plaintext instead, great.
>
> Adam
>



-- 
—————————————

Rich Jones
*
OpenWatch* is a global investigative network using mobile technology to
build a more transparent world. Download OpenWatch for
iOS<https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8>and
for
Android<https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en>
!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2749 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/c0b58e42/attachment.txt>

From rysiek at hackerspace.pl  Tue Aug 20 09:10:18 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 20 Aug 2013 18:10:18 +0200
Subject: Groklaw shuts down
In-Reply-To: <20130820154421.GA18516@antiproton.jfet.org>
References: <20130820154421.GA18516@antiproton.jfet.org>
Message-ID: <9910929.HDQIEYpzDO@laptosid>

Dnia wtorek, 20 sierpnia 2013 11:44:21 Riad S. Wahby pisze:
>     " My personal decision is to get off of the Internet to the degree
>     it's possible. I'm just an ordinary person. But I really know, after
>     all my research and some serious thinking things through, that I
>     can't stay online personally without losing my humanness, now that I
>     know that ensuring privacy online is impossible. I find myself
>     unable to write. I've always been a private person. That's why I
>     never wanted to be a celebrity and why I fought hard to maintain
>     both my privacy and yours. "

This is a dark, dark day.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/149bc24c/attachment.sig>

From sina at redteam.io  Tue Aug 20 11:28:43 2013
From: sina at redteam.io (SiNA Rabbani)
Date: Tue, 20 Aug 2013 18:28:43 +0000
Subject: David and Glenn in Berlin
In-Reply-To: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
Message-ID: <5213B55B.7010509@redteam.io>

Amazing, how close these T word people get to the heads of the states.

--SiNA

Sylvia Ganush:
> After all, the UK were right to suspect David Miranda, Glenn Greenwald's
> honey, of terrorism. While in Berlin the pair infiltrated the
> President's innermost security perimiter. Look at this photo:
> 
> http://www.flickr.com/photos/whitehouse/9314671291/lightbox/
> 
> David is checking out the Inspire magazine on his laptop, as Glenn is
> fixing wires to a pressure cooker. If this is not a terror plot, I don't
> know what is.
> 
> Sylvia
> 


-- 
“Be the change you want to see in the world.” Gandhi




From eugen at leitl.org  Tue Aug 20 09:45:05 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 20 Aug 2013 18:45:05 +0200
Subject: [cryptography] LeastAuthority.com announces PRISM-proof storage
 service
Message-ID: <20130820164505.GI29404@leitl.org>

----- Forwarded message from ianG <iang at iang.org> -----


From rysiek at hackerspace.pl  Tue Aug 20 10:34:00 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 20 Aug 2013 19:34 +0200
Subject: Changing IP address to access public website ruled violation of
 US law
In-Reply-To: <CAOFDsm1KgSm0bPMr=XVO2GtdQH3DEJZxxyc2KGS6N2XxJ-aOSQ@mail.gmail.com>
References: <2720294.KleNO5h4bA@laptosid>
 <CAOFDsm1KgSm0bPMr=XVO2GtdQH3DEJZxxyc2KGS6N2XxJ-aOSQ@mail.gmail.com>
Message-ID: <5104421.0o5SqqbzEd@laptosid>

Dnia wtorek, 20 sierpnia 2013 12:59:13 Steve Furlong pisze:
> On Tue, Aug 20, 2013 at 3:58 AM, rysiek <rysiek at hackerspace.pl> wrote:
> > Hi there,
> > 
> > You have probably already heard about that, but... Changing IP address to
> > access public website ruled violation of US law:
> > 
> > 
> > http://arstechnica.com/tech-policy/2013/08/changing-ip-address-to-access-p
> > ublic-website-ruled-violation-of-us-law/
> From the EFF's remark at the bottom of the article:
> 
> "Without this change, the government could've prosecuted everyday Americans
> for violating low-level terms of service violations... In short, everyone
> would be a criminal, leaving it up to the government to decide when and
> where to bring down the hammer."
> 
> Ding-ding-ding-ding-ding!

"Give me a man and I shall find a law", or whatever was the original quote.

This is very on-topic:
http://www.youtube.com/watch?v=9f0sBA61L0Y

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130820/f8a1565e/attachment.sig>

From grarpamp at gmail.com  Tue Aug 20 16:56:34 2013
From: grarpamp at gmail.com (grarpamp)
Date: Tue, 20 Aug 2013 19:56:34 -0400
Subject: Google to encrypt cloud storage
In-Reply-To: <2179730.2kOoFUiG1s@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid>
 <CAD2Ti28zFkSFtpo=F3t1OgGywWJRhHPgtJhq8srkm2kj3iLQRQ@mail.gmail.com>
 <5213EBFD.6040701@pencil.allmail.net> <2179730.2kOoFUiG1s@laptosid>
Message-ID: <CAD2Ti2-vaiY_fU26LBpzPy2STvbxhbQ8ucU-8pxY5w7OOQrfFw@mail.gmail.com>

>> They use XMPP and they allow connections from outside their network.
>> ...
>> In most ways they are way ahead of the competition.

> How gracious of them!

No, that is old model. Yet how ahead and gracious are the punks?


imap4[s only], submission[starttls only], transport smtp[s preferred,
and fixed keyed amongst peers], nothing asked for but username and
password, allow connections from anywhere including Tor, simple
documentation for the user (thunderbird, mutt, outlook, openpgp,
enigmail, ...)

The demand for these things is very high right now.
You don't need to offer webmail.
The setup is not hard.
There could be 30 new mail providers running around the globe in
three months.
All of them teaching the user how to encrypt, exactly where
it belongs.

And that's just for simple mail, a big win, even without resorting
to more exotic http://prism-break.org/ systems.

>>> This matter is very relevant to me. I believe if somebody is saying "we offer
>>> encryption", the encryption should be actually, you know, protecting the data.
>>> ...
>>> No. Google SHOULD provide safe, privacy-aware services and encryption that
>>> actually truly protects the data, or at least not claim to do so

Unless it is the user who keeps and manages their own keys, no
service with any 'offer of encryption that actually protects' can
ever be true. Services are classed by who manages the keys. Any
service that manages keys on behalf of the user and claims to offer
protection is nothing more than a false marketing SCAM.

Unfortunately, people keep buying the bullshit.


Offering at least a little less bullshit can also make you rich
(leastauthority.com, rsync.net, etc).




From mjones at pencil.allmail.net  Tue Aug 20 13:15:31 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 22:15:31 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130820124356.GB9448@uriel.asininetech.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
 <20130819164436.GC19173@uriel.asininetech.com>
 <52135DE3.70203@pencil.allmail.net>
 <20130820124356.GB9448@uriel.asininetech.com>
Message-ID: <5213CE63.4020904@pencil.allmail.net>

On 20.08.2013 14:43, staticsafe wrote:
> On Tue, Aug 20, 2013 at 02:15:31PM +0200, Moon Jones wrote:
>> On 19.08.2013 18:44, staticsafe wrote:
>>> The biggest problem being spam. We need to educate typical e-mail users
>>> about e-mail hygiene and spam fighting.
>>
>> What do you mean by «e-mail hygiene» and «spam fighting»?
>
> E-mail hygiene:
> - Using aliases for every company you deal with, or using recipient
>    delimiters like "+" so it is easier to find out which company sold you
>    out.
> - Exercise more caution when handing out your "primary" address
> - Avoid services that like to spam your addressbook (see: LinkedIn etc.)
>
> Spam fighting:
> - Using DNSBLs to cut down on the crap
> - Training spamassassin's DB with ham and spam.
> - Enact rate limiting policies so that a compromised account can only do
>    limited amount of damage.

Oops. My bad.

Than what do you mean by «typical e-mail user»?




From mjones at pencil.allmail.net  Tue Aug 20 14:08:15 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 23:08:15 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <3916294.bbjaUUOBuG@laptosid>
References: <7753449.v5aJnrzhsU@laptosid>
 <52135EA2.9050103@pencil.allmail.net> <3916294.bbjaUUOBuG@laptosid>
Message-ID: <5213DABF.9090308@pencil.allmail.net>

On 20.08.2013 15:32, rysiek wrote:
> Dnia wtorek, 20 sierpnia 2013 14:18:42 Moon Jones pisze:
>> On 18.08.2013 23:48, rysiek wrote:
>>> I facepalmed so hard I could cry. It's Stockholm Syndrome if I
>>> ever saw one. "GMail fucks us in the arse, so let's ask them
>>> politely to use some lubricant".
>>
>> HOW does «GMail fucks us in the arse»? Please expand.
>
> By introducing policies that are disruptive to legitimate activities.
> Why they are disruptive? Because GMail is being used by a huge part
> of e-mail users.

What do you mean by «legitimate»? And second what do you mean by
«legitimate activities»?

> I am not assuming malice on Google's part, at least not in this
> particular context. [...]

My bad. For me English is a second language. But «fucks us in the arse»
implies a deliberate act. I see your domain is from Poland, which is
quite a backward country when it comes to anything people do, yet a pope
disaproves. Meaning anal sex, heterosexual, homosexual or plain
masturbation is a very very bad thing to do. I might be wrong, but in
this context «GMail fucks us in the arse» implies at least malice. Yet
now you write «I am not assuming malice on Google's part». Help me
understand.

> Had such a centralisation not occured, there would be no serious
> problem. One of the providers introduces such policies? Fine,
> whatever, they have a few percent of users at the most, we can live
> with that. And users can switch, no problemo.

How can anybody draw the line? It's fine as long as they are under an
arbitrary value set by WHOM, but it's wrong after that?

> However, with GMail having such a huge slice of the pie, they can
> literally make or break organisations like Avaaz.

Than they should break Avaaz.

If one company depends so much on another, than you can call the first
one a parasyte. If it's existence depends on Google, than they should
ask nicely and maybe forward a nice sum of money. Or they have quite
some nerve to try to impose rules from the position of parasyte.

Hopefuly for you their niche might be filled afterwards by a company
that can stand on its own.

> And the right way to deal with that is at least telling the users
> "look, the problem is related to centralisation, considering moving
> to a different mail provider would be a good idea".

Don't you think that is for the people to decide?

> Instead, what we get is "please, dear users, play according to rules
> set by this behemoth that can do with e-mail whatever the hell it
> wants". Hence my (overly ribald for some, as it turns out) metaphor.

Because they way you expressed it, as I have no idea what Avaaz is or
does, they are a puny corporation living from Google's leftovers. 
Meaning Google does a good thing for their users.




From mjones at pencil.allmail.net  Tue Aug 20 14:18:56 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Tue, 20 Aug 2013 23:18:56 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <4241288.YMACrrPFez@laptosid>
References: <7753449.v5aJnrzhsU@laptosid>
 <52135F71.9080809@pencil.allmail.net> <4241288.YMACrrPFez@laptosid>
Message-ID: <5213DD40.9040100@pencil.allmail.net>

On 20.08.2013 15:41, rysiek wrote:
> Dnia wtorek, 20 sierpnia 2013 14:22:09 Moon Jones pisze:
>> On 18.08.2013 23:48, rysiek wrote:
>>> I happen to be on Avaaz's info distribution list,
>>
>> Weird. «Happen to be» sounds like you were waiting for a bus and
>> overhearing a talk behind you.
>
> Or, I am just using a figure of speech.

A figure of speech meaning what than? Shouldn't communication make thing 
clear?

>> One of you does have a BIG problem. Either you are subscribed to some
>> spam corporation with no way to contact them, or you are just using this
>> list to raise awarness about some corporation by making others look for
>> solutions for you. Or is it something else?
>
> Or, I'm just asking on a pretty technical mailing list if anybody has any
> contact to an organisation that brushes shoulders with techies on a regular
> basis, which I would like to contact.

This list is a rather active one. It's in English so it's fair to assume 
even if they are not Americans, a good part of the subscribed members 
are from the States. As many people in the States live in New York, one 
might go ahead and ask for a good pizza place or for the average rent 
for one room appartments. Weird. I don't think that is appropiate. But I 
will not continue on this thread.

> I found many, many times that such a strategy is not problematic to other list
> members while offering decent probability of success. If it has caused you any
> distress or anguish, I apologise with utmost sincerity.

Please do not apologise. But notice that most unprofessional spammers 
also follow the same reasoning. «I thought someone might be interested» 
some say.




From mjones at pencil.allmail.net  Tue Aug 20 15:16:38 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 00:16:38 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <1391057.GVGtPiW13a@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid>
 <5213617C.9000206@pencil.allmail.net> <1391057.GVGtPiW13a@laptosid>
Message-ID: <5213EAC6.8090507@pencil.allmail.net>

On 20.08.2013 14:52, rysiek wrote:
>> Could you expand on «this is very, very bad for us»?
>
> Well, if it's the developer-oriented GCS, not Google Drive, it's just a bit
> less bad for us.

I have to admit I haven't even noticed what Google service was involved. 
Still, what's «bad» about it?

> Thing is, this encryption scheme (in which, from what I read, Google has
> access to "master keys" and has the technical ability to decrypt data once
> it's subpoenad) brings no additional safety to users.

But do they have the legal right not to hold those keys? Or this matter 
is irrelevant to you?

> It sounds great ("we
> support encryption! and we're doing it with several keys! that has to be safe,
> eh?"), but it does effectively nothing to actually protect users and their
> data from PRISM and similar programmes.


But that's not what they are saying.

> And that means it will be this harder for us to explain why this is a bad
> scheme ("wait, you're saying encryption is evil? now I am confused!") and why
> people should use other methods of protecting their privacy and their data.

Isn't it ironic? So Google SHOULD make things easier for you to tell 
people to use other services? Sounds like the new anti–gay legislation 
in Russia: making it easier for priests to preach homofobia.




From rysiek at hackerspace.pl  Tue Aug 20 15:19:11 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 00:19:11 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5213DABF.9090308@pencil.allmail.net>
References: <7753449.v5aJnrzhsU@laptosid> <3916294.bbjaUUOBuG@laptosid>
 <5213DABF.9090308@pencil.allmail.net>
Message-ID: <1601804.m5l9JQSDH5@laptosid>

OHAI,

Dnia wtorek, 20 sierpnia 2013 23:08:15 Moon Jones pisze:
> On 20.08.2013 15:32, rysiek wrote:
> > Dnia wtorek, 20 sierpnia 2013 14:18:42 Moon Jones pisze:
> >> On 18.08.2013 23:48, rysiek wrote:
> >>> I facepalmed so hard I could cry. It's Stockholm Syndrome if I
> >>> ever saw one. "GMail fucks us in the arse, so let's ask them
> >>> politely to use some lubricant".
> >> 
> >> HOW does «GMail fucks us in the arse»? Please expand.
> > 
> > By introducing policies that are disruptive to legitimate activities.
> > Why they are disruptive? Because GMail is being used by a huge part
> > of e-mail users.
> 
> What do you mean by «legitimate»? And second what do you mean by
> «legitimate activities»?

Not sure if troll, but oh-kay...

I mean "I have subscribed to their list; this list provides clearly marked and 
functional way of unsubscribing; thus, mail from this source is considered 
legitimate; and hence sending such mail by them is considered legitimate 
activity".

I'd say it's quite obvious, though.

> > I am not assuming malice on Google's part, at least not in this
> > particular context. [...]
> 
> My bad. For me English is a second language.

Same here.

> But «fucks us in the arse» implies a deliberate act.

Well, my bad. Should have been more clear there, I give you that.

I do attribute malice to Google with regard to several of their recent actions 
(the Jabber debacle and the anti Net Neutrality stance, for starters). With 
great power (and Google does have great power over the Internet right now, 
sadly) comes great responsibility; they *should* be aware of what effect their 
policies have on the rest of the Net.

And I would say, we should *expect* them to be aware of that. Even more -- I 
am quite sure they *are* aware. And hence, we're getting dangerously close to 
what could be described as malice: conscious decision to perform actions that 
are heavily detrimental to a lot of other entities with the only rationale 
being profit maximalisation.

I shall re-phrase, then:

"We are being fucked in the arse by GMail, so let's ask them politely to use 
some lubricant".

This version leaves about as much space for GMail doing that completely 
accidentally and without any knowledge nor awareness of the grave effects 
their action will have as I am willing to leave. I.e. some, but not that much.

> I see your domain is from Poland, which is
> quite a backward country when it comes to anything people do, yet a pope
> disaproves. Meaning anal sex, heterosexual, homosexual or plain
> masturbation is a very very bad thing to do. I might be wrong, but in
> this context «GMail fucks us in the arse» implies at least malice. Yet
> now you write «I am not assuming malice on Google's part». Help me
> understand.

I'm sorry, but I find your your comment right there borderline offensive.

>From the perspective of copyright reform debate[1] and Internet porn 
censorship debate[2] I could say that many other countries are extremely 
backwards with regard to some things (censorship, copyright, porn), bot that 
doesn't get us anywhere, does it.

[1] http://rys.io/en/70
[2] http://rys.io/en/109

Not to mention the unwarranted generalisation that "all Poles are <insert your 
observation>". That has some potential to backfire, after all there is a slim 
chance you could happen to be talking to an atheist[3]...

[3] http://rys.io/en/16

Also, the .io domain here might prove problematic to interpret in the context 
of your previous assumptions, I guess.

> > Had such a centralisation not occured, there would be no serious
> > problem. One of the providers introduces such policies? Fine,
> > whatever, they have a few percent of users at the most, we can live
> > with that. And users can switch, no problemo.
> 
> How can anybody draw the line? It's fine as long as they are under an
> arbitrary value set by WHOM, but it's wrong after that?

Well, as with *most* of important things in life, there is no precise border, 
crossing of which makes you a monopolist. But I guess we can all agree that if 
Avaaz sees that as a grave danger, that might be some indication.

> > However, with GMail having such a huge slice of the pie, they can
> > literally make or break organisations like Avaaz.
> 
> Than they should break Avaaz.
> 
> If one company depends so much on another, than you can call the first
> one a parasyte. If it's existence depends on Google, than they should
> ask nicely and maybe forward a nice sum of money. Or they have quite
> some nerve to try to impose rules from the position of parasyte.
> 
> Hopefuly for you their niche might be filled afterwards by a company
> that can stand on its own.

Okay, I think you didn't get the crux of the issue.

Avaaz, AFAIK, is *not* using Google's services to distribute mail. Their 
members/users/activists do for their personal accounts. It's not that Avaaz is 
*relying* on Google/GMail, it's that they have no say who delivers their mail 
to a huge part of their users/activists.

Also, it's not a company, it's an NGO.

> > And the right way to deal with that is at least telling the users
> > "look, the problem is related to centralisation, considering moving
> > to a different mail provider would be a good idea".
> 
> Don't you think that is for the people to decide?

You *do* see the difference between:

"look, the problem is related to centralisation, considering moving to a 
different mail provider would be a good idea"

...and...

"we demand you move to a different provider immediately"

...right?

> > Instead, what we get is "please, dear users, play according to rules
> > set by this behemoth that can do with e-mail whatever the hell it
> > wants". Hence my (overly ribald for some, as it turns out) metaphor.
> 
> Because they way you expressed it, as I have no idea what Avaaz is or
> does, they are a puny corporation living from Google's leftovers.
> Meaning Google does a good thing for their users.

Avaaz is ~20mln-strong civic organisation operating via on-line petitions to 
try and convince politicians to sometimes do the right thing. Instead of 
slandering them, you might want to educate yourself:
http://en.wikipedia.org/wiki/Avaaz

Yes, I should have provided the link in my first e-mail, I assumed that on 
this list Avaaz might be already known. See, everybody makes wrong assumptions 
from time to time.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/891c0720/attachment.sig>

From mjones at pencil.allmail.net  Tue Aug 20 15:21:49 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 00:21:49 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <CAD2Ti28zFkSFtpo=F3t1OgGywWJRhHPgtJhq8srkm2kj3iLQRQ@mail.gmail.com>
References: <2189975.UDeXjrTKxJ@laptosid> <4532732.EFXkRjH4gU@laptosid>
 <5212095E.3080707@disman.tl> <1588295.tBdiXPo2eh@laptosid>
 <CAD2Ti28zFkSFtpo=F3t1OgGywWJRhHPgtJhq8srkm2kj3iLQRQ@mail.gmail.com>
Message-ID: <5213EBFD.6040701@pencil.allmail.net>

On 19.08.2013 23:20, grarpamp wrote:
> With the same dev money Google could be funding open source projects
> like tahoelafs, p2p messaging, etc that put the keys in the hands of the user
> for easy use. Yet no, they compete against them. They're a business, they've
> become and catered to more corporate/gov base, that's normal, write around
> them and claim the user base.

Yet they not only support SMTP and IMAP4, but they give instructions on 
how to set up Mozilla Thunderbird. They use XMPP and they allow 
connections from outside their network. In most ways they are way ahead 
of the competition. To me it sounds pretty much like the GNU/Linux 
kernel development: make your project popular enough and conform to our 
coding structure and we're going to include it in the main tree. Fail to 
do so and you are free to develop patches and loadable modules.




From rysiek at hackerspace.pl  Tue Aug 20 15:40:09 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 00:40:09 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <5213EAC6.8090507@pencil.allmail.net>
References: <2189975.UDeXjrTKxJ@laptosid> <1391057.GVGtPiW13a@laptosid>
 <5213EAC6.8090507@pencil.allmail.net>
Message-ID: <1935644.0fJBDUe5PH@laptosid>

Dnia środa, 21 sierpnia 2013 00:16:38 Moon Jones pisze:
> On 20.08.2013 14:52, rysiek wrote:
> >> Could you expand on «this is very, very bad for us»?
> > 
> > Well, if it's the developer-oriented GCS, not Google Drive, it's just a
> > bit
> > less bad for us.
> 
> I have to admit I haven't even noticed what Google service was involved.
> Still, what's «bad» about it?

Explained it already 2 times, if anybody else asks, I'll be happy to do it for 
the third time.

> > Thing is, this encryption scheme (in which, from what I read, Google has
> > access to "master keys" and has the technical ability to decrypt data once
> > it's subpoenad) brings no additional safety to users.
> 
> But do they have the legal right not to hold those keys? Or this matter
> is irrelevant to you?

This matter is very relevant to me. I believe if somebody is saying "we offer 
encryption", the encryption should be actually, you know, protecting the data. 
As it stands now, the GCS encryptions doesn't protect the data from government 
snooping, from a rogue admin that has access to the master key, and probably 
from several other scenarios.

And the Google's rep saying "we do not provide the keys to the government" 
reeks of PR-speak and deception. Of course they do not provide the keys, they 
can simply provide the cleartext, de-ciphered first via the master key.

> > It sounds great ("we
> > support encryption! and we're doing it with several keys! that has to be
> > safe, eh?"), but it does effectively nothing to actually protect users
> > and their data from PRISM and similar programmes.
> 
> But that's not what they are saying.

They are saying they use encryption, and with several keys/levels. They are 
saying that during the whole PRISM debate heating up, a debate mind you that 
has Google among the NSA cooperators. They are even claiming they are not 
providing the keys to the government, so as to suggest even more strongly that 
they have cleaned up their act:

"A Google spokeswoman said via email the company does not provide encryption
 keys to any government and provides user data only in accordance with the
 law."

When in fact -- as far as PRISM-related stuff is concerned -- they have done 
anything but.

> > And that means it will be this harder for us to explain why this is a bad
> > scheme ("wait, you're saying encryption is evil? now I am confused!") and
> > why people should use other methods of protecting their privacy and their
> > data.
>
> Isn't it ironic? So Google SHOULD make things easier for you to tell
> people to use other services?

No. Google SHOULD provide safe, privacy-aware services and encryption that 
actually truly protects the data, or at least not claim to do so if they have 
no intention to.

Or, using your "let's turn the tables and see where that goes" method:
So Google CAN lie and deceive the users by claiming or suggesting to provide a 
level of service they have no intention of providing?

> Sounds like the new anti–gay legislation in Russia: making it easier for
> priests to preach homofobia.

Nicely done. I see we have a Schopenhauer admirer. "The Art of Being Right" is 
a great little book indeed:
http://en.wikipedia.org/wiki/The_Art_of_Being_Right

I'm just not sure if that's #8, #12 or #32. I'd go for #32, I guess.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/f8ddc908/attachment.sig>

From mjones at pencil.allmail.net  Tue Aug 20 15:44:59 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 00:44:59 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <1377034440.27382.22.camel@anglachel>
References: <7753449.v5aJnrzhsU@laptosid>
 <52135EA2.9050103@pencil.allmail.net> <3916294.bbjaUUOBuG@laptosid>
 <5213DABF.9090308@pencil.allmail.net> <1377034440.27382.22.camel@anglachel>
Message-ID: <5213F16B.5080603@pencil.allmail.net>

I realised that my last few hours were in defence of Google. I'm not. 
I'm just against the vocal minority forcing some third party to do 
something just because it feels right to that minority. So the talk is 
one based on principle.

On 20.08.2013 23:34, Ted Smith wrote:
> Avaaz depends on Google delivering all mail sent to the user to the
> user. Possibly modulo unsolicited or "spam" mail.

I used to have a Gmail account, a separate Youtube account and yet 
another for Picasa. They are all gone. And I can say it was qick and 
clean. Something I can't say even for sites perceived as good such as 
Ubuntu Forums.

But most webmail providers give some options. Such as do not make spam 
out of addresses that are in Contacts. Even those who don't offer this 
option explicitly, make malware links available far easier for people 
that I have in Contacts. One can also make sorting rules. A mail failing 
this most probably is spam. Even if the receiver doesn't feel that.

> In a similar sense, Google could break this list, by censoring it on
> Gmail. Should it do that?

Now that is something quite different. Do you feel it's about the same? 
How come?

> Any infrastructure provider can break any company or organization that
> uses its infrastructure. But we expect infrastructure to be fair.

Yes. Of course.

You see, I might be very upset with the contract I am given to sign by 
the power company. They [the company] say clauses are non negotiable, 
even if I feel they [the clauses] are abusive. My alternatives are to 
move in a different country or use solar panels and light the room with 
candles. Although very romantic in this eco concept, that might turn 
very expensive. So I feel having access to power is very important. And 
I am left with filing with the consumer protection agencies hoping 
enough people are bothered by those clauses.

On the other hand I can use Google or I can search a provider in India. 
I can use Vmail.me which is in France even if the name says Montenegro, 
and I can try Riseup which swear they won't give data, although the law 
specified they have to obey. And I do. I have accounts with all of them. 
In other words people stay with gmail because they like the server and 
don't care about what has been written in every newspaper in the so 
called Western world. It's not for me to decide for them, or I'd become 
some sort of Stalin. Today I rule what Google should do, tomorrow I am 
going to tell you what you should do.

> FYI, Avaaz is a liberal activist group. They send people who sign up
> with them various petitions to sign or campaigns to donate to. If their
> emails are shunted into a "bulk mailings" folder, then they'll be
> effectively crippled.

I didn't know that. Thank you for the information.

And yes, to me it sounds like a good idea what Google is said to be 
doing. Although I have my doubts Google targets anyone in particular. 
Finding a good site, reading about a good cause and getting involved 
seems like the thing to do. Bleeding people out of microsums that seem 
harmless on a huge scale usually helps the few full time employees and 
little more.




From rysiek at hackerspace.pl  Tue Aug 20 15:45:29 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 00:45:29 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <5213EBFD.6040701@pencil.allmail.net>
References: <2189975.UDeXjrTKxJ@laptosid>
 <CAD2Ti28zFkSFtpo=F3t1OgGywWJRhHPgtJhq8srkm2kj3iLQRQ@mail.gmail.com>
 <5213EBFD.6040701@pencil.allmail.net>
Message-ID: <2179730.2kOoFUiG1s@laptosid>

Dnia środa, 21 sierpnia 2013 00:21:49 Moon Jones pisze:
> On 19.08.2013 23:20, grarpamp wrote:
> > With the same dev money Google could be funding open source projects
> > like tahoelafs, p2p messaging, etc that put the keys in the hands of the
> > user for easy use. Yet no, they compete against them. They're a business,
> > they've become and catered to more corporate/gov base, that's normal,
> > write around them and claim the user base.
> 
> Yet they not only support SMTP and IMAP4, but they give instructions on
> how to set up Mozilla Thunderbird.

How gracious of them!

Ever heard of SPDY?
http://en.wikipedia.org/wiki/SPDY

Are you willing to bet that this will not become the Embrace, Extend, 
Extinguish of our time (this time with regard to HTTP)?
http://en.wikipedia.org/wiki/Embrace_extend_extinguish

> They use XMPP and they allow connections from outside their network.

Uhm... I'd be very careful with this one:
http://tech.slashdot.org/story/13/05/20/2315216/google-drops-xmpp-support
http://windowspbx.blogspot.com/2013/05/hangouts-wont-hangout-with-other.html

> In most ways they are way ahead of the competition.

And most of these cases are a relic of a bygone era when Google actually 
practised what they preach, because they were the small, geeky underdog pitted 
against giants like Microsoft.

Now they themselves are a giant and are slowly but steadily abandoning their 
open-source, open-standards ways in favour of walled-gardens, proprietary 
protocols and such.

> To me it sounds pretty much like the GNU/Linux kernel development: make your
> project popular enough and conform to our coding structure and we're going
> to include it in the main tree. Fail to do so and you are free to develop
> patches and loadable modules.

Where did *that* metaphore come from?..

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/64b156dc/attachment.sig>

From mjones at pencil.allmail.net  Tue Aug 20 16:25:18 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 01:25:18 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <1935644.0fJBDUe5PH@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid> <1391057.GVGtPiW13a@laptosid>
 <5213EAC6.8090507@pencil.allmail.net> <1935644.0fJBDUe5PH@laptosid>
Message-ID: <5213FADE.3040007@pencil.allmail.net>

On 21.08.2013 00:40, rysiek wrote:
> Explained it already 2 times, if anybody else asks, I'll be happy to do it for
> the third time.

Ok. I think I get the point.

>> But do they have the legal right not to hold those keys? Or this matter
>> is irrelevant to you?
>
> This matter is very relevant to me. I believe if somebody is saying "we offer
> encryption", the encryption should be actually, you know, protecting the data.

My question was if they can, given the US law, do such a thing. You have 
repeated the previous statements.

I offer encryption means precisely «I offer encryption». If there is a 
full stop after that, than the rest is fantasy.

Take for example the fact that I do full disk encryption. I have the key 
somewhere. Now. Someone who has the key and the hard drive has access 
just like without full disk encryption. Including files that I have 
deleted through the regular delete and not some secure method. This does 
not make my hard drive any less encrypted than it is.

Now take another example: food containing dead pig meat sold in an 
islamic country as chicken or just «meat». In the first case it's a lie, 
it might as well write «no meat at all». In the second is a lie by omission.

Do not confuse the two cases. Google never ever stated the rest. It's 
just your imagination.

> As it stands now, the GCS encryptions doesn't protect the data from government
> snooping, from a rogue admin that has access to the master key, and probably
> from several other scenarios.

Have they said «we protect your data from the government»? I am sure to 
have missed that one. Same goes for the other scenarios mentioned.

> And the Google's rep saying "we do not provide the keys to the government"
> reeks of PR-speak and deception. Of course they do not provide the keys, they
> can simply provide the cleartext, de-ciphered first via the master key.

What?

You are strange.

They do not have to. Most important providers are bugged BEFORE the data 
reaches their servers. So it's first the Men in Black. Than is the 
server. Than is my computer.

On the other hand you have the power of law. Once there is a data 
storage one can ask a judge to write a special kind of legal letter to 
which the storage manager HAS to comply. So the whole chain starting 
with the investigator and ending with the judge couldn't care less about 
key, algorithm, hard drive size, CPU type, how many GHz the memory 
bandwidth. They ask for the data and they are going to receive it or a 
very convincing explanation. That was established way before computers 
were invented. And if you care about this aspect you are free to 
campaign against it. It's ONLY between you and the law. Google, the 
investigator, the judge, the postal service and all the others just comply.

>> But that's not what they are saying.
>
> They are saying they use encryption, and with several keys/levels. They are
> saying that during the whole PRISM debate heating up, a debate mind you that
> has Google among the NSA cooperators. They are even claiming they are not
> providing the keys to the government, so as to suggest even more strongly that
> they have cleaned up their act:
>
> "A Google spokeswoman said via email the company does not provide encryption
>   keys to any government and provides user data only in accordance with the
>   law."

Right. This is precisely what I have read.

> When in fact -- as far as PRISM-related stuff is concerned -- they have done
> anything but.

Pardon my thickness. How?

>> Isn't it ironic? So Google SHOULD make things easier for you to tell
>> people to use other services?
>
> No. Google SHOULD provide safe, privacy-aware services and encryption that
> actually truly protects the data, or at least not claim to do so if they have
> no intention to.

Sure. Also the pope should stay away from gay people since the year 300. 
Rich people should help as many poor as they can. One should rise in the 
bus and give the seat to an old gentleman or lady. But we live in a far 
from ideal world. That to play your game.

Otherwise Google does that already. It's safe. Because then can send you 
an SMS to recover your free account at their expense. They ask the 
security question each time you log in from a different location. And so 
on. They are privacy aware as they don't share your emails with your 
inquisitive mother. Something you can't say of the postal service or a 
chatty general practitioner. And given the evil janitor or the evil 
admin steal the hard drive with your mail they won't be able to read it.

Sure, you can idealise it to the extreme. But in real life and real 
world that is already enough for a free / cheap service.

You too should be more concerned with the employer, school, relatives or 
neighbours than with NSA. Please do notice than I am not saying it's a 
good thing what NSA does. Only that it is a distant threat. One as 
concerned as you are already does have a personal mail server somewhere. 
One should give thanks to someone like RMS for the ability to have that 
at the cost of the hardware components plus the power bill.

> Or, using your "let's turn the tables and see where that goes" method:
> So Google CAN lie and deceive the users by claiming or suggesting to provide a
> level of service they have no intention of providing?

They don't lie. They don't deceive. Not in this case. The problem is 
elsewhere. Think about it a couple of minutes.

>> Sounds like the new anti–gay legislation in Russia: making it easier for
>> priests to preach homofobia.
>
> Nicely done. I see we have a Schopenhauer admirer. "The Art of Being Right" is
> a great little book indeed:
> http://en.wikipedia.org/wiki/The_Art_of_Being_Right
>
> I'm just not sure if that's #8, #12 or #32. I'd go for #32, I guess.

Guess that spells «time to give it up» for me.




From mjones at pencil.allmail.net  Tue Aug 20 16:46:53 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 01:46:53 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <2179730.2kOoFUiG1s@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid>
 <CAD2Ti28zFkSFtpo=F3t1OgGywWJRhHPgtJhq8srkm2kj3iLQRQ@mail.gmail.com>
 <5213EBFD.6040701@pencil.allmail.net> <2179730.2kOoFUiG1s@laptosid>
Message-ID: <5213FFED.40103@pencil.allmail.net>

On 21.08.2013 00:45, rysiek wrote:
>> Yet they not only support SMTP and IMAP4, but they give instructions on
>> how to set up Mozilla Thunderbird.
>
> How gracious of them!

I feel you were being sarcastic. But it's not the case. Removing those 
help pages won't alienate their clients. It's truly a way to be nice. 
Also, although dropping SMTP and IMAP4 support and replacing them with 
some exotic closed protocol won't do a thing. Android update and the web 
interface would do the trick. It's even worse. When Yahoo has dropped 
POP3 support, without replacing it with anything, some Sourceforge 
projects were started just to replace that. So, again, it's truly a nice 
gesture. Maybe, only maybe, it helped them initially to gather up 
strenght. Today that means zero.

> Ever heard of SPDY?
> http://en.wikipedia.org/wiki/SPDY

Yes. I heard of it. Thank you for including the wikipedia page. Have you 
read it?

 >> OpenSSL 1.0.1 or greater introduces NPN.

 >> The browsers Google Chrome/Chromium, Firefox (version 11+, enabled 
by default since 13) and Opera browser (version 12.10+) support SPDY.

 >> Amazon's Silk browser for the Kindle Fire uses the SPDY protocol to 
communicate with their EC2 service for Web page rendering.

An open standard with quite large support from the open source 
community. Meaning many more can follow.

So what's the point?


>> They use XMPP and they allow connections from outside their network.
>
> Uhm... I'd be very careful with this one:
> http://tech.slashdot.org/story/13/05/20/2315216/google-drops-xmpp-support
> http://windowspbx.blogspot.com/2013/05/hangouts-wont-hangout-with-other.html

I dislike slashdot. It's almost all noise. And one of the sites blocking 
Tor. But I was interested in your argument so I went there for the 
second time today. And there I read:

 >> Note that no end date has been set for Talk

So, again, what is your point?

>> In most ways they are way ahead of the competition.
>
> And most of these cases are a relic of a bygone era when Google actually
> practised what they preach, because they were the small, geeky underdog pitted
> against giants like Microsoft.

The pope preaches. Google sells. If I use Google search words start 
popping up suggesting me what I might ask. If I have gmail there is 
advertising related to the CONTENTS of my received emails. If I go 
around youtube I get a full column on the right hand side with 
suggestions. And you know what is impressive? They are all about right. 
And I surely have missed the time where someone officialy from Google 
went out and said «we're going to cripple all that for your privacy». 
Quite the opposite. They said it's one of the reasons people use Google 
instead of the competition.

I personally like how you dramatise things. Yet, they were never small. 
Google has not started with Woz in a garage and it wasn't selling sports 
shoes out of a trunk. They had money. They had computing power. They had 
storage. Just because they have expanded over they years, does not mean 
they started as a image board on a Pentium hold behind a highschooler's 
desk.

> Now they themselves are a giant and are slowly but steadily abandoning their
> open-source, open-standards ways in favour of walled-gardens, proprietary
> protocols and such.

You might have a case with the patents. But that is all.

Actually the open standards, although good by being open, they are crap. 
Email is ugly and squirts information all along the path even if you do 
bother to encrypt everything. HTTP is chatty to the extreme. And so on. 
XMPP is nicer than OSCAR and PNG is better than GIF. That statement does 
not make telnet safer.

>> To me it sounds pretty much like the GNU/Linux kernel development: make your
>> project popular enough and conform to our coding structure and we're going
>> to include it in the main tree. Fail to do so and you are free to develop
>> patches and loadable modules.
>
> Where did *that* metaphore come from?..

 From the kernel source.





From adam at cypherspace.org  Tue Aug 20 17:46:27 2013
From: adam at cypherspace.org (Adam Back)
Date: Wed, 21 Aug 2013 02:46:27 +0200
Subject: Google to encrypt cloud storage
In-Reply-To: <1391057.GVGtPiW13a@laptosid>
References: <2189975.UDeXjrTKxJ@laptosid> <5213617C.9000206@pencil.allmail.net>
 <1391057.GVGtPiW13a@laptosid>
Message-ID: <20130821004627.GA12063@netbook.cypherspace.org>

Well I think its fair to denigrate it as obfuscation not encryption if the
key lives on the same machine as the ciphertext.  At best it makes it less
risky to dispose of dodgy disks - now and then such things turn up on ebay
with client data.  At least if you encrypt it properly, and do NOT put the
key on the disk, then you can safely toss them in a dumpster, not physically
destroy them etc.

Adam

On Tue, Aug 20, 2013 at 02:52:25PM +0200, rysiek wrote:
>Thing is, this encryption scheme (in which, from what I read, Google has
>access to "master keys" and has the technical ability to decrypt data once
>it's subpoenad) brings no additional safety to users. It sounds great ("we
>support encryption! and we're doing it with several keys! that has to be safe,
>eh?"), but it does effectively nothing to actually protect users and their
>data from PRISM and similar programmes.
>
>And that means it will be this harder for us to explain why this is a bad
>scheme ("wait, you're saying encryption is evil? now I am confused!") and why
>people should use other methods of protecting their privacy and their data.




From adam at cypherspace.org  Tue Aug 20 17:51:02 2013
From: adam at cypherspace.org (Adam Back)
Date: Wed, 21 Aug 2013 02:51:02 +0200
Subject: no encryption even worse? (Re: Groklaw shuts down)
In-Reply-To: <E1VBoqW-0002Sm-Ho@elasmtp-curtail.atl.sa.earthlink.net>
References: <20130820154421.GA18516@antiproton.jfet.org>
 <E1VBoqW-0002Sm-Ho@elasmtp-curtail.atl.sa.earthlink.net>
Message-ID: <20130821005102.GB12063@netbook.cypherspace.org>

On Tue, Aug 20, 2013 at 12:32:00PM -0400, John Young wrote:
>Bluntly, anybody who peddles security is a cheat.
>Those withdraw it are worse.

I was thinking something like that about the silent circle shutdown.  It
seems to me their problem case was the mail in (they would be encrypting
that to the user PGP key or equivalent, after sender optional use of SSL to
deliver it to them).  So would not a more sensible change be to disable
mail in?  So then only silent circle users could encrypt messages to each
other.  Even that would add pressure to other users to also get a silent
circle account and so be a business advantage.

Puzzlingly spun "to protect our users privacy we removed their encryption
feature" - so they'll probably send it plaintext instead, great.

Adam




From mjones at pencil.allmail.net  Tue Aug 20 18:08:19 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 03:08:19 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <1601804.m5l9JQSDH5@laptosid>
References: <7753449.v5aJnrzhsU@laptosid> <3916294.bbjaUUOBuG@laptosid>
 <5213DABF.9090308@pencil.allmail.net> <1601804.m5l9JQSDH5@laptosid>
Message-ID: <52141303.4040403@pencil.allmail.net>

On 21.08.2013 00:19, rysiek wrote:
>> What do you mean by «legitimate»? And second what do you mean by
>> «legitimate activities»?
>
> Not sure if troll, but oh-kay...
>
> I mean "I have subscribed to their list; this list provides clearly marked and
> functional way of unsubscribing; thus, mail from this source is considered
> legitimate; and hence sending such mail by them is considered legitimate
> activity".
>
> I'd say it's quite obvious, though.

Cute. Last time I have checked spam meant unsolicited mail, nothing 
about providing ways to unsubscribe. Would that make a spammer who keeps 
sending me offers because their system keeps reharvesting my address ok 
as long as give me a way to unsubscribe each time? I know it's not the 
case of Avaaz, but still.

Yet, you have avoided once more the question. I'll requote it:

 >> By introducing policies that are disruptive to legitimate activities.
 >> Why they are disruptive? Because GMail is being used by a huge part
 >> of e-mail users.

 > What do you mean by «legitimate»? And second what do you mean by
 > «legitimate activities»?

Or is it just a figgure of speech? You write over and over again «us» 
although you are one person (I think). You generalise «policies that are 
disruptive to legitimate activities» and yet you only meant Avaaz. 
What's this?

>> But «fucks us in the arse» implies a deliberate act.
>
> Well, my bad. Should have been more clear there, I give you that.
>
> I do attribute malice to Google with regard to several of their recent actions
> (the Jabber debacle and the anti Net Neutrality stance, for starters). With
> great power (and Google does have great power over the Internet right now,
> sadly) comes great responsibility; they *should* be aware of what effect their
> policies have on the rest of the Net.

Jabber is a server. Google has never supported Jabber as far as I know. 
Do you know anything against it?

Net Neutrality is accepted by Google. They are against it. And lobby 
against it. And it's their right. I have searched their help pages and 
they never say anything like «we fight for Net Neutrality». And you know 
why I believe this is not an issue? Christians say Thou shall not kill, 
yet many christian countries have the capital punishment. Islam 
supporters come forward and say islam is a religion of peace even after 
all those bloody attacks. Buddhists and hindus are about don't do harm 
as you will have a crappy future life and still they kill other people.

Yet people like you keep going after Google, implying they are somehow 
evil. And most of them, at least the ones I know, they do enjoy at least 
few of the things Google provides for free and on a daily basis. Am I 
wrong to call it hypocrisy?

That quote, like the also often used «freedom of speech» argument, was 
meant for the state. Not for people or companies. It might sound nice, 
that does not make it true. Neither makes it binding.

I am sure they are well aware of the effects. And that they ponder it 
well before jumping with a new service. As long as it brings Google 
closer to 100% of the online advertising business it's good. As long as 
it brings Google closer to 100% of the portable devices business it's 
good. And so on for each and every market they're in as well as markets 
they are going to start conquering after this wonderful August 2013.

> And I would say, we should *expect* them to be aware of that. Even more -- I
> am quite sure they *are* aware. And hence, we're getting dangerously close to
> what could be described as malice: conscious decision to perform actions that
> are heavily detrimental to a lot of other entities with the only rationale
> being profit maximalisation.

That's all cheap propaganda. It's wrong on so many levels.

> I shall re-phrase, then:
>
> "We are being fucked in the arse by GMail, so let's ask them politely to use
> some lubricant".

Do you have multiple personalities?

Probably you are not aware of this. But your discourse contains more 
crap than anything I have read as coming from Google or one of its 
owners. «we» is a way to implicate the guillable. If you had any decency 
you would have limited that «we» to anything more precise. Paranoid 
people. People who need protection from their own states. People who 
hear voices. People living in the Northen Hemisphere. Me and my partner. 
People who can't afford $5 a year for a mail account. Anything but we.

> This version leaves about as much space for GMail doing that completely
> accidentally and without any knowledge nor awareness of the grave effects
> their action will have as I am willing to leave. I.e. some, but not that much.

Sure. These days I was checking the laptop market for somebody. Guess 
what! Most laptops, at least the cheap ones do not have a LED for hard 
drive activity. So the user is left in the dark about hard drive 
activity. Most laptops do not have the flickering leds for WiFi. Many 
laptops don't have flickering leds for the Ethernet port, and some have 
it, but you have to turn the laptop in a weird position to notice them. 
Some don't have a LED to signal if the webcam is on or off, and some can 
turn that led off in software. I have yet to see a laptop that has the 
microphone with an associated LED to show it's status on / off. No 
switch, Ethernet or otherwise, signals it might be under surveilance. 
And the list can go on for a few pages. And I am sorry, but I do not 
recall any hysteric person making a fuss about any of the above issues.

>> I see your domain is from Poland, which is
>> quite a backward country when it comes to anything people do, yet a pope
>> disaproves. Meaning anal sex, heterosexual, homosexual or plain
>> masturbation is a very very bad thing to do. I might be wrong, but in
>> this context «GMail fucks us in the arse» implies at least malice. Yet
>> now you write «I am not assuming malice on Google's part». Help me
>> understand.
>
> I'm sorry, but I find your your comment right there borderline offensive.

I'm sorry too. It's the second time this day you are pointing that out 
so I'll be quiet afterwards.

>>From the perspective of copyright reform debate[1] and Internet porn
> censorship debate[2] I could say that many other countries are extremely
> backwards with regard to some things (censorship, copyright, porn), bot that
> doesn't get us anywhere, does it.
>
> [1] http://rys.io/en/70
> [2] http://rys.io/en/109
>
> Not to mention the unwarranted generalisation that "all Poles are <insert your
> observation>". That has some potential to backfire, after all there is a slim
> chance you could happen to be talking to an atheist[3]...

Poland is to Europe what Pakistan is to the Orient.

https://en.wikipedia.org/wiki/Roman_Catholicism_by_country
https://en.wikipedia.org/wiki/Islam_by_country

Now one might argue that Catholics are a few centuries ahead of Islam. 
But the point was that being in Poland for an extended period makes one 
feel anal sex far more offensive than a civilised country like Denmark 
or The Netherlands, even if there are only a few kilometers away (that 
is a figgure of speech).

I never even even imply anything remote like «all poles». I happen to 
know quite a few Russians living there. Ukrainians too. The Jews have 
had a very difficult life in the past century, but there are still a 
few. And I can assure a Jew living in Posen has a better chance to be 
prejudiced against gay people than a Jew living in New York.

And that can be a good argument: myself I believe that developing 
critical thinking to fight 1000 year old or older beliefs can help with 
the need for freedom and privacy. Yet things like denying medical care 
because it might lead to an abortion are far worse than Google policy. 
I'm not saying PRISM is a good thing. I'm saying only that there are far 
worse things which get ignored.


> [3] http://rys.io/en/16
>
> Also, the .io domain here might prove problematic to interpret in the context
> of your previous assumptions, I guess.

Yes. It might be have something to do with Input/Output so it might be a 
key logger. Or worse: it can lead to IOerr, famous hacker who happens to 
be of jewish descent and the Sionists have an agenda of World domination 
just as exposed in revealing show Pinky and the Brain. Sorry. Couldn't 
help myself. This whole paragraph is a joke.

>>> Had such a centralisation not occured, there would be no serious
>>> problem. One of the providers introduces such policies? Fine,
>>> whatever, they have a few percent of users at the most, we can live
>>> with that. And users can switch, no problemo.
>>
>> How can anybody draw the line? It's fine as long as they are under an
>> arbitrary value set by WHOM, but it's wrong after that?
>
> Well, as with *most* of important things in life, there is no precise border,
> crossing of which makes you a monopolist. But I guess we can all agree that if
> Avaaz sees that as a grave danger, that might be some indication.

The answer according to me: there can't be set a reliable limit. Thus 
there should be no limit. Either you leave the things the way they are 
or you start working towards forbiding by the law.

>>> However, with GMail having such a huge slice of the pie, they can
>>> literally make or break organisations like Avaaz.
>>
>> Than they should break Avaaz.
>>
>> If one company depends so much on another, than you can call the first
>> one a parasyte. If it's existence depends on Google, than they should
>> ask nicely and maybe forward a nice sum of money. Or they have quite
>> some nerve to try to impose rules from the position of parasyte.
>>
>> Hopefuly for you their niche might be filled afterwards by a company
>> that can stand on its own.
>
> Okay, I think you didn't get the crux of the issue.
>
> Avaaz, AFAIK, is *not* using Google's services to distribute mail. Their
> members/users/activists do for their personal accounts. It's not that Avaaz is
> *relying* on Google/GMail, it's that they have no say who delivers their mail
> to a huge part of their users/activists.

Than there should be no problem getting their message some other way 
than email.

> Also, it's not a company, it's an NGO.

You mean it's not for profit.

>>> And the right way to deal with that is at least telling the users
>>> "look, the problem is related to centralisation, considering moving
>>> to a different mail provider would be a good idea".
>>
>> Don't you think that is for the people to decide?
>
> You *do* see the difference between:
>
> "look, the problem is related to centralisation, considering moving to a
> different mail provider would be a good idea"
>
> ...and...
>
> "we demand you move to a different provider immediately"
>
> ...right?

Than what's the fuss with the grave danger? Why does this thread exist?

>>> Instead, what we get is "please, dear users, play according to rules
>>> set by this behemoth that can do with e-mail whatever the hell it
>>> wants". Hence my (overly ribald for some, as it turns out) metaphor.
>>
>> Because they way you expressed it, as I have no idea what Avaaz is or
>> does, they are a puny corporation living from Google's leftovers.
>> Meaning Google does a good thing for their users.
>
> Avaaz is ~20mln-strong civic organisation operating via on-line petitions to
> try and convince politicians to sometimes do the right thing. Instead of
> slandering them, you might want to educate yourself:
> http://en.wikipedia.org/wiki/Avaaz

Online petitions. Meaning spam.

I recall another initiative like that: feeding African children by 
clicking banners. Each click meant one piece of rice. I've read the 
creator is stinking rich because of that.

> Yes, I should have provided the link in my first e-mail, I assumed that on
> this list Avaaz might be already known. See, everybody makes wrong assumptions
> from time to time.

It seems that I am helping the cause of that corporation. Sorry, I'm 
against.




From me at staticsafe.ca  Wed Aug 21 02:36:54 2013
From: me at staticsafe.ca (staticsafe)
Date: Wed, 21 Aug 2013 05:36:54 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5213CE63.4020904@pencil.allmail.net>
References: <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid>
 <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
 <20130819164436.GC19173@uriel.asininetech.com>
 <52135DE3.70203@pencil.allmail.net>
 <20130820124356.GB9448@uriel.asininetech.com>
 <5213CE63.4020904@pencil.allmail.net>
Message-ID: <20130821093653.GC9448@uriel.asininetech.com>

On Tue, Aug 20, 2013 at 10:15:31PM +0200, Moon Jones wrote:
> On 20.08.2013 14:43, staticsafe wrote:
> >On Tue, Aug 20, 2013 at 02:15:31PM +0200, Moon Jones wrote:
> >>On 19.08.2013 18:44, staticsafe wrote:
> >>>The biggest problem being spam. We need to educate typical e-mail users
> >>>about e-mail hygiene and spam fighting.
> >>
> >>What do you mean by «e-mail hygiene» and «spam fighting»?
> >
> >E-mail hygiene:
> >- Using aliases for every company you deal with, or using recipient
> >   delimiters like "+" so it is easier to find out which company sold you
> >   out.
> >- Exercise more caution when handing out your "primary" address
> >- Avoid services that like to spam your addressbook (see: LinkedIn etc.)
> >
> >Spam fighting:
> >- Using DNSBLs to cut down on the crap
> >- Training spamassassin's DB with ham and spam.
> >- Enact rate limiting policies so that a compromised account can only do
> >   limited amount of damage.
> 
> Oops. My bad.
> 
> Than what do you mean by «typical e-mail user»?
> 

Someone who primarily uses webmail and big e-mail service providers.
Probably doesn't even /care/ about e-mail, e-mail isn't cool after all.
;)
-- 
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post.
Please don't CC! I'm subscribed to whatever list I just posted on.




From ben at links.org  Wed Aug 21 02:51:38 2013
From: ben at links.org (Ben Laurie)
Date: Wed, 21 Aug 2013 05:51:38 -0400
Subject: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)
Message-ID: <mailman.4438.1575949051.62801.testlist@lists.cpunks.org>

On 21 August 2013 03:35, Fabio Pietrosanti (naif) <lists at infosecurity.ch>wrote:

>  Hey Peter,
>
> thanks for your analysis!
>
> I think we need to provide some additional input!
>
> In the context of GlobaLeaks where, stating from our Threat Model at
> https://docs.google.com/document/d/1niYFyEar1FUmStC03OidYAIfVJf18ErUFwSWCmWBhcA/pub, the Whistleblower can also be NON anonymous but approach a submission
> with "Confidential" level (over HTTPS over the internet) .
>
> No anonymity, but forced disclaimer (
> https://github.com/globaleaks/GlobaLeaks/issues/260) and acceptance to
> take the risk.
>
> So, let's say that whistleblower is already in a bad position, but he
> accepted this condition.
>
> We are not considering in any way to add actions/protection on
> Whistleblower-Side but only on Receiver-Side that is where the "bad guy"
> would be able to read Notification information sent and apply Time
> Correlation on the Whistleblower-Action.
>
> Today if a Whistleblower make a submission, the system immediatelly send a
> notification to the Receiver.
>
> That's bad, because it leave a trace that allow time correlation.
>
> Who can read Receiver's email and traffic, can make a correlation on other
> data source where the whistleblower may leave traffic-traces (like a proxy,
> but also internet traffic dump, phisical badge/access logs, surveillance
> camera, etc) .
>
> Which kind of logic / algorithm to apply on the Receiver's notification
> timing in order to prevent / reduce the likelihood that a time correlation
> pattern is possible?
>
> A random delay between a lower bounday and an upper boundary seems like
> the most simple and effective approach to defeat this kind of correlation.
>
> However this does not work on very low-traffic globaleaks node.
>
> What do you think?
>

I think that if you want to send messages that are hard to trace, there's
an existing technology: mixmaster, with an existing server network.

Or, better yet, finish off mixminion,

Even better: implement Minx (the fixed version).


>
>
> --
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rightshttp://logioshermes.org - http://globaleaks.org - http://tor2web.org
>
>
>
> Il 8/21/13 4:17 AM, Peter Maxwell ha scritto:
>
>
>  Hi Fabio,
>
>  While I don't mean to be dismissive, I suspect your threat model is
> flawed for the following reasons:
>
>  i. Most mid to large companies would not permit the use of Tor within
> their infrastructure and even if the hypothetical company did, it doesn't
> take a whole lot of effort to track down the handful of users within a
> company using Tor/stunnel/ssh/VPN.  For that matter, I understand some
> companies even install private CA certificates into the browsers on company
> computers and decrypt outgoing SSL/TLS traffic at their
> web-proxy/firewall... in that situation, you're WB is going to stand out
> like a sore thumb as they'll be the only TLS connection that isn't being
> decrypted (because it's Tor).  So unless you want your whistle-blowers to
> literally advertise their presence as worthy of attention, they aren't
> going to do the leak from an company system directly.
>
>  ii. So, presuming i. is valid - and I suspect anyone who has worked
> within a competent security operations team will tell you the same - then
> you must assume the whistle-blower will do the leak from either their
> personal systems, a burn computer or a public system.  If we make the
> assumption that the WB has taken the data out of the company/organisation
> on removable media or otherwise made it available to themselves outside the
> company infrastructure in a secure manner (while sometimes difficult, that
> is still far easier than i.) then your attacker can only see the WB's
> traffic if they are actively monitoring the WB's use of computers outside
> the company, in which case said WB has far bigger problems to worry about.
>  If the attacker cannot monitor the timing of the leak, your problem is not
> framed in the manner you've presented.
>
>  iii. Even if your model was realistic, you cannot adequately defend
> against traffic analysis for such a low-traffic network: you need other
> traffic to hide in, lots of it, from other users within the same company -
> it's not realistic for this type of service.
>
>  iv. There are more subtle problems you are going to come across, not
> least of which are issues such as document tagging/water-marking/document
> versioning and the ability for the attacker - your hypothetical manager -
> to correlate leaked documents against the access rights and access patterns
> of potential whistle-blowers.  For that matter, simple forensic analysis of
> staff computers is usually more than sufficient (and yes, organisations do
> this).
>
>
>  It's also Isle of Man that people like hiding their ill-gotten-gains in,
> not "Island of Mann" ;-)  Interestingly, I think anyone who has used Isle
> of Man accounts for tax avoidance are scuppered as the HMRC has signed an
> agreement with the authorities there for automatic disclosure.
>
>
>  Anyway, as far as I can see it, you have two different scenarios to
> consider with one being significantly more difficult to solve than the
> other:
>
>
>  A. The scenario where the whistle-blower is able to take the data out
> the company on removable media or paper-copy.  This is the easy one to
> solve.  Personally I would favour a combination of asymmetric encryption
> with single-use keypairs and USB sticks in the post, but I'm old fashioned
> that way.
>
>  B. The scenario where the whistle-blower has to leak from the
> company/organisation's network.  This is extremely difficult indeed.  If I
> were approaching this problem myself, my first considerations would be: how
> to make the traffic look like normal web-traffic; how to ensure no forensic
> traces are left; and how to do that without installation of third-party
> software as that is a dead give-away.  If the quantity of data is larger
> than a few hundred Mb, the problem is probably not solvable.
>
>
>  That's my tuppence-worth, hope that helps,
>
>  Peter
>
>
>
>
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
>

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From jya at pipeline.com  Wed Aug 21 03:58:41 2013
From: jya at pipeline.com (John Young)
Date: Wed, 21 Aug 2013 06:58:41 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <521470F9.4040303@owca.info>
References: <521470F9.4040303@owca.info>
Message-ID: <E1VC66o-0002hS-5q@elasmtp-junco.atl.sa.earthlink.net>

Sure, why not? Why not, you ask. Well, because encryption
creates secretkeepers just like official secretkeepers, and it
can become an obessession to believe only other secretkeepers
and disbelieve those who do not keep secrets. From that
a hatred of all-too-trusting openness becomes even more of
an enemy. Then the enemy must be demonized and warred
against, in secret.

However, so long as un-official secretkeeping never turns
into protection an uncontrollable killing machine of those
who find secretkeeping abysmally opposed to democracy,
then it should be an enjoyable past time for innocents avoiding
their future of really bad shit planned in official secrecy
protected by encryption for their use as cannon fodder.

Just a reminder that encryption is a munitions whose only
purpose is to secretly fuck with others. Use it for a game
only. Wargamers use it to deceive their murderous
intentions.

Now cryptoanarchy was always only a game of planning
assassination of political secretkeepers, despite official
misunderstanding and jailing of Jim Bell and Carl Johnson.

And not a few others comically believed that encryption
would protect them against really dirty fighters who
ignored digital black magic to target signal-emitting
OTR chatting warriors yarping strategy on cryptophones.

My PGP protects my right to post this rant, right? What,
there's a fault in my implementation, you say? Sysadmin
of mails lists are official informants, come on, now, that's
tinfoil gaming.





From billstclair at gmail.com  Wed Aug 21 04:03:33 2013
From: billstclair at gmail.com (Bill St. Clair)
Date: Wed, 21 Aug 2013 07:03:33 -0400
Subject: David and Glenn in Berlin
In-Reply-To: <16016895.9dGq9WitnD@laptosid>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
 <20130821064210.GK29404@leitl.org> <16016895.9dGq9WitnD@laptosid>
Message-ID: <CAARJRB6kotCEbDKTjKX3EkNjwvgCCQ_GsG67d+2Cps2E0T+0rg@mail.gmail.com>

Add nuculer to terrist, and you can start doing George W. Bush impressions.

Bill

On Wednesday, August 21, 2013, rysiek wrote:

> Dnia środa, 21 sierpnia 2013 08:42:10 Eugen Leitl pisze:
> > On Tue, Aug 20, 2013 at 04:14:39PM -0400, grarpamp wrote:
> > > > T word
> > >
> > > The word is TERRORIST aka: criminal.
> > > A shame that some words cannot be said or
> > > that some cannot say them.
> >
> > These days everybody is a terrorist. Excuse
> > me while I fix me up some breakfast terrorism, brb.
>
> I am starting to use the word "terrist" in any public context where
> "terrorist" is supposed to be used. Just for shits and giggles.
>
> "War on Terrists"
> "Terrist plot"
>  etc.
>
> --
> Pozdr
> rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1000 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/0ea3a359/attachment.txt>

From adam at cypherspace.org  Tue Aug 20 22:52:25 2013
From: adam at cypherspace.org (Adam Back)
Date: Wed, 21 Aug 2013 07:52:25 +0200
Subject: no encryption even worse? (Re: Groklaw shuts down)
In-Reply-To: <CADJYzxK56ZwUi+N0yq7gvwr0=itQxWRtZFOdK5eSUvHqocMoCA@mail.gmail.com>
References: <20130820154421.GA18516@antiproton.jfet.org>
 <E1VBoqW-0002Sm-Ho@elasmtp-curtail.atl.sa.earthlink.net>
 <20130821005102.GB12063@netbook.cypherspace.org>
 <CADJYzxK56ZwUi+N0yq7gvwr0=itQxWRtZFOdK5eSUvHqocMoCA@mail.gmail.com>
Message-ID: <20130821055225.GA17701@netbook.cypherspace.org>

Yes but my point was they didnt have to throw out the baby with the
bathwater; silent circles email I think was basically two products combined:

1. end2end secure, store-and-forward encryption between silent circle users;

2. server-side encryption of opportunistically SSL encrypted (potentially
unencrypted) incoming emails + presumably unencrypted outgoing emails.

Why not keep 1?  They obviously have the technology for it because they have
retained encrypted SMS-like functionality which is the same key management
and information flow.

Not forgetting there is a 3rd "product" which is the defacto which is normal
email:

3. opportunistically encrypted (SSL) email

(as well as SMIME (dont trust due to CA malfeasance) or self-managed PGP/GPG
which for some reason people find difficult).

and users who lose 1 & 2 due to the no-notice product end-of-life will
probably just switch to 3 as an alternative to stopping communicating.  

Even catching a flight with a USB drive apparently is risky via UK re the
curiously named David Miranda (Miranda rights eh) seems they demanded
decryption keys.  Seems like people who are couriering data ought to encrypt
it with the recipients public key before travel.

Adam

On Tue, Aug 20, 2013 at 06:03:39PM -0700, Rich Jones wrote:
>   I think the point that they're making is that one communicates
>   differently when one knows the line is tapped. Better self censorship
>   than blabbering with delusions of security. This isn't a philosophy
>   which I personally agree with, but I believe this was their intention.
>
>   On Tue, Aug 20, 2013 at 5:51 PM, Adam Back <[1]adam at cypherspace.org>
>   wrote:
>
>     On Tue, Aug 20, 2013 at 12:32:00PM -0400, John Young wrote:
>
>     Bluntly, anybody who peddles security is a cheat.
>     Those withdraw it are worse.
>
>     I was thinking something like that about the silent circle shutdown.
>      It
>     seems to me their problem case was the mail in (they would be
>     encrypting
>     that to the user PGP key or equivalent, after sender optional use of
>     SSL to
>     deliver it to them).  So would not a more sensible change be to
>     disable
>     mail in?  So then only silent circle users could encrypt messages to
>     each
>     other.  Even that would add pressure to other users to also get a
>     silent
>     circle account and so be a business advantage.
>     Puzzlingly spun "to protect our users privacy we removed their
>     encryption
>     feature" - so they'll probably send it plaintext instead, great.
>     Adam
>
>   --
>   Rich Jones
>   OpenWatch is a global investigative network using mobile technology to
>   build a more transparent world. Download OpenWatch [2]for iOS and
>   [3]for Android!
>
>References
>
>   1. mailto:adam at cypherspace.org
>   2. https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8
>   3. https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en




From shelley at misanthropia.info  Wed Aug 21 08:37:31 2013
From: shelley at misanthropia.info (Shelley)
Date: Wed, 21 Aug 2013 08:37:31 -0700
Subject: Bradley Manning's sentence: 35 years for exposing us to the truth
Message-ID: <20130821153736.600C26800C7@frontend2.nyi.mail.srv.osa>

http://www.theguardian.com/commentisfree/2013/aug/21/bradley-manning-sentence-birgitta-jonsdottir

Bradley Manning's sentence: 35 years for exposing us to the truth

This was never a fair trial – Obama declared Manning's guilt in advance. But Manning's punishment is an affront to democracy

Birgitta Jónsdóttir
theguardian.com, Wednesday 21 August 2013 10.29 EDT
Jump to comments (…)

Link to video: Bradley Manning: 35 years in jail for an outsider who had trouble fitting in –&nbsp;video

As of today, Wednesday 21 August 2013, Bradley Manning has served 1,182 days in prison. He should be released with a sentence of time served. Instead, the judge in his court martial at Fort Meade, Maryland has handed down a sentence of 35 years.

Of course, a humane, reasonable sentence of time served was never going to happen. This trial has, since day one, been held in a kangaroo court. That is not angry rhetoric; the reason I am forced to frame it in that way is because President Obama made the following statements on record, before the trial even started:

President Obama: We're a nation of laws. We don't individually make our own decisions about how the laws operate … He broke the law.

Logan Price: Well, you can make the law harder to break, but what he did was tell us the truth.

President Obama: Well, what he did was he dumped …

Logan Price: But Nixon tried to prosecute Daniel Ellsberg for the same thing and he is a … [hero]

President Obama: No, it isn't the same thing … What Ellsberg released wasn't classified in the same way.

When the president says that the Ellsberg's material was classified in a different way, he seems to be unaware that there was a higher classification on the documents Ellsberg leaked.

A fair trial, then, has never been part of the picture. Despite being a professor in constitutional law, the president as commander-in-chief of the US military – and Manning has been tried in a court martial – declared Manning's guilt pre-emptively. Here is what the Pentagon Papers leaker Daniel Ellsberg had to say about this, in an interview with Amy Goodman at DemocracyNow! in 2011:

Well, nearly everything the president has said represents a confusion about the state of the law and his own responsibilities. Everyone is focused, I think, on the fact that his commander-in-chief has virtually given a directed verdict to his subsequent jurors, who will all be his subordinates in deciding the guilt in the trial of Bradley Manning. He's told them already that their commander, on whom their whole career depends, regards him [Manning] as guilty and that they can disagree with that only at their peril. In career terms, it's clearly enough grounds for a dismissal of the charges, just as my trial was dismissed eventually for governmental misconduct.

But what people haven't really focused on, I think, is another problematic aspect of what he said. He not only was identifying Bradley Manning as the source of the crime, but he was assuming, without any question, that a crime has been committed.

This alone should have been cause for the judge in the case to rethink prosecutors' demand for 60 years in prison. Manning himself has shown throughout the trial both that he is a humanitarian and that he is willing to serve time for his actions. We have to look at his acts in light of his moral compass, not any political agenda.

Manning intentions were never to hurt anyone; in fact, his motivation – as was the case for Ellsberg – was to inform the American public about what their government was doing in their name. A defense forensic psychiatrist testified to Manning's motives:

Well, Pfc Manning was under the impression that his leaked information was going to really change how the world views the wars in Afghanistan and Iraq, and future wars, actually. This was an attempt to crowdsource an analysis of the war, and it was his opinion that if … through crowdsourcing, enough analysis was done on these documents, which he felt to be very important, that it would lead to a greater good … that society as a whole would come to the conclusion that the war wasn't worth it … that really no wars are worth it.

I admit that I share the same hopes that drove Manning to share with the rest of the world the crimes of war he witnessed. I am deeply disappointed that no one has been held accountable for the criminality exposed in the documents for which Manning is standing trial – except him. It shows so clearly that our justice systems are not working as intended to protect the general public and to hold accountable those responsible for unspeakable crimes.

I want to thank Bradley Manning for the service he has done for humanity with his courage and compassionate action to inform us, so that we have the means to transform and change our societies for the better. I want to thank him for shining light into the shadows. It is up to each and everyone of us to use the information he provided for the greater good. I want to thank him for making our world a little better. This is why I nominated him for the Nobel Peace Prize, for there are very few individuals who have ever brought about the kind of social change Manning has put in motion.

The wave of demands for greater transparency, more accountability, and democratic reform originate with Manning's lonely act in the barracks in Iraq. He has given others – such as Edward Snowden – the courage to do the right thing for the rest of us. The heavy hand dealt Bradley Manning today is a massive blow against everything many of us hold sacred – at a time when we have been shown how fragile and weak our democracies are by the revelations of, first, Manning, and now, Snowden.

There is no such thing as privacy anymore; nor is there such a thing as accountability among our public servants. Our governments do not function for the benefit of the 99%. 

If Manning had received a fair sentence that was in proportion to his supposed crime – which was to expose us to the truth – then there would have been hope.

Instead, we are seeing the state acting like a wounded tiger, cornered and lashing out in rage – attacking the person who speaks the truth in order to frighten the rest of us into silence. But to that, I have only one answer: it won't work.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6589 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/09229d21/attachment.txt>

From eugen at leitl.org  Tue Aug 20 23:42:10 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 08:42:10 +0200
Subject: David and Glenn in Berlin
In-Reply-To: <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <5213B55B.7010509@redteam.io>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
Message-ID: <20130821064210.GK29404@leitl.org>

On Tue, Aug 20, 2013 at 04:14:39PM -0400, grarpamp wrote:
> > T word
> 
> The word is TERRORIST aka: criminal.
> A shame that some words cannot be said or
> that some cannot say them.

These days everybody is a terrorist. Excuse
me while I fix me up some breakfast terrorism, brb.




From matej.kovacic at owca.info  Wed Aug 21 00:49:13 2013
From: matej.kovacic at owca.info (Matej Kovacic)
Date: Wed, 21 Aug 2013 09:49:13 +0200
Subject: Encrypted mailing lists?
Message-ID: <521470F9.4040303@owca.info>

Hi,

I would like to share some of my thoughts about encrypting mesages on
mailing lists.

I think that it would be really great if Mailman (and other mailing list
applications) would support encryption. When user will register to
mailing list he or she should send his/her public GPG key to the Mailman
server. He/she would then receive public GPG key of mailing list.

All mail sent to the list should then be encrypted (recipient is mailing
list address and user has it's public GPG key). Mailing list would then
decrypt it, and deliver that message to it's users encrypted and signed.

That approach would resolve several problems:

- user would know that messages are really coming from mailing list (no
impersonation here);

- no spam anymore (or at least much less spam) - registered users would
need to send encrypted e-mails to mailing list, all other messages will
be dropped;

- messages are sent to user in encrypted form (regardless mail archive
is public or not) - prevents eavesdropping on public places for instance;

- messages stored in user's mailbox are encrypted (this could be
important in some countries (don't forget bordercrossing!). Even if
mailing list archive is public, this prevents automatic forensic tools
to get useful information from the seized disks;

- if mailing list is not public messages in an archive are really safe
(remember quintessenz and NSA mailing list archive story? :-> );

- if mailing list is public messages in archive are still signed and
their itegrity could be checked;

- this would promote encryption in several ways: users would be "forced"
to use encryption and users would get familiar with encryption;

- and this is also important: more e-mail traffic would be encrypted by
default - that makes all us who use encryption more safe. Remember: NSA
thinks that everybody using encryption should automatically become a
target od broader surveillance - let's overload them).

I believe we should ask Mailman developers to include that functionality
in the future releases.

What do you think?

Regards,

Matej




From loki at obscura.com  Wed Aug 21 10:02:27 2013
From: loki at obscura.com (Lance Cottrell)
Date: Wed, 21 Aug 2013 10:02:27 -0700
Subject: Encrypted mailing lists?
In-Reply-To: <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
 <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
Message-ID: <2BF2095C-1D27-4AE9-8350-4AF1653CA718@obscura.com>

I think there is probably more value in signed mailing lists than encrypted.

If it is encrypted, and the process is anything less than absolutely seamless and transparent, it is likely to drive away a large fraction of the readers.

I hardly have time to read or respond to the messages as it is. Add even a few second per message and I would drop out.

	-Lance

--
Lance Cottrell
loki at obscura.com



On Aug 21, 2013, at 9:49 AM, John Young <jya at pipeline.com> wrote:

> Worse, why limit a cypherpunks list to only those who
> use encryption? Several of the cpunks' bastard offsprings set
> up their own gated communities, unable to put up with those
> who ridiculed their advocacy of really really opinionated
> discussion of the glories of crypto.
> 
> What has been learned since early days of cypherpunks
> is that all encryption is faulty and survives on willing suspension
> of disbelief. Not the math, oh never, which is as infallible as the
> Pope and Muhammad, it's the disbelievers in other people's
> faith-based communities and who are dedicated to finding faults
> over there to divert attention from those in here.
> 
> Still, even back then, encrypted messages were posted by
> enthusiasts. Nobody answered, many said get the fuck out.
> 
> 
> At 12:20 PM 8/21/2013, you wrote:
>> What's the point of encrypting the output of a mailing list to which anyone can subscribe?
>> 
>> -jp
>> 
>> --
>> Jeffrey Paul  +1-312-361-0355
>> 5539 AD00 DE4C 42F3 AFE1 1575 0524 43F4 DF2A 55C2
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2779 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/25ba060c/attachment.txt>

From meskio at sindominio.net  Wed Aug 21 01:39:50 2013
From: meskio at sindominio.net (Ruben Pollan)
Date: Wed, 21 Aug 2013 10:39:50 +0200
Subject: Encrypted mailing lists?
In-Reply-To: <521470F9.4040303@owca.info>
References: <521470F9.4040303@owca.info>
Message-ID: <20130821083950.6458.14953@hermes>

Quoting Matej Kovacic (2013-08-21 09:49:13)
> All mail sent to the list should then be encrypted (recipient is mailing
> list address and user has it's public GPG key). Mailing list would then
> decrypt it, and deliver that message to it's users encrypted and signed.

There is already a mailing list software that does that:
https://schleuder2.nadir.org/

> I believe we should ask Mailman developers to include that functionality
> in the future releases.

With mailman3 will become pretty easy to create plugins, I guess much of what 
you say could be done by a plugin. But mailman3 is taking ages to finish.


-- 
Rubén Pollán  | http://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/2ae4746e/attachment.sig>

From lunar at torproject.org  Wed Aug 21 01:43:59 2013
From: lunar at torproject.org (Lunar)
Date: Wed, 21 Aug 2013 10:43:59 +0200
Subject: [tor-talk] encrypted mailing lists
Message-ID: <mailman.4439.1575949051.62801.testlist@lists.cpunks.org>

Matej Kovacic:
> I believe we should ask Mailman developers to include that functionality
> in the future releases.
> 
> What do you think?

Please look at the SSLS patch if you want to stick to Mailman:
<http://non-gnu.uvt.nl/mailman-ssls/>

Schleuder has a small but growing userbase:
<https://schleuder2.nadir.org/>
It is available in Debian and counts Tails as one of its users.

(This is getting off-topic for tor-talk.)

-- 
Lunar                                             <lunar at torproject.org>



-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Wed Aug 21 01:47:16 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 10:47:16 +0200
Subject: [drone-list] German activists drone NSA complex
Message-ID: <20130821084716.GL29404@leitl.org>

----- Forwarded message from Gregory Foster <gfoster at entersection.org> -----


From demonfighter at gmail.com  Wed Aug 21 08:38:38 2013
From: demonfighter at gmail.com (Steve Furlong)
Date: Wed, 21 Aug 2013 11:38:38 -0400
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAGUkT8ZcXxN4i7p4Z_GrHtzChiWa+4qhvz0TXyfpGeTXBGAEqQ@mail.gmail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org>
 <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>
 <CAGUkT8ZcXxN4i7p4Z_GrHtzChiWa+4qhvz0TXyfpGeTXBGAEqQ@mail.gmail.com>
Message-ID: <CAOFDsm0G4pnTFk5yDYDfU5GP+Uz_8YzuTN7PPuwNfLRX=xGKCw@mail.gmail.com>

On Wed, Aug 21, 2013 at 11:26 AM, Karel Bílek <kb at karelbilek.com> wrote:

> you don't want to know the dirty stuff of pirate party international.
>

I thought the first rule of Pirate Party International is that you don't
talk about Pirate Party International. Or was that the International Party
Pirate?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 686 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/ed66e883/attachment.txt>

From eugen at leitl.org  Wed Aug 21 02:56:23 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 11:56:23 +0200
Subject: [cryptography] Preventing Time Correlation Attacks on Leaks:
 Help! :-)
Message-ID: <20130821095623.GT29404@leitl.org>

----- Forwarded message from Ben Laurie <ben at links.org> -----


From grarpamp at gmail.com  Wed Aug 21 09:05:53 2013
From: grarpamp at gmail.com (grarpamp)
Date: Wed, 21 Aug 2013 12:05:53 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <2831997.rqjLtGiVRi@laptosid>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
Message-ID: <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>

On Wed, Aug 21, 2013 at 6:43 AM, rysiek <rysiek at hackerspace.pl> wrote:
> Dnia środa, 21 sierpnia 2013 10:39:50 Ruben Pollan pisze:
>> Quoting Matej Kovacic (2013-08-21 09:49:13)
>>
>> > All mail sent to the list should then be encrypted (recipient is mailing
>> > list address and user has it's public GPG key). Mailing list would then
>> > decrypt it, and deliver that message to it's users encrypted and signed.
>>
>> There is already a mailing list software that does that:
>> https://schleuder2.nadir.org/
>
> Also, I believe Sympa can handle that:
> https://www.sympa.org/

http://non-gnu.uvt.nl/mailman-ssls/




From sneak at acidhou.se  Wed Aug 21 09:20:02 2013
From: sneak at acidhou.se (Jeffrey Paul)
Date: Wed, 21 Aug 2013 12:20:02 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
Message-ID: <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>

What's the point of encrypting the output of a mailing list to which anyone can subscribe?

-jp

-- 
Jeffrey Paul  +1-312-361-0355
5539 AD00 DE4C 42F3 AFE1 1575 0524 43F4 DF2A 55C2

On 21.08.2013, at 12:05, grarpamp <grarpamp at gmail.com> wrote:

> On Wed, Aug 21, 2013 at 6:43 AM, rysiek <rysiek at hackerspace.pl> wrote:
>> Dnia środa, 21 sierpnia 2013 10:39:50 Ruben Pollan pisze:
>>> Quoting Matej Kovacic (2013-08-21 09:49:13)
>>> 
>>>> All mail sent to the list should then be encrypted (recipient is mailing
>>>> list address and user has it's public GPG key). Mailing list would then
>>>> decrypt it, and deliver that message to it's users encrypted and signed.
>>> 
>>> There is already a mailing list software that does that:
>>> https://schleuder2.nadir.org/
>> 
>> Also, I believe Sympa can handle that:
>> https://www.sympa.org/
> 
> http://non-gnu.uvt.nl/mailman-ssls/
> 




From drwho at virtadpt.net  Wed Aug 21 09:26:39 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 21 Aug 2013 12:26:39 -0400
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious
 JS Discovered
In-Reply-To: <1667278.03mGxC4lYX@laptosid>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
 <1376330801.10168.1.camel@anglachel> <520BBB8C.5040009@virtadpt.net>
 <1667278.03mGxC4lYX@laptosid>
Message-ID: <5214EA3F.1060806@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/19/2013 10:59 AM, rysiek wrote:

> I like the idea of DEA's mission being traficking of drugs, well
> played, Sir.

<facepalm>

Yeah, I'm definitely not computing with all 64 bits right now.. at
least it was a funny typo.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Meeble!  Meeble meeble meeble!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIU6j8ACgkQO9j/K4B7F8F5vgCg0+dIBmVbKiuPZM/swx1AHODf
NmEAnisKUTQrBqHhvXBwFayugMD1wD3P
=sZaA
-----END PGP SIGNATURE-----




From drwho at virtadpt.net  Wed Aug 21 09:28:06 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 21 Aug 2013 12:28:06 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5212488E.5070807@cpunk.us>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
Message-ID: <5214EA96.5090300@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/19/2013 12:32 PM, CryptoFreak wrote:

> The solution *could* be to host their own mail server if it were
> made easy enough for them. I'm thinking something like a Raspberry
> Pi with very well designed web UI for simple configuration and
> management. Include a nice webmail client and even most non-techies
> could probably do this.

That is pretty much what Freedombox wants to do.  Whether or not it'll
actually catch on... I know what I think will happen, so let's open
the floor for opinions from people who've slept more than four hours
in the past two days.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Meeble!  Meeble meeble meeble!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIU6pYACgkQO9j/K4B7F8HwOACffl7EwwJcXfoOZxjHFWQ+6LRZ
oqEAoIVCguoz4muxeB6cvksMsoVZJvri
=HqmU
-----END PGP SIGNATURE-----




From drwho at virtadpt.net  Wed Aug 21 09:31:46 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 21 Aug 2013 12:31:46 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us> <52127CA8.1020409@krugar.info>
 <20130819204758.GG19173@uriel.asininetech.com>
 <CAD2Ti2-N2=3V9m8OnZ61k36Dpm6jJ53e3i=GVzK2i=3GbYWF9w@mail.gmail.com>
 <CAJpBq5OymEG8aQ=A7At4gz-cM6XF=xmM7LMRAOmU+fAxxZNQgQ@mail.gmail.com>
 <CAHWD2rJ9WPdqn8SB+Z_32+6SXRbWohmmdB3W2wHF6pGttZc4nA@mail.gmail.com>
 <CAOFDsm1K9jr8XvOvuA8Rpx+QwmaoQfHZPdr3DezxbBR63G9AjQ@mail.gmail.com>
Message-ID: <5214EB72.5000509@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/19/2013 06:54 PM, Steve Furlong wrote:

> everyone. I still haven't figured out whether that means that
> email encryption is too difficult to set up and use or it means
> that most everyone is mostly too stupid.)

I don't know, either.  I do know that the number of people who think
that two mouseclicks to start the Tor Browser Bundle "is too hard to
do," (yes, people say this) is stupidly high.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Meeble!  Meeble meeble meeble!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIU63IACgkQO9j/K4B7F8F60wCgj8qfALDzuxxyRbUEtn5sfqnV
bBAAoLOLr37Q5G1rd9d7yV3EdykHxPYJ
=7n8v
-----END PGP SIGNATURE-----




From rysiek at hackerspace.pl  Wed Aug 21 03:43:40 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 12:43:40 +0200
Subject: Encrypted mailing lists?
In-Reply-To: <20130821083950.6458.14953@hermes>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
Message-ID: <2831997.rqjLtGiVRi@laptosid>

Dnia środa, 21 sierpnia 2013 10:39:50 Ruben Pollan pisze:
> Quoting Matej Kovacic (2013-08-21 09:49:13)
> 
> > All mail sent to the list should then be encrypted (recipient is mailing
> > list address and user has it's public GPG key). Mailing list would then
> > decrypt it, and deliver that message to it's users encrypted and signed.
> 
> There is already a mailing list software that does that:
> https://schleuder2.nadir.org/

Also, I believe Sympa can handle that:
https://www.sympa.org/

We have Sympa running our mailing lists at my job, I'll try to test/verify 
that.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/e3f4bbfc/attachment.sig>

From bascule at gmail.com  Wed Aug 21 12:43:41 2013
From: bascule at gmail.com (Tony Arcieri)
Date: Wed, 21 Aug 2013 12:43:41 -0700
Subject: [liberationtech] How Laura Poitras Helped Snowden Spill His
 Secrets
In-Reply-To: <20130821121612.GF29404@leitl.org>
References: <20130821121612.GF29404@leitl.org>
Message-ID: <CAHOTMVJFUdE1KYGdccohg1s9ODmC04Rn5WVP-T6d3QFDAiLV7w@mail.gmail.com>

On Wed, Aug 21, 2013 at 5:16 AM, Eugen Leitl <eugen at leitl.org> wrote:

> This past January, Laura Poitras received a curious e-mail from an
> anonymous
> stranger requesting her public encryption key. For almost two years,
> Poitras
> had been working on a documentary about surveillance, and she occasionally
> received queries from strangers. She replied to this one and sent her
> public
> key — allowing him or her to send an encrypted e-mail that only Poitras
> could
> open, with her private key


Then the NSA MitMed her unauthenticated plaintext email, replacing her
public key with theirs, and were able to intercept all of the Snowden
emails. Oops!

-- 
Tony Arcieri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1008 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/c7615940/attachment.txt>

From drwho at virtadpt.net  Wed Aug 21 09:44:45 2013
From: drwho at virtadpt.net (The Doctor)
Date: Wed, 21 Aug 2013 12:44:45 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <521470F9.4040303@owca.info>
References: <521470F9.4040303@owca.info>
Message-ID: <5214EE7D.2000003@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/21/2013 03:49 AM, Matej Kovacic wrote:

> I think that it would be really great if Mailman (and other mailing
> list applications) would support encryption. When user will
> register to mailing list he or she should send his/her public GPG
> key to the Mailman server. He/she would then receive public GPG key
> of mailing list.

Not a bad idea.

> All mail sent to the list should then be encrypted (recipient is
> mailing list address and user has it's public GPG key). Mailing
> list would then decrypt it, and deliver that message to it's users
> encrypted and signed.

A given message could be encrypted to the public keys of every
recipient of the list - entirely doable.  It could even be done with
gpg and the -R option (Encrypt to user ID, but hide the key ID).  Not
that this would particularly help with publically archived mailing
lists because the e-mail addresses of origin would be public (SMTP
spoofing as a way of life?)

> What do you think?

I think it's an experiment that would generate interesting results.
I'd be especially interested in seeing what CPU utilization on the
server side is like under varying traffic loads (for better speccing
out servers to run such a mailing list).

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Meeble!  Meeble meeble meeble!

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIU7n0ACgkQO9j/K4B7F8GnpwCfY8HMjrys2eWPH/nR1GS2TN5I
e0wAoLwUQHPwobW+Fc8wOsXBGdkuzLkr
=uJgL
-----END PGP SIGNATURE-----




From rysiek at hackerspace.pl  Wed Aug 21 03:46:52 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 12:46:52 +0200
Subject: David and Glenn in Berlin
In-Reply-To: <20130821064210.GK29404@leitl.org>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
 <20130821064210.GK29404@leitl.org>
Message-ID: <16016895.9dGq9WitnD@laptosid>

Dnia środa, 21 sierpnia 2013 08:42:10 Eugen Leitl pisze:
> On Tue, Aug 20, 2013 at 04:14:39PM -0400, grarpamp wrote:
> > > T word
> > 
> > The word is TERRORIST aka: criminal.
> > A shame that some words cannot be said or
> > that some cannot say them.
> 
> These days everybody is a terrorist. Excuse
> me while I fix me up some breakfast terrorism, brb.

I am starting to use the word "terrist" in any public context where 
"terrorist" is supposed to be used. Just for shits and giggles.

"War on Terrists"
"Terrist plot"
 etc.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/13b04a43/attachment.sig>

From jya at pipeline.com  Wed Aug 21 09:49:48 2013
From: jya at pipeline.com (John Young)
Date: Wed, 21 Aug 2013 12:49:48 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
Message-ID: <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>

Worse, why limit a cypherpunks list to only those who
use encryption? Several of the cpunks' bastard offsprings set
up their own gated communities, unable to put up with those
who ridiculed their advocacy of really really opinionated
discussion of the glories of crypto.

What has been learned since early days of cypherpunks
is that all encryption is faulty and survives on willing suspension
of disbelief. Not the math, oh never, which is as infallible as the
Pope and Muhammad, it's the disbelievers in other people's
faith-based communities and who are dedicated to finding faults
over there to divert attention from those in here.

Still, even back then, encrypted messages were posted by
enthusiasts. Nobody answered, many said get the fuck out.


At 12:20 PM 8/21/2013, you wrote:
>What's the point of encrypting the output of a mailing list to which 
>anyone can subscribe?
>
>-jp
>
>--
>Jeffrey Paul  +1-312-361-0355
>5539 AD00 DE4C 42F3 AFE1 1575 0524 43F4 DF2A 55C2





From mjones at pencil.allmail.net  Wed Aug 21 04:04:45 2013
From: mjones at pencil.allmail.net (Moon Jones)
Date: Wed, 21 Aug 2013 13:04:45 +0200
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <20130821093653.GC9448@uriel.asininetech.com>
References: <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
 <CAHWD2r+WTQck6J_NO8mS-CQp4K_cn+3B7HuwtmcnEYgFunAGKw@mail.gmail.com>
 <20130819164436.GC19173@uriel.asininetech.com>
 <52135DE3.70203@pencil.allmail.net>
 <20130820124356.GB9448@uriel.asininetech.com>
 <5213CE63.4020904@pencil.allmail.net>
 <20130821093653.GC9448@uriel.asininetech.com>
Message-ID: <52149ECD.8090409@pencil.allmail.net>

On 21.08.2013 11:36, staticsafe wrote:
> On Tue, Aug 20, 2013 at 10:15:31PM +0200, Moon Jones wrote:
>> On 20.08.2013 14:43, staticsafe wrote:
>>> On Tue, Aug 20, 2013 at 02:15:31PM +0200, Moon Jones wrote:
>>>> On 19.08.2013 18:44, staticsafe wrote:
>>>>> The biggest problem being spam. We need to educate typical e-mail users
>>>>> about e-mail hygiene and spam fighting.
>>>>
>>>> What do you mean by «e-mail hygiene» and «spam fighting»?
>>>
>>> E-mail hygiene:
>>> - Using aliases for every company you deal with, or using recipient
>>>    delimiters like "+" so it is easier to find out which company sold you
>>>    out.
>>> - Exercise more caution when handing out your "primary" address
>>> - Avoid services that like to spam your addressbook (see: LinkedIn etc.)
>>>
>>> Spam fighting:
>>> - Using DNSBLs to cut down on the crap
>>> - Training spamassassin's DB with ham and spam.
>>> - Enact rate limiting policies so that a compromised account can only do
>>>    limited amount of damage.
>>
>> Oops. My bad.
>>
>> Than what do you mean by «typical e-mail user»?
>>
>
> Someone who primarily uses webmail and big e-mail service providers.
> Probably doesn't even /care/ about e-mail, e-mail isn't cool after all.
> ;)


Yea, but aren't they impossible for that type of typical email user?

Aliases for every company? Most providers don't offer aliases. Or they 
do it Yahoo style with one or two options. + addressing it's also badly 
supported. Thus the primary address is the only one. Having a whole 
subdomain is not available from the major services, not if it's an @work 
address. And it's not foolproof as I started noticing spam for generated 
addresses (say RandomString at user.domain.com)

How could one find out the spammy services other than by experience. 
This is precisely how I found out about linked in. And that's just 
because there's no other way to reach that data. And bugmenot was 
crippled before taking off.

DNSBL? I don't have a plugin for that in Thunderbird. And I can control 
what the provider does. Sure, most go for spamassassin as it leads to 
less false positives than a bayesian filter, but there's nothing the 
user can do.

In the end, what one can do to teach people of «e-mail hygiene» and 
«spam fighting»?




From l at odewijk.nl  Wed Aug 21 04:20:53 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Wed, 21 Aug 2013 13:20:53 +0200
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <20130811101328.GA386@netbook.cypherspace.org>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
 <20130811101328.GA386@netbook.cypherspace.org>
Message-ID: <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>

Torrents show. Bitcoin shows.

Common protocol, many clients, graceful as possible failures, distributed
everything.

Else you'll always have a centralized something that can get broken.

The alternative answer is that you're dealing with two problems. Political
problems, from gag-order-ish affairs to licenses to prevent you from doing
it, and operational problems, the implanted code, the coerced backdoor.

Political problems call for political solutions. Distributing everything is
an approach to evade them. Just like we can write code we can write a legal
structure for our entities. Mega is  doing just that. Put the right thing
in the right country, evade certain punishable things but deal with their
use cases. Basically you're looking at a system of laws, and you're
programming a way to not be subject to them. You musn't forget that laws
move, however slowly. (like dealing with changing APIs)

Operational problems are historically dealt with by controlling the people
working on the project. You should get those with iron loyalty and
confidence in the greater good you're doing. That's nearly impossible to be
sure about and NSL-type-things make it excruciatingly hard for them. Then
layering, rounds of approval, people approving in different nations, etc.
Which is a combined political and physical means of dealing with the
problem.

I'm pretty sure that ATM it is unfeasible to produce code that doesn't
contain backdoors. Formal proofs are touchy and hard to read. Code gets
complicated and large. Backdoors are elaborate and sneaky. But the
political problems can be dealt with. And minimizing the code that can
contain backdoors is also a good idea.

You could also go for the never-done-in-production testing method where you
have two (or more) distinct implementations of the same thing, and you see
if the results are totally correct. That way someone would have to hide two
backdoors, for two different programs, in the same payload without breaking
the program the backdoor is not meant for.

There's ways. It's a lot of work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2326 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/4302aa23/attachment.txt>

From rysiek at hackerspace.pl  Wed Aug 21 04:25:37 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 13:25:37 +0200
Subject: David and Glenn in Berlin
In-Reply-To: <CAARJRB6kotCEbDKTjKX3EkNjwvgCCQ_GsG67d+2Cps2E0T+0rg@mail.gmail.com>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <16016895.9dGq9WitnD@laptosid>
 <CAARJRB6kotCEbDKTjKX3EkNjwvgCCQ_GsG67d+2Cps2E0T+0rg@mail.gmail.com>
Message-ID: <6321214.2bWbQpJKvl@laptosid>

Dnia środa, 21 sierpnia 2013 07:03:33 Bill St. Clair pisze:
> Add nuculer to terrist, and you can start doing George W. Bush impressions.

http://www.youtube.com/watch?v=OoASZyihalc

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/e7eee4be/attachment.sig>

From eugen at leitl.org  Wed Aug 21 05:16:12 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 14:16:12 +0200
Subject: How Laura Poitras Helped Snowden Spill His Secrets
Message-ID: <20130821121612.GF29404@leitl.org>


(possible dupe)

http://www.nytimes.com/2013/08/18/magazine/laura-poitras-snowden.html?ref=todayspaper&_r=1&&pagewanted=all&pagewanted=print

How Laura Poitras Helped Snowden Spill His Secrets

By PETER MAASS

This past January, Laura Poitras received a curious e-mail from an anonymous
stranger requesting her public encryption key. For almost two years, Poitras
had been working on a documentary about surveillance, and she occasionally
received queries from strangers. She replied to this one and sent her public
key — allowing him or her to send an encrypted e-mail that only Poitras could
open, with her private key — but she didn’t think much would come of it.

The stranger responded with instructions for creating an even more secure
system to protect their exchanges. Promising sensitive information, the
stranger told Poitras to select long pass phrases that could withstand a
brute-force attack by networked computers. “Assume that your adversary is
capable of a trillion guesses per second,” the stranger wrote.

Before long, Poitras received an encrypted message that outlined a number of
secret surveillance programs run by the government. She had heard of one of
them but not the others. After describing each program, the stranger wrote
some version of the phrase, “This I can prove.”

Seconds after she decrypted and read the e-mail, Poitras disconnected from
the Internet and removed the message from her computer. “I thought, O.K., if
this is true, my life just changed,” she told me last month. “It was
staggering, what he claimed to know and be able to provide. I just knew that
I had to change everything.”

Poitras remained wary of whoever it was she was communicating with. She
worried especially that a government agent might be trying to trick her into
disclosing information about the people she interviewed for her documentary,
including Julian Assange, the editor of WikiLeaks. “I called him out,”
Poitras recalled. “I said either you have this information and you are taking
huge risks or you are trying to entrap me and the people I know, or you’re
crazy.”

The answers were reassuring but not definitive. Poitras did not know the
stranger’s name, sex, age or employer (C.I.A.? N.S.A.? Pentagon?). In early
June, she finally got the answers. Along with her reporting partner, Glenn
Greenwald, a former lawyer and a columnist for The Guardian, Poitras flew to
Hong Kong and met the N.S.A. contractor Edward J. Snowden, who gave them
thousands of classified documents, setting off a major controversy over the
extent and legality of government surveillance. Poitras was right that, among
other things, her life would never be the same.

Greenwald lives and works in a house surrounded by tropical foliage in a
remote area of Rio de Janeiro. He shares the home with his Brazilian partner
and their 10 dogs and one cat, and the place has the feel of a low-key
fraternity that has been dropped down in the jungle. The kitchen clock is off
by hours, but no one notices; dishes tend to pile up in the sink; the living
room contains a table and a couch and a large TV, an Xbox console and a box
of poker chips and not much else. The refrigerator is not always filled with
fresh vegetables. A family of monkeys occasionally raids the banana trees in
the backyard and engages in shrieking battles with the dogs.

Greenwald does most of his work on a shaded porch, usually dressed in a
T-shirt, surfer shorts and flip-flops. Over the four days I spent there, he
was in perpetual motion, speaking on the phone in Portuguese and English,
rushing out the door to be interviewed in the city below, answering calls and
e-mails from people seeking information about Snowden, tweeting to his
225,000 followers (and conducting intense arguments with a number of them),
then sitting down to write more N.S.A. articles for The Guardian, all while
pleading with his dogs to stay quiet. During one especially fever-pitched
moment, he hollered, “Shut up, everyone,” but they didn’t seem to care.

Amid the chaos, Poitras, an intense-looking woman of 49, sat in a spare
bedroom or at the table in the living room, working in concentrated silence
in front of her multiple computers. Once in a while she would walk over to
the porch to talk with Greenwald about the article he was working on, or he
would sometimes stop what he was doing to look at the latest version of a new
video she was editing about Snowden. They would talk intensely — Greenwald
far louder and more rapid-fire than Poitras — and occasionally break out
laughing at some shared joke or absurd memory. The Snowden story, they both
said, was a battle they were waging together, a fight against powers of
surveillance that they both believe are a threat to fundamental American
liberties.

Two reporters for The Guardian were in town to assist Greenwald, so some of
our time was spent in the hotel where they were staying along Copacabana
Beach, the toned Brazilians playing volleyball in the sand below lending the
whole thing an added layer of surreality. Poitras has shared the byline on
some of Greenwald’s articles, but for the most part she has preferred to stay
in the background, letting him do the writing and talking. As a result,
Greenwald is the one hailed as either a fearless defender of individual
rights or a nefarious traitor, depending on your perspective. “I keep calling
her the Keyser Soze of the story, because she’s at once completely invisible
and yet ubiquitous,” Greenwald said, referring to the character in “The Usual
Suspects” played by Kevin Spacey, a mastermind masquerading as a nobody.
“She’s been at the center of all of this, and yet no one knows anything about
her.”

As dusk fell one evening, I followed Poitras and Greenwald to the newsroom of
O Globo, one of the largest newspapers in Brazil. Greenwald had just
published an article there detailing how the N.S.A. was spying on Brazilian
phone calls and e-mails. The article caused a huge scandal in Brazil, as
similar articles have done in other countries around the world, and Greenwald
was a celebrity in the newsroom. The editor in chief pumped his hand and
asked him to write a regular column; reporters took souvenir pictures with
their cellphones. Poitras filmed some of this, then put her camera down and
looked on. I noted that nobody was paying attention to her, that all eyes
were on Greenwald, and she smiled. “That’s right,” she said. “That’s
perfect.”

Poitras seems to work at blending in, a function more of strategy than of
shyness. She can actually be remarkably forceful when it comes to managing
information. During a conversation in which I began to ask her a few
questions about her personal life, she remarked, “This is like visiting the
dentist.” The thumbnail portrait is this: She was raised in a well-off family
outside Boston, and after high school, she moved to San Francisco to work as
a chef in upscale restaurants. She also took classes at the San Francisco Art
Institute, where she studied under the experimental filmmaker Ernie Gehr. In
1992, she moved to New York and began to make her way in the film world,
while also enrolling in graduate classes in social and political theory at
the New School. Since then she has made five films, most recently “The Oath,”
about the Guantánamo prisoner Salim Hamdan and his brother-in-law back in
Yemen, and has been the recipient of a Peabody Award and a MacArthur award.

On Sept. 11, 2001, Poitras was on the Upper West Side of Manhattan when the
towers were attacked. Like most New Yorkers, in the weeks that followed she
was swept up in both mourning and a feeling of unity. It was a moment, she
said, when “people could have done anything, in a positive sense.” When that
moment led to the pre-emptive invasion of Iraq, she felt that her country had
lost its way. “We always wonder how countries can veer off course,” she said.
“How do people let it happen, how do people sit by during this slipping of
boundaries?” Poitras had no experience in conflict zones, but in June 2004,
she went to Iraq and began documenting the occupation.

Shortly after arriving in Baghdad, she received permission to go to Abu
Ghraib prison to film a visit by members of Baghdad’s City Council. This was
just a few months after photos were published of American soldiers abusing
prisoners there. A prominent Sunni doctor was part of the visiting
delegation, and Poitras shot a remarkable scene of his interaction with
prisoners there, shouting that they were locked up for no good reason.

The doctor, Riyadh al-Adhadh, invited Poitras to his clinic and later allowed
her to report on his life in Baghdad. Her documentary, “My Country, My
Country,” is centered on his family’s travails — the shootings and blackouts
in their neighborhood, the kidnapping of a nephew. The film premiered in
early 2006 and received widespread acclaim, including an Oscar nomination for
best documentary.

Attempting to tell the story of the war’s effect on Iraqi citizens made
Poitras the target of serious — and apparently false — accusations. On Nov.
19, 2004, Iraqi troops, supported by American forces, raided a mosque in the
doctor’s neighborhood of Adhamiya, killing several people inside. The next
day, the neighborhood erupted in violence. Poitras was with the doctor’s
family, and occasionally they would go to the roof of the home to get a sense
of what was going on. On one of those rooftop visits, she was seen by
soldiers from an Oregon National Guard battalion. Shortly after, a group of
insurgents launched an attack that killed one of the Americans. Some soldiers
speculated that Poitras was on the roof because she had advance notice of the
attack and wanted to film it. Their battalion commander, Lt. Col. Daniel
Hendrickson, retired, told me last month that he filed a report about her to
brigade headquarters.

There is no evidence to support this claim. Fighting occurred throughout the
neighborhood that day, so it would have been difficult for any journalist to
not be near the site of an attack. The soldiers who made the allegation told
me that they have no evidence to prove it. Hendrickson told me his brigade
headquarters never got back to him.

For several months after the attack in Adhamiya, Poitras continued to live in
the Green Zone and work as an embedded journalist with the U.S. military. She
has screened her film to a number of military audiences, including at the
U.S. Army War College. An officer who interacted with Poitras in Baghdad,
Maj. Tom Mowle, retired, said Poitras was always filming and it “completely
makes sense” she would film on a violent day. “I think it’s a pretty
ridiculous allegation,” he said.

Although the allegations were without evidence, they may be related to
Poitras’s many detentions and searches. Hendrickson and another soldier told
me that in 2007 — months after she was first detained — investigators from
the Department of Justice’s Joint Terrorism Task Force interviewed them,
inquiring about Poitras’s activities in Baghdad that day. Poitras was never
contacted by those or any other investigators, however. “Iraq forces and the
U.S. military raided a mosque during Friday prayers and killed several
people,” Poitras said. “Violence broke out the next day. I am a documentary
filmmaker and was filming in the neighborhood. Any suggestion I knew about an
attack is false. The U.S. government should investigate who ordered the raid,
not journalists covering the war.”

In June 2006, her tickets on domestic flights were marked “SSSS” — Secondary
Security Screening Selection — which means the bearer faces extra scrutiny
beyond the usual measures. She was detained for the first time at Newark
International Airport before boarding a flight to Israel, where she was
showing her film. On her return flight, she was held for two hours before
being allowed to re-enter the country. The next month, she traveled to Bosnia
to show the film at a festival there. When she flew out of Sarajevo and
landed in Vienna, she was paged on the airport loudspeaker and told to go to
a security desk; from there she was led to a van and driven to another part
of the airport, then taken into a room where luggage was examined.

“They took my bags and checked them,” Poitras said. “They asked me what I was
doing, and I said I was showing a movie in Sarajevo about the Iraq war. And
then I sort of befriended the security guy. I asked what was going on. He
said: ‘You’re flagged. You have a threat score that is off the Richter scale.
You are at 400 out of 400.’ I said, ‘Is this a scoring system that works
throughout all of Europe, or is this an American scoring system?’ He said.
‘No, this is your government that has this and has told us to stop you.’ ”

After 9/11, the U.S. government began compiling a terrorist watch list that
was at one point estimated to contain nearly a million names. There are at
least two subsidiary lists that relate to air travel. The no-fly list
contains the names of tens of thousands of people who are not allowed to fly
into or out of the country. The selectee list, which is larger than the
no-fly list, subjects people to extra airport inspections and questioning.
These lists have been criticized by civil rights groups for being too broad
and arbitrary and for violating the rights of Americans who are on them.

In Vienna, Poitras was eventually cleared to board her connecting flight to
New York, but when she landed at J.F.K., she was met at the gate by two armed
law-enforcement agents and taken to a room for questioning. It is a routine
that has happened so many times since then — on more than 40 occasions — that
she has lost precise count. Initially, she said, the authorities were
interested in the paper she carried, copying her receipts and, once, her
notebook. After she stopped carrying her notes, they focused on her
electronics instead, telling her that if she didn’t answer their questions,
they would confiscate her gear and get their answers that way. On one
occasion, Poitras says, they did seize her computers and cellphones and kept
them for weeks. She was also told that her refusal to answer questions was
itself a suspicious act. Because the interrogations took place at
international boarding crossings, where the government contends that ordinary
constitutional rights do not apply, she was not permitted to have a lawyer
present.

“It’s a total violation,” Poitras said. “That’s how it feels. They are
interested in information that pertains to the work I am doing that’s clearly
private and privileged. It’s an intimidating situation when people with guns
meet you when you get off an airplane.”

Though she has written to members of Congress and has submitted Freedom of
Information Act requests, Poitras has never received any explanation for why
she was put on a watch list. “It’s infuriating that I have to speculate why,”
she said. “When did that universe begin, that people are put on a list and
are never told and are stopped for six years? I have no idea why they did it.
It’s the complete suspension of due process.” She added: “I’ve been told
nothing, I’ve been asked nothing, and I’ve done nothing. It’s like Kafka.
Nobody ever tells you what the accusation is.”

After being detained repeatedly, Poitras began taking steps to protect her
data, asking a traveling companion to carry her laptop, leaving her notebooks
overseas with friends or in safe deposit boxes. She would wipe her computers
and cellphones clean so that there would be nothing for the authorities to
see. Or she encrypted her data, so that law enforcement could not read any
files they might get hold of. These security preparations could take a day or
more before her travels.

It wasn’t just border searches that she had to worry about. Poitras said she
felt that if the government was suspicious enough to interrogate her at
airports, it was also most likely surveilling her e-mail, phone calls and Web
browsing. “I assume that there are National Security Letters on my e-mails,”
she told me, referring to one of the secretive surveillance tools used by the
Department of Justice. A National Security Letter requires its recipients —
in most cases, Internet service providers and phone companies — to provide
customer data without notifying the customers or any other parties. Poitras
suspected (but could not confirm, because her phone company and I.S.P. would
be prohibited from telling her) that the F.B.I. had issued National Security
Letters for her electronic communications.

Once she began working on her surveillance film in 2011, she raised her
digital security to an even higher level. She cut down her use of a
cellphone, which betrays not only who you are calling and when, but your
location at any given point in time. She was careful about e-mailing
sensitive documents or having sensitive conversations on the phone. She began
using software that masked the Web sites she visited. After she was contacted
by Snowden in 2013, she tightened her security yet another notch. In addition
to encrypting any sensitive e-mails, she began using different computers for
editing film, for communicating and for reading sensitive documents (the one
for sensitive documents is air-gapped, meaning it has never been connected to
the Internet).

These precautions might seem paranoid — Poitras describes them as “pretty
extreme” — but the people she has interviewed for her film were targets of
the sort of surveillance and seizure that she fears. William Binney, a former
top N.S.A. official who publicly accused the agency of illegal surveillance,
was at home one morning in 2007 when F.B.I. agents burst in and aimed their
weapons at his wife, his son and himself. Binney was, at the moment the agent
entered his bathroom and pointed a gun at his head, naked in the shower. His
computers, disks and personal records were confiscated and have not yet been
returned. Binney has not been charged with any crime.

Jacob Appelbaum, a privacy activist who was a volunteer with WikiLeaks, has
also been filmed by Poitras. The government issued a secret order to Twitter
for access to Appelbaum’s account data, which became public when Twitter
fought the order. Though the company was forced to hand over the data, it was
allowed to tell Appelbaum. Google and a small I.S.P. that Appelbaum used were
also served with secret orders and fought to alert him. Like Binney,
Appelbaum has not been charged with any crime.

Poitras endured the airport searches for years with little public complaint,
lest her protests generate more suspicion and hostility from the government,
but last year she reached a breaking point. While being interrogated at
Newark after a flight from Britain, she was told she could not take notes. On
the advice of lawyers, Poitras always recorded the names of border agents and
the questions they asked and the material they copied or seized. But at
Newark, an agent threatened to handcuff her if she continued writing. She was
told that she was being barred from writing anything down because she might
use her pen as a weapon.

“Then I asked for crayons,” Poitras recalled, “and he said no to crayons.”

She was taken into another room and interrogated by three agents — one was
behind her, another asked the questions, the third was a supervisor. “It went
on for maybe an hour and a half,” she said. “I was taking notes of their
questions, or trying to, and they yelled at me. I said, ‘Show me the law
where it says I can’t take notes.’ We were in a sense debating what they were
trying to forbid me from doing. They said, ‘We are the ones asking the
questions.’ It was a pretty aggressive, antagonistic encounter.”

Poitras met Greenwald in 2010, when she became interested in his work on
WikiLeaks. In 2011, she went to Rio to film him for her documentary. He was
aware of the searches and asked several times for permission to write about
them. After Newark, she gave him a green light.

“She said, ‘I’ve had it,’ ” Greenwald told me. “Her ability to take notes and
document what was happening was her one sense of agency, to maintain some
degree of control. Documenting is what she does. I think she was feeling that
the one vestige of security and control in this situation had been taken away
from her, without any explanation, just as an arbitrary exercise of power.”

At the time, Greenwald was a writer for Salon. His article, “U.S. Filmmaker
Repeatedly Detained at Border,” was published in April 2012. Shortly after it
was posted, the detentions ceased. Six years of surveillance and harassment,
Poitras hoped, might be coming to an end.

Poitras was not Snowden’s first choice as the person to whom he wanted to
leak thousands of N.S.A. documents. In fact, a month before contacting her,
he reached out to Greenwald, who had written extensively and critically about
the wars in Iraq and Afghanistan and the erosion of civil liberties in the
wake of 9/11. Snowden anonymously sent him an e-mail saying he had documents
he wanted to share, and followed that up with a step-by-step guide on how to
encrypt communications, which Greenwald ignored. Snowden then sent a link to
an encryption video, also to no avail.

“It’s really annoying and complicated, the encryption software,” Greenwald
said as we sat on his porch during a tropical drizzle. “He kept harassing me,
but at some point he just got frustrated, so he went to Laura.”

Snowden had read Greenwald’s article about Poitras’s troubles at U.S.
airports and knew she was making a film about the government’s surveillance
programs; he had also seen a short documentary about the N.S.A. that she made
for The New York Times Op-Docs. He figured that she would understand the
programs he wanted to leak about and would know how to communicate in a
secure way.

By late winter, Poitras decided that the stranger with whom she was
communicating was credible. There were none of the provocations that she
would expect from a government agent — no requests for information about the
people she was in touch with, no questions about what she was working on.
Snowden told her early on that she would need to work with someone else, and
that she should reach out to Greenwald. She was unaware that Snowden had
already tried to contact Greenwald, and Greenwald would not realize until he
met Snowden in Hong Kong that this was the person who had contacted him more
than six months earlier.

There were surprises for everyone in these exchanges — including Snowden, who
answered questions that I submitted to him through Poitras. In response to a
question about when he realized he could trust Poitras, he wrote: “We came to
a point in the verification and vetting process where I discovered Laura was
more suspicious of me than I was of her, and I’m famously paranoid.” When I
asked him about Greenwald’s initial silence in response to his requests and
instructions for encrypted communications, Snowden replied: “I know
journalists are busy and had assumed being taken seriously would be a
challenge, especially given the paucity of detail I could initially offer. At
the same time, this is 2013, and [he is] a journalist who regularly reported
on the concentration and excess of state power. I was surprised to realize
that there were people in news organizations who didn’t recognize any
unencrypted message sent over the Internet is being delivered to every
intelligence service in the world.”

In April, Poitras e-mailed Greenwald to say they needed to speak face to
face. Greenwald happened to be in the United States, speaking at a conference
in a suburb of New York City, and the two met in the lobby of his hotel. “She
was very cautious,” Greenwald recalled. “She insisted that I not take my
cellphone, because of this ability the government has to remotely listen to
cellphones even when they are turned off. She had printed off the e-mails,
and I remember reading the e-mails and felt intuitively that this was real.
The passion and thought behind what Snowden — who we didn’t know was Snowden
at the time — was saying was palpable.”

Greenwald installed encryption software and began communicating with the
stranger. Their work was organized like an intelligence operation, with
Poitras as the mastermind. “Operational security — she dictated all of that,”
Greenwald said. “Which computers I used, how I communicated, how I
safeguarded the information, where copies were kept, with whom they were
kept, in which places. She has this complete expert level of understanding of
how to do a story like this with total technical and operational safety. None
of this would have happened with anything near the efficacy and impact it
did, had she not been working with me in every sense and really taking the
lead in coordinating most of it.”

Snowden began to provide documents to the two of them. Poitras wouldn’t tell
me when he began sending her documents; she does not want to provide the
government with information that could be used in a trial against Snowden or
herself. He also said he would soon be ready to meet them. When Poitras asked
if she should plan on driving to their meeting or taking a train, Snowden
told her to be ready to get on a plane.

In May, he sent encrypted messages telling the two of them to go to Hong
Kong. Greenwald flew to New York from Rio, and Poitras joined him for
meetings with the editor of The Guardian’s American edition. With the paper’s
reputation on the line, the editor asked them to bring along a veteran
Guardian reporter, Ewen MacAskill, and on June 1, the trio boarded a 16-hour
flight from J.F.K. to Hong Kong.

Snowden had sent a small number of documents to Greenwald, about 20 in all,
but Poitras had received a larger trove, which she hadn’t yet had the
opportunity to read closely. On the plane, Greenwald began going through its
contents, eventually coming across a secret court order requiring Verizon to
give its customer phone records to the N.S.A. The four-page order was from
the Foreign Intelligence Surveillance Court, a panel whose decisions are
highly classified. Although it was rumored that the N.S.A. was collecting
large numbers of American phone records, the government always denied it.

Poitras, sitting 20 rows behind Greenwald, occasionally went forward to talk
about what he was reading. As the man sitting next to him slept, Greenwald
pointed to the FISA order on his screen and asked Poitras: “Have you seen
this? Is this saying what I’m thinking it’s saying?”

At times, they talked so animatedly that they disturbed passengers who were
trying to sleep; they quieted down. “We couldn’t believe just how momentous
this occasion was,” Greenwald said. “When you read these documents, you get a
sense of the breadth of them. It was a rush of adrenaline and ecstasy and
elation. You feel you are empowered for the first time because there’s this
mammoth system that you try and undermine and subvert and shine a light on —
but you usually can’t make any headway, because you don’t have any
instruments to do it — [and now] the instruments were suddenly in our lap.”

Snowden had instructed them that once they were in Hong Kong, they were to go
at an appointed time to the Kowloon district and stand outside a restaurant
that was in a mall connected to the Mira Hotel. There, they were to wait
until they saw a man carrying a Rubik’s Cube, then ask him when the
restaurant would open. The man would answer their question, but then warn
that the food was bad. When the man with the Rubik’s Cube arrived, it was
Edward Snowden, who was 29 at the time but looked even younger.

“Both of us almost fell over when we saw how young he was,” Poitras said,
still sounding surprised. “I had no idea. I assumed I was dealing with
somebody who was really high-level and therefore older. But I also knew from
our back and forth that he was incredibly knowledgeable about computer
systems, which put him younger in my mind. So I was thinking like 40s,
somebody who really grew up on computers but who had to be at a higher
level.”

In our encrypted chat, Snowden also remarked on this moment: “I think they
were annoyed that I was younger than they expected, and I was annoyed that
they had arrived too early, which complicated the initial verification. As
soon as we were behind closed doors, however, I think everyone was reassured
by the obsessive attention to precaution and bona fides.”

They followed Snowden to his room, where Poitras immediately shifted into
documentarian mode, taking her camera out. “It was a little bit tense, a
little uncomfortable,” Greenwald said of those initial minutes. “We sat down,
and we just started chatting, and Laura was immediately unpacking her camera.
The instant that she turned on the camera, I very vividly recall that both he
and I completely stiffened up.”

Greenwald began the questioning. “I wanted to test the consistency of his
claims, and I just wanted all the information I could get, given how much I
knew this was going to be affecting my credibility and everything else. We
weren’t really able to establish a human bond until after that five or six
hours was over.”

For Poitras, the camera certainly alters the human dynamic, but not in a bad
way. When someone consents to being filmed — even if the consent is
indirectly gained when she turns on the camera — this is an act of trust that
raises the emotional stakes of the moment. What Greenwald saw as stilted,
Poitras saw as a kind of bonding, the sharing of an immense risk. “There is
something really palpable and emotional in being trusted like that,” she
said.

Snowden, though taken by surprise, got used to it. “As one might imagine,
normally spies allergically avoid contact with reporters or media, so I was a
virgin source — everything was a surprise. . . . But we all knew what was at
stake. The weight of the situation actually made it easier to focus on what
was in the public interest rather than our own. I think we all knew there was
no going back once she turned the camera on.”

For the next week, their preparations followed a similar pattern — when they
entered Snowden’s room, they would remove their cellphone batteries and place
them in the refrigerator of Snowden’s minibar. They lined pillows against the
door, to discourage eavesdropping from outside, then Poitras set up her
camera and filmed. It was important to Snowden to explain to them how the
government’s intelligence machinery worked because he feared that he could be
arrested at any time.

Greenwald’s first articles — including the initial one detailing the Verizon
order he read about on the flight to Hong Kong — appeared while they were
still in the process of interviewing Snowden. It made for a strange
experience, creating the news together, then watching it spread. “We could
see it being covered,” Poitras said. “We were all surprised at how much
attention it was getting. Our work was very focused, and we were paying
attention to that, but we could see on TV that it was taking off. We were in
this closed circle, and around us we knew that reverberations were happening,
and they could be seen and they could be felt.”

Snowden told them before they arrived in Hong Kong that he wanted to go
public. He wanted to take responsibility for what he was doing, Poitras said,
and he didn’t want others to be unfairly targeted, and he assumed he would be
identified at some point. She made a 12½-minute video of him that was posted
online June 9, a few days after Greenwald’s first articles. It triggered a
media circus in Hong Kong, as reporters scrambled to learn their whereabouts.

There were a number of subjects that Poitras declined to discuss with me on
the record and others she wouldn’t discuss at all — some for security and
legal reasons, others because she wants to be the first to tell crucial parts
of her story in her own documentary. Of her parting with Snowden once the
video was posted, she would only say, “We knew that once it went public, it
was the end of that period of working.”

Snowden checked out of his hotel and went into hiding. Reporters found out
where Poitras was staying — she and Greenwald were at different hotels — and
phone calls started coming to her room. At one point, someone knocked on her
door and asked for her by name. She knew by then that reporters had
discovered Greenwald, so she called hotel security and arranged to be
escorted out a back exit.

She tried to stay in Hong Kong, thinking Snowden might want to see her again,
and because she wanted to film the Chinese reaction to his disclosures. But
she had now become a figure of interest herself, not just a reporter behind
the camera. On June 15, as she was filming a pro-Snowden rally outside the
U.S. consulate, a CNN reporter spotted her and began asking questions.
Poitras declined to answer and slipped away. That evening, she left Hong
Kong.

Poitras flew directly to Berlin, where the previous fall she rented an
apartment where she could edit her documentary without worrying that the
F.B.I. would show up with a search warrant for her hard drives. “There is a
filter constantly between the places where I feel I have privacy and don’t,”
she said, “and that line is becoming increasingly narrow.” She added: “I’m
not stopping what I’m doing, but I have left the country. I literally didn’t
feel like I could protect my material in the United States, and this was
before I was contacted by Snowden. If you promise someone you’re going to
protect them as a source and you know the government is monitoring you or
seizing your laptop, you can’t actually physically do it.”

After two weeks in Berlin, Poitras traveled to Rio, where I then met her and
Greenwald a few days later. My first stop was the Copacabana hotel, where
they were working that day with MacAskill and another visiting reporter from
The Guardian, James Ball. Poitras was putting together a new video about
Snowden that would be posted in a few days on The Guardian’s Web site.
Greenwald, with several Guardian reporters, was working on yet another
blockbuster article, this one about Microsoft’s close collaboration with the
N.S.A. The room was crowded — there weren’t enough chairs for everyone, so
someone was always sitting on the bed or floor. A number of thumb drives were
passed back and forth, though I was not told what was on them.

Poitras and Greenwald were worried about Snowden. They hadn’t heard from him
since Hong Kong. At the moment, he was stuck in diplomatic limbo in the
transit area of Moscow’s Sheremetyevo airport, the most-wanted man on the
planet, sought by the U.S. government for espionage. (He would later be
granted temporary asylum in Russia.) The video that Poitras was working on,
using footage she shot in Hong Kong, would be the first the world had seen of
Snowden in a month.

“Now that he’s incommunicado, we don’t know if we’ll even hear from him
again,” she said.

“Is he O.K.?” MacAskill asked.

“His lawyer said he’s O.K.,” Greenwald responded.

“But he’s not in direct contact with Snowden,” Poitras said

When Greenwald got home that evening, Snowden contacted him online. Two days
later, while she was working at Greenwald’s house, Poitras also heard from
him.

It was dusk, and there was loud cawing and hooting coming from the jungle all
around. This was mixed with the yapping of five or six dogs as I let myself
in the front gate. Through a window, I saw Poitras in the living room,
intently working at one of her computers. I let myself in through a screen
door, and she glanced up for just a second, then went back to work,
completely unperturbed by the cacophony around her. After 10 minutes, she
closed the lid of her computer and mumbled an apology about needing to take
care of some things.

She showed no emotion and did not mention that she had been in the middle of
an encrypted chat with Snowden. At the time, I didn’t press her, but a few
days later, after I returned to New York and she returned to Berlin, I asked
if that’s what she was doing that evening. She confirmed it, but said she
didn’t want to talk about it at the time, because the more she talks about
her interactions with Snowden, the more removed she feels from them.

“It’s an incredible emotional experience,” she said, “to be contacted by a
complete stranger saying that he was going to risk his life to expose things
the public should know. He was putting his life on the line and trusting me
with that burden. My experience and relationship to that is something that I
want to retain an emotional relation to.” Her connection to him and the
material, she said, is what will guide her work. “I am sympathetic to what he
sees as the horror of the world [and] what he imagines could come. I want to
communicate that with as much resonance as possible. If I were to sit and do
endless cable interviews — all those things alienate me from what I need to
stay connected to. It’s not just a scoop. It’s someone’s life.”

Poitras and Greenwald are an especially dramatic example of what outsider
reporting looks like in 2013. They do not work in a newsroom, and they
personally want to be in control of what gets published and when. When The
Guardian didn’t move as quickly as they wanted with the first article on
Verizon, Greenwald discussed taking it elsewhere, sending an encrypted draft
to a colleague at another publication. He also considered creating a Web site
on which they would publish everything, which he planned to call
NSADisclosures. In the end, The Guardian moved ahead with their articles. But
Poitras and Greenwald have created their own publishing network as well,
placing articles with other outlets in Germany and Brazil and planning more
for the future. They have not shared the full set of documents with anyone.

“We are in partnership with news organizations, but we feel our primary
responsibility is to the risk the source took and to the public interest of
the information he has provided,” Poitras said. “Further down on the list
would be any particular news organization.”

Unlike many reporters at major news outlets, they do not attempt to maintain
a facade of political indifference. Greenwald has been outspoken for years;
on Twitter, he recently replied to one critic by writing: “You are a complete
idiot. You know that, right?” His left political views, combined with his
cutting style, have made him unloved among many in the political
establishment. His work with Poitras has been castigated as advocacy that
harms national security. “I read intelligence carefully,” said Senator Dianne
Feinstein, chairwoman of the Senate Intelligence Committee, shortly after the
first Snowden articles appeared. “I know that people are trying to get us. .
. . This is the reason the F.B.I. now has 10,000 people doing intelligence on
counterterrorism. . . . It’s to ferret this out before it happens. It’s
called protecting America.”

Poitras, while not nearly as confrontational as Greenwald, disagrees with the
suggestion that their work amounts to advocacy by partisan reporters. “Yes, I
have opinions,” she told me. “Do I think the surveillance state is out of
control? Yes, I do. This is scary, and people should be scared. A shadow and
secret government has grown and grown, all in the name of national security
and without the oversight or national debate that one would think a democracy
would have. It’s not advocacy. We have documents that substantiate it.”

Poitras possesses a new skill set that is particularly vital — and far from
the journalistic norm — in an era of pervasive government spying: she knows,
as well as any computer-security expert, how to protect against surveillance.
As Snowden mentioned, “In the wake of this year’s disclosure, it should be
clear that unencrypted journalist-source communication is unforgivably
reckless.” A new generation of sources, like Snowden or Pfc. Bradley Manning,
has access to not just a few secrets but thousands of them, because of their
ability to scrape classified networks. They do not necessarily live in and
operate through the established Washington networks — Snowden was in Hawaii,
and Manning sent hundreds of thousands of documents to WikiLeaks from a base
in Iraq. And they share their secrets not with the largest media outlets or
reporters but with the ones who share their political outlook and have the
know-how to receive the leaks undetected.

In our encrypted chat, Snowden explained why he went to Poitras with his
secrets: “Laura and Glenn are among the few who reported fearlessly on
controversial topics throughout this period, even in the face of withering
personal criticism, [which] resulted in Laura specifically becoming targeted
by the very programs involved in the recent disclosures. She had demonstrated
the courage, personal experience and skill needed to handle what is probably
the most dangerous assignment any journalist can be given — reporting on the
secret misdeeds of the most powerful government in the world — making her an
obvious choice.”

Snowden’s revelations are now the center of Poitras’s surveillance
documentary, but Poitras also finds herself in a strange, looking-glass
dynamic, because she cannot avoid being a character in her own film. She did
not appear in or narrate her previous films, and she says that probably won’t
change with this one, but she realizes that she has to be represented in some
way, and is struggling with how to do that.

She is also assessing her legal vulnerability. Poitras and Greenwald are not
facing any charges, at least not yet. They do not plan to stay away from
America forever, but they have no immediate plans to return. One member of
Congress has already likened what they’ve done to a form of treason, and they
are well aware of the Obama administration’s unprecedented pursuit of not
just leakers but of journalists who receive the leaks. While I was with them,
they talked about the possibility of returning. Greenwald said that the
government would be unwise to arrest them, because of the bad publicity it
would create. It also wouldn’t stop the flow of information.

He mentioned this while we were in a taxi heading back to his house. It was
dark outside, the end of a long day. Greenwald asked Poitras, “Since it all
began, have you had a non-N.S.A. day?”

“What’s that?” she replied.

“I think we need one,” Greenwald said. “Not that we’re going to take one.”

Poitras talked about getting back to yoga again. Greenwald said he was going
to resume playing tennis regularly. “I’m willing to get old for this thing,”
he said, “but I’m not willing to get fat.”

Their discussion turned to the question of coming back to the United States.
Greenwald said, half-jokingly, that if he was arrested, WikiLeaks would
become the new traffic cop for publishing N.S.A. documents. “I would just
say: ‘O.K., let me introduce you to my friend Julian Assange, who’s going to
take my place. Have fun dealing with him.’ ”

Poitras prodded him: “So you’re going back to the States?”

He laughed and pointed out that unfortunately, the government does not always
take the smartest course of action. “If they were smart,” he said, “I would
do it.”

Poitras smiled, even though it’s a difficult subject for her. She is not as
expansive or carefree as Greenwald, which adds to their odd-couple chemistry.
She is concerned about their physical safety. She is also, of course, worried
about surveillance. “Geolocation is the thing,” she said. “I want to keep as
much off the grid as I can. I’m not going to make it easy for them. If they
want to follow me, they are going to have to do that. I am not going to ping
into any G.P.S. My location matters to me. It matters to me in a new way that
I didn’t feel before.”

There are lots of people angry with them and lots of governments, as well as
private entities, that would not mind taking possession of the thousands of
N.S.A. documents they still control. They have published only a handful — a
top-secret, headline-grabbing, Congressional-hearing-inciting handful — and
seem unlikely to publish everything, in the style of WikiLeaks. They are
holding onto more secrets than they are exposing, at least for now.

“We have this window into this world, and we’re still trying to understand
it,” Poitras said in one of our last conversations. “We’re not trying to keep
it a secret, but piece the puzzle together. That’s a project that is going to
take time. Our intention is to release what’s in the public interest but also
to try to get a handle on what this world is, and then try to communicate
that.”

The deepest paradox, of course, is that their effort to understand and expose
government surveillance may have condemned them to a lifetime of it.

“Our lives will never be the same,” Poitras said. “I don’t know if I’ll ever
be able to live someplace and feel like I have my privacy. That might be just
completely gone.”

Peter Maass is an investigative reporter working on a book about surveillance
and privacy.

Editor: Joel Lovell




From lunar at torproject.org  Wed Aug 21 05:29:40 2013
From: lunar at torproject.org (Lunar)
Date: Wed, 21 Aug 2013 14:29:40 +0200
Subject: [tor-talk] Tor Weekly News — August, 21st 2013
Message-ID: <mailman.4440.1575949052.62801.testlist@lists.cpunks.org>

========================================================================
Tor Weekly News                                        August 21st, 2013
========================================================================

Welcome to the eighth issue of Tor Weekly News, the weekly newsletter
that covers what is happening in the great Tor community.

Future of pluggable transports integration
------------------------------------------

While David Fifield was busy updating the Pluggable Transports Bundle to
match the “classic” bundle version 0.2.4.16-beta-1 [1], several
discussions took place on how to better integrate pluggable transports
in the future.

bastik opened #9444 [2], pointing out that “currently TBB with Pluggable
Transports are build separately, thus lagging behind”. Having two
separate bundles is also a long standing usability issue, as often users
have tried to add “obfs” bridges to their normal TBB [3].

Mike Perry is fully aware of the issue and stated in the discussion that
his “long term goal is to try to cram all of the pluggable transports
into The One True Bundle.”

This will require modifications to the new “Tor Launcher” component of
the TBB 3.x series in order to allow users to select the bridges and
pluggable transports they wish to use. Compromises might be needed on
how users should input bridges. BridgeDB recently stopped having the
“bridge” keyword in front of the addresses it replies [4] with as
Vidalia would not understand it. Mike Perry was thinking in exactly the
opposite direction: “take bridge lines directly from bridgedb […]
verifying only that they start with ‘bridge’”. Maybe the transition
could be easier if Florian Stinglmayr’s patch to Vidalia [5] was merged
so that current bundles would ignore the “bridge” keyword when entering
bridges [6].

In any case, Mike wants to solve these issues “before we release as
beta/stable, to minimize user confusion.”

Another tricky part of the “One True Bundle” solution is the bundle
size, making it harder to circumvent download restrictions through
email [7]. But, as Mike said, “even if they don’t, we’ll probably have
to find some other solution anyway for gettor, because the intersection
of gettor users and PT users is probably high.”

   [1] https://www.torproject.org/docs/pluggable-transports.html.en
   [2] https://bugs.torproject.org/9444
   [3] https://bugs.torproject.org/9156
   [4] https://gitweb.torproject.org/user/isis/bridgedb.git/commit/792cfd9
   [5] https://github.com/n0la/vidalia/tree/master-bug/6724
   [6] https://bugs.torproject.org/6724
   [7] https://www.torproject.org/projects/gettor.html

Extended ORPort land in tor 0.2.5
---------------------------------

After more than a year and a half in the making, the Extended ORPort
mechanism [8] has been merged by Nick Mathewson into the tor master
branch [9]. This will allow pluggable transport proxies to exchange
arbitrary operational information and metadata with tor clients and
bridges.

Such plumbing was needed in order to make some pluggable transports
easier to use or to allow Tor to gather more data about the state of
the transports used.

obfsproxy has supported this new communication channel [10] for a
little while and was only waiting for tor to catch up. George
Kadianakis thus asked obfsbridge operators to upgrade their tor to git
master to enable client statistics [11].

Once they do, their bridges will send statistics on users per transport
to the bridge authority, and they will be published on
metrics.torproject.org [12]. This helps track deployment of pluggable
transports in the future.

   [8] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/196-transport-control-ports.txt
   [9] https://gitweb.torproject.org/tor.git/commit/74262f15
  [10] https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/blob/HEAD:/obfsproxy/network/extended_orport.py
  [11] https://lists.torproject.org/pipermail/tor-relays/2013-August/002477.html
  [12] https://metrics.torproject.org/users.html?graph=userstats-bridge-transport&transport=obfs3#userstats-bridge-transport

A new implementation for the web side of check.torproject.org
-------------------------------------------------------------

Arlo Breault wrote a new implementation for the web component of
check.torproject.org in the Go programming language [13], in response
to Roger Dingledine’s appeal: “Check could really use some love. Any
volunteers please?”. [14,15]

There is already a ticket to replace the check.torproject.org servers
with Arlo’s Go version [16]. Andrew Lewman stated again that “As for
check.tpo website, it shouldn’t exist at all”, as it is an architectural
issue to “have the entire tor browser userbase hit a single website to
learn ’Tor or not’”. Until all clients are changed to stop using check,
deploying a new code base would only make sense if it was at least able
to handle “500 requests per second on really busy times”. More
benchmarks are probably needed with Arlo’s implementation.

On another front, tup, the initial author of TorDNSEL [17], has
resurfaced to offer [18] to update the code to work with newer Haskell
environments after many years of silence!

  [13] https://github.com/arlolra/check/
  [14] https://lists.torproject.org/pipermail/tor-talk/2013-August/029306.html
  [15] https://bugs.torproject.org/9529
  [16] https://gitweb.torproject.org/tordnsel.git/commit/99d490
  [17] https://bugs.torproject.org/9204#comment:14

Tor exit crowdfunding
---------------------

Moritz Bartl from torservers.net [18] posted an update [19] on their
ongoing crowdfunding campaign to support Tor exit bandwidth. The fund
just went over €3000, and there are still a few days left!

For more information, and ways to contribute, please visit the Indiegogo
page [20].

  [18] https://www.torservers.net/
  [19] https://lists.torproject.org/pipermail/tor-talk/2013-August/029431.html
  [20] http://www.indiegogo.com/projects/tor-anti-censorship-and-anonymity-infrastructure/

A Flattr-like incentive for Tor relays?
---------------------------------------

While torservers.net is presently collecting euros, George Kadianakis
asked for comments from the Tor community about “a practical crowdfunded
Flattr-like incentive scheme for Tor relays”, dubbed Flattor [21].

George’s proposal is meant to solve “one of the problems of scaling Tor
to tens of millions of users”, that “Tor’s bandwidth capacity is
finite”.  He observes that “lately the bandwidth coming out of
Tor-friendly organizations (like torservers.net, universities, etc.)
seems to increase” and is worried that “Tor might end up looking like
the Bitcoin network — where a number of organizations (mining pools)
drive the network.”

What George would like to see is incentives for contributing to the
network.  After studying schemes proposed in the past, all deemed “hard
to implement and deploy”, George proposes a simple approach: users can
opt to spend a fixed amount of bitcoins to support the Tor network, and
their donation will be divided according to the bandwidth of each relay.
Obviously, relay operators who wish to receive such contributions would
need to publish a bitcoin address, probably in the “contact” field.

There might be some concerns with such scheme, or any monetary
incentives scheme, as George summarized: “If relay operators start
getting money for their bandwidth, we might end up with relay operators
that are just in for the money.  It might then be easier for a
three-letter org to persuade those relay operators to snoop on their
users (by giving them double the money they are currently getting).”

Moritz Bartl commented [22] that the idea was already quite close to
torservers.net current plan, to the extent that donations
were distributed “across all participating organizations based on […]
advertised bandwidth and a country-specific factor.” Moritz also pointed
out that similar discussions had already happened in the past when a
sponsor wished to fund faster exit relays [23].

George concluded his mail by saying that he is “not even sure if such an
incentive scheme is a good idea, but posting bad ideas to mailing lists
is what the Internet is for, right?”

Feel free to join the discussion, or hack wildly.

  [21] https://lists.torproject.org/pipermail/tor-talk/2013-August/029419.html
  [22] https://lists.torproject.org/pipermail/tor-talk/2013-August/029421.html
  [23] https://blog.torproject.org/blog/turning-funding-more-exit-relays

Miscellaneous news
------------------

The new release of Orbot 12.0.3 comes with a shiny new icon and
graphics, bugfixes, and Tor 0.2.4.16-rc. You can download the update via
Google Play [24] or straight from Guardian Project’s website [25].

  [24] https://play.google.com/store/apps/details?id=org.torproject.android
  [25] https://guardianproject.info/releases/orbot-latest.apk

Andrew Lewman has published the financial reports of the Tor Project for
the year 2012 [26].

  [26] https://blog.torproject.org/blog/transparency-openness-and-our-2012-financial-docs

Arturo has sent his report for July 2013 [27].

  [27] https://lists.torproject.org/pipermail/tor-reports/2013-August/000313.html

Runa Sandvik reported on her trip to Black Hat & DEF CON [28]. She
managed to fill “the Penn & Teller theater (~1500 people)” for a
talk [29] about “the safety of the Tor network which focused on network
diversity, relay operators, and misbehaving relays.” The former Tor GSoC
student Brandon Wiley also gave an update [30] on Dust — “an Internet
protocol designed to resist a number of attacks currently in active use
to censor Internet communication.” [31]

  [28] https://lists.torproject.org/pipermail/tor-reports/2013-August/000312.html
  [29] https://www.defcon.org/html/defcon-21/dc-21-speakers.html#Sandvik
  [30] https://www.defcon.org/html/defcon-21/dc-21-speakers.html#Wiley
  [31] https://github.com/blanu/Dust/

Karsten Loesing has made progress on “experimenting with a client and
private bridge connected over uTP” [32]. The connection can be
established, but strange timing issues remain to be solved.

  [32] https://trac.torproject.org/projects/tor/ticket/9166#comment:23

George Kadianakis has sent two new proposals to improve hidden service
identity key security [33] and prevent address enumeration [34]. TWN
will cover these proposals in detail once the draft deployment strategy
is published. Feel free to help refine the proposals in the meantime!

  [33] https://lists.torproject.org/pipermail/tor-dev/2013-August/005279.html
  [34] https://lists.torproject.org/pipermail/tor-dev/2013-August/005280.html

Help Desk Roundup
-----------------

Users experience confusion when trying to update the Tor Browser Bundle.
Users are not always aware that the Tor Browser Bundle does not have an
autoupdate function. Some users will download the latest release from
the Tor Project website, then ask “Ok, what do I do now?”. We recommend
closing the browser, then deleting one’s current Tor Browser folder
before unpacking the new download.

One person asked for help while using the Pirate Browser.
Torrent-sharing website The Pirate Bay released the Pirate Browser this
week as a fork of the Tor Browser Bundle. The Pirate Browser is not
endorsed or recommended by the Tor Project. It is unclear what the
advantages are compared to using the Tor Browser Bundle and no source
code is available.



This issue of Tor Weekly News has been assembled by Lunar, dope457,
malaparte, mttp, Karsten Loesing, and harmony.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [35], write down your
name and subscribe to the team mailing-list [36] if you want to
get involved!

  [35] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
  [36] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team



-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Wed Aug 21 05:31:48 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 14:31:48 +0200
Subject: [tor-talk] Tor Weekly News =?utf-8?B?4oCU?= =?utf-8?Q?_August=2C?=
 21st 2013
Message-ID: <20130821123148.GH29404@leitl.org>

----- Forwarded message from Lunar <lunar at torproject.org> -----


From eugen at leitl.org  Wed Aug 21 06:05:28 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 15:05:28 +0200
Subject: [tor-talk] encrypted mailing lists
Message-ID: <20130821130528.GM29404@leitl.org>

----- Forwarded message from Lunar <lunar at torproject.org> -----


From cryptofreak at cpunk.us  Wed Aug 21 13:30:43 2013
From: cryptofreak at cpunk.us (CryptoFreak)
Date: Wed, 21 Aug 2013 15:30:43 -0500
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <20130821140451.GP29404@leitl.org>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org>
Message-ID: <52152373.3070402@cpunk.us>

On 08/21/2013 09:04 AM, Eugen Leitl wrote:
> On Sat, Aug 17, 2013 at 05:01:07AM -0500, CryptoFreak wrote:
> 
>> So what do you think? Is their finally a political party more
>> closely aligned with the cypherpunk ideal than the Libertarians?
> 
> Don't forget the Pirate Parties. Despite all the fubars,
> the German Pirate Party is expected to hit 3+% in the
> national elections next months.

I've looked into the Pirate Party but, at least from the American side
of things, they seem like a 'one hit wonder' who's nearly solely focused
on IP law reform. Perhaps this isn't the same in other places (I can't
imagine they would have won major elections with a single issue
platform) but here in the States, where they exist, it seems to be the case.






From eugen at leitl.org  Wed Aug 21 07:04:51 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Wed, 21 Aug 2013 16:04:51 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
Message-ID: <20130821140451.GP29404@leitl.org>

On Sat, Aug 17, 2013 at 05:01:07AM -0500, CryptoFreak wrote:

> So what do you think? Is their finally a political party more
> closely aligned with the cypherpunk ideal than the Libertarians?

Don't forget the Pirate Parties. Despite all the fubars,
the German Pirate Party is expected to hit 3+% in the
national elections next months.




From cryptofreak at cpunk.us  Wed Aug 21 15:21:38 2013
From: cryptofreak at cpunk.us (CryptoFreak)
Date: Wed, 21 Aug 2013 17:21:38 -0500
Subject: David and Glenn in Berlin
In-Reply-To: <20130821064210.GK29404@leitl.org>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <5213B55B.7010509@redteam.io>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
 <20130821064210.GK29404@leitl.org>
Message-ID: <52153D72.1020909@cpunk.us>

On 08/21/2013 01:42 AM, Eugen Leitl wrote:
> On Tue, Aug 20, 2013 at 04:14:39PM -0400, grarpamp wrote:
>>> T word
>>
>> The word is TERRORIST aka: criminal.
>> A shame that some words cannot be said or
>> that some cannot say them.
> 
> These days everybody is a terrorist. Excuse
> me while I fix me up some breakfast terrorism, brb.

Perhaps a nice bowl of Ricin Crispies?




From kb at karelbilek.com  Wed Aug 21 08:21:59 2013
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Wed, 21 Aug 2013 17:21:59 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <20130821140451.GP29404@leitl.org>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org>
Message-ID: <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>

By some weird luck, I happen to know some people from Australian
Pirate Party, despite being on the other end of the world.

Based on that, I would trust them a bit more in their claims than
Assange-centered party that exists, afaik, to get Assange into senate.

However, I don't know that much about Australian politics, so what do I know.

On Wed, Aug 21, 2013 at 4:04 PM, Eugen Leitl <eugen at leitl.org> wrote:
> On Sat, Aug 17, 2013 at 05:01:07AM -0500, CryptoFreak wrote:
>
>> So what do you think? Is their finally a political party more
>> closely aligned with the cypherpunk ideal than the Libertarians?
>
> Don't forget the Pirate Parties. Despite all the fubars,
> the German Pirate Party is expected to hit 3+% in the
> national elections next months.




From kb at karelbilek.com  Wed Aug 21 08:26:49 2013
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Wed, 21 Aug 2013 17:26:49 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org>
 <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>
Message-ID: <CAGUkT8ZcXxN4i7p4Z_GrHtzChiWa+4qhvz0TXyfpGeTXBGAEqQ@mail.gmail.com>

that "weird luck" has everything to do with pirate party international.

you don't want to know the dirty stuff of pirate party international.

On Wed, Aug 21, 2013 at 5:21 PM, Karel Bílek <kb at karelbilek.com> wrote:
> By some weird luck, I happen to know some people from Australian
> Pirate Party, despite being on the other end of the world.
>
> Based on that, I would trust them a bit more in their claims than
> Assange-centered party that exists, afaik, to get Assange into senate.
>
> However, I don't know that much about Australian politics, so what do I know.
>
> On Wed, Aug 21, 2013 at 4:04 PM, Eugen Leitl <eugen at leitl.org> wrote:
>> On Sat, Aug 17, 2013 at 05:01:07AM -0500, CryptoFreak wrote:
>>
>>> So what do you think? Is their finally a political party more
>>> closely aligned with the cypherpunk ideal than the Libertarians?
>>
>> Don't forget the Pirate Parties. Despite all the fubars,
>> the German Pirate Party is expected to hit 3+% in the
>> national elections next months.




From l at odewijk.nl  Wed Aug 21 08:49:50 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Wed, 21 Aug 2013 17:49:50 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org>
 <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>
Message-ID: <CAHWD2r+rpQwqCEczq7nc8GsFyzS=Ti-a4WhaS0K5NnQGJp19Sw@mail.gmail.com>

2013/8/21 Karel Bílek <kb at karelbilek.com>

> Based on that, I would trust them a bit more in their claims than
> Assange-centered party that exists, afaik, to get Assange into senate.
>

That sounds awesome actually. Assange as a government head. Nobody I'd
trust more to poke through silly political games and get to business. Of
course he does his fair share of games too, but that'll only make him more
effective.

I'm thumbs up. Assange for senator!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 864 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/47dacff1/attachment.txt>

From rvh40 at insightbb.com  Wed Aug 21 14:55:48 2013
From: rvh40 at insightbb.com (Randall Webmail)
Date: Wed, 21 Aug 2013 17:55:48 -0400 (EDT)
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <52152373.3070402@cpunk.us>
Message-ID: <1527410662.372183.1377122148481.JavaMail.root@md13.insight.synacor.com>



From kb at karelbilek.com  Wed Aug 21 08:57:43 2013
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Wed, 21 Aug 2013 17:57:43 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAOFDsm0G4pnTFk5yDYDfU5GP+Uz_8YzuTN7PPuwNfLRX=xGKCw@mail.gmail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org>
 <CAGUkT8Yt8FPh3owZknWA04m7xW-=CVoaiUKX0XWCCvYkX2+4XA@mail.gmail.com>
 <CAGUkT8ZcXxN4i7p4Z_GrHtzChiWa+4qhvz0TXyfpGeTXBGAEqQ@mail.gmail.com>
 <CAOFDsm0G4pnTFk5yDYDfU5GP+Uz_8YzuTN7PPuwNfLRX=xGKCw@mail.gmail.com>
Message-ID: <CAGUkT8Y8MNk7Lp9pz2YeQ92SKx0CCB3eZihSgYHEHj399S==3Q@mail.gmail.com>

http://www.pp-international.net/

Frankly, I met some great people all around the world, sharing same
values and so on.

But some of them are less altruistic.

And of course, there is tons of politics. In all senses of the word.
And it was a stupid Pirate Party that has almost no power anywhere,
except for a few people in Brussels and some Germans in those smaller
parliaments. But even the *possibility* of power lure some strange
people in.

On Wed, Aug 21, 2013 at 5:38 PM, Steve Furlong <demonfighter at gmail.com> wrote:
> On Wed, Aug 21, 2013 at 11:26 AM, Karel Bílek <kb at karelbilek.com> wrote:
>>
>> you don't want to know the dirty stuff of pirate party international.
>
>
> I thought the first rule of Pirate Party International is that you don't
> talk about Pirate Party International. Or was that the International Party
> Pirate?




From mail at tsmithe.net  Wed Aug 21 10:13:39 2013
From: mail at tsmithe.net (Toby St Clere Smithe)
Date: Wed, 21 Aug 2013 18:13:39 +0100
Subject: Encrypted mailing lists?
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
 <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
 <2BF2095C-1D27-4AE9-8350-4AF1653CA718@obscura.com>
Message-ID: <8738q3t1a4.fsf@tsmithe.net>

Lance Cottrell <loki at obscura.com> writes:
> I hardly have time to read or respond to the messages as it is. Add even a few second per message and I would drop out.

Regardless of the value of the content?




From rysiek at hackerspace.pl  Wed Aug 21 10:11:06 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 19:11:06 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAGUkT8Y8MNk7Lp9pz2YeQ92SKx0CCB3eZihSgYHEHj399S==3Q@mail.gmail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <CAOFDsm0G4pnTFk5yDYDfU5GP+Uz_8YzuTN7PPuwNfLRX=xGKCw@mail.gmail.com>
 <CAGUkT8Y8MNk7Lp9pz2YeQ92SKx0CCB3eZihSgYHEHj399S==3Q@mail.gmail.com>
Message-ID: <2370473.LYP6710845@laptosid>

Dnia środa, 21 sierpnia 2013 17:57:43 Karel Bílek pisze:
> http://www.pp-international.net/
> 
> Frankly, I met some great people all around the world, sharing same
> values and so on.
> 
> But some of them are less altruistic.
> 
> And of course, there is tons of politics. In all senses of the word.
> And it was a stupid Pirate Party that has almost no power anywhere,
> except for a few people in Brussels and some Germans in those smaller
> parliaments. But even the *possibility* of power lure some strange
> people in.

That's exactly what we see in Poland. The "P3" (Polish Pirate Party) as they 
call themselves, has about one sensible guy and dozens of politicos lured 
there during the Anti-ACTA shitstorm and during earlier Internet-related 
movements.

It's a very sad sight...

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/11cfef0d/attachment.sig>

From rysiek at hackerspace.pl  Wed Aug 21 10:12:47 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 21 Aug 2013 19:12:47 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <CAOFDsm0G4pnTFk5yDYDfU5GP+Uz_8YzuTN7PPuwNfLRX=xGKCw@mail.gmail.com>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <CAGUkT8ZcXxN4i7p4Z_GrHtzChiWa+4qhvz0TXyfpGeTXBGAEqQ@mail.gmail.com>
 <CAOFDsm0G4pnTFk5yDYDfU5GP+Uz_8YzuTN7PPuwNfLRX=xGKCw@mail.gmail.com>
Message-ID: <3275347.1PNHRXKuT1@laptosid>

Dnia środa, 21 sierpnia 2013 11:38:38 Steve Furlong pisze:
> On Wed, Aug 21, 2013 at 11:26 AM, Karel Bílek <kb at karelbilek.com> wrote:
> > you don't want to know the dirty stuff of pirate party international.
> 
> I thought the first rule of Pirate Party International is that you don't
> talk about Pirate Party International. Or was that the International Party
> Pirate?

International Party of Pirates?
http://www.youtube.com/watch?v=gb_qHP7VaZE

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/09e4e2f0/attachment.sig>

From lee at guardianproject.info  Wed Aug 21 17:58:44 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Wed, 21 Aug 2013 20:58:44 -0400
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <2311068.3YlhGehAQP@laptosid>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
 <2311068.3YlhGehAQP@laptosid>
Message-ID: <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>

Alexander Galloway wrote a wonderful text on decentralized control titled
Protocol: How Control Exists After Decentralization. Worth the read.

-lee
 On Aug 21, 2013 8:54 PM, "rysiek" <rysiek at hackerspace.pl> wrote:

> Dnia środa, 21 sierpnia 2013 13:20:53 Lodewijk andré de la porte pisze:
> > Torrents show. Bitcoin shows.
> >
> > Common protocol, many clients, graceful as possible failures, distributed
> > everything.
> >
> > Else you'll always have a centralized something that can get broken.
>
> This is so very true. Decentralisation is the only way to go, IMVHO. And
> the
> lower network level we can decentralise, the better.
>
> I'd like to see decentralisation-in-depth happening. As in: decentralised,
> peer-to-peer communication services in a dynamically routed network built
> on
> top of physical mesh.
>
> With that in mind I love what Project Byzantium is doing, for example. The
> elements are slowly getting into place, at some point we will get there,
> I'm
> sure.
>
> --
> Pozdr
> rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1327 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/ec3a8044/attachment.txt>

From ei8fdb at ei8fdb.org  Wed Aug 21 14:30:23 2013
From: ei8fdb at ei8fdb.org (Bernard Tyers - ei8fdb)
Date: Wed, 21 Aug 2013 22:30:23 +0100
Subject: do we know who developed this website ?
In-Reply-To: <CAGRDzQU4h=HOMB+pobmGaE1Wdadw7yr4ipKbKvETsckM+wZPHQ@mail.gmail.com>
References: <CAGRDzQU4h=HOMB+pobmGaE1Wdadw7yr4ipKbKvETsckM+wZPHQ@mail.gmail.com>
Message-ID: <6A072A7A-07A1-420F-9452-3FDE934FADE3@ei8fdb.org>


On 21 Aug 2013, at 22:26, Cari Machet <carimachet at gmail.com> wrote:

> https://www.wefightcensorship.org/online-survival-kithtml.html


It's right there in the About us link. [1]

"WeFightCensorship.org (WeFC) is a Reporters Without Borders project that aims to combat censorship and promote the flow of news and information."

[1] https://www.wefightcensorship.org/about-ushtml.html
--------------------------------------
Bernard / bluboxthief / ei8fdb

IO91XM / www.ei8fdb.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130821/87864f77/attachment.sig>

From ei8fdb at ei8fdb.org  Wed Aug 21 14:34:44 2013
From: ei8fdb at ei8fdb.org (Bernard Tyers)
Date: Wed, 21 Aug 2013 22:34:44 +0100
Subject: do we know who developed this website ?
In-Reply-To: <CAGRDzQUBXxocBO_4ebB5L9Jy7yrUNQjxWc+x8yaCvFpXx=UMXA@mail.gmail.com>
References: <CAGRDzQU4h=HOMB+pobmGaE1Wdadw7yr4ipKbKvETsckM+wZPHQ@mail.gmail.com>
 <6A072A7A-07A1-420F-9452-3FDE934FADE3@ei8fdb.org>
 <CAGRDzQUBXxocBO_4ebB5L9Jy7yrUNQjxWc+x8yaCvFpXx=UMXA@mail.gmail.com>
Message-ID: <ac14e645-986e-4223-8d47-31d06dfc94b4@email.android.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ah that's a different question...;)



Cari Machet <carimachet at gmail.com> wrote:
>just checking if anyone has deeper knowledge...
>
>On 8/21/13, Bernard Tyers - ei8fdb <ei8fdb at ei8fdb.org> wrote:
>>
>> On 21 Aug 2013, at 22:26, Cari Machet <carimachet at gmail.com> wrote:
>>
>>> https://www.wefightcensorship.org/online-survival-kithtml.html
>>
>>
>> It's right there in the About us link. [1]
>>
>> "WeFightCensorship.org (WeFC) is a Reporters Without Borders project
>that
>> aims to combat censorship and promote the flow of news and
>information."
>>
>> [1] https://www.wefightcensorship.org/about-ushtml.html
>> --------------------------------------
>> Bernard / bluboxthief / ei8fdb
>>
>> IO91XM / www.ei8fdb.org
>>
>>
>
>
>--
>Cari Machet
>NYC 646-436-7795
>carimachet at gmail.com
>AIM carismachet
>Skype carimachet - 646-652-6434
>Syria +963-099 277 3243
>Amman +962 077 636 9407
>Berlin +49 152 11779219
>Twitter: @carimachet <https://twitter.com/carimachet>
>
>Ruh-roh, this is now necessary: This email is intended only for the
>addressee(s) and may contain confidential information. If you are not
>the
>intended recipient, you are hereby notified that any use of this
>information, dissemination, distribution, or copying of this email
>without
>permission is strictly prohibited.

Sent from my tiny electronic gadget. Please excuse my brevity and (probable) spelling mistakes.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8

iQE/BAEBCAApBQJSFTJ0IhxCZXJuYXJkIFR5ZXJzIDxlaThmZGJAZWk4ZmRiLm9y
Zz4ACgkQ2zPUg7swiutuowf/ar2FugACzYNjySaqdwTZu4rutZ3OK/FokurGdeVx
Br2239M34x5BWBvIAzv1lvOfknd3Ao/zAPlMA32fGrq80IucSDwVYdML+7zrSYfd
hoxqBag6lMxyYdOS/ECXjB72FLkGpTC0ppbTETmPu44xCi8MiVTR0oOFi9hY8t/w
bA8wloEajHqgNO2tIxGLuyWeRS7ivAg+pqW0TfHHxi2CuBbN1euc5XZFEjD/oWyv
VpogrpWZb/N4NKvle88OpjZEuL2lgCKJvzy8oSVNKoCYuiGPfqga7smANBpgs6qN
xuQDT8WJhYLe+63k74WfF1WQZdgjlYBDdRXGCfafEXVrYA==
=yYUd
-----END PGP SIGNATURE-----





From kb at karelbilek.com  Wed Aug 21 14:05:28 2013
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Wed, 21 Aug 2013 23:05:28 +0200
Subject: Is the Wikileaks Party a cypherpunk party?
In-Reply-To: <52152373.3070402@cpunk.us>
References: <BF8A2FF4-1496-4039-8CA1-E15E2B6AF6E1@cpunk.us>
 <20130821140451.GP29404@leitl.org> <52152373.3070402@cpunk.us>
Message-ID: <CAGUkT8beKiQZfAy-jJzJ5+qgPMdBdkwTpOrJWGOSD+cbF-19=w@mail.gmail.com>

That thing is kind of complex.

AFAIK, inside pirate parties, there are always people that shout "we
should do more issues, most people don't care just about the internet"
and people that shout "we should do less issues, we know nothing about
tax reform and medicine, and we will not agree on anything meaningful
either".

And, as somebody said before, because it's a political party, you have
to do compromises, so they usually try to go somewhere in the middle.

On Wed, Aug 21, 2013 at 10:30 PM, CryptoFreak <cryptofreak at cpunk.us> wrote:
> On 08/21/2013 09:04 AM, Eugen Leitl wrote:
>> On Sat, Aug 17, 2013 at 05:01:07AM -0500, CryptoFreak wrote:
>>
>>> So what do you think? Is their finally a political party more
>>> closely aligned with the cypherpunk ideal than the Libertarians?
>>
>> Don't forget the Pirate Parties. Despite all the fubars,
>> the German Pirate Party is expected to hit 3+% in the
>> national elections next months.
>
> I've looked into the Pirate Party but, at least from the American side
> of things, they seem like a 'one hit wonder' who's nearly solely focused
> on IP law reform. Perhaps this isn't the same in other places (I can't
> imagine they would have won major elections with a single issue
> platform) but here in the States, where they exist, it seems to be the case.
>
>
>




From carimachet at gmail.com  Wed Aug 21 14:26:21 2013
From: carimachet at gmail.com (Cari Machet)
Date: Wed, 21 Aug 2013 23:26:21 +0200
Subject: do we know who developed this website ?
Message-ID: <CAGRDzQU4h=HOMB+pobmGaE1Wdadw7yr4ipKbKvETsckM+wZPHQ@mail.gmail.com>

https://www.wefightcensorship.org/online-survival-kithtml.html

-- 
Cari Machet
NYC 646-436-7795
carimachet at gmail.com
AIM carismachet
Skype carimachet - 646-652-6434
Syria +963-099 277 3243
Amman +962 077 636 9407
Berlin +49 152 11779219
Twitter: @carimachet <https://twitter.com/carimachet>

Ruh-roh, this is now necessary: This email is intended only for the
addressee(s) and may contain confidential information. If you are not the
intended recipient, you are hereby notified that any use of this
information, dissemination, distribution, or copying of this email without
permission is strictly prohibited.




From carimachet at gmail.com  Wed Aug 21 14:33:07 2013
From: carimachet at gmail.com (Cari Machet)
Date: Wed, 21 Aug 2013 23:33:07 +0200
Subject: do we know who developed this website ?
In-Reply-To: <6A072A7A-07A1-420F-9452-3FDE934FADE3@ei8fdb.org>
References: <CAGRDzQU4h=HOMB+pobmGaE1Wdadw7yr4ipKbKvETsckM+wZPHQ@mail.gmail.com>
 <6A072A7A-07A1-420F-9452-3FDE934FADE3@ei8fdb.org>
Message-ID: <CAGRDzQUBXxocBO_4ebB5L9Jy7yrUNQjxWc+x8yaCvFpXx=UMXA@mail.gmail.com>

just checking if anyone has deeper knowledge...

On 8/21/13, Bernard Tyers - ei8fdb <ei8fdb at ei8fdb.org> wrote:
>
> On 21 Aug 2013, at 22:26, Cari Machet <carimachet at gmail.com> wrote:
>
>> https://www.wefightcensorship.org/online-survival-kithtml.html
>
>
> It's right there in the About us link. [1]
>
> "WeFightCensorship.org (WeFC) is a Reporters Without Borders project that
> aims to combat censorship and promote the flow of news and information."
>
> [1] https://www.wefightcensorship.org/about-ushtml.html
> --------------------------------------
> Bernard / bluboxthief / ei8fdb
>
> IO91XM / www.ei8fdb.org
>
>


-- 
Cari Machet
NYC 646-436-7795
carimachet at gmail.com
AIM carismachet
Skype carimachet - 646-652-6434
Syria +963-099 277 3243
Amman +962 077 636 9407
Berlin +49 152 11779219
Twitter: @carimachet <https://twitter.com/carimachet>

Ruh-roh, this is now necessary: This email is intended only for the
addressee(s) and may contain confidential information. If you are not the
intended recipient, you are hereby notified that any use of this
information, dissemination, distribution, or copying of this email without
permission is strictly prohibited.




From mk at dee.su  Wed Aug 21 14:27:21 2013
From: mk at dee.su (Maxim Kammerer)
Date: Thu, 22 Aug 2013 00:27:21 +0300
Subject: [liberationtech] Bradley Manning's sentence: 35 years for exposing us to the truth
Message-ID: <mailman.4441.1575949052.62801.testlist@lists.cpunks.org>

On Wed, Aug 21, 2013 at 11:59 PM, Shelley <shelley at misanthropia.info> wrote:
> Sure, but I think Manning has a zero chance of obtaining a pardon.

Col. Morris Davis: “Military has detailed regs on confinement credits
& parole eligibility. My best est is he'll do about 8-9 yrs, out by
age 33-34.”
https://twitter.com/ColMorrisDavis/status/370223513400913920
https://en.wikipedia.org/wiki/Morris_Davis

If true, a pretty fitting sentence, I think, for indiscriminately
publishing huge amount of classified information that potentially
endangered many people, and considering that USA has unusually harsh
sentences for a developed country.

An interesting comment on Reddit, of all places:
“Significant amounts of foreign service agent names were released.
These are civilians working for their government in some official
capacity (think spies, except not all of them are cloak and dagger
types). These were people stationed in hostile countries (Pakistan, SE
Asia, Middle East, Africa) and if their cover had been blown while in
country they could have been sought out.
Luckily, as I understand it most of the people that were exposed were
notified by their handlers in advance (basically as soon as word go
out that diplomatic cables had been compromised) and were extracted. A
friend of mine works in a field that draws a lot of foreign service
agents to it due to the nature of the work, and they were camped out
in northern Pakistan with her crew. She woke up one morning (the
morning after the diplomatic cables were released) and half her crew
was gone. They got word in the middle of the night and left. They
couldn't even tell the people they were with why they were gone, and I
imagine it was quite unsettling to be there and be missing people all
of the sudden.”
http://www.reddit.com/r/news/comments/1kszc9/bradley_manning_sentenced_to_35_years_in_jail/cbsg58x

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From carimachet at gmail.com  Wed Aug 21 15:41:41 2013
From: carimachet at gmail.com (Cari Machet)
Date: Thu, 22 Aug 2013 00:41:41 +0200
Subject: David and Glenn in Berlin
In-Reply-To: <52153D72.1020909@cpunk.us>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <5213B55B.7010509@redteam.io>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
 <20130821064210.GK29404@leitl.org> <52153D72.1020909@cpunk.us>
Message-ID: <CAGRDzQV2z3_kg4++XkhWTFMAAo8SPJsF=vaouyCGm6L6oe_nxQ@mail.gmail.com>

i think the new white house dog (very important news if you missed it)
should take over the duties of obama > dogs generally have ethics and
i dont know one dog accused of war crimes or being a 'terrist' like
obama

On 8/22/13, CryptoFreak <cryptofreak at cpunk.us> wrote:
> On 08/21/2013 01:42 AM, Eugen Leitl wrote:
>> On Tue, Aug 20, 2013 at 04:14:39PM -0400, grarpamp wrote:
>>>> T word
>>>
>>> The word is TERRORIST aka: criminal.
>>> A shame that some words cannot be said or
>>> that some cannot say them.
>>
>> These days everybody is a terrorist. Excuse
>> me while I fix me up some breakfast terrorism, brb.
>
> Perhaps a nice bowl of Ricin Crispies?
>
>


-- 
Cari Machet
NYC 646-436-7795
carimachet at gmail.com
AIM carismachet
Skype carimachet - 646-652-6434
Syria +963-099 277 3243
Amman +962 077 636 9407
Berlin +49 152 11779219
Twitter: @carimachet <https://twitter.com/carimachet>

Ruh-roh, this is now necessary: This email is intended only for the
addressee(s) and may contain confidential information. If you are not the
intended recipient, you are hereby notified that any use of this
information, dissemination, distribution, or copying of this email without
permission is strictly prohibited.




From grarpamp at gmail.com  Wed Aug 21 22:51:16 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 22 Aug 2013 01:51:16 -0400
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
 <2311068.3YlhGehAQP@laptosid>
 <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
Message-ID: <CAD2Ti2_j2m4yCVOey3-uUEv=3bd3ZNMCzM7zSvujS8UN34d1KQ@mail.gmail.com>

>> This is so very true. Decentralisation is the only way to go, IMVHO. And
>> the lower network level we can decentralise, the better.

I like the decentral model. But I wonder about how to affirmatively
deny an influx of attacking nodes overtaking the network. It surely
cannot be relegated to the simple user? So that seems 'hard' to me.
For example, I think Tor may remain centralish rather than pure
dhtish for that purpose. But what if the centrality was undertaken
anonymously by some voting humans (or their analytic nodes). Their track
recourd could certainly be public yet anonymous therein. You would
at that point be trusting/subscribing their record, purely, as opposed to
dht or some other means, purely. What would p2p-hackers@ have to
say on this?




From grarpamp at gmail.com  Wed Aug 21 23:02:10 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 22 Aug 2013 02:02:10 -0400
Subject: David and Glenn in Berlin
In-Reply-To: <CAGRDzQV2z3_kg4++XkhWTFMAAo8SPJsF=vaouyCGm6L6oe_nxQ@mail.gmail.com>
References: <2B188079-3ADC-4966-8FE7-3C5408854FA9@me.com>
 <5213B55B.7010509@redteam.io>
 <CAD2Ti29qmMzkCc78LqYEVQhaROo6XU_YYnyByEwAd-02cNQyiQ@mail.gmail.com>
 <20130821064210.GK29404@leitl.org> <52153D72.1020909@cpunk.us>
 <CAGRDzQV2z3_kg4++XkhWTFMAAo8SPJsF=vaouyCGm6L6oe_nxQ@mail.gmail.com>
Message-ID: <CAD2Ti28Q0k6pBX6=MZ-LHjWGoOTVbH=25SZwHJkNi2Lh4fuC_Q@mail.gmail.com>

>>>>> T word
>>>>
>>>> The word is TERRORIST aka: criminal.
>>>> A shame that some words cannot be said or
>>>> that some cannot say them.

[thread continued forwards...]

And equally shameful that some use humour as excuse to utter
them under false guise of safety rather than actually discuss them
when times direly need and to good end.




From rysiek at hackerspace.pl  Wed Aug 21 17:46:03 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Thu, 22 Aug 2013 02:46:03 +0200
Subject: NSLs, gag-orders, code-changes,
 coerced backdoors - any tech response? (Re: Lavabit and End-point
 Security)
In-Reply-To: <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
Message-ID: <2311068.3YlhGehAQP@laptosid>

Dnia środa, 21 sierpnia 2013 13:20:53 Lodewijk andré de la porte pisze:
> Torrents show. Bitcoin shows.
> 
> Common protocol, many clients, graceful as possible failures, distributed
> everything.
> 
> Else you'll always have a centralized something that can get broken.

This is so very true. Decentralisation is the only way to go, IMVHO. And the 
lower network level we can decentralise, the better.

I'd like to see decentralisation-in-depth happening. As in: decentralised, 
peer-to-peer communication services in a dynamically routed network built on 
top of physical mesh.

With that in mind I love what Project Byzantium is doing, for example. The 
elements are slowly getting into place, at some point we will get there, I'm 
sure.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130822/a8ddb470/attachment.sig>

From jya at pipeline.com  Thu Aug 22 05:16:36 2013
From: jya at pipeline.com (John Young)
Date: Thu, 22 Aug 2013 08:16:36 -0400
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any
 tech  response? (Re: Lavabit and End-point Security)
Message-ID: <E1VCTnp-0005QF-D9@elasmtp-galgo.atl.sa.earthlink.net>

One of the many salutory if unsavory aspects of cypherpunks
is that a fresh proposal is more likely to be disagreed with
than supported, rabid-dog disagreement cloaking theft and
plagiarism.

Rotters will then go off to get something done with stolen
material, most will remain to shrewly pretend to demolish
whatever "cluelessness" shows up, to asymmetrically burgle
and secretize openness loot like official spies.

Lacking cluelessness to taunt into full disclosure the
bandits will brag of prowess, refer auto-didactly to
misunderstood, unread sources (some fictional hidden by
errant URLs), throw out poisoned baited code, cackle
at the writhing suckers who bite the freebie and foolishly
insert as covert backdoor, but never admit having been
hooked repeatedly, instead pay ahead the pain of
gullibility, lesson learned from distinguished computer
professors and OS-backdoored Middle East negotiators.

Does this remind of Assange among several ignotables
who went off-list to reshape the world as "life-changing"
endeavor? And who may or may not be among current hyenas
here lying in wait for fresh carrion like Bell, CJ,
Manning, Swartz, BBrown, Anonymous, Lulzsec, Sabu,
Appelbaum, Gonggrijp, Jonsdottir, Snowden, Poitras,
Greenwald, the list of vanity-incomsec-diseased
ever lengthens.

The dozen or so best and brightest will fail at their
incomsec ventures, hoodwinked by better and brighter vultures
preying on red meat wizards incompetent at asymmetrical
financial math with dreams of lucrative public interest
benefits fronted by sterling reputations. RSA, PGP, NSA
venture-backdooring susceptible.





From loki at obscura.com  Thu Aug 22 08:49:51 2013
From: loki at obscura.com (Lance Cottrell)
Date: Thu, 22 Aug 2013 08:49:51 -0700
Subject: Encrypted mailing lists?
In-Reply-To: <8738q3t1a4.fsf@tsmithe.net>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
 <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
 <2BF2095C-1D27-4AE9-8350-4AF1653CA718@obscura.com>
 <8738q3t1a4.fsf@tsmithe.net>
Message-ID: <5F46B2AC-AF0F-4BA9-9848-89DC71109E67@obscura.com>

This assumes the value stays about where it is.

	-Lance

--
Lance Cottrell
loki at obscura.com



On Aug 21, 2013, at 10:13 AM, Toby St Clere Smithe <mail at tsmithe.net> wrote:

> Lance Cottrell <loki at obscura.com> writes:
>> I hardly have time to read or respond to the messages as it is. Add even a few second per message and I would drop out.
> 
> Regardless of the value of the content?
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1643 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130822/f83df027/attachment.txt>

From stephan.neuhaus at tik.ee.ethz.ch  Thu Aug 22 00:06:23 2013
From: stephan.neuhaus at tik.ee.ethz.ch (Stephan Neuhaus)
Date: Thu, 22 Aug 2013 09:06:23 +0200
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
 <2311068.3YlhGehAQP@laptosid>
 <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
Message-ID: <5215B86F.4060207@ee.ethz.ch>

On 08/22/2013 02:58 AM, Lee Azzarello wrote:
> Alexander Galloway wrote a wonderful text on decentralized control titled
> Protocol: How Control Exists After Decentralization. Worth the read.

Really?  From the MIT Press's blurb:

"In Protocol, Alexander Galloway argues that the founding principle of 
the Net is control, not freedom, and that the controlling power lies in 
the technical protocols that make network connections (and 
disconnections) possible. He does this by treating the computer as a 
textual medium that is based on a technological language, code. Code, he 
argues, can be subject to the same kind of cultural and literary 
analysis as any natural language; computer languages have their own 
syntax, grammar, communities, and cultures. Instead of relying on 
established theoretical approaches, Galloway finds a new way to write 
about digital media, drawing on his backgrounds in computer programming 
and critical theory. "Discipline-hopping is a necessity when it comes to 
complicated socio-technical topics like protocol," he writes in the 
preface."

Oh dear.

Stephan




From bryce at zerostate.is  Thu Aug 22 09:00:52 2013
From: bryce at zerostate.is (Bryce Lynch)
Date: Thu, 22 Aug 2013 12:00:52 -0400
Subject: [Doctrinezero] HTTPS
Message-ID: <mailman.4442.1575949052.62801.testlist@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/21/2013 10:37 AM, Dirk Bruere wrote:
> Do the certification authorities hold a key that can break the 
> encryption of sites that use it?

It's more complicated than that.

Most of the time, whenever someone buys an SSL certificate pair signed
by a CA, they have the CA generate the certificate pair for them
(because OpenSSL's command line is pants, usually), sign it for them,
and then send them the whole mess.  The CA archives copies of the
public and private certs after signing.  We've seen several times in
the past where CAs have given untrusted third parties copies of those
signed certs.  Ouch.

There is a subtle flaw in the CA ecosystem: So long as a cert is
signed by a CA that the client trusts, it doesn't matter /who/ the
signer was.  So, example.com could buy an SSL certificate from Thawte,
and Eve could buy an SSL cert from Comodo for example.com.  Eve could
then use her cert for example.com to run a man-in-the-middle attack
against users of example.com, and their browsers would never notice
because both Thawte and Comodo are trusted.  The SSL protocol has no
provision for noticing if and when the trust chain changes in
mid-flight.  Double ouch.  We've seen this one happen in the field
several times.  This is how ComodoHacker wrecked so much havoc a few
years ago.

There is another flaw in SSL: Wildcards.  It is not uncommon for
companies to buy SSL certs valid for *.example.com, so that they have
only one cert covering all of their SSL enabled resources.  What isn't
obvious is that it's possible to generate a valid cert for *.com.  Or
*.org.  Or *.  Those certs are valid for *.com, or *.org, or * (any
SSL enabled resource on the global Net) until they expire.  A few of
the big CAs sell these for whoever can pony up for them (they're very
expensive) because they can be loaded into DPI/DCI hardware which
basically carries out MITM attacks for detecting data exfiltration.
That they are also used for surveillance comes with the territory.  At
least one CA that was pwned in the past five years had a number of
wildcard certs generated by the attacker for * which are good until 1
January 2038.  Uh-oh.

Third parties have been trying to find ways to fix this - certificate
pinning, TOFU/POP, Webs of Trust for SSL, Convergence, manually
untrusting every CA in your browser - but none of them have caught on.

- -- 
The Doctor [412/724/301/703] [ZS]

PGP: 0xF1F922F2 / CABE 73FB 2D68 D1EF 3956  A468 7B1F DFE8 F1F9 22F2
WWW: https://drwho.virtadpt.net/

The future belongs to the brave.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSFjWzAAoJEHsf3+jx+SLyYGUH/3ekahHofFHoxwcIAXikcxY6
SEgYQdN2MQyyX4JHfC+T56d0spWyBykd87NV53+qqxLkRpK90OHAgcciKTctyFw7
Vw4VUGIJlie+IXItZTD203mWLjfHlNubJFCTCFeujVs/Sl9WBCXOi3I2mN9RP20j
G3EPYvR7NWUk8Y0O66ZUwh5Wnblj1PtbpCqU6vbByK1DWTIOopI1UC++aU7wYw4F
9IyfoXRe7JJIjexxq03XRsOc2GeaYkuy6LpwG+LDO3HrTv7Us7Y5plF/ybUnuQWL
pccOHBcUgnvaCcD+8S8/6x0do8qVQNNVu74C88SCDR0R6vrNT0k2Ws1wfG8ix8s=
=oa/z
-----END PGP SIGNATURE-----
_______________________________________________
Doctrinezero mailing list
Doctrinezero at zerostate.is
Unsubscribe: https://lists.zerostate.is/mailman/listinfo/doctrinezero

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From joe at cdt.org  Thu Aug 22 11:03:55 2013
From: joe at cdt.org (Joseph Lorenzo Hall)
Date: Thu, 22 Aug 2013 14:03:55 -0400
Subject: [liberationtech] Open Whisper Systems' neat asynch FPS "pre-keying"
Message-ID: <mailman.4443.1575949052.62801.testlist@lists.cpunks.org>

https://whispersystems.org/blog/asynchronous-security/

...

The TextSecure Protocol

TextSecure’s upcoming iOS client (and Android data channel client) uses
a simple trick to provide asynchronous messaging while simultaneously
providing forward secrecy.

At registration time, the TextSecure client preemptively generates 100
signed key exchange messages and sends them to the server. We call these
“prekeys.” A client that wishes to send a secure message to a user for
the first time can now:

1.  Connect to the server and request the destination’s next “prekey.”
2.  Generate its own key exchange message half.
3.  Calculate a shared secret with the prekey it received and its own
key exchange half.
4.  Use the shared secret to encrypt the message.
5.  Package up the prekey id, the locally generated key exchange
message, and the ciphertext.
6.  Send it all in one bundle to the destination client.

The user experience for the sender is ideal: they type a message, hit
send, and an encrypted message is immediately sent.

The destination client receives all of this as a single push
notification. When the user taps it, the client has everything it needs
to calculate the key exchange on its end, immediately decrypt the
ciphertext, and display the message.

With the initial key exchange out of the way, both parties can then
continue communicating with an OTR-style protocol as usual. Since the
server never hands out the same prekey twice (and the client would never
accept the same prekey twice), we are able to provide forward secrecy in
a fully asynchronous environment.

-- 
Joseph Lorenzo Hall
Senior Staff Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe at cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8


-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From taxakis at gmail.com  Thu Aug 22 07:04:48 2013
From: taxakis at gmail.com (taxakis)
Date: Thu, 22 Aug 2013 16:04:48 +0200
Subject: NSLs, gag-orders, code-changes,
 coerced backdoors - any tech response? (Re: Lavabit and End-point
 Security)
In-Reply-To: <E1VCTnp-0005QF-D9@elasmtp-galgo.atl.sa.earthlink.net>
References: <E1VCTnp-0005QF-D9@elasmtp-galgo.atl.sa.earthlink.net>
Message-ID: <01dc01ce9f40$906c8f00$b145ad00$@com>


Why not introduce a "grill week", John? A shaking of the bones. A weekly
virtual bowel-movement.  One for the bandits, one for the hyenas, one for
the rotters, one for the vultures, the leeches, and so on.... 
Tim would be so happy to contribute, wouldn't you Tim?

/b


-----Original Message-----
From: cypherpunks [mailto:cypherpunks-bounces at cpunks.org] On Behalf Of John
Young
Sent: Thursday, August 22, 2013 2:17 PM
To: cypherpunks at cpunks.org
Subject: Re: NSLs, gag-orders, code-changes, coerced backdoors - any tech
response? (Re: Lavabit and End-point Security)

One of the many salutory if unsavory aspects of cypherpunks is that a fresh
proposal is more likely to be disagreed with than supported, rabid-dog
disagreement cloaking theft and plagiarism.

Rotters will then go off to get something done with stolen material, most
will remain to shrewly pretend to demolish whatever "cluelessness" shows up,
to asymmetrically burgle and secretize openness loot like official spies.

Lacking cluelessness to taunt into full disclosure the bandits will brag of
prowess, refer auto-didactly to misunderstood, unread sources (some
fictional hidden by errant URLs), throw out poisoned baited code, cackle at
the writhing suckers who bite the freebie and foolishly insert as covert
backdoor, but never admit having been hooked repeatedly, instead pay ahead
the pain of gullibility, lesson learned from distinguished computer
professors and OS-backdoored Middle East negotiators.

Does this remind of Assange among several ignotables who went off-list to
reshape the world as "life-changing"
endeavor? And who may or may not be among current hyenas here lying in wait
for fresh carrion like Bell, CJ, Manning, Swartz, BBrown, Anonymous,
Lulzsec, Sabu, Appelbaum, Gonggrijp, Jonsdottir, Snowden, Poitras,
Greenwald, the list of vanity-incomsec-diseased ever lengthens.

The dozen or so best and brightest will fail at their incomsec ventures,
hoodwinked by better and brighter vultures preying on red meat wizards
incompetent at asymmetrical financial math with dreams of lucrative public
interest benefits fronted by sterling reputations. RSA, PGP, NSA
venture-backdooring susceptible.





From ericm at lne.com  Thu Aug 22 17:51:07 2013
From: ericm at lne.com (Eric Murray)
Date: Thu, 22 Aug 2013 17:51:07 -0700
Subject: HTTPS
In-Reply-To: <20130823002543.GA7611@netbook.cypherspace.org>
References: <20130822160927.GX29404@leitl.org>
 <20130823002543.GA7611@netbook.cypherspace.org>
Message-ID: <5216B1FB.7080906@lne.com>

On 08/22/2013 05:25 PM, Adam Back wrote:

> 
> (I really dont think a browser vendor would accept *.com nor
> especially *. as a valid site cert wildcard.  It does get fiddly
> because you also want *.co.uk etc to be invalid but they have some
> built in tables of such things to differentiate a TLD from a
> domain).


About three years ago I looked at that code on WebOS (Palm smart
phones).  The code came from Webkit which is what Google's and Apple's
browsers were based on.

It did not accept *.com, certainly not *., and had some complex logic
to decide what to accept.  I doubt that Mozilla accepts *.com or *. as
well.

Few modern CAs issue certs with wildcards in the CN. Instead they use
the SubjectAlternateName extension which can have multiple entries,
reducing or eliminating the need for wildcards.

Eric





From eugen at leitl.org  Thu Aug 22 09:09:28 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 22 Aug 2013 18:09:28 +0200
Subject: [Doctrinezero] HTTPS
Message-ID: <20130822160927.GX29404@leitl.org>

----- Forwarded message from Bryce Lynch <bryce at zerostate.is> -----


From noloader at gmail.com  Thu Aug 22 18:05:28 2013
From: noloader at gmail.com (Jeffrey Walton)
Date: Thu, 22 Aug 2013 21:05:28 -0400
Subject: [cryptopolitics] Is Windows 8 a Trojan horse for the NSA? The German Government thinks so
Message-ID: <mailman.4444.1575949052.62801.testlist@lists.cpunks.org>

http://news.techworld.com/security/3465259/is-windows-8-trojan-horse-for-nsa-german-government-thinks-so/

The German Government is now deeply suspicious that the Trusted
Platform Module (TPM) technology built into a growing number of
Windows 8 PCs and tablets is creating a gigantic back door for NSA
surveillance, leaked documents have suggested.

Documents from the German Ministry of Economic Affairs obtained by
German title Zeit Online
(http://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa/seite-1)
uncover the alleged unease of officials at the direction of version
2.0 of the standard being developed under the auspices of the
multi-vendor Trusted Computing Group (TCG).

TPM has been marketed as a security technology since its appearance in
2006, but version 2.0 would embed a chip on every PC that has complete
control over which programs can and can’t run, a setting that can’t be
over-ridden under Windows 8. The chip is also where the cryptographic
data is stored for Windows BitLocker and it enables remote
administration.

...
_______________________________________________
cryptopolitics mailing list
cryptopolitics at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptopolitics

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From wrightalexw at gmail.com  Thu Aug 22 18:50:32 2013
From: wrightalexw at gmail.com (alex wright)
Date: Thu, 22 Aug 2013 21:50:32 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <5F46B2AC-AF0F-4BA9-9848-89DC71109E67@obscura.com>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
 <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
 <2BF2095C-1D27-4AE9-8350-4AF1653CA718@obscura.com>
 <8738q3t1a4.fsf@tsmithe.net>
 <5F46B2AC-AF0F-4BA9-9848-89DC71109E67@obscura.com>
Message-ID: <CAJpBq5Py938CW-Wmr_13e3o5kkrwc8qEv+JOm=M4S8uHHyANAQ@mail.gmail.com>

I can't imagine trusting enough people that I can't see to necessitate a
mailing list.  It would certainly be neat, though.


On Thu, Aug 22, 2013 at 11:49 AM, Lance Cottrell <loki at obscura.com> wrote:

> This assumes the value stays about where it is.
>
> -Lance
>
> --
> Lance Cottrell
> loki at obscura.com
>
>
>
> On Aug 21, 2013, at 10:13 AM, Toby St Clere Smithe <mail at tsmithe.net>
> wrote:
>
> Lance Cottrell <loki at obscura.com> writes:
>
> I hardly have time to read or respond to the messages as it is. Add even a
> few second per message and I would drop out.
>
>
> Regardless of the value of the content?
>
>
>


-- 
"On two occasions I have been asked, 'Pray, Mr. Babbage, if you put into the
machine wrong figures, will the right answers come out?' I am not able
rightly
to apprehend the kind of confusion of ideas that could provoke such a
question."

-Charles Babbage, 19th century English mathematician, philosopher, inventor
and mechanical engineer who originated the concept of a programmable
computer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2157 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130822/980bd5ea/attachment.txt>

From die at dieconsulting.com  Thu Aug 22 19:05:59 2013
From: die at dieconsulting.com (David I. Emery)
Date: Thu, 22 Aug 2013 22:05:59 -0400
Subject: Encrypted mailing lists?
In-Reply-To: <CAJpBq5Py938CW-Wmr_13e3o5kkrwc8qEv+JOm=M4S8uHHyANAQ@mail.gmail.com>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
 <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
 <2BF2095C-1D27-4AE9-8350-4AF1653CA718@obscura.com>
 <8738q3t1a4.fsf@tsmithe.net>
 <5F46B2AC-AF0F-4BA9-9848-89DC71109E67@obscura.com>
 <CAJpBq5Py938CW-Wmr_13e3o5kkrwc8qEv+JOm=M4S8uHHyANAQ@mail.gmail.com>
Message-ID: <20130823020559.GK7361@pig.dieconsulting.com>

On Thu, Aug 22, 2013 at 09:50:32PM -0400, alex wright wrote:
> I can't imagine trusting enough people that I can't see to necessitate a
> mailing list.  It would certainly be neat, though.

	Neat but pretty pointless...

	You not only have to trust in the integrity and commitment to
your cause and resistance to blackmail and being turned of each and
every member, you ALSO have to trust them to be highly skilled at
maintaining the security and integrity of the node they read the
messages on.   

	So not only do you need highly trusted and trustworthy folks to
communicate with, you need very technically competent and careful ones
who will not make mistakes with node security and whose lives and
circumstances allow them to take the required precautions.

	I suspect finding enough of the latter is actually harder than
finding enough of the former...

	And as for OPEN or PUBLIC mailing lists subject to completely
anonymous/pseudonymous  or weakly vetted subscription - the purpose of
encryption would only seem to be to trap fools.   Any serious adversary
has the means to clandestinely subscribe nearly untraceably, and if they
care most will.  And obviously then the encryption only encourages loose
talk and carelessness that an open list would tend to suppress. 


-- 
  Dave Emery N1PRE/AE, die at dieconsulting.com  DIE Consulting, Weston, Mass 02493
"An empty zombie mind with a forlorn barely readable weatherbeaten
'For Rent' sign still vainly flapping outside on the weed encrusted pole - in 
celebration of what could have been, but wasn't and is not to be now either."




From pgut001 at cs.auckland.ac.nz  Thu Aug 22 04:05:50 2013
From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Date: Thu, 22 Aug 2013 23:05:50 +1200
Subject: [cryptography] urandom vs random
Message-ID: <mailman.4445.1575949052.62801.testlist@lists.cpunks.org>

Just appeared on the GnuPG list:

NeuG 0.11 was released.  NeuG is an implementation of True Random
Number Generator based on quantization error of ADC of STM32F103.

It is basically intended to be used as a part of Gnuk, but we also
have standalone USB CDC-ACM version (you can get random stream from
/dev/ttyACM0).  Standalone version is useful to feed entropy to
/dev/random on GNU/Linux.  Its generation speed is >= 50kB/sec, and
it's more when connected to USB 2.0 Hub.

The output is tested NIST STS 2.1.1 and Dieharder 3.31.1.

Highlights are:

* Replacement of kernel (thread library)

  Instead of ChibiOS/RT, we now use Chopstx.

* Improved performance

  The output of random numbers got faster than the previous
  implementation by 30% or so.

* Unsupported targets

  CQ_STARM, STBEE, STBEE Mini, and STM32_PRIMER2 are not
  supported in this release, but porting should be easy.


Here are some links for NeuG, Gnuk and FST-01 (the hardware).

NeuG (under Gnuk Repository):
    http://gitorious.org/gnuk/neug

Gnuk News:
    http://www.fsij.org/gnuk/

FST-01 introduction:
    http://www.seeedstudio.com/wiki/index.php?title=FST-01

FST-01 Q&A site:
    http://no-passwd.net/askbot/questions/

Japanese Documentation for FST-01 and Gnuk Token:
    http://no-passwd.net/fst-01-gnuk-handbook/index.html

Enjoy,
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From l at odewijk.nl  Thu Aug 22 14:24:04 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Thu, 22 Aug 2013 23:24:04 +0200
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <01dc01ce9f40$906c8f00$b145ad00$@com>
References: <E1VCTnp-0005QF-D9@elasmtp-galgo.atl.sa.earthlink.net>
 <01dc01ce9f40$906c8f00$b145ad00$@com>
Message-ID: <CAHWD2r+o+u7FGaaW+qvFycLCVtUV67Oojnbe51JJchv5qmnMLA@mail.gmail.com>

I skimmed the book on "the protocol". Since our favorite abbreviations
litter the place (HTTP, RFC, etc.) and they regard only the network
protocols I can only assume the man wants to make a statement about how
code, too, has human flaws. And about how the networking protocols are took
our freedom to do as we please locally and have no federation. Truly I do
agree, networking sucks at this moment.

Claiming it to be distributed is simply experiencing reality wrong. Part of
it is technology that is capable of supporting distributed solutions, in
practice implemented by single organizations.

At best you can claim "The Internet" is a decentralized, not distributed,
organization.

Controlling the protocol itself is a huge problem. Bitcoin solves it rather
roughly. Torrents do a *lot* better imho. Solutions can be stable protocols
with protocols on top of it. That requires "perfect" protocols though.
That's kinda hard.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1069 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130822/8ee8bc14/attachment.txt>

From elijah at riseup.net  Thu Aug 22 23:46:10 2013
From: elijah at riseup.net (elijah)
Date: Thu, 22 Aug 2013 23:46:10 -0700
Subject: [liberationtech] Open Whisper Systems' neat asynch FPS "pre-keying"
Message-ID: <mailman.4446.1575949052.62801.testlist@lists.cpunks.org>

On 08/22/2013 08:09 PM, Tom Ritter wrote:

>> https://whispersystems.org/blog/asynchronous-security/ Since these
>> key exchange parts are ephemeral, recording ciphertext traffic
>> doesn’t help a would-be adversary, since there is no durable key
>> for them to compromise in the future.
> 
> I disagree.  PFS traffic today protected with 1024-bit DH will be 
> readable in 10 years, if not sooner, to organizations like the NSA. 
> In twice that time it may be cheap enough to be decryptable on a
> mass scale.

Well, to be fair to moxie, TextSecure uses a modified OTR that uses ECC,
afaik.

> Anyway, that's a nit.  My first thought is that the nastiest part of 
> this protocol is that Bob (a client) is trusting the server to give
> it legitimate keys for Alice (the other client.)  The server can lie,
> and hand out fradulent keys (I'll call one KeyF as opposed to a legit
> one KeyA).

I think this criticism is also a bit unfair. The scheme of using
generating prekeys for later key agreement is pretty clever. With this,
moxie is not trying to solve, or claiming to have solved, the larger
problem of binding user account to public key. For the binding problem,
he is completely punting, and relying on a central authority, afaik,
which is awful and horrible for all the reasons you state. But the key
agreement part is cooool.

If you could solve the binding problem some other way, then moxie's
prekey approach could be used for all kinds of things, even email.

For the user public key binding problem, you have a proposal [0], I have
a proposal [1], Paul Wouters has a proposal [2], there are probably
several more people on the list with proposals too. One of them will
probably work, eventually. And when one does, the prekey approach to key
agreement could come in very handy.

-elijah

[0] unpublished UEE protocol
[1] https://leap.se/en/nicknym
[2] https://datatracker.ietf.org/doc/draft-wouters-dane-openpgp/
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From checker at panix.com  Thu Aug 22 17:10:17 2013
From: checker at panix.com (Frank Forman)
Date: Fri, 23 Aug 2013 00:10:17 +0000 (GMT)
Subject: [tt] Crypto-Gram: August 15, 2013
Message-ID: <mailman.4447.1575949052.62801.testlist@lists.cpunks.org>

Lots of alarming stuff.

Crypto-Gram: August 15, 2013
http://www.schneier.com/crypto-gram-1308.html

by Bruce Schneier
BT Security Futurologist
schneier at schneier.com
http://www.schneier.com

A free monthly newsletter providing summaries, analyses, insights,
and commentaries on security: computer and otherwise.

In this issue:
* The Public/Private Surveillance Partnership
* The NSA is Commandeering the Internet
* Restoring Trust in Government and the Internet
* News
* Book Review: "Rise of the Warrior Cop"
* Schneier News
* Michael Hayden on the Effects of Snowden's Whistleblowing
* Counterterrorism Mission Creep
----
The Public/Private Surveillance Partnership

Imagine the government passed a law requiring all citizens to carry
a tracking device. Such a law would immediately be found
unconstitutional. Yet we all carry mobile phones.

If the National Security Agency required us to notify it whenever we
made a new friend, the nation would rebel. Yet we notify Facebook.
If the Federal Bureau of Investigation demanded copies of all our
conversations and correspondence, it would be laughed at. Yet we
provide copies of our e-mail to Google, Microsoft or whoever our
mail host is; we provide copies of our text messages to Verizon,
AT&T and Sprint; and we provide copies of other conversations to
Twitter, Facebook, LinkedIn, or whatever other site is hosting them.

The primary business model of the Internet is built on mass
surveillance, and our government's intelligence-gathering agencies
have become addicted to that data. Understanding how we got here is
critical to understanding how we undo the damage.

Computers and networks inherently produce data, and our constant
interactions with them allow corporations to collect an enormous
amount of intensely personal data about us as we go about our daily
lives. Sometimes we produce this data inadvertently simply by using
our phones, credit cards, computers and other devices. Sometimes we
give corporations this data directly on Google, Facebook, Apple
Inc.'s iCloud and so on in exchange for whatever free or cheap
service we receive from the Internet in return.

The NSA is also in the business of spying on everyone, and it has
realized it's far easier to collect all the data from these
corporations rather than from us directly. In some cases, the NSA
asks for this data nicely. In other cases, it makes use of subtle
threats or overt pressure. If that doesn't work, it uses tools like
national security letters.

The result is a corporate-government surveillance partnership, one
that allows both the government and corporations to get away with
things they couldn't otherwise.

There are two types of laws in the U.S., each designed to constrain
a different type of power: constitutional law, which places
limitations on government, and regulatory law, which constrains
corporations. Historically, these two areas have largely remained
separate, but today each group has learned how to use the other's
laws to bypass their own restrictions. The government uses
corporations to get around its limits, and corporations use the
government to get around their limits.

This partnership manifests itself in various ways. The government
uses corporations to circumvent its prohibitions against
eavesdropping domestically on its citizens. Corporations rely on the
government to ensure that they have unfettered use of the data they
collect.

Here's an example: It would be reasonable for our government to
debate the circumstances under which corporations can collect and
use our data, and to provide for protections against misuse. But if
the government is using that very data for its own surveillance
purposes, it has an incentive to oppose any laws to limit data
collection. And because corporations see no need to give consumers
any choice in this matter--because it would only reduce their
profits--the market isn't going to protect consumers, either.

Our elected officials are often supported, endorsed and funded by
these corporations as well, setting up an incestuous relationship
between corporations, lawmakers and the intelligence community.

The losers are us, the people, who are left with no one to stand up
for our interests. Our elected government, which is supposed to be
responsible to us, is not. And corporations, which in a market
economy are supposed to be responsive to our needs, are not. What we
have now is death to privacy--and that's very dangerous to
democracy and liberty.

The simple answer is to blame consumers, who shouldn't use mobile
phones, credit cards, banks or the Internet if they don't want to be
tracked. But that argument deliberately ignores the reality of
today's world. Everything we do involves computers, even if we're
not using them directly. And by their nature, computers produce
tracking data. We can't go back to a world where we don't use
computers, the Internet or social networking. We have no choice but
to share our personal information with these corporations, because
that's how our world works today.

Curbing the power of the corporate-private surveillance partnership
requires limitations on both what corporations can do with the data
we choose to give them and restrictions on how and when the
government can demand access to that data. Because both of these
changes go against the interests of corporations and the government,
we have to demand them as citizens and voters. We can lobby our
government to operate more transparently--disclosing the opinions
of the Foreign Intelligence Surveillance Court would be a good start
--and hold our lawmakers accountable when it doesn't. But it's not
going to be easy. There are strong interests doing their best to
ensure that the steady stream of data keeps flowing.

This essay originally appeared on Bloomberg.com.
http://www.bloomberg.com/news/2013-07-31/...

Corporations collecting data:
http://www.schneier.com/essay-324.html
http://www.schneier.com/essay-423.html
http://www.nationaljournal.com/magazine/...

Corporations cooperating with the NSA:
http://news.cnet.com/8301-13578_3-57593538-38/...
http://news.cnet.com/8301-13578_3-57595202-38/...
http://www.newyorker.com/online/blogs/elements/2013/...
http://news.cnet.com/8301-13578_3-57595529-38/...

How the partnership manifests itself:
http://www.bloomberg.com/news/2013-06-28/...
http://www.bloomberg.com/news/2013-06-30/...

Congress attempt to rein in NSA:
http://www.nytimes.com/2013/07/25/us/politics/...

The death of privacy:
https://www.schneier.com/essay-418.html

Disclosing FISA opinions:
http://www.bloomberg.com/news/2013-07-09/...
----
The NSA is Commandeering the Internet

It turns out that the NSA's domestic and world-wide surveillance
apparatus is even more extensive than we thought. Bluntly: The
government has commandeered the Internet. Most of the largest
Internet companies provide information to the NSA, betraying their
users. Some, as we've learned, fight and lose. Others cooperate,
either out of patriotism or because they believe it's easier that
way.

I have one message to the executives of those companies: fight.

Do you remember those old spy movies, when the higher ups in
government decide that the mission is more important than the spy's
life? It's going to be the same way with you. You might think that
your friendly relationship with the government means that they're
going to protect you, but they won't. The NSA doesn't care about you
or your customers, and will burn you the moment it's convenient to
do so.

We're already starting to see that. Google, Yahoo, Microsoft and
others are pleading with the government to allow them to explain
details of what information they provided in response to National
Security Letters and other government demands. They've lost the
trust of their customers, and explaining what they do--and don't
do--is how to get it back. The government has refused; they don't
care.

It will be the same with you. There are lots more high-tech
companies who have cooperated with the government. Most of those
company names are somewhere in the thousands of documents that
Edward Snowden took with him, and sooner or later they'll be
released to the public. The NSA probably told you that your
cooperation would forever remain secret, but they're sloppy. They'll
put your company name on presentations delivered to thousands of
people: government employees, contractors, probably even foreign
nationals. If Snowden doesn't have a copy, the next whistleblower
will.

This is why you have to fight. When it becomes public that the NSA
has been hoovering up all of your users' communications and personal
files, what's going to save you in the eyes of those users is
whether or not you fought. Fighting will cost you money in the short
term, but capitulating will cost you more in the long term.

Already companies are taking their data and communications out of
the US.

The extreme case of fighting is shutting down entirely. The secure
e-mail service Lavabit did that last week, abruptly. Ladar Levison,
that site's owner, wrote on his homepage: "I have been forced to
make a difficult decision: to become complicit in crimes against the
American people or walk away from nearly ten years of hard work by
shutting down Lavabit. After significant soul searching, I have
decided to suspend operations. I wish that I could legally share
with you the events that led to my decision."

The same day, Silent Circle followed suit, shutting down their
e-mail service in advance of any government strong-arm tactics: "We
see the writing the wall, and we have decided that it is best for us
to shut down Silent Mail now. We have not received subpoenas,
warrants, security letters, or anything else by any government, and
this is why we are acting now." I realize that this is extreme. Both
of those companies can do it because they're small. Google or
Facebook couldn't possibly shut themselves off rather than cooperate
with the government. They're too large; they're public. They have to
do what's economically rational, not what's moral.

But they can fight. You, an executive in one of those companies, can
fight. You'll probably lose, but you need to take the stand. And you
might win. It's time we called the government's actions what they
really are: commandeering. Commandeering is a practice we're used to
in wartime, where commercial ships are taken for military use, or
production lines are converted to military production. But now it's
happening in peacetime. Vast swaths of the Internet are being
commandeered to support this surveillance state.

If this is happening to your company, do what you can to isolate the
actions. Do you have employees with security clearances who can't
tell you what they're doing? Cut off all automatic lines of
communication with them, and make sure that only specific, required,
authorized acts are being taken on behalf of government. Only then
can you look your customers and the public in the face and say that
you don't know what is going on--that your company has been
commandeered.

Journalism professor Jeff Jarvis recently wrote in the "Guardian":
"Technology companies: now is the moment when you must answer for
us, your users, whether you are collaborators in the US government's
efforts to 'collect it all'--our every move on the internet--or
whether you, too, are victims of its overreach."

So while I'm sure it's cool to have a secret White House meeting
with President Obama--I'm talking to you, Google, Apple, AT&T, and
whoever else was in the room--resist. Attend the meeting, but
fight the secrecy. Whose side are you on?

The NSA isn't going to remain above the law forever. Already public
opinion is changing, against the government and their corporate
collaborators. If you want to keep your users' trust, demonstrate
that you were on their side.

This essay originally appeared on TheAtlantic.com.
http://www.theatlantic.com/technology/archive/2013/...

Corporations and the NSA surveillance apparatus:
http://www.schneier.com/blog/archives/2013/08/...
http://www.schneier.com/essay-436.html
http://www.theatlanticwire.com/technology/2013/06/...
http://www.wired.com/threatlevel/2013/04/...
http://news.cnet.com/8301-13578_3-57593538-38/...
http://www.newyorker.com/online/blogs/elements/2013/...

Companies wanting more disclosure:
http://business.time.com/2013/07/18/...

Whistleblowing as civil disobedience:
http://www.zephoria.org/thoughts/archives/2013/07/...

Cooperating with NSA surveillance costs companies money:
http://boingboing.net/2013/08/08/...

Lavabit:
http://www.schneier.com/blog/archives/2013/08/...
http://boingboing.net/2013/08/08/...
http://lavabit.com/
http://www.forbes.com/sites/kashmirhill/2013/08/09/...

Silent Circle:
http://silentcircle.wordpress.com/2013/08/09/...

Jarvis essay:
http://www.theguardian.com/commentisfree/2013/aug/...

Tech companies meet with Obama:
http://www.huffingtonpost.com/2013/08/09/...

NSA is a criminal organization:
http://www.nytimes.com/2013/06/28/opinion/...

Regaining trust:
http://www.schneier.com/essay-435.html

Slashdot thread:
http://news.slashdot.org/story/13/08/12/1850229/...
----
Restoring Trust in Government and the Internet

In July 2012, responding to allegations that the video-chat service
Skype--owned by Microsoft--was changing its protocols to make it
possible for the government to eavesdrop on users, Corporate Vice
President Mark Gillett took to the company's blog to deny it.

Turns out that wasn't quite true.

Or at least he--or the company's lawyers--carefully crafted a
statement that could be defended as true while completely deceiving
the reader. You see, Skype wasn't changing its protocols to make it
possible for the government to eavesdrop on users, because the
government was already able to eavesdrop on users.

At a Senate hearing in March, Director of National Intelligence
James Clapper assured the committee that his agency didn't collect
data on hundreds of millions of Americans. He was lying, too. He
later defended his lie by inventing a new definition of the word
"collect," an excuse that didn't even pass the laugh test.

As Edward Snowden's documents reveal more about the NSA's
activities, it's becoming clear that we can't trust anything anyone
official says about these programs.

Google and Facebook insist that the NSA has no "direct access" to
their servers. Of course not; the smart way for the NSA to get all
the data is through sniffers.

Apple says it's never heard of PRISM. Of course not; that's the
internal name of the NSA database. Companies are publishing reports
purporting to show how few requests for customer-data access they've
received, a meaningless number when a single Verizon request can
cover all of their customers. The Guardian reported that Microsoft
secretly worked with the NSA to subvert the security of Outlook,
something it carefully denies. Even President Obama's justifications
and denials are phrased with the intent that the listener will take
his words very literally and not wonder what they really mean.

NSA Director Gen. Keith Alexander has claimed that the NSA's massive
surveillance and data mining programs have helped stop more than 50
terrorist plots, 10 inside the U.S. Do you believe him? I think it
depends on your definition of "helped." We're not told whether these
programs were instrumental in foiling the plots or whether they just
happened to be of minor help because the data was there. It also
depends on your definition of "terrorist plots." An examination of
plots that that FBI claims to have foiled since 9/11 reveals that
would-be terrorists have commonly been delusional, and most have
been egged on by FBI undercover agents or informants.

Left alone, few were likely to have accomplished much of anything.

Both government agencies and corporations have cloaked themselves in
so much secrecy that it's impossible to verify anything they say;
revelation after revelation demonstrates that they've been lying to
us regularly and tell the truth only when there's no alternative.

There's much more to come. Right now, the press has published only a
tiny percentage of the documents Snowden took with him. And
Snowden's files are only a tiny percentage of the number of secrets
our government is keeping, awaiting the next whistle-blower.

Ronald Reagan once said "trust but verify." That works only if we
can verify. In a world where everyone lies to us all the time, we
have no choice but to trust blindly, and we have no reason to
believe that anyone is worthy of blind trust. It's no wonder that
most people are ignoring the story; it's just too much cognitive
dissonance to try to cope with it.

This sort of thing can destroy our country. Trust is essential in
our society. And if we can't trust either our government or the
corporations that have intimate access into so much of our lives,
society suffers. Study after study demonstrates the value of living
in a high-trust society and the costs of living in a low-trust one.

Rebuilding trust is not easy, as anyone who has betrayed or been
betrayed by a friend or lover knows, but the path involves
transparency, oversight and accountability. Transparency first
involves coming clean. Not a little bit at a time, not only when you
have to, but complete disclosure about everything. Then it involves
continuing disclosure. No more secret rulings by secret courts about
secret laws. No more secret programs whose costs and benefits remain
hidden.

Oversight involves meaningful constraints on the NSA, the FBI and
others. This will be a combination of things: a court system that
acts as a third-party advocate for the rule of law rather than a
rubber-stamp organization, a legislature that understands what these
organizations are doing and regularly debates requests for increased
power, and vibrant public-sector watchdog groups that analyze and
debate the government's actions.

Accountability means that those who break the law, lie to Congress
or deceive the American people are held accountable. The NSA has
gone rogue, and while it's probably not possible to prosecute people
for what they did under the enormous veil of secrecy it currently
enjoys, we need to make it clear that this behavior will not be
tolerated in the future. Accountability also means voting, which
means voters need to know what our leaders are doing in our name.

This is the only way we can restore trust. A market economy doesn't
work unless consumers can make intelligent buying decisions based on
accurate product information. That's why we have agencies like the
FDA, truth-in-packaging laws and prohibitions against false
advertising.

In the same way, democracy can't work unless voters know what the
government is doing in their name. That's why we have
open-government laws. Secret courts making secret rulings on secret
laws, and companies flagrantly lying to consumers about the
insecurity of their products and services, undermine the very
foundations of our society.

Since the Snowden documents became public, I have been receiving
e-mails from people seeking advice on whom to trust. As a security
and privacy expert, I'm expected to know which companies protect
their users' privacy and which encryption programs the NSA can't
break. The truth is, I have no idea. No one outside the classified
government world does. I tell people that they have no choice but to
decide whom they trust and to then trust them as a matter of faith.
It's a lousy answer, but until our government starts down the path
of regaining our trust, it's the only thing we can do.

This essay originally appeared on CNN.com.
http://www.cnn.com/2013/07/31/opinion/...

Skype story:
http://blogs.skype.com/2012/07/26/...
http://www.bbc.co.uk/news/technology-19012415
http://www.nytimes.com/2013/06/20/technology/...
http://www.slate.com/blogs/future_tense/2013/07/12/...

Clapper story:
http://nymag.com/daily/intelligencer/2013/06/...
http://www.eff.org/deeplinks/2013/06/...

Government lies:
http://www.eff.org/nsa-spying/wordgames

How NSA sniffers actually work:
http://fabiusmaximus.com/2013/06/11/...

Published reports of NSA surveillance requests:
https://www.schneier.com/blog/archives/2013/06/...
http://www.wired.com/threatlevel/2013/06/nsa-numbers

Microsoft Outlook story:
http://www.guardian.co.uk/world/2013/jul/11/...
http://blogs.technet.com/b/microsoft_on_the_issues/...

General Alexander's justification:
http://www.washingtonpost.com/blogs/post-politics/...

Examining terrorist plots:
http://politicalscience.osu.edu/faculty/jmueller/...

The value of trust:
http://www.schneier.com/essay-412.html
http://www.worldvaluessurvey.org

Two more links describing how the US government lies about NSA
surveillance.
http://www.slate.com/articles/news_and_politics/...
https://projects.propublica.org/graphics/nsa-claims
----
News

A problem with the US Privacy and Civil Liberties Oversight Board:
http://www.schneier.com/blog/archives/2013/07/...

Interesting essay on the impossibility of being entirely lawful all
the time, the balance that results from the difficulty of law
enforcement, and the societal value of being able to break the law.
It is very much like my notion of "outliers" in my book "Liars and
Outliers."
http://www.thoughtcrime.org/blog/...

Good article on the longstanding practice of secretly tapping
undersea cables.
http://www.theatlantic.com/international/archive/...
This is news right now because of a new Snowden document.
http://www.washingtonpost.com/business/economy/...

An amazing e-mail from the DHS, instructing its employees not to
read Snowden's documents when they appear in the press.
http://www.schneier.com/blog/archives/2013/07/...

Edward Snowden has set up a dead man's switch. He's distributed
encrypted copies of his document trove to various people, and has
set up some sort of automatic system to distribute the key, should
something happen to him. Dead man's switches have a long history,
both for safety (the machinery automatically stops if the operator's
hand goes slack) and security reasons. WikiLeaks did the same thing
with the State Department cables. I'm not sure he's thought this
through, though. I would be more worried that someone would kill me
in order to get the documents released than I would be that someone
would kill me to prevent the documents from being released. Any
real-world situation involves multiple adversaries, and it's
important to keep all of them in mind when designing a security
system.
http://www.wired.com/threatlevel/2013/07/...

For a change, here's a good idea by the TSA:
http://www.schneier.com/blog/archives/2013/07/...

Violence as a source of trust in criminal societies:
http://themonkeycage.org/2013/07/11/...
http://rss.sagepub.com/content/25/3/263.abstract

I generally don't like stories about Snowden as a person, because
they distract from the real story of the NSA surveillance programs,
but this article on the costs and benefits of the US government
prosecuting Edward Snowden is worth reading.
http://www.lawfareblog.com/2013/07/...
Related is this article on whether Snowden can manage to avoid
arrest. Here's the ending:
http://www.cnn.com/2013/07/12/us/...

Marc Rotenberg of EPIC explains why he is suing the NSA in the
Supreme Court.
http://www.cnn.com/2013/07/17/opinion/...
And "USA Today" has a back and forth on the topic.
http://www.usatoday.com/story/opinion/2013/07/18/...
http://www.usatoday.com/story/opinion/2013/07/18/...

This is a succinct explanation of how the secrecy of the FISA court
undermines trust.
http://www.schneier.com/blog/archives/2013/07/...

In an effort to lock the barn door after the horse has escaped, the
NSA is implementing two-man control for sysadmins.
http://www.cbsnews.com/8301-250_162-57594486/...
This kind of thing has happened before. After USN Chief Warrant
Officer John Walker sold encryption keys to the Soviets, the Navy
implemented two-man control for key material. It's an effective, if
expensive, security measure--and an easy one for the NSA to
implement while it figures out what it really has to do to secure
information from IT insiders.

The story of people who poach and collect rare eggs, and the people
who hunt them down.
http://www.newyorker.com/reporting/2013/07/22/...
Securing wildlife against poachers is a difficult problem,
especially when the defenders are poor countries with not a lot of
resources.

We're starting to see Internet companies talk about the mechanics of
how the US government spies on their users. Here, a Utah ISP owner
describes his experiences with NSA eavesdropping:
http://www.buzzfeed.com/justinesharrock/...
Declan McCullagh explains how the NSA coerces companies to cooperate
with its surveillance efforts. Basically, they want to avoid what
happened with the Utah ISP.
http://news.cnet.com/8301-13578_3-57593538-38/...
And Brewster Kahle of the Internet Archive explains how he
successfully fought a National Security Letter.
http://www.newyorker.com/online/blogs/elements/2013/...

Secret information is more trusted:
http://www.nytimes.com/2013/06/30/opinion/sunday/...
Original paper abstract:
http://onlinelibrary.wiley.com/doi/10.1111/...

NSA cracked the Kryptos Sculpture (parts one, two, and three) years
before the CIA did.
http://www.wired.com/threatlevel/2013/07/...
The fourth part is still uncracked.
http://www.schneier.com/blog/archives/2013/06/...
http://www.schneier.com/blog/archives/2006/04/...

The Obama Administration has a comprehensive "insider threat"
program to detect leakers from within government. This is
pre-Snowden. Not surprisingly, the combination of profiling and "see
something, say something" is unlikely to work.
http://www.mcclatchydc.com/2013/06/20/194513/...
http://www.mcclatchydc.com/2013/07/09/196211/...
http://www.theatlantic.com/politics/archive/2013/07/...

This is a really clever social engineering attack against a
bank-card holder.
http://www.guardian.co.uk/money/blog/2013/jul/29/...

Research on why some neighborhoods feel safer.
http://www.theatlanticcities.com/neighborhoods/2013/...
http://www.plosone.org/article/...
I've written about the feeling and reality of security, and how
they're different.
https://www.schneier.com/essay-213.html
https://www.schneier.com/essay-170.html
That's also the subject of this TEDx talk.
http://www.ted.com/talks/bruce_schneier.html
Yes, it's security theater: things that make a neighborhood *feel*
safer rather than actually safer. But when the neighborhood is
actually safer than people think it is, this sort of security
theater has value.
https://www.schneier.com/blog/archives/2007/01/...
Two related links:
http://www.economist.com/news/briefing/...
http://blogsofwar.com/2013/05/01/...

This is what happens when you're a security writer and you piss off
the wrong people: they conspire to have heroin mailed to you, and
then to tip off the police. And that's after they've called in a
fake hostage situation.
https://krebsonsecurity.com/2013/07/...

The UK has banned researchers from revealing details of security
vulnerabilities in car locks. In 2008, Phillips brought a similar
suit against researchers who broke the Mifare chip. That time, they
lost. This time, Volkswagen sued and won.
http://www.guardian.co.uk/technology/2013/jul/26/...
http://www.telegraph.co.uk/technology/10205983/...
http://www.bbc.co.uk/news/technology-23487928
http://news.techworld.com/security/3461155/...
http://www.bailii.org/ew/cases/EWHC/Ch/2013/1832.html
This is bad news for security researchers. (Remember back in 2001
when security researcher Ed Felten sued the RIAA in the US to be
able to publish his research results?) We're not going to improve
security unless we're allowed to publish our results. And we can't
start suppressing scientific results, just because a big corporation
doesn't like what it does to their reputation.

Richard Bejtlich and Thomas Rid (author of the excellent book "Cyber
War Will Not Take Place") debate the cyberwar threat on "The
Economist" website.
http://www.economist.com/debate/overview/256

There was a story about how searching for a pressure cooker and
backpacks got one family investigated by the police. It was
initially reported as NSA eavesdropping, but it wasn't. And as more
of the facts came out, it seemed pretty reasonable overall.
http://www.schneier.com/blog/archives/2013/08/...

The "Guardian" discusses a new secret NSA program: XKeyscore. It's
the desktop system that allows NSA agents to spy on anyone over the
Internet in real time. It searches existing NSA databases--
presumably including PRISM--and can create fingerprints to search
for all future data collections from systems like TRAFFIC THIEF.
This seems to be what Edward Snowden meant when he said that he had
the ability to spy on any American, in real time, from his deck.
http://www.theguardian.com/world/2013/jul/31/...

There's speculation that the FBI is responsible for an exploit that
compromised the Tor anonymity service. Note that Tor Browser Bundles
installed or updated after June 26 are secure.
http://www.wired.com/threatlevel/2013/08/...
https://openwatch.net/i/200/...
http://www.twitlonger.com/show/n_1rlo0uu
http://www.bbc.co.uk/go/em/fr/-/news/...
http://www.metafilter.com/130629/...
https://blog.torproject.org/blog/...

The further Kip Hawley has gotten from running the TSA, the more
sense he has started to make. This is pretty good.
http://www.cnn.com/2013/08/06/opinion/hawley-tsa/...

Twitter just rolled out a pretty nice two-factor authentication
system using your smart phone as the second factor.
http://www.wired.com/threatlevel/2013/08/...

Latest movie-plot threat: explosive-dipped clothing. It's being
reported, although there's no indication of where this rumor is
coming from or what it's based on. I can see the trailer now. "In a
world where your very clothes might explode at any moment, Bruce
Willis is, Bruce Willis in a Michael Bay film: BLOW UP! Co-starring
Lindsay Lohan..." I guess there's nothing to be done but to force
everyone to fly naked.
http://abcnews.go.com/Blotter/...

Lots of sports stadiums have instituted draconian new rules. Here
are the rules for St. Louis Rams games.
http://blog.stlouisrams.com/2013/06/13/...
Of course, you're supposed to think this is about terrorism. My
guess is that this is to help protect the security of the profits at
the concession stands.

General Keith Alexander thinks he can improve security by automating
sysadmin duties such that 90% of them can be fired. Does anyone know
a sysadmin anywhere who believes it's possible to automate 90% of
his job? Or who thinks any such automation will actually improve
security? He's stuck. Computerized systems require trusted people to
administer them. And any agency with all that computing power is
going to need thousands of sysadmins. Some of them are going to be
whistleblowers.
http://www.businessinsider.com/...
Leaking secret information is the civil disobedience of our age.
Alexander has to get used to it.
http://www.zephoria.org/thoughts/archives/2013/07/...

The 2013 Cryptologic History Symposium, sponsored by the NSA, will
be held at Johns Hopkins University this October.
http://www.nsa.gov/about/cryptologic_heritage/...

Rangzen looks like a really interesting ad hoc mesh networking
system to circumvent government-imposed communications blackouts. I
am particularly interested in how it uses reputation to determine
who can be trusted, while maintaining some level of anonymity.
http://rangzen.denovogroup.org/wp/
http://www.eecs.berkeley.edu/Pubs/TechRpts/2013/...
This is exactly the sort of thing I was thinking about in this
essay.
https://www.schneier.com/essay-420.html

This essay is filled with historical MI5 stories--often bizarre,
sometimes amusing.
http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER
----
Book Review: "Rise of the Warrior Cop"

"Rise of the Warrior Cop: The Militarization of America's Police
Forces," by Radley Balko, PublicAffairs, 2013, 400 pages.

War as a rhetorical concept is firmly embedded in American culture.
Over the past several decades, federal and local law enforcement has
been enlisted in a war on crime, a war on drugs and a war on terror.
These wars are more than just metaphors designed to rally public
support and secure budget appropriations. They change the way we
think about what the police do. Wars mean shooting first and asking
questions later. Wars require military tactics and weaponry. Wars
mean civilian casualties.

Over the decades, the war metaphor has resulted in drastic changes
in the way the police operate. At both federal and state levels, the
formerly hard line between police and military has blurred. Police
are increasingly using military weaponry, employing military tactics
and framing their mission using military terminology. Right now,
there is a Third Amendment case--that's the one about quartering
soldiers in private homes without consent--making its way through
the courts. It involves someone who refused to allow the police to
occupy his home in order to gain a "tactical advantage" against the
house next-door. The police returned later, broke down his door,
forced him to the floor and then arrested him for obstructing an
officer. They also shot his dog with pepperball rounds. It's hard to
argue with the premise of this case; police officers are acting so
much like soldiers that it can be hard to tell the difference.

In "Rise of the Warrior Cop," Radley Balko chronicles the steady
militarization of the police in the U.S. A detailed history of a
dangerous trend, Mr. Balko's book tracks police militarization over
the past 50 years, a period that not coincidentally corresponds with
the rise of SWAT teams. First established in response to the armed
riots of the late 1960s, they were originally exclusive to big
cities and deployed only against heavily armed and dangerous
criminals. Today SWAT teams are nothing special. They've multiplied
like mushrooms. Every city has a SWAT team; 80% of towns between
25,000 and 50,000 people do as well. These teams are busy; in 2005
there were between 50,000 and 60,000 SWAT raids in the U.S. The
tactics are pretty much what you would expect--breaking down
doors, rushing in with military weaponry, tear gas--but the
targets aren't. SWAT teams are routinely deployed against illegal
poker games, businesses suspected of employing illegal immigrants
and barbershops with unlicensed hair stylists.

In Prince George's County, MD, alone, SWAT teams were deployed about
once a day in 2009, overwhelmingly to serve search or arrest
warrants, and half of those warrants were for "misdemeanors and
nonserious felonies." Much of Mr. Balko's data is approximate,
because police departments don't publish data, and they uniformly
oppose any attempts at transparency or oversight. But he has good
Maryland data from 2009 on, because after the mayor of Berwyn
Heights was mistakenly attacked and terrorized in his home by a SWAT
team in 2008, the state passed a law requiring police to report
quarterly on their use of SWAT teams: how many times, for what
purposes and whether any shots were fired during the raids.

Besides documenting policy decisions at the federal and state
levels, the author examines the influence of military contractors
who have looked to expand into new markets. And he tells some pretty
horrific stories of SWAT raids gone wrong. A lot of dogs get shot in
the book. Most interesting are the changing attitudes of police. As
the stories progress from the 1960s to the 2000s, we see police
shift from being uncomfortable with military weapons and tactics--
and deploying them only as the very last resort in the most extreme
circumstances--to accepting and even embracing their routine use.

This development coincides with the rhetorical use of the word
"war." To the police, civilians are citizens to protect. To the
military, we are a population to be subdued. Wars can temporarily
override the Constitution. When the Justice Department walks into
Congress with requests for money and new laws to fight a war, it is
going to get a different response than if it came in with a story
about fighting crime. Maybe the most chilling quotation in the book
is from William French Smith, President Reagan's first attorney
general: "The Justice Department is not a domestic agency. It is the
internal arm of national defense." Today we see that attitude in the
war on terror. Because it's a war, we can arrest and imprison
Americans indefinitely without charges. We can eavesdrop on the
communications of all Americans without probable cause. We can
assassinate American citizens without due process. We can have
secret courts issuing secret rulings about secret laws. The
militarization of the police is just one aspect of an increasing
militarization of government.

Mr. Balko saves his prescriptions for reform until the last chapter.
Two of his fixes, transparency and accountability, are good remedies
for all governmental overreach. Specific to police departments, he
also recommends halting mission creep, changing police culture and
embracing community policing. These are far easier said than done.
His final fix is ending the war on drugs, the source of much police
violence. To this I would add ending the war on terror, another
rhetorical war that costs us hundreds of billions of dollars, gives
law enforcement powers directly prohibited by the Constitution and
leaves us no safer.

This essay originally appeared in the "Wall Street Journal."
http://online.wsj.com/article/...

http://www.amazon.com/...

Related essay.
http://www.newyorker.com/online/blogs/comment/2013/...
----
Schneier News

My blog has made the "Time" magazine "25 Best Bloggers 2013 Edition"
list.
http://techland.time.com/2013/08/05/...

Good review of the strengths and weaknesses of "Cryptography
Engineering" and "Applied Cryptography." Best--at least to me--
is the list of things missing, which we'll have to address if we do
another edition.
http://sockpuppet.org/blog/2013/07/22/...

Mikko Hypponen and I answered questions about PRISM on the TED
website.
http://blog.ted.com/2013/07/17/...
----
Michael Hayden on the Effects of Snowden's Whistleblowing

Former NSA director Michael Hayden lists three effects of the
Snowden documents:

* "...the undeniable operational effect of informing adversaries of
American intelligence's tactics, techniques and procedures."

* "...the undeniable economic punishment that will be inflicted on
American businesses for simply complying with American law."

* "...the erosion of confidence in the ability of the United States
to do *anything* discreetly or keep *anything* secret."

It's an interesting list, and one that you'd expect from a NSA
person. Actually, the whole essay is about what you'd expect from a
former NSA person.

My reactions:

* This, I agree, is actual damage. From what I can tell, Snowden has
done his best to minimize it. And both the Guardian and the
Washington Post refused to publish materials he provided, out of
concern for US national security. Hayden believes that both the
Chinese and the Russians have Snowden's entire trove of documents,
but I'm less convinced. Everyone is acting under the assumption that
the NSA has compromised everything, which is probably a good
assumption.

* Hayden has it backwards--this is good. I hope that companies
that have cooperated with the NSA are penalized in the market. If we
are to expect the market to solve any of this, we need the cost of
cooperating to be greater than the cost of fighting. If we as
consumers punish companies that have complied with the NSA, they'll
be less likely to roll over next time.

* In the long run, this might turn out to be a good thing, too. In
the Internet age, secrecy is a lot harder to maintain. The countries
that figure this out first will be the countries that do well in the
coming decades.

And, of course, Hayden lists his "costs" without discussing the
benefits. Exposing secret government overreach, a secret agency gone
rogue, and a secret court that's failing in its duties are
enormously beneficial. Snowden has blown a whistle that long needed
blowing--it's the only way can ever hope to fix this. And Hayden
completely ignores the very real question as to whether these
enormous NSA data-collection programs provide any real benefits.

I'm also tired of this argument: "But it takes a special kind of
arrogance for this young man to believe that his moral judgment on
the dilemma suddenly trumps that of two (incredibly different)
presidents, both houses of the U.S. Congress, both political
parties, the U.S. court system and more than 30,000 of his
co-workers."

It's like President Obama claiming that the NSA programs are
"transparent" because they were cleared by a secret court that only
ever sees one side of the argument, or that Congress has provided
oversight because a few legislators were allowed to know some of
what was going on but forbidden from talking to *anyone* about it.

http://www.cnn.com/2013/07/19/opinion/...

The NSA has gone rogue:
http://www.nytimes.com/2013/06/28/opinion/...

NSA surveillance cost/benefits:
https://chronicle.com/blogs/conversation/2013/06/13/...

Obama's comments on NSA transparency:
http://www.usatoday.com/story/theoval/2013/06/18/...
----
Counterterrorism Mission Creep

One of the assurances I keep hearing about the U.S. government's
spying on American citizens is that it's only used in cases of
terrorism. Terrorism is, of course, an extraordinary crime, and its
horrific nature is supposed to justify permitting all sorts of
excesses to prevent it. But there's a problem with this line of
reasoning: mission creep. The definitions of "terrorism" and "weapon
of mass destruction" are broadening, and these extraordinary powers
are being used, and will continue to be used, for crimes other than
terrorism.

Back in 2002, the Patriot Act greatly broadened the definition of
terrorism to include all sorts of "normal" violent acts as well as
non-violent protests. The term "terrorist" is surprisingly broad;
since the terrorist attacks of 9/11, it has been applied to people
you wouldn't normally consider terrorists.

The most egregious example of this are the three anti-nuclear
pacifists, including an 82-year-old nun, who cut through a
chain-link fence at the Oak Ridge nuclear-weapons-production
facility in 2012. While they were originally arrested on a
misdemeanor trespassing charge, the government kept increasing their
charges as the facility's security lapses became more embarrassing.
Now the protestors have been convicted of violent crimes of
terrorism--and remain in jail.

Meanwhile, a Tennessee government official claimed that complaining
about water quality could be considered an act of terrorism. To the
government's credit, he was subsequently demoted for those remarks.

The notion of making a terrorist threat is older than the current
spate of anti-terrorism craziness. It basically means threatening
people in order to terrorize them, and can include things like
pointing a fake gun at someone, threatening to set off a bomb, and
so on. A Texas high-school student recently spent five months in
jail for writing the following on Facebook: "I think I'ma shoot up a
kindergarten. And watch the blood of the innocent rain down. And eat
the beating heart of one of them." Last year, two Irish tourists
were denied entry at the Los Angeles Airport because of some
misunderstood tweets.

Another term that's expanded in meaning is "weapon of mass
destruction." The law is surprisingly broad, and includes anything
that explodes, leading political scientist and terrorism-fear
skeptic John Mueller to comment:

As I understand it, not only is a grenade a weapon of mass
destruction, but so is a maliciously-designed child's rocket even
if it doesn't have a warhead. On the other hand, although a
missile-propelled firecracker would be considered a weapon of
mass destruction if its designers had wanted to think of it as a
weapon, it would not be so considered if it had previously been
designed for use as a weapon and then redesigned for pyrotechnic
use or if it was surplus and had been sold, loaned, or given to
you (under certain circumstances) by the secretary of the army
....

All artillery, and virtually every muzzle-loading military long
arm for that matter, legally qualifies as a WMD. It does make the
bombardment of Ft. Sumter all the more sinister. To say nothing
of the revelation that The Star Spangled Banner is in fact an
account of a WMD attack on American shores.

After the Boston Marathon bombings, one commentator described our
use of the term this way: "What the United States means by terrorist
violence is, in large part, 'public violence some weirdo had the
gall to carry out using a weapon other than a gun.' ... Mass
murderers who strike with guns (and who don't happen to be Muslim)
are typically read as psychopaths disconnected from the larger
political sphere." Sadly, there's a lot of truth to that.

Even as the definition of terrorism broadens, we have to ask how far
we will extend that arbitrary line. Already, we're using these
surveillance systems in other areas. A raft of secret court rulings
has recently expanded the NSA's eavesdropping powers to include
"people possibly involved in nuclear proliferation, espionage and
cyberattacks." A "little-noticed provision" in a 2008 law expanded
the definition of "foreign intelligence" to include "weapons of mass
destruction," which, as we've just seen, is surprisingly broad.

A recent "Atlantic" essay asks, somewhat facetiously, "If PRISM is
so good, why stop with terrorism?" The author's point was to discuss
the value of the Fourth Amendment, even if it makes the police less
efficient. But it's actually a very good question. Once the NSA's
ubiquitous surveillance of all Americans is complete--once it has
the ability to collect and process all of our emails, phone calls,
text messages, Facebook posts, location data, physical mail,
financial transactions, and who knows what else--why limit its use
to cases of terrorism? I can easily imagine a public groundswell of
support to use to help solve some other heinous crime, like a
kidnapping. Or maybe a child-pornography case. From there, it's an
easy step to enlist NSA surveillance in the continuing war on drugs;
that's certainly important enough to warrant regular access to the
NSA's databases. Or maybe to identify illegal immigrants. After all,
we've already invested in this system, we might as well get as much
out of it as we possibly can. Then it's a short jump to the trivial
examples suggested in the "Atlantic" essay: speeding and illegal
downloading. This "slippery slope" argument is largely speculative,
but we've already started down that incline.

Criminal defendants are starting to demand access to the NSA data
that they believe will exonerate themselves. How can a moral
government refuse this request?

More humorously, the NSA might have created the best backup system
ever.

Technology changes slowly, but political intentions can change very
quickly. In 2000, I wrote in my book "Secrets and Lies" about police
surveillance technologies: "Once the technology is in place, there
will always be the temptation to use it. And it is poor civic
hygiene to install technologies that could someday facilitate a
police state." Today we're installing technologies of ubiquitous
surveillance, and the temptation to use them will be overwhelming.

This essay originally appeared in TheAtlantic.com.
http://www.theatlantic.com/politics/archive/2013/07/...

The definition of terrorism has broadened:
http://www.aclu.org/national-security/...

The anti-nuclear pacifists:
http://www.commondreams.org/view/2013/05/15-7

Tennessee official story:
http://www.huffingtonpost.com/2013/06/22/...
http://www.memphisdailynews.com/news/2013/jul/4/...

Texas high-school student story:
http://www.nydailynews.com/news/national/...

Irish tourist story:
http://www.bbc.co.uk/news/technology-16810312

"Weapon of mass destruction" story:
http://www.law.cornell.edu/uscode/text/18/2332a

Mueller comment:
http://www.schneier.com/blog/archives/2009/04/...

Quote about what a terrorist is:
http://www.salon.com/2013/04/28/...

Secret court rulings on NSA power:
https://www.nytimes.com/2013/07/07/us/...

Atlantic article:
http://www.theatlantic.com/politics/archive/2013/07/...

Other agencies are already asking to use the NSA data: "Agencies
working to curb drug trafficking, cyberattacks, money laundering,
counterfeiting and even copyright infringement complain that their
attempts to exploit the security agencys vast resources have often
been turned down because their own investigations are not considered
a high enough priority, current and former government officials
say."
http://www.nytimes.com/2013/08/04/us/...

The Drug Enforcement Agency is already using this data, and lying
about it:
http://www.reuters.com/article/2013/08/05/...

Defendants demanding NSA data:
http://www.nbcnews.com/technology/...
http://rt.com/usa/nsa-surveillance-judge-records-900/

NSA as a backup system:
http://nesaranews.blogspot.com/2013/07/...

Ubiquitous surveillance:
https://www.schneier.com/essay-418.html
----
Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing
summaries, analyses, insights, and commentaries on security:
computer and otherwise. You can subscribe, unsubscribe, or change
your address on the Web at
<http://www.schneier.com/crypto-gram.html>. Back issues are also
available at that URL.

Please feel free to forward CRYPTO-GRAM, in whole or in part, to
colleagues and friends who will find it valuable. Permission is also
granted to reprint CRYPTO-GRAM, as long as it is reprinted in its
entirety.

CRYPTO-GRAM is written by Bruce Schneier. Bruce Schneier is an
internationally renowned security technologist, called a "security
guru" by The Economist. He is the author of 12 books--including
"Liars and Outliers: Enabling the Trust Society Needs to Survive"--
as well as hundreds of articles, essays, and academic papers. His
influential newsletter "Crypto-Gram" and his blog "Schneier on
Security" are read by over 250,000 people. He has testified before
Congress, is a frequent guest on television and radio, has served on
several government committees, and is regularly quoted in the press.
Schneier is a fellow at the Berkman Center for Internet and Society
at Harvard Law School, a program fellow at the New America
Foundation's Open Technology Institute, a board member of the
Electronic Frontier Foundation, an Advisory Board Member of the
Electronic Privacy Information Center, and the Security Futurologist
for BT--formerly British Telecom. See <http://www.schneier.com>.

Crypto-Gram is a personal newsletter. Opinions expressed are not
necessarily those of BT.
_______________________________________________
tt mailing list
tt at postbiota.org
http://postbiota.org/mailman/listinfo/tt

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From phreedom at yandex.ru  Thu Aug 22 14:21:25 2013
From: phreedom at yandex.ru (phreedom at yandex.ru)
Date: Fri, 23 Aug 2013 00:21:25 +0300
Subject: [liberationtech] Deterministic Builds Part One: Cyberwar and Global Compromise
Message-ID: <mailman.4448.1575949052.62801.testlist@lists.cpunks.org>

> I think a lot of people would benefit from reading Mike Perry's latest
> blog post. He addresses how The Tor Project is working towards the
> problems referenced by Zooko in his latest open letter to Silent Circle:

> "Current popular software development practices simply cannot survive
> targeted attacks of the scale and scope that we are seeing today. "

NixOS distro[1] takes build reproducibility seriously and build determinism is 
being worked on.

I have patched the most important toolchains to not systematically introduce 
non-determinism[2]. Some of the patches are in the master branch already, some 
are in the staging branch and will be merged in a month or two. These patches 
are sufficient to make a large subset of package builds deterministic.

After the merge, I'll do another round this time fixing non-determinism due to 
quirks of build systems of specific packages. Luckily, there aren't that many 
packages like Firefox and luckily Firefox has been already tackled by someone 
else :)

I'm committed to making at least installation media, typical desktop and 
server installs fully deterministic.

[1] http://nixos.org/nixos/
[2] http://lists.science.uu.nl/pipermail/nix-dev/2013-June/011357.html
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From mk at dee.su  Thu Aug 22 14:43:11 2013
From: mk at dee.su (Maxim Kammerer)
Date: Fri, 23 Aug 2013 00:43:11 +0300
Subject: [liberationtech] Open Whisper Systems' neat asynch FPS "pre-keying"
Message-ID: <mailman.4449.1575949052.62801.testlist@lists.cpunks.org>

On Thu, Aug 22, 2013 at 9:03 PM, Joseph Lorenzo Hall <joe at cdt.org> wrote:
> TextSecure’s upcoming iOS client (and Android data channel client) uses
> a simple trick to provide asynchronous messaging while simultaneously
> providing forward secrecy.

Not sure if I understand all iOS-related issues described, but this
seems like overcoming engineering problems with a synchronous protocol
like OTR on iOS at the expense of exposing the clients to a DOS attack
of exhausting the prekeys.

However, an asynchronous protocol does not mean that all information
must be delivered in one push. In cables communication [1], I chose
simple asynchronous messages because I don't trust complex SSL
handshakes or the cumbersome OTR protocol, and because I believe that
reliable delivery receipts and resilience to DOS attacks are as
important as the message itself. The exchange goes similar to the
following (each line describes what is sent by sender (s) / receiver
(r)) [2]:

(s) peer request
    (r) certificate, signed peer key
(s) certificate, signed peer key, encrypted message+MAC
    (r) receipt+MAC
(s) acknowledgement+MAC

and is similar to a state machine where each state is retried in
sender / receiver until a new state is reached. The exchange above is
somewhat implementation-specific for short requests followed by long
fetches (implementation is HTTP-based and targeted for .onions), and
for generic messages it can be reformulated as:

(s) certificate, signed peer key
    (r) certificate, signed peer key
(s) encrypted message+MAC
    (r) receipt+MAC
(s) acknowledgement+MAC

(In cables, username is certificate's fingerprint, so MITM'ing the
certificate is not an issue.)

So, with a centralized DB / prekeys I guess it's possible to shave off
the first two messages, but does it really matter if the protocol is
asynchronous to begin with?

[1] http://dee.su/cables
[2] https://github.com/mkdesu/cables/blob/master/doc/cable.txt

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From mk at dee.su  Thu Aug 22 15:33:37 2013
From: mk at dee.su (Maxim Kammerer)
Date: Fri, 23 Aug 2013 01:33:37 +0300
Subject: [liberationtech] Deterministic Builds Part One: Cyberwar and Global Compromise
Message-ID: <mailman.4450.1575949052.62801.testlist@lists.cpunks.org>

On Fri, Aug 23, 2013 at 12:21 AM,  <phreedom at yandex.ru> wrote:
> [1] http://nixos.org/nixos/

A very interesting project! Does the following:

> Packages are never overwritten after they have been built; instead, if you change the build description of a package (its ‘Nix expression’), it’s rebuilt and installed in a different path in /nix/store so it doesn’t interfere with the old version.

mean that upgrading a library due to e.g. security fixes requires
recompiling all packages that depend on it?

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From adam at cypherspace.org  Thu Aug 22 17:25:43 2013
From: adam at cypherspace.org (Adam Back)
Date: Fri, 23 Aug 2013 02:25:43 +0200
Subject: [Doctrinezero] HTTPS
In-Reply-To: <20130822160927.GX29404@leitl.org>
References: <20130822160927.GX29404@leitl.org>
Message-ID: <20130823002543.GA7611@netbook.cypherspace.org>

Are you sure about that?  (*.com and *. being valid).  I thought the MITM
boxes were loaded with a sub-CA cert - a cert with a bit set authorizing it
to generate certs for sites, some of the smaller CAs are not directly in the
trusted browser databases, and have bought sub-CA certs from CAs that are.

Then what actually happens in the MITM box is to load a fake cert for a
domain (issued by its sub-CA cert), or to generate fake certs on the fly for
any targetted domains (or all domains) again issued by its sub-CA cert.  So
I thought the CA that got warned by mozilla had issued a sub-CA cert for
MITM purposes.

(I really dont think a browser vendor would accept *.com nor especially *.
as a valid site cert wildcard.  It does get fiddly because you also want
*.co.uk etc to be invalid but they have some built in tables of such things
to differentiate a TLD from a domain).

Adam

On Thu, Aug 22, 2013 at 06:09:28PM +0200, Eugen Leitl wrote:
>----- Forwarded message from Bryce Lynch <bryce at zerostate.is> -----
>
>Date: Thu, 22 Aug 2013 12:00:52 -0400
>From: Bryce Lynch <bryce at zerostate.is>
>To: doctrinezero at zerostate.is
>Subject: Re: [Doctrinezero] HTTPS
>Organization: Zero State
>User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130514 Thunderbird/17.0.6
>Reply-To: doctrinezero at zerostate.is
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On 08/21/2013 10:37 AM, Dirk Bruere wrote:
>> Do the certification authorities hold a key that can break the
>> encryption of sites that use it?
>
>It's more complicated than that.
>
>Most of the time, whenever someone buys an SSL certificate pair signed
>by a CA, they have the CA generate the certificate pair for them
>(because OpenSSL's command line is pants, usually), sign it for them,
>and then send them the whole mess.  The CA archives copies of the
>public and private certs after signing.  We've seen several times in
>the past where CAs have given untrusted third parties copies of those
>signed certs.  Ouch.
>
>There is a subtle flaw in the CA ecosystem: So long as a cert is
>signed by a CA that the client trusts, it doesn't matter /who/ the
>signer was.  So, example.com could buy an SSL certificate from Thawte,
>and Eve could buy an SSL cert from Comodo for example.com.  Eve could
>then use her cert for example.com to run a man-in-the-middle attack
>against users of example.com, and their browsers would never notice
>because both Thawte and Comodo are trusted.  The SSL protocol has no
>provision for noticing if and when the trust chain changes in
>mid-flight.  Double ouch.  We've seen this one happen in the field
>several times.  This is how ComodoHacker wrecked so much havoc a few
>years ago.
>
>There is another flaw in SSL: Wildcards.  It is not uncommon for
>companies to buy SSL certs valid for *.example.com, so that they have
>only one cert covering all of their SSL enabled resources.  What isn't
>obvious is that it's possible to generate a valid cert for *.com.  Or
>*.org.  Or *.  Those certs are valid for *.com, or *.org, or * (any
>SSL enabled resource on the global Net) until they expire.  A few of
>the big CAs sell these for whoever can pony up for them (they're very
>expensive) because they can be loaded into DPI/DCI hardware which
>basically carries out MITM attacks for detecting data exfiltration.
>That they are also used for surveillance comes with the territory.  At
>least one CA that was pwned in the past five years had a number of
>wildcard certs generated by the attacker for * which are good until 1
>January 2038.  Uh-oh.
>
>Third parties have been trying to find ways to fix this - certificate
>pinning, TOFU/POP, Webs of Trust for SSL, Convergence, manually
>untrusting every CA in your browser - but none of them have caught on.
>
>- --
>The Doctor [412/724/301/703] [ZS]
>
>PGP: 0xF1F922F2 / CABE 73FB 2D68 D1EF 3956  A468 7B1F DFE8 F1F9 22F2
>WWW: https://drwho.virtadpt.net/
>
>The future belongs to the brave.
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v2.0.20 (GNU/Linux)
>Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
>iQEcBAEBAgAGBQJSFjWzAAoJEHsf3+jx+SLyYGUH/3ekahHofFHoxwcIAXikcxY6
>SEgYQdN2MQyyX4JHfC+T56d0spWyBykd87NV53+qqxLkRpK90OHAgcciKTctyFw7
>Vw4VUGIJlie+IXItZTD203mWLjfHlNubJFCTCFeujVs/Sl9WBCXOi3I2mN9RP20j
>G3EPYvR7NWUk8Y0O66ZUwh5Wnblj1PtbpCqU6vbByK1DWTIOopI1UC++aU7wYw4F
>9IyfoXRe7JJIjexxq03XRsOc2GeaYkuy6LpwG+LDO3HrTv7Us7Y5plF/ybUnuQWL
>pccOHBcUgnvaCcD+8S8/6x0do8qVQNNVu74C88SCDR0R6vrNT0k2Ws1wfG8ix8s=
>=oa/z
>-----END PGP SIGNATURE-----
>_______________________________________________
>Doctrinezero mailing list
>Doctrinezero at zerostate.is
>Unsubscribe: https://lists.zerostate.is/mailman/listinfo/doctrinezero
>
>----- End forwarded message -----
>-- 
>Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
>______________________________________________________________
>ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
>AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From paul-olivier.dehaye at math.uzh.ch  Thu Aug 22 18:08:59 2013
From: paul-olivier.dehaye at math.uzh.ch (Paul-Olivier Dehaye)
Date: Fri, 23 Aug 2013 03:08:59 +0200
Subject: [tor-dev] Global semi-passive adversary: suggestion of using expanders
Message-ID: <mailman.4451.1575949052.62801.testlist@lists.cpunks.org>

Hello,

Thank you for working on Tor.

I have a suggestion and would appreciate input. Please bear with me as I
have a limited understanding of the design of Tor and all the different
threats that it is meant to mitigate. Below, a (?) indicates a place where
I need some confirmation that my understanding is correct, and N indicates
either the number of Tor nodes, the number of end-users, or the amount of
traffic (I assume these are all linearly related).

As far as I can tell, the main threat by a global passive adversary comes
from traffic analysis (?). This attack should become easier as the number
of Tor nodes increases (?): Tor uses a clique topology, so the number of
edges potentially carrying traffic grows like N^2. A dual way to see this
is that not enough mixing can happen around a node for incoming/outgoing
edge pairs, bar injecting a huge amount of fake traffic.

To compensate, it seems natural to look for a sparse yet highly mixing
network topology. Mathematically, those are called expanders [1]. A typical
example of a family of expanders would be the Erdos-Renyi model [2], and
indeed I have found in the literature suggestions for basing anonymizing
protocols on such a model. The analysis in the presence of an active
adversary becomes very difficult though.

Alternatively, one could use a different method for constructing that
expander topology, working "all at once". This comes from recent
mathematics research (<= 5 years, certainly not my own, see [3]). The graph
is then a Cailey graph [4] in a matrix group (the group is fixed and
determined by an approximation to the number of Tor nodes, such as nearest
third power of a prime number).
In some sense this construction interpolates between mixing chains and Tor,
and can be seen as a lot of mixing chains interwoven.

In the setting of Tor, constructing the Cailey graph would require making
two distributed randomize choices:
- a matching of elements of the group to Tor nodes (possibly 2:1 for some
Tor nodes)
- a small subset of generators for the Cailey graph
>From my understanding of security protocols, it should be easy to do these
two choices safely and fast, as it amounts to choosing a random element in
S_N and filling lots of matrix entries with random elements between 1 and a
prime p, with some rejection.

Once that is done, the network topology is fully determined, and with very
high probability gives an expander. This means that traffic gets mixed up
in very few hops. The number of hops needed grows as log N, with a constant
that can be mitigated by chosing a large generating set above. This is the
only downside I see (apart from difficulty to explain the math behind
this): the latency would increase, from 3 in the current protocol to maybe
10 or so.

I don't know the details of the behaviour of the constants in the last
paragraph, and would appreciate feedback from the list before looking too
much into this.

Paul Dehaye

[1] http://en.wikipedia.org/wiki/Expander_graph
[2] http://en.wikipedia.org/wiki/Erd%C5%91s%E2%80%93R%C3%A9nyi_model
[3]
http://terrytao.wordpress.com/2011/12/02/245b-notes-1-basic-theory-of-expander-graphs/Exercise
15 and remark below
[4] http://en.wikipedia.org/wiki/Cayley_graph

_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From udhay at pobox.com  Thu Aug 22 19:42:25 2013
From: udhay at pobox.com (Udhay Shankar N)
Date: Fri, 23 Aug 2013 08:12:25 +0530
Subject: [silk] Collateral damage
Message-ID: <mailman.4452.1575949052.62801.testlist@lists.cpunks.org>

On 20-Aug-13 10:57 PM, Dave Long wrote:

> Steganets ("none of you has ever seen a dead donkey") might be a little
> less obvious than darknets (and the normally abysmal S/N ratio of social
> networks may actually provide decent channel bandwidth?)

Interesting example of a darknet:

http://www.dailydot.com/politics/greek-off-the-grid-internet-mesh/

Greek community creates an off-the-grid Internet

By Joe Kloc on August 19, 2013 Email Follow http://twitter.com/joekloc

In an effort to buck the expensive rates of unreliable corporate telecom
companies, a community in Athens, Greece has created its own private
Internet.

Built from a network of wireless rooftop antennas, the Athens Wireless
Metropolitan Network (AWMN) now has more than 1,000 members. Data moves
“through” the AWMN mesh up to 30 times faster than it does on the
telecom-provided Internet.

According to Mother Jones, this off-the-grid community has become so
popular in Athens and on nearby islands that it has developed its own
Craigslist-esque classifieds service as well as blogs and an internal
search engine.

"It's like a whole other web," AWMN user Joseph Bonicioli told the
magazine. "It's our network, but it's also a playground."

The AWMN began in 2002 in response to the poor Internet service provided
by traditional telecommunications companies in Athens. However, the past
few years have illustrated another use for these citizen-run meshes:
preserving the democratic values of the Internet.

As the Internet has become a ubiquitous presence in day-to-day life,
governments around the world have sought to control it. In 2011 for
example, when former Egyptian president Hosni Mubarak found out that
protesters were organizing on Facebook, he commanded the country’s
Internet service providers to shut down access, denying 17 million
Egyptians access to the Web for days.

Later that year in the U.S., the city of San Francisco temporarily shut
down cellphone service in its transit system to stop a protest.

As Bonicioli told Mother Jones, "When you run your own network, nobody
can shut it down."

These DIY meshes are also used to provide Internet in places major
telecom companies can’t—or won’t—reach. For example, one was constructed
last year in the Brooklyn neighborhood of Red Hook after Hurricane Sandy
knocked out resident’s access to the networks of major Internet service
providers.

Similarly, Guifi, the largest mesh in the world, was built to address
spotty Internet service in rural Spain. It has over 21,000 members.

Meshes have taken on new relevance in the wake of former National
Security Agency contractor Edward Snowden’s leaks about the agency’s
massive Internet surveillance programs.

It is estimated (albeit roughly) that the NSA touches as much as half of
the world’s Internet communications each day. The agency gains access to
much of this information through partnerships with telecom companies
that allow the agency to install splitters on their fibre optic Internet
cables. Privately run meshes would deny the NSA—and other government
intelligence agencies around the world—this access point to Internet data.

As the New America Foundation’s Sascha Meinrath told Mother Jones,
"We're making infrastructure for anyone who wants to control their own
network."

-- 
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From drwho at virtadpt.net  Fri Aug 23 07:19:30 2013
From: drwho at virtadpt.net (The Doctor)
Date: Fri, 23 Aug 2013 10:19:30 -0400
Subject: [HacDC:Byzantium] Bitmessage?
Message-ID: <mailman.4453.1575949052.62801.testlist@lists.cpunks.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/15/2013 03:48 PM, Moritz Bartl wrote:

> The main reason is that, despite people requesting it from the
> author multiple times over the course of years, he has yet to
> produce any kind of specification other than the code itself.

It appears that Bitmessage is completely hosed.

http://secupost.net/2325962497/bitmessage-security

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"I have a choice again: two hands that are both mine." --The Six
Million Dollar Man

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIXb3IACgkQO9j/K4B7F8FXfwCg75vnhkmB3o/XLEIz6hjscQlg
c/cAoOu4h9rXW5ZEKVBM/gJEoEvoYCoV
=4l6n
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups "Project Byzantium (Emergency Mesh Networking)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to Byzantium+unsubscribe at hacdc.org.
To post to this group, send email to Byzantium at hacdc.org.
Visit this group at http://groups.google.com/a/hacdc.org/group/Byzantium/.
For more options, visit https://groups.google.com/a/hacdc.org/groups/opt_out.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From matej.kovacic at owca.info  Fri Aug 23 01:42:11 2013
From: matej.kovacic at owca.info (Matej Kovacic)
Date: Fri, 23 Aug 2013 10:42:11 +0200
Subject: Encrypted mailing lists?
In-Reply-To: <20130823020559.GK7361@pig.dieconsulting.com>
References: <521470F9.4040303@owca.info> <20130821083950.6458.14953@hermes>
 <2831997.rqjLtGiVRi@laptosid>
 <CAD2Ti2-PiOZLksijpszsDJ4ovd+eGgN+emvsafLMGtbfZ6owSg@mail.gmail.com>
 <9CA32CC8-FFF9-410A-9AB5-F1F9E91BFD0F@acidhou.se>
 <E1VCBaO-0005UV-Bw@elasmtp-dupuy.atl.sa.earthlink.net>
 <2BF2095C-1D27-4AE9-8350-4AF1653CA718@obscura.com>
 <8738q3t1a4.fsf@tsmithe.net>
 <5F46B2AC-AF0F-4BA9-9848-89DC71109E67@obscura.com>
 <CAJpBq5Py938CW-Wmr_13e3o5kkrwc8qEv+JOm=M4S8uHHyANAQ@mail.gmail.com>
 <20130823020559.GK7361@pig.dieconsulting.com>
Message-ID: <52172063.9080707@owca.info>

Hi,

just a remark to a notice from someone, that the problem is trusting the
mailing list software - that it is properly encrypting/decrypting
messages, etc.

Yes, this is a problem of endpoint security, but the same problem we
have right now.

Encryption of e-mail in mailing lists would mostly:
- assure transport security from/to particular user only (remember -
mailing list passwords are send to users unencrypted!)
- promote use of encryption technology

This are by my opinion the most important goals of this idea.

BTW, if someone does not want to use encryption (because he or she has a
lot of emails), there should always be an option (for public mailing
lists) to decide whether he or she want to receive plaintext only,
encrypted or signed mesages. (The point is in choice. :-) )


Regards,

Matej




From eugen at leitl.org  Fri Aug 23 04:07:39 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:07:39 +0200
Subject: [liberationtech] Open Whisper Systems' neat asynch FPS "pre-keying"
Message-ID: <20130823110739.GK29404@leitl.org>

----- Forwarded message from Joseph Lorenzo Hall <joe at cdt.org> -----


From eugen at leitl.org  Fri Aug 23 04:30:06 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:30:06 +0200
Subject: [liberationtech] Deterministic Builds Part One: Cyberwar and
 Global Compromise
Message-ID: <20130823113006.GO29404@leitl.org>

----- Forwarded message from phreedom at yandex.ru -----


From eugen at leitl.org  Fri Aug 23 04:32:25 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:32:25 +0200
Subject: [liberationtech] Open Whisper Systems' neat asynch FPS
 "pre-keying"
Message-ID: <20130823113225.GP29404@leitl.org>

----- Forwarded message from Maxim Kammerer <mk at dee.su> -----


From eugen at leitl.org  Fri Aug 23 04:35:27 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:35:27 +0200
Subject: [liberationtech] Deterministic Builds Part One: Cyberwar and
 Global Compromise
Message-ID: <20130823113527.GQ29404@leitl.org>

----- Forwarded message from Maxim Kammerer <mk at dee.su> -----


From eugen at leitl.org  Fri Aug 23 04:38:02 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:38:02 +0200
Subject: [tt] Crypto-Gram: August 15, 2013
Message-ID: <20130823113802.GS29404@leitl.org>

----- Forwarded message from Frank Forman <checker at panix.com> -----


From psema4 at gmail.com  Fri Aug 23 10:46:51 2013
From: psema4 at gmail.com (Scott Elcomb)
Date: Fri, 23 Aug 2013 13:46:51 -0400
Subject: [tor-talk] IP Cloaking and the CFAA [Was: Appearing American]
Message-ID: <mailman.4454.1575949052.62801.testlist@lists.cpunks.org>

I just ran a quick scan through my mail archives and didn't see this story
mentioned.  (If it has, apologies for the dup - it was not a thorough scan)

IP Cloaking Violates Computer Fraud and Abuse Act, Judge Rules
<http://www.wired.com/threatlevel/2013/08/ip-cloaking-cfaa/>

"A federal judge has ruled that circumventing an IP address blockade to
connect to a website is a breach of the Computer Fraud and Abuse Act, the
same law that was used to prosecute Aaron Swartzbefore he committed suicide
earlier this year."

Best,
- Scott

On Sun, Aug 18, 2013 at 10:54 AM, B Sairafi <sairafi.b at gmail.com> wrote:

> Hello
>
> I'm using Tor Browser, and I need to be seen by a specific website as if
> I'm in the US. Is this possible? I mean, is this a feature you already
> have?
>
> I'm sorry if this is the wrong email address, I'm very confused!
>
> Thanks,
> - B
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
  Scott Elcomb
  @psema4 on Twitter / Identi.ca / Github & more

  Atomic OS: Self Contained Microsystems
  http://code.google.com/p/atomos/

  Member of the Pirate Party of Canada
  http://www.pirateparty.ca/
-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Fri Aug 23 04:49:10 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:49:10 +0200
Subject: [cryptopolitics] Is Windows 8 a Trojan horse for the NSA? The German
 Government thinks so
Message-ID: <20130823114910.GT29404@leitl.org>

----- Forwarded message from Jeffrey Walton <noloader at gmail.com> -----


From eugen at leitl.org  Fri Aug 23 04:49:53 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 13:49:53 +0200
Subject: [tor-dev] Global semi-passive adversary: suggestion of using expanders
Message-ID: <20130823114953.GU29404@leitl.org>

----- Forwarded message from Paul-Olivier Dehaye <paul-olivier.dehaye at math.uzh.ch> -----


From griffinboyce at gmail.com  Fri Aug 23 10:51:09 2013
From: griffinboyce at gmail.com (Griffin Boyce)
Date: Fri, 23 Aug 2013 13:51:09 -0400
Subject: [tor-talk] Appearing American and VPNs writ large
Message-ID: <mailman.4455.1575949052.62801.testlist@lists.cpunks.org>

On 08/23/2013 12:41 PM, Nathan Suchy wrote:
> I'd beg to differ. There are very good VPN providers that keep absolutely
> no logs so you would have anonymity in that case. I think a commercial vpn
> without logs is the best way to go but you could also handpick nodes (tor
> needs to have a auto feature which can auto pick nodes by country. Covert
> Browser for IOS allows you to pick your exit node.
  You're assuming that there's endpoint anonymity and that no one could
correlate you connecting to Server A and a piece of traffic coming from
Server A at the same time.

  At a basic level, this type of correlation is responsible for Jeremy
Hammond's arrest (his VPN disconnected from IRC right as he lost
internet -- deniability is useless here).  And any iOS device is likely
keeping track of your recent server connections.

  If I had a week, I couldn't list all the cases where someone mislaid
their trust in a service provider to protect them.

  Deniability is dead.  What Tor provides is unlinkability.

best,
Griffin

-- 
"Cypherpunks write code not flame wars." --Jurre van Bergen
#Foucault / PGP: 0xAE792C97 / OTR: saint at jabber.ccc.de

My posts, while frequently amusing, are not representative of the thoughts of my employer. 

-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Fri Aug 23 05:20:29 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 14:20:29 +0200
Subject: [silk] Collateral damage
Message-ID: <20130823122029.GV29404@leitl.org>

----- Forwarded message from Udhay Shankar N <udhay at pobox.com> -----


From eugen at leitl.org  Fri Aug 23 05:50:50 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 14:50:50 +0200
Subject: [liberationtech] Open Whisper Systems' neat asynch FPS
 "pre-keying"
Message-ID: <20130823125050.GX29404@leitl.org>

----- Forwarded message from elijah <elijah at riseup.net> -----


From eugen at leitl.org  Fri Aug 23 06:03:12 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 15:03:12 +0200
Subject: [liberationtech] Announcing Scramble.io
Message-ID: <20130823130312.GY29404@leitl.org>

----- Forwarded message from phreedom at yandex.ru -----


From zooko at leastauthority.com  Fri Aug 23 08:21:47 2013
From: zooko at leastauthority.com (Zooko Wilcox-OHearn)
Date: Fri, 23 Aug 2013 15:21:47 +0000
Subject: [cryptography] Reply to Zooko (in Markdown)
Message-ID: <mailman.4456.1575949052.62801.testlist@lists.cpunks.org>

Dear Jon:

Thank you for your kind words and your detailed response.

I am going to focus only on the issue that I think is most relevant
and urgent for your customers and mine.

That urgent issue is: what's the difference between the now-canceled
Silent Mail product and the products that you are still offering, such
as Silent Text?

I don't understand why the Lavabit shutdown and the related domestic
surveillance disclosures imply that Silent Mail was unsafe in any way
that wouldn't also mean Silent Text is unsafe.

Before I go on, I'd like to point out a critical fact that some
readers might not be aware of: Ladar Levison, the owner of Lavabit,
now claims that he is being threatened with jail time *for having shut
down the service*:

http://investigations.nbcnews.com/_news/2013/08/13/20008036-lavabitcom-owner-i-could-be-arrested-for-resisting-surveillance-order?lite

This changes the equation, because it means not only can the U.S.
federal espionage authorities say "Backdoor all of your customers or
close your business.", they can also say "Backdoor all of your
customers or go to jail.". As the owner and CEO of a
privacy-protecting service (https://LeastAuthority.com) and a U.S.
citizen, and as the father of three precious boys who do not want to
be separated from me for any length of time, this concerns me greatly.

Now, maybe the U.S. espionage authorities wouldn't make that threat
again. Maybe Ladar Levison's resistance will teach them that it was a
mistake. I don't know, but we have to take into account this
possibility for now. Your decision to shutter the Silent Mail product
was made because of such possibilities.

But your decision to *keep* the Silent Text service (and the others)
still operating while shutting down the Silent Mail service would make
sense only in the following scenario:

Attacker: "We're here to compel you to give us access to the
confidential communications of all of your customers."

Silent Circle: "But, to do that we would have to change our client —
for example, change its random number generator to produce output that
we can predict — and then upload a software update to the Apple and
Google app stores, and then wait for all of our customers to
automatically upgrade to the new version!"

Attacker: "Oh, well in that case nevermind."

Why do you think that this scenario is plausible? I don't think it is
plausible. Instead, I think the conversation would go like this:

Silent Circle: "… and then wait for all of our customers to
automatically upgrade to the new version!"

Attacker: "Okay. Do that."


Now, there is a big, complex, and interesting question about how to
enable others to *verify* the security of software. It is not
impossible, as you suggested. Good progress on enabling independent
verification of security is being made, by Whisper Systems
(https://whispersystems.org/), my own company LeastAuthority.com, the
Tor Project (https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise),
Gitian (https://gitian.org/), Debian
(https://wiki.debian.org/ReproducibleBuilds), and Bitcoin
(https://en.bitcoin.it/wiki/Release_process).

But before we get into the nuts and bolts of how to facilitate
verification of end-to-end security, I want to hammer on the first
issue: before going forth to try to improve an issue, we should first
admit to our current customers and to the public that the issue
exists. We shouldn't mislead our customers into thinking that they are
safe from something that they are not. Silent Circle's closure of
Silent Mail for the stated reason is inconsistent with its continued
operation of the Silent Text service. The stated reason was that the
US federal government could compel Silent Circle to backdoor the
Silent Mail service. That same reason applies today to the Silent Text
service and the other services that Silent Circle is still operating.

To be clear, I'm not asking you to shut down your other services. I
think that would be a loss for everyone. And I'm not asking you to
magically fix all of the problems by tomorrow. I know, in part from
your detailed letter, that you are currently working on improving some
parts of your process, and I think that there are other techniques
that you could use (including licensing your source code as Free and
Open Source software) that would help. But I understand the challenges
of running a business, actively serving customers, and performing
sophisticated engineering all at once. I know that improvement takes
time. What I'm asking you to do is to *be clear* with your customers
and with the public about the current limitations.

Currently, the US federal espionage agencies can compel Silent Circle
to secretly provide access to all of Silent Circle's customers'
private communications. That's too bad. But it is fixable! But to fix
it starts with admitting what the problem is.


Regards,

Zooko Wilcox-O'Hearn

Founder, CEO, and Customer Service Rep
https://LeastAuthority.com
Freedom matters.
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From phreedom at yandex.ru  Fri Aug 23 05:53:42 2013
From: phreedom at yandex.ru (phreedom at yandex.ru)
Date: Fri, 23 Aug 2013 15:53:42 +0300
Subject: [liberationtech] Announcing Scramble.io
Message-ID: <mailman.4457.1575949052.62801.testlist@lists.cpunks.org>

> One difficult problem in public-key encryption is key exchange: how to get
> a recipient's public key and know it's really theirs.
> My plan is to make make your email the hash of your public key.
> For example, my address is *nqkgpx6bqscslher at scramble.io*
> (I borrowed this idea from Tor Hidden Services.)

This is what we need everyone to adopt. Your ID = your public key hash and not 
an account on some server you don't control. Glad to see more people adopt 
this idea. Any chance of interoperability with other projects with similar 
aims and ideas like Cables? [1]

[1] http://dee.su/cables
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Fri Aug 23 07:51:57 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 16:51:57 +0200
Subject: [HacDC:Byzantium] Bitmessage?
Message-ID: <20130823145157.GZ29404@leitl.org>

----- Forwarded message from The Doctor <drwho at virtadpt.net> -----


From jya at pipeline.com  Fri Aug 23 14:33:30 2013
From: jya at pipeline.com (John Young)
Date: Fri, 23 Aug 2013 17:33:30 -0400
Subject: Snowden Induced Mea Culpas
Message-ID: <E1VCyy3-00077e-20@elasmtp-spurfowl.atl.sa.earthlink.net>

Comsec experts should not be surprised at the Snowden
revelations about NSA so far, most of which are venerable.

What is surprising is their seemingly exaggerated surprise
because many of them worked at or ran firms which were
known to be heavily involved with official spying through
dual-use technology and dual-purpose contracts.

With USG and world governments, with banks and telecoms,
with comsec, software and anti-virus firms, with universities
and research institutes, with FOI organizations and public
interest advisory boards, with vulture investors, TED and
Aspen, with revolving doors among goverment, industry,
education, journalism, banking and Wall Street, with RAND,
NRL, the national laboratories, to name a few.

In most instances these dual roles were not hidden.
Or were they?

What might be troubling about Snowden's possible
revelations that is causing exaggerated surprise of
these experts is the disclosure that the dual-uses
and dual-roles in spying were more extensive than
has been made public. That has been protected by
highest secrecy about to be breached, not about
the spy agencies but those used to camouflage
and assist the spying by downplaying its pervasiveness
by selling protection that could never be wholly
effective, that the cybersec game was as rigged
as gambling.

That the backdoors, vulnerabilities, holes, faults,
and errors were more craftily hidden and exploited
with the complicity of the best and brightest while
they deluded the the public for market share and
FOI fame. That it was a charade to agitate for more
security and privacy while undermining them. That
Snowden has the documents about that ancient
betrayal and will at some point make them available.
That it would be wise to get ahead of this exposure
by rushing to claim the spying has been greater
than even we experts knew and comsec is a
fraud by design. Crypto-AG the norm.





From eugen at leitl.org  Fri Aug 23 08:37:28 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 17:37:28 +0200
Subject: [cryptography] Reply to Zooko (in Markdown)
Message-ID: <20130823153728.GA29404@leitl.org>

----- Forwarded message from Zooko Wilcox-OHearn <zooko at leastauthority.com> -----


From zooko at leastauthority.com  Fri Aug 23 10:49:57 2013
From: zooko at leastauthority.com (Zooko Wilcox-OHearn)
Date: Fri, 23 Aug 2013 17:49:57 +0000
Subject: [tahoe-dev] weekly dev chat notes from 2013-08-21
Message-ID: <mailman.4458.1575949052.62801.testlist@lists.cpunks.org>

notes Tahoe-LAFS Weekly Dev Chat 2013-08-21

in attendance: Zooko (scribe), Jeff "psi2", Mark, zab, Brian


Agenda Item 1: next week's Dev Chat

for the next Weekly Dev Chat meeting, we're going to do an experiment:

* invite people more widely (everyone who reads tahoe-dev, everyone
who follows me (zooko) on twitter, etc.)
* upload a recording of the dev chat to youtube
* try to finish reviewing #1382 *before* the meeting so that we can
focus the meeting on:
* planning Tahoe-LAFS v1.11!


Agenda Item 2: I2P patches

Jeff and zab from the I2P project joined Tahoe-LAFS Weekly Dev Chat
for the first time to help us integrate the patches that I2P needs in
order to use an unmodified LAFS on I2P. Jeff tagged the specific
tickets that are blocking the I2P people on that:

https://tahoe-lafs.org/trac/tahoe-lafs/query?status=assigned&status=closed&status=new&status=reopened&keywords=~i2p-collab&order=priority

We dug into #1010. We agreed to make a "[node]anonymize", which means
"On startup, verify that all configuration options are compatible with
anonymity. If any aren't, stop the process with a useful error message
about the configuration option that is dangerous to anonymity.".

Action item for me: add a comment to that proposing a configuration UI
that I would like, then email Brian about it. Action item for Jeff:
update the patch on #1010.

https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1010# use only 127.0.0.1
as local address


Agenda Item 3: Tahoe-LAFS v1.11.0

I don't want to release Tahoe-LAFS v1.11 with regressions that make it
worse than Tahoe-LAFS v1.10. Currently, there are seven such
regressions!

https://tahoe-lafs.org/trac/tahoe-lafs/query?status=assigned&status=new&status=reopened&keywords=~regression&milestone=1.11.0&order=priority

The next step in the process of releasing v1.11 is to "elect" a
Release Manager. And by "elect" we mean that someone somehow gets
appointed to that role, and if they don't want to do it they have to
fight a bear.


Regards,

Zooko Wilcox-O'Hearn

Founder, CEO, and Customer Support Rep
https://LeastAuthority.com
Freedom matters.
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Fri Aug 23 09:45:25 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 23 Aug 2013 18:45:25 +0200
Subject: filesharing is terrism
Message-ID: <20130823164525.GB29404@leitl.org>


http://www.itnews.com.au/News/354407,nz-police-affidavits-show-use-of-prism-for-surveillance.aspx

NZ police affidavits show use of PRISM for surveillance

By Juha Saarinen on Aug 23, 2013 5:46 AM (20 hours ago) 

Filed under Security
 
Police affidavits related to the raid on Kim Dotcom's Mega mansion appear to
show that New Zealand police and spy agencies are able to tap directly into
United States surveillance systems such as PRISM to capture email and other
traffic.

The discovery was made by blogger Keith Ng who wrote on his On Point blog
that the Organised and Financial Crime Agency New Zealand (OFCANZ) requested
assistance from the Government Communications Security Bureau (GCSB), the
country's signals intelligence unit, which is charge of surveilling the
Pacific region under the Five-Eyes agreement.

A list of so-called selectors or search terms were provided to GCSB by the
police [PDF, redacted] for the surveillance of emails and other data traffic
generated by Dotcom and his Megaupload associates.

'Selectors' is the term used for the National Security Agency (NSA) XKEYSCORE
categorisation system that Australia and New Zealand contribute to and which
was leaked by Edward Snowden as part of his series of PRISM revelations.

Some "selectors of interest" have been redacted out, but others such as Kim
Dotcom's email addresses, the mail proxy server used for some of the accounts
and websites, remain in the documents.

Megaupload co-founders Bram van der Kolk and Sven Ecthernach was were also
targeted for electronic surveillance, ditto Dotcom's wife Mona.

Dotcom's mansion was raided by NZ police last year for crimes related to
online piracy, based on indictments filed in the US.

One note on the reports generated from the surveillance points to the system
used capturing real-time traffic.

Several of the documents are classified as "CONFIDENTIAL COMINT/NEW ZEALAND
EYES ONLY" with one being marked as "SECRET/COMINT/REL TO NZL, AUS, CAN, GBR,
USA".

The spying on Dotcom, his wife and van der Kolk was deemed to be illegal as
all three are residents of New Zealand and the GCSB is precluded by current
law from intercepting their communications.

In the United States, declassified government documents have been released to
the Electronic Frontier Fourndation that show the NSA operates an
eavesdropping program that has direct access to internet communications.

The documents are part of a statement by the US Foreign Intelligence
Surveillance Court (FISC) which berates the NSA for misleading the tribunal
on the extent of domestic spying on innocent people, saying such collection
was unconstitutional.

Copyright © iTnews.com.au . All rights reserved.




From coderman at gmail.com  Fri Aug 23 21:46:12 2013
From: coderman at gmail.com (coderman)
Date: Fri, 23 Aug 2013 21:46:12 -0700
Subject: [liberationtech] NSA Admits: Okay, Okay, There Have Been A Bunch
 Of Intentional Abuses, Including Spying On Love Interests | Techdirt
In-Reply-To: <CANhci9HhNwfi__HVd1=fHh20-FwwgTA=4pZLGVkq1wfjdv6tCA@mail.gmail.com>
References: <CANhci9HhNwfi__HVd1=fHh20-FwwgTA=4pZLGVkq1wfjdv6tCA@mail.gmail.com>
Message-ID: <CAJVRA1TmAbBOpUuGWwG25iiyiUku5sLsgcPoTZTjRWd12mZmKw@mail.gmail.com>

LOVEINT!!!

oh god this alone makes it all worth it,,, thank you Snowden!

P.S. setup a bitcoin donation address.

best regards,




On Fri, Aug 23, 2013 at 9:21 PM, Yosem Companys <companys at stanford.edu> wrote:
> http://www.techdirt.com/articles/20130823/18432024301/nsa-admits-okay-okay-there-have-been-bunch-intentional-abuses-including-spying-loved-ones.shtml
>
> NSA Admits: Okay, Okay, There Have Been A Bunch Of Intentional Abuses,
> Including Spying On Love Interests
>
> from the and-we're-just-now-telling-congress dept
>
> So, this week, we wrote about the NSA quietly admitting that there had been
> intentional abusesof its surveillance infrastructure, despite earlier claims
> by NSA boss Keith Alexander and various folks in Congress that there had
> been absolutely no "intentional" abuses. Late on Friday (of course) the NSA
> finally put out an official statement admitting to an average of one
> intentional abuser per year over the past ten years. The AP is reporting
> that at least one of the abuses involved an NSA employee spying on a former
> spouse. Meanwhile, the Wall Street Journal suggests that spying on love
> interests happens somewhat more often:
>
> The practice isn’t frequent — one official estimated a handful of cases in
> the last decade — but it’s common enough to garner its own spycraft label:
> LOVEINT.
>
> A handful is still significantly more than once. And it's a lot more than
> the "zero" times we'd been told about repeatedly by defenders of the
> program.
>
> While the NSA says it takes these abuses seriously, there's no indication
> that the analyst was fired.
>
> Much more troubling is that it appears that the NSA only told its oversight
> committee in the Senate about all of this a few days ago:
>
> The Senate Intelligence Committee was briefed this week on the willful
> violations by the NSA's inspector general's office, as first reported by
> Bloomberg.
>
> "The committee has learned that in isolated cases over the past decade, a
> very small number of NSA personnel have violated NSA procedures — in roughly
> one case per year," Sen. Dianne Feinstein, the California Democrat who
> chairs the committee, said in a statement Friday.
>
> Of course, this is the same Dianne Feinstein who, exactly a week ago, said
> the following:
>
> As I have said previously, the committee has never identified an instance in
> which the NSA has intentionally abused its authority to conduct surveillance
> for inappropriate purposes.
>
> Yeah. Because apparently the NSA chose not to tell the committee until a few
> days later, despite it happening for years.
>
> And, of course, they release this all on a Friday night, hoping that it'll
> avoid the news cycle...
>
> In the meantime, the NSA just made Senator Feinstein look like a complete
> fool. She's been its strongest defender in Congress for years, and has stood
> up for it time and time again, despite all of this questionable activity.
> Then, last week, it lets her tell lies about it without telling her
> beforehand that there had been such abuses. At this point, it's abundantly
> clear that Feinstein's "oversight" of the NSA is a joke. She's either
> incompetent or lying. Either way, it appears that the NSA is running circles
> around her, and isn't subject to any real Congressional oversight. At some
> point, you'd think that maybe she'd stop defending it and actually start
> doing her job when it comes to oversight. You'd think the fact that it let
> her make a complete fool of herself by claiming there had been no
> intentional abuses should make Feinstein realize that the NSA situation is
> out of control. But, tragically, this seems unlikely. Even her statement
> seems to want to minimize the seriousness of the fact that she -- the person
> in charge of oversight -- was completely kept in the dark about very serious
> intentional abuses. Senator Feinstein just got hung out to dry by the NSA.
> You'd think she'd stop going to bat for it and its lies.
>
> Either way, we've now gone from General Keith Alexander and Feinstein
> claiming "no abuses," to them saying no "intentional" abuses, to this latest
> admission of plenty of intentional abuses, including spying on lovers.
> Perhaps, instead of lying, it's time for the NSA to come clean and to get
> some real oversight.
>
>
> --
> Liberationtech is a public list whose archives are searchable on Google.
> Violations of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
> change to digest, or change password by emailing moderator at
> companys at stanford.edu.




From davidroman96 at gmail.com  Fri Aug 23 14:03:07 2013
From: davidroman96 at gmail.com (Stakewinner00)
Date: Fri, 23 Aug 2013 23:03:07 +0200
Subject: Alternatives to Lavabit
Message-ID: <5217CE0B.8050401@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Now that Lavabit is off, we should seek another server with encryption.
My question are, there are another encrypted email service like Lavabit?
Or we have to create a new encrypted email service?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEVAwUBUhfOC2nZMKDLC/xbAQKUMQgAjls2AY+VZpY4PEudvb5Dc5c+7SOYehHC
8GVDwkXRI+Pp09e3aTK5lYaij7fQZ/aGO3lGnr8Hm7s0xRYig7hpCPiIymJ/O9Kq
i0nQibqMrgLTter/7MkIbyjsmAvO1hYE8rbct1snk2JIDjw/gkLi4kzxtMd5h2qn
RZoMmAKgZlDou4MUDrpA9iTvRQY8qisB+27wAHgDYxtZzejdr0b2pNZxsaUwOLXv
EjASFiBPi07DyZqrDHUArGyiIMQn2sBqEEzmKvUrp4DTm1IT/B6e7A5tUhkDAX7r
ThcD2rKK43Kqog+zPogDJ8Hp3lhB7aR0QPTP3ILq7ioKmy+nvnQzOw==
=YEFA
-----END PGP SIGNATURE-----




From coderman at gmail.com  Sat Aug 24 00:41:34 2013
From: coderman at gmail.com (coderman)
Date: Sat, 24 Aug 2013 00:41:34 -0700
Subject: [liberationtech] NSA Admits: Okay, Okay, There Have Been A Bunch
 Of Intentional Abuses, Including Spying On Love Interests | Techdirt
In-Reply-To: <03e501cea08a$64930210$2db90630$@eff.org>
References: <CANhci9HhNwfi__HVd1=fHh20-FwwgTA=4pZLGVkq1wfjdv6tCA@mail.gmail.com>
 <CAJVRA1TmAbBOpUuGWwG25iiyiUku5sLsgcPoTZTjRWd12mZmKw@mail.gmail.com>
 <03e501cea08a$64930210$2db90630$@eff.org>
Message-ID: <CAJVRA1Qd-ZJ7u1pa=gnP3h58whR82=U7MZRxjJCXhrxUtjgJ3g@mail.gmail.com>

On Fri, Aug 23, 2013 at 10:25 PM, James S. Tyre <jstyre at eff.org> wrote:
> Best summary: https://twitter.com/slworona/status/370946271646711809


indeed; this codename gives the lie to all the congressional
testimony, to all the claims of controls and judiciary oversight, to
all the attestations of full compliance.

it's beautiful in laying bare the capriciousness to which the entire
intelligence juggernaut can be brought to bear against arbitrary
individuals; personal pettiness more than sufficient.




From kb at karelbilek.com  Sat Aug 24 02:31:06 2013
From: kb at karelbilek.com (=?ISO-8859-1?Q?Karel_B=EDlek?=)
Date: Sat, 24 Aug 2013 11:31:06 +0200
Subject: [liberationtech] NSA Admits: Okay, Okay, There Have Been A Bunch
 Of Intentional Abuses, Including Spying On Love Interests | Techdirt
In-Reply-To: <CAJVRA1TmAbBOpUuGWwG25iiyiUku5sLsgcPoTZTjRWd12mZmKw@mail.gmail.com>
References: <CANhci9HhNwfi__HVd1=fHh20-FwwgTA=4pZLGVkq1wfjdv6tCA@mail.gmail.com>
 <CAJVRA1TmAbBOpUuGWwG25iiyiUku5sLsgcPoTZTjRWd12mZmKw@mail.gmail.com>
Message-ID: <CAGUkT8YiBrREdFi=knQwgx7qUkaOUGkF63B-g0oosbHOy7Gsqw@mail.gmail.com>

I secretly hoped that is an Onion article.

On Sat, Aug 24, 2013 at 6:46 AM, coderman <coderman at gmail.com> wrote:
> LOVEINT!!!
>
> oh god this alone makes it all worth it,,, thank you Snowden!
>
> P.S. setup a bitcoin donation address.
>
> best regards,
>
>
>
>
> On Fri, Aug 23, 2013 at 9:21 PM, Yosem Companys <companys at stanford.edu> wrote:
>> http://www.techdirt.com/articles/20130823/18432024301/nsa-admits-okay-okay-there-have-been-bunch-intentional-abuses-including-spying-loved-ones.shtml
>>
>> NSA Admits: Okay, Okay, There Have Been A Bunch Of Intentional Abuses,
>> Including Spying On Love Interests
>>
>> from the and-we're-just-now-telling-congress dept
>>
>> So, this week, we wrote about the NSA quietly admitting that there had been
>> intentional abusesof its surveillance infrastructure, despite earlier claims
>> by NSA boss Keith Alexander and various folks in Congress that there had
>> been absolutely no "intentional" abuses. Late on Friday (of course) the NSA
>> finally put out an official statement admitting to an average of one
>> intentional abuser per year over the past ten years. The AP is reporting
>> that at least one of the abuses involved an NSA employee spying on a former
>> spouse. Meanwhile, the Wall Street Journal suggests that spying on love
>> interests happens somewhat more often:
>>
>> The practice isn’t frequent — one official estimated a handful of cases in
>> the last decade — but it’s common enough to garner its own spycraft label:
>> LOVEINT.
>>
>> A handful is still significantly more than once. And it's a lot more than
>> the "zero" times we'd been told about repeatedly by defenders of the
>> program.
>>
>> While the NSA says it takes these abuses seriously, there's no indication
>> that the analyst was fired.
>>
>> Much more troubling is that it appears that the NSA only told its oversight
>> committee in the Senate about all of this a few days ago:
>>
>> The Senate Intelligence Committee was briefed this week on the willful
>> violations by the NSA's inspector general's office, as first reported by
>> Bloomberg.
>>
>> "The committee has learned that in isolated cases over the past decade, a
>> very small number of NSA personnel have violated NSA procedures — in roughly
>> one case per year," Sen. Dianne Feinstein, the California Democrat who
>> chairs the committee, said in a statement Friday.
>>
>> Of course, this is the same Dianne Feinstein who, exactly a week ago, said
>> the following:
>>
>> As I have said previously, the committee has never identified an instance in
>> which the NSA has intentionally abused its authority to conduct surveillance
>> for inappropriate purposes.
>>
>> Yeah. Because apparently the NSA chose not to tell the committee until a few
>> days later, despite it happening for years.
>>
>> And, of course, they release this all on a Friday night, hoping that it'll
>> avoid the news cycle...
>>
>> In the meantime, the NSA just made Senator Feinstein look like a complete
>> fool. She's been its strongest defender in Congress for years, and has stood
>> up for it time and time again, despite all of this questionable activity.
>> Then, last week, it lets her tell lies about it without telling her
>> beforehand that there had been such abuses. At this point, it's abundantly
>> clear that Feinstein's "oversight" of the NSA is a joke. She's either
>> incompetent or lying. Either way, it appears that the NSA is running circles
>> around her, and isn't subject to any real Congressional oversight. At some
>> point, you'd think that maybe she'd stop defending it and actually start
>> doing her job when it comes to oversight. You'd think the fact that it let
>> her make a complete fool of herself by claiming there had been no
>> intentional abuses should make Feinstein realize that the NSA situation is
>> out of control. But, tragically, this seems unlikely. Even her statement
>> seems to want to minimize the seriousness of the fact that she -- the person
>> in charge of oversight -- was completely kept in the dark about very serious
>> intentional abuses. Senator Feinstein just got hung out to dry by the NSA.
>> You'd think she'd stop going to bat for it and its lies.
>>
>> Either way, we've now gone from General Keith Alexander and Feinstein
>> claiming "no abuses," to them saying no "intentional" abuses, to this latest
>> admission of plenty of intentional abuses, including spying on lovers.
>> Perhaps, instead of lying, it's time for the NSA to come clean and to get
>> some real oversight.
>>
>>
>> --
>> Liberationtech is a public list whose archives are searchable on Google.
>> Violations of list guidelines will get you moderated:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
>> change to digest, or change password by emailing moderator at
>> companys at stanford.edu.
>




From eugen at leitl.org  Sun Aug 25 00:27:49 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 25 Aug 2013 09:27:49 +0200
Subject: [liberationtech] Bradley Manning's sentence: 35 years for
 exposing us to the truth
Message-ID: <20130825072749.GD29404@leitl.org>

----- Forwarded message from Maxim Kammerer <mk at dee.su> -----


From eugen at leitl.org  Sun Aug 25 01:04:39 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 25 Aug 2013 10:04:39 +0200
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <CAD2Ti2_j2m4yCVOey3-uUEv=3bd3ZNMCzM7zSvujS8UN34d1KQ@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
 <2311068.3YlhGehAQP@laptosid>
 <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
 <CAD2Ti2_j2m4yCVOey3-uUEv=3bd3ZNMCzM7zSvujS8UN34d1KQ@mail.gmail.com>
Message-ID: <20130825080439.GK29404@leitl.org>

On Thu, Aug 22, 2013 at 01:51:16AM -0400, grarpamp wrote:

> I like the decentral model. But I wonder about how to affirmatively
> deny an influx of attacking nodes overtaking the network. It surely
> cannot be relegated to the simple user? So that seems 'hard' to me.

You need each node reputation stored in a global distributed
tamper-proof publishing system, obtained and acted upon by global
quorum. This is not easy, but Bitcoin and Tahoe LAFS show how
to build a more trusted network from untrusted components.

> For example, I think Tor may remain centralish rather than pure
> dhtish for that purpose. But what if the centrality was undertaken

If you want to scale to millions if not billions of nodes, what
are your options?

> anonymously by some voting humans (or their analytic nodes). Their track
> recourd could certainly be public yet anonymous therein. You would
> at that point be trusting/subscribing their record, purely, as opposed to
> dht or some other means, purely. What would p2p-hackers@ have to
> say on this?




From eugen at leitl.org  Sun Aug 25 01:13:47 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 25 Aug 2013 10:13:47 +0200
Subject: [tor-talk] IP Cloaking and the CFAA [Was: Appearing American]
Message-ID: <20130825081347.GL29404@leitl.org>

----- Forwarded message from Scott Elcomb <psema4 at gmail.com> -----


From eugen at leitl.org  Sun Aug 25 01:14:27 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 25 Aug 2013 10:14:27 +0200
Subject: [tahoe-dev] weekly dev chat notes from 2013-08-21
Message-ID: <20130825081427.GM29404@leitl.org>

----- Forwarded message from Zooko Wilcox-OHearn <zooko at leastauthority.com> -----


From eugen at leitl.org  Sun Aug 25 01:15:02 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 25 Aug 2013 10:15:02 +0200
Subject: [tor-talk] Appearing American and VPNs writ large
Message-ID: <20130825081502.GN29404@leitl.org>

----- Forwarded message from Griffin Boyce <griffinboyce at gmail.com> -----


From eugen at leitl.org  Sun Aug 25 02:19:09 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sun, 25 Aug 2013 11:19:09 +0200
Subject: [cryptography] urandom vs random
Message-ID: <20130825091909.GR29404@leitl.org>

----- Forwarded message from Peter Gutmann <pgut001 at cs.auckland.ac.nz> -----


From coderman at gmail.com  Sun Aug 25 13:21:32 2013
From: coderman at gmail.com (coderman)
Date: Sun, 25 Aug 2013 13:21:32 -0700
Subject: =?windows-1252?Q?Re=3A_=5Bliberationtech=5D_Why_can=92t_email_be_secure=3F_=2D_?=
 =?windows-1252?Q?Silent_Circle_Blog?=
In-Reply-To: <521A53FE.8050004@riseup.net>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <521A53FE.8050004@riseup.net>
Message-ID: <CAJVRA1RaY8sCXrt2VL=LG4bzfy9sBqpkc=S32oCu2-K9=9hfLQ@mail.gmail.com>

On Sun, Aug 25, 2013 at 11:59 AM, katana <katana at riseup.net> wrote:
> ... as Ladar replied in
> <http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service>
> to Amy's question 'Do you think people should use email?': 'Yeah, I
> think it’s a great way to communicate ... And I think email still has a
> very important role to play in communication between people.' ACK.


it is a question of private vs. public communication.


email is and will continue to be useful for public communication. this
gmail account indexes 190+ lists, 10,000 news alerts from scores of
filters (everything from "TS//SI//NF" to "Flame OR Gauss OR Duqu OR
Stuxnet" to Goldreich–Goldwasser–Halevi), a total of 643,132 pieces of
communication. i can search through all of it in seconds and apply new
filters to existing content just as easily as new, and keep an offline
backup just in case.

but there is zero i would consider private; for that use a medium of
communication that is not a usability failure, that is not a metadata
leakage nightmare, that is not an operational security mine field.


let email _for private communication_ die already, please!




From coderman at gmail.com  Sun Aug 25 13:40:38 2013
From: coderman at gmail.com (coderman)
Date: Sun, 25 Aug 2013 13:40:38 -0700
Subject: [liberationtech] Why_can't_email_be_secure
In-Reply-To: <CAPKVt5LtuZzs5v0J29rDzvbjaR2sQaodeCZBJNyTr7+fzFC-nQ@mail.gmail.com>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <20130825191448.ED128EAACB@snorky.mixmin.net>
 <CAPKVt5LtuZzs5v0J29rDzvbjaR2sQaodeCZBJNyTr7+fzFC-nQ@mail.gmail.com>
Message-ID: <CAJVRA1TrLZ2g2+MBzZiW3SQAnWwp0SdL5giFntotDbLV1AEQKQ@mail.gmail.com>

On Sun, Aug 25, 2013 at 12:26 PM, Ali-Reza Anghaie <ali at packetknife.com> wrote:
> ...
> And herein lies the problem - Silent Circle isn't talking to "us" -
> they are talking to the other 99.99% of email users in the world.


and to StealthMonger's point about latest generation mix networks for
best privacy, why not instead focus on building low latency protocols
that are resistant to traffic analysis and confirmation?

make them datagram based; utilize user space stacks and latest
research.  solving the low latency datagram anonymity problem enables
existing usable private communication with the additional benefit of
endpoint and peer anonymity.

i believe this possible to make useful, even if never infallible.
certainly more possible than the odds of making truly scalable,
available, and _usable_ mix mailer networks and clients for the
masses.


most important: make this low latency infrastructure usable and cross
platform, so the implementations are easily adopted... like Napster
and BitTorrent back in the day. ;)




From rich at openwatch.net  Sun Aug 25 15:25:37 2013
From: rich at openwatch.net (Rich Jones)
Date: Sun, 25 Aug 2013 15:25:37 -0700
Subject: Equilibrium 51% Attack Cost of Bitcoin Network
Message-ID: <CADJYzxL-B4zQb5eq-OARq5U0C50BNFr=cA_uYVkoMqT9yfPz3Q@mail.gmail.com>

Nifty little tool showing the estimated cost of controlling the majority of
the Bitcoin network:

https://www.resallex.com/bitcoin/brix

Would love to see something similar for the Tor network - my guess is that
the cost there is probably at least an order-of-magnitude lower, but that's
just my intuition.

R

>From the site..

> Introduction
>
> *Equilibrium 51% Attack Cost:* This is a metric attempting to calculate
> the total present value cost required to attack the Bitcoin network through
> majority hashing power (51% attack). The metric is meant to be viewed as a
> snapshot in time as if an attacker decided to invest in attacking the
> network under the current conditions.
> *BRIX Score:* "Bitcoin Robustness Index" - The relative rank of Bitcoin's
> 51% attack cost compared to annual military expenditures among all nations.
> Method This metric is, in essence, equal to 51% of the present value
> ("PV") of all future revenues derived from bitcoin mining using current Mt.
> Gox prices. Revenues include both block rewards and transaction fees. The
> purpose behind using PV as a measuring tool is to approximate the
> incentives to miners to build upon the Bitcoin network. The measure can be
> viewed as an aggregate of all the cost-benefit analyses done by individual
> miners. We believe this is superior to other methods of calculating the
> attack cost, including variables such as current hash rates and current
> capital costs, because the model is independent of technology advancements.
> Under the equilibrium model, miners will continue to invest in equipment
> until they reach the point where marginal cost equals marginal revenue (the
> point of profit maximization). Under perfect competition (of which bitcoin
> mining is effectively), this point will also be where aggregate cost equals
> aggregate revenue. If we assume the variables that can affect mining
> revenue are held constant ($/btc & transaction fees), then it is easy to
> calculate aggregate revenue and therefore also aggregate cost. Since we
> know aggregate revenue equals aggregate cost, by calculating 51% of
> aggregate revenue we effectively calculate 51% of the aggregate cost to
> miners.
>
>
> We calculated this metric by discounting each block reward (210,000
> blocks) as if it were an annuity and then discounting it further to its
> present value. Then, we added estimated transaction fees based off
> historical records.
>  Assumptions
>
> This metric is meant to represent a model at equilibrium. Therefore it
> represents a snapshot of 51% of the incentive to miners at the current
> price and current transaction fee levels. The idea is that miners are
> willing to invest in the network as long as it is profitable to continue
> doing so. We assume the following:
>
>    - * Rational Actors: * We assume all mining participants are rational
>    actors and strictly pursue profit maximization. We ignore all other
>    motivations, including political, emotional, and reputational. All other
>    heuristics and biases are ignored.
>    - * Static Variables: * We assume that the variables in the model are
>    static, and therefore represent a 'snapshot in time'. There are no growth
>    forecasts for either price or transaction fees.
>    - * Perfect Competition: * We assume that all miners and potential
>    attackers have access to the same technology, resources, and information.
>    There is no technological advantage for any party that would exclusively
>    decrease mining costs or otherwise acquire mining equipment faster.
>    - * Discount Rate: 8% * Our model discounts future cash flows by 8%.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6291 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130825/35e2aa05/attachment.txt>

From coderman at gmail.com  Sun Aug 25 17:31:24 2013
From: coderman at gmail.com (coderman)
Date: Sun, 25 Aug 2013 17:31:24 -0700
Subject: =?windows-1252?Q?Re=3A_=5Bliberationtech=5D_Why_can=92t_email_be_secure=3F_=2D_?=
 =?windows-1252?Q?Silent_Circle_Blog?=
In-Reply-To: <E1VDiJl-00007Q-FB@elasmtp-masked.atl.sa.earthlink.net>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <521A53FE.8050004@riseup.net>
 <CAJVRA1RaY8sCXrt2VL=LG4bzfy9sBqpkc=S32oCu2-K9=9hfLQ@mail.gmail.com>
 <E1VDiJl-00007Q-FB@elasmtp-masked.atl.sa.earthlink.net>
Message-ID: <CAJVRA1TxHn-Ric61HQ51y_pWMbXY9kyxy-Enz8rNZSCQx3TeRg@mail.gmail.com>

On Sun, Aug 25, 2013 at 3:00 PM, John Young <jya at pipeline.com> wrote:
> ...
> Presume that digital means are the easiest to fuck with,
> ...
> First do not expect anyone to believe anything using the
> word "security." So comsec is dead due to abuse. Maybe
> compriv is better, understanding that privacy has become
> a crock of shit too.
> ... Natsec really
> hates being cut out of any kind of communication. It
> will use virtually unlimited means to get inside, most
> of them kept secret and manifestly violent if needs
> be.
>
> So compriv should not be promoted as capable to
> exclude natsec's prying, stealing, owning, using to
> demolish with its opponents.


the battle very weighted toward one's favor, however,
 it is fun to try!
    ;)




From jya at pipeline.com  Sun Aug 25 15:00:17 2013
From: jya at pipeline.com (John Young)
Date: Sun, 25 Aug 2013 18:00:17 -0400
Subject: =?iso-8859-1?Q?Re:_[liberationtech]_Why_can=92t_email_be_?= 
 secure? -  Silent Circle Blog
In-Reply-To: <CAJVRA1RaY8sCXrt2VL=LG4bzfy9sBqpkc=S32oCu2-K9=9hfLQ@mail.g
 mail.com>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <521A53FE.8050004@riseup.net>
 <CAJVRA1RaY8sCXrt2VL=LG4bzfy9sBqpkc=S32oCu2-K9=9hfLQ@mail.gmail.com>
Message-ID: <E1VDiJl-00007Q-FB@elasmtp-masked.atl.sa.earthlink.net>

A swell beginning, for email to be merely one way to
communicate, supplemented with unlimited other
ways which do not require email, or for that matter,
the Internet or any digital means.

Presume that digital means are the easiest to fuck with,
sorry, subvert, corrupt, pack with junk, surveil, harvest,
store, search, forge, track, make your own list on your
digital device and expect it to be violated accordingly
and used against you whether you know or not, usually
not. Here especially.

Now the other means, non-digital, ancient and amply
used and understood among those who use them
although susceptible to the digital vulnerabilites if
considerable more difficult:

Paper
Music
Sound
Dance
Architecture
Plastic arts
Graphic arts
Poetry
Drum
Glossalia
Jokes
Holler
Gypsy
Mime
Chant
Curse
Vulgarity
Sex
Sin

And much more everybody uses with greater facility
than digital emissions.

Note that conventional lanugages are not on the list
because of the heavy reliance upon them to communicate
and thus most heavily scutinized and attacked, usually
successfully.

Language is like metadata, with only its mastery the content
can be followed from end to end, then the ends burgled,
beat, cut, shot, persuaded to talk in plain language.

Steagonagraphy is not on the list unless it is non-digital,
and if not, then hiding communication has great potential.
Its weakness is finding a means, non-digital, for preparation
and transceiving.

For example, architecture is an ancient means of communication,
among its funders, designers, builders, maintainers, destructors,
restorers, investors, evaluators, burgler, surveyors, surveillors,
protectors, attackers, underminers, repairers, materials suppliers,
excavators, and a host of participants -- the list of guilds and unions
and professionals is vast -- perhaps one of the largest cohorts
of quasi-private aggregations on earth lagging only farmers
if taken to mean any form of human construction. I flatter
myself, so do yourself likewise.

Similarly, just about any specialty of human intercourse has
its quasi-private, esoteric, unique means of communication.
The human body specialists -- scientific, shamanistic, soulseeking --
along with its pschobabbling corollary, generates a fantastic
array of marketable, if not wholly, believable garble and
gibberish. Politics and law the most vivid at laying on the
self-serving shit about the necessity of government and
the rule of law(yers).

Now back to the simple task of communicating in private.
Before that, a side note, the end is near:

First do not expect anyone to believe anything using the
word "security." So comsec is dead due to abuse. Maybe
compriv is better, understanding that privacy has become
a crock of shit too.

"Shit bag" (thanks to Assange) Natsec needs to go as well
because it has been abused the most of all since assuming
the parmount importance of a secular religion prevailing
over all belief-systems with deadly weaponry, heartlessness,
amorality, criminality and unaccountability, motto: fuck with
it and you will die. Much evidence of motto in deed. And
much evidence it will be used against its insiders.

This is relevant to private communication. Natsec really
hates being cut out of any kind of communication. It
will use virtually unlimited means to get inside, most
of them kept secret and manifestly violent if needs
be.

So compriv should not be promoted as capable to
exclude natsec's prying, stealing, owning, using to
demolish with its opponents. OTR is futile, BTW,
as comsec.

Wind compriv down to comchat. Then wind comchat
down to comgossip, to comwhine, comjoke, comlie,
comlurk, comslur, com-social engineer. You get the
point. Do nothing life-threatening or natsec defying
by com-whatever. Communications is owned by
those who provide its means and they are owned
by extremely badass natsec ritualists willing to
barbecue your beloveds to share the goodness
carefully prescribed in their secret manuals of
unlimited warfare.

In conclusion, there you have it, com-bat, the most
reliable means of communication. Anything less is
com-ical.





From coderman at gmail.com  Sun Aug 25 18:13:11 2013
From: coderman at gmail.com (coderman)
Date: Sun, 25 Aug 2013 18:13:11 -0700
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <CAHWD2rKShxsPM4aosUH47FtJBeW7yj+j5kw8YoqtcMAEXBuLww@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
 <2311068.3YlhGehAQP@laptosid>
 <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
 <CAD2Ti2_j2m4yCVOey3-uUEv=3bd3ZNMCzM7zSvujS8UN34d1KQ@mail.gmail.com>
 <20130825080439.GK29404@leitl.org>
 <CAHWD2rKShxsPM4aosUH47FtJBeW7yj+j5kw8YoqtcMAEXBuLww@mail.gmail.com>
Message-ID: <CAJVRA1Tboo5cTcR7r=2sAjDbTo+sqGpqKwNRW=k_RyP=pSdCKA@mail.gmail.com>

On Sun, Aug 25, 2013 at 5:39 PM, Lodewijk andré de la porte
<l at odewijk.nl> wrote:
>...
> You must have a really stupid P2P network if it doesn't scale. Can you even
> still call it p2p if it doesn't scale?


replicate broadcast functionality (most suited to wireless
transmissions) in the unicast datagram model and you have p2p that
doesn't scale. remember first gen gnutella?




From eric at konklone.com  Sun Aug 25 17:06:38 2013
From: eric at konklone.com (Eric Mill)
Date: Sun, 25 Aug 2013 20:06:38 -0400
Subject: Who bought off Zimmermann?
In-Reply-To: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
Message-ID: <CANBOYLV66ovr_x6UK1+MT-6jh-ktKBfs1PnY-9Q5PEL=kCWrmw@mail.gmail.com>

In the full context of the question and the answer, Zimmermann explains
that because they didn't have a smartphone client for PGP, they were forced
to hold the keys on their servers. Under these conditions, a court order
could force him to silently wiretap users who otherwise believe their
product is secure.

I don't know enough to evaluate his decision not to use PGP on smartphones,
and what the challenges there are. It's also possible he was incorrect or
misleading in marketing Silent Circle's email service - the question starts
with "You said in the past that Silent Circle’s products were secure
because you don’t hold the encryption keys...", and that is obviously not
the case (for email).

But I certainly wouldn't assume he's bought off. In the full scenario he
describes, that Silent Circle was in, it was impossible for them to
guarantee end-to-end encrypted email bodies in the long run. That's all
he's saying.

-- Eric


On Sun, Aug 25, 2013 at 7:54 PM, StealthMonger <StealthMonger at nym.mixmin.net
> wrote:

> How ironic and sad it is that Phil Zimmermann, the author of PGP, has
> become so imbued with the enterprise culture that he's now so blind to
> the original peer-to-peer spirit of PGP that he would say things like
>
>    There is no way to do encrypted e-mail where the content is
>    protected.  [1]
>
> This is simply false.
>
> If sender and receiver exchange keys out-of-band and nobody else knows
> the keys, the content can have cryptographically strong protection.
>
> Why would Zimmermann allow himself to be bought off?  What kind of
> pressure is being brought to bear?  Is this protracted world-class human
> engineering in action?
>
>
> [1]
> http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-problem-qa-with-silent-circle-co-founder-phil-zimmermann/
>
>
> --
>
>
>  -- StealthMonger <StealthMonger at nym.mixmin.net>
>     Long, random latency is part of the price of Internet anonymity.
>
>    anonget: Is this anonymous browsing, or what?
>
> http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain
>
>    stealthmail: Hide whether you're doing email, or when, or with whom.
>    mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html
>
>
> Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key
>
>


-- 
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3570 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130825/64bc5455/attachment.txt>

From jya at pipeline.com  Sun Aug 25 17:36:49 2013
From: jya at pipeline.com (John Young)
Date: Sun, 25 Aug 2013 20:36:49 -0400
Subject: Who bought off Zimmermann?
In-Reply-To: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
Message-ID: <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>

Phil probably means the infrastructure of email is the vul not the
crypto. Crypto alone is sterile, a boy in a bubble which requires
life support which can be assaulted.

Two boys in a bubble cannot make contact except in the same
bubble. End to end encryption is the bubble.

One description of the safest communication is do not
comm, unicate. Into the mountain refuge go thee, hermit,
ruminate thine self to find god ... is unspeakable.

This is not to suggest that every comsec wizard ever on
earth was not bought at birth or sold as idiot savant. Hell, the
essence of comsec is to sell security deception, aka
Typhoid Mary Mensa.

Hence this marketplace.



At 07:54 PM 8/25/2013, you wrote:
>How ironic and sad it is that Phil Zimmermann, the author of PGP, has
>become so imbued with the enterprise culture that he's now so blind to
>the original peer-to-peer spirit of PGP that he would say things like
>
>    There is no way to do encrypted e-mail where the content is
>    protected.  [1]
>
>This is simply false.
>
>If sender and receiver exchange keys out-of-band and nobody else knows
>the keys, the content can have cryptographically strong protection.
>
>Why would Zimmermann allow himself to be bought off?  What kind of
>pressure is being brought to bear?  Is this protracted world-class human
>engineering in action?
>
>
>[1] 
>http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-problem-qa-with-silent-circle-co-founder-phil-zimmermann/
>
>
>--
>
>
>  -- StealthMonger <StealthMonger at nym.mixmin.net>
>     Long, random latency is part of the price of Internet anonymity.
>
>    anonget: Is this anonymous browsing, or what?
> 
>http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain
>
>    stealthmail: Hide whether you're doing email, or when, or with whom.
>    mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html
>
>
>Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key
>
>





From skquinn at rushpost.com  Sun Aug 25 19:09:01 2013
From: skquinn at rushpost.com (Shawn K. Quinn)
Date: Sun, 25 Aug 2013 21:09:01 -0500
Subject: Who bought off Zimmermann?
In-Reply-To: <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
Message-ID: <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>

On Sun, Aug 25, 2013, at 07:36 PM, John Young wrote:
> Phil probably means the infrastructure of email is the vul not the
> crypto. Crypto alone is sterile, a boy in a bubble which requires
> life support which can be assaulted.

I think Phil is referring to traffic analysis. We solved this problem
already somewhat with Mixmaster, but it's cumbersome to impossible to
use for everyday email.

-- 
  Shawn K. Quinn
  skquinn at rushpost.com




From bill.stewart at pobox.com  Sun Aug 25 21:12:56 2013
From: bill.stewart at pobox.com (Bill Stewart)
Date: Sun, 25 Aug 2013 21:12:56 -0700
Subject: Who bought off Zimmermann?
In-Reply-To: <1377482941.19714.14048665.78F4D94C@webmail.messagingengine .com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>
Message-ID: <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>

At 07:09 PM 8/25/2013, Shawn K. Quinn wrote:
>On Sun, Aug 25, 2013, at 07:36 PM, John Young wrote:
> > Phil probably means the infrastructure of email is the vul not the
> > crypto. Crypto alone is sterile, a boy in a bubble which requires
> > life support which can be assaulted.
>
>I think Phil is referring to traffic analysis. We solved this problem
>already somewhat with Mixmaster, but it's cumbersome to impossible to
>use for everyday email.

It's not just traffic analysis, though that's another layer of the problem.
And it's not just the issue of PGP being hard to run on some phones, 
though that makes it a problem for users of those phones.

Phil's not just a cryptographer; he's primarily a service provider here.
If you assume that the NSA can come to you with a FISA court order 
overriding ECPA, saying
         "Give us every piece of information that anybody sends you,
         including your subscribers and outsiders who want to send 
email to them,
         any time any new bit of information arrives, Or Else!"
then you can't run a "secure" email service that accepts unencrypted email,
because what you have isn't secure against that threat model.

If the NSA and their rubber-stamping buddies at FISA aren't stepping 
way over the bright shiny constitutionality line,
you could run an email service that automatically PGP-encrypts any 
incoming message to a public key associated with the mailbox, and 
build a user interface for the mailbox client's device that's not 
totally annoying.
The fact that Phil and Jon say they can't run a service implies that 
the threat model includes mail in transit, not just mail delivered to 
a mailbox.

You might be able to run an email service that scans inbound email for an
         X-PGP-Encrypted: header, and if it sees "From:" or "Subject:" first,
bounces the email with a 503 or 550: "Sorry, Encrypted Email Only, 
Get PGP at www.pgp.com",
but that's really more annoying than just using Gmail with a user 
name pgp-only-johndoe43 at gmail.com.

An alternative threat model is that the NSA declares anybody sending 
encrypted mail to be a target (s/target/weasel-word-of-the-week/g), 
so any ISP that sends data to silentcircle.com has to allow the NSA 
to wiretap their connections, just in case they might be encrypted 
email.  The effects are similar, though it wouldn't provide access to 
the contents of encrypted SMTP sessions; Phil and Jon might also be 
refusing to handle email because of this slightly less aggressive threat model.

                 Bill Stewart




From bill.stewart at pobox.com  Sun Aug 25 22:52:20 2013
From: bill.stewart at pobox.com (Bill Stewart)
Date: Sun, 25 Aug 2013 22:52:20 -0700
Subject: [liberationtech] Why_can't_email_be_secure
In-Reply-To: <CAJVRA1TrLZ2g2+MBzZiW3SQAnWwp0SdL5giFntotDbLV1AEQKQ@mail.g
 mail.com>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <20130825191448.ED128EAACB@snorky.mixmin.net>
 <CAPKVt5LtuZzs5v0J29rDzvbjaR2sQaodeCZBJNyTr7+fzFC-nQ@mail.gmail.com>
 <CAJVRA1TrLZ2g2+MBzZiW3SQAnWwp0SdL5giFntotDbLV1AEQKQ@mail.gmail.com>
Message-ID: <20130826055220.9C7F7E806@a-pb-sasl-quonix.pobox.com>

At 01:40 PM 8/25/2013, coderman wrote:
>and to StealthMonger's point about latest generation mix networks for
>best privacy, why not instead focus on building low latency protocols
>that are resistant to traffic analysis and confirmation?

Because "low latency protocols that are resistant to traffic analysis"
is a really really hard problem.  Even doing
"high latency protocols that are resistant to traffic analysis"
is a really hard problem.  "Building" them is a mere application of
sufficiently advanced technology, right?

>make them datagram based; utilize user space stacks

Datagrams don't give you any useful anonymity,
because any decent ISP is going to block forged-source packets,
but they do give you a bit more flexibility about timing,
which is important for defending against traffic analysis.

The standard warning about using them for an application is
that it's extremely tempting to use them to reinvent TCP badly,
because TCP really does a lot of things you want,
and in a security context it's tempting to also reinvent TLS badly.

Some other problems with them are that you need to get firewalls
to allow them through, unless you disguise them as other protocols
like the horribly evil things Dan Kaminsky regularly does to DNS,
and if you don't disguise them then they stick out like a sore thumb
on any IDS or netflow analyser.  And if you're the only person using
that protocol, you're not hiding from traffic analysis.
It's a lot easier to hide if you implement your datagrams as
http/https transactions of some kind, but building a bunch of relay nodes
to pass those transactions along ends up reinventing Tor.

Putting them in user space is just fine and mostly more portable.
It's hard to get millisecond-level latency if you do that,
but you can't hide from traffic analysis with latency that low anyway.





From bill.stewart at pobox.com  Sun Aug 25 23:03:02 2013
From: bill.stewart at pobox.com (Bill Stewart)
Date: Sun, 25 Aug 2013 23:03:02 -0700
Subject: Who bought off Zimmermann?
In-Reply-To: <1377495934.25432.14094341.4780FF16@webmail.messagingengine .com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>
 <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
 <1377495934.25432.14094341.4780FF16@webmail.messagingengine.com>
Message-ID: <20130826060313.939D8E844@a-pb-sasl-quonix.pobox.com>

At 10:45 PM 8/25/2013, Shawn K. Quinn wrote:
>Though I think the following poster who
>suggested scanning the email itself for the PGP identifier might be more
>useful and less prone to being fooled by someone who just puts the
>header in there without actually encrypting.

Anybody who's putting in the header without doing the encryption
is going out of their way to ask for trouble, and presumed to be
doing it on purpose, whether for entrapment or denial of service or whatever.
As long as you don't make it easy to do by accident, it's not a problem.

>Also, headers don't have to
>be in a specific order, it's possible that "From:" or "Subject:"
>accidentally get moved ahead of "X-PGP-Encrypted:" by mistake and that
>would result in a false bounce.

The threat model I was worrying about was that if you get to From: or Subject:,
and you're subject to an NSA Vacuum Cleaner Order,
you've got potentially sensitive information about your users or their contacts
that you could be forced to retain and turn over.
You need to reject the message before you see that, which means checking the
header keyword before you accept any characters past the :.
And yeah, that means you could get false bounces, but hopefully anybody who's
trying to hide their identity from the NSA will leave those headers out
of the cleartext part of the message anyway.
Ideally you don't even want the SMTP-level FROM keyword, but it's probably hard
to get most MTAs not to send that one.




From bill.stewart at pobox.com  Sun Aug 25 23:14:24 2013
From: bill.stewart at pobox.com (Bill Stewart)
Date: Sun, 25 Aug 2013 23:14:24 -0700
Subject: Reject non-PGP mail (was: Re: Who bought off Zimmermann?)
In-Reply-To: <521AE6A8.1050902@headstrong.de>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>
 <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
 <521AE6A8.1050902@headstrong.de>
Message-ID: <20130826061423.6307AE881@a-pb-sasl-quonix.pobox.com>

At 10:24 PM 8/25/2013, Moritz wrote:
>On 26.08.2013 06:12, Bill Stewart wrote:
> > You might be able to run an email service that scans inbound email for an
> >         X-PGP-Encrypted: header, and if it sees "From:" or "Subject:"
> > first,
> > bounces the email with a 503 or 550: "Sorry, Encrypted Email Only, Get
> > PGP at www.pgp.com",
>
>If you're crazy enough to do so, here's a mail filter that rejects
>non-PGP mail. Currently, it simply scans the first 5000 characters for
>"-----BEGIN PGP MESSAGE-----", and, if not there, rejects with a 550.
>
>https://github.com/moba/pgpmilter
>
>We will use it soon for the onion.to Tor mail gateway:
>
>https://lists.torproject.org/pipermail/tor-talk/2013-August/029464.html

Oh, cool.  I was going for more paranoid than that -
if you're an email provider and the NSA has given you an order to
retain all data and rat out all your customers,
theoretically you don't even want to accept that much,
but if it's feeding into Tor or some remailer anyway,
non-PGP mail won't get very far, and you're less likely to be
the kind of service provider who gets NSA/FISA orders.




From collin at sibilance.org  Sun Aug 25 21:12:37 2013
From: collin at sibilance.org (Collin RM Stocks)
Date: Mon, 26 Aug 2013 00:12:37 -0400
Subject: Avaaz in "grave danger" due to GMail spam filters
In-Reply-To: <5212488E.5070807@cpunk.us>
References: <7753449.v5aJnrzhsU@laptosid>
 <20130819093642.GA19173@uriel.asininetech.com>
 <CAHWD2rKRADxLOKzZ6LBYOQzKNzKn+-h3xqTupHU2xBO_sT+EDw@mail.gmail.com>
 <2231951.HaiaVyPRDn@laptosid> <20130819155528.GB19173@uriel.asininetech.com>
 <5212488E.5070807@cpunk.us>
Message-ID: <521AD5B5.5060102@sibilance.org>

On 08/19/2013 12:32 PM, CryptoFreak wrote:
> The solution *could* be to host their own mail server if it were made
> easy enough for them. I'm thinking something like a Raspberry Pi with
> very well designed web UI for simple configuration and management.
> Include a nice webmail client and even most non-techies could probably
> do this.
>

One additional problem: almost no email providers will accept incoming 
email from dynamic IP addresses, and, unless you pay your ISP $$$, most 
people can't get a static IP address.

Someone else already mentioned uptime as an issue.




From skquinn at rushpost.com  Sun Aug 25 22:45:34 2013
From: skquinn at rushpost.com (Shawn K. Quinn)
Date: Mon, 26 Aug 2013 00:45:34 -0500
Subject: Who bought off Zimmermann?
In-Reply-To: <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>
 <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
Message-ID: <1377495934.25432.14094341.4780FF16@webmail.messagingengine.com>

On Sun, Aug 25, 2013, at 11:12 PM, Bill Stewart wrote:
> You might be able to run an email service that scans inbound email for an
>          X-PGP-Encrypted: header, and if it sees "From:" or "Subject:"
>          first,
> bounces the email with a 503 or 550: "Sorry, Encrypted Email Only, 
> Get PGP at www.pgp.com",
> but that's really more annoying than just using Gmail with a user 
> name pgp-only-johndoe43 at gmail.com.

I like the concept, but not with the ad for commercial PGP at the
expense of GnuPG and others. Though I think the following poster who
suggested scanning the email itself for the PGP identifier might be more
useful and less prone to being fooled by someone who just puts the
header in there without actually encrypting. Also, headers don't have to
be in a specific order, it's possible that "From:" or "Subject:"
accidentally get moved ahead of "X-PGP-Encrypted:" by mistake and that
would result in a false bounce.

-- 
  Shawn K. Quinn
  skquinn at rushpost.com




From StealthMonger at nym.mixmin.net  Sun Aug 25 16:54:03 2013
From: StealthMonger at nym.mixmin.net (StealthMonger)
Date: Mon, 26 Aug 2013 00:54:03 +0100 (BST)
Subject: Who bought off Zimmermann?
Message-ID: <20130825235403.BDDC4EAABC@snorky.mixmin.net>

How ironic and sad it is that Phil Zimmermann, the author of PGP, has
become so imbued with the enterprise culture that he's now so blind to
the original peer-to-peer spirit of PGP that he would say things like

   There is no way to do encrypted e-mail where the content is
   protected.  [1]

This is simply false.

If sender and receiver exchange keys out-of-band and nobody else knows
the keys, the content can have cryptographically strong protection.

Why would Zimmermann allow himself to be bought off?  What kind of
pressure is being brought to bear?  Is this protracted world-class human
engineering in action?


[1] http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-problem-qa-with-silent-circle-co-founder-phil-zimmermann/


-- 


 -- StealthMonger <StealthMonger at nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?
   http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html


Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/fd676974/attachment.sig>

From coderman at gmail.com  Mon Aug 26 00:55:11 2013
From: coderman at gmail.com (coderman)
Date: Mon, 26 Aug 2013 00:55:11 -0700
Subject: [liberationtech] Why_can't_email_be_secure
In-Reply-To: <20130826055220.9C7F7E806@a-pb-sasl-quonix.pobox.com>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <20130825191448.ED128EAACB@snorky.mixmin.net>
 <CAPKVt5LtuZzs5v0J29rDzvbjaR2sQaodeCZBJNyTr7+fzFC-nQ@mail.gmail.com>
 <CAJVRA1TrLZ2g2+MBzZiW3SQAnWwp0SdL5giFntotDbLV1AEQKQ@mail.gmail.com>
 <20130826055220.9C7F7E806@a-pb-sasl-quonix.pobox.com>
Message-ID: <CAJVRA1QLVrZ82i1qrm+heT9Hb1CXkZ-KAsQ1p81hwAVwZZXi5w@mail.gmail.com>

On Sun, Aug 25, 2013 at 10:52 PM, Bill Stewart <bill.stewart at pobox.com> wrote:
> ...
> Because "low latency protocols that are resistant to traffic analysis"
> is a really really hard problem.  Even doing
> "high latency protocols that are resistant to traffic analysis"
> is a really hard problem.

the best kind of problems!



> Datagrams don't give you any useful anonymity,

correct. i mention them as a prerequisite for both protection and usability.

protection for example, with end-to-end SCTP multi-homed endpoints via
userspace stacks would avoid predecessor attacks - if you block one
route there are others which transit traffic, maintaining an
uninterrupted session across otherwise individually volatile paths.

usability for example to support UDP traffic and applications which
are not currently served via TCP and connection oriented services.



> ...
> The standard warning about using them for an application is
> that it's extremely tempting to use them to reinvent TCP badly,

sadly, even TCP re-invented in user space is insufficient. you want a
specific protocol implementation of multi-homed SCTP in userspace,
probably on top of other protocol supports like LEDBAT or AQM. perhaps
using ORCHID IPv6 identifiers for endpoint addressing. lot's of
options; and as you said: it's a hard problem!



> Some other problems with them are that you need to ...
> disguise them as other protocols.

this is a separate problem. for the core transport encapsulation in
UDP may be sufficient. for censorship avoidance you will likely need
to bounce over a DUST like path first to access such an anonymizing
network. topology is an interesting subject, as the design must be
decentralized but may not need to be homogenous.



> Putting them in user space is just fine and mostly more portable.
> It's hard to get millisecond-level latency if you do that,
> but you can't hide from traffic analysis with latency that low anyway.

you want variable latency at the datagram level (e.g. stochastic
reordering and shaping of traffic, with prioritization done at the
endpoint where flows are visible.) more than the utmost in
performance. as long as it is overall TCP fair of course :)



and this is just the start. we haven't touched on network discovery,
path awareness/selection/weighting, etc.  as you said, hard problems;
the best kind of problems!




From l at odewijk.nl  Sun Aug 25 17:28:11 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 26 Aug 2013 02:28:11 +0200
Subject: Who bought off Zimmermann?
In-Reply-To: <CANBOYLV66ovr_x6UK1+MT-6jh-ktKBfs1PnY-9Q5PEL=kCWrmw@mail.gmail.com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <CANBOYLV66ovr_x6UK1+MT-6jh-ktKBfs1PnY-9Q5PEL=kCWrmw@mail.gmail.com>
Message-ID: <CAHWD2r+=e3CLJbp_+GAJEVzzGV2yWzWkfJCP7_exM-4b1eKv6g@mail.gmail.com>

Maybe he just recognizes that computers are too exploited? Just an idea.
Maybe he considers quantumcomputing a reason?

For a US company it's impossible. Practically more so than legally.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 241 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/92043a10/attachment.txt>

From l at odewijk.nl  Sun Aug 25 17:38:33 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 26 Aug 2013 02:38:33 +0200
Subject: Equilibrium 51% Attack Cost of Bitcoin Network
In-Reply-To: <CADJYzxL-B4zQb5eq-OARq5U0C50BNFr=cA_uYVkoMqT9yfPz3Q@mail.gmail.com>
References: <CADJYzxL-B4zQb5eq-OARq5U0C50BNFr=cA_uYVkoMqT9yfPz3Q@mail.gmail.com>
Message-ID: <CAHWD2rLVf6QGCsBSak6cnz8mXxUmOsQ92J0R7-AOTBwZ9sr+xA@mail.gmail.com>

This is a bit self delusional. "Use your opponent's strength against him",
sway pools to support your cause. Or better yet: start pools with possibly
negative profit. Pay-per-share but you payout a tad more than you actually
could. That way people will consider your service the most profitable, ergo
the best, and flock to give you shares at an extremely discounted rated (it
only costs you whatever you add to it).

Better yet: force existing pool owners a: out of business, b: to support
you!

Better yet: subvert pool managing computers! Make the machines support you!
Or do MITM attacks to get the shares instead of the pools!

Maybe just subverting the developers (enough are US based, hint hint) to
write a teensy exploit.

Just cracking the central exchanges and everything that accepts Bitcoin
will also cause a rather big stir. A small division breaking into
bitcoin-accepting services and selling the bitcoins will lower the price
directly and decrease trust significantly.

Visa and Mastercard not providing services to Bitcoin accepting customers
would also be quite effective.

Bascially, the cost is lower legally than it is otherwise. And a 51% attack
can be solved with a trust model, should people wish to do so.

Lastly you must imagine there's plenty of computing power available to most
governments on that list. Temporarily using that power for the time of the
attack is a fairly good idea (depending on what you want to do with a 51%
attack), and not the full price at all. A cost/hr would be much more useful
(imho).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1758 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/f1f5eee0/attachment.txt>

From l at odewijk.nl  Sun Aug 25 17:39:21 2013
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 26 Aug 2013 02:39:21 +0200
Subject: NSLs, gag-orders, code-changes, coerced backdoors - any tech
 response? (Re: Lavabit and End-point Security)
In-Reply-To: <20130825080439.GK29404@leitl.org>
References: <20130809144310.GA29800@tuzo>
 <20130811101328.GA386@netbook.cypherspace.org>
 <CAHWD2r+uB+7oxAfbawvqRN4k_FXxQd0m+WvA-YZUprYLj5MBCQ@mail.gmail.com>
 <2311068.3YlhGehAQP@laptosid>
 <CAJq8BAMNZc-_nTF_OCt-fVsyCp7stMeJs3CXma0ARCWrS07pVg@mail.gmail.com>
 <CAD2Ti2_j2m4yCVOey3-uUEv=3bd3ZNMCzM7zSvujS8UN34d1KQ@mail.gmail.com>
 <20130825080439.GK29404@leitl.org>
Message-ID: <CAHWD2rKShxsPM4aosUH47FtJBeW7yj+j5kw8YoqtcMAEXBuLww@mail.gmail.com>

2013/8/25 Eugen Leitl <eugen at leitl.org>

> > For example, I think Tor may remain centralish rather than pure
> > dhtish for that purpose. But what if the centrality was undertaken
>
> If you want to scale to millions if not billions of nodes, what
> are your options?


You must have a really stupid P2P network if it doesn't scale. Can you even
still call it p2p if it doesn't scale?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 713 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/3eb363b1/attachment.txt>

From rysiek at hackerspace.pl  Sun Aug 25 22:07:53 2013
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 26 Aug 2013 07:07:53 +0200
Subject: [liberationtech] Why_can't_email_be_secure
In-Reply-To: <CAJVRA1TrLZ2g2+MBzZiW3SQAnWwp0SdL5giFntotDbLV1AEQKQ@mail.gmail.com>
References: <CA+AzaOdK63=469tCADnzr=nM_CyKWtDX9wLkWrEjVm5BVA_54Q@mail.gmail.com>
 <CAPKVt5LtuZzs5v0J29rDzvbjaR2sQaodeCZBJNyTr7+fzFC-nQ@mail.gmail.com>
 <CAJVRA1TrLZ2g2+MBzZiW3SQAnWwp0SdL5giFntotDbLV1AEQKQ@mail.gmail.com>
Message-ID: <4190572.pBfgp2QjXH@laptosid>

Dnia niedziela, 25 sierpnia 2013 13:40:38 coderman pisze:
> On Sun, Aug 25, 2013 at 12:26 PM, Ali-Reza Anghaie <ali at packetknife.com> 
wrote:
> > ...
> > And herein lies the problem - Silent Circle isn't talking to "us" -
> > they are talking to the other 99.99% of email users in the world.
> 
> and to StealthMonger's point about latest generation mix networks for
> best privacy, why not instead focus on building low latency protocols
> that are resistant to traffic analysis and confirmation?
> 
> make them datagram based; utilize user space stacks and latest
> research.  solving the low latency datagram anonymity problem enables
> existing usable private communication with the additional benefit of
> endpoint and peer anonymity.
> 
> i believe this possible to make useful, even if never infallible.
> certainly more possible than the odds of making truly scalable,
> available, and _usable_ mix mailer networks and clients for the
> masses.
> 
> 
> most important: make this low latency infrastructure usable and cross
> platform, so the implementations are easily adopted... like Napster
> and BitTorrent back in the day. ;)

It's a seemingly unsolvable conundrum:
 - start with a clean slate and create a new, "perfect" solution;
 - start with something people already use and improve it as much as possible.

The former approach has the risk of the solution not being adopted; the latter 
-- of the new solution not being good enough due to technicalities of the 
solution it is based on.

But maybe it could be possible to get the best of both worlds?

Had a new solution been created in a way that is usable via existing mail 
clients (e.g. implementing IMAP for message retrieval and SMTP for message 
submission) while designing and implementing a completely new way of 
comminicating server-to-server -- it might achieve just that.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/5fccdec3/attachment.sig>

From moritz at headstrong.de  Sun Aug 25 22:24:56 2013
From: moritz at headstrong.de (Moritz)
Date: Mon, 26 Aug 2013 07:24:56 +0200
Subject: Reject non-PGP mail (was: Re: Who bought off Zimmermann?)
In-Reply-To: <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>
 <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
Message-ID: <521AE6A8.1050902@headstrong.de>

On 26.08.2013 06:12, Bill Stewart wrote:
> You might be able to run an email service that scans inbound email for an
>         X-PGP-Encrypted: header, and if it sees "From:" or "Subject:"
> first,
> bounces the email with a 503 or 550: "Sorry, Encrypted Email Only, Get
> PGP at www.pgp.com",

If you're crazy enough to do so, here's a mail filter that rejects
non-PGP mail. Currently, it simply scans the first 5000 characters for
"-----BEGIN PGP MESSAGE-----", and, if not there, rejects with a 550.

https://github.com/moba/pgpmilter

We will use it soon for the onion.to Tor mail gateway:

https://lists.torproject.org/pipermail/tor-talk/2013-August/029464.html

--Mo




From perry at piermont.com  Mon Aug 26 07:02:54 2013
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 26 Aug 2013 10:02:54 -0400
Subject: [Cryptography] Formal Verification (was Re: Email and IM are ideal candidates for mix networks)
Message-ID: <mailman.4459.1575949052.62801.testlist@lists.cpunks.org>

On Sun, 25 Aug 2013 23:32:32 -0400 Jerry Leichter <leichter at lrw.com>
wrote:
> I think the goal to aim for is no patches!  Keep the device and its
> interfaces simple enough that you can get a decent formal proof of
> correctness, along with a ton of careful review and testing (per
> Don Knuth's comment somewhere to "Be careful of the following code,
> I've only proved it correct, not tested it") and then *leave it
> alone*.

I'd like to point out that this is no longer a pipe dream. The formal
verification of seL4, CompCert and other substantial pieces of code in
recent years shows the technology has improved a lot. Quark (the web
browser verified by the use of a "shim") has shown one can get
enormous leverage by formally verifying only tiny fractions of an
overall system comprising millions of lines of code, which is an
especially interesting technique in the context of existing large code
bases.

Formal verification is not a panacea. One has to know what to verify,
for example, and if you verify the wrong properties, you've gained
little. However, unlike current methods, if you discover you have
failed to verify a needed property, adding a theorem to your
development fixes that hole _completely_ and _forever_.

(Yes, you also need a verified toolchain, but given things like
CompCert, that is now doable.)

I'm something of a recent arrival to the world that developed the most
widely used tools for formal verification (like Coq), and so I'm in a
better position than most to explain how to learn about them.

I would be happy to produce an extended post on how to learn about
what is out there for people who are interested.

Warning: although in the long term there is no reason the tools cannot
be made very user friendly and easy to use, right now that is not the
case. This is not inherently so, it is just a feature of the
development history of the tools. Error messages tend to be pretty
poor, as is documentation, and the learning curve is steep. However,
in the long run, I'll state very directly I think the recent advances
in the state of the art in proof assistants are the most significant
new development in software quality in decades. The user
unfriendliness could be fixed by a new generation of users and
developers who started "further away from the problem".

Perry
-- 
Perry E. Metzger		perry at piermont.com
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From kylem at xwell.org  Mon Aug 26 08:21:58 2013
From: kylem at xwell.org (Kyle Maxwell)
Date: Mon, 26 Aug 2013 10:21:58 -0500
Subject: hardened *nix for Lenovo X60
In-Reply-To: <20130826150932.GP29404@leitl.org>
References: <20130826150932.GP29404@leitl.org>
Message-ID: <CAESvgEquKRV8qMM=dVpJrp5Z3aTa5O+Uf+p2dkmAwaJU8SSwVw@mail.gmail.com>

This is pretty much OpenBSD's bread and butter.

On Mon, Aug 26, 2013 at 10:09 AM, Eugen Leitl <eugen at leitl.org> wrote:
>
> I've managed to lay my hands onb a couple of Lenovo X60's that are
> in pretty good shape and would like to use them as a moderately secure
> communication/development system. (I'm not trusting my desktops,
> servers or mobile devices for obvious reasons). I'm loath to modify
> the hardware at this point, so I expect to only flash coreboot
> upon it.
>
> What kind of security-minded Linux or *BSD would you guys
> recommend? Liberte looks a bit too stable (cough, sorry Максим)),
> Kali is more for security h4x0rs. Anything else what is well-maintained
> yet borderline secure from *untargeted* TLA-level scrutiny?
>
> I'm okay with text-mostly distros, or minimalistic window
> managers. It shouldn't be a kitchensink of stuff I don't need,
> but on the other hand it's shouldn't be so secure it's
> unusable, either.
>
> Pointers to any HOWTOs or SOPs highly welcome. Tanks & machine guns.



-- 
@kylemaxwell




From dwhite at olp.net  Mon Aug 26 08:42:21 2013
From: dwhite at olp.net (Dan White)
Date: Mon, 26 Aug 2013 10:42:21 -0500
Subject: hardened *nix for Lenovo X60
In-Reply-To: <20130826150932.GP29404@leitl.org>
References: <20130826150932.GP29404@leitl.org>
Message-ID: <20130826154221.GD5279@dan.olp.net>

On 08/26/13 17:09 +0200, Eugen Leitl wrote:
>
>I've managed to lay my hands onb a couple of Lenovo X60's that are
>in pretty good shape and would like to use them as a moderately secure
>communication/development system. (I'm not trusting my desktops,
>servers or mobile devices for obvious reasons). I'm loath to modify
>the hardware at this point, so I expect to only flash coreboot
>upon it.
>
>What kind of security-minded Linux or *BSD would you guys
>recommend? Liberte looks a bit too stable (cough, sorry Максим)),
>Kali is more for security h4x0rs. Anything else what is well-maintained
>yet borderline secure from *untargeted* TLA-level scrutiny?
>
>I'm okay with text-mostly distros, or minimalistic window
>managers. It shouldn't be a kitchensink of stuff I don't need,
>but on the other hand it's shouldn't be so secure it's
>unusable, either.
>
>Pointers to any HOWTOs or SOPs highly welcome. Tanks & machine guns.

The boring recommendation: Debian

Pros:
* Lots of eyeballs
* Timely security updates (well, timely as far as vendors go)
* A wealth of pre-packed software, which can be twiddled down to size
* Some fancy features out of the box (like remotely booting a LUKS
   encrypted root filesystem via an initramfs ssh daemon)

Cons:
* Patching your locally installed (packaged) software must be done with
   Debian build scripts, or you quickly lose the benefits of the apt system
* Stupid patches have made it past the package maintainer (the OpenSSL
   2008 patch being the one that comes immediately to mind)

If you're willing to compile your own software or security updates, then I
think your choice of OS/distro may be mostly moot.

I'd recommend against a specialized security (linux) distro, unless you
know what you're doing. Support for many of them seems to be pretty spotty,
according to my unscientific observation from ##linux.




From taxakis at gmail.com  Mon Aug 26 02:00:19 2013
From: taxakis at gmail.com (taxakis)
Date: Mon, 26 Aug 2013 11:00:19 +0200
Subject: Reject non-PGP mail
In-Reply-To: <20130826061423.6307AE881@a-pb-sasl-quonix.pobox.com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <1377482941.19714.14048665.78F4D94C@webmail.messagingengine.com>
 <20130826041307.EFF98E56C@a-pb-sasl-quonix.pobox.com>
 <521AE6A8.1050902@headstrong.de>
 <20130826061423.6307AE881@a-pb-sasl-quonix.pobox.com>
Message-ID: <019101cea23a$b12e7da0$138b78e0$@com>


How about refusing any Tor traffic (as the EU already does), irrespective of
the used protocol, encrypted or not?

1. invent Tor
2. subsidize it
3. privatize it
4. force target traffic to use Tor
5. kill Tor access at nsp level
6. finish off remnants

If I'm correct Shava Nerad (ex-EFF) had a while ago some quite perky
pointers in that direction.

/T

... Oh, cool.  I was going for more paranoid than that - if you're an email
provider and the NSA has given you an order to retain all data and rat out
all your customers, theoretically you don't even want to accept that much,
but if it's feeding into Tor or some remailer anyway, non-PGP mail won't get
very far, and you're less likely to be the kind of service provider who gets
NSA/FISA orders.




From jya at pipeline.com  Mon Aug 26 08:38:12 2013
From: jya at pipeline.com (John Young)
Date: Mon, 26 Aug 2013 11:38:12 -0400
Subject: NSA Head: US Cyber Offense Is Best in World
Message-ID: <E1VDyow-00074t-H7@elasmtp-galgo.atl.sa.earthlink.net>

http://blogs.fas.org/secrecy/2013/08/cyber-offense/

NSA Head: US Cyber Offense Is Best in World

"Cyber offense requires a deep, persistent and pervasive
presence on adversary networks in order to precisely deliver
effects," Gen. Alexander explained in response to a question
from Rep. Trent Franks (R-AZ). "We maintain that access,
gain deep understanding of the adversary, and develop
offensive capabilities through the advanced skills and
tradecraft of our analysts, operators and developers.
When authorized to deliver offensive cyber effects, our
technological and operational superiority delivers
unparalleled effects against our adversaries' systems." 





From danimoth at cryptolab.net  Mon Aug 26 03:34:59 2013
From: danimoth at cryptolab.net (danimoth)
Date: Mon, 26 Aug 2013 12:34:59 +0200
Subject: Alternatives to Lavabit
In-Reply-To: <5217CE0B.8050401@gmail.com>
References: <5217CE0B.8050401@gmail.com>
Message-ID: <20130826103459.GA1554@jack>

On 23/08/13 at 11:03pm, Stakewinner00 wrote:
> Now that Lavabit is off, we should seek another server with encryption.
> My question are, there are another encrypted email service like Lavabit?
> Or we have to create a new encrypted email service?

I'm happy with susimail over I2P [1]

Have a nice day

[1]
http://sempersecurus.blogspot.it/2011/06/i2pthe-other-anonymous-network_18.html




From rich at openwatch.net  Mon Aug 26 16:08:03 2013
From: rich at openwatch.net (Rich Jones)
Date: Mon, 26 Aug 2013 16:08:03 -0700
Subject: Geotemporal Public Key Distribution
Message-ID: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>

This is a small, unfinished idea I had, but I'd be interested in hearing
any feedback anybody here might have to offer. Normally we talk about
cryptography to secure communications, but this is an idea rather about
verifying the authenticity of media.

[Quick backround: OpenWatch <https://openwatch.net> is a global citizen
media network using mobile phones as the basis for a free worldwide press.
We care very much about the authenticity of citizen media, and have
designed some systems
<https://github.com/Miserlou/CitizenMediaNotary>which attempt to
improve the verifiability of citizen media.]

The problem is that sometimes media artifacts are presented as a record of
a current event, when in fact they from different events. An example of
this was when images of a marathon race in Istanbul were presented as
images<http://twitchy.com/2013/06/01/debunked-photo-of-occupygezi-crowds-crossing-istanbul-bridge-is-a-fake/>of
the recent Occupy Gezi protests.

Now, imagine the globe divided into a grid coordinate system, say 100,000
units (or perhaps 232, if IP rather than physical address is to be used).
Based on their physical location, reporters can contact a server and are
assigned a key with which to sign or encrypt their media to. This then ties
a media object to a physical space. This can be further improved to include
both time and space by dividing a space-day into a number of units, suppose
1440, such that different keys would be handed out at different times of
the day, thus further tying a document to a moment in time as well.

Does anybody know if any systems like this have ever been discussed or
designed in the past? I suppose this is somewhat similar to the RSA-keyfob
system, although this allows for anonymous access without pre-arrangement
as well.

R
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1984 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/db447f34/attachment.txt>

From eugen at leitl.org  Mon Aug 26 07:11:45 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 26 Aug 2013 16:11:45 +0200
Subject: [Cryptography] Formal Verification (was Re: Email and IM are ideal
 candidates for mix networks)
Message-ID: <20130826141145.GM29404@leitl.org>

----- Forwarded message from "Perry E. Metzger" <perry at piermont.com> -----


From eugen at leitl.org  Mon Aug 26 08:09:32 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 26 Aug 2013 17:09:32 +0200
Subject: hardened *nix for Lenovo X60
Message-ID: <20130826150932.GP29404@leitl.org>


I've managed to lay my hands onb a couple of Lenovo X60's that are 
in pretty good shape and would like to use them as a moderately secure 
communication/development system. (I'm not trusting my desktops, 
servers or mobile devices for obvious reasons). I'm loath to modify 
the hardware at this point, so I expect to only flash coreboot 
upon it.

What kind of security-minded Linux or *BSD would you guys
recommend? Liberte looks a bit too stable (cough, sorry Максим)), 
Kali is more for security h4x0rs. Anything else what is well-maintained
yet borderline secure from *untargeted* TLA-level scrutiny?

I'm okay with text-mostly distros, or minimalistic window
managers. It shouldn't be a kitchensink of stuff I don't need,
but on the other hand it's shouldn't be so secure it's 
unusable, either.

Pointers to any HOWTOs or SOPs highly welcome. Tanks & machine guns. 




From rich at openwatch.net  Mon Aug 26 17:12:10 2013
From: rich at openwatch.net (Rich Jones)
Date: Mon, 26 Aug 2013 17:12:10 -0700
Subject: Geotemporal Public Key Distribution
In-Reply-To: <CAJq8BAM8wGh-umokXFXJt127qhx7rfv51vq5cWth+JuR_xTJyw@mail.gmail.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
 <CAJq8BAM8wGh-umokXFXJt127qhx7rfv51vq5cWth+JuR_xTJyw@mail.gmail.com>
Message-ID: <CADJYzxLndOPxLp7P4R4qnxq951m4o2CLqG0by4msyWQaoT9iNA@mail.gmail.com>

I'm familiar with J3M, but unfortunately none of the current J3M/informacam
techniques actually work, as they have no _external_ verifiability. There
isn't actually any information which ties the media to a place or a time,
it's just information encoded into data which could be applied to any
document at any time. By factoring the network, a geotemporal pkey system
would address this problem. J3M is good for tying information to a specific
device (sort of) - but not to a place or a time.

R


On Mon, Aug 26, 2013 at 4:58 PM, Lee Azzarello <lee at guardianproject.info>wrote:

> Informacam
>
> "InformaCam is a mobile application for Android that enables users to
> inflate image and video with extra points of data, or metadata. The
> metadata includes information like the user’s current GPS coordinates,
> altitude, compass bearing, light meter readings, the signatures of
> neighboring devices, cell towers, and wifi networks; and serves to
> shed light on the exact circumstances and contexts under which the
> digital image was taken. With InformaCam the app starts to behave
> almost like Adobe Photoshop or GIMP, supporting non-destructive,
> layer-based edits to media built on top of Obscuracam."
>
> https://guardianproject.info/apps/informacam/
>
> There is a sub-project to standardize metadata called j3m.
> http://j3m.info/
>
> -lee
>
> On Mon, Aug 26, 2013 at 7:08 PM, Rich Jones <rich at openwatch.net> wrote:
> > This is a small, unfinished idea I had, but I'd be interested in hearing
> any
> > feedback anybody here might have to offer. Normally we talk about
> > cryptography to secure communications, but this is an idea rather about
> > verifying the authenticity of media.
> >
> > [Quick backround: OpenWatch is a global citizen media network using
> mobile
> > phones as the basis for a free worldwide press. We care very much about
> the
> > authenticity of citizen media, and have designed some systems which
> attempt
> > to improve the verifiability of citizen media.]
> >
> > The problem is that sometimes media artifacts are presented as a record
> of a
> > current event, when in fact they from different events. An example of
> this
> > was when images of a marathon race in Istanbul were presented as images
> of
> > the recent Occupy Gezi protests.
> >
> > Now, imagine the globe divided into a grid coordinate system, say 100,000
> > units (or perhaps 232, if IP rather than physical address is to be used).
> > Based on their physical location, reporters can contact a server and are
> > assigned a key with which to sign or encrypt their media to. This then
> ties
> > a media object to a physical space. This can be further improved to
> include
> > both time and space by dividing a space-day into a number of units,
> suppose
> > 1440, such that different keys would be handed out at different times of
> the
> > day, thus further tying a document to a moment in time as well.
> >
> > Does anybody know if any systems like this have ever been discussed or
> > designed in the past? I suppose this is somewhat similar to the
> RSA-keyfob
> > system, although this allows for anonymous access without
> pre-arrangement as
> > well.
> >
> > R
>
>


-- 
—————————————

Rich Jones
*
OpenWatch* is a global investigative network using mobile technology to
build a more transparent world. Download OpenWatch for
iOS<https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8>and
for
Android<https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en>
!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5017 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/35f33849/attachment.txt>

From eugen at leitl.org  Mon Aug 26 08:26:29 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Mon, 26 Aug 2013 17:26:29 +0200
Subject: hardened *nix for Lenovo X60
In-Reply-To: <CAESvgEquKRV8qMM=dVpJrp5Z3aTa5O+Uf+p2dkmAwaJU8SSwVw@mail.gmail.com>
References: <20130826150932.GP29404@leitl.org>
 <CAESvgEquKRV8qMM=dVpJrp5Z3aTa5O+Uf+p2dkmAwaJU8SSwVw@mail.gmail.com>
Message-ID: <20130826152629.GR29404@leitl.org>

On Mon, Aug 26, 2013 at 10:21:58AM -0500, Kyle Maxwell wrote:
> This is pretty much OpenBSD's bread and butter.

That's certainly what Theo likes to think. But is this actually true?

And of course the question is whether a modern hardened Linux
isn't meanwhile doing as good or arguably slightly better as an 
OpenBSD, on a ~2007 era notebook.




From perry at piermont.com  Mon Aug 26 14:32:38 2013
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 26 Aug 2013 17:32:38 -0400
Subject: [Cryptography] Is Traffic Analysis the problem (was Re: Good private email)
Message-ID: <mailman.4460.1575949052.62801.testlist@lists.cpunks.org>

On Mon, 26 Aug 2013 14:53:54 -0400 Richard Salz <rich.salz at gmail.com>
wrote:
> > Traffic analysis is the problem
> 
> Do you really think that for most people on the planet, that it is?

Probably. If one's threat model is mass dragnet surveillance, traffic
analysis is far too useful a way for the enemy to figure out who to
subject to detailed analysis. The fact that quite so much traffic
analysis data is being collected and saved right now should be a
warning -- people who have huge budgets seem to think that it is an
interesting way to snoop.

Imagine you're the dictator of a country, and you want to figure out
who all your political enemies are so you can throw them in camps.
Simply producing the social network graph connecting up a few known
activists to their tightest cluster of common contacts is going to
give you loads of juicy information on who to spy on in detail and
likely who to detain. Indeed, the traffic analysis information is
probably the best way to figure out where to look for the needles in
the haystack.

> Hey folks, go off and design your perfect secure system. Build a
> prototype or alpha-test even. And then watch while the millions of
> people who could benefit from private email, and the few who could
> use it as an infrastructure to build more services, ignore you.

It doesn't have to be either-or. :)

There are a lot of people in the community. Working on many different
approaches is probably for the best. It is hard to tell, a priori,
what will happen to take off.

Perry
-- 
Perry E. Metzger		perry at piermont.com
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From rich at openwatch.net  Mon Aug 26 17:34:07 2013
From: rich at openwatch.net (Rich Jones)
Date: Mon, 26 Aug 2013 17:34:07 -0700
Subject: Geotemporal Public Key Distribution
In-Reply-To: <CAJq8BAMOx+w0OkDF3bT5PCweVR_nmia4xE==3KVCq7piD6ZPtg@mail.gmail.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
 <CAJq8BAM8wGh-umokXFXJt127qhx7rfv51vq5cWth+JuR_xTJyw@mail.gmail.com>
 <CADJYzxLndOPxLp7P4R4qnxq951m4o2CLqG0by4msyWQaoT9iNA@mail.gmail.com>
 <CAJq8BAMOx+w0OkDF3bT5PCweVR_nmia4xE==3KVCq7piD6ZPtg@mail.gmail.com>
Message-ID: <CADJYzx+b=uHb2982iL8eBBjzvuSHLfkEkutMGuhM0EmG2R8FRg@mail.gmail.com>

Yeah, with J3M, it relies on the user to supply their own sensor data,
which is obviously problematic if the use case is to prevent forgery (if
it's just for archival purposes, it works fine.) With a networked system,
the location would be determined from the traffic source or similar.


On Mon, Aug 26, 2013 at 5:25 PM, Lee Azzarello <lee at guardianproject.info>wrote:

> I don't fully understand the model that excludes GPS data as a
> provider of a "specific place". Would the GPS satellites and ground
> units be an "external" data source? If so, is your assertion that GPS
> data from a device's logging app could be forged in transit?
>
> -lee
>
> On Mon, Aug 26, 2013 at 8:12 PM, Rich Jones <rich at openwatch.net> wrote:
> > I'm familiar with J3M, but unfortunately none of the current
> J3M/informacam
> > techniques actually work, as they have no _external_ verifiability. There
> > isn't actually any information which ties the media to a place or a time,
> > it's just information encoded into data which could be applied to any
> > document at any time. By factoring the network, a geotemporal pkey system
> > would address this problem. J3M is good for tying information to a
> specific
> > device (sort of) - but not to a place or a time.
> >
> > R
> >
> >
> > On Mon, Aug 26, 2013 at 4:58 PM, Lee Azzarello <lee at guardianproject.info
> >
> > wrote:
> >>
> >> Informacam
> >>
> >> "InformaCam is a mobile application for Android that enables users to
> >> inflate image and video with extra points of data, or metadata. The
> >> metadata includes information like the user’s current GPS coordinates,
> >> altitude, compass bearing, light meter readings, the signatures of
> >> neighboring devices, cell towers, and wifi networks; and serves to
> >> shed light on the exact circumstances and contexts under which the
> >> digital image was taken. With InformaCam the app starts to behave
> >> almost like Adobe Photoshop or GIMP, supporting non-destructive,
> >> layer-based edits to media built on top of Obscuracam."
> >>
> >> https://guardianproject.info/apps/informacam/
> >>
> >> There is a sub-project to standardize metadata called j3m.
> >> http://j3m.info/
> >>
> >> -lee
> >>
> >> On Mon, Aug 26, 2013 at 7:08 PM, Rich Jones <rich at openwatch.net> wrote:
> >> > This is a small, unfinished idea I had, but I'd be interested in
> hearing
> >> > any
> >> > feedback anybody here might have to offer. Normally we talk about
> >> > cryptography to secure communications, but this is an idea rather
> about
> >> > verifying the authenticity of media.
> >> >
> >> > [Quick backround: OpenWatch is a global citizen media network using
> >> > mobile
> >> > phones as the basis for a free worldwide press. We care very much
> about
> >> > the
> >> > authenticity of citizen media, and have designed some systems which
> >> > attempt
> >> > to improve the verifiability of citizen media.]
> >> >
> >> > The problem is that sometimes media artifacts are presented as a
> record
> >> > of a
> >> > current event, when in fact they from different events. An example of
> >> > this
> >> > was when images of a marathon race in Istanbul were presented as
> images
> >> > of
> >> > the recent Occupy Gezi protests.
> >> >
> >> > Now, imagine the globe divided into a grid coordinate system, say
> >> > 100,000
> >> > units (or perhaps 232, if IP rather than physical address is to be
> >> > used).
> >> > Based on their physical location, reporters can contact a server and
> are
> >> > assigned a key with which to sign or encrypt their media to. This then
> >> > ties
> >> > a media object to a physical space. This can be further improved to
> >> > include
> >> > both time and space by dividing a space-day into a number of units,
> >> > suppose
> >> > 1440, such that different keys would be handed out at different times
> of
> >> > the
> >> > day, thus further tying a document to a moment in time as well.
> >> >
> >> > Does anybody know if any systems like this have ever been discussed or
> >> > designed in the past? I suppose this is somewhat similar to the
> >> > RSA-keyfob
> >> > system, although this allows for anonymous access without
> >> > pre-arrangement as
> >> > well.
> >> >
> >> > R
> >>
> >
> >
> >
> > --
> > —————————————
> >
> > Rich Jones
> >
> > OpenWatch is a global investigative network using mobile technology to
> build
> > a more transparent world. Download OpenWatch for iOS and for Android!
>
>


-- 
—————————————

Rich Jones
*
OpenWatch* is a global investigative network using mobile technology to
build a more transparent world. Download OpenWatch for
iOS<https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8>and
for
Android<https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en>
!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 7008 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/a6fd898f/attachment.txt>

From jens at hillerup.net  Mon Aug 26 09:00:21 2013
From: jens at hillerup.net (Jens Christian Hillerup)
Date: Mon, 26 Aug 2013 18:00:21 +0200
Subject: hardened *nix for Lenovo X60
In-Reply-To: <20130826150932.GP29404@leitl.org>
References: <20130826150932.GP29404@leitl.org>
Message-ID: <CAMGhuPGe_GdNtDzL8qRmCiyCR4b9Fy7LYnm0jLc9ekHaxY-rwA@mail.gmail.com>

On Mon, Aug 26, 2013 at 5:09 PM, Eugen Leitl <eugen at leitl.org> wrote:

>
> I've managed to lay my hands onb a couple of Lenovo X60's that are
> in pretty good shape and would like to use them as a moderately secure
> communication/development system.


If you're paranoid about lower-level backdoors you could have a look at the
open-source BIOS implementation CoreBoot(.org) which has support for the
X60 series. A plus is that you get super-fast boot times! Here's Peter
Stuge explaining some stuff about the project much better than I'm able to:
http://www.youtube.com/watch?v=HKdLhbmjrDI

JC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1072 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/92c71ec2/attachment.txt>

From gutemhc at gmail.com  Mon Aug 26 14:49:58 2013
From: gutemhc at gmail.com (Gutem)
Date: Mon, 26 Aug 2013 18:49:58 -0300
Subject: hardened *nix for Lenovo X60
In-Reply-To: <20130826150932.GP29404@leitl.org>
References: <20130826150932.GP29404@leitl.org>
Message-ID: <CAEEDy1zbvgCET3nhY=cNZ-gNgYaSBLqLAouOabF8Om7fKWML_g@mail.gmail.com>

I'm giving Crunchbang a try...

http://crunchbang.org/

It's easy to customize, turning into a Pentest Distro or Dev environment,
in example...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 239 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/6e966ea0/attachment.txt>

From lee at guardianproject.info  Mon Aug 26 16:58:12 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Mon, 26 Aug 2013 19:58:12 -0400
Subject: Geotemporal Public Key Distribution
In-Reply-To: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
Message-ID: <CAJq8BAM8wGh-umokXFXJt127qhx7rfv51vq5cWth+JuR_xTJyw@mail.gmail.com>

Informacam

"InformaCam is a mobile application for Android that enables users to
inflate image and video with extra points of data, or metadata. The
metadata includes information like the user’s current GPS coordinates,
altitude, compass bearing, light meter readings, the signatures of
neighboring devices, cell towers, and wifi networks; and serves to
shed light on the exact circumstances and contexts under which the
digital image was taken. With InformaCam the app starts to behave
almost like Adobe Photoshop or GIMP, supporting non-destructive,
layer-based edits to media built on top of Obscuracam."

https://guardianproject.info/apps/informacam/

There is a sub-project to standardize metadata called j3m. http://j3m.info/

-lee

On Mon, Aug 26, 2013 at 7:08 PM, Rich Jones <rich at openwatch.net> wrote:
> This is a small, unfinished idea I had, but I'd be interested in hearing any
> feedback anybody here might have to offer. Normally we talk about
> cryptography to secure communications, but this is an idea rather about
> verifying the authenticity of media.
>
> [Quick backround: OpenWatch is a global citizen media network using mobile
> phones as the basis for a free worldwide press. We care very much about the
> authenticity of citizen media, and have designed some systems which attempt
> to improve the verifiability of citizen media.]
>
> The problem is that sometimes media artifacts are presented as a record of a
> current event, when in fact they from different events. An example of this
> was when images of a marathon race in Istanbul were presented as images of
> the recent Occupy Gezi protests.
>
> Now, imagine the globe divided into a grid coordinate system, say 100,000
> units (or perhaps 232, if IP rather than physical address is to be used).
> Based on their physical location, reporters can contact a server and are
> assigned a key with which to sign or encrypt their media to. This then ties
> a media object to a physical space. This can be further improved to include
> both time and space by dividing a space-day into a number of units, suppose
> 1440, such that different keys would be handed out at different times of the
> day, thus further tying a document to a moment in time as well.
>
> Does anybody know if any systems like this have ever been discussed or
> designed in the past? I suppose this is somewhat similar to the RSA-keyfob
> system, although this allows for anonymous access without pre-arrangement as
> well.
>
> R




From lee at guardianproject.info  Mon Aug 26 17:25:10 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Mon, 26 Aug 2013 20:25:10 -0400
Subject: Geotemporal Public Key Distribution
In-Reply-To: <CADJYzxLndOPxLp7P4R4qnxq951m4o2CLqG0by4msyWQaoT9iNA@mail.gmail.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
 <CAJq8BAM8wGh-umokXFXJt127qhx7rfv51vq5cWth+JuR_xTJyw@mail.gmail.com>
 <CADJYzxLndOPxLp7P4R4qnxq951m4o2CLqG0by4msyWQaoT9iNA@mail.gmail.com>
Message-ID: <CAJq8BAMOx+w0OkDF3bT5PCweVR_nmia4xE==3KVCq7piD6ZPtg@mail.gmail.com>

I don't fully understand the model that excludes GPS data as a
provider of a "specific place". Would the GPS satellites and ground
units be an "external" data source? If so, is your assertion that GPS
data from a device's logging app could be forged in transit?

-lee

On Mon, Aug 26, 2013 at 8:12 PM, Rich Jones <rich at openwatch.net> wrote:
> I'm familiar with J3M, but unfortunately none of the current J3M/informacam
> techniques actually work, as they have no _external_ verifiability. There
> isn't actually any information which ties the media to a place or a time,
> it's just information encoded into data which could be applied to any
> document at any time. By factoring the network, a geotemporal pkey system
> would address this problem. J3M is good for tying information to a specific
> device (sort of) - but not to a place or a time.
>
> R
>
>
> On Mon, Aug 26, 2013 at 4:58 PM, Lee Azzarello <lee at guardianproject.info>
> wrote:
>>
>> Informacam
>>
>> "InformaCam is a mobile application for Android that enables users to
>> inflate image and video with extra points of data, or metadata. The
>> metadata includes information like the user’s current GPS coordinates,
>> altitude, compass bearing, light meter readings, the signatures of
>> neighboring devices, cell towers, and wifi networks; and serves to
>> shed light on the exact circumstances and contexts under which the
>> digital image was taken. With InformaCam the app starts to behave
>> almost like Adobe Photoshop or GIMP, supporting non-destructive,
>> layer-based edits to media built on top of Obscuracam."
>>
>> https://guardianproject.info/apps/informacam/
>>
>> There is a sub-project to standardize metadata called j3m.
>> http://j3m.info/
>>
>> -lee
>>
>> On Mon, Aug 26, 2013 at 7:08 PM, Rich Jones <rich at openwatch.net> wrote:
>> > This is a small, unfinished idea I had, but I'd be interested in hearing
>> > any
>> > feedback anybody here might have to offer. Normally we talk about
>> > cryptography to secure communications, but this is an idea rather about
>> > verifying the authenticity of media.
>> >
>> > [Quick backround: OpenWatch is a global citizen media network using
>> > mobile
>> > phones as the basis for a free worldwide press. We care very much about
>> > the
>> > authenticity of citizen media, and have designed some systems which
>> > attempt
>> > to improve the verifiability of citizen media.]
>> >
>> > The problem is that sometimes media artifacts are presented as a record
>> > of a
>> > current event, when in fact they from different events. An example of
>> > this
>> > was when images of a marathon race in Istanbul were presented as images
>> > of
>> > the recent Occupy Gezi protests.
>> >
>> > Now, imagine the globe divided into a grid coordinate system, say
>> > 100,000
>> > units (or perhaps 232, if IP rather than physical address is to be
>> > used).
>> > Based on their physical location, reporters can contact a server and are
>> > assigned a key with which to sign or encrypt their media to. This then
>> > ties
>> > a media object to a physical space. This can be further improved to
>> > include
>> > both time and space by dividing a space-day into a number of units,
>> > suppose
>> > 1440, such that different keys would be handed out at different times of
>> > the
>> > day, thus further tying a document to a moment in time as well.
>> >
>> > Does anybody know if any systems like this have ever been discussed or
>> > designed in the past? I suppose this is somewhat similar to the
>> > RSA-keyfob
>> > system, although this allows for anonymous access without
>> > pre-arrangement as
>> > well.
>> >
>> > R
>>
>
>
>
> --
> —————————————
>
> Rich Jones
>
> OpenWatch is a global investigative network using mobile technology to build
> a more transparent world. Download OpenWatch for iOS and for Android!




From johndown at i2pmail.org  Mon Aug 26 13:44:39 2013
From: johndown at i2pmail.org (John Down)
Date: Mon, 26 Aug 2013 20:44:39 +0000 (UTC)
Subject: hardened *nix for Lenovo X60
In-Reply-To: <20130826160525.53FBFAE253@smtp.postman.i2p>
References: <20130826150932.GP29404@leitl.org>
 <20130826160525.53FBFAE253@smtp.postman.i2p>
Message-ID: <20130826204439.AF01EAE248@smtp.postman.i2p>


If so, then worth to have a look at hardened gentoo to have full
control over the process how the system is built, what patches are
applied, etc

On Mon, Aug 26, 2013 at 04:05:25PM +0000, Dan White wrote:
> On 08/26/13 17:09 +0200, Eugen Leitl wrote:
> >
> >I've managed to lay my hands onb a couple of Lenovo X60's that are
> >in pretty good shape and would like to use them as a moderately secure
> >communication/development system. (I'm not trusting my desktops,
> >servers or mobile devices for obvious reasons). I'm loath to modify
> >the hardware at this point, so I expect to only flash coreboot
> >upon it.
> >
> >What kind of security-minded Linux or *BSD would you guys
> >recommend? Liberte looks a bit too stable (cough, sorry Максим)),
> >Kali is more for security h4x0rs. Anything else what is well-maintained
> >yet borderline secure from *untargeted* TLA-level scrutiny?
> >
> >I'm okay with text-mostly distros, or minimalistic window
> >managers. It shouldn't be a kitchensink of stuff I don't need,
> >but on the other hand it's shouldn't be so secure it's
> >unusable, either.
> >
> >Pointers to any HOWTOs or SOPs highly welcome. Tanks & machine guns.
> 
> The boring recommendation: Debian
> 
> Pros:
> * Lots of eyeballs
> * Timely security updates (well, timely as far as vendors go)
> * A wealth of pre-packed software, which can be twiddled down to size
> * Some fancy features out of the box (like remotely booting a LUKS
>    encrypted root filesystem via an initramfs ssh daemon)
> 
> Cons:
> * Patching your locally installed (packaged) software must be done with
>    Debian build scripts, or you quickly lose the benefits of the apt system
> * Stupid patches have made it past the package maintainer (the OpenSSL
>    2008 patch being the one that comes immediately to mind)
> 
> If you're willing to compile your own software or security updates, then I
> think your choice of OS/distro may be mostly moot.
> 
> I'd recommend against a specialized security (linux) distro, unless you
> know what you're doing. Support for many of them seems to be pretty spotty,
> according to my unscientific observation from ##linux.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: Digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130826/1ef75c88/attachment.sig>

From collin at sibilance.org  Mon Aug 26 19:53:47 2013
From: collin at sibilance.org (Collin RM Stocks)
Date: Mon, 26 Aug 2013 22:53:47 -0400
Subject: [liberationtech] How Laura Poitras Helped Snowden Spill His
 Secrets
In-Reply-To: <CAHOTMVJFUdE1KYGdccohg1s9ODmC04Rn5WVP-T6d3QFDAiLV7w@mail.gmail.com>
References: <20130821121612.GF29404@leitl.org>
 <CAHOTMVJFUdE1KYGdccohg1s9ODmC04Rn5WVP-T6d3QFDAiLV7w@mail.gmail.com>
Message-ID: <521C14BB.7070609@sibilance.org>

While this is something that could be possible, it is unlikely to have 
actually occurred. In reality, there is some security in ensuring that 
there is only one opportunity for an adversary to compromise 
communication. If they miss that opportunity, the adversary's game is over.

So, unless either 1) you are already of particular interest to the NSA, 
or 2) the NSA makes a habit of performing MitM attacks on people who 
email their public key, this protocol is probably safe for you. Not 
"256-bit equivalent" (or even "40-bit equivalent") safe, but probably safe.

On 08/21/2013 03:43 PM, Tony Arcieri wrote:
> On Wed, Aug 21, 2013 at 5:16 AM, Eugen Leitl <eugen at leitl.org
> <mailto:eugen at leitl.org>> wrote:
>
>     This past January, Laura Poitras received a curious e-mail from an
>     anonymous
>     stranger requesting her public encryption key. For almost two years,
>     Poitras
>     had been working on a documentary about surveillance, and she
>     occasionally
>     received queries from strangers. She replied to this one and sent
>     her public
>     key — allowing him or her to send an encrypted e-mail that only
>     Poitras could
>     open, with her private key
>
>
> Then the NSA MitMed her unauthenticated plaintext email, replacing her
> public key with theirs, and were able to intercept all of the Snowden
> emails. Oops!
>
> --
> Tony Arcieri




From rtomek at ceti.pl  Mon Aug 26 14:25:54 2013
From: rtomek at ceti.pl (Tomasz Rola)
Date: Mon, 26 Aug 2013 23:25:54 +0200 (CEST)
Subject: hardened *nix for Lenovo X60
In-Reply-To: <20130826154221.GD5279@dan.olp.net>
References: <20130826150932.GP29404@leitl.org>
 <20130826154221.GD5279@dan.olp.net>
Message-ID: <Pine.LNX.4.64.1308262059540.31143@tau.ceti.pl>

On Mon, 26 Aug 2013, Dan White wrote:

> On 08/26/13 17:09 +0200, Eugen Leitl wrote:
> >
> >I've managed to lay my hands onb a couple of Lenovo X60's that are
> >in pretty good shape and would like to use them as a moderately secure
> >communication/development system. (I'm not trusting my desktops,
> >servers or mobile devices for obvious reasons). I'm loath to modify
> >the hardware at this point, so I expect to only flash coreboot
> >upon it.

I think "moderate" is the right choice of a word. Not sure how moderate 
you want to go in your moderating, how about removing wifi (it's on PCIe 
card, AFAIK), or, say, crushing BT with heavy pincers? No, I cannot 
recomend anything like this, I didn't allow pincers into my laptop...

> >What kind of security-minded Linux or *BSD would you guys
> >recommend? Liberte looks a bit too stable (cough, sorry ??????)),
> >Kali is more for security h4x0rs. Anything else what is well-maintained
> >yet borderline secure from *untargeted* TLA-level scrutiny?

I have recently tried a few Debian-related distros on my X61 (which seems 
to be smaller brother of X60, i.e. lots of shared hw AFAIK). Ubuntu and 
Mint boot and work o-o-t-box. Those were just for testing :-/, Debian 
works too, with X and sound (not sure if I used sound under Debian). 
FreeBSD - for some reason I am always between after-install and 
comfortable-using it, at least on laptops and desktops, which is where I 
tried it so far. Booted it few times into console, X doesn't work on X61, 
for me.

> >I'm okay with text-mostly distros, or minimalistic window
> >managers. It shouldn't be a kitchensink of stuff I don't need,
> >but on the other hand it's shouldn't be so secure it's
> >unusable, either.
> >
> >Pointers to any HOWTOs or SOPs highly welcome. Tanks & machine guns.
> 
> The boring recommendation: Debian

Seconded, for the pros you gave. I'd consider recompiling kernel. 

Debian does not have the most recently updated hot-fancy-pansy software, 
other than security updates - but even in this case, I'd say priority is 
to backport patch into version included in one's current Debian 
distribution. So soft is acceptably new when I dist-upgrade but as months 
go by, it gets a bit old. OTOH, during my circa 15 years of using it, I 
rarely felt bad about not having the latest version of something 
installed. With some exceptions, like browsers, java and mplayer, but see 
below. Most of the other soft I use is stable enough to not undergo 
revolutionary changes. And besides, I don't really want to be surprised by 
a bug which took a free ride on top of some revolutionary change.

One huge pro, so far, is that Debian does not push its choice of window 
manager down my throat. I use fvwm and I want it to stay so (after 
extensive periods of gnome and kde, so I guess they lack something). For a 
laptop, I would either use a console with screen or maybe some mouseless 
WM - there is plenty to choose from (try to befriend aptitude and apt-* 
tools). The default in newer distro is some lightweight decently looking 
kde-replacement, forgot its name, should be good for noncomputing 
parents/spouses/siblings (children would use Android/iOS anyway).

Another good pro is ability to download full source code (about 7-8 dvds, 
security updates put onto separate disc) and compile it while in places 
without easy net access. At least I assume it would work. This pro is of 
course shared by some other OSes, too. In case of Debian, however, I guess 
it's safe to assume that all sources fit nicely with each other, compile 
without complaining, so once you got full copy it is all that you will 
need. This theory I am yet to test - I know this all compiles on devel's 
cluster but I think I should test before I claim anything more.

[...]
> Cons:
> * Patching your locally installed (packaged) software must be done with
>   Debian build scripts, or you quickly lose the benefits of the apt system
> * Stupid patches have made it past the package maintainer (the OpenSSL
>   2008 patch being the one that comes immediately to mind)

As of patching packages, I don't do it because I never had such need. 
Albeit I tinkered a bit with them when I decided to backport some new 
packages into my oldie distro. Tools for this are rather easy to use, but 
from time to time one has to modify some file so the new stuff compiles 
with older lib etc. Sometimes, such backporting turns into recursive 
backporting which is why emacs is one of the compiler's helper tools :-).

When I want newer version of something, I use stow for stuff going into 
/usr/local and for some other stuff (browsers, compilers etc) I tell them 
to install into /opt/{specific_dir}. Thus the core of my sys remains 
stable and pure, like the devs meant it to be. Stuff from /usr/local is on 
standard PATH and LD_LIBRARY_PATH, so it is more integrated into usual sys 
works. Stuff from /opt I use by adding apropriate dirs into ENV variables. 
Thus I can easily switch between various versions - or revert to stable 
defaults when I have to.

And last but not least, there are third party repositories (chrome, opera, 
backports, marillat and some more) which offer latest versions and work 
with one's current distro. Those are easy to add - just a line or two in 
/etc/apt/sources.list, aptitude update and you rulez ;-) .

A some kind of cons is this: after many many many years and many 
dist-upgrades, so much cruft is collected in /etc (mostly, my mods to 
config files, backups of mods and origs, some custom scripts residing in 
/etc for no better place and the like) that one seriously considers 
installing from a scratch. Other than this, I consider my current os to be 
twelve years old and counting :-). Perhaps it's time to put /etc into some 
kind of version control regime. Longevity has its own share of strange 
problems and strange solutions - not that I am against longevity.

> If you're willing to compile your own software or security updates, then I
> think your choice of OS/distro may be mostly moot.

Sooner or later you will want to compile, so don't worry. I'd have still 
used Debian, with Slackware or Gentoo being strong secondary choices. But 
I don't have significant experience with those, so I can't recommend.

> I'd recommend against a specialized security (linux) distro, unless you
> know what you're doing. Support for many of them seems to be pretty spotty,
> according to my unscientific observation from ##linux.

Yep. Debian, at least, is quite well documented. dwww is my tried old 
friend. It's possible to install books and manuals from additional 
packages, those integrate nicely into dwww and can later be accessed 
with a browser. dwww includes manpages and infopages into this common 
browsable interface, too, very very cute.

But if you desire a lot to go exotic way, you may have a look at this:

http://wiki.qubes-os.org/trac/wiki

http://theinvisiblethings.blogspot.com/

I didn't try it. But it looks interesting. Maybe it's worth a try.

Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola at bigfoot.com             **

From pgut001 at cs.auckland.ac.nz  Mon Aug 26 17:28:54 2013
From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Date: Tue, 27 Aug 2013 00:28:54 +0000
Subject: [Cryptography] Implementations, attacks on DHTs, Mix Nets?
Message-ID: <mailman.4461.1575949053.62801.testlist@lists.cpunks.org>

Ralph Holz <ralph-cryptometzger at ralphholz.de> writes:

>There is a host of older literature, too - P2P research, however, has become
>a cold topic. Although I expect that it will see a revival in the face of
>surveillance.

For people who are interested, the list I have (for a year or two back) is:

"Security Considerations for Peer-to-Peer Distributed Hash Tables", Emil Sit
and Robert Morris, Proceedings of the 1st International Workshop on Peer-to-
Peer Systems (IPTPS'01), Springer-Verlag LNCS No.2429, March 2002, p.261.

"A Survey of Peer-to-Peer Security Issues", Dan Wallach, Proceedings of the
2002 International Symposium on Software Security (ISSS'02), Springer-Verlag
LNCS No.2609, November 2002, p.42.

"Eclipse Attacks on Overlay Networks: Threats and Defenses", Atul Singh,
Tsuen-Wan Ngan, Peter Druschel and Dan Wallach, Proceedings of the 25th
International Conference on Computer Communications (INFOCOM'06), April 2006,

"The Index Poisoning Attack in P2P File Sharing Systems", Jian Liang, Naoum
Naoumov and Keith Ross, Proceedings of the 25th Conference on Computer
Communications (INFOCOM'06), April 2006,

"Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network",
Michael Kohnen, Mike Leske and Erwin Rathgeb, Proceedings of the 8th IFIP-TC 6
Networking Conference (Networking'09), Springer-Verlag LNCS No.5550, May 2009,
p.104.

"Combating Index Poisoning in P2P File Sharing", Lingli Deng, Yeping He and
Ziyao Xu, Proceedings of the 3rd Conference and Workshops on Advances in
Information Security and Assurance (ISA'09), Springer-Verlag LNCS No.5576,
June 2009, p.358.

"Hashing it out in public: Common failure modes of DHT-based anonymity
schemes", Andrew Tran, Nicholas Hopper and Yongdae Kim, Proceedings of the 8th
Workshop on Privacy in the Electronic Society (WPES'09), November 2009, p.71.

"Poisoning the Kad Network", Thomas Locher, David Mysicka, Stefan Schmid and
Roger Wattenhofer, Proceedings of the 11th International Conference on
Distributed Computing and Networking (ICDCN'10), Springer-Verlag LNCS No.5935,
January 2010, p.195.

If there's anything significant I've missed, feel free to fill in the gaps.

Peter.
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From rtomek at ceti.pl  Mon Aug 26 15:44:20 2013
From: rtomek at ceti.pl (Tomasz Rola)
Date: Tue, 27 Aug 2013 00:44:20 +0200 (CEST)
Subject: hardened *nix for Lenovo X60
In-Reply-To: <Pine.LNX.4.64.1308262059540.31143@tau.ceti.pl>
References: <20130826150932.GP29404@leitl.org>
 <20130826154221.GD5279@dan.olp.net>
 <Pine.LNX.4.64.1308262059540.31143@tau.ceti.pl>
Message-ID: <Pine.LNX.4.64.1308270029070.31143@tau.ceti.pl>

On Mon, 26 Aug 2013, Tomasz Rola wrote:

> > The boring recommendation: Debian
> 
> Seconded, for the pros you gave. I'd consider recompiling kernel. 

Oh, BTW. With regard to security etc, this is how my (oldie) dist says:

 =>  (501 1):   apt-cache search harden | sort | less
elfsh - The ELF shell
eresi - The ERESI Reverse Engineering Software Interface
harden - Makes your system hardened
harden-clients - Avoid clients that are known to be insecure
harden-development - Development tools for creating more secure programs
harden-doc - Useful documentation to secure a Debian system
harden-environment - Hardened system environment
harden-nids - Harden a system by using a network intrusion detection 
system
harden-remoteaudit - Audit your remote systems from this host
harden-servers - Avoid servers that are known to be insecure
harden-surveillance - Check services and/or servers automatically
harden-tools - Tools to enhance or analyze the security of the local 
system
hardening-includes - Makefile for enabling compiler flags for security 
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
mrb - Manage incremental data snapshots with make/rsync
mz - versatile packet creation and network traffic generation tool
php4-suhosin - advanced protection module for php4
(END) 

Also,

http://www.debian.org/doc/manuals/securing-debian-howto/

http://www.debian.org/doc/manuals/securing-debian-howto/ch-automatic-harden.en.html

This in case you'd like to build something:

https://wiki.debian.org/Hardening

https://wiki.debian.org/HardeningWalkthrough

Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola at bigfoot.com             **




From loki at obscura.com  Tue Aug 27 08:57:44 2013
From: loki at obscura.com (Lance Cottrell)
Date: Tue, 27 Aug 2013 08:57:44 -0700
Subject: Geotemporal Public Key Distribution
In-Reply-To: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
Message-ID: <154ED53B-BF63-478B-922F-DD30DD8476A6@obscura.com>

I think we need to look first at the threat model you are trying to address. Is the concern that the photo's creator would fake the location of the photo?
Is it that you want to make the location of the photo self-verifying if it is re-used?
Do you want to simply be able to spot re-use and prove where the photo was actually taken?
Something else?

I think that a clearer definition of the problem will help identify the most appropriate solutions.

--
Lance Cottrell
loki at obscura.com



On Aug 26, 2013, at 4:08 PM, Rich Jones <rich at openwatch.net> wrote:

> This is a small, unfinished idea I had, but I'd be interested in hearing any feedback anybody here might have to offer. Normally we talk about cryptography to secure communications, but this is an idea rather about verifying the authenticity of media.
> 
> [Quick backround: OpenWatch is a global citizen media network using mobile phones as the basis for a free worldwide press. We care very much about the authenticity of citizen media, and have designed some systems which attempt to improve the verifiability of citizen media.]
> 
> The problem is that sometimes media artifacts are presented as a record of a current event, when in fact they from different events. An example of this was when images of a marathon race in Istanbul were presented as images of the recent Occupy Gezi protests.
> 
> Now, imagine the globe divided into a grid coordinate system, say 100,000 units (or perhaps 232, if IP rather than physical address is to be used). Based on their physical location, reporters can contact a server and are assigned a key with which to sign or encrypt their media to. This then ties a media object to a physical space. This can be further improved to include both time and space by dividing a space-day into a number of units, suppose 1440, such that different keys would be handed out at different times of the day, thus further tying a document to a moment in time as well.
> 
> Does anybody know if any systems like this have ever been discussed or designed in the past? I suppose this is somewhat similar to the RSA-keyfob system, although this allows for anonymous access without pre-arrangement as well.
> 
> R

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3682 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/17011183/attachment.txt>

From loki at obscura.com  Tue Aug 27 09:15:58 2013
From: loki at obscura.com (Lance Cottrell)
Date: Tue, 27 Aug 2013 09:15:58 -0700
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <CADGKjQUhxYS01pX7ST8KaxP33UdewMrqYERwMUW53NJ2=VY4Jg@mail.gmail.com>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
 <20130827122252.GA2761@jack>
 <CADGKjQUhxYS01pX7ST8KaxP33UdewMrqYERwMUW53NJ2=VY4Jg@mail.gmail.com>
Message-ID: <F3668C85-6783-4793-B0AB-43D8AC0451E4@obscura.com>

This is a really subtle issue. Much has been written about how to optimize mixing pools. 
6-12 hours is a really long delay for many purposes. If not everyone is doing so, long delay messages might turn out to be of particular interest.

It also seems like a bad idea to put the message holding function at the sender's end. That makes it easier to try to identify who might have been storing messages for later delivery.
This might be a very simple and interesting service to provide at the end of remailer chains. Exit remailers might have an additional command which would instruct them to hold the message for a given period or until a given time before final delivery.

With Mixmaster I spent a lot of time thinking about message size. If you can recognize a message from its size as it enters and leaves a node, then all the delay and mixing is effectively thwarted.

	-Lance

--
Lance Cottrell
loki at obscura.com



On Aug 27, 2013, at 7:05 AM, Jeff Scofield <jscofiel at gmail.com> wrote:

> Possibly, I will defer to the more technically learnt.
> 
> I'm not a nym server expert but from my laymen perspective the Pynchon Gate design looks good. It might be totally redundant and unnecessary but if metadata analysis is the concern, wouldn't such a setup be even more secure by coding something so that the time between sending a message and receiving a reply which in theory could leak information about the nym holder, be sent at a random date in a given time-frame (unbeknownst to the metadata leeches) . i.e. In 6-12 hours from the moment I click "send" or say in 12-20 days etc. 
> 
> The email message could be coded to send at random like an online roulette table ball, within a given time window: verses say reloading every 24hours. This would in theory give out incorrect message 'sent' time-stamps, or would this be unnecessary because traffic from the user to the email distributors is already being controlled by the user, which queries into intervals anyway? Is that not metadata that can be tracked? 
> 
> - J
> 
> 
> 
> On Wed, Aug 28, 2013 at 12:22 AM, danimoth <danimoth at cryptolab.net> wrote:
> On 27/08/13 at 10:22pm, Jeff Scofield wrote:
> [cut]
> > One strategy might be to consider the adoption of a time delayed email
> > system.  The reason why the use of such a mechanism to allow someone the
> > ability to write an email, and then have it sent off at a specified (or
> > randomly generated unspecified) date is useful for multiple reasons.
> [cut]
> 
> Are we trying to reinvent anonymous remailers and nym servers?
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4222 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/94955d3e/attachment.txt>

From rich at openwatch.net  Tue Aug 27 09:32:34 2013
From: rich at openwatch.net (Rich Jones)
Date: Tue, 27 Aug 2013 09:32:34 -0700
Subject: [Cryptography] Implementations, attacks on DHTs, Mix Nets?
In-Reply-To: <20130827092336.GN29404@leitl.org>
References: <20130827092336.GN29404@leitl.org>
Message-ID: <CADJYzxLk3Q9SSJJEi=LpGxHEf=A4nk8bWSdXsDWW_jc+PHKKkA@mail.gmail.com>

As always, I'd recommend this fellow check out Anonbib -
http://freehaven.net/anonbib/


On Tue, Aug 27, 2013 at 2:23 AM, Eugen Leitl <eugen at leitl.org> wrote:

> ----- Forwarded message from Peter Gutmann <pgut001 at cs.auckland.ac.nz>
> -----
>
> Date: Tue, 27 Aug 2013 00:28:54 +0000
> From: Peter Gutmann <pgut001 at cs.auckland.ac.nz>
> To: "cryptography at metzdowd.com" <cryptography at metzdowd.com>
> Subject: Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?
>
> Ralph Holz <ralph-cryptometzger at ralphholz.de> writes:
>
> >There is a host of older literature, too - P2P research, however, has
> become
> >a cold topic. Although I expect that it will see a revival in the face of
> >surveillance.
>
> For people who are interested, the list I have (for a year or two back) is:
>
> "Security Considerations for Peer-to-Peer Distributed Hash Tables", Emil
> Sit
> and Robert Morris, Proceedings of the 1st International Workshop on
> Peer-to-
> Peer Systems (IPTPS'01), Springer-Verlag LNCS No.2429, March 2002, p.261.
>
> "A Survey of Peer-to-Peer Security Issues", Dan Wallach, Proceedings of the
> 2002 International Symposium on Software Security (ISSS'02),
> Springer-Verlag
> LNCS No.2609, November 2002, p.42.
>
> "Eclipse Attacks on Overlay Networks: Threats and Defenses", Atul Singh,
> Tsuen-Wan Ngan, Peter Druschel and Dan Wallach, Proceedings of the 25th
> International Conference on Computer Communications (INFOCOM'06), April
> 2006,
>
> "The Index Poisoning Attack in P2P File Sharing Systems", Jian Liang, Naoum
> Naoumov and Keith Ross, Proceedings of the 25th Conference on Computer
> Communications (INFOCOM'06), April 2006,
>
> "Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer
> Network",
> Michael Kohnen, Mike Leske and Erwin Rathgeb, Proceedings of the 8th
> IFIP-TC 6
> Networking Conference (Networking'09), Springer-Verlag LNCS No.5550, May
> 2009,
> p.104.
>
> "Combating Index Poisoning in P2P File Sharing", Lingli Deng, Yeping He and
> Ziyao Xu, Proceedings of the 3rd Conference and Workshops on Advances in
> Information Security and Assurance (ISA'09), Springer-Verlag LNCS No.5576,
> June 2009, p.358.
>
> "Hashing it out in public: Common failure modes of DHT-based anonymity
> schemes", Andrew Tran, Nicholas Hopper and Yongdae Kim, Proceedings of the
> 8th
> Workshop on Privacy in the Electronic Society (WPES'09), November 2009,
> p.71.
>
> "Poisoning the Kad Network", Thomas Locher, David Mysicka, Stefan Schmid
> and
> Roger Wattenhofer, Proceedings of the 11th International Conference on
> Distributed Computing and Networking (ICDCN'10), Springer-Verlag LNCS
> No.5935,
> January 2010, p.195.
>
> If there's anything significant I've missed, feel free to fill in the gaps.
>
> Peter.
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
> ----- End forwarded message -----
> --
> Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> ______________________________________________________________
> ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
> AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
>



-- 
—————————————

Rich Jones
*
OpenWatch* is a global investigative network using mobile technology to
build a more transparent world. Download OpenWatch for
iOS<https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8>and
for
Android<https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en>
!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5652 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/cc7a7b6e/attachment.txt>

From nettime at kein.org  Tue Aug 27 01:47:50 2013
From: nettime at kein.org (nettime's avid reader)
Date: Tue, 27 Aug 2013 10:47:50 +0200
Subject: <nettime> Cryptome suffers brief take-down over Japanese 'terror' files
Message-ID: <mailman.4462.1575949053.62801.testlist@lists.cpunks.org>



Cryptome suffers brief take-down over Japanese 'terror' files
Bitten by attack dog, just a flesh wound

By Richard Chirgwin, 26th August 2013

http://www.theregister.co.uk/2013/08/26/cryptome_suffers_brief_takedown_over_japanese_terror_files/


Longstanding whistleblower site Cryptome.org is back online after a
brief takedown, sparked by its hosting of a list of alleged Japanese
terrorists.

The takedown by host Network Solutions came as a result of a complaint
signed Sima Jiro, who complained that the 114 documents in a file
identified as jp-terrorist-files.zip contained “lots of personal
information, such as named, DOBs, family structures, workplaces, phone
numbers. And also containing lots of documents which are probably
classified or confidential”.

The complainant also hoped not to be identified to Cryptome: “I
sincerely ask you to refrain from sending my request forward to your
customer or administrator of “Cryptome” or the uploader of the ZIP
file.”

Network Solutions initially complied with the request. However –
presumably following some discussion between John Young and Network
Solutions – it has now been restored.

Young is no stranger to takedowns. His site, an anonymous drop-box
for whistleblowers which documents both corporate and government
shenanigans, has been variously attacked with notices from Microsoft
(taken down and then restored), Yahoo! (taken down and restored), and
PayPal (banned then unbanned).

In 2010, Young famously described Wikileaks' Julian Assange as a
“narcissistic individual” who is willing to “sacrifice Bradley
Manning* and anyone else to advance their own interests” (*now Chelsea
Manning).

The correspondence over the latest takedown is here. [1]

[1] http://cryptome.org/2013/08/cryptome-suspended.htm




#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime at kein.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Tue Aug 27 01:51:03 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 27 Aug 2013 10:51:03 +0200
Subject: [Cryptography] Is Traffic Analysis the problem (was Re: Good private
 email)
Message-ID: <20130827085103.GJ29404@leitl.org>

----- Forwarded message from "Perry E. Metzger" <perry at piermont.com> -----


From eugen at leitl.org  Tue Aug 27 01:52:08 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 27 Aug 2013 10:52:08 +0200
Subject: <nettime> Cryptome suffers brief take-down over Japanese 'terror'
 files
Message-ID: <20130827085208.GK29404@leitl.org>

----- Forwarded message from nettime's avid reader <nettime at kein.org> -----


From eugen at leitl.org  Tue Aug 27 02:23:36 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 27 Aug 2013 11:23:36 +0200
Subject: [Cryptography] Implementations, attacks on DHTs, Mix Nets?
Message-ID: <20130827092336.GN29404@leitl.org>

----- Forwarded message from Peter Gutmann <pgut001 at cs.auckland.ac.nz> -----


From rich at openwatch.net  Tue Aug 27 12:25:40 2013
From: rich at openwatch.net (Rich Jones)
Date: Tue, 27 Aug 2013 12:25:40 -0700
Subject: Geotemporal Public Key Distribution
In-Reply-To: <154ED53B-BF63-478B-922F-DD30DD8476A6@obscura.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
 <154ED53B-BF63-478B-922F-DD30DD8476A6@obscura.com>
Message-ID: <CADJYzxLA2nD_NqAFn96GgTu0sAy2L6n5qcvuhMeuzSTJCO7iqg@mail.gmail.com>

The purpose is to prevent forgery of documents. Actually, even more
fundamentally, it is a way of saying "I was at this place at this time" - I
don't believe there is any system which can do better than that (any kind
of device-based fingerprinting would be a DRM scheme, and therefore flawed
from conception.)

I don't believe that these documents could be made to be self-verifying,
although this is the sort of attempt being made with J3M.
CitizenMediaNotary<https://github.com/Miserlou/CitizenMediaNotary>proposes
to make documents network-verifiable against retroactive forgery,
but this is actually a different problem ("have we seen this before" rather
than "where in spacetime was this created").

Let's suppose a use case. Seems like we're about to have a nice little war
in Syria, so let's use that. Suppose a citizen reporter creates an image of
a bombed-out orphanage for impoverished nuns. Al-Jazeera wants to run with
it, but can it be trusted? How do we know that this is actually an image
from 2013 Syria, and not a previously-unpublished image from 2011 Libya,
uploaded by a military agent?

A geokey system would use network properties to assure that regions of
spacetime have unique identifiers. These identifiers could then be tied to
media, with a network protocol or J3M or something similar. Ideally, the
handing out of these cryptographic identifiers would actually be done via
satellite and not IPv4, as spatial IPv4 allocation isn't always accurate,
especially with mobile phones. Also, the thought of there being
geostationary microsats for the sole purpose of providing cryptographic
spacetime assurances just gives me the sci-fi tinglies. Imagine little
crypto robot oracles wizzing through space, beeping out random zeros and
ones back down onto the planet!

I guess the best we can do with this system is just narrow the "forgery
surface" to people who are at a certain place at a certain time who have
also preconspired to construct forgeries based on the keys generated by the
oracle. This is not perfect, but it's better than nothing - assuming that
we keep this limitation in mind.




On Tue, Aug 27, 2013 at 8:57 AM, Lance Cottrell <loki at obscura.com> wrote:

> I think we need to look first at the threat model you are trying to
> address. Is the concern that the photo's creator would fake the location of
> the photo?
> Is it that you want to make the location of the photo self-verifying if it
> is re-used?
> Do you want to simply be able to spot re-use and prove where the photo was
> actually taken?
> Something else?
>
> I think that a clearer definition of the problem will help identify the
> most appropriate solutions.
>
>  --
> Lance Cottrell
> loki at obscura.com
>
>
>
> On Aug 26, 2013, at 4:08 PM, Rich Jones <rich at openwatch.net> wrote:
>
> This is a small, unfinished idea I had, but I'd be interested in hearing
> any feedback anybody here might have to offer. Normally we talk about
> cryptography to secure communications, but this is an idea rather about
> verifying the authenticity of media.
>
> [Quick backround: OpenWatch <https://openwatch.net/> is a global citizen
> media network using mobile phones as the basis for a free worldwide press.
> We care very much about the authenticity of citizen media, and have
> designed some systems <https://github.com/Miserlou/CitizenMediaNotary>which attempt to improve the verifiability of citizen media.]
>
> The problem is that sometimes media artifacts are presented as a record of
> a current event, when in fact they from different events. An example of
> this was when images of a marathon race in Istanbul were presented as
> images<http://twitchy.com/2013/06/01/debunked-photo-of-occupygezi-crowds-crossing-istanbul-bridge-is-a-fake/>of the recent Occupy Gezi protests.
>
> Now, imagine the globe divided into a grid coordinate system, say 100,000
> units (or perhaps 232, if IP rather than physical address is to be used).
> Based on their physical location, reporters can contact a server and are
> assigned a key with which to sign or encrypt their media to. This then ties
> a media object to a physical space. This can be further improved to include
> both time and space by dividing a space-day into a number of units, suppose
> 1440, such that different keys would be handed out at different times of
> the day, thus further tying a document to a moment in time as well.
>
> Does anybody know if any systems like this have ever been discussed or
> designed in the past? I suppose this is somewhat similar to the RSA-keyfob
> system, although this allows for anonymous access without pre-arrangement
> as well.
>
> R
>
>
>


-- 
—————————————

Rich Jones
*
OpenWatch* is a global investigative network using mobile technology to
build a more transparent world. Download OpenWatch for
iOS<https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8>and
for
Android<https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en>
!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 7021 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/e3e95a8f/attachment.txt>

From jya at pipeline.com  Tue Aug 27 09:49:22 2013
From: jya at pipeline.com (John Young)
Date: Tue, 27 Aug 2013 12:49:22 -0400
Subject: [cryptography] NSA cracking UN videoconference - worried?
In-Reply-To: <CAESvgEoC81iO1qhsckButoqNGJGp1x4otbMye_0abgR+jF-W7w@mail.g
 mail.com>
References: <1D4BE9E412D74EBFB6926D80A3133F02@DORKUS>
 <CAAt2M19W8uK62ZXYzyRviE=qth5ZgLw3LFtaUBAsBTZYxG1mFw@mail.gmail.com>
 <CAESvgEoC81iO1qhsckButoqNGJGp1x4otbMye_0abgR+jF-W7w@mail.gmail.com>
Message-ID: <E1VEMQA-00032y-Ng@elasmtp-kukur.atl.sa.earthlink.net>

It should be remembered that most, if not all, the UN members
spy on one another. UN embassies and consulates in NYC bristle
with antenna. The US embassy, a high-rise across from the UN,
overlooks the mother ship and the wee boats huddling close.
It was rebuilt a few years ago to get rid of the old tech and install
new defenses and offenses.

The area is a thick web of spy operations -- residences and offices,
sidewalkers and waitpersons, limo and taxi drivers, maids and
doormen, janitors and sex partners, UN staff and renovation teams,
construction, health and environmental inspectors.

A privtate TSCM wizard active in NYC and DC and several other
spy nests, claims no spot on earth is as heavily spied as NYC --
the UN, finance, corporate HQs, FBI, DoJ, whorehouses, the lot --
that the spies respect each other's need for a bye if discovered,
returning the favor by reporting few misses and many successes
as a survival courtesy.

And that that is the back-scratching MO in national and financial
capitals and mil-econo-gov bastions everywhere. No secret to
cryptographers and network operators.

What, you think spies and govs and mil and comseckers really
compete?

Getthefuckoutahere.

Sure they all cheat despite these tacit agreements which are pure
baloney in the great tradition of fleecing dimwitted politicians and
taxpayers who pretend dimwittedness as necessary warcraft,
tradecraft, statecraft and citizenry.

So who's the biggest and baddest of the spies of the moment.
NSA and Google according to sacrificial goat Julian Assange.
But, lord almighty, it is obvious who hired him to leak that: NSA and
Google, fearing they would be outbid for his hermitage sagacity
by Bears and Tigers, Microsoft and ATT, Verizon and Yahoo,
IBM and RSA, Cisco and Apple, MIT and Rand, Stanford and
Columbia, Koch and Soros, BBN and SAIC.

Their marketing antennas ambitiously bristling, their whistleblowers
and security researchers ablowing like comely prostitutes along
1st Avenue, a couple more dutiful transgender goats twisting in
the wind to recruit those desiring life-changing cuddling with
Bill Clinton and Colin Powell, Guardian and NYT, MacArthur,
Rockefeller and Ford, Lockheed and Northrup.

Syria heading to be the new Haiti, NGOs poised to nick carrion.





From jya at pipeline.com  Tue Aug 27 10:10:46 2013
From: jya at pipeline.com (John Young)
Date: Tue, 27 Aug 2013 13:10:46 -0400
Subject: Metadata anonymization through time delayed email
  messaging.
In-Reply-To: <F3668C85-6783-4793-B0AB-43D8AC0451E4@obscura.com>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
 <20130827122252.GA2761@jack>
 <CADGKjQUhxYS01pX7ST8KaxP33UdewMrqYERwMUW53NJ2=VY4Jg@mail.gmail.com>
 <F3668C85-6783-4793-B0AB-43D8AC0451E4@obscura.com>
Message-ID: <E1VEMko-0003oS-N8@elasmtp-curtail.atl.sa.earthlink.net>

Lance's message size is quite interesting for its parallel to size of
files used for stego and other hiding means. For example
a large CAD drawing of nuclear warhead can be graphically
shrunk to the size of a period and that period placed at the
end of note or under a line in a drawing of a Michael Graves
teapot. The giveaway is the file size.

Fragmenting the warhead drawing for placement in many
banal drawings would help, and that is being done with
a variety of cloaking tools.

To hide the file and its size, the compressed CAD drawing or
CAD-reduced encrypted volume on easy cracking of AES or
burgling AEC labs, like the old microdot, can be transmitted
in barrel of oil, a bottle of perfume, a condom of cocaine or
false fingernail.

3D printing of a compressed CAD files has possibilities.
As do compressed audio files embedded in DVD labels.





From tnghia.duong at gmail.com  Tue Aug 27 04:21:04 2013
From: tnghia.duong at gmail.com (Nghia Duong)
Date: Tue, 27 Aug 2013 13:21:04 +0200
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
Message-ID: <CAGtTwBT_cZ4+WcxgE5=zFWRrL=THXLfRXpyCAxwBrmyo2fD34Q@mail.gmail.com>

Great idea, however I think the user should still have the possibility to
choose a timely delivery if the context requires it, right?

I have always had questions about obfuscating e-mail metadata too. For
instance, would it be possible to implement "burner" accounts (like
ChatSecure [1] did)?

The concept of a burner account is that you can quickly create a new
> clean account with no identifying or memorable details, and have that
> account only exist on your device [...]
>

That way people would be "shuffling" their e-mail accounts and that would
make it harder to infer social links via email metadata. This may be a very
stupid question, but hey, I'm curious.

[1] http://chrisballinger.info/apps/chatsecure/


On Tue, Aug 27, 2013 at 12:22 PM, Jeff Scofield <jscofiel at gmail.com> wrote:

> We know that with or without data content analysis of actual email
> messages, lots of information can be inferred through various forms of
> metadata collection.  Given this reality the question becomes, what can be
> done?
>
> One strategy might be to consider the adoption of a time delayed email
> system.  The reason why the use of such a mechanism to allow someone the
> ability to write an email, and then have it sent off at a specified (or
> randomly generated unspecified) date is useful for multiple reasons.
>
> If a program could be coded in a way which could delay the actual
> transmission of data in such a manner that the original time of creation
> was adequately masked, it could hamper nefarious metadata collection of
> time-stamping and possibly geo-locating of user information.
>
> For example:
>
> A person walks into a computer café at 10am and sets an email to send at
> around 4am the following morning (via cloud or machine).  The data gets
> sent at 4am when the building is empty.  No CCTV photos/cameras are able to
> document who sent the message because the computer café is unoccupied at
> 4am.  The software is designed in such a fashion that it is nearly
> impossible to unmask the original time when the message was instructed to
> send, thus hiding the metadata associated with time-stamping, and thus
> hiding the true identity of the computer user at the café at 10am the
> previous day.
>
> Any and all feed back regarding this idea is welcome.
>
> --
> Tuan Nghia DUONG
> Élève-ingénieur en Informatique et Réseaux
> ESISAR, Valence
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5002 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/2b9e4d22/attachment.txt>

From danimoth at cryptolab.net  Tue Aug 27 05:22:52 2013
From: danimoth at cryptolab.net (danimoth)
Date: Tue, 27 Aug 2013 14:22:52 +0200
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
Message-ID: <20130827122252.GA2761@jack>

On 27/08/13 at 10:22pm, Jeff Scofield wrote:
[cut]
> One strategy might be to consider the adoption of a time delayed email
> system.  The reason why the use of such a mechanism to allow someone the
> ability to write an email, and then have it sent off at a specified (or
> randomly generated unspecified) date is useful for multiple reasons.
[cut]

Are we trying to reinvent anonymous remailers and nym servers?




From loki at obscura.com  Tue Aug 27 15:32:47 2013
From: loki at obscura.com (Lance Cottrell)
Date: Tue, 27 Aug 2013 15:32:47 -0700
Subject: Geotemporal Public Key Distribution
In-Reply-To: <CADJYzxLA2nD_NqAFn96GgTu0sAy2L6n5qcvuhMeuzSTJCO7iqg@mail.gmail.com>
References: <CADJYzx+uzFwixpzEOEF0YMM8NKfOq3_661AOj1m-U8JxafuiBg@mail.gmail.com>
 <154ED53B-BF63-478B-922F-DD30DD8476A6@obscura.com>
 <CADJYzxLA2nD_NqAFn96GgTu0sAy2L6n5qcvuhMeuzSTJCO7iqg@mail.gmail.com>
Message-ID: <C1BAB299-EB26-477E-9F95-468DF05630CF@obscura.com>

OK, so we have some video. If that video was taken from within an app on a mobile device, it may be somewhat tamper resistant.

Some external cameras have GPS, but certainly not all, and any meta-data could be changed before importing.

In terms of location, we have device GPS, cell tower location, nearby WiFi based location, IP address, Internet network topology and timing. Any of those could be spoofed with some effort. Signing content with location information before uploading might bring reputation into the equation, and give some more trust in the information.

I assume your binning concept (100,000 or 2^32) is to give "I was there" without saying "here is exactly how to find and kill me". Is that correct? We might achieve the same by simply rounding Lat Long at some level of granularity.

We could lock down the time of publication to the system using hash chain type structures. The hash, location, time, and document could all be signed by the hashing server. This could be distributed and redundant.

Just some quick thoughts. 

--
Lance Cottrell
loki at obscura.com



On Aug 27, 2013, at 12:25 PM, Rich Jones <rich at openwatch.net> wrote:

> The purpose is to prevent forgery of documents. Actually, even more fundamentally, it is a way of saying "I was at this place at this time" - I don't believe there is any system which can do better than that (any kind of device-based fingerprinting would be a DRM scheme, and therefore flawed from conception.)
> 
> I don't believe that these documents could be made to be self-verifying, although this is the sort of attempt being made with J3M. CitizenMediaNotary proposes to make documents network-verifiable against retroactive forgery, but this is actually a different problem ("have we seen this before" rather than "where in spacetime was this created").
> 
> Let's suppose a use case. Seems like we're about to have a nice little war in Syria, so let's use that. Suppose a citizen reporter creates an image of a bombed-out orphanage for impoverished nuns. Al-Jazeera wants to run with it, but can it be trusted? How do we know that this is actually an image from 2013 Syria, and not a previously-unpublished image from 2011 Libya, uploaded by a military agent?
> 
> A geokey system would use network properties to assure that regions of spacetime have unique identifiers. These identifiers could then be tied to media, with a network protocol or J3M or something similar. Ideally, the handing out of these cryptographic identifiers would actually be done via satellite and not IPv4, as spatial IPv4 allocation isn't always accurate, especially with mobile phones. Also, the thought of there being geostationary microsats for the sole purpose of providing cryptographic spacetime assurances just gives me the sci-fi tinglies. Imagine little crypto robot oracles wizzing through space, beeping out random zeros and ones back down onto the planet!
> 
> I guess the best we can do with this system is just narrow the "forgery surface" to people who are at a certain place at a certain time who have also preconspired to construct forgeries based on the keys generated by the oracle. This is not perfect, but it's better than nothing - assuming that we keep this limitation in mind.
> 
> 
> 
> 
> On Tue, Aug 27, 2013 at 8:57 AM, Lance Cottrell <loki at obscura.com> wrote:
> I think we need to look first at the threat model you are trying to address. Is the concern that the photo's creator would fake the location of the photo?
> Is it that you want to make the location of the photo self-verifying if it is re-used?
> Do you want to simply be able to spot re-use and prove where the photo was actually taken?
> Something else?
> 
> I think that a clearer definition of the problem will help identify the most appropriate solutions.
> 
> --
> Lance Cottrell
> loki at obscura.com
> 
> 
> 
> On Aug 26, 2013, at 4:08 PM, Rich Jones <rich at openwatch.net> wrote:
> 
>> This is a small, unfinished idea I had, but I'd be interested in hearing any feedback anybody here might have to offer. Normally we talk about cryptography to secure communications, but this is an idea rather about verifying the authenticity of media.
>> 
>> [Quick backround: OpenWatch is a global citizen media network using mobile phones as the basis for a free worldwide press. We care very much about the authenticity of citizen media, and have designed some systems which attempt to improve the verifiability of citizen media.]
>> 
>> The problem is that sometimes media artifacts are presented as a record of a current event, when in fact they from different events. An example of this was when images of a marathon race in Istanbul were presented as images of the recent Occupy Gezi protests.
>> 
>> Now, imagine the globe divided into a grid coordinate system, say 100,000 units (or perhaps 232, if IP rather than physical address is to be used). Based on their physical location, reporters can contact a server and are assigned a key with which to sign or encrypt their media to. This then ties a media object to a physical space. This can be further improved to include both time and space by dividing a space-day into a number of units, suppose 1440, such that different keys would be handed out at different times of the day, thus further tying a document to a moment in time as well.
>> 
>> Does anybody know if any systems like this have ever been discussed or designed in the past? I suppose this is somewhat similar to the RSA-keyfob system, although this allows for anonymous access without pre-arrangement as well.
>> 
>> R
> 
> 
> 
> 
> -- 
> —————————————
> 
> Rich Jones
> 
> OpenWatch is a global investigative network using mobile technology to build a more transparent world. Download OpenWatch for iOS and for Android!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 9307 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/cdd9c218/attachment.txt>

From zooko at leastauthority.com  Tue Aug 27 09:46:20 2013
From: zooko at leastauthority.com (Zooko Wilcox-OHearn)
Date: Tue, 27 Aug 2013 16:46:20 +0000
Subject: [tahoe-dev] join us for the Tahoe-LAFS v.11 planning meeting tomorrow
Message-ID: <mailman.4463.1575949053.62801.testlist@lists.cpunks.org>

Folks:

Everyone is invited to participate in a video conference using Google
Hangouts tomorrow, Wednesday the 28th, at 15:00Z, for 1 hour.

Here is more detail:

https://tahoe-lafs.org/trac/tahoe-lafs/wiki/WeeklyMeeting

The video conference will be recorded and posted to the public on
youtube (if we can figure out how to make it do that).

The topic will be: What is coming in Tahoe-LAFS v1.11! ☺

Regards,

Zooko Wilcox-O'Hearn

Founder, CEO, and Customer Support Rep
https://LeastAuthority.com
Freedom matters.
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From StealthMonger at nym.mixmin.net  Tue Aug 27 09:16:11 2013
From: StealthMonger at nym.mixmin.net (StealthMonger)
Date: Tue, 27 Aug 2013 17:16:11 +0100 (BST)
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <20130827122252.GA2761@jack> (danimoth@cryptolab.net's message of
 "Tue, 27 Aug 2013 14:22:52 +0200")
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
 <20130827122252.GA2761@jack>
Message-ID: <20130827161611.95EB8BF5C@snorky.mixmin.net>

danimoth <danimoth at cryptolab.net> writes:

> On 27/08/13 at 10:22pm, Jeff Scofield wrote:
> [cut]
>> One strategy might be to consider the adoption of a time delayed email
>> system.  The reason why the use of such a mechanism to allow someone the
>> ability to write an email, and then have it sent off at a specified (or
>> randomly generated unspecified) date is useful for multiple reasons.
> [cut]

> Are we trying to reinvent anonymous remailers and nym servers?

Thank you danimoth for making that connection.  [Will they never learn?]


-- 


 -- StealthMonger <StealthMonger at nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?
   http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html


Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/2278c63d/attachment.sig>

From tom at ritter.vg  Tue Aug 27 17:57:35 2013
From: tom at ritter.vg (Tom Ritter)
Date: Tue, 27 Aug 2013 20:57:35 -0400
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <F3668C85-6783-4793-B0AB-43D8AC0451E4@obscura.com>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
 <20130827122252.GA2761@jack>
 <CADGKjQUhxYS01pX7ST8KaxP33UdewMrqYERwMUW53NJ2=VY4Jg@mail.gmail.com>
 <F3668C85-6783-4793-B0AB-43D8AC0451E4@obscura.com>
Message-ID: <CA+cU71nJCm+Hh8kY7Da7MFpWp54M=B7ivC7pKnN8K4v=q03mOw@mail.gmail.com>

On 27 August 2013 12:15, Lance Cottrell <loki at obscura.com> wrote:
> This is a really subtle issue. Much has been written about how to optimize
> mixing pools.
> 6-12 hours is a really long delay for many purposes. If not everyone is
> doing so, long delay messages might turn out to be of particular interest.
>
> It also seems like a bad idea to put the message holding function at the
> sender's end. That makes it easier to try to identify who might have been
> storing messages for later delivery.

I don't know - if I'm performing physical or network surveillance of a
target, and I see a Mix message leave - that tells me something very
definite about the timing.  Obviously you wouldn't want to store the
message in plaintext, but if you encrypted it to the first hop, along
with the address, and a time to send (and tried your hardest to lie
about the timestamps on the filesystem); you can increase the
difficulty of learning something definite.  And I think that holds
even if the attacker does a physical intrusion and looks at the
filesystem. (It reminds me Rivest's FlipIp game - the attacker is
allowed to do a physical intrusion and read the filesystem, but
everyone learns that they have and thus distrusts that node.)  Of
course it only holds if there are multiple possible senders, delaying
an email from my home when I live alone doesn't help me.  But if there
are multiple possible senders, it feels like tacking on a
lesser-quality mix node at the beginning.

Another argument to it's utility is there is no easy way to disguise
the fact that you are sending a mix message.  Right now the only ways
I can think of hiding that fact would be to use mix bridges (some
entry remailer node that isn't published, akin to Tor's bridges) with
a protocol that looks as identical to SSL in a webbrowser as you can;
or to send them out over Tor.

> This might be a very simple and interesting service to provide at the end of
> remailer chains. Exit remailers might have an additional command which would
> instruct them to hold the message for a given period or until a given time
> before final delivery.

I think the user-configurable time is the idea behind Alpha Mixing,
although I hope it's implemented better than in Type 1 Remailers.

> With Mixmaster I spent a lot of time thinking about message size. If you can
> recognize a message from its size as it enters and leaves a node, then all
> the delay and mixing is effectively thwarted.

Absolutely.  And on the sender end, I can't think of good ways to
obfuscate large messages.  The splitting technique of Mixmaster has
always felt like a bit of a hack (no offense), because someone doing
end to end correlation should be able to link those fairly easily.
For receiving large files, I think a client/server architecture where
you can choose to delete the message on the server, or download chunk
by laborious chunk over time would be advantageous[0].

-tom

[0] This might, might, even be an argument of added complexity by
splitting files, before compressing and encrypting them, so you can
download chunks 1-4 and (potentially) get a portion of the file in a
readable albeit incomplete format.




From eugen at leitl.org  Tue Aug 27 12:07:27 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 27 Aug 2013 21:07:27 +0200
Subject: [tahoe-dev] join us for the Tahoe-LAFS v.11 planning meeting tomorrow
Message-ID: <20130827190727.GQ29404@leitl.org>

----- Forwarded message from Zooko Wilcox-OHearn <zooko at leastauthority.com> -----


From jscofiel at gmail.com  Tue Aug 27 03:22:21 2013
From: jscofiel at gmail.com (Jeff Scofield)
Date: Tue, 27 Aug 2013 22:22:21 +1200
Subject: Metadata anonymization through time delayed email messaging.
Message-ID: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>

We know that with or without data content analysis of actual email
messages, lots of information can be inferred through various forms of
metadata collection.  Given this reality the question becomes, what can be
done?

One strategy might be to consider the adoption of a time delayed email
system.  The reason why the use of such a mechanism to allow someone the
ability to write an email, and then have it sent off at a specified (or
randomly generated unspecified) date is useful for multiple reasons.

If a program could be coded in a way which could delay the actual
transmission of data in such a manner that the original time of creation
was adequately masked, it could hamper nefarious metadata collection of
time-stamping and possibly geo-locating of user information.

For example:

A person walks into a computer café at 10am and sets an email to send at
around 4am the following morning (via cloud or machine).  The data gets
sent at 4am when the building is empty.  No CCTV photos/cameras are able to
document who sent the message because the computer café is unoccupied at
4am.  The software is designed in such a fashion that it is nearly
impossible to unmask the original time when the message was instructed to
send, thus hiding the metadata associated with time-stamping, and thus
hiding the true identity of the computer user at the café at 10am the
previous day.

Any and all feed back regarding this idea is welcome.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2977 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130827/563219b8/attachment.txt>

From jscofiel at gmail.com  Tue Aug 27 07:05:08 2013
From: jscofiel at gmail.com (Jeff Scofield)
Date: Wed, 28 Aug 2013 02:05:08 +1200
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <20130827122252.GA2761@jack>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
 <20130827122252.GA2761@jack>
Message-ID: <CADGKjQUhxYS01pX7ST8KaxP33UdewMrqYERwMUW53NJ2=VY4Jg@mail.gmail.com>

Possibly, I will defer to the more technically learnt.

I'm not a nym server expert but from my laymen perspective the Pynchon Gate
design looks good. It might be totally redundant and unnecessary but if
metadata analysis is the concern, wouldn't such a setup be even more secure
by coding something so that the time between sending a message and
receiving a reply which in theory could leak information about the nym
holder, be sent at a random date in a given time-frame (unbeknownst to the
metadata leeches) . i.e. In 6-12 hours from the moment I click "send" or
say in 12-20 days etc.

The email message could be coded to send at random like an online roulette
table ball, within a given time window: verses say reloading every 24hours.
This would in theory give out incorrect message 'sent' time-stamps, or
would this be unnecessary because traffic from the user to the email
distributors is already being controlled by the user, which queries into
intervals anyway? Is that not metadata that can be tracked?

- J



On Wed, Aug 28, 2013 at 12:22 AM, danimoth <danimoth at cryptolab.net> wrote:

> On 27/08/13 at 10:22pm, Jeff Scofield wrote:
> [cut]
> > One strategy might be to consider the adoption of a time delayed email
> > system.  The reason why the use of such a mechanism to allow someone the
> > ability to write an email, and then have it sent off at a specified (or
> > randomly generated unspecified) date is useful for multiple reasons.
> [cut]
>
> Are we trying to reinvent anonymous remailers and nym servers?
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2002 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130828/573ff5c6/attachment.txt>

From sandyinchina at gmail.com  Wed Aug 28 03:01:35 2013
From: sandyinchina at gmail.com (Sandy Harris)
Date: Wed, 28 Aug 2013 06:01:35 -0400
Subject: Metadata anonymization through time delayed email messaging.
In-Reply-To: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
References: <CADGKjQXU04s92W_Xh3JdECw+DhRQQkn5_roRoJHAuYphb9wHDQ@mail.gmail.com>
Message-ID: <CACXcFmmfWEbaX+XK40RomnOSsgqYPves3zVuQOWqSSa4BfJQ3g@mail.gmail.com>

Jeff Scofield <jscofiel at gmail.com> wrote:

> A person walks into a computer café at 10am and sets an email to send at
> around 4am the following morning (via cloud or machine).  The data gets sent
> at 4am when the building is empty.  ...
>
> Any and all feed back regarding this idea is welcome.

if you control the end-user sending machine & it runs some sort of Unix,
this is trivial; the required command is just:

at 04:00 mail whoever at example.net < message_file

Writing a script to do this using a random time would not be hard.

Of course this does not encrypt the file, though it could send a file
that was already encrypted. Nor does it provide any sort of
protection against someone who can snoop on the sending
machine (nothing I know of does!), so it does not work in your
Internet cafe example.

Better to modify the mail server to introduce a random delay.
This also does not look hard. Avoiding time stamps in the
Received: lines in the headers would also be necessary,
but that looks straightforward as well.

To block tracking, you also want to avoid putting the client
machine's IP address in the headers. Easily done, but it
makes it harder to deal with spammers.




From rich at openwatch.net  Wed Aug 28 15:31:53 2013
From: rich at openwatch.net (Rich Jones)
Date: Wed, 28 Aug 2013 15:31:53 -0700
Subject: Tin Can
In-Reply-To: <65990A5C-C067-46E7-B2B9-2FEC9F6D5245@fredericjacobs.com>
References: <65990A5C-C067-46E7-B2B9-2FEC9F6D5245@fredericjacobs.com>
Message-ID: <CADJYzxL1UJzNuiwNVdxyvN8eokJKtNZqbw2Z=JB0j6L_mOKzMA@mail.gmail.com>

Anybody interested in WebP2P development is invited to join the WebP2P
discussion list: http://webp2p.org


On Wed, Aug 28, 2013 at 2:26 PM, Frederic Jacobs
<lists at fredericjacobs.com>wrote:

> Mozilla released something that looks pretty good. Haven’t looked at the
> security yet.
>
> It’s peer to peer video that works in the browser with WebRTC and uses
> Persona to sign in.
>
> http://tincan.im/
>



-- 
—————————————

Rich Jones
*
OpenWatch* is a global investigative network using mobile technology to
build a more transparent world. Download OpenWatch for
iOS<https://itunes.apple.com/us/app/openwatch-social-muckraking/id642680756?ls=1&mt=8>and
for
Android<https://play.google.com/store/apps/details?id=org.ale.openwatch&hl=en>
!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1920 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130828/88dd6145/attachment.txt>

From lists at fredericjacobs.com  Wed Aug 28 14:26:27 2013
From: lists at fredericjacobs.com (Frederic Jacobs)
Date: Wed, 28 Aug 2013 23:26:27 +0200
Subject: Tin Can
Message-ID: <65990A5C-C067-46E7-B2B9-2FEC9F6D5245@fredericjacobs.com>

Mozilla released something that looks pretty good. Haven’t looked at the security yet.

It’s peer to peer video that works in the browser with WebRTC and uses Persona to sign in. 

http://tincan.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 491 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130828/f3d10c37/attachment.txt>

From grarpamp at gmail.com  Wed Aug 28 23:55:24 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 29 Aug 2013 02:55:24 -0400
Subject: Running in overlay circles [was: Why_can't_email_be_secure]
Message-ID: <CAD2Ti2-wwmY3F+qwTXc54Ttpy=M5S1HQBK+bMGJY=1PkYWmtMA@mail.gmail.com>

On 8/26/13, rysiek <rysiek at hackerspace.pl> wrote:
> It's a seemingly unsolvable conundrum:
>  - start with a clean slate and create a new, "perfect" solution;
>  - start with something people already use and improve it as much as
> possible.
>
> The former approach has the risk of the solution not being adopted; the
> latter
> -- of the new solution not being good enough due to technicalities of the
> solution it is based on.
>
> But maybe it could be possible to get the best of both worlds?
>
> Had a new solution been created in a way that is usable via existing mail
> clients (e.g. implementing IMAP for message retrieval and SMTP for message
> submission) while designing and implementing a completely new way of
> comminicating server-to-server -- it might achieve just that.

When you cleanslate things you are not held back by the past.
Napster, bittorrent, icq... all completely new and instant mass appeal,
because they did something that people wanted. That overrode every other
consideration the user had, including... now hang on, I know this will
be hard for some to believe.... downloading and installing the app and
actually learning how to use it.
These days, there is a want for secure messaging. Thanks to recent
news... I'm actually taking questions from morons off the street that
now want to 'send secret messages'. I don't have time so the standard
answer is usually 'read and pick something from prism-break.org.'

There are already cleanslate systems cryptographically
secure against content and internal addressing snooping.
The resistance to global passive/active adversaries
from connecting the realworld IP talkers needs work.

And to truly replace traditional email (especially in the
business world) you will need a community of powerful
messaging clients...  lots of spec decisions to be made
there... lots of traction with existing thunderbird, mutt,
etc UI/handling frontends. But can you save that and
swap out their legacy smtp/imap network semantics.
Then you have the userspace key management for end2end
message security to work on as well.

All of this is interconnected too... once you start designing
a strong messaging system, it begins to look like a general
purpose transport, possibly one with parameterized options.
Then you start thinking how to plug other apps into it. So
you're back to looking like another I2P, Tor, GnuNet, Phantom,
Freenet, AnoNet, etc... lots of the same stuff under the hood.

Will there ever be a generic, possibly modular, overlay to
come along and handle it all? Or are we just running in
overlay circles?




From coderman at gmail.com  Thu Aug 29 04:07:51 2013
From: coderman at gmail.com (coderman)
Date: Thu, 29 Aug 2013 04:07:51 -0700
Subject: UDP/datagram/cell based networks [was: Why_can't_email_be_secure]
In-Reply-To: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>
References: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>
Message-ID: <CAJVRA1QjYk1KUz+FSTpeKfL6UaK9jC3OEBaC91Q3mFa3OBL8Sg@mail.gmail.com>

On Thu, Aug 29, 2013 at 1:39 AM, grarpamp <grarpamp at gmail.com> wrote:
> ...
> Are we necessarily even speaking strictly of UDP 'datagrams'
> or applications? For example, I presume there might be something
> to be said for software switched packet/cell network stacks.


i should clarify:

the mode of operation for this presumed design and implementation is
to have SOCKS, HTTP, HTTPS, transparent UDP, transparent TCP,
transparent DNS (this is indeed different than just UDP :), and some
subset of transparent ICMP proxy support on the client / node.  you
could configure proxy settings, direct traffic to the trans ports, or
perform queries directly against the DNS port of the running real time
datagram mixer instance.

at the exits for public traffic or at the private ORCHID based
"hidden/overlay" endpoints, you transit these same protocols, per
advertised support in exit policy or overlay service capability
respectively.

on the wire, you would be sending UDP datagrams that encapsulate the
NAT busting IPsec telescope containing path data, multi-path SCTP in
userspace for reliable TCP stream transport over the datagram overlay.

for all intents and purposes these packets would look like AH/ESP or
CryptoBox wrapped opaque cipher texts in some standard UDP
encapsulation.



as for ATM, SONET, satellite data terminals, metro wireless, and all
other unusual or exotic transports: these are likely not useful for
the core network unless directly public UDP IPv4 reachable.

censorship bypass, non-node capable devices like phones, or very poor
network connectivity situations, would require other transports and
protocols for this initial tunnel into the overall real-time datagram
mix-like network.  in this context, the varied physical layers and
logical paths in a given metro region operating beneath IP routing can
play a role in passing traffic from suppressed/blocked users out to
the broader mesh or internet at large.



devices and users communicating via obfuscated links into the dgm
network do not have traffic analysis protections like full
participants.  despite this lack of stronger anonymity, the actors
observing at the edge can only note that you are tunneling into the
public network, and utilizing some stochastic gradient of bandwidth in
aggregate for some period of time.

this is still not much information, especially compared to the current
state of affairs!

there are many complications and constraints around how this would
work - i make it sound so easy ;)
  however, you could provide such services, including wireless metro
area mesh or p-to-mp distribution networks, constrained by propinquity
and referral by reputation, in combination with broadband internet
uplink of a more traditional sort where available.

and in fact, using multiple paths / transports concurrently provides
advantage for data continuity and throughput despite volatile and
changing upstream link availability on an individual basis to
particular gateway or router or access point devices.



metro area mesh benefits nicely from some backhaul ad-hoc or fixed
plant high capacity point-to-point links over distance with short IP
routes; there is a good paper from early 2000's about using atheros
802.11a devices with a custom tertiary firmware and host driver to
bond eight devices into a single point-to-point link with an aggregate
throughput over three or four hundred megabit a second in transport
rate... or so i recall.  IPoATM on a OC12 or bigger to an internet
provider would absolutely be useful as an upstream sink within such a
mesh.

i would love to see high degree mesh optimizer p-to-mp nodes applying
the latest high bit rate software defines radios for  backhaul and
security.  isolate each radio like a Pervices Noctar[0] or USRP B210
[1] into its own guest and isolate devices with VT-d enforced memory
access boundaries.  you may even put more than one device in a single
SDR Backhaul Guest VM if doing large-QAM or other complex MIMO
front-ends and signal processing.



i could go on, but alas, i've got code to write...  *grin*



0. "Noctar: 8Gbps, low latency, PCIe x4 bus, 250MHz bandwidth, full
duplex, RF frontend 100kHz – 4GHz, Two, 12 bit, 125 MSPS ADCs, Dual
channel, 16 bit, 250 MSPS DAC, 20MHz, 0.28ppm, reference TCXO, Altera
Cyclone IV EP4CGX22C FPGA"
  http://www.pervices.com/support/

1. "USRP B210 Kit: USB 3.0 (bus max 3.2Gb/s) for xfer ~60 MSym/sec, 56
MHz bandwidth 1x1 / 32 MHz 2x2 MIMO bandwidth, 70 MHz to 6 GHz
frequency range, flexible rate 12bit ADC/DAC, 2 TX and 2 RX full or
half duplex channels (4 total), Xilinx Spartan 6 XC6SLX150 FPGA"
  https://www.ettus.com/product/details/UB210-KIT




From grarpamp at gmail.com  Thu Aug 29 01:09:35 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 29 Aug 2013 04:09:35 -0400
Subject: [tor-talk] About time to make BitTorrent work over Tor,
Message-ID: <mailman.4464.1575949053.62801.testlist@lists.cpunks.org>

On 8/26/13, Kostas Jakeliunas <kostas at jakeliunas.com> wrote:
> On Mon, Aug 26, 2013 at 2:46 PM, Nathan Suchy <
> theusernameiwantistaken at gmail.com> wrote:
>
>> I don't want this for piracy as I have a paid VPN account that is much
>> faster for that if I decide to pirate. I think we need BitTorrent though
>> to
>> work on Tor so Tor Users can securely share files with one another.
>
>
> AFAIK the most obvious issue with this (among more subtle side-channel
> attack / decloaking problems) is network scalability. Total relay bandwidth
> available is, while seemingly increasing in general, very limited given
> such use cases. [1] How does one scale BitTorrent on top of that?
> ...
> But perhaps there's still some discussion to be had. I'm sure this has been
> discussed myriads of times, however - maybe it's worth trying to browse
> through the mailing list archives.
>
> [1]: https://metrics.torproject.org/network.html#bandwidth

Technically, Bittorrent works fine when run completely inside Tor.
The resources needed at the client are reasonable (ie: cpu).
The bandwidth is currently reasonably available. And onions are
secure enough for people who insist on skirting copyright. That
alone makes me wonder why Tor hasn't grown any long lived
torrent clouds. Probably because the entry bar is high and the
slower speed is beyond the scope of the typical leeching
mindset.

What people should know is that Tor currently can't handle it at
scale in at least two areas...

Transferring 1MiB causes about 7MiB worth of reduction in Tor
bandwidth, plus the CPU and state for processing the circuits.
You can get that back by running relays, but the vast bulk of the
above users probably won't be willing or bothered to do that, let
alone be able to figure out how to do it right and in conjunction
with their BT app. So Tor is likely to tank from that alone.

Then assuming they did run relays, the last part is dealing with
N million users worth of relay and onion descriptors. That takes
out more bandwidth, the dirservers, and everyone's local cpu
and ram.

For those reasons, it's hard to truly push mass use of p2p over
Tor. Yet I think given the greater probability of a p2p influx as
time goes on [1], Tor really should have some prepared design
considerations on the table beyond "please don't do that",
which torrenters obviously ignore. Hopefully designs can be
found that aren't restrictive.

[1] Pick any hot p2p app, drop N million users worth on Tor. In
this thread it's BT... being driven slowly towards anonymous
systems by the anti's [today, Russian blocking], enhanced
by piratebrowser giving hints to millions of users "Hey, what's
this Tor thing? What are these onions I see there? Hmm..."
-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From coderman at gmail.com  Thu Aug 29 04:22:19 2013
From: coderman at gmail.com (coderman)
Date: Thu, 29 Aug 2013 04:22:19 -0700
Subject: UDP/datagram/cell based networks [was: Why_can't_email_be_secure]
In-Reply-To: <CAJVRA1QjYk1KUz+FSTpeKfL6UaK9jC3OEBaC91Q3mFa3OBL8Sg@mail.gmail.com>
References: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>
 <CAJVRA1QjYk1KUz+FSTpeKfL6UaK9jC3OEBaC91Q3mFa3OBL8Sg@mail.gmail.com>
Message-ID: <CAJVRA1T7X=6isNUeiqYzcWaEyBdZJjP2Ae3LzMNXM6k9LrrptA@mail.gmail.com>

On Thu, Aug 29, 2013 at 4:07 AM, coderman <coderman at gmail.com> wrote:
> ...
> as for ATM, SONET, satellite data terminals, metro wireless, and all
> other unusual or exotic transports...


i should have mentioned:


metro Ethernet or municipal run fiber networks with peering are the
best option for mesh traffic relaying like this. ATM is too expensive;
IDSN, despite a proud origin story of the first data mix networks, is
also expensive, and super slow.

get rooftop access for radios in a Fresnel friendly internet exchange
where you can simply forward traffic down a few floors over Ethernet
and you're in the best of positions.


consumer fiber to the home would be great, if ToS restrictions didn't
make such forwarding risky.  and the business upgrade for FTTP is
pretty outrageous in almost every case.

you could route through a VPN provider or dedi server of your own in
this case, but tunneling may not be sufficiently covert depending on
the amount of bandwidth used.




From grarpamp at gmail.com  Thu Aug 29 01:39:55 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 29 Aug 2013 04:39:55 -0400
Subject: UDP/datagram/cell based networks [was: Why_can't_email_be_secure]
Message-ID: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>

On 8/26/13, coderman <coderman at gmail.com> wrote:
> On Sun, Aug 25, 2013 at 10:52 PM, Bill Stewart <bill.stewart at pobox.com>
>> Datagrams don't give you any useful anonymity,
> ...
> usability for example to support UDP traffic and applications which

Are we necessarily even speaking strictly of UDP 'datagrams'
or applications? For example, I presume there might be something
to be said for software switched packet/cell network stacks. Even if
they are encapsulated in meshes of TCP overlay circuits for the
TCP properties. Streams of buckets passing inside,  be they full of
ham or discarded chaff. The cost is the bandwidth you wish
to dedicate to it, the cpu/ram to pass, route and control it. Can
old ATM transports be anonymized or assist in that...




From eugen at leitl.org  Thu Aug 29 02:33:36 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 29 Aug 2013 11:33:36 +0200
Subject: [tor-talk] About time to make BitTorrent work over Tor,
Message-ID: <20130829093336.GN29404@leitl.org>

----- Forwarded message from grarpamp <grarpamp at gmail.com> -----


From gfoster at entersection.org  Thu Aug 29 10:29:50 2013
From: gfoster at entersection.org (Gregory Foster)
Date: Thu, 29 Aug 2013 12:29:50 -0500
Subject: WaPo on "$52.6 billion 'black budget' for FY2013"
Message-ID: <521F850E.6020806@entersection.org>

Washington Post (Aug 29) - "U.S. spy network’s successes, failures and
objectives detailed in ‘black budget’ summary" by @BartonGellman &
@gregpmiller:
http://www.washingtonpost.com/world/national-security/black-budget-summary-details-us-spy-networks-successes-failures-and-objectives/2013/08/29/7e57bb78-10ab-11e3-8cdd-bcdc09410972_story.html

gf

-- 
Gregory Foster || gfoster at entersection.org
@gregoryfoster <> http://entersection.com/




From grarpamp at gmail.com  Thu Aug 29 10:25:22 2013
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 29 Aug 2013 13:25:22 -0400
Subject: UDP/datagram/cell based networks [was: Why_can't_email_be_secure]
In-Reply-To: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>
References: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>
Message-ID: <CAD2Ti293zbvN3zEwdu-+kd2DYUMvMDaL1CHRpCZG2BZZXAEM3A@mail.gmail.com>

On 8/29/13, grarpamp <grarpamp at gmail.com> wrote:
> On 8/26/13, coderman <coderman at gmail.com> wrote:
>> On Sun, Aug 25, 2013 at 10:52 PM, Bill Stewart <bill.stewart at pobox.com>
>>> Datagrams don't give you any useful anonymity,
>> ...
>> usability for example to support UDP traffic and applications which
>
> Are we necessarily even speaking strictly of UDP 'datagrams'
> or applications? For example, I presume there might be something
> to be said for software switched packet/cell network stacks. Even if
> they are encapsulated in meshes of TCP overlay circuits for the
> TCP properties. Streams of buckets passing inside,  be they full of
> ham or discarded chaff. The cost is the bandwidth you wish
> to dedicate to it, the cpu/ram to pass, route and control it. Can
> old ATM transports be anonymized or assist in that...
>

>> i should have mentioned:

Yes, applying some of the areas you mentioned to building new physical
networks, grafting in pieces of the existing net where needed... good stuff.
Almost everyone can find some cheap 3+ ethernet port
routing capable device these days. Add protocols on top.

I should have been more clear on the topic of my note... right now we
have really good content encryption for I2P/Tor/etc type networks. And
pretty good intelligently random multi hop routing mechanisms.
But because of our silly desire to not fill our pipes with chaff,
we've made it easier in some cases for GPA's [1] to watch and
connect the inputs/outputs across a relatively silent backbone...
whether by timing, or transfer amount over time. Now if you dedicate
N kbps to the net and fill it, and everyone else picks their commit rate
and fills it, that passive weakness goes away. A bit like ATM, you
won't move any more than your rate over it, but you idly fill it
with chaff that gets discarded somewhere else at no extra cost.
Keeping lines full is inverted thinking, so I'm not sure if anyone's
tried to napkin mechanisms for that.

[1] Not ActiveAdversaries. Here's a fun notice from Tor that could
be viewed as a potential targeted isolation attack:
Aug xx hh:mm:ss [notice] We stalled too much while trying to write N
bytes to address [scrubbed].  If this happens a lot, either something
is wrong with your network connection, or something is wrong with
theirs. (fd num, type OR, state n, marked at main.c:line)




From catchalladdress at nym.hush.com  Thu Aug 29 07:01:14 2013
From: catchalladdress at nym.hush.com (catchalladdress at nym.hush.com)
Date: Thu, 29 Aug 2013 15:01:14 +0100
Subject: [liberationtech] Videre: the secretive group on a mission to film human-rights abuses
Message-ID: <mailman.4465.1575949053.62801.testlist@lists.cpunks.org>

http://www.wired.co.uk/magazine/archive/2013/09/features/videre

Somewhere in Africa, a white man gets up and goes to the bathroom. 
He pops up the handle on his wheeled suitcase and pulls it across 
the tiled floor and down a set of steps to the urinal. When he has 
finished he hauls the case back up the steps to the table and parks 
it beside him, within arm's reach. He never lets the object out of 
his sight.


The bag is his life, and it exercises power over many other lives 
too. If it fell into the wrong hands there would be consequences -- 
the contents could cause people to be tortured, or even murdered. 
That's why Wired cannot tell you where he is sitting, nor reveal 
his identity. Nor can we reveal the country -- except to say that 
it's outside Africa -- where he lives with his family. His wife 
exists in a state of anxiety when he is not at home and is often 
irritated when he is, such are the distractions of his work -- 
notably the constant interruptions of his nine phones. She is proud 
of his work, he says, but angry too. The pair are in counselling. 
The phones ring at all hours of the day and night. Often the person 
on the other end of the line is thousands of kilometres away, in 
fear of his or her life, with no one else to turn to. At that 
moment, the man needs to make a decision -- to offer advice or 
direction that could make the difference between life and death. He 
does not carry that burden lightly.

The man must remain anonymous and, for this story, he has asked to 
be known as Carlos. He says that he was brought up in Romania, and 
that he served in the army. He is in his thirties, slightly built, 
and has a beard to make himself look older. We meet in the spring 
of 2013 at an airport in Africa. He asks not to be referred to by 
name in front of anyone else, especially colleagues, who know him 
by different names. Carlos's colleague, Oren Yakobovich (his real 
name), arrives soon afterwards. Yakobovich, 42, is a former Israeli 
soldier who still carries himself with a military bearing. He picks 
up a hire car and drives us through the city, moving slowly in the 
early-morning traffic, and head for the suburbs, to the group's 
regional office. He repeatedly checks the rear-view mirror. "We're 
not being followed, that's for sure," he says. The secrecy is for 
good reason: Yakobovich and Carlos operate a ground-breaking human-
rights organisation that uses video footage -- obtained both openly 
and covertly using hidden cameras -- to tell the stories of people 
suffering at the hands of oppressive, violent regimes. After 
operating in almost total secrecy for the last three years, the two 
men have offered wired unprecedented access to the work of their 
organisation, Videre.

The NGO's name comes from the Latin "Videre est credere", which 
means "to see is to believe". Its mission is to reveal the workings 
of violent regimes through a network of activists who film and 
record abuses and violations of human rights. When necessary, its 
operatives film secretly, tracking the activities of tyrannical 
rulers and their cronies like an intelligence service. It operates 
in several African countries and has a substantial presence in one 
particular troubled nation where state terror and violence are 
widespread. Videre taps into a network of 120 human rights workers 
(referred to as "researchers") in that country who film -- some of 
them at enormous personal risk -- the activities of the state 
security services and their political masters, in some 
circumstances undercover. Each group operates in a cell structure. 
"It's a bit like the network of Al-Qaeda," Carlos explains, and 
then wonders at the wisdom of likening his organisation to the 
world's most notorious terrorist organisation. Another parallel is 
the Provisional IRA, which organised its operatives in small groups 
so each was unaware of what the others were up to -- no individual 
could give the others away if caught.

As head of operations, Carlos feels personally responsible for the 
researchers, as well as the other volunteers and paid staff who 
support them. He shuttles back and forth on long-haul flights 
between hot spots in Africa, his family and Videre's headquarters 
in London. He explains that he's anxious on planes. It's not fear 
of flying, but the thought that, while he's in the air, someone in 
his network will be in trouble and he won't be available to help 
them.

He describes a walk he takes at his home airport from the plane to 
passport control: a walk between one world and another. "I often 
used to cry on that walk, for the tensions, for the things I've 
heard," he says.

Last spring, one activist was caught filming by the security 
services of the oppressive regime in question. This led to another 
arrest and a Videre operative being subject to torture and violent 
interrogation. He was coerced into revealing information about the 
organisation. Carlos has since learned that the security services 
already knew about him, although they are familiar with only one of 
his aliases, and not his real name.



Yakobovich argues that some of the human rights workers are less at 
risk with cameras as the authorities know that reprisals will be 
recorded. However, some activists are targeted by the authorities, 
and some have been captured while filming. Because of this, Carlos 
and others are constantly trying to make the cameras more discreet, 
but without sacrificing their effectiveness. (Those pictured in 
this story are all discontinued.) The devices need to be simple and 
easy to use by people in vulnerable circumstances who may not be 
adept at surveillance or familiar with technology.


Secret filming devices formerly used by VidereLiam Sharp
Carlos has come to show some of the lead researchers the most 
recent hidden-camera designs he's been working on. Videre's covert 
operatives largely use Chinese-made spy cameras that resemble 
memory sticks. Each has a small, rechargeable battery and records 
on to SD cards. The devices can be clipped into shirt pockets, but 
the camera lenses must be visible in order for them to be able to 
function effectively, which exposes some operatives to danger. The 
African state in question knows it is being watched. Political 
activists and militia members have delivered stark warnings. Those 
attending a rally were recently told: "It is a political meeting. 
Is that clear? It's a family affair. No one should record what's 
happening here because it's an internal matter. If we catch you 
recording us, you will be [in] trouble."

Carlos has been hacking the Chinese spy cameras -- he tears them 
apart and uses the components in his prototypes. When he and the 
researchers are happy with a design, they produce it in bulk. He 
once made a chunky, rubberised crucifix with a camera sealed 
inside. At the centre of the cross was a pinhole lens. The device 
was dismissed as bulky and conspicuous. Carlos has built new 
iterations -- prototypes have been brought to Africa for 
consideration by operatives who have travelled to meet him in a 
neighbouring country's capital. It's an 18-hour journey on a 
crowded bus with long delays at the border. Tonight, in darkness, 
Carlos and Yakobovich will cross the city -- observing counter-
surveillance routines designed to thwart anyone following them -- 
to a secret destination where they will meet the researchers.

Videre was founded in 2008 by two Israelis who, unknown to each 
other, had the same idea at a similar time. Yakobovich was raised 
in a right-wing Israeli community near Tel Aviv. As a youth he 
readily accepted the status quo of fervent Israeli nationalism. 
"The Arabs did not exist, they were there but they had no rights 
and didn't deserve a country," he says, explaining his former 
views, over coffee and hummus in a Marylebone hotel, before the 
trip to Africa. He couldn't wait to join the army. He was so 
enthusiastic about conscription that he began training before he 
started, working on his fitness so he would be a better soldier. He 
was quickly promoted to officer. "I had more power at 19 than I 
ever had in my whole life before or since," he explains. "It gives 
you great skills for life."

Serving in Gaza, he says that he was never close enough to confirm 
a kill, but he certainly shot people. "You're up on the Lebanon 
border, there are terrorists coming, you're going in, you start 
shooting…" he says. Mostly, though, he was involved in gathering 
intelligence.

There was no single terrible incident or atrocity that made him 
become disillusioned about the Israeli cause or the way the army 
treated the Arabs. But he became gradually aware that his 
involvement in day-to-day activities, such as checking men, women 
and children at checkpoints, was creating more hate, more enemies --
 and probably more terrorism too. He says his fellow soldiers 
thought of all Arabs as potential enemies, and treated them 
accordingly. He noted how ordinary young Israelis could switch from 
compassion to cruelty. "I gradually realised there was something 
very wrong," he says.

Finally, he refused to go to the West Bank on a guard detail. He 
was supposed to be protecting a secret counterterrorist mission, 
and disobeying an order made him a refusenik. He says he spent a 
month in jail. "I didn't want to do it any more," he says of the 
military. Because he was an officer the conditions in prison were 
tolerable. He infuriated the prison authorities by climbing on the 
roof to salute supporters of the refuseniks on a nearby hill. "But 
no one abused me or beat me -- there was time to think," he says.


Videre footage of citizens and security forces, filmed in an 
unnamed terror-state in Africa
Having served his time, he was released from the army and, 
increasingly aware of the social and political troubles in Israel, 
decided to become a film maker. He thought he could change the 
world, but also meet girls. "I thought it was a very cool thing to 
do... always better than saying you're a banker," he says. He never 
went to film school -- he couldn't afford it -- so he took out a 
loan, bought a camera and started filming, making a series of 
documentaries in the early 2000s that he hoped would stir Israeli 
sentiment. There was a film about the Bedouin, another about 
education for Palestinians, another about the treatment of 
psychiatric patients. He met women too, but nothing really changed 
and he became disillusioned with the insular world of film 
festivals and screenings.



In 2005, out of frustration and hope, Yakobovich joined the Israeli 
human-rights group B'Tselem and gave the organisation's work new 
impetus by setting up a video unit and supplying cameras to 
families living in areas where they were facing daily conflict with 
settlers. The Palestinians filmed openly, not needing to use secret 
cameras. (Yakobovich later -- wrongly -- assumed the same approach 
would be possible in Africa too.) One sequence, from 2007, became 
notorious in Israel, and was also broadcast on the BBC and CNN. At 
a Hebron home that became known as "the cage house", a Palestinian 
family found itself under verbal attack from settlers. One of them -
- a 16-year-old girl -- filmed herself being abused by an Israeli 
woman, who called the teenager a whore.


"Sharmuta Video" - Settler harassment of Palestinians in 
Hebronbtselem
"I think it was very shocking for people to see these words coming 
from a very religious woman," says Yakobovich, who remains a firm 
believer in Israel. "And what was even more shocking was two 
soldiers standing there doing nothing to protect the young girl. 
They are supposed to be a moral army."

Yakobovich's work generated hate mail and death threats, but he 
believes it made a substantial difference by helping to reduce 
violence towards Palestinians in the West Bank. "My strongest 
belief in the human-rights struggle is you don't have a big fight, 
you don't have big wins," he says. "It's the small, uphill battles, 
the small wins that bring about change over time." He started to 
wonder if the same model might make an impact further afield.

Around the same time, Uri Fruchtmann was thinking along similar 
lines. Fruchtmann, who chairs Videre's Board of Trustees, has 
followed an unlikely path to human-rights work: a successful 
entertainment executive, he has produced several films, among them 
Spice World, featuring the Spice Girls. For 12 years he was married 
to Annie Lennox, with whom he has two children. Fruchtmann, 58, is 
a reflective, easy-going character with powerful connections. ( 
Brian Eno -- a friend -- hosted a fund-raising party at his studio 
in the early days of Videre.) It was through a conversation with 
another friend, Terry Gilliam, now a Videre board member, that 
Fruchtmann had the idea of exploiting the rapid obsolescence of 
equipment in the film industry by buying up old cameras, so that 
they could be used to record human-rights abuses. In the 90s, he 
had been involved in an environmental campaign in Majorca where he 
had helped to make a short film explaining the plight of the black 
vulture. The film had raised significant funds for the cause and 
made Fruchtmann consider the potential of film as a weapon for 
human-rights work.

Like Yakobovich, Fruchtmann had made trouble during his own time 
serving in the Israeli army. He had been a conscientious objector 
in the 70s and had been beaten up by his fellow soldiers for not 
observing the rules. According to Fruchtmann, he was called before 
a military court eight times -- each occasion led to another month 
in jail.

"I always had a passion for justice, or a passion against 
injustice," he says, in a restaurant near London's Baker Street in 
May. His parents fled Nazi Germany, losing everything. After the 
army, Fruchtmann became a hippy and travelled round Europe, then 
worked as a photographer in Israel; eventually, like Yakobovich, he 
became a documentary maker -- making two music films, Stir It Up 
and The Atlantic Records Story, both released in 1994 -- before 
producing his first feature, Spice World, in 1997. He now co-owns 
Ealing Studios.

Neither Fruchtmann nor Yakobovich can remember how they met. 
Fruchtmann travelled to the West Bank in 2008 looking for partners 
for his project. "People told me I should talk to Oren," he says. 
"We found each other and went around the West Bank together."

Fruchtmann recalls the filming of the 1991 beating of Rodney King 
as a defining moment on the journey to Videre. King, an African-
American, was attacked by five police officers in Los Angeles. As 
they assaulted King with their batons, they were filmed by a local 
resident. The footage was transmitted around the world. When the 
officers were acquitted, there was widespread rioting. Fruchtmann 
wondered: if every parking violation is being recorded on film, why 
shouldn't human-rights abuses be recorded? He describes the 
approach as "little brother turning the cameras on Big Brother".

"I was forced to dance with a man I didn't know. He said he was my 
husband for the day. They asked me how it felt. I said it was nice 
as I felt I had no choice. I don't even recall the rest who raped 
me afterwards."
Several staff in Videre's regional office sit at screens reviewing 
video footage. Onscreen, ten women who live in a state we can't 
name, describe multiple rapes and terrible violence they suffered 
at the hands of 25 men. They did not know all of their attackers, 
but some still lived in the same communities. One woman speaks of 
remembering how a local politician had urged the men to assault her.



"They randomly took us and shared us among themselves... they only 
finished at dawn," she says. "I was forced to dance with a man I 
didn't know. He said he was my husband for the day. They asked me 
how it felt. I said it was nice as I felt I had no choice. I don't 
even recall the rest who raped me afterwards."

One woman was pregnant when the men came looking for her husband. 
He escaped. "I pleaded for mercy -- they said they didn't care, 
it's politics," she says. "After the lashes, I started bleeding, 
then passed out." She says she was repeatedly raped while 
unconscious. "Later I heard them say it was a boy. I had a 
miscarriage. [A villager] took away my baby. I didn't even know 
where they dumped it." The woman discovered she was HIV positive. 
Ashamed to tell her husband what had happened, she infected him. 
She went to the police to report the rape but "they clapped their 
hands and laughed". The women are speaking because they want the 
perpetrators brought to justice. Videre has used trusted local 
contacts to identify the victims and build confidence among them 
that it is safe to talk. One day, Videre hopes, there will be 
criminal trials. The woman who miscarried says: "It's for us to 
live with the culprits, they are still tormenting us."


Data-mining software creates patterns and networks of rights 
violations by combing the web and Videre footage
Videre has set up the office in the city of the neutral African 
country as a place to collect, process and distribute the footage 
its researchers obtain from the terror state. It's smuggled into 
the country by Videre operatives riding buses. One of the three 
full-time office staff, Eddie (not his real name), meets the 
couriers at the bus terminal, often not knowing who they are or how 
to find them.

"There are always problems collecting the film," says Eddie, a 
bullish, articulate young white man. He sometimes has smooth 
handovers, where a hard drive is handed over concealed inside a 
newspaper or collected from a dead letter drop but, more often than 
not, the courier gets lost, or their phone is dead after the long 
bus journey. The Videre staffer will roam the bus station, 
sometimes on the phone to Carlos in another continent, trying to 
identify the courier.

The Videre office workers know the couriers and researchers only by 
code names: Carlos alone knows their real identities and 
choreographs the entire operation by phone, email and Skype when he 
is away. Every communication is encrypted. Carlos uses HushMail and 
Tor. TrueCrypt encrypts and disguises files and can also protect 
hard drives. If a hard drive is encrypted and is connected to a 
computer that doesn't use TrueCrypt, one click will erase the 
material forever. Footage is recorded on SD cards and copied on to 
hard drives in the country of origin, where it is disguised as an 
MP3 or .mov file and encrypted.

The office contains powerful servers that are stored in a walk-in 
safe. The footage is retrieved from the hard drives before being 
archived and catalogued using CatDV software. There may be many 
hours of tedious, useless footage to screen before there is 
anything worth showing to the world. But if Videre is lucky, some 
footage will be of usable quality. All too often the image is good 
but the sound quality poor, or it's the other way around.

"We have footage of a body in the morgue, beaten, shot -- you can 
see bullets still in his body"
Mike
The archivist, Sonia (not her real name), is a young woman whose 
family comes from the terror state. Her father has been imprisoned 
and her uncle was killed by political rivals. For her the material 
has special relevance. "I don't just watch the footage, I become 
the footage," she says. "We never know who filmed it, I always 
imagine it could be my own father or cousin." She is unable to tell 
family or friends the nature of her work. It's like gold mining, 
she explains: you might sift through 40 hours to find a single 
nugget. She and her colleagues give feedback to Carlos, who passes 
it on to the researchers in the hope they will supply better 
footage.

Sonia's colleague Mike (not his real name) edits the footage for 
distribution. He too is from the terror state and says that 
watching the film can be both depressing and absorbing. Much of the 
footage comes from remote areas where abuses and violations are 
commonplace. The perpetrators believe they can act with impunity as 
they are far from international journalists.

Some researchers are becoming increasingly bold, filming in 
prisons, morgues and open-air rallies where intimidation and the 
threat of violence prevail. "We have footage of a body in the 
morgue, beaten, shot -- you can see bullets still in his body," 
Mike says. "He was a working on a farm where the owners are 
mistreating the employees -- and this visual brought the story 
together."



Mike recently returned to his home country, intending to do some 
filming at a political rally. "But I lost courage and missed the 
action because I was so scared. In the end I had to hide behind a 
truck and start filming."

He can't think of anything as brave as the researchers risking 
their lives. "It makes me sad, man, that something has broken down 
in African society," he says. "We are known for hospitality, for 
community. We rotate during the famine -- today the whole village 
comes to my field, tomorrow to yours. Now people are killing and 
harming each other because of politics."

One of Videre's film packages highlights the politicisation of 
food, in which supporters of the main party are given sacks of seed 
as staple foodstuffs, and opponents are denied food altogether.

"The ethos is not to shock but to effect change and we try to avoid 
the usual African stereotypes, the diet of violence"
Eddie
There is significant emphasis placed on verification of the 
footage. The context is analysed, as is the metadata, which is 
relayed to a team on the ground which then undertakes further 
checks. Translation is done by more than one person to ensure that 
all the nuances of the language used in the clips are understood. 
If there is any doubt as to the veracity of the material, it won't 
be released.

Once it has been edited, Videre's footage is released "free to 
air", to local and regional media and has also been broadcast in 
the US, the UK and elsewhere via the BBC, CNN and other 
organisations. The group's approach is to use targeted distribution 
in mainstream media and also post material on specific YouTube 
channels such as The Human Rights Channel. The content is sometimes 
posted anonymously, and supporters are encouraged to tweet links 
and post them through the social-media news distributor Storyful. 
The organisation has also started using Google and Facebook ads and 
to produce content to directly target specific issues. A recent 
project, recorded openly, was a short film that aims to end the 
practice of female genital mutilation (FGM). One woman describes 
how she used to wield a razor on young girls. She is now an anti-
FGM campaigner. Videre's local partners have been taking the film 
around villages where Yakobovich says it has been having a 
significant impact in combating the practice.

Eddie started work at the regional office last year. On his first 
day he watched footage of a man whose testicles had been smashed 
with a hammer. Videre would not release the footage. "We call that 
kind of extreme violence pornography," says Eddie. "We don't want 
it in the media. The ethos is not to shock but to effect change and 
we try to avoid the usual African stereotypes, the diet of 
violence."

Eddie jokes that, when he applied for the job, Yakobovich 
repeatedly lied about the true nature of the work. The vague 
explanations that he was offered made it seem suspicious. "My 
parents thought they were after my kidneys," he says. Now Eddie 
"lies profusely", arranging hotels for couriers and others, always 
booking in false names and paying cash.


In the charity's office in an neutral African country, Videre 
staffers sift operatives' covertly filmed footageLiam Sharp
The same evening, Yakobovich and Carlos are back in the 4x4, tired 
following their long day and flights. They negotiate their way 
across the city to meet the researchers who have recently arrived 
from the neighbouring country. Two have come on the 18-hour bus 
ride and a third, known as The Chairman, has flown as he is the 
head of the network. Carlos has bought them each a chicken piri 
piri takeaway dinner with bottles of water and Coke. We meet at a 
neutral hotel -- not where they're staying, not where Wired is 
staying. A room has been hired which turns out to be somewhat 
larger than needed, as if for a banquet, so we gather at one end of 
the long table and Yakobovich puts some music on to prevent the 
conversation being overheard or eavesdropped: Hunky Dory by David 
Bowie. Carlos shows the three men his new cameras. They appear 
underwhelmed by his efforts. One model is a rubber-moulded base on 
to which a flag or other image can be added. But it is not the kind 
of thing that could be worn in the terror state. It would stand out.

Two of the men are in their thirties and one is in his twenties. 
All three have wives and children and face grave risks in 
collecting and managing the material and their networks: they have 
been spooked by the recent arrest. The Chairman tells how, when a 
researcher was caught filming at a rally, he was beaten and issued 
with death threats if he failed to disclose his contacts.

"When the manager of the man's network came on his monthly visit to 
collect the footage, he too was arrested," he says. "It was 
terrible, they held him for days without food, they beat him badly 
and then took him to a dam where they threw him in and left him, so 
he expected to drown. They pulled him out and said, OK, now talk, 
and he did give some information."

Videre used lawyers and local fixers to obtain his release. "He was 
very shaken and in pain -- he felt bad about giving the 
information. But we said it was OK, it was better to give some 
information. He had a wife and children, and I reassured them as 
best I could when he went missing. They are brave people -- but the 
risks are there."

The Chairman knows that, like Carlos, the security forces are aware 
of his identity if not his actual name. He faces arrest too, but 
says he is not afraid.

"I haven't been caught yet and I pray it may never happen, I take 
every precaution, but if it comes I am ready for them," he says. 
"The camera is perfect for us. I believe it is the only way to 
achieve democratic change in the country. We do it with passion and 
understanding of the risks. I am ready," he says.

The younger man has just had a child. He gave it a name in tribute 
to Carlos. In spite of his youth, Carlos is like a father figure to 
many of the researchers. He says many have named babies in his 
honour. That's just one of the reasons he cares so much about his 
work and about the people.

As Videre embarks on a fund-raising campaign in the hope of 
expanding its work, the personal cost to Carlos remains high, not 
least to his marriage, and could go higher if he is ever arrested. 
Finally, he and Yakobovich leave the meeting with the researchers 
and head back to their hotel knowing that there is still much work 
to be done.

Is it worth it?

"Yes," Carlos says. "But I couldn't live like this forever."


David James Smith is a writer for The Sunday Times Magazine and was 
Feature Writer of the Year at the British Press Awards 2012


-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From perry at piermont.com  Thu Aug 29 13:46:30 2013
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 29 Aug 2013 16:46:30 -0400
Subject: [Cryptography] The Case for Formal Verification
Message-ID: <mailman.4466.1575949053.62801.testlist@lists.cpunks.org>

Taking a break from our discussion of new privacy enhancing protocols,
I thought I'd share something I've been mumbling about in various
private groups for a while. This is almost 100% on the security side
of things, and almost 0% on the cryptography side of things. It is
long, but I promise that I think it is interesting to people doing
security work.


When I was a student the first time, in the early to mid 1980s, formal
verification was clearly a dead end that would never get anywhere. A
boss of mine once asserted (circa 1988) that there would never be a
verified program that did anything terribly interesting, and at time
he seemed right.

Today, there is a formally verified microkernel called seL4, a
formally verified C compiler called CompCert, a formally verified
experimental web browser called Quark, and lots of other stuff, much
of which I doubtless don't even know about.

_Things have changed_.

Much of what has changed is proof technology, and it is a
technology. The tools for doing formal verification are now, for the
first time, just barely usable for real work on interesting programs,
and getting better all the time. Over the last twenty five years, we
figured out a lot of stuff people didn't know before about how to
write verification tools and how to verify programs, and the results
have been impressive.


There are usually several arguments against formal verification:

1) We don't know what to specify, so what help does proving a buggy
specification do us?

2) Who would bother writing a proof vastly larger than their program?

3) You can't prove programs of interesting size anyway.

So, taking these in reverse order:

For 3 ("you can't prove anything big enough to be useful!"), the Quark
project:
http://goto.ucsd.edu/quark/
showed you don't need to prove a program of interesting size. You can
defend millions of lines of buggy code with a "software firewall" made
of formally verified code. Verify the right thousand lines of code
that the rest needs to use to talk to anything else, and you have very
strong security properties for the rest of the code. seL4 and CompCert
are clearly also quite useful programs.

For 2 ("Who would bother with all that work?"), we have libraries in
daily use like sqlite:
https://www.sqlite.org/testing.html
where the system has a fairly small amount of production code and
literally 1000 times more lines of test code than production code. If
you're willing to write ninety million lines of test to defend ninety
thousand lines of code, formal verification is totally doable.

Sure, it might not be worth it for throw away code or for your new
video game or conference room scheduler where failure isn't a big
deal, but it is *very* clear why you would want to do this for
foundational code of all sorts.

For 1 ("We'll never write a correct spec anyway, so what good is the
proof?"), I think we've been suffering from sour grapes. We didn't
have the ability to prove big things anyway, so why not tell ourselves
that there's nothing interesting and large we could prove that would
be worth proving?

CompCert is a fine counterexample, a formally verified C compiler:
http://compcert.inria.fr/
It works by having a formal spec for C, and a formal spec for the
machine language output. The theorem they prove is that the
compilation process preserves observational equivalence between the
behavior of the C program and the output, which, given correct
notation, is a very small theorem to write down.

You might claim "so what, it is probably actually buggy as hell, the
spec probably isn't really correct anyway, etc." -- except when John
Regehr's group built tools to torture test C compilers, the only
compiler they did *not* find bugs in was CompCert. They found hundreds
of bugs each in every other compiler tested. (They actually found one,
but arguably it was a bug in a Linux include file, not in the
CompCert compiler.)

Similarly, one might claim "there is no way to formally specify a web
browser that won't be just as buggy as the web browser!", but Quark's
formal verification doesn't try to show that the entire Web browser is
correct, and doesn't need to -- it shows that some insecure behaviors
are simply impossible. *Those* are much simpler to describe.

Certainly there may be other properties that turn out to be important
that no one has considered yet. However, unlike testing, if people
discovered a hole in the set of theorems being proven -- some property
that was important but which had not been considered -- then that
could be added to what was proved, and _then the problem would be gone
forever_. Verification means you get actual incremental progress that
you can trust. Testing is much less powerful. (Furthermore, future
systems can learn from what you did and add the needed theorem to what
they prove about their own system.)

I don't think the technology is up to proving huge systems correct --
a fairly unambitious C compiler or a microkernel is the current limit
-- but it is up to proving the right thousand lines of code here and
there without much fuss, and that might make an incredible difference
in systems security if people actually take it seriously.


So, if you're interested, how do you get started doing such things?

At the moment, the best system for doing this sort of work is Coq:
http://coq.inria.fr/

Coq is sort of a programming language (although it is not quite Turing
equivalent -- all programs must be guaranteed to terminate for
technical reasons), sort of a form of constructivist logic (i.e. all
existence proofs construct examples, no law of the excluded middle).

It uses a neat trick called the Curry-Howard isomorphism that may take
some getting used to for people not exposed to modern type theory.  In
it, types and logical propositions are the same thing, and programs
and proofs are the same thing. You can write a function that adds two
numbers, or a function that proves that there are an infinite number
of primes. The type of the former is clearly an integer, but the type
of the latter is the theorem itself.

A proof that proposition A implies proposition B is function of type
A -> B -- any function that takes a proof of A and yields a proof of B
is after all a proof that if A is true then B is true. (This is why
all functions in Coq itself must terminate -- otherwise all types
would be inhabited so all theorems would be true. That in no way
restricts one's ability to build verified non-terminating programs
using the system, you just have to build them by reasoning about
programs that Coq itself can't execute.)

Proofs in Coq are generally not written by hand, though. Instead one
uses a sublanguage called the "tactic language" in which one invokes
help from Coq to interactively assemble a proof, which makes doing the
proof far easier. For many theorems, you can almost completely
automate the proof, while for others, you need to help Coq along
more. (Some of the tactics are quite amazing, "Omega" for example will
prove any assertion about numbers that does not involve multiplication
by a variable, aka "Presburger arithmetic".)

Often, one builds software using Coq by constructing a sort of
formally verified assertion about what the program would do, and then
using a built in Coq facility to mechanically extract that into a
working verified program written in OCaml, Haskell or Scheme. Nothing
in theory prevents you from doing things many in other ways, though --
the system is quite general.

Coq is, sadly, needlessly hard for the beginner. It has poor
documentation, bad error messages and bad error behavior. These are
not inherent problems, they're problems just with this instance of
things -- people could build better if there was enough interest, and
I hope that as these technologies become more popular people will
build far better versions of the tools.

However, bad documentation or no, at the moment, this is the right
place to go I think. It is the system Quark and CompCert were built
in, and not by accident. It is not for the faint of heart -- the
learning curve is very steep. Still, it is quite doable.

The right places to start with Coq are probably Benjamin Pierce's
online Software Foundations textbook:
http://www.cis.upenn.edu/~bcpierce/sf/
and, when one is done with that, possibly Adam Chlipala's online book
"Certified Programming with Dependent Types"
http://adam.chlipala.net/cpdt/

(There's also a manual for the system itself, as well as this book on
Coq: https://www.springer.com/computer/swe/book/978-3-540-20854-9 )

I'm happy to give help to anyone trying to learn how to do this sort
of thing -- we need more people in the world experimenting with
verification if we're going to get truly trustworthy software going
forward.

Let me assert that we *do* need truly trustworthy software, too. We've
been very, very good for years now at finding hole after hole in
running code and making the systems we depend on every day into a
minefield that we dare not take an unconsidered step in. Wouldn't it
be nice to make some progress in the other direction?


Perry
-- 
Perry E. Metzger		perry at piermont.com
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From eugen at leitl.org  Thu Aug 29 08:00:21 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 29 Aug 2013 17:00:21 +0200
Subject: open source drone autopilot
Message-ID: <20130829150021.GE29404@leitl.org>


http://paparazzi.enac.fr/wiki/Lisa/S

Lisa/S

Lisa/S is a very small general purpose autopilot. The main goal of creating an autopilot of minimal size and weight, while providing a lot of functionality is achieved:
Size: 20mm x 20mm x 5mm (0.787" x 0.787" x 0.197")
Weight: 2.8g (0.1oz)
Features
72MHz 32bit ARM Cortex M3 MCU with 16KB RAM and 512KB Flash
Combined 3 Axis Gyroscope and 3 Axis Accelerometer
3 Axis Magnetometer
Barometer (Altimeter)
Onboard U-Blox GPS
Pads to simply connect a Superbit CYRF RC and telemetry module
Switching buck/boost converter allowing wide range of power input making it perfect and stable for operation from a 1S LiPO cell.
2 MOSFET switches connected to PWM output channels
6 PWM (servo) outputs
1 debug UART port
1 CAN interface
1 Bind/Boot tact switch
SWD programming/debugging interface
Size: 20mm x 20mm x 5mm (0.787" x 0.787" x 0.197")
Weight: 2.8g (0.1oz)
Pictures
   
So if you are ready to make your tiny plane fly autonomously,you can already order one here.




From eugen at leitl.org  Thu Aug 29 08:59:37 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 29 Aug 2013 17:59:37 +0200
Subject: [liberationtech] Videre: the secretive group on a mission to film
 human-rights abuses
Message-ID: <20130829155937.GH29404@leitl.org>

----- Forwarded message from catchalladdress at nym.hush.com -----


From coderman at gmail.com  Thu Aug 29 21:51:19 2013
From: coderman at gmail.com (coderman)
Date: Thu, 29 Aug 2013 21:51:19 -0700
Subject: UDP/datagram/cell based networks [was: Why_can't_email_be_secure]
In-Reply-To: <CAD2Ti293zbvN3zEwdu-+kd2DYUMvMDaL1CHRpCZG2BZZXAEM3A@mail.gmail.com>
References: <CAD2Ti2-C5qbR2cfffr+WN2aJFcpcnX2r5KYgh=sOmh7LgoZCaQ@mail.gmail.com>
 <CAD2Ti293zbvN3zEwdu-+kd2DYUMvMDaL1CHRpCZG2BZZXAEM3A@mail.gmail.com>
Message-ID: <CAJVRA1QT9XxeXCwMzUgDj8-u_UO8SPKXF8FAnUrOTf=7wjE6yQ@mail.gmail.com>

On Thu, Aug 29, 2013 at 10:25 AM, grarpamp <grarpamp at gmail.com> wrote:
> ... because of our silly desire to not fill our pipes with chaff,
> we've made it easier in some cases for GPA's [...] to watch and
> connect the inputs/outputs across a relatively silent backbone...

active attacks are often even more effective at rapid traffic
confirmation and analysis[0]; GPA is pretty tame perhaps!


in any case the challenge you mention: thwarting or preventing traffic
analysis without a full mix of constant traffic. if the datagram based
system above existed, combine with:

- stochastic fair queuing and re-ordering of egress traffic. by
"clamping" the outbound rate of randomized, re-ordered datagrams to a
broad "size/chunk" of capacity, you deter traffic confirmation,
anonymity set reduction, and other traffic analysis attacks of various
types.

- client-side classification of application traffic into prioritized
classes[1] for ingress / dgm proxy level active shaping by classful
HTB queues before transiting the first hop and losing all visibility
into the content and priority of message payloads.

- integrate a lowest effort / unreliable background reliable multicast
like bulk transport channel for resource and key pre-caching, network
participant and performance information distribution, secure remote
archives, random performance measurement/tests across peer groups,
other low priority communications suited for this "filler" class of
traffic. (consuming more or less filler traffic helps smooth out the
effective throughput and efficiency when changing the broad
"stochastic traffic capacity range" appropriate for a given peer.)

- provide LEDBAT or AQM management of edge traffic to upstream(s) to
prevent unnecessary latency in upstream buffers. this ensures that
even at full utilization the responsiveness of the broadband link is
excellent.

- and the multi-path SCTP, IPsec, UDP NAT traversal and encapsulation,
and other user space network stacks communicating across this overlay
network as discussed above for requisite application and control
communication support.

these techniques combined allow you to use still not insignificant
"stochastic traffic capacity ranges" instead of a constant fixed
amount of traffic to protect against these attacks.  these stochastic
ranges can be adjusted up or down as network performance and capacity
dictate. this protocol provides congestion control and TCP
friendliness while greatly reducing the amount of bandwidth consumed
relative to a traditional mix.

---

at best (in theory), an attacker with local active and global passive
methods on hand could discern anonymity sets for broad categories /
scales of possible communication usage.  E.g. anon set A exhibits
traffic utilization on the order of 1Mbps to 5Mbps, while anon set B
exhibits traffic utilization on the order of 5Mbps to 50Mbps, and anon
set C exhibits traffic utilization on the order of 50Mbps to 1Gbps,
etc.

given this drawback, code a kick ass client with participation enabled
by default if sufficient connectivity and resources are available.
you've now made these broad traffic volume sets nearly useless in a
practical / actionable sense.


congratulations! you've now got a traffic analysis resistant low
latency anonymity protocol, implementation, and network that nearly
anyone can participate in and contribute to. for my next magic hand
wave, a directory / route selection method that scales to billions of
peers while leveraging geographic propinquity and social peer groups
to constrain Sybil attacks and impact of bad actors.

next grow network capacity in a way that continually applies implicit
feedback from the network overall and peers directly and your
deterrence to these attacks begins to improve further over time,
perhaps even one day hitting a tipping point of prevalence and
persistence for de-facto victory in most threat models...

we can dream!


---


perhaps someone should toss up a Bitcoin donation address to support
work on detailed technical specifications, experimental prototypes,
maintaining clouds for continuous builds, regression checks, load
tests, and traffic analysis for quality measurement and security
improvement[2],

could also use donations for bounties for identifying or exploiting
security or privacy vulnerabilities in the design and implementation
of this final generation anonymous network.  whoever sets this up
should probably use an onion to coordinate development and distribute
sources, other resources...

calling all "tup" s, ...  ;P


---


0. "From a Trickle to a Flood: Active Attacks on Several Mix Types"
  http://freehaven.net/doc/batching-taxonomy/taxonomy.pdf

1. i have mentioned the following classes before, with each in
priority order for the HTB prioritization / shaping before traffic
enters the network and becomes opaque:
 a. control and signalling traffic - always takes precedence.
 b. real-time and interactive communications, but not video.
 c. real-time video communication, if applicable.
 d. low priority bulk communication.  torrents, archives, opportunistic caching
 e. filler / last-tier best effort unreliable traffic as mentioned
above for filling in the remaining capacity at the current stochastic
rx/tx rate center point.


2.  instead of trying to research and author formal proofs of entropy
bounds for various idealized models, cut straight to the chase and
build the most aggressive, best in class developmental learning / deep
learning systems for classification and identification of nodes,
flows, protocols, identities in a test bed setup that provides full
traffic visibility and active client edge MitM capability (E.g.
simulate attack via rogue AP or cell tower for tagging? selective DoS?
others,).  malicious attacks performed by the remote end or injected
by remote's upstream are not in scope for this traffic analysis and
privacy assessment. however, passive capture of all exit
communications and ORCHID hidden endpoint communications is in scope
for analysis.

then, see how effective this best scenario and tools attack is against
a running implementation.  did it fail catastrophically in flames or
break wide open with trivial effort?  keep improving...

respectably hardened against the most aggressive machine learning and
malicious active attacks you could conceive of and build?  great! have
a beer and then find the people who see the oversights and blind spots
you don't.  keep improving... rinse, repeat, ...




From datapacrat at datapacrat.com  Fri Aug 30 00:58:45 2013
From: datapacrat at datapacrat.com (DataPacRat)
Date: Fri, 30 Aug 2013 03:58:45 -0400
Subject: [cypherpunks] Signed vCards
Message-ID: <CAB5WduCiGn8M=ke=GuK08u-5VjUTAXEApjz=iidTd7Qswr=cBg@mail.gmail.com>

I've just submitted the first draft of an Internet-Draft to the IETF.
If it makes it through the whole editing process, it will take an
existing file format used for identity-description, and adds a few
details to allow crypto algorithms to be used for
identity-/assertion/. It may not seem like much, but it could improve
some aspects of hierarchical certificate authorities, encrypted email,
and suchlike. It’s the most important thing I think I’ve been able to
work on in the last little while, and I hope the editing process goes
well.


---------- Forwarded message ----------
From:  <internet-drafts at ietf.org>
Date: Fri, Aug 30, 2013 at 3:33 AM
Subject: New Version Notification for draft-boese-vcarddav-signedvcard-00.txt
To: Daniel Eliot Boese <datapacrat at datapacrat.com>



A new version of I-D, draft-boese-vcarddav-signedvcard-00.txt
has been successfully submitted by Daniel Eliot Boese and posted to the
IETF repository.

Filename:        draft-boese-vcarddav-signedvcard
Revision:        00
Title:           vCard Format Extensions : Signed vCards
Creation date:   2013-08-30
Group:           Individual Submission
Number of pages: 11
URL:
http://www.ietf.org/internet-drafts/draft-boese-vcarddav-signedvcard-00.txt
Status:
http://datatracker.ietf.org/doc/draft-boese-vcarddav-signedvcard
Htmlized:        http://tools.ietf.org/html/draft-boese-vcarddav-signedvcard-00


Abstract:
The base vCard 4.0 specification defines a large number of properties.
This specification adds two new parameters and six new properties to
vCard 4.0, which allow the use of cryptography and public-key
infrastructure (PKI) for identity assertion.

Note

  Discussion and suggestions for improvement are requested, and should
  be sent to vcarddav at ietf.org.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat



Thank you for your time,
--
DataPacRat
"Then again, I could be wrong."




From eugen at leitl.org  Thu Aug 29 23:50:08 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 30 Aug 2013 08:50:08 +0200
Subject: [Cryptography] The Case for Formal Verification
Message-ID: <20130830065008.GM29404@leitl.org>

----- Forwarded message from "Perry E. Metzger" <perry at piermont.com> -----


From janfrode at tanso.net  Fri Aug 30 00:38:52 2013
From: janfrode at tanso.net (Jan-Frode Myklebust)
Date: Fri, 30 Aug 2013 09:38:52 +0200
Subject: [tor-talk] About time to make BitTorrent work over Tor,
In-Reply-To: <20130829093336.GN29404@leitl.org>
References: <20130829093336.GN29404@leitl.org>
Message-ID: <20130830073852.GA3873@mushkin.tanso.net>

On Thu, Aug 29, 2013 at 11:33:36AM +0200, Eugen Leitl wrote:
> ----- Forwarded message from grarpamp <grarpamp at gmail.com> -----
> 
> On 8/26/13, Kostas Jakeliunas <kostas at jakeliunas.com> wrote:
> > On Mon, Aug 26, 2013 at 2:46 PM, Nathan Suchy <
> > theusernameiwantistaken at gmail.com> wrote:
> >
> >> I don't want this for piracy as I have a paid VPN account that is much
> >> faster for that if I decide to pirate. I think we need BitTorrent though
> >> to
> >> work on Tor so Tor Users can securely share files with one another.


> >
> > AFAIK the most obvious issue with this (among more subtle side-channel
> > attack / decloaking problems) is network scalability. Total relay bandwidth
> > available is, while seemingly increasing in general, very limited given
> > such use cases. [1] 

> > How does one scale BitTorrent on top of that?

By adding TOR exit-node functionality into the bittorrent clients, and
giving bittorrent credit score to clients with lots of TOR-traffic. That
would scale the TOR network, and also give plausible deniability to
direct downloads ("wasn't me, it was the TOR exit" ;-)



  -jf




From coderman at gmail.com  Fri Aug 30 12:19:39 2013
From: coderman at gmail.com (coderman)
Date: Fri, 30 Aug 2013 12:19:39 -0700
Subject: [Cryptography] The Case for Formal Verification
In-Reply-To: <20130830065008.GM29404@leitl.org>
References: <20130830065008.GM29404@leitl.org>
Message-ID: <CAJVRA1R_=cmQJBX2zTVq1MHf2WH2JOVUa=b9KY2ycu_B_8Nz8g@mail.gmail.com>

On Thu, Aug 29, 2013 at 11:50 PM, Eugen Leitl <eugen at leitl.org> wrote:
> ...
> Much of what has changed is proof technology, and it is a
> technology. The tools for doing formal verification are now, for the
> first time, just barely usable for real work on interesting programs,
> and getting better all the time...
>
> There are usually several arguments against formal verification:...
> 1) We don't know what to specify, so what help does proving a buggy
> specification do us?

this is the crux; where the human meets the machine is always a large,
evolving, complicated attack surface. e.g. usability and design level
requirements and behavior.

in the order of precedence of security risks, much bigger holes must
be addressed before formal verification provides return on time
invested.

if you're building verified compilers, or micro kernels, or core
libraries, this doesn't apply to you. ;)

i want seL4 in a Qubes isolation model, formally verified CryptoBox,


> 2) Who would bother writing a proof vastly larger than their program?

this makes no sense to me; patently absurd on the face of it.

why test code with clusters that are larger than your build systems?

why do we exist? ...

utility of quality measures can not be judged on superficial metrics
like "size in GB" or "processor hours".  anyone using this argument as
a disqualifier is not qualified to make such an assessment.



> 3) You can't prove programs of interesting size anyway.
> ...
> For 3 ("you can't prove anything big enough to be useful!"), the Quark
> project:
> http://goto.ucsd.edu/quark/
> showed you don't need to prove a program of interesting size. You can
> defend millions of lines of buggy code with a "software firewall" made
> of formally verified code.

this is a great approach and fits in well with other security through
isolation defense in depth.  combining the strengths of formal
verification at critical core points within a system, and then
leveraging that robust core to isolate, constrain, mediate between
higher level applications seem most reasonable, tractable, with the
best return on time invested.

if i had a wishlist it would be:
- 64bit CompCert (not just 64bit int support :)
- verified virtualization isolation model (seL4 Qubes like system?)
- verified crypto_sign_edwards25519sha512batch and
crypto_sign_nistp256sha512ecdsa implementations
- verified compression, regexp, and other common libraries that are
useful at the security boundary between isolated domains or
applications.

some of the work done for quark might be partially applicable to some
of the above, but most of the verification is browser specific
(related to things like messaging and tab isolation, proper cookie
handling, socket communication, etc.)

where's the github for Coq kernels?




> So, if you're interested, how do you get started doing such things?
> ...
> Coq is, sadly, needlessly hard for the beginner. It has poor
> documentation, bad error messages and bad error behavior. These are
> not inherent problems, they're problems just with this instance of
> things -- people could build better if there was enough interest, and
> I hope that as these technologies become more popular people will
> build far better versions of the tools.

some other good resources:

ProofWeb: http://prover.cs.ru.nl/login.php
 particularly the courses available for the online interface to Coq.

frama-c: http://frama-c.com/
 i just came across this, it looks quite useful, but have not used it
in any depth yet...



> ... we need more people in the world experimenting with
> verification if we're going to get truly trustworthy software going
> forward.


Lemma stating_the_obvious:
 (* formal verification as a useful component of defense in depth is
self-evident *)
Qed.


“The future is here. It's just not widely distributed yet.”
-- Gibson




From grarpamp at gmail.com  Fri Aug 30 12:21:16 2013
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 30 Aug 2013 15:21:16 -0400
Subject: [tor-talk] About time to make BitTorrent work over Tor,
In-Reply-To: <20130830073852.GA3873@mushkin.tanso.net>
References: <20130829093336.GN29404@leitl.org>
 <20130830073852.GA3873@mushkin.tanso.net>
Message-ID: <CAD2Ti28BvLjTdr7xZcP16yCdBnWQG0dZi85Y9vwNamvA_j1cxg@mail.gmail.com>

On 8/30/13, Jan-Frode Myklebust <janfrode at tanso.net> wrote:
>> > On Mon, Aug 26, 2013 at 2:46 PM, Nathan Suchy
>> >> I don't want this for piracy as I have a paid VPN account that is much
>> >> faster for that if I decide to pirate. I think we need BitTorrent
>> >> though
>> >> to
>> >> work on Tor so Tor Users can securely share files with one another.

>> > AFAIK the most obvious issue with this (among more subtle side-channel
>> > attack / decloaking problems) is network scalability. Total relay
>> > bandwidth
>> > available is, while seemingly increasing in general, very limited given
>> > such use cases. [1]
>> > How does one scale BitTorrent on top of that?

> By adding TOR exit-node functionality into the bittorrent clients, and
> giving bittorrent credit score to clients with lots of TOR-traffic. That
> would scale the TOR network ...

Tor does not currently scale as simply as that. Therefore whatever
you try to scale on top of Tor will not scale either. All using exits will
do (roughly speaking) is cause Tor to fail 1/2 as fast as using the
purely internal approach would. BT is further badly hampered since
UDP and inbound bindings are unavailable under the current exit model.

Tor's design is generally "move a lot of browsers over a few exits",
anything else is bonus, at least historically. At the moment, if you're
trying to move to millions of p2p users, not just hundreds of tinkerers,
you're better off enhancing Tor first or writing or finding another secure
transport that scales better. Then moving it all off the clearnet once and
for all. But that appears to be beyond the typical scope of thinking in the
BT space, you know, because it's not fast and it's sooo harrrddddd man.

Tor is good stuff, but like anything else, only good when used within
its model. Supposedly i2p welcomes torrenting. Millions? Ask i2p.

> ... and also give plausible deniability to
> direct downloads ("wasn't me, it was the TOR exit" ;-)

No, not really.




From meskio at sindominio.net  Fri Aug 30 07:10:27 2013
From: meskio at sindominio.net (Ruben Pollan)
Date: Fri, 30 Aug 2013 16:10:27 +0200
Subject: [tor-talk] About time to make BitTorrent work over Tor,
In-Reply-To: <20130830073852.GA3873@mushkin.tanso.net>
References: <20130829093336.GN29404@leitl.org>
 <20130830073852.GA3873@mushkin.tanso.net>
Message-ID: <20130830141027.6875.96630@hermes>

Quoting Jan-Frode Myklebust (2013-08-30 09:38:52)
> On Thu, Aug 29, 2013 at 11:33:36AM +0200, Eugen Leitl wrote:
> > ----- Forwarded message from grarpamp <grarpamp at gmail.com> -----
> > > How does one scale BitTorrent on top of that?
> 
> By adding TOR exit-node functionality into the bittorrent clients, and
> giving bittorrent credit score to clients with lots of TOR-traffic. That
> would scale the TOR network, and also give plausible deniability to
> direct downloads ("wasn't me, it was the TOR exit" ;-)

If you have a tor exit-node some sites are block or give you problems, like 
google, wikipedia or irc.freenode.org. To activate an exit node by default will 
annoy a lot of users.

-- 
Rubén Pollán  | http://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My new OpenPGP key:
   gpg --recv-key 0xC732B1D1C28F4E2F
Migration statement from the old key:
   http://meskio.net/key/statement
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130830/33c0dd03/attachment.sig>

From jon at callas.org  Fri Aug 30 16:12:41 2013
From: jon at callas.org (Jon Callas)
Date: Fri, 30 Aug 2013 16:12:41 -0700
Subject: Who bought off Zimmermann?
In-Reply-To: <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
Message-ID: <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>


On Aug 25, 2013, at 5:36 PM, John Young <jya at pipeline.com> wrote:

> Phil probably means the infrastructure of email is the vul not the
> crypto. Crypto alone is sterile, a boy in a bubble which requires
> life support which can be assaulted.
> 
> 

That's precisely what we mean.

The crypto is the easy part. The hard part is the traffic analysis, of which the worst part is the Received headers. Everyone should look at their own headers -- especially people on this list and at least comprehend that your email geotracks you forever, as it's all in the Mailman archive.

There are plenty of other leaks like Message-ID, Mime-Version, X-Mailer, the actual separators in MIME part breaks, and so on. 

It's absolutely correct that some combination of VPNs, Tor, remailers of whatever stripe, and so on can help with this, but we're all lazy and we don't do it all the time.

What we're learning from Snowden is that they're doing traffic analysis -- analyzing movements, social graphs, and so on and so forth. The irony here is that this tells us that the crypto works. That's where I've been thinking for quite some time.

Imagine that you're a SIGINT group trying to deal with the inevitability of crypto that works being deployed everywhere. What do you do? You just be patient and start filling in scatter plots of traffic analysis.

The problem isn't the crypto, it's SMTP.

	Jon






From ei8fdb at ei8fdb.org  Fri Aug 30 09:29:05 2013
From: ei8fdb at ei8fdb.org (Bernard Tyers - ei8fdb)
Date: Fri, 30 Aug 2013 17:29:05 +0100
Subject: [tor-talk] About time to make BitTorrent work over Tor,
In-Reply-To: <20130830073852.GA3873@mushkin.tanso.net>
References: <20130829093336.GN29404@leitl.org>
 <20130830073852.GA3873@mushkin.tanso.net>
Message-ID: <7AE7F2BE-E5CB-4C18-9E52-C3BB92CFDAB8@ei8fdb.org>


On 30 Aug 2013, at 08:38, Jan-Frode Myklebust <janfrode at tanso.net> wrote:

> By adding TOR exit-node functionality into the bittorrent clients, and
> giving bittorrent credit score to clients with lots of TOR-traffic. That
> would scale the TOR network, and also give plausible deniability to
> direct downloads ("wasn't me, it was the TOR exit" ;-)

I like the idea, but I think that would draw possibly bad coverage to Tor (Tor fuels pirate/illegal download yada yada) , something already they have to deal with (Tor is used by paedos/turrists).




--------------------------------------
Bernard / bluboxthief / ei8fdb

IO91XM / www.ei8fdb.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130830/451fb017/attachment.sig>

From coderman at gmail.com  Fri Aug 30 21:36:31 2013
From: coderman at gmail.com (coderman)
Date: Fri, 30 Aug 2013 21:36:31 -0700
Subject: Lavabit and End-point Security
In-Reply-To: <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
References: <20130809144310.GA29800@tuzo>
 <CAJVRA1T5N=DF1zZpXZRsbaPFe069vyeR996CchGNVkKAwumnuw@mail.gmail.com>
Message-ID: <CAJVRA1SkdvNxtOsjjyyNF13G5UJbS1sstvTgH0qefJkkhOemWw@mail.gmail.com>

On Sun, Aug 11, 2013 at 2:27 AM, coderman <coderman at gmail.com> wrote:
> ...
> 4. rootkit and backdoor your own systems - use the dirty tricks to
> observe and constrain your system before someone else uses dirty
> tricks to compromise your system.


a good presentation which suggests this technique, among other useful ideas:

"Attack Driven Defense"
http://www.slideshare.net/zanelackey/attackdriven-defense




From grarpamp at gmail.com  Fri Aug 30 20:43:57 2013
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 30 Aug 2013 23:43:57 -0400
Subject: Who bought off Zimmermann?
In-Reply-To: <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
Message-ID: <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>

> On 8/30/13, Jon Callas <jon at callas.org> wrote:
> What we're learning from Snowden is that they're doing traffic analysis --
> analyzing movements, social graphs, and so on and so forth. The irony here
> is that this tells us that the crypto works.

Are we sure? This seems to tell us they are doing traffic analysis and so forth.
It doesn't seem to say much about cryptanalytic capabilities. For all we know
they could have all the crypto in the bag but need analysis to identify
talkers due to people being exceedingly careful about the message content.

"Blue hen rides over the book on the left side when the sun is low.
Do you copy?"

Now if someone leaked all the secret crypto capabilities docs out
in public, or someone else got in trouble solely from what they
properly encrypted, then we'd know whether or not the crypto works.




From jon at callas.org  Sat Aug 31 00:13:28 2013
From: jon at callas.org (Jon Callas)
Date: Sat, 31 Aug 2013 00:13:28 -0700
Subject: Who bought off Zimmermann?
In-Reply-To: <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
 <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
Message-ID: <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>

On Aug 30, 2013, at 8:43 PM, grarpamp <grarpamp at gmail.com> wrote:

> Are we sure? This seems to tell us they are doing traffic analysis and so forth.
> It doesn't seem to say much about cryptanalytic capabilities. For all we know
> they could have all the crypto in the bag but need analysis to identify
> talkers due to people being exceedingly careful about the message content.

I consider delivering a zero-day to be a form of cryptanalysis. I believe that they do, too. I've been harping on that for some time.

> 
> "Blue hen rides over the book on the left side when the sun is low.
> Do you copy?"
> 
> Now if someone leaked all the secret crypto capabilities docs out
> in public, or someone else got in trouble solely from what they
> properly encrypted, then we'd know whether or not the crypto works.

I recognize that I have a tendency to be glib in one sentence and then rigorous in another and that's a character flaw. It's glib to say both "the crypto works" and "zero days are cryptanalysis" in many respects.

When I say, "the crypto works" I mean the basic structures. We know how to build block ciphers. We figured out hash functions a few years ago. We understand integer-based public-key cryptography well enough that it gives us the creeps. We kinda sorta understand ECC, but not as well as we think we do. I think our understanding of ECC is like our understanding of hash functions in 2003. Meow.

The protocols mostly work, except when they don't. The software is crap. It's been nearly fifteen years since Drew Gross enlightened me by saying, "I love crypto; it tells me what part of the system not to bother attacking."

Look at it anthropicly. We know the crypto works because the adversary says they're looking at metadata. To phrase that differently, they're looking at metadata because the crypto works! Look at things like Fishbowl, even. It's easy to get dazzled by the fact that Fishbowl is double encryption to miss that it's really double *implementations*.

The crypto works. The software is crap.

Think like the adversary. Put yourself in their shoes. What's cheaper, buying a 'sploit or cracking a cipher? Once you start buying 'sploits, why not build your own team to do them yourself, and cut out the middleman? Every other part of the tech world has seen disintermediation, what makes you think this is different.

On the other end of things, there's traffic analysis. We have seen -- stuff -- from them over the last decade. Papers on social graph analysis, pattern analysis. Emphasis on malware, validation, and so on. 

Here's another analogy. Imagine that you're looking at a huge, fantastically complex marching band. You're trying to figure out who all is doing what to what parts of the music and it's horribly complex. And then accidentally one day, you lose the audio feed and then realize that it's *easier* to tell what the band is doing when the sound is off.

Aphasiacs are (so I am told) good at telling truth from lies because they look at the face rather than listen to the voice. They analyze the metadata, because they can't hear the data and it works *better*.

Traffic analysis is what you do if your feed from the marching band loses its audio. It's what you do if you're aphasiac -- which is *exactly* what happens when the crypto works, by the way.

Thus with a large budget, you do both. With one hand, you crack the crypto by cracking the software. When it works it works. When it doesn't, it doesn't. Stop stressing. With the other hand, you revel in the glory of silence. In silence you can think. You watch the band, you watch square dance. You just watch who is pairing with whom, where the lines cross and the beats are. Sometimes you can even guess the tune by watching the dance (which is also cryptanalysis).

And all of that is why the problem in email isn't the crypto, it's SMTP.

	Jon





From mag_foto at mac.com  Fri Aug 30 18:57:33 2013
From: mag_foto at mac.com (MARK GORE)
Date: Sat, 31 Aug 2013 01:57:33 +0000 (GMT)
Subject: =?ISO-8859-1?B?UmU6IFtsaWJlcmF0aW9udGVjaF0gV2h5IGNhbpJ0IA==?=
 =?ISO-8859-1?B?ZW1haWwgYmUgIHNlY3VyZT8gLSBTaWxlbnQgQ2lyY2w=?=
 =?ISO-8859-1?B?ZSBCbG9n?=
In-Reply-To: <E1VDiJl-00007Q-FB@elasmtp-masked.atl.sa.earthlink.net>
Message-ID: <67f6fb58-a753-4af0-a758-43147e4bd3bb@me.com>

J_Y is red hot! This motherfucker can write, hell I can't stop reading tis... like a dog smelling his own piss. Anyways; couldn't you of, summed up the lovely line items/goddamn Bar?
Cheer's _Mg

On Aug 25, 2013, at 06:00 PM, John Young <jya at pipeline.com> wrote:

> A swell beginning, for email to be merely one way to
> communicate, supplemented with unlimited other
> ways which do not require email, or for that matter,
> the Internet or any digital means.
>
> Presume that digital means are the easiest to fuck with,
> sorry, subvert, corrupt, pack with junk, surveil, harvest,
> store, search, forge, track, make your own list on your
> digital device and expect it to be violated accordingly
> and used against you whether you know or not, usually
> not. Here especially.
>
> Now the other means, non-digital, ancient and amply
> used and understood among those who use them
> although susceptible to the digital vulnerabilites if
> considerable more difficult:
>
> Paper
> Music
> Sound
> Dance
> Architecture
> Plastic arts
> Graphic arts
> Poetry
> Drum
> Glossalia
> Jokes
> Holler
> Gypsy
> Mime
> Chant
> Curse
> Vulgarity
> Sex
> Sin
>
> And much more everybody uses with greater facility
> than digital emissions.
>
> Note that conventional lanugages are not on the list
> because of the heavy reliance upon them to communicate
> and thus most heavily scutinized and attacked, usually
> successfully.
>
> Language is like metadata, with only its mastery the content
> can be followed from end to end, then the ends burgled,
> beat, cut, shot, persuaded to talk in plain language.
>
> Steagonagraphy is not on the list unless it is non-digital,
> and if not, then hiding communication has great potential.
> Its weakness is finding a means, non-digital, for preparation
> and transceiving.
>
> For example, architecture is an ancient means of communication,
> among its funders, designers, builders, maintainers, destructors,
> restorers, investors, evaluators, burgler, surveyors, surveillors,
> protectors, attackers, underminers, repairers, materials suppliers,
> excavators, and a host of participants -- the list of guilds and unions
> and professionals is vast -- perhaps one of the largest cohorts
> of quasi-private aggregations on earth lagging only farmers
> if taken to mean any form of human construction. I flatter
> myself, so do yourself likewise.
>
> Similarly, just about any specialty of human intercourse has
> its quasi-private, esoteric, unique means of communication.
> The human body specialists -- scientific, shamanistic, soulseeking --
> along with its pschobabbling corollary, generates a fantastic
> array of marketable, if not wholly, believable garble and
> gibberish. Politics and law the most vivid at laying on the
> self-serving shit about the necessity of government and
> the rule of law(yers).
>
> Now back to the simple task of communicating in private.
> Before that, a side note, the end is near:
>
> First do not expect anyone to believe anything using the
> word "security." So comsec is dead due to abuse. Maybe
> compriv is better, understanding that privacy has become
> a crock of shit too.
>
> "Shit bag" (thanks to Assange) Natsec needs to go as well
> because it has been abused the most of all since assuming
> the parmount importance of a secular religion prevailing
> over all belief-systems with deadly weaponry, heartlessness,
> amorality, criminality and unaccountability, motto: fuck with
> it and you will die. Much evidence of motto in deed. And
> much evidence it will be used against its insiders.
>
> This is relevant to private communication. Natsec really
> hates being cut out of any kind of communication. It
> will use virtually unlimited means to get inside, most
> of them kept secret and manifestly violent if needs
> be.
>
> So compriv should not be promoted as capable to
> exclude natsec's prying, stealing, owning, using to
> demolish with its opponents. OTR is futile, BTW,
> as comsec.
>
> Wind compriv down to comchat. Then wind comchat
> down to comgossip, to comwhine, comjoke, comlie,
> comlurk, comslur, com-social engineer. You get the
> point. Do nothing life-threatening or natsec defying
> by com-whatever. Communications is owned by
> those who provide its means and they are owned
> by extremely badass natsec ritualists willing to
> barbecue your beloveds to share the goodness
> carefully prescribed in their secret manuals of
> unlimited warfare.
>
> In conclusion, there you have it, com-bat, the most
> reliable means of communication. Anything less is
> com-ical.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5054 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130831/95f9df63/attachment.txt>

From grarpamp at gmail.com  Sat Aug 31 02:05:57 2013
From: grarpamp at gmail.com (grarpamp)
Date: Sat, 31 Aug 2013 05:05:57 -0400
Subject: Who bought off Zimmermann?
In-Reply-To: <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
 <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
 <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
Message-ID: <CAD2Ti28gpk6j9vm=Z0FLCNqHEGOy+LFL_qGnb9Z+vdBi99jsZw@mail.gmail.com>

On 8/31/13, Jon Callas <jon at callas.org> wrote:
> Thus with a large budget, you do both. With one hand, you crack the crypto
> by cracking the software. When it works it works. When it doesn't, it
> doesn't. Stop stressing. With the other hand, you revel in the glory of
> silence. In silence you can think. You watch the band, you watch square
> dance. You just watch who is pairing with whom, where the lines cross and
> the beats are. Sometimes you can even guess the tune by watching the dance
> (which is also cryptanalysis).

I agree. Perhaps to extend my thought... right now we have a lot of current
data (whether officially or leaked) from our favorite adversaries
about the above.
Yet only a tiny amount of data about the crypto. True, we can infer data about
the crypto by seeing the growth in the above known alternatives, and from our
own understanding of the crypto, the effectiveness of such alternatives, and
from history. But that's not the same as directly seeing what the adversary has
under their hat regarding the crypto. More of a note to watch our own
inferences.




From decoy at iki.fi  Fri Aug 30 21:26:54 2013
From: decoy at iki.fi (Sampo Syreeni)
Date: Sat, 31 Aug 2013 07:26:54 +0300 (EEST)
Subject: Who bought off Zimmermann?
In-Reply-To: <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
Message-ID: <alpine.DEB.2.00.1308310713310.24615@lakka.kapsi.fi>

On 2013-08-30, Jon Callas wrote:

> The crypto is the easy part. The hard part is the traffic analysis, of 
> which the worst part is the Received headers.

So, how would one go about a gateway which strips all of it on the way 
into/out of an onion router, without jeopardizing that basic 
functionality which can at all survive after anonymization?

At least to me it would seem that you can't adopt a firewall mindset 
where you just blacklist/shave-off certain features and options. If you 
want to be certain, you'll have to have an exacting parser which only 
accepts as an input language something "clean". Probably on the pain of 
rejecting a whole lot of otherwise common or even valid emails and such.

Has anybody tried to write a truly anal parser/normaliser/rejecter to 
date?

> There are plenty of other leaks like Message-ID, Mime-Version, 
> X-Mailer, the actual separators in MIME part breaks, and so on.

All except Message-ID can be dropped without jeopardizing service. 
Message-ID, well, that's just such a basic part of the service that 
you'd have to go with zero knowledge proofs in a funky and expensive way 
if you wanted to get rid of that one.

> It's absolutely correct that some combination of VPNs, Tor, remailers 
> of whatever stripe, and so on can help with this, but we're all lazy 
> and we don't do it all the time.

We need them *too*. Doesn't mean we shouldn't sanitise our outgoing (and 
incoming, because of replies) email all the same. Automatically. With 
minimum hassle. On as many platforms as needed.

> What we're learning from Snowden is that they're doing traffic 
> analysis -- analyzing movements, social graphs, and so on and so 
> forth.

True Names. They're now there. So let's deal with the problem.

> The problem isn't the crypto, it's SMTP.

Yes, SMTP is the basest problem. It's difficult to get around envelop 
addresses in the clear and all that. But above you talked about 
something within the protocol which *can* be sanitised. Let's do that, 
programmatically, at least, and right now. After that, it's suddenly 
*much* easier to deal with the address on the envelope.
-- 
Sampo Syreeni, aka decoy - decoy at iki.fi, http://decoy.iki.fi/front
+358-40-3255353, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2




From adam at cypherspace.org  Sat Aug 31 01:05:07 2013
From: adam at cypherspace.org (Adam Back)
Date: Sat, 31 Aug 2013 10:05:07 +0200
Subject: why not disable external mail, keep intenal mail (Re: Who bought off
 Zimmermann?)
In-Reply-To: <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
 <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
 <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
Message-ID: <20130831080507.GA7052@netbook.cypherspace.org>

More precisely its the exposed meta-data in the SMTP.  But why would you use
meta-data rich transport for silent circle internal-mail?  (Internal-mail I
mean silent circle user to silent circle user vs external mail being smtp
mail to silent circle user or silent circle user to smtp mail user).

I said it before, but again: why not cancel external mail, and leave the
internal mail working - silent circle obviously have the tech for that
because they have SMS equivalent in-mail.  Good for you: users who want to
continue to communicate will encourage the people they are communicating
with to also pay for subscriptions.  Maybe you could allow people to give
each other gifts of 1month membership, which you hope they extend
themselves; or some referal system with a bonus free month to the existing
user etc.

Now there might be some software legacy, but that seems straight forward
enough.  The crypto gap is purely the in and out mail.  (Other than forced
software changes, but others have discussed how to combat that issue, and
some claim legal advice is that its harder for the mil-int community to
legally force companies to change their software.  (Hushmail saga not
withstanding!)

Adam

On Sat, Aug 31, 2013 at 12:13:28AM -0700, Jon Callas wrote:
>On Aug 30, 2013, at 8:43 PM, grarpamp <grarpamp at gmail.com> wrote:
>
>> Are we sure? This seems to tell us they are doing traffic analysis and so forth.
>> It doesn't seem to say much about cryptanalytic capabilities. For all we know
>> they could have all the crypto in the bag but need analysis to identify
>> talkers due to people being exceedingly careful about the message content.
>
>I consider delivering a zero-day to be a form of cryptanalysis. I believe that they do, too. I've been harping on that for some time.
>
>>
>> "Blue hen rides over the book on the left side when the sun is low.
>> Do you copy?"
>>
>> Now if someone leaked all the secret crypto capabilities docs out
>> in public, or someone else got in trouble solely from what they
>> properly encrypted, then we'd know whether or not the crypto works.
>
>I recognize that I have a tendency to be glib in one sentence and then rigorous in another and that's a character flaw. It's glib to say both "the crypto works" and "zero days are cryptanalysis" in many respects.
>
>When I say, "the crypto works" I mean the basic structures. We know how to build block ciphers. We figured out hash functions a few years ago. We understand integer-based public-key cryptography well enough that it gives us the creeps. We kinda sorta understand ECC, but not as well as we think we do. I think our understanding of ECC is like our understanding of hash functions in 2003. Meow.
>
>The protocols mostly work, except when they don't. The software is crap. It's been nearly fifteen years since Drew Gross enlightened me by saying, "I love crypto; it tells me what part of the system not to bother attacking."
>
>Look at it anthropicly. We know the crypto works because the adversary says they're looking at metadata. To phrase that differently, they're looking at metadata because the crypto works! Look at things like Fishbowl, even. It's easy to get dazzled by the fact that Fishbowl is double encryption to miss that it's really double *implementations*.
>
>The crypto works. The software is crap.
>
>Think like the adversary. Put yourself in their shoes. What's cheaper, buying a 'sploit or cracking a cipher? Once you start buying 'sploits, why not build your own team to do them yourself, and cut out the middleman? Every other part of the tech world has seen disintermediation, what makes you think this is different.
>
>On the other end of things, there's traffic analysis. We have seen -- stuff -- from them over the last decade. Papers on social graph analysis, pattern analysis. Emphasis on malware, validation, and so on.
>
>Here's another analogy. Imagine that you're looking at a huge, fantastically complex marching band. You're trying to figure out who all is doing what to what parts of the music and it's horribly complex. And then accidentally one day, you lose the audio feed and then realize that it's *easier* to tell what the band is doing when the sound is off.
>
>Aphasiacs are (so I am told) good at telling truth from lies because they look at the face rather than listen to the voice. They analyze the metadata, because they can't hear the data and it works *better*.
>
>Traffic analysis is what you do if your feed from the marching band loses its audio. It's what you do if you're aphasiac -- which is *exactly* what happens when the crypto works, by the way.
>
>Thus with a large budget, you do both. With one hand, you crack the crypto by cracking the software. When it works it works. When it doesn't, it doesn't. Stop stressing. With the other hand, you revel in the glory of silence. In silence you can think. You watch the band, you watch square dance. You just watch who is pairing with whom, where the lines cross and the beats are. Sometimes you can even guess the tune by watching the dance (which is also cryptanalysis).
>
>And all of that is why the problem in email isn't the crypto, it's SMTP.
>
>	Jon
>
>




From eugen at leitl.org  Sat Aug 31 01:47:26 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 31 Aug 2013 10:47:26 +0200
Subject: what to install on a secure communication device
Message-ID: <20130831084726.GZ29404@leitl.org>


I'm looking to build a list for reasonably secure (no snake oil)
ways to communicate (search, store, etc.). My ad hoc list so far is:

Pidgin/OTR
cables 
Jitsi
Tor
YaCy
RetroShare
TorChat
Tahoe LAFS
GnuNet

No doubt I'm missing a lot. Any further suggestions?




From eugen at leitl.org  Sat Aug 31 02:19:54 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 31 Aug 2013 11:19:54 +0200
Subject: So I discovered that my HP laptop leaks/transmits its built-in mic
 audio somewhere around 24Mhz
Message-ID: <20130831091954.GA29404@leitl.org>


http://www.reddit.com/r/RTLSDR/comments/1le3if/so_i_discovered_that_my_hp_laptop_leakstransmits/

So I discovered that my HP laptop leaks/transmits its built-in mic audio
somewhere around 24Mhz (self.RTLSDR)

submitted 23 hours ago by cronek

I accidentally stumbled upon a signal in the 24MHz range, appearing to be 4
carriers. I tuned to it and heard silence, then someone came into my office
and started talking and I could hear them speak. The signal appeared to be
coming from my other laptop (not the one running the SDR) and was pretty weak
(my antenna, the crappy one that comes with the dongle, stuck to a metal
stapler was right next to the HP laptop). Here's a picture

Both mics transmit independently, in the picture I rubbed one mic. The signal
appears to be mirrored.

When I tap the microphone, or make a loud noise that would clip the preamp,
the signal drifts off and then slowly comes back to its original frequency,
as illustrated here (only one of the two mics drifted, if I hit it harder or
clip both mics, both will drift).

I'm pretty sure that if I build a nice high-gain antenna optimized for 24Mhz
I would be able to pick up the sound from some distance away. The laptop is
an EliteBook 8460p. I have checked identical laptops and they do not transmit
at this frequency. I didn't have the time to scan the full spectrum though.
I'm guessing the preamp is really crappy and somehow ends up transmitting FM
at HF freqs.

Anyone has any ideas about this? I work in a high security setting and having
laptops transmitting audio from everyone's office/meeting room etc is a
really big deal. I somewhat doubt it to be an intentional listening device
due to the weird frequency drifting. For now I guess I'll just disconnect the
mic preamp pcb.




From jya at pipeline.com  Sat Aug 31 08:57:10 2013
From: jya at pipeline.com (John Young)
Date: Sat, 31 Aug 2013 11:57:10 -0400
Subject: Who bought off Zimmermann?
In-Reply-To: <CAD2Ti28gpk6j9vm=Z0FLCNqHEGOy+LFL_qGnb9Z+vdBi99jsZw@mail.g
 mail.com>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
 <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
 <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
 <CAD2Ti28gpk6j9vm=Z0FLCNqHEGOy+LFL_qGnb9Z+vdBi99jsZw@mail.gmail.com>
Message-ID: <E1VFnXP-0006GL-Qt@elasmtp-kukur.atl.sa.earthlink.net>

Emitting signal that "crypto works" is a hoary practice, nothing
more useful than a belief in an uncrackable means of comms,
used often in war and commerce and love affairs. Crypto-AG,
AES, PGP, Tor, OTR, offline exchange of keys, the list is
growing with each disclosure that something stinks in crypto
ex-cess.

Getting the best and brightest (BAB) to affirm that crypto works,
say by open and limited competitions as well as by confidential
testing results leaked, would be a part of that campaign.

Leaking other forms of attack, like metadata, would be another
part, bit by bit, authenticity heightened by obligatory redactions
and vetting by quiet government consultation.

Presume Snowden dribbling juicy comsec architecture and data,
witting or unwitting of their ulterior purpose as beautifully
crafted to appear suspicious to BABs but so tasty to be irresistable
as a floating British officer corpse stuffed with secret war
plans retrieved by the Germans.

Until all of Snowden's booty is released and carefully studied by
virulently suspicious and paranoid BABs not snared by sweet
contracts to muse and declare authenticity, it cannot be seen
as more than an ingenious ruse, likely with the complicity of
the BABs once believed to be poorly-paid angels dancing
on a pinhead.

The saluatory benefit of these ruses is to shock the shit out
of the lazy and arrogant comfuckers whose stake is put at
risk by being left out of the ruse, not easy to do if they are
lulled into complacency by admiration, handsome pay,
invites to classified dances, insured and pensioned by
NDAs, well, hell, why else raise a ruckus with ruses like
crypto lists and fora and history confabbing at NSA.

None of this is intended to impugn the few BABs who
remain outside secret circles, or at least appear to do
so in best and brightest ways. And don't invoke a hoary
NSL as basis for silence.

It does intend to impugn denial of the inevtiable
failure of crypto alone or in concert with infrastructure.
Remember that 1997 NSA paper foretelling the fail.
Was that a ruse too?

If I was a BAB looking for a edge on the competition
for ruses, I might blurt that crypto deception is the
essence of crypto, that is why it works so well. 





From zookog at gmail.com  Sat Aug 31 07:12:07 2013
From: zookog at gmail.com (Zooko O'Whielacronx)
Date: Sat, 31 Aug 2013 14:12:07 +0000
Subject: [tahoe-dev] reproducible builds for Tahoe-LAFS: where do we start?
Message-ID: <mailman.4467.1575949053.62801.testlist@lists.cpunks.org>

Folks:

Here's some recent news:

http://m.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html

That article says that the U.S. espionage agencies have
surreptitiously installed sophisticated malware on tens of thousands
of remote machines, and have plans to increase that number into the
millions.

It is important to remember that while the U.S. espionage
establishment is the one that is currently having its activities and
plans exposed, it is not the only one of its kind. It is safe to
assume that there are many other organizations with similar
capabilities engaged in similar activities. It is also likely that
some of those groups are engaged not in warfare but in industrial
espionage or other kinds of theft or sabotage.

In this modern world, it would be very useful if you could check
whether the binaries that you are running are the same as the binaries
that other people are running that were ostensibly built from the same
source code.

That way, implanted malware would be more likely to be exposed. This
is the idea of "reproducible builds", as championed by Tor ¹, Bitcoin
², and Debian ³. LWN.net recently had a nice overview article about
this: ⁴.

Now: how do we start? We have a trac ticket:

https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2057# reproducible builds

But I don't understand what the next step on the path to really
protecting users. The situation we're considering here is that a user
is installing Tahoe-LAFS, for example by running "sudo apt-get install
tahoe-lafs" on Debian, and the computer that was used to build the
tahoe-lafs Debian package had malware running on it, that inserted a
backdoor into the tahoe-lafs Debian package. How can we help users to
defend against that?

There are lots of other packagers which provide installable versions
of Tahoe-LAFS to their users. For example, the "pkgsrc/NetBSD" system
⁵, whose Tahoe-LAFS package is maintained by Greg Troxel, who reads
this mailing list.

If you click on the big friendly blue "Download Tahoe-LAFS" button on
the front page of https://Tahoe-LAFS.org, it takes you to a menu of
packages provided by different free-and-open-source operating systems.

One thing that worries me about this issue is that it is one of those
things were different open source projects can reasonably assume that
it is Someone Else's Problem to fix this. I've often seen this: when
there is an issue that spans multiple open source projects, that it is
hard to make progress on that issue, since every open source project
has a theory of how it ought to be fixed by some other open source
project taking responsibility for it.

So what can we do to push on this issue now?

Regards,

Zooko

¹ https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise

² https://en.bitcoin.it/wiki/Release_process

³ https://wiki.debian.org/ReproducibleBuilds

⁴ http://lwn.net/Articles/564263/

⁵ ftp://ftp.netbsd.org/pub/pkgsrc/current/pkgsrc/filesystems/tahoe-lafs/README.html
_______________________________________________
tahoe-dev mailing list
tahoe-dev at tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5




From datapacrat at gmail.com  Sat Aug 31 11:22:44 2013
From: datapacrat at gmail.com (DataPacRat)
Date: Sat, 31 Aug 2013 14:22:44 -0400
Subject: what to install on a secure communication device
In-Reply-To: <20130831084726.GZ29404@leitl.org>
References: <20130831084726.GZ29404@leitl.org>
Message-ID: <CAB5WduCCQsnhXrBhpZKm8BzNogXogB=tXYfJLKrPCRJSRoBafw@mail.gmail.com>

On Sat, Aug 31, 2013 at 4:47 AM, Eugen Leitl <eugen at leitl.org> wrote:
>
> I'm looking to build a list for reasonably secure (no snake oil)
> ways to communicate (search, store, etc.). My ad hoc list so far is:
>
> Pidgin/OTR
> cables
> Jitsi
> Tor
> YaCy
> RetroShare
> TorChat
> Tahoe LAFS
> GnuNet
>
> No doubt I'm missing a lot. Any further suggestions?

TrueCrypt-encrypted data saved on microSD cards sent over sneakernet,
optionally hidden in a hollow bootheel?

Small amounts of sensitive data stored in innocuous-seeming formats
through steganography (eg,
http://www.jjtc.com/Steganography/tools.html ), made publicly
available?


Thank you for your time,
--
DataPacRat
"Then again, I could be wrong."




From lee at guardianproject.info  Sat Aug 31 14:01:37 2013
From: lee at guardianproject.info (Lee Azzarello)
Date: Sat, 31 Aug 2013 17:01:37 -0400
Subject: what to install on a secure communication device
In-Reply-To: <20130831084726.GZ29404@leitl.org>
References: <20130831084726.GZ29404@leitl.org>
Message-ID: <CAJq8BAN2SAZ8y68jDXeKCjb7uJvx0VYcJA128sDgZuEovKgZgQ@mail.gmail.com>

Jitsi does OTR too, though it's a little weird to set up. A small team
I work with is using SparkleShare, which you can set up to use an SSH
tunnel as a connection proxy and even make sshd listen over a hidden
service, so that's pretty cool though a bit of an esoteric process for
your unaware teammates. I still use PGP email (actually more over the
last 4 months) and Thunderbird and Enigmail still work on all
platforms.

-lee

On Sat, Aug 31, 2013 at 4:47 AM, Eugen Leitl <eugen at leitl.org> wrote:
>
> I'm looking to build a list for reasonably secure (no snake oil)
> ways to communicate (search, store, etc.). My ad hoc list so far is:
>
> Pidgin/OTR
> cables
> Jitsi
> Tor
> YaCy
> RetroShare
> TorChat
> Tahoe LAFS
> GnuNet
>
> No doubt I'm missing a lot. Any further suggestions?




From eugen at leitl.org  Sat Aug 31 08:34:14 2013
From: eugen at leitl.org (Eugen Leitl)
Date: Sat, 31 Aug 2013 17:34:14 +0200
Subject: [tahoe-dev] reproducible builds for Tahoe-LAFS: where do we start?
Message-ID: <20130831153414.GE29404@leitl.org>

----- Forwarded message from Zooko O'Whielacronx <zookog at gmail.com> -----


From coderman at gmail.com  Sat Aug 31 18:23:11 2013
From: coderman at gmail.com (coderman)
Date: Sat, 31 Aug 2013 18:23:11 -0700
Subject: So I discovered that my HP laptop leaks/transmits its built-in
 mic audio somewhere around 24Mhz
In-Reply-To: <20130831091954.GA29404@leitl.org>
References: <20130831091954.GA29404@leitl.org>
Message-ID: <CAJVRA1SYamy8gVYMatB4PHH3TCBBRK=m2dAAYE60FNT2BAAiRw@mail.gmail.com>

On Sat, Aug 31, 2013 at 2:19 AM, Eugen Leitl <eugen at leitl.org> wrote:
>
> http://www.reddit.com/r/RTLSDR/comments/1le3if/so_i_discovered_that_my_hp_laptop_leakstransmits/
>
> So I discovered that my HP laptop leaks/transmits its built-in mic audio
> somewhere around 24Mhz (self.RTLSDR)


pretty interesting; xmits continuously when powered. during POST, no
effect if on/off/disabled in BIOS.

:P




From StealthMonger at nym.mixmin.net  Sat Aug 31 12:04:38 2013
From: StealthMonger at nym.mixmin.net (StealthMonger)
Date: Sat, 31 Aug 2013 20:04:38 +0100 (BST)
Subject: Who bought off Zimmermann?
In-Reply-To: <E1VFnXP-0006GL-Qt@elasmtp-kukur.atl.sa.earthlink.net> (John
 Young's message of "Sat, 31 Aug 2013 11:57:10 -0400")
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
 <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
 <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
 <CAD2Ti28gpk6j9vm=Z0FLCNqHEGOy+LFL_qGnb9Z+vdBi99jsZw@mail.gmail.com>
 <E1VFnXP-0006GL-Qt@elasmtp-kukur.atl.sa.earthlink.net>
Message-ID: <20130831190438.5C484BF53@snorky.mixmin.net>

John Young <jya at pipeline.com> writes:

> ... an ingenious ruse, likely with the complicity of the BABs ...

Yep.  World-class protracted human engineering.  Maybe it takes a poet
like John Young to express it.

> None of this is intended to impugn the few BABs who remain outside
> secret circles ... [a]nd don't invoke a hoary NSL as basis for
> silence.

Thanks John for identifying for us non-poets your intended targets.


-- 


 -- StealthMonger <StealthMonger at nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?
   http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html


Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20130831/337dac71/attachment.sig>

From jon at callas.org  Sat Aug 31 20:15:25 2013
From: jon at callas.org (Jon Callas)
Date: Sat, 31 Aug 2013 20:15:25 -0700
Subject: why not disable external mail,
 keep intenal mail (Re: Who bought off Zimmermann?)
In-Reply-To: <20130831080507.GA7052@netbook.cypherspace.org>
References: <20130825235403.BDDC4EAABC@snorky.mixmin.net>
 <E1VDkki-00033w-Hj@elasmtp-curtail.atl.sa.earthlink.net>
 <B17A972C-221C-46D6-826E-2C1EC92F8160@callas.org>
 <CAD2Ti28PSao5rmMHU8zybwjXWjg_WBScXA3YOrjgZin_=5wRTA@mail.gmail.com>
 <34A48E2C-9760-4007-ACC1-0A8D6E0D2193@callas.org>
 <20130831080507.GA7052@netbook.cypherspace.org>
Message-ID: <3D2D394F-DCC9-4A3A-9384-7B0041C82244@callas.org>


On Aug 31, 2013, at 1:05 AM, Adam Back <adam at cypherspace.org> wrote:

> More precisely its the exposed meta-data in the SMTP.  But why would you use
> meta-data rich transport for silent circle internal-mail?  (Internal-mail I
> mean silent circle user to silent circle user vs external mail being smtp
> mail to silent circle user or silent circle user to smtp mail user).
> 
> I said it before, but again: why not cancel external mail, and leave the
> internal mail working - silent circle obviously have the tech for that
> because they have SMS equivalent in-mail.  Good for you: users who want to
> continue to communicate will encourage the people they are communicating
> with to also pay for subscriptions.  Maybe you could allow people to give
> each other gifts of 1month membership, which you hope they extend
> themselves; or some referal system with a bonus free month to the existing
> user etc.
> 
> Now there might be some software legacy, but that seems straight forward
> enough.  The crypto gap is purely the in and out mail.  (Other than forced
> software changes, but others have discussed how to combat that issue, and
> some claim legal advice is that its harder for the mil-int community to
> legally force companies to change their software.  (Hushmail saga not
> withstanding!)


I believe that when one is on a team, the more senior one is on the team, the more one has the responsibility to discuss the *team* decision even when one's opinion was different. Actually, *especially* when one's personal decision was different. Every decision has reasons for and reasons against. One's job as a senior team member is to talk about the way one came to the decision for, and not about the reasons against.

I just had a short conversation with Mike Janke about this issue and this discussion, and with his leave I'm going to go against my normal beliefs.

Silent Circle is Mike's vision. He did physical security in a variety of countries and saw that people who are expats from anywhere in anywhere else have a lot of issues they have to face that are all secure communications. Moreover, these people are told "no" all the time (don't use Skype, don't use Gmail, don't trust SMS, don't use cell phones, landlines) and never "yes." The initial vision of Silent Circle was to give those people a "yes." There are (were) three pillars of that vision to give people yesses -- voice/video/etc., texting etc., and email etc.

When I wrote that the email was "something of a quandary," that means that Mike was always for it and I was always against it. I see the other side of it and believe that something that's email-like is essential. We have an architecture for how we're going to grow texting into "messaging" and that will be email-like with true end-to-end security for internal mail. It is a ways off. There are lots of things to work on, from user experience to syncing across devices -- each with real security.

In the meantime, what do the users do? We did a lot of talking to end users, and what they want and need is more than just internal email. They need it to be connected to the Internet. Part of the use case includes that someone wants to send a subscriber a PDF of an insurance form, rental agreement, or so on that the subscriber needs to print out, sign, scan, and send back. A number of them said that what they really wanted as much as anything was an email system run by people who give a damn about security as much as the crypto itself. Whatever that means.

Mike was (and is) a happy customer of one of the existing secure email systems for years, understood its limitations and thought that a useful system could be made out of a conventional email infrastructure augmented by PGP Universal. I was on the other side. PGP Universal is designed for a different use case, a different threat model, blah, blah, blah. You've heard me say it, so I won't repeat it.

When I rationally looked at the facts of the situation, Silent Mail's proposed security was *different* than other secure email systems, but similar. If someone uses it "securely" then it's very good, and when they use it "conveniently" it isn't worse than any of the other convenience-minded secure email systems. Moreover, and getting to the real brass tacks here, Mike's the boss. It's his dream and his money funding it. As an interim system to have, it isn't that bad.

Additionally, one of my bugaboos about security is something I call "security arrogance." Security arrogance is when the security person tells the users what their threat model should be. It's closely related to another thing I talked about a decade ago that I called "the security cliff" -- you start with no security and to get to security, you have to climb a cliff rather than ascend a ramp in that you can't stop halfway up. I believe that one of the ways we security people shoot our clients in the foot is to focus on the ways that security is imperfect and thus argue that less-than-perfect security is worse than no security.

Okay, fine. Hoist by my own petard. Silent Mail, ho!

I'll also add that other team members were of course, spread all over the essential quandary here from thinking it was wonderful to being conflicted to thinking that Silent Mail was worse than nothing.

Development-wise, we had some plans to improve Silent Mail -- specifically, one of the tasks was to make a network widget that would scrape offending headers out of SMTP. However, note that we're a startup. Life is not a zero-sum game, but development is. Every iota of effort that's spent propping up SMTP is an iota that's not going to making its replacement. This ended up being a different sort of quandary. The people who accepted Silent Mail warts and all (or shock, horror liked it) like the idea of the new "messaging" system even better. Thus, propping up SMTP didn't really have any champions, and it's not like we have people sitting around doing nothing. We all considered Silent Mail to be a stop-gap.

Let me fast-forward up to the day before we shut Silent Mail down. One of the major requests that we had was to split the suite of products up. We were working on precisely that. (And it should go live next week.) In fact, we were *discussing* a breakup of the suite even before Silent Mail went live, and we noted that it became a legacy product after being up for about a week.

As there was more and more news about state-sponsored espionage (China, Countries Starting With The Letter 'I', etc.), we got more "business" customers and they were as a rule not interested in secure email that was not under the direct control of their own IT. Post-Snowden, the people who thought, "It's good enough" became fewer. The proportion of users who were using Silent Mail was about 5% of the total.

Every account has a page where you set up your devices, and there's a link to click to set up Silent Mail. Only people who clicked that link got set up, and the 5% number is the people who set it up, so that's obviously an upper bound of people using it.

We had been discussing shutting it down -- that 5% figure is either an argument for why it just isn't succeeding as a product, or an argument why the people who are using it understand it and its limitations. It was a discussion item for our September BoD meeting. My plan was to suggest we stop taking new orders and subscription renewals as part of the suite break-up, and then just let it fade away. I was, in fact, lobbying hard for that. I believe I would have prevailed at the board meeting, but of course I'd think that.

Your suggestion about making it be internal-only was something I'd be willing to compromise on. However, remember that much of the whole *point* of Silent Mail is that it's a well-run Internet Email System.

Now let's get to the day we shut it down. I had been at the VoIP conference, ClueCon, in Chicago. As luck would have it, I finished up early and failed to get standby on an early flight home. Others of us were scattered with other travel. One of my major thoughts was what if there's paperwork on its way, and that paperwork doesn't know I'm in an airport lounge? When I finally got Mike on the phone, he said, "You did the right thing. I'm glad you're my partner." Interestingly, the guys who work for me told me after that they had decided that they would delete things themselves if things went on for another couple hours.

I know this has been long, so let me sum up answers to your questions:

* Silent Mail was always a debate between perfect and good enough. It was even a debate over what it means to be good enough.

* The people who thought it was good enough don't think like you and me, and I think their point of view has it's own validity.

* The people who wanted it wanted it to be an Internet Email System above all. Even in the design of the new thing, it has to be connected to the Internet so that someone on the Internet can send you an email. Pulling back to being internal-only would not meet the goals of the people who wanted it.

* We're a startup. We only have so many resources, and no one was the champion of making Silent Mail better. The people who thought it was good enough didn't see the point in making it better, and the people who thought it wasn't good enough didn't see the point either.

I hope this helps explain.

	Jon