From grarpamp at gmail.com  Fri May  1 03:41:44 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 1 May 2015 06:41:44 -0400
Subject: Surveillance forces journalists to think and act like spies
In-Reply-To: <20150430143136.E08E422809F@palinka.tinho.net>
References: <BA23F759-CEEC-48C4-98D8-0B5B201D73A6@icloud.com>
 <20150430143136.E08E422809F@palinka.tinho.net>
Message-ID: <CAD2Ti28QVsGJ9jg96mzdaLKK4EwUCZfaEcqJWBTdnc7PXWoD_g@mail.gmail.com>

On Thu, Apr 30, 2015 at 10:31 AM,  <dan at geer.org> wrote:
> The advance of technology seems to be making everyone like spies
> and so forth.

/ coderman wrote:
/ and the hacker has today?

We are all independant spies and intel agencies, complete
with various responsibility, ethic and philosophy.

/ you see cyber as dual use. does same apply to spy?
/  ( gotta know side channels to close the side channels ... )

Cyber like a career?, it usually constrains to follow good or bad path.
But the spy can be selective in its use. And the more self aware it
becomes, the more that use tends toward what non spies would
consider bad.

> Hal Varian somewhat famously said that what the
> rich have today everyone will want tomorrow.  I'd suggest that
> what the intelligence community has today the rich will want
> tomorrow.

And in many cases, what intel has today, the rich
gave them yesterday.

> so much in the wider world where I have concluded that the cure for
> technologic threats is not more technology, but less.

Now that we're becoming, are able to, and have built some
of the systems early cpunks could previously only think of
and warn about, we'll get to see if tech continues to be
sprayed about as a liberal be-all cure-all, or develops
some conscious genuine brakes.

> since I'm on the record, I may as well admit it
>
>   We Are All Intelligence Officers Now
>   2014 RSA Conference, California
>   http://geer.tinho.net/geer.rsa.28ii14.txt

That record coming from the CISO of In-Q-Tel ;)




From drwho at virtadpt.net  Fri May  1 10:40:02 2015
From: drwho at virtadpt.net (The Doctor)
Date: Fri, 01 May 2015 10:40:02 -0700
Subject: Opinions of qwertycards.com?
In-Reply-To: <343971346.200506.1430451922341.JavaMail.yahoo@mail.yahoo.com>
References: <1430288265.3622.19.camel@moonpatrol>
 <343971346.200506.1430451922341.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <5543BA72.2020401@virtadpt.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 04/30/2015 08:45 PM, jim bell wrote:

> It would make _a_bit_ more sense if a person appended a fixed
> randomized string (of their OWN construction, one that nobody else
> knows...) to their usual password, perhaps AFTER ALSO customizing
> that password using the name of the website too.  However, it would
> certainly be

I know a couple of folks who travel regularly who use this:

https://github.com/gardners/whirlenig

Their usage model is this: Unique Whirlenig disks are generated and
used for their passwords.  The passphrase used to generate the unique
Whirlenig disk is memorized.  They travel with a burner laptop with no
local password storage or sensitive information, just Git installed.
At the destination they check out the repo and re-generate their
Whirlenig disk, then print and assemble it locally.  The Whirlenig
assembly is securely destroyed (I presume by burning, I don't ask)
prior to departure.  I don't know what their on-storage cache
destruction protocols are like (my guess is RAMdisk, no swap on storage).

- -- 
The Doctor [412/724/301/703/415] [ZS]

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"Oh, boy." --Sam Beckett

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJVQ7pyAAoJED1np1pUQ8RkFfgQAIrU0DfFTd1ZT6FqYiPqVOaM
svrHz244Pq3+8aCObkWOG5FzJJXfAtDllqwt+KRYT68t/mnm+XxuuMU81K5I+HXq
K8y6oKBY4536zZJR66/RpqTo/gsfPh9qE52vh4ygXCohcjhwSzcrneEWZthnCd0u
ocKbLi1vKyyU3qderKpNd+jH0JWtIo+IRAWiIUDV94X4wS9QruNltouC7Q+gNkQy
n6AQYfNQK5S08i0B/6dUxT6Y80jHNVGLuciAnuQ7EKkK3ZUV27FwKFXQikYctglN
4StVn4iRfhGcqv8wPkKc0Yp7eX3PlcuehHldQ/67oXzGX/+1lBi/xY+m+Ic3wmGN
ZwazEtiTR9ioqrL28rsN+jM3Gi23EqBWhskigUu5q74bdIjjOIVz9calzO9/w4rR
QHzm9ZjM0RX2QAQxPAO1VLFrut3NDiWmMYQ5qaGypsSNNOh44s3Ed1DctFbWtUbp
SEP8+w6MMuJ0Mf/wcOmXwob4tT/pHbcw4xieB9pu0FzxeqEmwkf6Xxqf5DT7Zv2h
jaG0Y3AVP4VHFjMb0Kz/W5/RebuXc/qxQLxhuPKHud+rShPyi2ljGf5EkP7Onao6
pauBAPAsCE6eDbY/6t23YyY4MmQN3wU043iWiYmlXU5mtTBGXLJ24pZmRohXAerU
SoY0MNGBCiVD5D7EwBSD
=qwpq
-----END PGP SIGNATURE-----




From danimoth at cryptolab.net  Fri May  1 02:09:24 2015
From: danimoth at cryptolab.net (danimoth)
Date: Fri, 1 May 2015 11:09:24 +0200
Subject: any going to Nepal?
In-Reply-To: <CAOsGNSR3C1KC+dWdgqM3NkqAiJPXhG_wsmys8C1ZsAj9p7zoXA@mail.gmail.com>
References: <CAOsGNSR3C1KC+dWdgqM3NkqAiJPXhG_wsmys8C1ZsAj9p7zoXA@mail.gmail.com>
Message-ID: <20150501090924.GA27013@miyamoto>

On 01/05/15 at 07:39am, Zenaan Harkness wrote:
> To help establish new mobile base stations, internet network, etc?
> 
> Ham radios are being used right now, but longer term there's lots of
> tourist dollars that need mobile phone homes and connections, along
> with the rest.
> 
> If you work ok with others, are able to travel and passionate for our
> collective future, perhaps now is a moment.


Clean water is still missing and you encourage to worse the situation
for "tourist dollars" ?

Our collective future trained by "tourist dollars" ? What's up in your
mind, dude?

With love

d.




From ygwald at brandeis.edu  Fri May  1 09:38:57 2015
From: ygwald at brandeis.edu (Y G)
Date: Fri, 01 May 2015 12:38:57 -0400
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
Message-ID: <mi0a71$8t4$1@ger.gmane.org>

On 04/30/2015 08:57 PM, Griffin Boyce wrote:
> Georgi Guninski wrote:
>> How are the Baltimore riots going?
>>
>> https://en.wikipedia.org/wiki/2015_Baltimore_riots
>>
>>> Mandatory curfew effective April 28 – May 5 from 10pm-5am
> 
> Aloha from Baltimore,

Is there any way that the protests could use help on the tech front?

I heard a bunch of things about the Baltimore PD being sure to keep
track of livestreams and I think also checking Twitter photos?

So maybe someone running their own StatusNet or Pump.io or something, so
that the Baltimore PD aren't at least getting the data firehosed from
the source?
(Of course, that would require getting the message out to everyone to
switch...)






From guninski at guninski.com  Fri May  1 03:02:37 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 1 May 2015 13:02:37 +0300
Subject: How are the Baltimore riots going?
In-Reply-To: <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
Message-ID: <20150501100237.GA2516@sivokote.iziade.m$>

On Thu, Apr 30, 2015 at 08:57:59PM -0400, Griffin Boyce wrote:
> 
> Aloha from Baltimore,
> 
>   The protests have been peaceful of late, and actually fairly
> peaceful overall.  The police, however, have not been.  Despite
> claiming to be basically terrified of black people congregating in

Did the riots caused (much) damage to citizens not
affiliated with the government?

I would expect all sufficiently large riots to
cause some collateral damage.

-- 
georgi




From Rayzer at riseup.net  Fri May  1 13:52:12 2015
From: Rayzer at riseup.net (Razer)
Date: Fri, 01 May 2015 13:52:12 -0700
Subject: How are the Baltimore riots going?
In-Reply-To: <20150501133537.GC2516@sivokote.iziade.m$>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <554260B0.50407@riseup.net> <20150501133537.GC2516@sivokote.iziade.m$>
Message-ID: <5543E77C.6090702@riseup.net>

On 05/01/2015 06:35 AM, Georgi Guninski wrote:
> On Thu, Apr 30, 2015 at 10:04:48AM -0700, Razer wrote:
>> prosecutor, even as they leak 'evidence' Gray 'beat himself to death'
>>
> I don't believe this.
>
> As the police joke says: "The arrested committed suicide,
> shooting himself in the head three times in the same place".
>

I was raided once in a ground floor apartment with a street window by
cops who, when the ones at the door said "Let us in!", the cops in the
window said "Come in!" and down went the door.

Let me know when you find out police officers are typically corrupt thugs.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150501/92400ee8/attachment.sig>

From Rayzer at riseup.net  Fri May  1 13:59:16 2015
From: Rayzer at riseup.net (Razer)
Date: Fri, 01 May 2015 13:59:16 -0700
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <mi0a71$8t4$1@ger.gmane.org>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
Message-ID: <5543E924.8060401@riseup.net>



On 05/01/2015 09:38 AM, Y G wrote:
> Is there any way that the protests could use help on the tech front? I
> heard a bunch of things about the Baltimore PD being sure to keep
> track of livestreams and I think also checking Twitter photos? So
> maybe someone running their own StatusNet or Pump.io or something, so
> that the Baltimore PD aren't at least getting the data firehosed from
> the source? (Of course, that would require getting the message out to
> everyone to switch...) 

One of the high profile sites covering the Baltimore protests,
FergusonAction, is being 'protected', including dedicated DNS, by
Cloudflare.

That means Cloudflare, owned by the creator of "Operation Honeypot" and
known to be quite friendly with the feds, 'haz all ur metadataz'

I discovered that this morning and tumbl'd it, with the rest of what I
know about Cloudflare, here:
http://auntieimperial.tumblr.com/post/117874632894

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150501/1df691ef/attachment.sig>

From mirimir at riseup.net  Fri May  1 13:26:58 2015
From: mirimir at riseup.net (Mirimir)
Date: Fri, 01 May 2015 14:26:58 -0600
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <mi0a71$8t4$1@ger.gmane.org>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
Message-ID: <5543E192.8030800@riseup.net>

On 05/01/2015 10:38 AM, Y G wrote:
> On 04/30/2015 08:57 PM, Griffin Boyce wrote:
>> Georgi Guninski wrote:
>>> How are the Baltimore riots going?
>>>
>>> https://en.wikipedia.org/wiki/2015_Baltimore_riots
>>>
>>>> Mandatory curfew effective April 28 – May 5 from 10pm-5am
>>
>> Aloha from Baltimore,
> 
> Is there any way that the protests could use help on the tech front?

OPSEC training!

> I heard a bunch of things about the Baltimore PD being sure to keep
> track of livestreams and I think also checking Twitter photos?

Yes, and using Stingray. Protesters, or at least key organizers, need to
be running apps to detect and block IMSI catchers. And everyone not
using them needs to put their phones in Faraday bags. So they also need
to know how to make Faraday bags from aluminum foil and duct tape.

> So maybe someone running their own StatusNet or Pump.io or something, so
> that the Baltimore PD aren't at least getting the data firehosed from
> the source?
> (Of course, that would require getting the message out to everyone to
> switch...)

Yes.




From guninski at guninski.com  Fri May  1 04:28:12 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 1 May 2015 14:28:12 +0300
Subject: Surveillance forces journalists to think and act like spies
In-Reply-To: <20150430143136.E08E422809F@palinka.tinho.net>
References: <BA23F759-CEEC-48C4-98D8-0B5B201D73A6@icloud.com>
 <20150430143136.E08E422809F@palinka.tinho.net>
Message-ID: <20150501112812.GB2516@sivokote.iziade.m$>

On Thu, Apr 30, 2015 at 10:31:36AM -0400, dan at geer.org wrote:
> ....  I'd suggest that
> what the intelligence community has today the rich will want
> tomorrow.  

I disagree with this.
You appear to assume the intelligence community is
"independent", which appears false to me.

IMHO the intelligence community have boss/es outside
of it, which are definitely not poor.

Pretty sure this is true for Bulgaria (member of EU).

The intelligence community is just a tool, like an
admin is.


Maybe our definitions of "rich" differ.

-- 
georgi




From ygwald at brandeis.edu  Fri May  1 12:14:35 2015
From: ygwald at brandeis.edu (Y G)
Date: Fri, 01 May 2015 15:14:35 -0400
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <20150501170258.GD2516@sivokote.iziade.m$>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <20150501170258.GD2516@sivokote.iziade.m$>
Message-ID: <mi0jas$vrl$1@ger.gmane.org>

On 05/01/2015 01:02 PM, Georgi Guninski wrote:
> On Fri, May 01, 2015 at 12:38:57PM -0400, Y G wrote:
>> On 04/30/2015 08:57 PM, Griffin Boyce wrote:
>>> Georgi Guninski wrote:
>>>> How are the Baltimore riots going?
>>>>
>>>> https://en.wikipedia.org/wiki/2015_Baltimore_riots
>>>>
>>>>> Mandatory curfew effective April 28 – May 5 from 10pm-5am
>>>
>>> Aloha from Baltimore,
>>
>> Is there any way that the protests could use help on the tech front?
>>
> 
> Maybe doxing the baltimore police will shed some light
> on the murder of Freddie Gray.
> 

Are the cops responsible for it not the ones being charged?
If they are, CNN has the doxx. (
http://www.cnn.com/2015/05/01/us/freddie-gray-police-charges/index.html )

("Responsible" here means "directly responsible", as opposed to
"responsible by virtue of participating and encouraging the abusive and
violent police culture")


I personally am against Doxxing -- in general, I'm only okay with it
when there has been a public demand for the identity of a public
official, which has been refused.
Because then they're the ones potentially putting innocent people in
danger. There were clearly other options.

(Depending on the circumstances, "against" could mean anything from
"actively yelling at people doing it" to "just staying out of spreading
it, and telling other people to too".)




From guninski at guninski.com  Fri May  1 06:35:37 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 1 May 2015 16:35:37 +0300
Subject: How are the Baltimore riots going?
In-Reply-To: <554260B0.50407@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <554260B0.50407@riseup.net>
Message-ID: <20150501133537.GC2516@sivokote.iziade.m$>

On Thu, Apr 30, 2015 at 10:04:48AM -0700, Razer wrote:
> prosecutor, even as they leak 'evidence' Gray 'beat himself to death'
>

I don't believe this.

As the police joke says: "The arrested committed suicide,
shooting himself in the head three times in the same place".




From dan at geer.org  Fri May  1 13:55:23 2015
From: dan at geer.org (dan at geer.org)
Date: Fri, 01 May 2015 16:55:23 -0400
Subject: Surveillance forces journalists to think and act like spies
In-Reply-To: Your message of "Fri, 01 May 2015 14:28:12 +0300."
 <20150501112812.GB2516@sivokote.iziade.m$>
Message-ID: <20150501205523.EB9F22281A4@palinka.tinho.net>

 | You appear to assume the intelligence community is
 | "independent", which appears false to me.
 | 
 | IMHO the intelligence community have boss/es outside
 | of it, which are definitely not poor.
 | 
 | Pretty sure this is true for Bulgaria (member of EU).
 | 
 | The intelligence community is just a tool, like an
 | admin is.
 | 
 | Maybe our definitions of "rich" differ.


Here, as everywhere, in a public policy document or debate
it is all over after the definitions page.  The rest is
mere mechanics.  Perhaps we do need to hash out what rich
means though on a whole-world scale the majority of the
readers of this list are at the top of the heap.  The (my)
speech I cited is what I had to say on the record, and is
the best that I've (currently) got; I'll revisit when time
permits.  Here, though, is Paul Krugman in a similar vein
three weeks ago today:

[PK] Paul Krugman, "Apple and the Self-Surveillance State," New
York Times, 10 April 2015
krugman.blogs.nytimes.com/2015/04/10/apple-and-the-self-surveillance-state

--dan




From guninski at guninski.com  Fri May  1 10:02:58 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 1 May 2015 20:02:58 +0300
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <mi0a71$8t4$1@ger.gmane.org>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
 <mi0a71$8t4$1@ger.gmane.org>
Message-ID: <20150501170258.GD2516@sivokote.iziade.m$>

On Fri, May 01, 2015 at 12:38:57PM -0400, Y G wrote:
> On 04/30/2015 08:57 PM, Griffin Boyce wrote:
> > Georgi Guninski wrote:
> >> How are the Baltimore riots going?
> >>
> >> https://en.wikipedia.org/wiki/2015_Baltimore_riots
> >>
> >>> Mandatory curfew effective April 28 – May 5 from 10pm-5am
> > 
> > Aloha from Baltimore,
> 
> Is there any way that the protests could use help on the tech front?
>

Maybe doxing the baltimore police will shed some light
on the murder of Freddie Gray.




From zen at freedbms.net  Fri May  1 03:41:13 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Fri, 1 May 2015 20:41:13 +1000
Subject: any going to Nepal?
In-Reply-To: <20150501090924.GA27013@miyamoto>
References: <CAOsGNSR3C1KC+dWdgqM3NkqAiJPXhG_wsmys8C1ZsAj9p7zoXA@mail.gmail.com>
 <20150501090924.GA27013@miyamoto>
Message-ID: <CAOsGNSQgZfFGwB7vgvoKqq3kXa701gybJGYdPxb13fYHuPX=bg@mail.gmail.com>

On 5/1/15, danimoth <danimoth at cryptolab.net> wrote:
> On 01/05/15 at 07:39am, Zenaan Harkness wrote:
>> To help establish new mobile base stations, internet network, etc?
>>
>> Ham radios are being used right now, but longer term there's lots of
>> tourist dollars that need mobile phone homes and connections, along
>> with the rest.
>>
>> If you work ok with others, are able to travel and passionate for our
>> collective future, perhaps now is a moment.
>
> Clean water is still missing and you encourage to worse the situation
> for "tourist dollars" ?
>
> Our collective future trained by "tourist dollars" ? What's up in your
> mind, dude?

At an appropriate time, with appropriate planning, and with all due
sensitivity to all relevant conditions, communications infrastructure
rebuilding shall be needed in this currently very devastated region.

Obviously the obviously appropriate inference wrapper is neither so
obvious nor obviously inferred. This is unfortunate, but thanks for
your 'with love' signoff - your sentiment matches my own sentiment and
intentions when I drafted the email.

The reference to tourist dollars was meant to hint at the (to me
obvious) fact that if anyone were to (appropriately) plan any
communications infrastructure, that the tourist population (when it
returns at an appropriate time in the future) has certain
communication needs which are perhaps not met by mainstream mobile
stations.

In a similar vein of thought, to those who may be inclined, please
forward any subset of these email only as appropriate and with all due
consideration and sensitivity to those you send to, please modify as
appropriate and please, please never add "if you don't forward this
you'll have 10 years of bad luck" and like rubbish.

Best regards,
Zenaan




From dal at riseup.net  Sat May  2 02:40:27 2015
From: dal at riseup.net (Douglas Lucas)
Date: Sat, 02 May 2015 04:40:27 -0500
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <5543E192.8030800@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <5543E192.8030800@riseup.net>
Message-ID: <55449B8B.8050808@riseup.net>



On 05/01/2015 03:26 PM, Mirimir wrote:
> Protesters, or at least key organizers, need to
> be running apps to detect and block IMSI catchers. And everyone not
> using them needs to put their phones in Faraday bags. So they also need
> to know how to make Faraday bags from aluminum foil and duct tape.

Good links to walkthroughs on both these would be greatly appreciated.

I was at Freddie Gray et al./May Day protest tonight (Friday; see tweets
https://twitter.com/douglaslucas/with_replies). There was one point, a
key intersection we were marching through halfway into the march, where
cell reception inexplicably dropped for a few minutes. There was also,
early on, someone in an Austin Police Department hat taking
pictures/video from the balcony of a firefighter's station, suggesting
that the cops were clued in, which would make sense given the organizing
happening on facebook etc., which of course sounds like horrors to
crypto snobs but in terms of mobilizing large populations is the only
current, repeatedly practiced answer and an effective, if dangerous, one.




From zen at freedbms.net  Fri May  1 17:22:43 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Sat, 2 May 2015 10:22:43 +1000
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <5543E924.8060401@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
 <mi0a71$8t4$1@ger.gmane.org> <5543E924.8060401@riseup.net>
Message-ID: <CAOsGNSR4_zh32yhRjv72G37kWAgY9uju92zkv-BuQebhCY8tbw@mail.gmail.com>

On 5/2/15, Razer <Rayzer at riseup.net> wrote:
> On 05/01/2015 09:38 AM, Y G wrote:
>> Is there any way that the protests could use help on the tech front? I
>> heard a bunch of things about the Baltimore PD being sure to keep
>> track of livestreams and I think also checking Twitter photos? So
>> maybe someone running their own StatusNet or Pump.io or something, so
>> that the Baltimore PD aren't at least getting the data firehosed from
>> the source? (Of course, that would require getting the message out to
>> everyone to switch...)
>
> One of the high profile sites covering the Baltimore protests,
> FergusonAction, is being 'protected', including dedicated DNS, by
> Cloudflare.
>
> That means Cloudflare, owned by the creator of "Operation Honeypot" and
> known to be quite friendly with the feds, 'haz all ur metadataz'
>
> I discovered that this morning and tumbl'd it, with the rest of what I
> know about Cloudflare, here:
> http://auntieimperial.tumblr.com/post/117874632894

Thank you. Useful info for those to whom it would come as a surprise,
and for those who have some trust in corporations which are, by decree
of their constitutions, for hire to the highest bidder (in almost but
not quite all cases).

What we need is to create within ourselves and our communities a
culture of awareness that "if you don't run it, you don't control it,
and it will most likely be working against your interests; ipso
comprendo, run your own".




From guninski at guninski.com  Sat May  2 07:01:31 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Sat, 2 May 2015 17:01:31 +0300
Subject: Surveillance forces journalists to think and act like spies
In-Reply-To: <20150501205523.EB9F22281A4@palinka.tinho.net>
References: <20150501112812.GB2516@sivokote.iziade.m$>
 <20150501205523.EB9F22281A4@palinka.tinho.net>
Message-ID: <20150502140131.GA3736@sivokote.iziade.m$>

On Fri, May 01, 2015 at 04:55:23PM -0400, dan at geer.org wrote:
>  | You appear to assume the intelligence community is
>  | "independent", which appears false to me.
>  | 
>  | IMHO the intelligence community have boss/es outside
>  | of it, which are definitely not poor.
>  | 
>  | Pretty sure this is true for Bulgaria (member of EU).
>  | 
>  | The intelligence community is just a tool, like an
>  | admin is.
>  | 
>  | Maybe our definitions of "rich" differ.
> 
> 
> Here, as everywhere, in a public policy document or debate
> it is all over after the definitions page.  The rest is
> mere mechanics.  Perhaps we do need to hash out what rich
> means though on a whole-world scale the majority of the
> readers of this list are at the top of the heap.  The (my)
> speech I cited is what I had to say on the record, and is
> the best that I've (currently) got; I'll revisit when time
> permits.  Here, though, is Paul Krugman in a similar vein
> three weeks ago today:
> 
> [PK] Paul Krugman, "Apple and the Self-Surveillance State," New
> York Times, 10 April 2015
> krugman.blogs.nytimes.com/2015/04/10/apple-and-the-self-surveillance-state
> 
> --dan

Definitions depend on context.
You mix "rich" and "intelligence" in one sentence --
in this context the majority/almost all of this list is likely
not rich, though they may have sufficiently money.

Also "intelligence community" appears non-standard definition.

Intelligence is military organization -- soldiers follow
orders depending on their rank. This is not the civil
definition of "community", maybe unless you consider
Obama "community of one".




From mirimir at riseup.net  Sat May  2 17:21:16 2015
From: mirimir at riseup.net (Mirimir)
Date: Sat, 02 May 2015 18:21:16 -0600
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <55449B8B.8050808@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <5543E192.8030800@riseup.net> <55449B8B.8050808@riseup.net>
Message-ID: <554569FC.4090306@riseup.net>

On 05/02/2015 03:40 AM, Douglas Lucas wrote:
> 
> 
> On 05/01/2015 03:26 PM, Mirimir wrote:
>> Protesters, or at least key organizers, need to
>> be running apps to detect and block IMSI catchers. And everyone not
>> using them needs to put their phones in Faraday bags. So they also need
>> to know how to make Faraday bags from aluminum foil and duct tape.
> 
> Good links to walkthroughs on both these would be greatly appreciated.

I don't use smartphones, and so don't know what works best. Searching on
"detect IMSI catcher" yields hits for Android, but I see no apps for
iOS. AIMSICD looks like a good app. Maybe someone who knows this stuff
well can recommend one.

For the Faraday bag, see
<http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
test. Just put the phone in the bag, and call it. If it rings, there are
leaks.

The hardest aspect is getting good electrical contact on all seams,
including the access flap. The maximum dimension of any hole in the bag
must be small, less than an inch. A gap at the seam that's an inch long,
even if it's very narrow, will leak a lot.

The other thing to keep in mind is that aluminum foil gets brittle with
bending, and will crack. So you need multiple layers, and the layers
must be in electrical contact. Narrow strips of double-stick tape
between layers are OK to provide structural stability. But it's a trade-off.

> I was at Freddie Gray et al./May Day protest tonight (Friday; see tweets
> https://twitter.com/douglaslucas/with_replies). There was one point, a
> key intersection we were marching through halfway into the march, where
> cell reception inexplicably dropped for a few minutes. There was also,
> early on, someone in an Austin Police Department hat taking
> pictures/video from the balcony of a firefighter's station, suggesting
> that the cops were clued in, which would make sense given the organizing
> happening on facebook etc., which of course sounds like horrors to
> crypto snobs but in terms of mobilizing large populations is the only
> current, repeatedly practiced answer and an effective, if dangerous, one.
> 




From coderman at gmail.com  Sat May  2 20:37:41 2015
From: coderman at gmail.com (coderman)
Date: Sat, 2 May 2015 20:37:41 -0700
Subject: Fwd: design for a Tor router without anonymity compromises
In-Reply-To: <CAJVRA1Qnmg3Kk4SZrkVy+7nRGg+CAgY53B06Vy0dO-3Kk17hLQ@mail.gmail.com>
References: <CAJVRA1Qnmg3Kk4SZrkVy+7nRGg+CAgY53B06Vy0dO-3Kk17hLQ@mail.gmail.com>
Message-ID: <CAJVRA1Si2njqmg3QnOewEyiV0wTrWfrUW4=ECQwUS1nJ82SmdQ@mail.gmail.com>

---------- Forwarded message ----------
From: coderman <coderman at gmail.com>
Date: Sat, 2 May 2015 20:37:17 -0700
Subject: design for a Tor router without anonymity compromises
To: tor-dev <tor-dev at lists.torproject.org>

a friend and i are working on a Tor router design that doesn't
compromise anonymity for convenience. [0][1][2][3][4]

we're soliciting feedback as part of a go / no-go decision on
continuing this effort.

in particular, the design is intended to meet the scrutiny of Nick M.,
Roger, and Mike P.  as the focus on support for Tor Browser and Tor on
each client indicates.

---

the design and prototype code is marked "copyright Tor Project Inc. by
assignment", which means that we're using a notary public to formally
assign copyright ownership to the corporate entity "Tor Project,
Inc.".

your comments will be taken into consideration, however, please defer
patches / code contributions under other owners (you) until assignment
complete.

---

last but not least, we're trying to eat our own dog food. all of our
planning, development, and operations use hidden services, called
Onion services in the document, and this bootstrap is more difficult
than expected. [5]

please provide feedback in reply on this thread or to me directly.[6]
assuming the project continues, we will have Onion services to support
collaborative development up soon.

best regards,
 and my thanks in advance for your scrutiny!



0. "Tor Enforcing Privacy Router"
  http://serqet345qt265xp.onion/

1. "Op-ed: Why the entire premise of Tor-enabled routers is ridiculous"
  http://arstechnica.com/security/2015/04/18/op-ed-why-the-entire-premise-of-tor-enabled-routers-is-ridiculous/

2. "[tor-relays] Anonbox Project - Mike Perry"
  https://lists.torproject.org/pipermail/tor-relays/2014-October/005541.html

3. "[tor-relays] Anonbox Project - Roger Dingledine"
  https://lists.torproject.org/pipermail/tor-relays/2014-October/005544.html

4. "[tor-talk] Cloak Tor Router (thread)"
  https://lists.torproject.org/pipermail/tor-talk/2014-November/035436.html

5. "Onion services" came in behind "Tor sites" because sites felt too
web browser focused. we're trying to avoid the legacy "hidden
services" nomenclature.

6. i have a long history of extreme dislike for encrypted email, key
servers, web of trust, and other moral hazards. however, if you
encrypt to my key you can send private mail, if desired. note that
some encrypted email clients will fail insecure if the intended
recipient doesn't match a keyring identifier!
https://peertech.org/keys/0x65A847E7C2B9380C-pub.txt




From coderman at gmail.com  Sat May  2 22:46:46 2015
From: coderman at gmail.com (coderman)
Date: Sat, 2 May 2015 22:46:46 -0700
Subject: Backward compatibility bites again (like RC4 in WPA2),
 "Cryptanalysis has been seen of RC4"
Message-ID: <CAJVRA1RySwNkWGQ84i9KbsOYa7U0L9WTv9rCHdYDXz6QKaut4g@mail.gmail.com>

On 3/3/15, coderman <coderman at gmail.com> wrote:
> ...
>> 2015, RC4 still in WPA2, WPA2 still in everything, ...

regarding Snowden in Princeton,
 https://www.lightbluetouchpaper.org/2015/05/02/meeting-snowden-in-princeton/

"There’s no evidence of a “wow” cryptanalysis; it was key theft, or an
implant, or a predicted RNG or supply-chain interference.
_Cryptanalysis has been seen of RC4_, but not of elliptic curve
crypto, and there’s no sign of exploits against other commonly used
algorithms."


RC4 still in WPA2 (targeted attack) allowing decryption of collected
signals. this is why VPN is necessary over WiFi networks regardless of
WPA2 security settings in the Tor router requirements.

best regards,




From list at sysfu.com  Sun May  3 08:48:46 2015
From: list at sysfu.com (Seth)
Date: Sun, 03 May 2015 08:48:46 -0700
Subject: Fwd: design for a Tor router without anonymity compromises
In-Reply-To: <CAJVRA1Si2njqmg3QnOewEyiV0wTrWfrUW4=ECQwUS1nJ82SmdQ@mail.gmail.com>
References: <CAJVRA1Qnmg3Kk4SZrkVy+7nRGg+CAgY53B06Vy0dO-3Kk17hLQ@mail.gmail.com>
 <CAJVRA1Si2njqmg3QnOewEyiV0wTrWfrUW4=ECQwUS1nJ82SmdQ@mail.gmail.com>
Message-ID: <op.xx2gvkszbgbjo9@work-pc.lan>

On Sat, 02 May 2015 20:37:41 -0700, coderman <coderman at gmail.com> wrote:

> ---------- Forwarded message ----------
> From: coderman <coderman at gmail.com>
> Date: Sat, 2 May 2015 20:37:17 -0700
> Subject: design for a Tor router without anonymity compromises
> To: tor-dev <tor-dev at lists.torproject.org>
>
> a friend and i are working on a Tor router design that doesn't
> compromise anonymity for convenience. [0][1][2][3][4]

Curious what you would say are the key advantages between your project and  
Grugq and Matt Lackeys 2nd generation version of P.O.R.T.A.L (Personal  
Onion Router to Assure Liberty)

Their Defcon 22 Talk: https://www.youtube.com/watch?v=_KyfJW2lHtk

The Slides: http://portalmasq.com

The Hardware: http://smile.amazon.com/dp/B00JL31MPO/ref=cm_sw_su_dp




From coderman at gmail.com  Sun May  3 10:20:19 2015
From: coderman at gmail.com (coderman)
Date: Sun, 3 May 2015 10:20:19 -0700
Subject: Fwd: design for a Tor router without anonymity compromises
In-Reply-To: <op.xx2gvkszbgbjo9@work-pc.lan>
References: <CAJVRA1Qnmg3Kk4SZrkVy+7nRGg+CAgY53B06Vy0dO-3Kk17hLQ@mail.gmail.com>
 <CAJVRA1Si2njqmg3QnOewEyiV0wTrWfrUW4=ECQwUS1nJ82SmdQ@mail.gmail.com>
 <op.xx2gvkszbgbjo9@work-pc.lan>
Message-ID: <CAJVRA1QXdFewX4CGs90=G0iL0MA5XS3e9pgLXo-M=ZVWOK47Ng@mail.gmail.com>

On 5/3/15, Seth <list at sysfu.com> wrote:
> ...
> Curious what you would say are the key advantages between your project and
> Grugq and Matt Lackeys 2nd generation version of P.O.R.T.A.L.

key advantages:
- enforces Tor at clients, not a Tor proxy gateway for local network.
this is important in terms of fingerprinting and stream isolation.

- provides defense in depth for Tor Browser, a secondary protection if
primary protections fail. PORTAL failure requires OPSEC compensating
controls. :)

- utilizes secure boot and secure computing capabilities present in
modern embedded processors to further defend keys and software on
device.

- does not use passwords; only key based authentication.

- more powerful hardware to grow along with Tor network itself,
support more than bare minimum configurations.


that's what sticks out for me, as most distinguished from P.O.R.T.A.L.
and related efforts on similar hardware. [Anonabox, Invizbox, etc.]


best regards,




From Rayzer at riseup.net  Sun May  3 10:48:12 2015
From: Rayzer at riseup.net (Razer)
Date: Sun, 03 May 2015 10:48:12 -0700
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <554569FC.4090306@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <5543E192.8030800@riseup.net> <55449B8B.8050808@riseup.net>
 <554569FC.4090306@riseup.net>
Message-ID: <55465F5C.9030303@riseup.net>

Caveat:
Keep in mind that your phone, smart or not, will be transmitting on a
regular basis trying to poll for cellsites. Encasing your phone in a
tinfoil wrapper or other tightly fitting metal case will SERIOUSLY
affect the Standing Wave Ratio (SWR) of the radiating 'antenna' (now
days, because everyone thought antennas were ugly, or inconvenient
despite the fact they dramatically improve phone performance that's
about every metal part in the phone's chassis), and may shorten it's
life. The communications frequency equivalent of putting a metal object
in a microwave oven.


On 05/02/2015 05:21 PM, Mirimir wrote:
>
> I don't use smartphones, and so don't know what works best. Searching on
> "detect IMSI catcher" yields hits for Android, but I see no apps for
> iOS. AIMSICD looks like a good app. Maybe someone who knows this stuff
> well can recommend one.
>
> For the Faraday bag, see
> <http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
> test. Just put the phone in the bag, and call it. If it rings, there are
> leaks.
>
> The hardest aspect is getting good electrical contact on all seams,
> including the access flap. The maximum dimension of any hole in the bag
> must be small, less than an inch. A gap at the seam that's an inch long,
> even if it's very narrow, will leak a lot.
>
> The other thing to keep in mind is that aluminum foil gets brittle with
> bending, and will crack. So you need multiple layers, and the layers
> must be in electrical contact. Narrow strips of double-stick tape
> between layers are OK to provide structural stability. But it's a trade-off.
>
>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150503/ca5415e2/attachment.sig>

From mirimir at riseup.net  Sun May  3 11:45:38 2015
From: mirimir at riseup.net (Mirimir)
Date: Sun, 03 May 2015 12:45:38 -0600
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <20150503172045.GA2472@sivokote.iziade.m$>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <5543E192.8030800@riseup.net> <55449B8B.8050808@riseup.net>
 <554569FC.4090306@riseup.net> <20150503172045.GA2472@sivokote.iziade.m$>
Message-ID: <55466CD2.1040406@riseup.net>

On 05/03/2015 11:20 AM, Georgi Guninski wrote:
> On Sat, May 02, 2015 at 06:21:16PM -0600, Mirimir wrote:
>>
>> For the Faraday bag, see
>> <http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
>> test. Just put the phone in the bag, and call it. If it rings, there are
>> leaks.
>>
> 
> I am noob at smartphones, but isn't this very close to
> functionally equivalent to just physically remove the
> battery from the phone?
> 
> At what distance is phone with removed battery detectable?
> 
> Well, if someone implanted "backup battery" this fails,
> but the implanted battery must be sufficiently small
> to not see it.

I don't know enough about smartphones to say. The effectiveness of
removing the battery may vary among devices. Snowden told people
visiting him in Hong Kong to put their phones in the refrigerator, which
is a Faraday cage. Also, using a bag is arguably less hassle than
removing the battery.




From dan at geer.org  Sun May  3 11:10:43 2015
From: dan at geer.org (dan at geer.org)
Date: Sun, 03 May 2015 14:10:43 -0400
Subject: Surveillance forces journalists to think and act like spies
In-Reply-To: Your message of "Sat, 02 May 2015 17:01:31 +0300."
 <20150502140131.GA3736@sivokote.iziade.m$>
Message-ID: <20150503181043.BBDA4228108@palinka.tinho.net>

Yes, definitions often require context to fully disambiguate, which
is we all like analogies so much -- efficient transmission of context
(the practice of law even being oft described as "the search for
analogies").

As to "intelligence community," this is completely standard Washington
terminology, used as a collective noun to convey en masse all the
agencies with an intelligence function, i.e., a grouping that includes
not just CIA and NGA, but also FBI and TSA, say.

--dan




From mirimir at riseup.net  Sun May  3 15:26:34 2015
From: mirimir at riseup.net (Mirimir)
Date: Sun, 03 May 2015 16:26:34 -0600
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <554569FC.4090306@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <5543E192.8030800@riseup.net> <55449B8B.8050808@riseup.net>
 <554569FC.4090306@riseup.net>
Message-ID: <5546A09A.5080404@riseup.net>

I'm replying to my own post to add comments based on list feedback.

On 05/02/2015 06:21 PM, Mirimir wrote:
> On 05/02/2015 03:40 AM, Douglas Lucas wrote:
>>
>>
>> On 05/01/2015 03:26 PM, Mirimir wrote:
>>> Protesters, or at least key organizers, need to
>>> be running apps to detect and block IMSI catchers. And everyone not
>>> using them needs to put their phones in Faraday bags. So they also need
>>> to know how to make Faraday bags from aluminum foil and duct tape.

Some think that removing the battery, or even turning the phone off or
putting it in "airplane mode", is enough. Maybe I'm too paranoid, but I
don't trust either of those approaches.

However, I do agree that taking one of those steps before putting the
phone in the Faraday bag will prevent rapid battery discharge through
high-power attempts to reach towers.

>> Good links to walkthroughs on both these would be greatly appreciated.
> 
> I don't use smartphones, and so don't know what works best. Searching on
> "detect IMSI catcher" yields hits for Android, but I see no apps for
> iOS. AIMSICD looks like a good app. Maybe someone who knows this stuff
> well can recommend one.
> 
> For the Faraday bag, see
> <http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
> test. Just put the phone in the bag, and call it. If it rings, there are
> leaks.
> 
> The hardest aspect is getting good electrical contact on all seams,
> including the access flap. The maximum dimension of any hole in the bag
> must be small, less than an inch. A gap at the seam that's an inch long,
> even if it's very narrow, will leak a lot.
> 
> The other thing to keep in mind is that aluminum foil gets brittle with
> bending, and will crack. So you need multiple layers, and the layers
> must be in electrical contact. Narrow strips of double-stick tape
> between layers are OK to provide structural stability. But it's a trade-off.
> 
>> I was at Freddie Gray et al./May Day protest tonight (Friday; see tweets
>> https://twitter.com/douglaslucas/with_replies). There was one point, a
>> key intersection we were marching through halfway into the march, where
>> cell reception inexplicably dropped for a few minutes. There was also,
>> early on, someone in an Austin Police Department hat taking
>> pictures/video from the balcony of a firefighter's station, suggesting
>> that the cops were clued in, which would make sense given the organizing
>> happening on facebook etc., which of course sounds like horrors to
>> crypto snobs but in terms of mobilizing large populations is the only
>> current, repeatedly practiced answer and an effective, if dangerous, one.
>>




From mirimir at riseup.net  Sun May  3 17:36:12 2015
From: mirimir at riseup.net (Mirimir)
Date: Sun, 03 May 2015 18:36:12 -0600
Subject: Meeting Snowden in Princeton
In-Reply-To: <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>
Message-ID: <5546BEFC.3000507@riseup.net>

On 05/03/2015 04:58 PM, Juan wrote:
> On Sat, 02 May 2015 21:14:35 -0600
> Mirimir <mirimir at riseup.net> wrote:
> 
> 
>> I won't quote much, but I can't resist sharing this: "And it’s a
>> matter of record that Ed [Snowden] trusted his life to Tor, because
>> he saw from the other side that it worked."
>>
> 
> 
> 	Huh? 'trusted his life', how? It's a matter of record that you
> 	are quoting a guy making a baseless assertion in some random
> 	blog. 

He initially reached out to Glenn and Laura via Tor (Tails, as I recall
reading). If the NSA has totally pwned Tor, they would arguably have
detected that. We know that they focus on encrypted stuff, and one would
hope that they monitor their staff and consultants.

But then, maybe it's all bullshit. I certainly have no inside info.

>> I wonder what the haters say to that. Actually, I know: "He's a double
>> agent, and it's all a con." Amirite?
> 
> 
> 	Snowden keeps sounding like an american nationalist. That's a
> big red flag. 

He's clearly an American nationalist. He's said repeatedly that he
released stuff through reporters, rather than directly, in order to
reduce the risk of hurting US interests. Is that a "red flag"? I would
have rather seen it all, but de gustibus non est disputandem ;)




From juan.g71 at gmail.com  Sun May  3 15:58:14 2015
From: juan.g71 at gmail.com (Juan)
Date: Sun, 3 May 2015 19:58:14 -0300
Subject: Meeting Snowden in Princeton
In-Reply-To: <5545929B.10805@riseup.net>
References: <5545929B.10805@riseup.net>
Message-ID: <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>

On Sat, 02 May 2015 21:14:35 -0600
Mirimir <mirimir at riseup.net> wrote:


> I won't quote much, but I can't resist sharing this: "And it’s a
> matter of record that Ed [Snowden] trusted his life to Tor, because
> he saw from the other side that it worked."
> 


	Huh? 'trusted his life', how? It's a matter of record that you
	are quoting a guy making a baseless assertion in some random
	blog. 


> I wonder what the haters say to that. Actually, I know: "He's a double
> agent, and it's all a con." Amirite?


	Snowden keeps sounding like an american nationalist. That's a
big red flag. 


	












From cathalgarvey at cathalgarvey.me  Sun May  3 12:05:22 2015
From: cathalgarvey at cathalgarvey.me (Cathal Garvey)
Date: Sun, 03 May 2015 20:05:22 +0100
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <55466CD2.1040406@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net> <mi0a71$8t4$1@ger.gmane.org>
 <5543E192.8030800@riseup.net> <55449B8B.8050808@riseup.net>
 <554569FC.4090306@riseup.net> <20150503172045.GA2472@sivokote.iziade.m$>
 <55466CD2.1040406@riseup.net>
Message-ID: <55467172.3020907@cathalgarvey.me>

The downside of using a faraday cage with an activated phone: The phone 
will start "screaming" looking for a tower, and you'll get much reduced 
battery life. Turning phone off first and *then* putting it in the bag 
saves battery and prevents any suspected "backup battery" driven chips 
from getting a signal out..although if that's your threat-model, they 
could just record whatever telemetry they need and send later.

i.e., if a phone is suspected to be compromised and could turn on the 
core or auxiliary chips (with main or backup battery), and activate the 
microphone or camera, the faraday cage bag will prevent it from sending 
that data right away but it could be instructed to store that data 
instead and send it back later.

Personally I think removing the battery is sufficient for most phone 
models; the backup batteries are unlikely to be enough to drive the more 
concerning chips and sensors for long even if they're wired up to it in 
the first place.

On 03/05/15 19:45, Mirimir wrote:
> On 05/03/2015 11:20 AM, Georgi Guninski wrote:
>> On Sat, May 02, 2015 at 06:21:16PM -0600, Mirimir wrote:
>>>
>>> For the Faraday bag, see
>>> <http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
>>> test. Just put the phone in the bag, and call it. If it rings, there are
>>> leaks.
>>>
>>
>> I am noob at smartphones, but isn't this very close to
>> functionally equivalent to just physically remove the
>> battery from the phone?
>>
>> At what distance is phone with removed battery detectable?
>>
>> Well, if someone implanted "backup battery" this fails,
>> but the implanted battery must be sufficiently small
>> to not see it.
>
> I don't know enough about smartphones to say. The effectiveness of
> removing the battery may vary among devices. Snowden told people
> visiting him in Hong Kong to put their phones in the refrigerator, which
> is a Faraday cage. Also, using a bag is arguably less hassle than
> removing the battery.
>

-- 
Scientific Director, IndieBio Irish Programme
  Now running in Cork, Ireland May->July
  Learn more at http://eu.indie.bio and follow along!
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey




From kurt.buff at gmail.com  Sun May  3 20:16:00 2015
From: kurt.buff at gmail.com (Kurt Buff)
Date: Sun, 3 May 2015 20:16:00 -0700
Subject: Meeting Snowden in Princeton
In-Reply-To: <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>
Message-ID: <CADy1Ce5_89CyCCynErOxGBSK6Vh30m6uqMCe7zXAWYL5OnAKDw@mail.gmail.com>

On Sun, May 3, 2015 at 3:58 PM, Juan <juan.g71 at gmail.com> wrote:
> On Sat, 02 May 2015 21:14:35 -0600
> Mirimir <mirimir at riseup.net> wrote:
>
>> I won't quote much, but I can't resist sharing this: "And it’s a
>> matter of record that Ed [Snowden] trusted his life to Tor, because
>> he saw from the other side that it worked."
>
>         Huh? 'trusted his life', how? It's a matter of record that you
>         are quoting a guy making a baseless assertion in some random
>         blog.
>
>> I wonder what the haters say to that. Actually, I know: "He's a double
>> agent, and it's all a con." Amirite?
>
>         Snowden keeps sounding like an american nationalist. That's a
> big red flag.

Two things:

As someone else has pointed out, yes, he's an admitted American
nationalist. So what?

The article is hardly from some random blog:
http://www.amazon.com/Security-Engineering-Building-Dependable-Distributed/dp/0470068523/


Kurt




From guninski at guninski.com  Sun May  3 10:20:45 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Sun, 3 May 2015 20:20:45 +0300
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <554569FC.4090306@riseup.net>
References: <20150430143947.GA2661@sivokote.iziade.m$>
 <1f0b8c1f7d7abd3695cb8313e4d3eef2@cryptolab.net>
 <mi0a71$8t4$1@ger.gmane.org> <5543E192.8030800@riseup.net>
 <55449B8B.8050808@riseup.net> <554569FC.4090306@riseup.net>
Message-ID: <20150503172045.GA2472@sivokote.iziade.m$>

On Sat, May 02, 2015 at 06:21:16PM -0600, Mirimir wrote:
> 
> For the Faraday bag, see
> <http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
> test. Just put the phone in the bag, and call it. If it rings, there are
> leaks.
>

I am noob at smartphones, but isn't this very close to
functionally equivalent to just physically remove the
battery from the phone?

At what distance is phone with removed battery detectable?

Well, if someone implanted "backup battery" this fails,
but the implanted battery must be sufficiently small
to not see it.




From jdb10987 at yahoo.com  Sun May  3 13:51:02 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Sun, 3 May 2015 20:51:02 +0000 (UTC)
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <55466CD2.1040406@riseup.net>
References: <55466CD2.1040406@riseup.net>
Message-ID: <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>



>> On Sat, May 02, 2015 at 06:21:16PM -0600, Mirimir wrote:
>>> For the Faraday bag, see
>>> <http://www.instructables.com/id/RFID-Secure-Wallet/>. It's easy to
>>> test. Just put the phone in the bag, and call it. If it rings, there are
>> >leaks.

>> I am noob at smartphones, but isn't this very close to
>> functionally equivalent to just physically remove the
>> battery from the phone?
>> At what distance is phone with removed battery detectable?
>> Well, if someone implanted "backup battery" this fails,
>> but the implanted battery must be sufficiently small
>> to not see it.>I don't know enough about smartphones to say. The effectiveness of
>removing the battery may vary among devices. Snowden told people
>visiting him in Hong Kong to put their phones in the refrigerator, which
>is a Faraday cage. Also, using a bag is arguably less hassle than
>removing the battery.
For an RF-shield, I think that using a microwave oven would be much superior to a refrigerator.  By definition, a microwave oven is designed to contain a huge (1 kilowatt) emission of 2.45 GHz signal (close to those of cell phone frequencies, some are 1700-1900 MHz), so that humans can live with reasonable safety a foot or so away from it.  This implies a shielding of around 60 decibels.I'd keep a container of water inside the microwave cavity to absorb emitted microwave-band signals.  (And, of course, you should detach the power-cord of the microwave, to avoid accidently frying your valuable electronics.)As for smartphones, my understanding is that most of them don't have detachable batteries.  They do, however, have "airplane-mode" function, where (presumably) they are set to not emit any signals in any band.  That doesn't mean they couldn't hear, or record, audio, or detect RF signals, for recording and later transmission. 
      Jim Bell   N7IJS             Proudly standing as the LAST "Tech-Plus" Ham (Amateur Radio Operator) in the World.






  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5312 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150503/1f79aabd/attachment.txt>

From mirimir at riseup.net  Sun May  3 20:52:17 2015
From: mirimir at riseup.net (Mirimir)
Date: Sun, 03 May 2015 21:52:17 -0600
Subject: Meeting Snowden in Princeton
In-Reply-To: <5546d407.c41c8c0a.767c.ffffc5c8@mx.google.com>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com> <5546BEFC.3000507@riseup.net>
 <5546d407.c41c8c0a.767c.ffffc5c8@mx.google.com>
Message-ID: <5546ECF1.5070304@riseup.net>

On 05/03/2015 08:09 PM, Juan wrote:
> On Sun, 03 May 2015 18:36:12 -0600
> Mirimir <mirimir at riseup.net> wrote:
> 
>> On 05/03/2015 04:58 PM, Juan wrote:
>>> On Sat, 02 May 2015 21:14:35 -0600
>>> Mirimir <mirimir at riseup.net> wrote:
>>>
>>>
>>>> I won't quote much, but I can't resist sharing this: "And it’s a
>>>> matter of record that Ed [Snowden] trusted his life to Tor, because
>>>> he saw from the other side that it worked."
>>>>
>>>
>>>
>>> 	Huh? 'trusted his life', how? It's a matter of record that
>>> you are quoting a guy making a baseless assertion in some random
>>> 	blog. 
>>
>> He initially reached out to Glenn and Laura via Tor (Tails, as I
>> recall reading). 
>> If the NSA has totally pwned Tor, they would
>> arguably have detected that. 
> 
> 
> 	For starters when he contacted Poitras he was still working for
> 	the american nazi government. He wasn't in any 'watch
> 	list' (rather he was the one making such lists) - His actions
> 	were not 'detected' because nobody was interested in 'detecting'
> 	them.
> 
> 	So, there goes your theory...

Well, if I were running the fucking NSA, I'd make sure that all staff
and consultants were on high-priority watch lists. Snowden wasn't the
first, you know. He was one of few idealists, though. Most of the rest
were just in it for the money.

>> We know that they focus on encrypted
>> stuff, and one would hope that they monitor their staff and
>> consultants.
> 
> 	I don't think so. Snowden was 'one of them'. 

>From what I've read in Bamford's books, it doesn't work like that. Being
"one of them" puts you under more scrutiny, not less.

>> But then, maybe it's all bullshit. I certainly have no inside info.
> 
> 
> 	Also, Snowden didn't plan to remain anonymous and didn't remain
> 	anonymous except for a few days. So, there isn't any evidence
> 	of tor working, except for a few days, at best. Although even
> 	that is unwarranted. 

I think that it was more than a few days. It took a while for Glenn to
get up to speed with encryption, as I recall.

> 	Bottom line, this "trusted his life to Tor"  is just cheap
> 	rhetoric. 

That's arguable, I admit. Would they have actually killed him? Probably
not, at least at first. But I still like it, cheap rhetoric or not :)

>>>> I wonder what the haters say to that. Actually, I know: "He's a
>>>> double agent, and it's all a con." Amirite?
>>>
>>>
>>> 	Snowden keeps sounding like an american nationalist. That's
>>> a big red flag. 
>>
>> He's clearly an American nationalist. He's said repeatedly that he
>> released stuff through reporters, rather than directly, in order to
>> reduce the risk of hurting US interests. 
>> Is that a "red flag"? I would
>> have rather seen it all, but de gustibus non est disputandem ;)
> 
> 
> 	Yes, I think it's a red flag. I'm guessing you disagree(?) but
> 	I don't know exactly how to read your remark about different
> 	people and different tastes...

Yes, I was disagreeing. But even if it were a "red flag", what would
that signify? Don't the documents speak for themselves? Why do we care
about his politics, philosophy, etc?




From list at sysfu.com  Sun May  3 23:00:02 2015
From: list at sysfu.com (Seth)
Date: Sun, 03 May 2015 23:00:02 -0700
Subject: Meeting Snowden in Princeton
In-Reply-To: <5546ECF1.5070304@riseup.net>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com> <5546BEFC.3000507@riseup.net>
 <5546d407.c41c8c0a.767c.ffffc5c8@mx.google.com> <5546ECF1.5070304@riseup.net>
Message-ID: <op.xx3kac1bbgbjo9@work-pc.lan>

On Sun, 03 May 2015 20:52:17 -0700, Mirimir <mirimir at riseup.net> wrote:
> Well, if I were running the fucking NSA, I'd make sure that all staff
> and consultants were on high-priority watch lists. Snowden wasn't the
> first, you know. He was one of few idealists, though. Most of the rest
> were just in it for the money.
>
>>> We know that they focus on encrypted
>>> stuff, and one would hope that they monitor their staff and
>>> consultants.
>>
>> 	I don't think so. Snowden was 'one of them'.
>
> From what I've read in Bamford's books, it doesn't work like that. Being
> "one of them" puts you under more scrutiny, not less.

I posted about this exact issue back in December, mostly to the sound of  
crickets.

To recap the timeline:

Sometime late 2012 - Snowden emails Runa Sandvik and provides his real  
name and address in order to obtain some Tor stickers. *** Link between  
his legal identity and the cincinnatus at lavabit.com email appears to have  
been established at this point to anyone monitoring his communications ***  
Discussion leads to the idea to host a Cryptoparty. [1]

December 1, 2012: Snowden emails Greenwald for the first time via  
cincinnatus at lavabit.com address [1]

December 11, 2012: Snowden hosts the Cryptoparty in Hawaii while waiting  
for Greenwald to reply. Party is organized USING THE SAME  
cincinnatus at lavabit.com address as a point of contact on the public  
cryptoparty web site. [2]

Jan. 2013: Snowden reaches out to Laura Poitras, a documentary filmmaker.  
[3]

February 2013: Edward Snowden contacts Greenwald himself. (which Greenwald  
later retracts, as some claim he realized he himself could also face  
criminal charges for having advance knowledge of Snowden's plans to join  
Booz Allen Hamilton with the express intent of obtaining more documents to  
leak) [4]

March 2013: Snowden seeks a new contractor job with Booz Allen Hamilton at  
the same NSA facility in Hawaii. He later tells the South China Morning  
Post that he did so to get additional access to classified documents he  
intends to leak. [3]

May 20, 2013: Snowden arrives in Hong Kong from Hawaii. [3]

June 7, 2013: Greenwald publishes story in The Guardian. [3]

So the takeaway is that the NSA had almost six months to investigate or  
nab Snowden from the time of his first attempt to contact Greenwald on Dec  
1st 2012 until he was on a plane to Hong Kong on May 19th 2013.

Meanwhile he's running a large Tor exit node and organizing CryptoParties.

This is not exactly what you would call keeping a low profile or 'good  
OPSEC' for a person actively planning to drop the biggest Intel leak in  
history.

I find this unbelievable.

[1]  
https://www.techdirt.com/articles/20140521/07124327303/snowden-ran-major-tor-exit-relay-hosted-cryptoparty-hawaii-while-waiting-greenwald-to-reply.shtml

[2]  
https://web.archive.org/web/20130327000851/https://cryptoparty.org/wiki/Oahu

[3]  
http://www.nbcnews.com/feature/edward-snowden-interview/edward-snowden-timeline-n114871

[4] https://twitter.com/ggreenwald/statuses/344040301972815872




From juan.g71 at gmail.com  Sun May  3 19:09:43 2015
From: juan.g71 at gmail.com (Juan)
Date: Sun, 3 May 2015 23:09:43 -0300
Subject: Meeting Snowden in Princeton
In-Reply-To: <5546BEFC.3000507@riseup.net>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>
 <5546BEFC.3000507@riseup.net>
Message-ID: <5546d407.c41c8c0a.767c.ffffc5c8@mx.google.com>

On Sun, 03 May 2015 18:36:12 -0600
Mirimir <mirimir at riseup.net> wrote:

> On 05/03/2015 04:58 PM, Juan wrote:
> > On Sat, 02 May 2015 21:14:35 -0600
> > Mirimir <mirimir at riseup.net> wrote:
> > 
> > 
> >> I won't quote much, but I can't resist sharing this: "And it’s a
> >> matter of record that Ed [Snowden] trusted his life to Tor, because
> >> he saw from the other side that it worked."
> >>
> > 
> > 
> > 	Huh? 'trusted his life', how? It's a matter of record that
> > you are quoting a guy making a baseless assertion in some random
> > 	blog. 
> 
> He initially reached out to Glenn and Laura via Tor (Tails, as I
> recall reading). 
> If the NSA has totally pwned Tor, they would
> arguably have detected that. 


	For starters when he contacted Poitras he was still working for
	the american nazi government. He wasn't in any 'watch
	list' (rather he was the one making such lists) - His actions
	were not 'detected' because nobody was interested in 'detecting'
	them.

	So, there goes your theory...


> We know that they focus on encrypted
> stuff, and one would hope that they monitor their staff and
> consultants.

	I don't think so. Snowden was 'one of them'. 

> 
> But then, maybe it's all bullshit. I certainly have no inside info.


	Also, Snowden didn't plan to remain anonymous and didn't remain
	anonymous except for a few days. So, there isn't any evidence
	of tor working, except for a few days, at best. Although even
	that is unwarranted. 

	Bottom line, this "trusted his life to Tor"  is just cheap
	rhetoric. 

> 
> >> I wonder what the haters say to that. Actually, I know: "He's a
> >> double agent, and it's all a con." Amirite?
> > 
> > 
> > 	Snowden keeps sounding like an american nationalist. That's
> > a big red flag. 
> 
> He's clearly an American nationalist. He's said repeatedly that he
> released stuff through reporters, rather than directly, in order to
> reduce the risk of hurting US interests. 
> Is that a "red flag"? I would
> have rather seen it all, but de gustibus non est disputandem ;)


	Yes, I think it's a red flag. I'm guessing you disagree(?) but
	I don't know exactly how to read your remark about different
	people and different tastes...


	







From rysiek at hackerspace.pl  Mon May  4 00:37:34 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 04 May 2015 09:37:34 +0200
Subject: Meeting Snowden in Princeton
In-Reply-To: <op.xx3kac1bbgbjo9@work-pc.lan>
References: <5545929B.10805@riseup.net> <5546ECF1.5070304@riseup.net>
 <op.xx3kac1bbgbjo9@work-pc.lan>
Message-ID: <1760275.vCFGWDakc1@lapuntu>

Dnia niedziela, 3 maja 2015 23:00:02 Seth pisze:
> So the takeaway is that the NSA had almost six months to investigate or
> nab Snowden from the time of his first attempt to contact Greenwald on Dec
> 1st 2012 until he was on a plane to Hong Kong on May 19th 2013.
> 
> Meanwhile he's running a large Tor exit node and organizing CryptoParties.
> 
> This is not exactly what you would call keeping a low profile or 'good
> OPSEC' for a person actively planning to drop the biggest Intel leak in
> history.
> 
> I find this unbelievable.

So, what is the more believable hipothesis, then? Could you please share?

Because mine is Hanlon's razor: NSA were simply incompetent. With a haystack 
like this, it's really hard to find any needles[1]. They missed the Boston 
Bomber, for instance[2].

[1] http://rys.io/en/151
[2] http://www.latinospost.com/articles/21395/20130613/nsa-prism-surveillance-missed-boston-bomber-al-queda-connection-tamerlan.htm

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150504/39a9d118/attachment.sig>

From rysiek at hackerspace.pl  Mon May  4 00:41:34 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 04 May 2015 09:41:34 +0200
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <5401591.qCVUQCG0KI@lapuntu>

Dnia niedziela, 3 maja 2015 20:51:02 jim bell pisze:
> They do, however, have "airplane-mode" function, where (presumably) they are
> set to not emit any signals in any band.  That doesn't mean they couldn't
> hear, or record, audio, or detect RF signals, for recording and later
> transmission.

That doesn't even mean they can't transmit and receive. They just *claim* they 
can't. If your threat model contains "NSA controlling my phone" threat, 
airplane mode is not a real option.

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150504/311263cd/attachment.sig>

From s at ctrlc.hu  Mon May  4 02:28:51 2015
From: s at ctrlc.hu (stef)
Date: Mon, 4 May 2015 11:28:51 +0200
Subject: Meeting Snowden in Princeton
In-Reply-To: <1760275.vCFGWDakc1@lapuntu>
References: <5545929B.10805@riseup.net> <5546ECF1.5070304@riseup.net>
 <op.xx3kac1bbgbjo9@work-pc.lan> <1760275.vCFGWDakc1@lapuntu>
Message-ID: <20150504092851.GD7148@ctrlc.hu>

On Mon, May 04, 2015 at 09:37:34AM +0200, rysiek wrote:
> So, what is the more believable hipothesis, then? Could you please share?

deception in military is as important as traditional civilian security tools.
interpret this however you want, civilian ;)

-- 
otr fp: https://www.ctrlc.hu/~stef/otr.txt




From juan.g71 at gmail.com  Mon May  4 12:25:34 2015
From: juan.g71 at gmail.com (Juan)
Date: Mon, 4 May 2015 16:25:34 -0300
Subject: Meeting Snowden in Princeton
In-Reply-To: <op.xx3kac1bbgbjo9@work-pc.lan>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com>
 <5546BEFC.3000507@riseup.net>
 <5546d407.c41c8c0a.767c.ffffc5c8@mx.google.com>
 <5546ECF1.5070304@riseup.net> <op.xx3kac1bbgbjo9@work-pc.lan>
Message-ID: <5547c694.a8278c0a.13ed.56e4@mx.google.com>

On Sun, 03 May 2015 23:00:02 -0700
Seth <list at sysfu.com> wrote:


> 
> I posted about this exact issue back in December, mostly to the sound
> of crickets.
> 
> To recap the timeline:
> 
> Sometime late 2012 - Snowden emails Runa Sandvik and provides his
> real name and address in order to obtain some Tor stickers. *** Link
> between his legal identity and the cincinnatus at lavabit.com email
> appears to have been established at this point to anyone monitoring
> his communications *** Discussion leads to the idea to host a
> Cryptoparty. [1]
> 
> December 1, 2012: Snowden emails Greenwald for the first time via  
> cincinnatus at lavabit.com address [1]
> 
> December 11, 2012: Snowden hosts the Cryptoparty in Hawaii while
> waiting for Greenwald to reply. Party is organized USING THE SAME  
> cincinnatus at lavabit.com address as a point of contact on the public  
> cryptoparty web site. [2]
> 
> Jan. 2013: Snowden reaches out to Laura Poitras, a documentary
> filmmaker. [3]

>  ... etc 

> This is not exactly what you would call keeping a low profile or
> 'good OPSEC' for a person actively planning to drop the biggest Intel
> leak in history.
> 
> I find this unbelievable.


	Are you saying the alleged facts you listed are not true?
	(that's a possibility)

	But if you assmue all that is true, then my view fits nicely.
	He didn't bothered with 'opsec' because he didn't need to. 


	


> 
> [1]  
> https://www.techdirt.com/articles/20140521/07124327303/snowden-ran-major-tor-exit-relay-hosted-cryptoparty-hawaii-while-waiting-greenwald-to-reply.shtml
> 
> [2]  
> https://web.archive.org/web/20130327000851/https://cryptoparty.org/wiki/Oahu
> 
> [3]  
> http://www.nbcnews.com/feature/edward-snowden-interview/edward-snowden-timeline-n114871
> 
> [4] https://twitter.com/ggreenwald/statuses/344040301972815872




From jason.mcvetta at gmail.com  Mon May  4 17:36:05 2015
From: jason.mcvetta at gmail.com (Jason McVetta)
Date: Mon, 4 May 2015 17:36:05 -0700
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <5401591.qCVUQCG0KI@lapuntu>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <5401591.qCVUQCG0KI@lapuntu>
Message-ID: <CAN9H=iLrh4jCs71jm3oK0apc2QOXSDjdfBOsyxFjuVfSUPMafQ@mail.gmail.com>

On Mon, May 4, 2015 at 12:41 AM, rysiek <rysiek at hackerspace.pl> wrote:

> That doesn't even mean they can't transmit and receive. They just *claim*
> they
> can't. *If your threat model contains "NSA controlling my phone" threat*,
> airplane mode is not a real option.


Maybe better to say the "attacker controlling my phone" threat.  Doesn't
have to be NSA (or any other TLA) - no reason mobsters, script kiddies,
political opponents, personal enemies, and other non-state attackers
couldn't pull the same trick.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 887 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150504/c00d8a75/attachment.txt>

From list at sysfu.com  Mon May  4 21:22:26 2015
From: list at sysfu.com (Seth)
Date: Mon, 04 May 2015 21:22:26 -0700
Subject: Meeting Snowden in Princeton
In-Reply-To: <5547c694.a8278c0a.13ed.56e4@mx.google.com>
References: <5545929B.10805@riseup.net>
 <5546a6f3.6018370a.1dcc.ffffb3f7@mx.google.com> <5546BEFC.3000507@riseup.net>
 <5546d407.c41c8c0a.767c.ffffc5c8@mx.google.com> <5546ECF1.5070304@riseup.net>
 <op.xx3kac1bbgbjo9@work-pc.lan> <5547c694.a8278c0a.13ed.56e4@mx.google.com>
Message-ID: <op.xx5afocpbgbjo9@work-pc.lan>

On Mon, 04 May 2015 12:25:34 -0700, Juan <juan.g71 at gmail.com> wrote:
>> I find this unbelievable.
>
>
> 	Are you saying the alleged facts you listed are not true?
> 	(that's a possibility)

They're true to the best extent that I've been able to determine. If some  
can identify errors please make them known so the timeline can be  
corrected.

> 	But if you assmue all that is true, then my view fits nicely.
> 	He didn't bothered with 'opsec' because he didn't need to.

That's exactly what I'm driving at. It's hard not to consider the  
conclusion based on the facts presented in the timeline.




From list at sysfu.com  Mon May  4 21:52:59 2015
From: list at sysfu.com (Seth)
Date: Mon, 04 May 2015 21:52:59 -0700
Subject: Meeting Snowden in Princeton
In-Reply-To: <1760275.vCFGWDakc1@lapuntu>
References: <5545929B.10805@riseup.net> <5546ECF1.5070304@riseup.net>
 <op.xx3kac1bbgbjo9@work-pc.lan> <1760275.vCFGWDakc1@lapuntu>
Message-ID: <op.xx5bulpnbgbjo9@work-pc.lan>

On Mon, 04 May 2015 00:37:34 -0700, rysiek <rysiek at hackerspace.pl> wrote:
> So, what is the more believable hipothesis, then? Could you please share?

The fact that I do not yet have a fully fleshed out alternative theory  
does immediately disqualify me pointing out flaws in the prevailing  
narrative.

By extension, I don't necessarily have to explain exactly how the presents  
got under the Christmas tree to observe that it would be physically  
impossible for Santa Klaus to drop down the chimneys of 100+ million  
households in America in the span of 8 hours.




From rysiek at hackerspace.pl  Mon May  4 13:02:14 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Mon, 04 May 2015 22:02:14 +0200
Subject: Meeting Snowden in Princeton
In-Reply-To: <5547c694.a8278c0a.13ed.56e4@mx.google.com>
References: <5545929B.10805@riseup.net> <op.xx3kac1bbgbjo9@work-pc.lan>
 <5547c694.a8278c0a.13ed.56e4@mx.google.com>
Message-ID: <1800077.B57ZTjh3Ee@lapuntu>

Dnia poniedziałek, 4 maja 2015 16:25:34 Juan pisze:
> > This is not exactly what you would call keeping a low profile or
> > 'good OPSEC' for a person actively planning to drop the biggest Intel
> > leak in history.
> > 
> > I find this unbelievable.
> 
> 	Are you saying the alleged facts you listed are not true?
> 	(that's a possibility)
> 
> 	But if you assmue all that is true, then my view fits nicely.
> 	He didn't bothered with 'opsec' because he didn't need to.

Maybe he didn't. Some will draw conclusions about how extremely competent the 
NSA thus is (as in: Snowden being a plant, a part of a larger operation to 
deceive the public or whomever about something); some will rather draw 
conclusions on how incompetent it is (as in: missed the Boston Bomber, missed 
Snowden, etc).

You're free to chouse your poison. :)

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150504/1a4c0cc9/attachment.sig>

From juan.g71 at gmail.com  Mon May  4 18:11:06 2015
From: juan.g71 at gmail.com (Juan)
Date: Mon, 4 May 2015 22:11:06 -0300
Subject: Meeting Snowden in Princeton
In-Reply-To: <1800077.B57ZTjh3Ee@lapuntu>
References: <5545929B.10805@riseup.net> <op.xx3kac1bbgbjo9@work-pc.lan>
 <5547c694.a8278c0a.13ed.56e4@mx.google.com>
 <1800077.B57ZTjh3Ee@lapuntu>
Message-ID: <55481793.4dc38c0a.1609.5843@mx.google.com>

On Mon, 04 May 2015 22:02:14 +0200
rysiek <rysiek at hackerspace.pl> wrote:

> Dnia poniedziałek, 4 maja 2015 16:25:34 Juan pisze:
> > > This is not exactly what you would call keeping a low profile or
> > > 'good OPSEC' for a person actively planning to drop the biggest
> > > Intel leak in history.
> > > 
> > > I find this unbelievable.
> > 
> > 	Are you saying the alleged facts you listed are not true?
> > 	(that's a possibility)
> > 
> > 	But if you assmue all that is true, then my view fits
> > nicely. He didn't bothered with 'opsec' because he didn't need to.
> 
> Maybe he didn't. Some will draw conclusions about how extremely
> competent the NSA thus is (as in: Snowden being a plant, a part of a
> larger operation to deceive the public or whomever about something);

	My conclusion is that he didn't need sophisticated opsec
	because he wasn't a suspect. And no, that doesn't mean he is a
	plant. It simply means he was regarded as a loyal empployee and
	loyal subject of the state. 


> some will rather draw conclusions on how incompetent it is (as in:
> missed the Boston Bomber, missed Snowden, etc).

	Yes, they missed Snowden so they are incompetent to some
	degree. Arguably in this particular case their incompetence
	wasn't exactly small... 

> You're free to chouse your poison. :)
> 

	I like poison

	(idiocracy - I like money)






From grarpamp at gmail.com  Tue May  5 02:32:59 2015
From: grarpamp at gmail.com (grarpamp)
Date: Tue, 5 May 2015 05:32:59 -0400
Subject: Jim Bell vindicated
In-Reply-To: <op.xx5awby4bgbjo9@work-pc.lan>
References: <op.xx5awby4bgbjo9@work-pc.lan>
Message-ID: <CAD2Ti2-zdmH1+FLTwF28b9YRLgUeKA4Yd-_LnaqswtDNCS0p9Q@mail.gmail.com>

https://www.youtube.com/watch?v=IgPqUx4c9-M
https://www.youtube.com/watch?v=uYLrvAs9_9c




From griffin at cryptolab.net  Tue May  5 07:38:57 2015
From: griffin at cryptolab.net (Griffin Boyce)
Date: Tue, 05 May 2015 10:38:57 -0400
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <197A87A0-2409-4130-8812-5AA88E472B68@cathalgarvey.me>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
 <197A87A0-2409-4130-8812-5AA88E472B68@cathalgarvey.me>
Message-ID: <e365a63a4fada25b647b98537559054a@cryptolab.net>

Cathal (Phone) wrote:
> OR: Put phone in microwave and set it for a slow-roast program. The
> interference will prevent harmful spy-rays from reaching the phone.
> 
>  Bonus, you can fast-charge Apple devices using the Microwave thanks
> to #AppleWave!

I find that putting my tinfoil hats in the microwave on high for five 
minutes really restores their luster. ;P




From Rayzer at riseup.net  Tue May  5 11:07:44 2015
From: Rayzer at riseup.net (Razer)
Date: Tue, 05 May 2015 11:07:44 -0700
Subject: Jim Bell vindicated
In-Reply-To: <op.xx5awby4bgbjo9@work-pc.lan>
References: <op.xx5awby4bgbjo9@work-pc.lan>
Message-ID: <554906F0.8010102@riseup.net>

On 05/04/2015 09:32 PM, Seth wrote:
> A PERSONAL NOTE
> It’s tasteless to rejoice in the death of other people

No... It's sociopathic.

I'm going to put my neck on the block here and state  quite plainly that
Libertarianism is a trojan horse for Feudal Fascism if carried out in an
American society whose Community and Family structures are so
dysfunctional, so (I'm gonna spell it out) Fucked Up Beyond ALL
Recognition, they're barely recognizable as those by most of the rest of
the world’s population.

(See: http://cluborlov.blogspot.com/2010/11/but-what-is-community.html)

Exhibit A: a copy of Ron Paul's political newsletter post-Rodney King
riots in 1992 wherein he discusses how to kill someone and get away with
it. The "Someone" he's referring to are Black "animals", and states he
taught his family (incl his son Senator Rand Paul, running for prez) to
do so. because

    “the animals are coming."

Synopsis/links:
http://auntieimperial.tumblr.com/post/118031484489

Direct:
http://pando.com/2015/05/01/baltimore-the-walking-dead/

http://pando.com/2015/05/02/for-the-record-heres-the-ron-paul-newsletter-on-1992s-l-a-riots-and-advice-on-killing-black-animals/



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150505/c2f4cde4/attachment.sig>

From cathalgarvey at cathalgarvey.me  Tue May  5 05:39:59 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Tue, 05 May 2015 13:39:59 +0100
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <20150505115802.GA2521@sivokote.iziade.m$>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
Message-ID: <197A87A0-2409-4130-8812-5AA88E472B68@cathalgarvey.me>

OR: Put phone in microwave and set it for a slow-roast program. The interference will prevent harmful spy-rays from reaching the phone.

Bonus, you can fast-charge Apple devices using the Microwave thanks to #AppleWave!

On 5 May 2015 12:58:02 GMT+01:00, Georgi Guninski <guninski at guninski.com> wrote:
>On Sun, May 03, 2015 at 08:51:02PM +0000, jim bell wrote:
>> >removing the battery may vary among devices. Snowden told people
>> >visiting him in Hong Kong to put their phones in the refrigerator,
>which
>> >is a Faraday cage. Also, using a bag is arguably less hassle than
>> >removing the battery.
>> For an RF-shield, I think that using a microwave oven would be much
>superior to a refrigerator.  By definition, a microwave oven is
>designed to contain a huge (1 kilowatt) emission of 2.45 GHz signal
>(close to those of cell phone frequencies, some are 1700-1900 MHz), so
>that humans can live with reasonable safety a foot or so away from it.
> This implies a shielding of around 60 decibels.I'd keep a container of
>water inside the microwave cavity to absorb emitted microwave-band
>signals.  (And, of course, you should detach the power-cord of the
>microwave, to avoid accidently frying your valuable electronics.)As for
>smartphones, my understanding is that most of them don't have
>detachable batteries.  They do, however, have "airplane-mode" function,
>where (presumably) they are set to not emit any signals in any band.
> That doesn't mean they couldn't hear, or record, audio, or detect RF
>signals, for recording and later transmission. 
>>       Jim Bell   N7IJS             Proudly standing as the LAST
>"Tech-Plus" Ham (Amateur Radio Operator) in the World.
>>
>
>
>For maximum safety: ;)
>
>1. Put the phone in airplane mode
>2. Physically remove the battery
>3. Put the phone in tinfoil faraday cage as explained here
>4. Put the faraday cage in the microwave oven
>
>> 
>> 
>> 
>> 
>> 
>>   

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2720 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150505/33af0ed9/attachment.txt>

From guninski at guninski.com  Tue May  5 04:58:02 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Tue, 5 May 2015 14:58:02 +0300
Subject: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <20150505115802.GA2521@sivokote.iziade.m$>

On Sun, May 03, 2015 at 08:51:02PM +0000, jim bell wrote:
> >removing the battery may vary among devices. Snowden told people
> >visiting him in Hong Kong to put their phones in the refrigerator, which
> >is a Faraday cage. Also, using a bag is arguably less hassle than
> >removing the battery.
> For an RF-shield, I think that using a microwave oven would be much superior to a refrigerator.  By definition, a microwave oven is designed to contain a huge (1 kilowatt) emission of 2.45 GHz signal (close to those of cell phone frequencies, some are 1700-1900 MHz), so that humans can live with reasonable safety a foot or so away from it.  This implies a shielding of around 60 decibels.I'd keep a container of water inside the microwave cavity to absorb emitted microwave-band signals.  (And, of course, you should detach the power-cord of the microwave, to avoid accidently frying your valuable electronics.)As for smartphones, my understanding is that most of them don't have detachable batteries.  They do, however, have "airplane-mode" function, where (presumably) they are set to not emit any signals in any band.  That doesn't mean they couldn't hear, or record, audio, or detect RF signals, for recording and later transmission. 
>       Jim Bell   N7IJS             Proudly standing as the LAST "Tech-Plus" Ham (Amateur Radio Operator) in the World.
>


For maximum safety: ;)

1. Put the phone in airplane mode
2. Physically remove the battery
3. Put the phone in tinfoil faraday cage as explained here
4. Put the faraday cage in the microwave oven

> 
> 
> 
> 
> 
>   




From Rayzer at riseup.net  Tue May  5 15:49:20 2015
From: Rayzer at riseup.net (Razer)
Date: Tue, 05 May 2015 15:49:20 -0700
Subject: Jim Bell vindicated
In-Reply-To: <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <554906F0.8010102@riseup.net>
 <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>
 <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>
Message-ID: <554948F0.6020408@riseup.net>



On 05/05/2015 02:15 PM, Robert Hettinga wrote:
>> On May 5, 2015, at 4:16 PM, Juan <juan.g71 at gmail.com> wrote:
>>
>> a fair amount of alleged libertarians are libertarianism's
>> 	worst enemy…
>
> “A libertarian is someone who agrees with *me*.” — J. Neil Schulman, “Alongside Night”
>
> Cheers,
> RAH
>
>
>
>

A libertarian believes your rights are just as important as theirs until
your rights interfere with theirs then your rights mean squat ~Me

Other than that I would believe there's a 5th Column in the Libertarian
ranks. There was such a thing in the Rethuiglican ranks too, in the 60s.
A number of dems on the radical side of the party (had to believe now
days) saw a weak Republican party and registered as Republicans to screw
up their primaries, and possibly the national elections as well.

The fellow I archived radio news/commentary for was one of them.

Here's his CV:

[February 20 2009] Travus T. Hipp Morning News & Commentary: Six Decades
Of What Could Only Be Described As 'Anti-Americanism' - The Whats And
Whys Of 'Where Did I Go Wrong?'

https://archive.org/details/tth_090220

It speaks for it's anti-imperial self. The net effect of that attempt is
unknown to me as I was a bit on the young side but I understand the
strategy is possible. We'll see.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150505/c76e6308/attachment.sig>

From juan.g71 at gmail.com  Tue May  5 12:35:33 2015
From: juan.g71 at gmail.com (Juan)
Date: Tue, 5 May 2015 16:35:33 -0300
Subject: phone opsec
In-Reply-To: <20150505115802.GA2521@sivokote.iziade.m$>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
Message-ID: <55491a69.475f8c0a.3b6e.30ef@mx.google.com>

On Tue, 5 May 2015 14:58:02 +0300
Georgi Guninski <guninski at guninski.com> wrote:


> For maximum safety: ;)
> 
> 1. Put the phone in airplane mode
> 2. Physically remove the battery
> 3. Put the phone in tinfoil faraday cage as explained here
> 4. Put the faraday cage in the microwave oven
>

	
	1. get a hammer
	2. use it




From dal at riseup.net  Tue May  5 14:40:51 2015
From: dal at riseup.net (Douglas Lucas)
Date: Tue, 05 May 2015 16:40:51 -0500
Subject: phone opsec
In-Reply-To: <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
 <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
Message-ID: <554938E3.70008@riseup.net>



On 05/05/2015 02:35 PM, Juan wrote:
> On Tue, 5 May 2015 14:58:02 +0300
> Georgi Guninski <guninski at guninski.com> wrote:
> 
> 
>> > For maximum safety: ;)
>> > 
>> > 1. Put the phone in airplane mode
>> > 2. Physically remove the battery
>> > 3. Put the phone in tinfoil faraday cage as explained here
>> > 4. Put the faraday cage in the microwave oven
>> >
> 	
> 	1. get a hammer
> 	2. use it

3. Stop organizing large numbers of people to do anything offline, it is
completely worthless, it is laughable that Mexicans are destroying
government buildings to resist the narcostate, what dorks, they use
phones, they and the journalists murdered there should be completely
ignored by Twitter accounts with millions of followers in favor of David
Miranda

4. Cypherpunks using sekrit crypto should become Bitcoin billionaries
because once they have tons of money, they will be normal, average,
amicable billionaires like Pierre Omidyar and lead us to social justice
just like other oligarchs have throughout history, only this time it
will be even better since computers are cool




From hettinga at gmail.com  Tue May  5 14:15:48 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Tue, 5 May 2015 17:15:48 -0400
Subject: Jim Bell vindicated
In-Reply-To: <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <554906F0.8010102@riseup.net>
 <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>
Message-ID: <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>


> On May 5, 2015, at 4:16 PM, Juan <juan.g71 at gmail.com> wrote:
> 
> a fair amount of alleged libertarians are libertarianism's
> 	worst enemy…


“A libertarian is someone who agrees with *me*.” — J. Neil Schulman, “Alongside Night”

Cheers,
RAH





From juan.g71 at gmail.com  Tue May  5 13:16:18 2015
From: juan.g71 at gmail.com (Juan)
Date: Tue, 5 May 2015 17:16:18 -0300
Subject: Jim Bell vindicated
In-Reply-To: <554906F0.8010102@riseup.net>
References: <op.xx5awby4bgbjo9@work-pc.lan>
	<554906F0.8010102@riseup.net>
Message-ID: <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>

On Tue, 05 May 2015 11:07:44 -0700
Razer <Rayzer at riseup.net> wrote:

> On 05/04/2015 09:32 PM, Seth wrote:
> > A PERSONAL NOTE
> > It’s tasteless to rejoice in the death of other people
> 
> No... It's sociopathic.
> 
> I'm going to put my neck on the block here and state  quite plainly
> that Libertarianism is a trojan horse for Feudal Fascism if carried
> out in an American society

	That seems to suggest that feudal fascism is not the current
	american system...? =P 

	

> Exhibit A: a copy of Ron Paul's political newsletter post-Rodney King
> riots in 1992 wherein he discusses how to kill someone and get away
> with it. The "Someone" he's referring to are Black "animals", and
> states he taught his family (incl his son Senator Rand Paul, running
> for prez) to do so. because
> 
>     “the animals are coming."

	
	a fair amount of alleged libertarians are libertarianism's
	worst enemy...




> 
> Synopsis/links:
> http://auntieimperial.tumblr.com/post/118031484489
> 
> Direct:
> http://pando.com/2015/05/01/baltimore-the-walking-dead/
> 
> http://pando.com/2015/05/02/for-the-record-heres-the-ron-paul-newsletter-on-1992s-l-a-riots-and-advice-on-killing-black-animals/
> 
> 
> 





From hettinga at gmail.com  Tue May  5 14:55:52 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Tue, 5 May 2015 17:55:52 -0400
Subject: Jim Bell vindicated
In-Reply-To: <55493593.1130370a.26ba.4d24@mx.google.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <554906F0.8010102@riseup.net>
 <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>
 <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>
 <55493593.1130370a.26ba.4d24@mx.google.com>
Message-ID: <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>


> On May 5, 2015, at 5:31 PM, Juan <juan.g71 at gmail.com> wrote:
> 
> 	that guy schulman speaks directly with god!!! no way he could
> 	be wrong 

Atheist.

:-)

Cheers,
RAH




From juan.g71 at gmail.com  Tue May  5 14:31:23 2015
From: juan.g71 at gmail.com (Juan)
Date: Tue, 5 May 2015 18:31:23 -0300
Subject: Jim Bell vindicated
In-Reply-To: <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <554906F0.8010102@riseup.net>
 <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>
 <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>
Message-ID: <55493593.1130370a.26ba.4d24@mx.google.com>

On Tue, 5 May 2015 17:15:48 -0400
Robert Hettinga <hettinga at gmail.com> wrote:

> 
> > On May 5, 2015, at 4:16 PM, Juan <juan.g71 at gmail.com> wrote:
> > 
> > a fair amount of alleged libertarians are libertarianism's
> > 	worst enemy…
> 
> 
> “A libertarian is someone who agrees with *me*.” — J. Neil Schulman,
> “Alongside Night”



	that guy schulman speaks directly with god!!! no way he could
	be wrong 



> 
> Cheers,
> RAH
> 





From juan.g71 at gmail.com  Tue May  5 15:19:38 2015
From: juan.g71 at gmail.com (Juan)
Date: Tue, 5 May 2015 19:19:38 -0300
Subject: Jim Bell vindicated
In-Reply-To: <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <554906F0.8010102@riseup.net>
 <554923f6.0eec8c0a.1fb9.0ab3@mx.google.com>
 <09B6184F-E9C8-4304-B253-7A7D9CA9C558@gmail.com>
 <55493593.1130370a.26ba.4d24@mx.google.com>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
Message-ID: <554940e0.4aef8c0a.49a3.1e88@mx.google.com>

On Tue, 5 May 2015 17:55:52 -0400
Robert Hettinga <hettinga at gmail.com> wrote:

> 
> > On May 5, 2015, at 5:31 PM, Juan <juan.g71 at gmail.com> wrote:
> > 
> > 	that guy schulman speaks directly with god!!! no way he
> > could be wrong 
> 
> Atheist.
> 
> :-)


	How can you be an atheist now that Neil Schulman has
	proven god's existence? =) 



> 
> Cheers,
> RAH
> 




From juan.g71 at gmail.com  Tue May  5 15:38:33 2015
From: juan.g71 at gmail.com (Juan)
Date: Tue, 5 May 2015 19:38:33 -0300
Subject: phone opsec
In-Reply-To: <20150505222730.6ea539ee@detachyondmale.com>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
 <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
 <20150505222730.6ea539ee@detachyondmale.com>
Message-ID: <5549454e.4b978c0a.0cf8.289a@mx.google.com>

On Tue, 5 May 2015 22:27:30 +0000
Ron Perry <ronperry at cryptogroup.net> wrote:

> On Tue, 5 May 2015 16:35:33 -0300
> Juan <juan.g71 at gmail.com> wrote:
> 
> > On Tue, 5 May 2015 14:58:02 +0300
> > Georgi Guninski <guninski at guninski.com> wrote:
> > 
> > 
> > > For maximum safety: ;)
> > > 
> > > 1. Put the phone in airplane mode
> > > 2. Physically remove the battery
> > > 3. Put the phone in tinfoil faraday cage as explained here
> > > 4. Put the faraday cage in the microwave oven
> > >
> > 
> > 	
> > 	1. get a hammer
> > 	2. use it
> > 
> 
> 1. Switch on phone
> 2. Leave it at home, always
> 3. Use your phone location as alibi 


	Ha. That's a good one. 





From guninski at guninski.com  Tue May  5 09:38:43 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Tue, 5 May 2015 19:38:43 +0300
Subject: [OT] Re: How are the Baltimore riots going?/Any way we can help?
In-Reply-To: <e365a63a4fada25b647b98537559054a@cryptolab.net>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
 <197A87A0-2409-4130-8812-5AA88E472B68@cathalgarvey.me>
 <e365a63a4fada25b647b98537559054a@cryptolab.net>
Message-ID: <20150505163843.GB2521@sivokote.iziade.m$>

On Tue, May 05, 2015 at 10:38:57AM -0400, Griffin Boyce wrote:
> Cathal (Phone) wrote:
> >OR: Put phone in microwave and set it for a slow-roast program. The
> >interference will prevent harmful spy-rays from reaching the phone.
> >
> > Bonus, you can fast-charge Apple devices using the Microwave thanks
> >to #AppleWave!
> 
> I find that putting my tinfoil hats in the microwave on high for
> five minutes really restores their luster. ;P

lol...

Likely entirely offtopic, but this reminds be of the joke
which in Bulgarian reads:

"Когато станем милиарди, ще видиш ти на кой ще викаш луд"

Very roughly translated, pun lost:

"When we reach billions lunatics, you would be much more
careful whom you call madman"





From ronperry at cryptogroup.net  Tue May  5 15:27:30 2015
From: ronperry at cryptogroup.net (Ron Perry)
Date: Tue, 5 May 2015 22:27:30 +0000
Subject: phone opsec
In-Reply-To: <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
References: <55466CD2.1040406@riseup.net>
 <1871317533.784772.1430686262060.JavaMail.yahoo@mail.yahoo.com>
 <20150505115802.GA2521@sivokote.iziade.m$>
 <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
Message-ID: <20150505222730.6ea539ee@detachyondmale.com>

On Tue, 5 May 2015 16:35:33 -0300
Juan <juan.g71 at gmail.com> wrote:

> On Tue, 5 May 2015 14:58:02 +0300
> Georgi Guninski <guninski at guninski.com> wrote:
> 
> 
> > For maximum safety: ;)
> > 
> > 1. Put the phone in airplane mode
> > 2. Physically remove the battery
> > 3. Put the phone in tinfoil faraday cage as explained here
> > 4. Put the faraday cage in the microwave oven
> >
> 
> 	
> 	1. get a hammer
> 	2. use it
> 

1. Switch on phone
2. Leave it at home, always
3. Use your phone location as alibi 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150505/937f1f7a/attachment.sig>

From grarpamp at gmail.com  Tue May  5 19:52:13 2015
From: grarpamp at gmail.com (grarpamp)
Date: Tue, 5 May 2015 22:52:13 -0400
Subject: [tor-talk] German University signs up 24 tor relays
In-Reply-To: <87383aabgf.fsf@example.com>
References: <5548D4B4.9040303@rwth-aachen.de>
 <20150505155135.GD7800@moria.seul.org>
 <20150505163624.5D57FE04BF@smtp.hushmail.com>
 <5548F685.2090704@openmailbox.org>
 <20150505170747.61F8BE04BF@smtp.hushmail.com>
 <CAD2Ti2-5ZAESPW67Aw1-x3HJYLgaSFjQi0pNDDFBPk4F0hT+kw@mail.gmail.com>
 <87383aabgf.fsf@example.com>
Message-ID: <CAD2Ti292cMhyOWENyc1iLcr1MQd4My-o-8GfueSw2YjMmHVjiQ@mail.gmail.com>

On Tue, May 5, 2015 at 6:47 PM, W. Greenhouse <wgreenhouse at riseup.net> wrote:
> grarpamp <grarpamp at gmail.com> writes:
>
>> Tor is not some private kingdom. It's an open application
>> used and operated by whoever for whatever. It is absolutely
>> the business of interested users to report, bring attention,
>> interrogate and make lists of relays to use, promote or badexit as
>> desired. And the business of relays to contactinfo, family, or
>> ignore them as they wish. And of people to sniff passwords, inject
>> malware, study traffic, researchers to research and others to have
>> interest, bandwidth to be donated, disruption and exploit to be attempted,
>> fileshare, illegal/legal use, promote best practices, etc. That's the nature,
>> strength and weakness of open apps. A free for all where people use
>> it as they wish, that's their purview, no police. You expect that, else you
>> didn't read the label. Nothing you can do about it. Deal with it or
>> create / fork
>> your own kingdom. Tor's certainly not the last / best iteration of an anonymity
>> network that there will ever be.
>
> Ack. I wouldn't want Tor to be anything but an open protocol/network.
> That said, the lack of network security researchers treating their research
> as human subjects research when human subjects can be put at risk by it is
> troubling.

Most researchers ultimately work for or at pleasure of
"The Man" through R&E funding, grants, taxes, etc, so
what do you expect? It's the same reason Tor Project gets
endless amounts of shit piled on them for choosing to
accept government funds. It's a fine line. At the same time
you can't deny the benefits the research, usually attacking
your network of choice... someone will do it anyways, or
patching your net more resistant. So you have to take it as
the free for all it is. It doesn't help that politic and media
representing such systems as inhabited nearly entirely by
FHOTI (and where good uses remain unseen by nature), and
whatever bits of morality regarding human subjects may
get used as cannon fodder.

Very few work truly independantly for the fame of building
resistant / resistance systems, let alone anonymously,
sustainably, and at a level that results in a usable product
that is used at scale. Just another reason anon-capable virtual
currencies are feared by governments. They can support
such models. Though as a user, due diligence is still required.

In a connected digital world, that has and is developing faster
than evolution's capacity to deal with it, everything is human
subjects, and that's something everyone involved must consider...
the outcome when your work is inevitably turned towards you
or someone or something you care about... is that the work
you want to be doing?




From grarpamp at gmail.com  Tue May  5 20:14:57 2015
From: grarpamp at gmail.com (grarpamp)
Date: Tue, 5 May 2015 23:14:57 -0400
Subject: Euros trending all PATRIOTic after a few dead bodies
Message-ID: <CAD2Ti287Q8YyjWKqGzoodBEf4mG0sVFks9Ospb1sRNd=nk9MSQ@mail.gmail.com>

http://www.nytimes.com/2015/05/06/world/europe/french-legislators-approve-sweeping-intelligence-bill.html

Mr. Valls promised that the law would be “targeted” and insisted that
its main focus was to protect French citizens from terrorism.
“The means of surveillance for anticipating, detecting and prevention
of attacks will be strictly limited,” he promised.

“It is a state lie,” said Pierre-Olivier Sur, the head of the Paris
bar association. “This project was presented to us as a way to protect
France against terrorism, and if that were the case, I would back it.”
“But it is being done to put in place a sort of Patriot Act concerning
the activities of each and everyone,” he said,

“I think that opportunistic laws are always bad laws,” the editor in
chief, Gérard Biard, said

“The requirement that the Internet companies use the black boxes is a
requirement that Russia has as well,”




From jya at pipeline.com  Wed May  6 03:46:43 2015
From: jya at pipeline.com (John Young)
Date: Wed, 06 May 2015 06:46:43 -0400
Subject: Jim Bell vindicated
In-Reply-To: <2170660.XXGr9GCpTf@lapuntu>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
 <554940e0.4aef8c0a.49a3.1e88@mx.google.com>
 <2170660.XXGr9GCpTf@lapuntu>
Message-ID: <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>

Anselm or another really smart Arab philosopher argued that
God is the only atheist and can be the only one. Well, these
thinkers invented the concept of zero, which subsumes, whatever,
that fancy word means, fits the notion of singular atheist.

Along came Sartre and a gang of existentialist bozos who
got aroused by the notion of nothingness. So happens most
of them were atheists except in foxholes, then Mommy was
what they cried.

There you have it, God is a single Mom, pissed at having no
deadbeat shitheads to whang with a skillet for inseminating
little whiney turds inside Her Vatican, most sporting red skullcaps
like penile protubers, pretending celibacy, that is, Grateful Deadhead
Daddies ravaging the mommies of spoiled crybaby atheists who
want to be their own daddies shacked up inside the panties of
Big Bad Mom.

Sartre, a mommy's boy pure existencely, called this the desire
to be god, this spoiled brat atheism, this less than zero wankism,
this lust to be St Peter, sorry for the penility, this Me, Me, Me,
sucking on Mommy's mammary, yearning to assassinate
Daddies for taking all mom's milk themselves.

Jim Bell, get off that tit.

At 04:32 AM 5/6/2015, you wrote:
>Dnia wtorek, 5 maja 2015 19:19:38 Juan pisze:
> > On Tue, 5 May 2015 17:55:52 -0400
> >
> > Robert Hettinga <hettinga at gmail.com> wrote:
> > > > On May 5, 2015, at 5:31 PM, Juan <juan.g71 at gmail.com> wrote:
> > > >   that guy schulman speaks directly with god!!! no way he
> > > >
> > > > could be wrong
> > >
> > > Atheist.
> > >
> > > :-)
> >
> >       How can you be an atheist now that Neil Schulman has
> >       proven god's existence? =)
>
>Oblig.
>http://xkcd.com/1505/
>
>--
>Pozdrawiam,
>Michał "rysiek" Woźniak
>
>Zmieniam klucz GPG :: http://rys.io/pl/147
>GPG Key Transition :: http://rys.io/en/147






From hettinga at gmail.com  Wed May  6 05:17:15 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Wed, 6 May 2015 08:17:15 -0400
Subject: Jim Bell vindicated
In-Reply-To: <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
 <554940e0.4aef8c0a.49a3.1e88@mx.google.com> <2170660.XXGr9GCpTf@lapuntu>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
Message-ID: <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>


> On May 6, 2015, at 6:46 AM, John Young <jya at pipeline.com> wrote a splendid bit of Younglish:
> 
> Anselm or another really smart Arab philosopher […]

<further crypto-leftist mid-twentieth-century libtard pseudo-intellectual jiggery-pokery elided…>


ObPedantry: Anselm was not an Arab, his reductive "proof of god" as “perfect" parlor trick notwithstanding.


There were *no* Arab philosophers, much less "really smart" ones. 

Avicenna, for instance, was Persian, and like most Arab-conquered middle eastern types by then, regurgitated earlier Greek text using Indian astronomy math, including the zero, finance, (the foreign exchange contract, the letter of credit, and the demand-deposit check, say), and science. A bare fraction of which was actually “saved” by rampaging Islamic Arab rapine, physical, intellectual, and otherwise. There were *copies*, even better ones, of the contents of the Library at Alexandria, all over the ancient middle east, and even after it was burned by both Ceasar and a Bishop or two, it was the Muslims who actually burned its entire contents. And all the other libraries besides.

Averroes, another leading “Arab” philosophical light, was a Spaniard. And an Aristotelian. So no new philosophy there, either. 

All of Arab “contributions” to “civilization” were derivative. The lateen sail was Roman (“Lateen”, geddit?), for instance. Damascus steel was Indian wootz steel.


The Arabs' principal accomplishment, if you can call it that, was destroying the ancient world wherever they went, and replacing it with abject barbarism for most of a thousand years. Their piracy in the Mediterranean killed trade between east and west, (and north and south) for the entirety of their command of it and was the proximal cause of the Dark Ages in the West. 

Their contribution to philosophy, if one could call it that, was to declare, after they got sick of listening to Persians and Egyptians prattle badly-regurgitated Greek for a century or so, that *nothing* happens without god’s will, which obviated the need for cause and effect at all. You struck two stones together, and god *decided* that there would be a spark, you see. Which is how the world got blessed with Sharia “law” and all the rest of Islam’s barbaric world view.

As long as there can be nothing unless God wills it, there can be no Islamic science. At least the Orthodox and the Catholics had to somehow incorporate cause and effect into their view of the world, or there would not be any sin. Seeding their own intellectual demise, at least, at the hands of the scientific method later on.

In the west, philosophy was made the “handmaiden” of theology for more than fifteen hundred years. For a thousand of those years, philosophy in Islam was a shit-house slave.


Philosophy didn’t actually occur in the west until Newton figured out how to use mathematics to deal with infinity in order to calculate the motion of objects. Discovered *again*, apparently. Palimpsests have been recovered from Orthodox codices made of scraped-over scrolls containing Archimedes (who else? :-)), dealing in infinitesimals, at least, if not the actual epsilons and deltas which finally nailed calculus to mathematical terra-firma by Bolzano in 1817. 

After Newton, a veritable festival of philosophical navel-gazing began in the West after, with the possible exception of the Stoics and Cynics, almost two thousand years. All to collapse again after Godel proved he was his own grandpa. Or, at least, he *could*, Groucho, belong to a club that would have him as a member.


And, of course, Existentialism, like Freudianism, is merely literature. Okay. Freudianism is really *bad* literature, with Freud conflating Oedipus with Hamlet. Besides, being, you know, proven to be unfalsifiable pseudoscience, in the same breath that Karl Popper took it out with Marxism in the 1950’s. Existentialism isn’t even that. It’s another example of Eric Raymond’s "Gramscian Damage”: <http://esr.ibiblio.org/?p=260>.



The bush weed here on Anguilla’s okay, but it’s clearly not as good as John’s stash. :-)


Cheers,
RAH




From jya at pipeline.com  Wed May  6 06:06:28 2015
From: jya at pipeline.com (John Young)
Date: Wed, 06 May 2015 09:06:28 -0400
Subject: Jim Bell vindicated
In-Reply-To: <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
 <554940e0.4aef8c0a.49a3.1e88@mx.google.com>
 <2170660.XXGr9GCpTf@lapuntu>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
Message-ID: <E1Ypz0E-0002x0-Ak@elasmtp-dupuy.atl.sa.earthlink.net>

Al-right, Robert, the white thinking guy's burden. Al-beit Al-coholic.

At 08:17 AM 5/6/2015, you wrote:

> > On May 6, 2015, at 6:46 AM, John Young 
> <jya at pipeline.com> wrote a splendid bit of Younglish:
> >
> > Anselm or another really smart Arab philosopher [
]
>
><further crypto-leftist mid-twentieth-century 
>libtard pseudo-intellectual jiggery-pokery elided
>
>
>
>ObPedantry: Anselm was not an Arab, his 
>reductive "proof of god" as “perfect" parlor trick notwithstanding.
>
>
>There were *no* Arab philosophers, much less "really smart" ones.
>
>Avicenna, for instance, was Persian, and like 
>most Arab-conquered middle eastern types by 
>then, regurgitated earlier Greek text using 
>Indian astronomy math, including the zero, 
>finance, (the foreign exchange contract, the 
>letter of credit, and the demand-deposit check, 
>say), and science. A bare fraction of which was 
>actually “saved” by rampaging Islamic Arab 
>rapine, physical, intellectual, and otherwise. 
>There were *copies*, even better ones, of the 
>contents of the Library at Alexandria, all over 
>the ancient middle east, and even after it was 
>burned by both Ceasar and a Bishop or two, it 
>was the Muslims who actually burned its entire 
>contents. And all the other libraries besides.
>
>Averroes, another leading “Arab” philosophical 
>light, was a Spaniard. And an Aristotelian. So 
>no new philosophy there, either.
>
>All of Arab “contributions” to “civilization” 
>were derivative. The lateen sail was Roman 
>(“Lateen”, geddit?), for instance. Damascus steel was Indian wootz steel.
>
>
>The Arabs' principal accomplishment, if you can 
>call it that, was destroying the ancient world 
>wherever they went, and replacing it with abject 
>barbarism for most of a thousand years. Their 
>piracy in the Mediterranean killed trade between 
>east and west, (and north and south) for the 
>entirety of their command of it and was the 
>proximal cause of the Dark Ages in the West.
>
>Their contribution to philosophy, if one could 
>call it that, was to declare, after they got 
>sick of listening to Persians and Egyptians 
>prattle badly-regurgitated Greek for a century 
>or so, that *nothing* happens without god’s 
>will, which obviated the need for cause and 
>effect at all. You struck two stones together, 
>and god *decided* that there would be a spark, 
>you see. Which is how the world got blessed with 
>Sharia “law” and all the rest of Islam’s barbaric world view.
>
>As long as there can be nothing unless God wills 
>it, there can be no Islamic science. At least 
>the Orthodox and the Catholics had to somehow 
>incorporate cause and effect into their view of 
>the world, or there would not be any sin. 
>Seeding their own intellectual demise, at least, 
>at the hands of the scientific method later on.
>
>In the west, philosophy was made the 
>“handmaiden” of theology for more than fifteen 
>hundred years. For a thousand of those years, 
>philosophy in Islam was a shit-house slave.
>
>
>Philosophy didn’t actually occur in the west 
>until Newton figured out how to use mathematics 
>to deal with infinity in order to calculate the 
>motion of objects. Discovered *again*, 
>apparently. Palimpsests have been recovered from 
>Orthodox codices made of scraped-over scrolls 
>containing Archimedes (who else? :-)), dealing 
>in infinitesimals, at least, if not the actual 
>epsilons and deltas which finally nailed 
>calculus to mathematical terra-firma by Bolzano in 1817.
>
>After Newton, a veritable festival of 
>philosophical navel-gazing began in the West 
>after, with the possible exception of the Stoics 
>and Cynics, almost two thousand years. All to 
>collapse again after Godel proved he was his own 
>grandpa. Or, at least, he *could*, Groucho, 
>belong to a club that would have him as a member.
>
>
>And, of course, Existentialism, like 
>Freudianism, is merely literature. Okay. 
>Freudianism is really *bad* literature, with 
>Freud conflating Oedipus with Hamlet. Besides, 
>being, you know, proven to be unfalsifiable 
>pseudoscience, in the same breath that Karl 
>Popper took it out with Marxism in the 1950’s. 
>Existentialism isn’t even that. It’s another 
>example of Eric Raymond’s "Gramscian Damage”: <http://esr.ibiblio.org/?p=260>.
>
>
>
>The bush weed here on Anguilla’s okay, but it’s 
>clearly not as good as John’s stash. :-)
>
>
>Cheers,
>RAH






From rysiek at hackerspace.pl  Wed May  6 01:32:59 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 06 May 2015 10:32:59 +0200
Subject: Jim Bell vindicated
In-Reply-To: <554940e0.4aef8c0a.49a3.1e88@mx.google.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
 <554940e0.4aef8c0a.49a3.1e88@mx.google.com>
Message-ID: <2170660.XXGr9GCpTf@lapuntu>

Dnia wtorek, 5 maja 2015 19:19:38 Juan pisze:
> On Tue, 5 May 2015 17:55:52 -0400
> 
> Robert Hettinga <hettinga at gmail.com> wrote:
> > > On May 5, 2015, at 5:31 PM, Juan <juan.g71 at gmail.com> wrote:
> > > 	that guy schulman speaks directly with god!!! no way he
> > > 
> > > could be wrong
> > 
> > Atheist.
> > 
> > :-)
> 
> 	How can you be an atheist now that Neil Schulman has
> 	proven god's existence? =)

Oblig.
http://xkcd.com/1505/

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/ea1fe3be/attachment.sig>

From Rayzer at riseup.net  Wed May  6 13:13:35 2015
From: Rayzer at riseup.net (Razer)
Date: Wed, 06 May 2015 13:13:35 -0700
Subject: Jim Bell vindicated
In-Reply-To: <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
Message-ID: <554A75EF.9080004@riseup.net>



On 05/06/2015 10:35 AM, Robert Hettinga wrote:
> The left’s anti-western urge to annihilate progress

As one very wise native American (Black Elk) once said when asked what
he thought about 'modern progress':

    "I guess it depends on what you're progressing towards."


I posit everyone’s so busy 'progressing', that for the last century...
perhaps the entire timeline of the industrial revolution, NO ONE has
been noticing what they're progressing towards.

Namely self-annihilating the species. I'd much rather "annihilate
'progress'" thanks.

RR

"Yet hear me, friends! we have now to deal with another people, small
and feeble when our forefathers first met with them, but now great and
overbearing. Strangely enough, they have a mind to till the soil, and
the love of possessions is a disease in them. These people have made
many rules that the rich may break, but the poor may not! They have a
religion in which the poor worship, but the rich will not! They even
take tithes of the poor and weak to support the rich and those who rule.
They claim this mother of ours, the Earth, for their own use, and fence
their neighbors away from her, and deface her with their buildings and
their refuse. They compel her to produce out of season, and when sterile
she is made to take medicine in order to produce again. All this is
sacrilege." ~Tatanka Iyotake (Sitting Bull)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/f1efeaae/attachment.sig>

From hettinga at gmail.com  Wed May  6 10:27:56 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Wed, 6 May 2015 13:27:56 -0400
Subject: Jim Bell vindicated
In-Reply-To: <E1Ypz0E-0002x0-Ak@elasmtp-dupuy.atl.sa.earthlink.net>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
 <554940e0.4aef8c0a.49a3.1e88@mx.google.com> <2170660.XXGr9GCpTf@lapuntu>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <E1Ypz0E-0002x0-Ak@elasmtp-dupuy.atl.sa.earthlink.net>
Message-ID: <7203B9FA-2827-482E-9A0A-92165ADCBC24@gmail.com>


> On May 6, 2015, at 9:06 AM, John Young <jya at pipeline.com> wrote:
> 
> white thinking guy's burden

Racist. :-)

Cheers,
RAH




From hettinga at gmail.com  Wed May  6 10:29:08 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Wed, 6 May 2015 13:29:08 -0400
Subject: Jim Bell vindicated
In-Reply-To: <3828630.GhPtQj6AOs@lapuntu>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
Message-ID: <D7485B17-3F33-433C-AB7C-575B71FD2508@gmail.com>


> On May 6, 2015, at 11:10 AM, rysiek <rysiek at hackerspace.pl> wrote:
> 
> Now, now, in no small part Europe got reacquinted (in the ~11th-12th century) 
> with Aristotle via Arabic translations. So, there's that.

The vast majority of which were missing.

:-)

Cheers,
RAH





From hettinga at gmail.com  Wed May  6 10:35:45 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Wed, 6 May 2015 13:35:45 -0400
Subject: Jim Bell vindicated
In-Reply-To: <3828630.GhPtQj6AOs@lapuntu>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
Message-ID: <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>


> On May 6, 2015, at 11:10 AM, rysiek <rysiek at hackerspace.pl> displayed his own Gramscian damage thusly:
> 
> Let me comment thusly:
> https://www.youtube.com/watch?v=jcvd5JZkUXY

Right. And nothing is new. I cite *novel* stuff in every occurrence, outlining actual human *progress*, and you go all relativistic and say they’re derivative. Fine. Derivative of what, exactly? What was the Roman lateen sail derivative of if there had not been a triangular sail before, for instance.

What is Zeno’s paradox, say, derivative of? The Pythagorean theorem? Hero’s steam turbine?

There *is* an arrow to progress. It is measurable. The arrow of islamic culture points in completely the opposite direction. The left’s anti-western urge to annihilate progress, and thus humanity, is striking in its tenacity.

It is evil.

Cheers,
RAH





From shelley at misanthropia.org  Wed May  6 13:49:20 2015
From: shelley at misanthropia.org (Shelley)
Date: Wed, 06 May 2015 13:49:20 -0700
Subject: Jim Bell vindicated
In-Reply-To: <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
Message-ID: <20150506204905.0042CC00019@frontend1.nyi.internal>

On May 6, 2015 1:31:02 PM Juan <juan.g71 at gmail.com> wrote:

> 	A derivative of the fucking jew-christian intellectual
> 	cesspool, and started in the 700 after nonexistent 'christ'.
>

+1,000,000

All religions are cults.  The abrahamic varieties are particularly 
egregious, and their adherents spread their chosen brand of crazy like a 
virus and breed like rabbits to perpetuate the infection.  Society as a 
whole will not advance until this disease is eradicated.

-S





From hettinga at gmail.com  Wed May  6 12:18:50 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Wed, 6 May 2015 15:18:50 -0400
Subject: Jim Bell vindicated
In-Reply-To: <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
Message-ID: <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>


> On May 6, 2015, at 1:54 PM, Cathal (Phone) <cathalgarvey at cathalgarvey.me> wrote:
> 
> The fact that you so easily mix up "Islamic" and "Arabic" is pretty hilarious.

Islam is an Arab cult.

:-)

Cheers,
RAH





From hettinga at gmail.com  Wed May  6 12:21:34 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Wed, 6 May 2015 15:21:34 -0400
Subject: Jim Bell vindicated
In-Reply-To: <CAGRDzQVrbADEPq_gJUHF3HYgCEeRsVmKSGVoNLS8-ukYADkcHw@mail.gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <CAGRDzQVrbADEPq_gJUHF3HYgCEeRsVmKSGVoNLS8-ukYADkcHw@mail.gmail.com>
Message-ID: <3AA7BF2C-95E4-4E36-8445-37645189F382@gmail.com>


> On May 6, 2015, at 2:31 PM, Cari Machet <carimachet at gmail.com> wrote:
> 
> that you think there is 'evil' is anti-arrow let alone 'arrow to progress'

Yup. Brain-rotted anti-intellectual intellectual.


Bless your heart. Have a nice day, darlin’.

Cheers,
RAH





From caterwaulsk01 at eignergemeinschaften.com  Wed May  6 02:30:54 2015
From: caterwaulsk01 at eignergemeinschaften.com (Claudia Aldrich)
Date: Wed, 6 May 2015 16:30:54 +0700
Subject: With a classy watch you will be persona grata at every party.
Message-ID: <000d01d087df$598e9e40$6400a8c0@caterwaulsk01>

If you want to have a perfect look from your head to your toes, you should think of all details. A watch is very important part of your style so make sure it is fashionable and elegant.
&nbsp;

Click is all you need
http://groups.yahoo.com/group/ucsemctfrh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 700 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/46b523a5/attachment.txt>

From juan.g71 at gmail.com  Wed May  6 12:45:39 2015
From: juan.g71 at gmail.com (Juan)
Date: Wed, 6 May 2015 16:45:39 -0300
Subject: Jim Bell vindicated
In-Reply-To: <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
Message-ID: <554a6e44.4937370a.68be.ffffa52c@mx.google.com>

On Wed, 6 May 2015 15:18:50 -0400
Robert Hettinga <hettinga at gmail.com> wrote:

> 
> > On May 6, 2015, at 1:54 PM, Cathal (Phone)
> > <cathalgarvey at cathalgarvey.me> wrote:
> > 
> > The fact that you so easily mix up "Islamic" and "Arabic" is pretty
> > hilarious.
> 
> Islam is an Arab cult.
> 

	A derivative of the fucking jew-christian intellectual
	cesspool, and started in the 700 after nonexistent 'christ'. 


	



> :-)
> 
> Cheers,
> RAH
> 
> 




From rysiek at hackerspace.pl  Wed May  6 08:10:41 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 06 May 2015 17:10:41 +0200
Subject: Jim Bell vindicated
In-Reply-To: <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
Message-ID: <3828630.GhPtQj6AOs@lapuntu>

Yo,

Dnia środa, 6 maja 2015 08:17:15 Robert Hettinga pisze:
> (some not-that-bad analysis ellided)
>
> All of Arab “contributions” to “civilization” were derivative. The lateen
> sail was Roman (“Lateen”, geddit?), for instance. Damascus steel was Indian
> wootz steel.

Let me comment thusly:
https://www.youtube.com/watch?v=jcvd5JZkUXY

> The Arabs' principal accomplishment, if you can call it that, was destroying
> the ancient world wherever they went, and replacing it with abject
> barbarism for most of a thousand years.

Now, now, in no small part Europe got reacquinted (in the ~11th-12th century) 
with Aristotle via Arabic translations. So, there's that.

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/9c3d54cc/attachment.sig>

From rysiek at hackerspace.pl  Wed May  6 08:13:21 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 06 May 2015 17:13:21 +0200
Subject: phone opsec
In-Reply-To: <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
References: <55466CD2.1040406@riseup.net>
 <20150505115802.GA2521@sivokote.iziade.m$>
 <55491a69.475f8c0a.3b6e.30ef@mx.google.com>
Message-ID: <1430927829.joyr6W5FEO@lapuntu>

Dnia wtorek, 5 maja 2015 16:35:33 Juan pisze:
> On Tue, 5 May 2015 14:58:02 +0300
> 
> Georgi Guninski <guninski at guninski.com> wrote:
> > For maximum safety: ;)
> > 
> > 1. Put the phone in airplane mode
> > 2. Physically remove the battery
> > 3. Put the phone in tinfoil faraday cage as explained here
> > 4. Put the faraday cage in the microwave oven
> 
> 	1. get a hammer
> 	2. use it

https://www.youtube.com/watch?v=VaWl2lA7968

No, the irony of linking to a google surveillance machine in this discussion 
is not lost on me.

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/b1781b71/attachment.sig>

From cathalgarvey at cathalgarvey.me  Wed May  6 10:54:26 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Wed, 06 May 2015 18:54:26 +0100
Subject: Jim Bell vindicated
In-Reply-To: <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
Message-ID: <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>

The fact that you so easily mix up "Islamic" and "Arabic" is pretty hilarious.

Ur so lur-ned.

On 6 May 2015 18:35:45 GMT+01:00, Robert Hettinga <hettinga at gmail.com> wrote:
>
>> On May 6, 2015, at 11:10 AM, rysiek <rysiek at hackerspace.pl> displayed
>his own Gramscian damage thusly:
>> 
>> Let me comment thusly:
>> https://www.youtube.com/watch?v=jcvd5JZkUXY
>
>Right. And nothing is new. I cite *novel* stuff in every occurrence,
>outlining actual human *progress*, and you go all relativistic and say
>they’re derivative. Fine. Derivative of what, exactly? What was the
>Roman lateen sail derivative of if there had not been a triangular sail
>before, for instance.
>
>What is Zeno’s paradox, say, derivative of? The Pythagorean theorem?
>Hero’s steam turbine?
>
>There *is* an arrow to progress. It is measurable. The arrow of islamic
>culture points in completely the opposite direction. The left’s
>anti-western urge to annihilate progress, and thus humanity, is
>striking in its tenacity.
>
>It is evil.
>
>Cheers,
>RAH

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1652 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/8713a6d2/attachment.txt>

From carimachet at gmail.com  Wed May  6 11:31:39 2015
From: carimachet at gmail.com (Cari Machet)
Date: Wed, 6 May 2015 20:31:39 +0200
Subject: Jim Bell vindicated
In-Reply-To: <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
Message-ID: <CAGRDzQVrbADEPq_gJUHF3HYgCEeRsVmKSGVoNLS8-ukYADkcHw@mail.gmail.com>

that you think there is 'evil' is anti-arrow let alone 'arrow to progress'

islam is a small section of time within arab culture look to zarathustra

plus muhammad was basically a resistance fighter - anti capitalist like
jesus or so the story goes...

these are stories read or look into joseph campbell - nietzsche ...
buckminster fuller if you are interested

your frames are anti arrow ... your frames are fiction


and john young arabs did not invent 0 indians did - the 'arab' - actually
they say he was persian which is very different - wrote about it was
muhammad ibn musa alKhwarizmi

they say though that he invented algebra/trig but probably also it is a
build - arabs did a lot of astronomy invented tools for calculations etc
... would be nice to know more about what the chinese where doing then too

http://en.wikipedia.org/wiki/Mu%E1%B8%A5ammad_ibn_M%C5%ABs%C4%81_al-Khw%C4%81rizm%C4%AB


On Wed, May 6, 2015 at 7:54 PM, Cathal (Phone) <cathalgarvey at cathalgarvey.me
> wrote:

> The fact that you so easily mix up "Islamic" and "Arabic" is pretty
> hilarious.
>
> Ur so lur-ned.
>
> On 6 May 2015 18:35:45 GMT+01:00, Robert Hettinga <hettinga at gmail.com>
> wrote:
>>
>>
>>  On May 6, 2015, at 11:10 AM, rysiek <rysiek at hackerspace.pl> displayed his own Gramscian damage thusly:
>>>
>>>  Let me comment thusly:
>>>  https://www.youtube.com/watch?v=jcvd5JZkUXY
>>>
>>
>> Right. And nothing is new. I cite *novel* stuff in every occurrence, outlining actual human *progress*, and you go all relativistic and say they're derivative. Fine. Derivative of what, exactly? What was the Roman lateen sail derivative of if there had not been a triangular sail before, for instance.
>>
>> What is Zeno's paradox, say, derivative of? The Pythagorean theorem? Hero's steam turbine?
>>
>> There *is* an arrow to progress. It is measurable. The arrow of islamic culture points in completely the opposite direction. The left's anti-wes!
>>  tern
>> urge to annihilate progress, and thus humanity, is striking in its tenacity.
>>
>> It is evil.
>>
>> Cheers,
>> RAH
>>
>>
>>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>



-- 
Cari Machet
NYC 646-436-7795
carimachet at gmail.com
AIM carismachet
Syria +963-099 277 3243
Amman +962 077 636 9407
Berlin +49 152 11779219
Reykjavik +354 894 8650
Twitter: @carimachet <https://twitter.com/carimachet>

7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187

Ruh-roh, this is now necessary: This email is intended only for the
addressee(s) and may contain confidential information. If you are not the
intended recipient, you are hereby notified that any use of this
information, dissemination, distribution, or copying of this email without
permission is strictly prohibited.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4577 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/1ff0ec55/attachment.txt>

From cathalgarvey at cathalgarvey.me  Wed May  6 12:43:48 2015
From: cathalgarvey at cathalgarvey.me (Cathal Garvey)
Date: Wed, 06 May 2015 20:43:48 +0100
Subject: Jim Bell vindicated
In-Reply-To: <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
Message-ID: <554A6EF4.1010406@cathalgarvey.me>

trololololo

On 06/05/15 20:18, Robert Hettinga wrote:
>
>> On May 6, 2015, at 1:54 PM, Cathal (Phone) <cathalgarvey at cathalgarvey.me> wrote:
>>
>> The fact that you so easily mix up "Islamic" and "Arabic" is pretty hilarious.
>
> Islam is an Arab cult.
>
> :-)
>
> Cheers,
> RAH
>
>

-- 
Scientific Director, IndieBio Irish Programme
  Now running in Cork, Ireland May->July
  Learn more at http://eu.indie.bio and follow along!
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey




From cathalgarvey at cathalgarvey.me  Wed May  6 13:57:40 2015
From: cathalgarvey at cathalgarvey.me (Cathal Garvey)
Date: Wed, 06 May 2015 21:57:40 +0100
Subject: Jim Bell vindicated
In-Reply-To: <1488750.AbtNa1rled@lapuntu>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554A6EF4.1010406@cathalgarvey.me> <1488750.AbtNa1rled@lapuntu>
Message-ID: <554A8044.6040004@cathalgarvey.me>

Castigating random racists on the 'net is basically part of my job as a 
geneticist and biotech evangelist, right?

On 06/05/15 21:15, rysiek wrote:
> Dnia środa, 6 maja 2015 20:43:48 Cathal Garvey pisze:
>> trololololo
>>
>> (...)
>>
>> Scientific Director, IndieBio Irish Programme
>
> Well played.
>

-- 
Scientific Director, IndieBio Irish Programme
  Now running in Cork, Ireland May->July
  Learn more at http://eu.indie.bio and follow along!
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey




From rysiek at hackerspace.pl  Wed May  6 13:15:27 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 06 May 2015 22:15:27 +0200
Subject: Jim Bell vindicated
In-Reply-To: <554A6EF4.1010406@cathalgarvey.me>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554A6EF4.1010406@cathalgarvey.me>
Message-ID: <1488750.AbtNa1rled@lapuntu>

Dnia środa, 6 maja 2015 20:43:48 Cathal Garvey pisze:
> trololololo
>
> (...)
>
> Scientific Director, IndieBio Irish Programme

Well played.

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/0b2266d2/attachment.sig>

From carimachet at gmail.com  Wed May  6 14:20:26 2015
From: carimachet at gmail.com (Cari Machet)
Date: Wed, 6 May 2015 23:20:26 +0200
Subject: Jim Bell vindicated
In-Reply-To: <20150506204905.0042CC00019@frontend1.nyi.internal>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
Message-ID: <CAGRDzQXyfv2DjaY+QVkJGQnp7nQ8fgwxnzcG4H5H1voE3e=uHg@mail.gmail.com>

what i would like is for people to not equate everything with diseases

people desire religion for a reason sometimes psychological reasons and
societal cultural reasons it didnt just manifest onaccounta' because

religion taps into some ancient shit way back in the cells memory ... ritual

the torah taught people how to plant seeds and hindu and other ancient
'religions' are philosophy more than religion and they also have a whole
medical arm > ayuvedic medicine

to say society has not advanced or will not advance is super inaccurate ...
it slows it down but life advances in spite of human shit ... life isnt
just humans its a ton of stuff and people are just a part of it people cant
halt the movement of life itself in any way no matter how fucked up people
are or how powerful humans dream they are... they just are not that
powerful

On Wed, May 6, 2015 at 10:49 PM, Shelley <shelley at misanthropia.org> wrote:

> On May 6, 2015 1:31:02 PM Juan <juan.g71 at gmail.com> wrote:
>
>          A derivative of the fucking jew-christian intellectual
>>         cesspool, and started in the 700 after nonexistent 'christ'.
>>
>>
> +1,000,000
>
> All religions are cults.  The abrahamic varieties are particularly
> egregious, and their adherents spread their chosen brand of crazy like a
> virus and breed like rabbits to perpetuate the infection.  Society as a
> whole will not advance until this disease is eradicated.
>
> -S
>
>
>


-- 
Cari Machet
NYC 646-436-7795
carimachet at gmail.com
AIM carismachet
Syria +963-099 277 3243
Amman +962 077 636 9407
Berlin +49 152 11779219
Reykjavik +354 894 8650
Twitter: @carimachet <https://twitter.com/carimachet>

7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187

Ruh-roh, this is now necessary: This email is intended only for the
addressee(s) and may contain confidential information. If you are not the
intended recipient, you are hereby notified that any use of this
information, dissemination, distribution, or copying of this email without
permission is strictly prohibited.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3266 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150506/f1a098ce/attachment.txt>

From shelley at misanthropia.org  Thu May  7 02:53:44 2015
From: shelley at misanthropia.org (Shelley)
Date: Thu, 07 May 2015 02:53:44 -0700
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: <554b273f.d4e78c0a.6f22.4ba1@mx.google.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
 <554b273f.d4e78c0a.6f22.4ba1@mx.google.com>
Message-ID: <20150507095329.EEB29C00013@frontend1.nyi.internal>

On May 7, 2015 2:35:29 AM Juan <juan.g71 at gmail.com> wrote:

> On Wed, 06 May 2015 13:49:20 -0700
> Shelley <shelley at misanthropia.org> wrote:
>
> > On May 6, 2015 1:31:02 PM Juan <juan.g71 at gmail.com> wrote:
> >
> > > 	A derivative of the fucking jew-christian intellectual
> > > 	cesspool, and started in the 700 after nonexistent 'christ'.
> > >
> >
> > +1,000,000
> >
> > All religions are cults.  The abrahamic varieties are particularly
> > egregious, and their adherents spread their chosen brand of crazy
> > like a virus and breed like rabbits to perpetuate the infection.
> > Society as a whole will not advance until this disease is eradicated.
> >
>
>
> According to wikipedia there are 2400 million christians and 1600
> million muslims. I assume the figures are inflated but even if the
> real numbers are lower, we're still seriously fucked up =/
>
>
> A while back I read that 75% of americans consider the bible to be the
> 'word of god'  or 'inspired by god'.  (oh, here's the source
> http://www.gallup.com/poll/170834/three-four-bible-word-god.aspx )
>
>
> Do you Shelley (or others) think that estimate is accurate?
>

Juan: Unfortunately, I think 75% is an accurate figure.  I live in the most 
"unchurched" city in the US (we have legal recreational marijuana and voter 
approved marriage equality), and there are still a fair number of bullshit 
mega-churches and god-botherers here.

Muslims will outnumber xians at some point in the next few decades (source 
is a BBC piece I heard the other night. Sorry for no link.)  They're all 
batshit crazy, but most violent xians stick to bombing abortion clinics.  
Muslim extremists are indiscriminate in their barbarism.

So, yeah. We are fucked...

-S





From grarpamp at gmail.com  Thu May  7 00:50:02 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 7 May 2015 03:50:02 -0400
Subject: Watching the watchers: spook database
In-Reply-To: <554B105D.1000006@riseup.net>
References: <554B105D.1000006@riseup.net>
Message-ID: <CAD2Ti2_a-ztSmYmg+1ci_ihOch=ei7AzsWAeN8BX9_tTxADSSw@mail.gmail.com>

On Thu, May 7, 2015 at 3:12 AM, Bethany <groundhog593 at riseup.net> wrote:
> This is good clean fun.

They are not engaged in a clean fight against you,
so why try to bullshit them and play games with
baloney phrases like that.

> Watch: https://www.youtube.com/watch?v=xipI-0HU010
>
> Secret surveillance programs have metadata too. The same people and
> companies that operate secret surveillance programs also publish details
> about their work on the open internet.
> Transparency Toolkit has been building open source tools to collect and
> analyze this open source intelligence. This talk discusses how we can use
> these data sources and tools to build a sousveillance state that holds the
> surveillance state accountable.

See also names at: http://cryptocomb.org/

Physical and virtual doxing has been going on in the darknets
for years. Even sites for AP and other accountability services
have popped up.




From juan.g71 at gmail.com  Thu May  7 01:54:52 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 7 May 2015 05:54:52 -0300
Subject: Jim Bell vindicated
In-Reply-To: <20150506204905.0042CC00019@frontend1.nyi.internal>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
Message-ID: <554b273f.d4e78c0a.6f22.4ba1@mx.google.com>

On Wed, 06 May 2015 13:49:20 -0700
Shelley <shelley at misanthropia.org> wrote:

> On May 6, 2015 1:31:02 PM Juan <juan.g71 at gmail.com> wrote:
> 
> > 	A derivative of the fucking jew-christian intellectual
> > 	cesspool, and started in the 700 after nonexistent 'christ'.
> >
> 
> +1,000,000
> 
> All religions are cults.  The abrahamic varieties are particularly 
> egregious, and their adherents spread their chosen brand of crazy
> like a virus and breed like rabbits to perpetuate the infection.
> Society as a whole will not advance until this disease is eradicated.
> 


According to wikipedia there are 2400 million christians and 1600
million muslims. I assume the figures are inflated but even if the
real numbers are lower, we're still seriously fucked up =/


A while back I read that 75% of americans consider the bible to be the
'word of god'  or 'inspired by god'.  (oh, here's the source
http://www.gallup.com/poll/170834/three-four-bible-word-god.aspx )


Do you Shelley (or others) think that estimate is accurate? 







> -S
> 
> 




From juan.g71 at gmail.com  Thu May  7 01:59:11 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 7 May 2015 05:59:11 -0300
Subject: Jim Bell vindicated
In-Reply-To: <2170660.XXGr9GCpTf@lapuntu>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <4E6C7C15-22B1-4B5B-9F87-5DF2678C04F4@gmail.com>
 <554940e0.4aef8c0a.49a3.1e88@mx.google.com>
 <2170660.XXGr9GCpTf@lapuntu>
Message-ID: <554b286f.445c8c0a.42af.4bf0@mx.google.com>

On Wed, 06 May 2015 10:32:59 +0200
rysiek <rysiek at hackerspace.pl> wrote:


> 
> Oblig.
> http://xkcd.com/1505/
> 

Hehehe. 


> Let me comment thusly:
> https://www.youtube.com/watch?v=jcvd5JZkUXY


Nice animation although I don't think the "All creative work is
derivative" line is completely true. As a matter of fact, she shows a
lot of stuff that is in a way 'original'. Except for the jesus part
haha. 

(just in case, I'm no way defending any kind of intellectual property)

Seems to me that the "all work depends on previous work" take is
better suited to science and technology?







From shelley at misanthropia.org  Thu May  7 06:14:59 2015
From: shelley at misanthropia.org (Shelley)
Date: Thu, 07 May 2015 06:14:59 -0700
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: <CAGRDzQU3ATvhcnrjgCc9_VPL1Ub9GbheYh77uouVY7r1f7zB2w@mail.gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
 <554b273f.d4e78c0a.6f22.4ba1@mx.google.com>
 <20150507095329.EEB29C00013@frontend1.nyi.internal>
 <CAGRDzQU3ATvhcnrjgCc9_VPL1Ub9GbheYh77uouVY7r1f7zB2w@mail.gmail.com>
Message-ID: <20150507131444.8B2AC680113@frontend2.nyi.internal>

On May 7, 2015 5:23:15 AM Cari Machet <carimachet at gmail.com> wrote:

> bush and cheney rummy did not just fucking bomb abortion clinics
>
> who the fuck are you counting here?

You're absolutely right about that.  I was talking about individual 
citizens, not the institutionalized religious terrorism of nation states 
and/or their rogue, installed dictators (specifically the war criminals you 
listed, but they all have bloody hands.)

-S

you know fucking obama is a christian
> there have only been christians in that fucking wh to my knowledge and
> people flipped out when kennedy was in office because he was a catholic
> christian so i guess most are protestant >>> germanic ideology
>
> On Thu, May 7, 2015 at 11:53 AM, Shelley <shelley at misanthropia.org> wrote:
>
> > On May 7, 2015 2:35:29 AM Juan <juan.g71 at gmail.com> wrote:
> >
> >  On Wed, 06 May 2015 13:49:20 -0700
> >> Shelley <shelley at misanthropia.org> wrote:
> >>
> >> > On May 6, 2015 1:31:02 PM Juan <juan.g71 at gmail.com> wrote:
> >> >
> >> > >     A derivative of the fucking jew-christian intellectual
> >> > >     cesspool, and started in the 700 after nonexistent 'christ'.
> >> > >
> >> >
> >> > +1,000,000
> >> >
> >> > All religions are cults.  The abrahamic varieties are particularly
> >> > egregious, and their adherents spread their chosen brand of crazy
> >> > like a virus and breed like rabbits to perpetuate the infection.
> >> > Society as a whole will not advance until this disease is eradicated.
> >> >
> >>
> >>
> >> According to wikipedia there are 2400 million christians and 1600
> >> million muslims. I assume the figures are inflated but even if the
> >> real numbers are lower, we're still seriously fucked up =/
> >>
> >>
> >> A while back I read that 75% of americans consider the bible to be the
> >> 'word of god'  or 'inspired by god'.  (oh, here's the source
> >> http://www.gallup.com/poll/170834/three-four-bible-word-god.aspx )
> >>
> >>
> >> Do you Shelley (or others) think that estimate is accurate?
> >>
> >>
> > Juan: Unfortunately, I think 75% is an accurate figure.  I live in the
> > most "unchurched" city in the US (we have legal recreational marijuana and
> > voter approved marriage equality), and there are still a fair number of
> > bullshit mega-churches and god-botherers here.
> >
> > Muslims will outnumber xians at some point in the next few decades (source
> > is a BBC piece I heard the other night. Sorry for no link.)  They're all
> > batshit crazy, but most violent xians stick to bombing abortion clinics.
> > Muslim extremists are indiscriminate in their barbarism.
> >
> > So, yeah. We are fucked...
> >
> > -S
> >
> >
> >
>
>
> --
> Cari Machet
> NYC 646-436-7795
> carimachet at gmail.com
> AIM carismachet
> Syria +963-099 277 3243
> Amman +962 077 636 9407
> Berlin +49 152 11779219
> Reykjavik +354 894 8650
> Twitter: @carimachet <https://twitter.com/carimachet>
>
> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187
>
> Ruh-roh, this is now necessary: This email is intended only for the
> addressee(s) and may contain confidential information. If you are not the
> intended recipient, you are hereby notified that any use of this
> information, dissemination, distribution, or copying of this email without
> permission is strictly prohibited.





From zen at freedbms.net  Wed May  6 15:13:15 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Thu, 7 May 2015 08:13:15 +1000
Subject: Jim Bell vindicated
In-Reply-To: <3AA7BF2C-95E4-4E36-8445-37645189F382@gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <CAGRDzQVrbADEPq_gJUHF3HYgCEeRsVmKSGVoNLS8-ukYADkcHw@mail.gmail.com>
 <3AA7BF2C-95E4-4E36-8445-37645189F382@gmail.com>
Message-ID: <CAOsGNSRtAkhPd1R+bFusv9bsvEzUJTBMyB_BLtY_cVcv7O9WZQ@mail.gmail.com>

On 5/7/15, Robert Hettinga <hettinga at gmail.com> wrote:
>> On May 6, 2015, at 2:31 PM, Cari Machet <carimachet at gmail.com> wrote:
>>
>> that you think there is 'evil' is anti-arrow let alone 'arrow to
>> progress'

One definition to rule them all eh?

One man's 'evil' is another mans 'salvation'.

As a good friend provided a very suitable definition years ago which I
have shamelessly ripped and made my own:
Evil is that which opposes my living.

Now we can be sure that -my- definition is the one that -shall- rule
them all! MWAHAHAHHAAAAA.
<suitable expressions of unshakable vehemence>

> Yup. Brain-rotted anti-intellectual intellectual.
> Bless your heart. Have a nice day, darlin’.

cpunks - that rare place where I witness relatively robust individuals.

Oblig XKCD[someone on the internet was wrong]

In many (most?) other places, like say fedora, ubuntu and debian
lists, the tyranny of the majority appears to rule the day and the
Cotton Wool World is worshipped by all dum and dummer.

So thank you cpunks.
<awwwwww>
Z




From zen at freedbms.net  Wed May  6 15:21:58 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Thu, 7 May 2015 08:21:58 +1000
Subject: Jim Bell vindicated
In-Reply-To: <20150506204905.0042CC00019@frontend1.nyi.internal>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
Message-ID: <CAOsGNSTYDiTd1Wf-kWKP5q1tnnBc8b_5ko9c1kwk_2avoUOhhA@mail.gmail.com>

On 5/7/15, Shelley <shelley at misanthropia.org> wrote:
> All religions are cults.

Except mine.

But we know you knew that anyway :)




From softservant at gmail.com  Thu May  7 08:38:11 2015
From: softservant at gmail.com (Softy)
Date: Thu, 7 May 2015 08:38:11 -0700
Subject: Subject: Re: Watching the watchers: spook database
Message-ID: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>

​Specifically job hunters/HR department types.
They lack the opsec training.  And, inspite of never having had a clearance
or working in an agency (mostly), they usually learn of coverterms/project
names which managers are hiring from because even thouse with training
often slip or don't know.  Then the HR people use those terms for attention
getting of possible candidate - and everyone wants to appear "in the know"
as to be credible.



> Beschreibung:
> “Proficient in Microsoft Word and Xkeyscore” and similar phrases are
> surprisingly common on LinkedIn profiles. NSA contractors, military, and
> others involved in the surveillance state post seemingly coded and
> harmless details about their work in job listings,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1132 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150507/d97b5f82/attachment.txt>

From shelley at misanthropia.org  Thu May  7 08:53:00 2015
From: shelley at misanthropia.org (Shelley)
Date: Thu, 07 May 2015 08:53:00 -0700
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: <20150507132748.7F896228219@palinka.tinho.net>
References: <20150507132748.7F896228219@palinka.tinho.net>
Message-ID: <20150507155245.3ED65680147@frontend2.nyi.internal>

On May 7, 2015 7:12:21 AM dan at geer.org wrote:

> As usual, cpunks is descending into some sort of whirlpool of
> itchy grudges, but I think the most interesting tweet of the
> last month was this one:
>
>
>    It's ridiculous that even though US President is black, still such
>    crimes agnst US blacks continue to occur. #BlackLivesMatter
>    #FreddieGray
>
>    Khamenei.ir (@khamenei_ir) April 26, 2015
>
>
> Think about that for a minute, perhaps replacing "black" with
> "Shia" or "Han" or "obnoxious mailing list trolls" and, well...
>
>
> --dan
>

Don't they still imprison (or worse) LGBT folk & dissidents there?  One 
tweet does not an ayatollah redeem.

If you set aside the Crusades et al, and his own dubious, questionable past 
in Argentina, I quite like pope Francis.  I love that he sneaks out at 
night to feed the homeless and eschews the material excess that exists at 
the Vatican.

It doesn't excuse the scourge and shame of his religion telling people in 
the developing world that god says they're not allowed to use condoms, and 
that they don't protect one from acquiring HIV.  To his credit, Francis is 
telling the bible-beaters to back off on the focus of such issues, but the 
tenets remain.

-an obnoxious mailing list troll.





From groundhog593 at riseup.net  Thu May  7 00:12:29 2015
From: groundhog593 at riseup.net (Bethany)
Date: Thu, 07 May 2015 09:12:29 +0200
Subject: Watching the watchers: spook database
Message-ID: <554B105D.1000006@riseup.net>

This is good clean fun.

Watch: https://www.youtube.com/watch?v=xipI-0HU010

Kurzthese:
Secret surveillance programs have metadata too. The same people and
companies that operate secret surveillance programs also publish details
about their work on the open internet. We can use this data to watch the
watchers.

Beschreibung:
“Proficient in Microsoft Word and Xkeyscore” and similar phrases are
surprisingly common on LinkedIn profiles. NSA contractors, military, and
others involved in the surveillance state post seemingly coded and
harmless details about their work in job listings, social media, and
other open websites. But this information provides useful metadata that
can be used to understand the function of secret programs and map the
surveillance state.

Transparency Toolkit has been building open source tools to collect and
analyze this open source intelligence. This talk discusses how we can
use these data sources and tools to build a sousveillance state that
holds the surveillance state accountable.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1483 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150507/8f674438/attachment.txt>

From jya at pipeline.com  Thu May  7 06:16:31 2015
From: jya at pipeline.com (John Young)
Date: Thu, 07 May 2015 09:16:31 -0400
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: <CAGRDzQU3ATvhcnrjgCc9_VPL1Ub9GbheYh77uouVY7r1f7zB2w@mail.g
 mail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com>
 <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
 <554b273f.d4e78c0a.6f22.4ba1@mx.google.com>
 <20150507095329.EEB29C00013@frontend1.nyi.internal>
 <CAGRDzQU3ATvhcnrjgCc9_VPL1Ub9GbheYh77uouVY7r1f7zB2w@mail.gmail.com>
Message-ID: <E1YqLda-0005IA-NU@elasmtp-mealy.atl.sa.earthlink.net>

US armed forces (like other nations) have copious religions represented
in uniform to bless crusades, vendettas, suppressions, mass murders,
technical savagery, genocide by strategic bombing of civilians (Saudi
Arabia relishing that in Yemen), exculpation of policy setters and enforcers
and salve those who die, are savaged and family-death-benefited serving
nations of holiers than thou. The current US giant pie of all-religions
demon-fighters memoralized on patriotic headstones and dog-tags:

http://prhome.defense.gov/RFM/MPP/AFCB/Endorsements.aspx

If your cybersecurity faith is not listed, engage a faith-based lobbyist
like EFF, ACLU, The Intercept, WikiLeaks.

Not hard to believe all wars are narrow-minded religious wars, the
more pea-brained, vicious and deadly the greater the faith in terrifying
people into submission or by Your God or Godless teaching the
resisters and atheists to RTFM and believe it.

Manual burners, body immolators, head loppers, come on, those
are the long-time recruiters.

Nice thing about the AP manual is how ancient and modern it is,
in law banking weapons strategy temples games. Not hard to
believe the Internet is an EM, electricity wasting manual for AP
adherents, following Gutenberg's WMD of pulp and carbon.





From dan at geer.org  Thu May  7 06:27:48 2015
From: dan at geer.org (dan at geer.org)
Date: Thu, 07 May 2015 09:27:48 -0400
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: Your message of "Thu, 07 May 2015 14:22:52 +0200."
 <CAGRDzQU3ATvhcnrjgCc9_VPL1Ub9GbheYh77uouVY7r1f7zB2w@mail.gmail.com>
Message-ID: <20150507132748.7F896228219@palinka.tinho.net>

As usual, cpunks is descending into some sort of whirlpool of
itchy grudges, but I think the most interesting tweet of the
last month was this one:


   It's ridiculous that even though US President is black, still such
   crimes agnst US blacks continue to occur. #BlackLivesMatter
   #FreddieGray
   
   Khamenei.ir (@khamenei_ir) April 26, 2015


Think about that for a minute, perhaps replacing "black" with
"Shia" or "Han" or "obnoxious mailing list trolls" and, well...


--dan




From hettinga at gmail.com  Thu May  7 06:44:57 2015
From: hettinga at gmail.com (Robert Hettinga)
Date: Thu, 7 May 2015 09:44:57 -0400
Subject: Appeals Court Rules NSA Phone Program Not Authorized by Patriot Act -
 WSJ
Message-ID: <21C0A3ED-6BE1-4102-AE13-954FFF3CC991@gmail.com>


> http://www.wsj.com/articles/appeals-court-rules-nsa-phone-program-not-authorized-by-patriot-act-1431005482?mod=djemalertNEWS <http://www.wsj.com/articles/appeals-court-rules-nsa-phone-program-not-authorized-by-patriot-act-1431005482?mod=djemalertNEWS>
> 
> Appeals Court Rules NSA Phone Program Not Authorized by Patriot Act
> 
>  ENLARGE
> A sign stands outside the National Security Agency campus in Fort Meade, Md. Photo: PATRICK SEMANSKY/ASSOCIATED PRESS
> 
> By
> Devlin Barrett
> May 7, 2015 9:31 a.m. ET
> A federal appeals court ruled Thursday the National Security Agency’s controversial collection of millions of Americans’ phone records isn't authorized by the Patriot Act <http://blogs.wsj.com/washwire/2015/04/22/mitch-mcconnell-readies-bill-to-reauthorize-controversial-nsa-program/>, as the Bush and Obama administrations have long maintained.
> 
> The ruling by the three-judge panel in New York comes at a delicate point in the national debate over government surveillance, as Section 215 of the Patriot Act is due to expire next month and lawmakers are haggling about whether to renew it, modify it, or let it die.
> 
> The court’s ruling came in a lawsuit by the American Civil Liberties Union arguing the data collection should be stopped because it violates Americans’ privacy rights. A lower court judge ruled the program was constitutional, and the civil liberties group appealed, leading to Thursday’s decision.
> 
> “The text of (Section 215) cannot bear the weight the government asks us to assign to it, and...does not authorize the telephone metadata program,’’ the court wrote.
> 
> The court declined to address the issue of whether the program violates Americans’ rights, because, they found, it was never properly authorized by existing law.
> 
> The judges didn't order the collection to stop, noting that the legislative debate and the looming expiration of Section 215 will force action on the issue one way or another.
> 
> The judges also note that if Congress decides to approve some version of the phone data collection program in coming days, then the privacy issue could be revisited in court.
> 
> The panel sent the case back to the lower court judge for further review based on the appeals court findings.
> 
> Write to Devlin Barrett at devlin.barrett at wsj.com <mailto:devlin.barrett at wsj.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6136 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150507/7a93052b/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BN-IH452_NSA050_P_20150507093238.jpeg
Type: image/jpeg
Size: 31992 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150507/7a93052b/attachment.jpeg>

From jya at pipeline.com  Thu May  7 07:50:37 2015
From: jya at pipeline.com (John Young)
Date: Thu, 07 May 2015 10:50:37 -0400
Subject: Appeals Court Rules NSA Phone Program Not Authorized by
 Patriot Act - WSJ
In-Reply-To: <21C0A3ED-6BE1-4102-AE13-954FFF3CC991@gmail.com>
References: <21C0A3ED-6BE1-4102-AE13-954FFF3CC991@gmail.com>
Message-ID: <E1YqN76-0006KL-Gc@elasmtp-banded.atl.sa.earthlink.net>

The decision and three opinions

Decision:
http://cryptome.org/2015/05/aclu-v-clapper-170.pdf

Judges Lynch and Broderick:
http://cryptome.org/2015/05/aclu-v-clapper-169.pdf

Judge Sack:
http://cryptome.org/2015/05/aclu-v-clapper-168.pdf

Sack opines it's not about Snowden.





From jya at pipeline.com  Thu May  7 07:53:48 2015
From: jya at pipeline.com (John Young)
Date: Thu, 07 May 2015 10:53:48 -0400
Subject: Appeals Court Rules NSA Phone Program Not Authorized by
 Patriot Act - WSJ
Message-ID: <E1YqNBI-0008Fw-48@elasmtp-banded.atl.sa.earthlink.net>

Correction:

The decision and three opinions

Decision:
http://cryptome.org/2015/05/aclu-v-clapper-170.pdf

Judge Sack:
http://cryptome.org/2015/05/aclu-v-clapper-169.pdf

Judges Lynch and Broderick:
http://cryptome.org/2015/05/aclu-v-clapper-168.pdf

Sack opines it's not about Snowden.





From s at ctrlc.hu  Thu May  7 02:08:30 2015
From: s at ctrlc.hu (stef)
Date: Thu, 7 May 2015 11:08:30 +0200
Subject: Watching the watchers: spook database
In-Reply-To: <554B105D.1000006@riseup.net>
References: <554B105D.1000006@riseup.net>
Message-ID: <20150507090830.GD7148@ctrlc.hu>

On Thu, May 07, 2015 at 09:12:29AM +0200, Bethany wrote:
> This is good clean fun.

except it is not clean. it is a honeypot, even if unintentionally (aka
plausibly deniably), let me quote twitter: 

> "watching the watchers" https://icwatch.transparencytoolkit.org/ going over
> cloudflare, so the watched watchers can watch the watching watchers

but the data is indeed cool, get it from github directly, it's a bit biggish
though.

-- 
otr fp: https://www.ctrlc.hu/~stef/otr.txt




From carimachet at gmail.com  Thu May  7 05:22:52 2015
From: carimachet at gmail.com (Cari Machet)
Date: Thu, 7 May 2015 14:22:52 +0200
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: <20150507095329.EEB29C00013@frontend1.nyi.internal>
References: <op.xx5awby4bgbjo9@work-pc.lan>
 <E1YpwqH-0002sg-Ak@elasmtp-banded.atl.sa.earthlink.net>
 <C4151E66-A3AB-450B-88EA-A3F51E2F5084@gmail.com> <3828630.GhPtQj6AOs@lapuntu>
 <20F24EA9-A5F4-43F4-B230-A5162012EC85@gmail.com>
 <F4F65129-648F-41F7-BC01-4E29FB82DF52@cathalgarvey.me>
 <D8500CE5-EF1A-414B-B6E7-05255E490E2D@gmail.com>
 <554a6e44.4937370a.68be.ffffa52c@mx.google.com>
 <20150506204905.0042CC00019@frontend1.nyi.internal>
 <554b273f.d4e78c0a.6f22.4ba1@mx.google.com>
 <20150507095329.EEB29C00013@frontend1.nyi.internal>
Message-ID: <CAGRDzQU3ATvhcnrjgCc9_VPL1Ub9GbheYh77uouVY7r1f7zB2w@mail.gmail.com>

bush and cheney rummy did not just fucking bomb abortion clinics

who the fuck are you counting here? you know fucking obama is a christian
there have only been christians in that fucking wh to my knowledge and
people flipped out when kennedy was in office because he was a catholic
christian so i guess most are protestant >>> germanic ideology

On Thu, May 7, 2015 at 11:53 AM, Shelley <shelley at misanthropia.org> wrote:

> On May 7, 2015 2:35:29 AM Juan <juan.g71 at gmail.com> wrote:
>
>  On Wed, 06 May 2015 13:49:20 -0700
>> Shelley <shelley at misanthropia.org> wrote:
>>
>> > On May 6, 2015 1:31:02 PM Juan <juan.g71 at gmail.com> wrote:
>> >
>> > >     A derivative of the fucking jew-christian intellectual
>> > >     cesspool, and started in the 700 after nonexistent 'christ'.
>> > >
>> >
>> > +1,000,000
>> >
>> > All religions are cults.  The abrahamic varieties are particularly
>> > egregious, and their adherents spread their chosen brand of crazy
>> > like a virus and breed like rabbits to perpetuate the infection.
>> > Society as a whole will not advance until this disease is eradicated.
>> >
>>
>>
>> According to wikipedia there are 2400 million christians and 1600
>> million muslims. I assume the figures are inflated but even if the
>> real numbers are lower, we're still seriously fucked up =/
>>
>>
>> A while back I read that 75% of americans consider the bible to be the
>> 'word of god'  or 'inspired by god'.  (oh, here's the source
>> http://www.gallup.com/poll/170834/three-four-bible-word-god.aspx )
>>
>>
>> Do you Shelley (or others) think that estimate is accurate?
>>
>>
> Juan: Unfortunately, I think 75% is an accurate figure.  I live in the
> most "unchurched" city in the US (we have legal recreational marijuana and
> voter approved marriage equality), and there are still a fair number of
> bullshit mega-churches and god-botherers here.
>
> Muslims will outnumber xians at some point in the next few decades (source
> is a BBC piece I heard the other night. Sorry for no link.)  They're all
> batshit crazy, but most violent xians stick to bombing abortion clinics.
> Muslim extremists are indiscriminate in their barbarism.
>
> So, yeah. We are fucked...
>
> -S
>
>
>


-- 
Cari Machet
NYC 646-436-7795
carimachet at gmail.com
AIM carismachet
Syria +963-099 277 3243
Amman +962 077 636 9407
Berlin +49 152 11779219
Reykjavik +354 894 8650
Twitter: @carimachet <https://twitter.com/carimachet>

7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187

Ruh-roh, this is now necessary: This email is intended only for the
addressee(s) and may contain confidential information. If you are not the
intended recipient, you are hereby notified that any use of this
information, dissemination, distribution, or copying of this email without
permission is strictly prohibited.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4282 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150507/fc0877b2/attachment.txt>

From dans at openmailbox.org  Thu May  7 11:42:24 2015
From: dans at openmailbox.org (dans at openmailbox.org)
Date: Thu, 07 May 2015 18:42:24 +0000
Subject: Appeals Court Rules NSA Phone Program Not Authorized by Patriot
 Act - wsj
In-Reply-To: <mailman.1.1431014401.4719.cypherpunks@cpunks.org>
References: <mailman.1.1431014401.4719.cypherpunks@cpunks.org>
Message-ID: <867be262694d0682bc3f35deabfb0fb6@openmailbox.org>

Good news I guess, a small victory.

However I think that is just a simbolic victory, useful only to make 
more people to become aware about surveillance. With the new 
technologies and with all the infrastucture already done record and 
collect the metadata of the phones is too easy, too cheap, too tempting 
to don't do it. And NSA will continuous doing it.

In the other hand I can understand that the civil libertys groups of US 
take care of US citizens, but can any american take care of the people 
of other countrys? We can't legally apeal to any court of US, and we are 
under US goverment's surveillance too.




From jdb10987 at yahoo.com  Thu May  7 19:42:06 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Fri, 8 May 2015 02:42:06 +0000 (UTC)
Subject: Appeals Court Rules NSA Phone Program Not Authorized by Patriot
 Act - wsj
In-Reply-To: <867be262694d0682bc3f35deabfb0fb6@openmailbox.org>
References: <867be262694d0682bc3f35deabfb0fb6@openmailbox.org>
Message-ID: <348806946.3025139.1431052926777.JavaMail.yahoo@mail.yahoo.com>

  From: "dans at openmailbox.org" <dans at openmailbox.org>
>Good news I guess, a small victory.
>However I think that is just a simbolic victory, useful only to make 
>more people to become aware about surveillance. With the new 
>technologies and with all the infrastucture already done record and 
>collect the metadata of the phones is too easy, too cheap, too tempting 
>to don't do it. And NSA will continuous doing it.

The following is a quote from this decision, referencing a case (Smith v. Maryland) where the Supreme Court upheld the installation of a 'pen register' (a device for recording the numbers which a telephone line calls) on a small number of phone lines.  Correctly, this appeals court rejects the application of the Smith case.  Going from tapping the metadata of perhaps 4-5 lines to that of 100 million lines was too much of a stretch.  Further, the justification in Smith was based in part on the idea that a telephone customer voluntarily gave a phone number to his phone company to complete the call he wanted.A major problem with such a justification today is that while in 1978 (or so) it was necessary to collect and store the 'called-party' number for billing purposes, in 2015 we no longer bill by the mile (as was done by Long Distance accounts in the 1970's and 1980's) or in most cases even the duration of the call.  There is, therefore, no reason for the phone company to even collect the information other than to complete the call, and to keep it only until the time the call ends.  So, trying to use the fact that the customer gives this information to the TPC ("The Phone Company") has become quite tenuous and unnjustifiable.   I recommend to all the 1967 movie, "The President's Analyst", which can be seen to be wonderfully prescient.  True, they cannot (yet) implant telephones in our bodies, but the main limitation on how small those phones can get is maintaining our ability to interact with them, until they become too small for fingers to control.        Jim Bell

quote follows:
"The Supreme Court has also long held, however, that individuals have no“legitimate expectation of privacy in information [they] voluntarily turn[] over tothird parties.”  Smith v. Maryland, 442 U.S. 735, 743‐44 (1979); see, e.g., Californiav. Greenwood, 486 U.S. 35 (1988) (no objectively reasonable expectation ofprivacy in garbage exposed to the public by being placed on a sidewalk); UnitedStates v. Miller, 425 U.S. 435 (1976) (no legitimate expectation of privacy in bankrecords).  In Smith v. Maryland, the Court applied that doctrine to uphold theconstitutionality of installing a pen register at a telephone company’s office thatrecorded the numbers dialed from a criminal suspect’s home telephone.  442 U.S.at 737, 745‐46.  The Court held that the installation of the pen register was not a84Case 14-42, Document 168-1, 05/07/2015, 1503586, Page84 of 97 Case 14-42, Document 170, 05/07/2015, 1503607, Page84 of 97search for Fourth Amendment purposes because, by placing calls, individualsexpose the telephone numbers they dial to the telephone company and therefore“assume[] the risk that the company [may] reveal to police thenumbers . . . dialed.”  Id. at 744.  Similarly, it has long been commonplace forgrand juries to subpoena an individual’s telephone records from the individual’stelephone service provider, in the absence of probable cause or a warrant issuedby a judge.  The acquisition of such records, it has been held, implicates nolegitimate privacy interest of the subscriber, because the records are not his orhers alone.  See, e.g., id. at 742‐44; Miller, 425 U.S. at 443; Couch v. United States,409 U.S. 322, 334‐36 (1973).  The subscriber cannot reasonably believe that therecords are private, because he or she has voluntarily exposed the informationcontained in them to the telephone company, which uses them for its ownbusiness purpose of billing the subscriber.The government argues, and the district court held, that this doctrinerequires rejection of appellants’ claim that the acquisition of telephone metadata(as opposed to the contents of communications) violates the Fourth Amendment,or even implicates its protections at all.  Appellants respond that modern85Case 14-42, Document 168-1, 05/07/2015, 1503586, Page85 of 97 Case 14-42, Document 170, 05/07/2015, 1503607, Page85 of 97technology requires revisitation of the underpinnings of the third‐party recordsdoctrine as applied to telephone metadata.Appellants’ argument invokes one of the most difficult issues in FourthAmendment jurisprudence: the extent to which modern technology alters ourtraditional expectations of privacy.  On the one hand, the very notion of anindividual’s expectation of privacy, considered in Katz a key component of therights protected by the Fourth Amendment, may seem quaint in a world in whichtechnology makes it possible for individuals and businesses (to say nothing of thegovernment) to observe acts of individuals once regarded as protected frompublic view.  On the other hand, rules that permit the government to obtainrecords and other information that consumers have shared with businesseswithout a warrant seem much more threatening as the extent of such informationgrows."


   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6864 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150508/fece7e71/attachment.txt>

From Rayzer at riseup.net  Fri May  8 09:10:01 2015
From: Rayzer at riseup.net (Razer)
Date: Fri, 08 May 2015 09:10:01 -0700
Subject: Watching the watchers: spook database
In-Reply-To: <20150508145032.GA2543@sivokote.iziade.m$>
References: <554B105D.1000006@riseup.net> <20150507090830.GD7148@ctrlc.hu>
 <20150508145032.GA2543@sivokote.iziade.m$>
Message-ID: <554CDFD9.9080300@riseup.net>

>
>   We're sorry, but something went wrong.
>
> If you are the application owner check the logs for more information.
>



On 05/08/2015 07:50 AM, Georgi Guninski wrote:
> On Thu, May 07, 2015 at 11:08:30AM +0200, stef wrote:
>> plausibly deniably), let me quote twitter: 
>>
>>> "watching the watchers" https://icwatch.transparencytoolkit.org/ going over
>>> cloudflare, so the watched watchers can watch the watching watchers
> Conspiracy theories scale exponentially, even if true ;)
>
> [0] Who watches sheeple?
> [1] Who watches [0]
> ...
> [n] Who watches [n-1]?
>
> A real world implementation of the above is unbounded
> recursion and will terminate due to lack of resources.
>
>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150508/4e5b451b/attachment.sig>

From zen at freedbms.net  Thu May  7 18:27:02 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Fri, 8 May 2015 11:27:02 +1000
Subject: Appeals Court Rules NSA Phone Program Not Authorized by Patriot
 Act - wsj
In-Reply-To: <867be262694d0682bc3f35deabfb0fb6@openmailbox.org>
References: <mailman.1.1431014401.4719.cypherpunks@cpunks.org>
 <867be262694d0682bc3f35deabfb0fb6@openmailbox.org>
Message-ID: <CAOsGNSRPpmciZDWLk8iZY4X4DV2b5nvJ2E80Y1kBEMzTvbt_qA@mail.gmail.com>

On 5/8/15, dans at openmailbox.org <dans at openmailbox.org> wrote:
> Good news I guess, a small victory.
>
> However I think that is just a simbolic victory, useful only to make
> more people to become aware about surveillance. With the new
> technologies and with all the infrastucture already done record and
> collect the metadata of the phones is too easy, too cheap, too tempting
> to don't do it. And NSA will continuous doing it.
>
> In the other hand I can understand that the civil libertys groups of US
> take care of US citizens, but can any american take care of the people
> of other countrys? We can't legally apeal to any court of US, and we are
> under US goverment's surveillance too.

Do you mean "we as in individuals, can't appeal to a USA court to
protect the liberty of an individual who is not a USA citizen and not
physically in the USA"?

Let's get clear on the assumptions and challenge them lest
assumptions, apathy and a desire for others do your work for you
("someone's -really- gotta fix 'my chosen problem'") get's a hold of
your go button and won't let go :)

An individual can make a claim to a court, if they have standing in that court.

Simplistically this means a USA citizen can make a claim (begin a
case) in a USA court (things like age limits etc come into play of
course).

But there's no point making a claim (e.g. for injunction or for
damages) unless the authority (eg a court) that you appeal to has
authority over your target.

Authority in this case also means that your chosen court has authority
in the jurisdiction of your claim; that is, you must make your claim
in respect of the appropriate law(s) for the court you have chosen -
e.g. a lowly Magistrates' Court generally can not (or at least, will
not) make rulings in respect of the constitution, nor of common law.

I don't know about any individual trying to take care of the "liberty
of the people of other countries" but an individual USA citizen may be
able to make a claim against a USA citizen or some part or member of
the USA government in respect of (your "alleged") illegal "foreign"
activities.

An individual backed by 100 other individuals in a class action may
experience greater success.

Every problem has a solution, but just may require thinking outside the box.

IANAL, IANA USA citizen, IANA USA resident.




From griffin at cryptolab.net  Fri May  8 09:25:25 2015
From: griffin at cryptolab.net (Griffin Boyce)
Date: Fri, 08 May 2015 12:25:25 -0400
Subject: Subject: Re: Watching the watchers: spook database
In-Reply-To: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>
References: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>
Message-ID: <342752727e6c82883499c477011305fe@cryptolab.net>

   You'd be surprised how many of these people are open about having a 
TS/SCI +poly clearance.  While the people who wrote the backend for 
Pinwale might not be open about it on LinkedIn, people who use Pinwale 
in their jobs might be.  A good (unanswered) question might be just how 
many people who've worked for Booz Allen Hamilton (as listed on LI) 
*don't* use classified keywords compared to the number that do.

   People tend to think that LinkedIn is a safe environment to be open 
about their past work.  Which is obviously bullshit, and I'd posit that 
it's actually worse than Facebook because your information is shared 
with the general public.  Even with higher privacy settings enabled, 
anyone with a paid Recruiter account can see everything.

~Griffin


Softy wrote:
> ​Specifically job hunters/HR department types.
> 
> They lack the opsec training.  And, inspite of never having had a
> clearance or working in an agency (mostly), they usually learn of
> coverterms/project names which managers are hiring from because even
> thouse with training often slip or don't know.  Then the HR people use
> those terms for attention getting of possible candidate - and everyone
> wants to appear "in the know" as to be credible.
> 
>> Beschreibung:
>> “Proficient in Microsoft Word and Xkeyscore” and similar
>> phrases are
>> surprisingly common on LinkedIn profiles. NSA contractors,
>> military, and
>> others involved in the surveillance state post seemingly coded and
>> harmless details about their work in job listings,




From softservant at gmail.com  Fri May  8 17:13:09 2015
From: softservant at gmail.com (Softy)
Date: Fri, 8 May 2015 17:13:09 -0700
Subject: Subject: Re: Watching the watchers: spook database
In-Reply-To: <342752727e6c82883499c477011305fe@cryptolab.net>
References: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>
 <342752727e6c82883499c477011305fe@cryptolab.net>
Message-ID: <CAGkjMSP8w4mjKVVoSf78GLPR_+YsRcNw0MmeU=KDPQam9kdAjQ@mail.gmail.com>

​Indeed.  try removing your resume once you've made the mistake of
uploading it!  Maybe if I went paid account route I might be able to, but
... somehow ... doubt it.
​


> shared with the general public.  Even with higher privacy settings
> enabled, anyone with a paid Recruiter account can see everything.
>
>

-
​daniel

​
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 820 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150508/b6303a7c/attachment.txt>

From guninski at guninski.com  Fri May  8 07:50:32 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 8 May 2015 17:50:32 +0300
Subject: Watching the watchers: spook database
In-Reply-To: <20150507090830.GD7148@ctrlc.hu>
References: <554B105D.1000006@riseup.net>
 <20150507090830.GD7148@ctrlc.hu>
Message-ID: <20150508145032.GA2543@sivokote.iziade.m$>

On Thu, May 07, 2015 at 11:08:30AM +0200, stef wrote:
> plausibly deniably), let me quote twitter: 
> 
> > "watching the watchers" https://icwatch.transparencytoolkit.org/ going over
> > cloudflare, so the watched watchers can watch the watching watchers
>

Conspiracy theories scale exponentially, even if true ;)

[0] Who watches sheeple?
[1] Who watches [0]
...
[n] Who watches [n-1]?

A real world implementation of the above is unbounded
recursion and will terminate due to lack of resources.




From coderman at gmail.com  Fri May  8 18:59:09 2015
From: coderman at gmail.com (coderman)
Date: Fri, 8 May 2015 18:59:09 -0700
Subject: Subject: Re: Watching the watchers: spook database
In-Reply-To: <342752727e6c82883499c477011305fe@cryptolab.net>
References: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>
 <342752727e6c82883499c477011305fe@cryptolab.net>
Message-ID: <CAJVRA1TE7x1mpb-+iRRL3kYDOZu0S=43K1-=K=zapxprcwN=pQ@mail.gmail.com>

On 5/8/15, Griffin Boyce <griffin at cryptolab.net> wrote:
>    ...  A good (unanswered) question might be just how
> many people who've worked for Booz Allen Hamilton (as listed on LI)
> *don't* use classified keywords compared to the number that do.

now you're looking for the "absence" of information - a hole where
there should be at least something.

this is absolutely the more interesting question!

:P




From kurt.buff at gmail.com  Fri May  8 22:43:53 2015
From: kurt.buff at gmail.com (Kurt Buff)
Date: Fri, 8 May 2015 22:43:53 -0700
Subject: Watching the watchers: spook database
In-Reply-To: <20150508145032.GA2543@sivokote.iziade.m$>
References: <554B105D.1000006@riseup.net> <20150507090830.GD7148@ctrlc.hu>
 <20150508145032.GA2543@sivokote.iziade.m$>
Message-ID: <CADy1Ce7bciNP+C2GV+FFX89jbWwSYnQ-Ss2KQ+iELd0YfGGGHQ@mail.gmail.com>

On Fri, May 8, 2015 at 7:50 AM, Georgi Guninski <guninski at guninski.com> wrote:
> On Thu, May 07, 2015 at 11:08:30AM +0200, stef wrote:
>> plausibly deniably), let me quote twitter:
>>
>> > "watching the watchers" https://icwatch.transparencytoolkit.org/ going over
>> > cloudflare, so the watched watchers can watch the watching watchers
>>
>
> Conspiracy theories scale exponentially, even if true ;)
>
> [0] Who watches sheeple?
> [1] Who watches [0]
> ...
> [n] Who watches [n-1]?
>
> A real world implementation of the above is unbounded
> recursion and will terminate due to lack of resources.

Not if everyone is a watcher.

Kurt




From guninski at guninski.com  Sat May  9 05:20:02 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Sat, 9 May 2015 15:20:02 +0300
Subject: Watching the watchers: spook database
In-Reply-To: <CADy1Ce7bciNP+C2GV+FFX89jbWwSYnQ-Ss2KQ+iELd0YfGGGHQ@mail.gmail.com>
References: <554B105D.1000006@riseup.net> <20150507090830.GD7148@ctrlc.hu>
 <20150508145032.GA2543@sivokote.iziade.m$>
 <CADy1Ce7bciNP+C2GV+FFX89jbWwSYnQ-Ss2KQ+iELd0YfGGGHQ@mail.gmail.com>
Message-ID: <20150509122002.GA2520@sivokote.iziade.m$>

On Fri, May 08, 2015 at 10:43:53PM -0700, Kurt Buff wrote:
> On Fri, May 8, 2015 at 7:50 AM, Georgi Guninski <guninski at guninski.com> wrote:
> > On Thu, May 07, 2015 at 11:08:30AM +0200, stef wrote:
> >> plausibly deniably), let me quote twitter:
> >>
> >> > "watching the watchers" https://icwatch.transparencytoolkit.org/ going over
> >> > cloudflare, so the watched watchers can watch the watching watchers
> >>
> >
> > Conspiracy theories scale exponentially, even if true ;)
> >
> > [0] Who watches sheeple?
> > [1] Who watches [0]
> > ...
> > [n] Who watches [n-1]?
> >
> > A real world implementation of the above is unbounded
> > recursion and will terminate due to lack of resources.
> 
> Not if everyone is a watcher.
> 
> Kurt

You mean everyone watches everyone?

Strange game this is and technically illiterate
people might be dependent on others.

If everyone watches proper subset of the others,
my argument appears to apply.

On second thought since $n$ appears bounded, the recursion
appears bounded too.





From griffin at cryptolab.net  Sun May 10 15:09:45 2015
From: griffin at cryptolab.net (Griffin Boyce)
Date: Sun, 10 May 2015 18:09:45 -0400
Subject: Subject: Re: Watching the watchers: spook database
In-Reply-To: <1431294538.4165258.265180285.35800F2F@webmail.messagingengine.com>
References: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>
 <342752727e6c82883499c477011305fe@cryptolab.net>
 <1431294538.4165258.265180285.35800F2F@webmail.messagingengine.com>
Message-ID: <4c07cd8ed8c71e0903bf4ae30baa6f7f@cryptolab.net>

Alfie John wrote:
> On Sat, May 9, 2015, at 02:25 AM, Griffin Boyce wrote:
>> about their past work.  Which is obviously bullshit, and I'd posit
>> that it's actually worse than Facebook because your information is
>> shared with the general public.  Even with higher privacy settings
>> enabled, anyone with a paid Recruiter account can see everything.
> 
> This comment will probably be the impetus for someone on this list to
> start a "clearance-only" LinkedIn clone.

   That already exists (clearancejobs.com and others). There are actually 
tons of ads all over DC for these services, most notably the "Life of a 
Secret Squirrel" series.  Really: 
https://www.flickr.com/photos/clearancejobs/8634488049/in/photostream/

   DC is a weird place sometimes.

best,
Griffin

-- 
“Sometimes the questions are complicated and the answers are simple.”
― Dr. Seuss




From coderman at gmail.com  Sun May 10 22:13:55 2015
From: coderman at gmail.com (coderman)
Date: Sun, 10 May 2015 22:13:55 -0700
Subject: FOIPA adventures
In-Reply-To: <CAJVRA1RwoyoRs-REWnhGd8cHZM6EJvcziTUDXbU5A6TMigOT6A@mail.gmail.com>
References: <CAJVRA1SaJpNaPQx=s_7VVM==ony2sH0aUG3w11cjNX6escSm8w@mail.gmail.com>
 <CAJVRA1TUfu40206TOzK2kBsgCvbgBYYXmyKZ3E5n4KQuoEtZyg@mail.gmail.com>
 <CAJVRA1QtgMky_hsDLsmFwiXcxE528bZaDOQsjTqqj4tR-dbGBQ@mail.gmail.com>
 <CAJVRA1RwoyoRs-REWnhGd8cHZM6EJvcziTUDXbU5A6TMigOT6A@mail.gmail.com>
Message-ID: <CAJVRA1Rwaq1fvE8p-s1JwOANvMc7X2E75bx5eNd4KGJapt6Nuw@mail.gmail.com>

On 4/9/15, coderman <coderman at gmail.com> wrote:
> ...
> coordinating DoJ-361 through MuckRock.com this time, ...

MuckRock doesn't usually handle individual requests (PA w/ DoJ-361).
pursuing alternate tracks...

one of the completed FOIAs generated bemused nostalgia,
  https://www.muckrock.com/news/archives/2015/may/06/def-cons-spot-fed-contest-sore-spot-feds/




From alfiej at fastmail.fm  Sun May 10 14:48:58 2015
From: alfiej at fastmail.fm (Alfie John)
Date: Mon, 11 May 2015 07:48:58 +1000
Subject: Subject: Re: Watching the watchers: spook database
In-Reply-To: <342752727e6c82883499c477011305fe@cryptolab.net>
References: <CAGkjMSM_A3Wm5w6DVjF8tk3pAXFsGJFftwiGtxxHbDfs0SCtjw@mail.gmail.com>
 <342752727e6c82883499c477011305fe@cryptolab.net>
Message-ID: <1431294538.4165258.265180285.35800F2F@webmail.messagingengine.com>

On Sat, May 9, 2015, at 02:25 AM, Griffin Boyce wrote:
> about their past work.  Which is obviously bullshit, and I'd posit
> that it's actually worse than Facebook because your information is
> shared with the general public.  Even with higher privacy settings
> enabled, anyone with a paid Recruiter account can see everything.

This comment will probably be the impetus for someone on this list to
start a "clearance-only" LinkedIn clone.

Alfie

-- 
  Alfie John
  alfiej at fastmail.fm




From softservant at gmail.com  Mon May 11 10:36:09 2015
From: softservant at gmail.com (Softy)
Date: Mon, 11 May 2015 10:36:09 -0700
Subject: FOIPA adventures
Message-ID: <CAGkjMSP4+0jx6ggq99C2PN0P4DUMGR+qHJb=R7mvFVbaoA140w@mail.gmail.com>

"- Sell our culture"
"- autonomy"

haha, that's a good one.  Only a job recruiter could smile while spouting
nonsense like that.

-daniel


   That already exists (clearancejobs.com and others). There are actually
> tons of ads all over DC for these services, most notably the "Life of a
> Secret Squirrel" series.  Really:
> https://www.flickr.com/photos/clearancejobs/8634488049/in/photostream/
>
>    DC is a weird place sometimes.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1324 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150511/2997b532/attachment.txt>

From l at odewijk.nl  Mon May 11 07:45:03 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 11 May 2015 23:45:03 +0900
Subject: we are fucked [was: Jim Bell vindicated]
In-Reply-To: <9360321.BMgTbdypjD@lapuntu>
References: <20150507132748.7F896228219@palinka.tinho.net>
 <20150507155245.3ED65680147@frontend2.nyi.internal>
 <9360321.BMgTbdypjD@lapuntu>
Message-ID: <CAHWD2rJSpOkZgeqa+PrP0mtWf7wUg11A7G-1A12XTjuX+eCWFw@mail.gmail.com>

Guys, chill.

Most religious people are only mildly so, adhering only in the vaguest
sense to their religions. If they do not adhere to religion their ideas are
about as inaccurate and dangerous, but they are less synchronized.

Many people utilize faith for productivity or resolution to the existential
crisis. Without their faith they would be worse people.

I think it would be better to write a bible-for-atheists, with guidance for
living in the modern world. This new scripture should motivate critical
thinking, max(independence + transparancy), productivity (meaning,
advancement of the race or a derivative race/structure) and satisfaction.
Some understanding of the implications of evolutionary effects (selection,
and how it reflects on the currently existing), mathematics, and the nature
of energy and the universe (including entropy) must be included for a
complete and worthwhile picture. Spirituality must be explained as a
function of the brain, mythical events through statistics and human
capacity ("No gods but man").

Simply because we're crazed monkeys and desperately require (very)
approximate models in order to function. And simply because our emotions
run amok of us more often than not.

Until we have this well-reasoned word-of-sanity, the bible (or the
apparently more recent Koran) might be a better alternative to madness. A
simple way to soothe troubled souls. Through the evolution applied before
it's popularity, hard to disprove, infectious and attractive. The dark
question you might be asking yourself is, where and with whom does that
leave me?

I'm very deeply concerned about religion influencing law. This has happened
forever, and will happen for the foreseeable future. Another demon for
democracy, which leaves the innocent and well-intentioned, but ultimately
foolish mass in charge. Or.. doesn't it :) ? (hint: chill)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2328 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150511/cc4ec39b/attachment.txt>

From l at odewijk.nl  Mon May 11 08:44:18 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 12 May 2015 00:44:18 +0900
Subject: Jim Bell vindicated
In-Reply-To: <3863414.P9pHF78XWj@lapuntu>
References: <op.xx5awby4bgbjo9@work-pc.lan> <1488750.AbtNa1rled@lapuntu>
 <554A8044.6040004@cathalgarvey.me> <3863414.P9pHF78XWj@lapuntu>
Message-ID: <CAHWD2r+cc0ibqLNjz5s=weCxmLW13a7xhoJo3ucQGT4ZShS4pQ@mail.gmail.com>

Is there something you guys are going for?

Two cops got shot, the executive arm of the government has significant
issues as a result. No other conclusions can be made.

Not sure why the response to cop-killing is so hefty, isn't it fairly
common in the US? Isn't it to be expected sometimes? It's a bit wild west,
but that's nothing new in America.

Further I do not see any problems solved by privatizing violence (or,
actually, policing). If you'd like policing to change, use the democratic
means to do so. If you don't like the democratic means, fix that. It's
vital. If you're a libertarian you're usually still democratic of sorts.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 921 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150512/8ce3ddc1/attachment.txt>

From Rayzer at riseup.net  Tue May 12 07:48:17 2015
From: Rayzer at riseup.net (Razer)
Date: Tue, 12 May 2015 07:48:17 -0700
Subject: Jim Bell vindicated
In-Reply-To: <CAOsGNSRHruAaELap5EFQZCLqG0uR81DFtRk1RPAiuG5orC=yKA@mail.gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <1488750.AbtNa1rled@lapuntu>
 <554A8044.6040004@cathalgarvey.me> <3863414.P9pHF78XWj@lapuntu>
 <CAHWD2r+cc0ibqLNjz5s=weCxmLW13a7xhoJo3ucQGT4ZShS4pQ@mail.gmail.com>
 <CAOsGNSRj+GnF1StWZ-sxoy_ePSmDRpefsW-fCXMiazbDGyXnFA@mail.gmail.com>
 <CAHWD2rLte8XYeaMUzsL4kydm8pOQzJDCS05T-jh7wTNmJUB2Hw@mail.gmail.com>
 <CAOsGNSRHruAaELap5EFQZCLqG0uR81DFtRk1RPAiuG5orC=yKA@mail.gmail.com>
Message-ID: <555212B1.2090305@riseup.net>



On 05/11/2015 09:49 PM, Zenaan Harkness wrote:
> Crap.  Perhaps you mean "involved in a way which is effective"?

Crap. Perhaps you mean "involved in a way that doesn't have any net
negative effect on my life."?

Never discount the power of psychopathy to prevent solidarity,
demoralize and disenfranchise.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150512/3f7397d7/attachment.sig>

From zen at freedbms.net  Mon May 11 17:23:21 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Tue, 12 May 2015 10:23:21 +1000
Subject: Jim Bell vindicated
In-Reply-To: <CAHWD2r+cc0ibqLNjz5s=weCxmLW13a7xhoJo3ucQGT4ZShS4pQ@mail.gmail.com>
References: <op.xx5awby4bgbjo9@work-pc.lan> <1488750.AbtNa1rled@lapuntu>
 <554A8044.6040004@cathalgarvey.me> <3863414.P9pHF78XWj@lapuntu>
 <CAHWD2r+cc0ibqLNjz5s=weCxmLW13a7xhoJo3ucQGT4ZShS4pQ@mail.gmail.com>
Message-ID: <CAOsGNSRj+GnF1StWZ-sxoy_ePSmDRpefsW-fCXMiazbDGyXnFA@mail.gmail.com>

On 5/12/15, Lodewijk andré de la porte <l at odewijk.nl> wrote:
> means to do so. If you don't like the democratic means, fix that. It's
> vital. If you're a libertarian you're usually still democratic of sorts.

I appreciate your sentiment and what I perceive as your implicit
"folks, consider being cautious" but when you say "fix that" the
obvious question is "how"?

I don't know that -any- system can fix any other system except to
appear to do so for a limited period of time until it too degenerates
due to the usual problems - individual human weaknesses (greed, lust,
anger, unwarranted reactions etc).

Do you actually believe there's an answer to -how- to "fix it"?

Or, are you uncomfortable with this discussion?

If you believe that this discussion is counter productive to what you
perceive as your and or our interests I'm interested to hear about;
but although "fix it" it sounds superficially laudable it's cheap and,
well, superficial.  You'll need to pontificate a little more deeply to
impress folks around these parts :)

Regards,
Zenaan




From zen at freedbms.net  Tue May 12 15:23:51 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Wed, 13 May 2015 08:23:51 +1000
Subject: Jim Bell vindicated
In-Reply-To: <555212B1.2090305@riseup.net>
References: <op.xx5awby4bgbjo9@work-pc.lan> <1488750.AbtNa1rled@lapuntu>
 <554A8044.6040004@cathalgarvey.me> <3863414.P9pHF78XWj@lapuntu>
 <CAHWD2r+cc0ibqLNjz5s=weCxmLW13a7xhoJo3ucQGT4ZShS4pQ@mail.gmail.com>
 <CAOsGNSRj+GnF1StWZ-sxoy_ePSmDRpefsW-fCXMiazbDGyXnFA@mail.gmail.com>
 <CAHWD2rLte8XYeaMUzsL4kydm8pOQzJDCS05T-jh7wTNmJUB2Hw@mail.gmail.com>
 <CAOsGNSRHruAaELap5EFQZCLqG0uR81DFtRk1RPAiuG5orC=yKA@mail.gmail.com>
 <555212B1.2090305@riseup.net>
Message-ID: <CAOsGNSSTRGzZMxhhFCZi1r0uFgfioKBBCf9hosDcgQtGtqPuKQ@mail.gmail.com>

On 5/13/15, Razer <Rayzer at riseup.net> wrote:
> On 05/11/2015 09:49 PM, Zenaan Harkness wrote:
>> Crap.  Perhaps you mean "involved in a way which is effective"?
>
> Crap. Perhaps you mean "involved in a way that doesn't have any net
> negative effect on my life."?
>
> Never discount the power of psychopathy to prevent solidarity,
> demoralize and disenfranchise.

Fair point.

Regards,
Zenaan




From dan at geer.org  Wed May 13 20:44:22 2015
From: dan at geer.org (dan at geer.org)
Date: Wed, 13 May 2015 23:44:22 -0400
Subject: Subject: Re: Watching the watchers: spook database
In-Reply-To: Your message of "Fri, 08 May 2015 17:13:09 -0700."
 <CAGkjMSP8w4mjKVVoSf78GLPR_+YsRcNw0MmeU=KDPQam9kdAjQ@mail.gmail.com>
Message-ID: <20150514034422.9FDF02281A4@palinka.tinho.net>

 | Indeed.  try removing your resume once you've made the mistake of
 | uploading it!  Maybe if I went paid account route I might be able to,
 | but ... somehow ... doubt it.


In the order of things, Assured Deletion is harder than Naming,
and Naming is harder than Confidentiality.

IMHO,

--dan




From grarpamp at gmail.com  Wed May 13 23:18:11 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 14 May 2015 02:18:11 -0400
Subject: Rare Historical Film: 1932. US military attacks demonstrating
 American War Veterans.
In-Reply-To: <CAOsGNSSnuhEmu+r3ZMp9=Upa1VoUz5UbZk8ros3pcadWRJ23yQ@mail.gmail.com>
References: <652D2868C3234ABFA97233408FAFC103@atii>
 <CAOsGNSSnuhEmu+r3ZMp9=Upa1VoUz5UbZk8ros3pcadWRJ23yQ@mail.gmail.com>
Message-ID: <CAD2Ti28s7CiTc34q9hzmORJvxQKDKdVV=yt1LEUPSXpuy1-MWQ@mail.gmail.com>

Refer to the full version:

https://www.youtube.com/watch?v=KvCuyqJXDVk

"While in school, from the primary grades through college, students
are supposed to learn American history. But what a student can learn
in one hour, three days a week, is ultimately pretty little. What
makes this even worse is not what they try and teach you, but the
important things they decide not to teach you. The Bonus March of 1932
is one of those things they didn't teach you..."

https://en.wikipedia.org/wiki/Bonus_Army
https://en.wikipedia.org/wiki/World_War_Adjusted_Compensation_Act




From s at ctrlc.hu  Fri May 15 08:16:00 2015
From: s at ctrlc.hu (stef)
Date: Fri, 15 May 2015 17:16:00 +0200
Subject: noscript is 10 years!
In-Reply-To: <CAHWD2r+u5w5HHkAqXZggnPTQVw4137zw_Kyx4tYD=w1NXrwmdw@mail.gmail.com>
References: <20150515115457.GX7148@ctrlc.hu>
 <CAHWD2r+u5w5HHkAqXZggnPTQVw4137zw_Kyx4tYD=w1NXrwmdw@mail.gmail.com>
Message-ID: <20150515151600.GF7148@ctrlc.hu>

On Fri, May 15, 2015 at 11:45:47PM +0900, Lodewijk andré de la porte wrote:
> Noscript is admission of failure to sandbox, and a step away from
> webapplications.

webapplications are simple development cost externalisations by the VC
vultures and their startup slaves and js are a perfect tool in gathering more
private information to sell that.

webapplications shouldn't exist in the first place, there's OS level binaries
that should be used instead. but i totally understand that the time-to-market
and the RoI of hiring a bunch of dumb jsdevs is greatly more profitable than
doing it right. the incentives of the system subvert and cannibalize the
system itself. omnomnom.

since you addressed sandboxing, i'm much more of a fan of reducing the attack
surface than sandboxing. sandboxing should be only used in a defense-in-depth
setup, with other factors being more important, like reducing all the layers
of cruft underneath.

also lets not forget that the security in browsers is like the security
offered by tls, it's mostly in the interest of the industries, not the users
sitting behind the browsers. sandboxing in chrome for example is good enough
for the startups to not leech the data in other tabs, but looking at the
results of various exploit compos confirms that the more resourceful
attackers are not much deterred by the sandboxing. whereas noscript is indeed
in the interest of the user, not the industries.


-- 
otr fp: https://www.ctrlc.hu/~stef/otr.txt




From rysiek at hackerspace.pl  Fri May 15 14:48:42 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Fri, 15 May 2015 23:48:42 +0200
Subject: Worker fired for disabling GPS app that tracked her 24 hours a
 day | Ars Technica
In-Reply-To: <CAHWD2rJ-Md-sL1R3hjAXfu_ipm8CT5YZaip2tcQLT_rrHf9FQg@mail.gmail.com>
References: <65858DFF-E471-45D3-A173-8C546FB9EFF7@icloud.com>
 <CAHWD2rJ-Md-sL1R3hjAXfu_ipm8CT5YZaip2tcQLT_rrHf9FQg@mail.gmail.com>
Message-ID: <1527591.OjQuvdFu50@lapuntu>

Dnia wtorek, 12 maja 2015 11:32:34 Lodewijk andré de la porte pisze:
> Why not have a work phone?

Doesn't solve the problem -- then she would get fired for turning it off or 
not having it on her at all times...

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150515/bee6dd65/attachment.sig>

From dan at geer.org  Sat May 16 07:05:55 2015
From: dan at geer.org (dan at geer.org)
Date: Sat, 16 May 2015 10:05:55 -0400
Subject: noscript is 10 years!
In-Reply-To: Your message of "Sat, 16 May 2015 12:07:30 +0900."
 <CAHWD2rJW_4JA85sfsHwCdfATpFoHwLPK=DF=nWeP=dex-mwR5g@mail.gmail.com>
Message-ID: <20150516140555.A11B2228195@palinka.tinho.net>

..snip..

> The problem, ultimately, is features. And it will always be features.

That is correct as an observation.  I don't like it, but the
world does not care whether I like it or not; I am 1/7000000000
regardless of my skill, taste, or persuasiveness.  And so it has
always been (cf. "bread and circuses").

However, what I object to is the tendency of features to destroy
functionality by way of collateral damage, viz., for platforms to
be constructed to deliver features and only to deliver features.
That is what "freedom to tinker" fears.  That is what risk is
all about, risk being solely a consequence of that upon which
you depend.  That is why I've all but stopped buying new things
(computers, cars, appliances, etc.) -- their orientation around
features reduces my ability to configure, to repair, nay even to
understand what is going on inside, much less that it is legally
questionable as to whether I even own them despite having paid
my money for them.[*]  (Even were I willing to run Javascript, my
old computers can no longer handle the burgeoning demands --
Javascript has clearly become the technologic embodiment of
"When rape is inevitable, relax and enjoy it.")

Big data, especially of the so-called deep learning kind, is
of a parallel sort.  Where data science spreads, a massive
increase in tailorability to conditions follows.  Even if
Moore's Law remains forever valid, there will never be enough
computing hence data driven algorithms must favor efficiency
above all else, yet the more efficient the algorithm, the less
interrogatable it is, that is to say that the more optimized the
algorithm is, the harder it is to know what the algorithm is
really doing.

The more desirable some particular automation is judged to be,
the more data (which is to say foodstuffs) it is given.  The
more data it is given, the more its data utilization efficiency
matters.  The more its data utilization efficiency matters, the
more its algorithms will evolve to opaque operation.  Above some
threshold of dependence on such an algorithm in practice, there
can be no going back.  As such, if data science wishes to be
genuinely useful, preserving algorithm interrogatability despite
efficiency-seeking, self-driven evolution is the research grade
problem now on the table.  If science does not pick this up,
then Lessig's characterization of code as law is fulfilled.

In short, features drive.  They drive because of democratic
principles evidenced by immensely rapid uptake.  They rely upon a
user base that is forever "barefoot and pregnant."  And it is
increasingly difficult to opt out of features without opting out
of society altogether.  As there is zero difference between
"personalization" and "targeting" beyond the intent of the
algorithm, those who don't accept features will be adjudged
anomalous, and we already treat anomaly detection as the
sine qua non of public safety.

--dan

[*] http://www.wired.com/2015/04/dmca-ownership-john-deere/




From s at ctrlc.hu  Sat May 16 09:10:27 2015
From: s at ctrlc.hu (stef)
Date: Sat, 16 May 2015 18:10:27 +0200
Subject: Watching the watchers: spook database
In-Reply-To: <20150508145032.GA2543@sivokote.iziade.m$>
References: <554B105D.1000006@riseup.net> <20150507090830.GD7148@ctrlc.hu>
 <20150508145032.GA2543@sivokote.iziade.m$>
Message-ID: <20150516161027.GJ7148@ctrlc.hu>

On Fri, May 08, 2015 at 05:50:32PM +0300, Georgi Guninski wrote:
> On Thu, May 07, 2015 at 11:08:30AM +0200, stef wrote:
> > plausibly deniably), let me quote twitter: 
> > > "watching the watchers" https://icwatch.transparencytoolkit.org/ going over
> > > cloudflare, so the watched watchers can watch the watching watchers
> Conspiracy theories scale exponentially, even if true ;)

hah, so they have a tor HS, and now they partnered with wikileaks which is
also not "managed" by cloudflare. why not do things properly from the
beginning?

-- 
otr fp: https://www.ctrlc.hu/~stef/otr.txt




From hozer at hozed.org  Sun May 17 09:56:20 2015
From: hozer at hozed.org (Troy Benjegerdes)
Date: Sun, 17 May 2015 11:56:20 -0500
Subject: noscript is 10 years!
In-Reply-To: <20150516140555.A11B2228195@palinka.tinho.net>
References: <CAHWD2rJW_4JA85sfsHwCdfATpFoHwLPK=DF=nWeP=dex-mwR5g@mail.gmail.com>
 <20150516140555.A11B2228195@palinka.tinho.net>
Message-ID: <20150517165620.GD27932@nl.grid.coop>

On Sat, May 16, 2015 at 10:05:55AM -0400, dan at geer.org wrote:
> ..snip..
> 
> > The problem, ultimately, is features. And it will always be features.
> 
> That is correct as an observation.  I don't like it, but the
> world does not care whether I like it or not; I am 1/7000000000
> regardless of my skill, taste, or persuasiveness.  And so it has
> always been (cf. "bread and circuses").

..snip..

> In short, features drive.  They drive because of democratic
> principles evidenced by immensely rapid uptake.  They rely upon a
> user base that is forever "barefoot and pregnant."  And it is
> increasingly difficult to opt out of features without opting out
> of society altogether.  As there is zero difference between
> "personalization" and "targeting" beyond the intent of the
> algorithm, those who don't accept features will be adjudged
> anomalous, and we already treat anomaly detection as the
> sine qua non of public safety.
> 
> --dan
> 
> [*] http://www.wired.com/2015/04/dmca-ownership-john-deere/
> 

Ahhh, John Deere. Last year I asked the guy unloading my corn at the farmers
co-op elevator if there was any difference between the corn I harvested with
my antique rusty combine with only analog electronics for indicator lights,
and half of those don't work. I tend to rely on the audio signal processing
between my ears and vibrational failure early warning detectors in my but on
the seat to tell me if something is broken. (okay, to be fair, there are 
electro-hydraulics, but those are switches and solenoids)

The brand new John Deere combines that you can press a button and it pretty 
much drives itself, with the operator there only to function as a legal 
liability offloading device produces the same quality of corn I do.

Now granted, it takes me about twice as long to harvest than it takes John
Deere's fancy robots with human legal liabilty shunt devices, but one of 
these days an owner of one of those machines is going to get burned and
decide, like me, that it's cheaper become a hacker (or hire some) and rip 
out every piece of technology they do not own full license to modify.

When that happens, we'll have a full-fledged technology revolt on our hands,
at least if there are any farmers left that still actually own farmland.

That's a democratic principle ready for rapid uptake. I heard last year of 
a farmer going from a 24 row planter back to an *older* 16 row because it 
had less technology to break that required a John Deere certified tech than
the older ones, which mostly just required figuring out which wire the mouse
chewed through over the winter.

I'll be happy to feed the McJohn-Google-Disney behomoth with all the raw
material needed to keep their human confinement farm operations running at
full capacity, but I think both the behemoth and I know it will cost them
way less to have farm owner-operators than it will cost to try to deal with
the unpredictable, uncomputable, and chaotic results we are likely to 
encounter over the next 50 years from climate change.

Never underestimate the persuasiveness of plain, simple text, whether that
be the text Martin Luther nailed to the door of the church, or these words
that we are broadcasting to all, human and nonhuman, that like to identify
themselves as cypherpunks.

I'm calling for a technological reformation, and not just some half hearted
attempts at open-source farm equipment. The time has come for a social, 
economic, and, dare I say it, even a religious movement to nail a manifesto
to the wall of the church of technology that has subsumed the role of both
governments and spiritual seeking.

We must feed ourselves only with which we understand how it was grown.

If you insist on buying a GPS-auto-steer combine without understanding it,
you have become soylent green food for the behemoth. If you buy food from
your local co-op grocer without understanding the fossil fuel inputs needed
to bring that food to the city, you are feeding yourself to the behemoth.

If you read this message with a javascript enabled technological behemoth...
<!no carrier!>
<anonomly_error>
{Error="DMCA violation detected", result="feed behemoth"}
</anomoly_error>
-- 
----------------------------------------------------------------------------
Troy Benjegerdes                 'da hozer'                  hozer at hozed.org
7 elements      earth::water::air::fire::mind::spirit::soul        grid.coop

      Never pick a fight with someone who buys ink by the barrel,
         nor try buy a hacker who makes money by the megahash




From jya at pipeline.com  Sun May 17 10:37:49 2015
From: jya at pipeline.com (John Young)
Date: Sun, 17 May 2015 13:37:49 -0400
Subject: noscript is 10 years!
In-Reply-To: <20150517165620.GD27932@nl.grid.coop>
References: <CAHWD2rJW_4JA85sfsHwCdfATpFoHwLPK=DF=nWeP=dex-mwR5g@mail.gmail.com>
 <20150516140555.A11B2228195@palinka.tinho.net>
 <20150517165620.GD27932@nl.grid.coop>
Message-ID: <E1Yu2V7-0004Wg-WA@elasmtp-curtail.atl.sa.earthlink.net>

NYT today has book review on gradual replacement of humans
by robots, a beloved investment of those at the top, so John Deere
is out to replace farmers not make them more productive. Same
for robotics in general; their inventors, coders, engineers, will
themselves be replaced by robots which can outperform their
vulnerable, increasingly marginalized parents.

We have seen how digital spying is fast replacing humans who
are hired to algo, build and unleash the robots, guide them for a
while until they learn to be self-guided and self-improved across
the flesh-and-blood spectrum, bottom to top, yes, even the top
are robotically destined to be invaded by algorithms way smarter
than their makers. Yes, robotic subversion has happened to banks,
governments, investors, spy agencies, their contractors and
NGOs.

Maybe not yet time for humans to eat their kids, their homegrown
garden and feed lot, but that's the model beloved by those
at the top, yes, that is what they are doing, eating their seed
corn. Go for it, John Deere, eat your sales and repair crew.

Oh well, the richest got richer last year, the prisons got
fuller, buildings got taller and deadlier, drones are becoming
favorites of agri-farmers, kid predators, and revenge porners.

Want a roasted PhD for dinner, call Amazon. Not you, Dr. Geer,
not yet the Ubers buzzing overhead with pension-killing
Hellfires.




At 12:56 PM 5/17/2015, you wrote:
>On Sat, May 16, 2015 at 10:05:55AM -0400, dan at geer.org wrote:
> > ..snip..
> >
> > > The problem, ultimately, is features. And it will always be features.
> >
> > That is correct as an observation.  I don't like it, but the
> > world does not care whether I like it or not; I am 1/7000000000
> > regardless of my skill, taste, or persuasiveness.  And so it has
> > always been (cf. "bread and circuses").
>
>..snip..
>
> > In short, features drive.  They drive because of democratic
> > principles evidenced by immensely rapid uptake.  They rely upon a
> > user base that is forever "barefoot and pregnant."  And it is
> > increasingly difficult to opt out of features without opting out
> > of society altogether.  As there is zero difference between
> > "personalization" and "targeting" beyond the intent of the
> > algorithm, those who don't accept features will be adjudged
> > anomalous, and we already treat anomaly detection as the
> > sine qua non of public safety.
> >
> > --dan
> >
> > [*] http://www.wired.com/2015/04/dmca-ownership-john-deere/
> >
>
>Ahhh, John Deere. Last year I asked the guy unloading my corn at the farmers
>co-op elevator if there was any difference between the corn I harvested with
>my antique rusty combine with only analog electronics for indicator lights,
>and half of those don't work. I tend to rely on the audio signal processing
>between my ears and vibrational failure early warning detectors in my but on
>the seat to tell me if something is broken. (okay, to be fair, there are
>electro-hydraulics, but those are switches and solenoids)
>
>The brand new John Deere combines that you can press a button and it pretty
>much drives itself, with the operator there only to function as a legal
>liability offloading device produces the same quality of corn I do.
>
>Now granted, it takes me about twice as long to harvest than it takes John
>Deere's fancy robots with human legal liabilty shunt devices, but one of
>these days an owner of one of those machines is going to get burned and
>decide, like me, that it's cheaper become a hacker (or hire some) and rip
>out every piece of technology they do not own full license to modify.
>
>When that happens, we'll have a full-fledged technology revolt on our hands,
>at least if there are any farmers left that still actually own farmland.
>
>That's a democratic principle ready for rapid uptake. I heard last year of
>a farmer going from a 24 row planter back to an *older* 16 row because it
>had less technology to break that required a John Deere certified tech than
>the older ones, which mostly just required figuring out which wire the mouse
>chewed through over the winter.
>
>I'll be happy to feed the McJohn-Google-Disney behomoth with all the raw
>material needed to keep their human confinement farm operations running at
>full capacity, but I think both the behemoth and I know it will cost them
>way less to have farm owner-operators than it will cost to try to deal with
>the unpredictable, uncomputable, and chaotic results we are likely to
>encounter over the next 50 years from climate change.
>
>Never underestimate the persuasiveness of plain, simple text, whether that
>be the text Martin Luther nailed to the door of the church, or these words
>that we are broadcasting to all, human and nonhuman, that like to identify
>themselves as cypherpunks.
>
>I'm calling for a technological reformation, and not just some half hearted
>attempts at open-source farm equipment. The time has come for a social,
>economic, and, dare I say it, even a religious movement to nail a manifesto
>to the wall of the church of technology that has subsumed the role of both
>governments and spiritual seeking.
>
>We must feed ourselves only with which we understand how it was grown.
>
>If you insist on buying a GPS-auto-steer combine without understanding it,
>you have become soylent green food for the behemoth. If you buy food from
>your local co-op grocer without understanding the fossil fuel inputs needed
>to bring that food to the city, you are feeding yourself to the behemoth.
>
>If you read this message with a javascript enabled technological behemoth...
><!no carrier!>
><anonomly_error>
>{Error="DMCA violation detected", result="feed behemoth"}
></anomoly_error>
>--
>----------------------------------------------------------------------------
>Troy Benjegerdes                 'da hozer'                  hozer at hozed.org
>7 elements      earth::water::air::fire::mind::spirit::soul        grid.coop
>
>       Never pick a fight with someone who buys ink by the barrel,
>          nor try buy a hacker who makes money by the megahash





From grarpamp at gmail.com  Sun May 17 12:55:23 2015
From: grarpamp at gmail.com (grarpamp)
Date: Sun, 17 May 2015 15:55:23 -0400
Subject: noscript is 10 years!
In-Reply-To: <E1Yu2V7-0004Wg-WA@elasmtp-curtail.atl.sa.earthlink.net>
References: <CAHWD2rJW_4JA85sfsHwCdfATpFoHwLPK=DF=nWeP=dex-mwR5g@mail.gmail.com>
 <20150516140555.A11B2228195@palinka.tinho.net>
 <20150517165620.GD27932@nl.grid.coop>
 <E1Yu2V7-0004Wg-WA@elasmtp-curtail.atl.sa.earthlink.net>
Message-ID: <CAD2Ti29TmHzXu_AJSHi8L_q69G07aZ7wJfS59j8MO4Z_XCJypA@mail.gmail.com>

On Sun, May 17, 2015 at 1:37 PM, John Young <jya at pipeline.com> wrote:
> NYT today has book review on gradual replacement of humans
> by robots, a beloved investment of those at the top, so John Deere

Shame no one properly broke the last 3-5 messages off into a
separate thread when it went off noscript.

What will happen to the 7000000000 unpaid system redundancies?

Do not reply in this thread.




From rtomek at ceti.pl  Sun May 17 13:24:24 2015
From: rtomek at ceti.pl (Tomasz Rola)
Date: Sun, 17 May 2015 22:24:24 +0200
Subject: Worker fired for disabling GPS app that tracked her 24 hours a
 day | Ars Technica
In-Reply-To: <1527591.OjQuvdFu50@lapuntu>
References: <65858DFF-E471-45D3-A173-8C546FB9EFF7@icloud.com>
 <CAHWD2rJ-Md-sL1R3hjAXfu_ipm8CT5YZaip2tcQLT_rrHf9FQg@mail.gmail.com>
 <1527591.OjQuvdFu50@lapuntu>
Message-ID: <20150517202424.GC26062@tau1.ceti.pl>

On Fri, May 15, 2015 at 11:48:42PM +0200, rysiek wrote:
> Dnia wtorek, 12 maja 2015 11:32:34 Lodewijk andré de la porte pisze:
> > Why not have a work phone?
> 
> Doesn't solve the problem -- then she would get fired for turning it off or 
> not having it on her at all times...
> 

Could they find out without stalking that she left work phone at home
and went away? Was she supposed to be available 24/7? If not, is it
legal to spy on worker after work hours and out of workplace (sure,
some agencies may have it in the job contract, explicit or not, but
other employers?).

Oh, btw. Can she be punished if she forgot to charge her phone (say,
can she be punished for being tired after work hours)? Can she be
punished if after work she fell asleep in bath / made love / was
learning Japanese / playing drums and didn't hear the ring (in case
they wanted to check if she's with her phone)?

Sure, it may look strange if one day she plays drums, another day
makes love and yet another saws trees to build a DIY coffee table. But
so what?

Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola at bigfoot.com             **




From wilfred at vt.edu  Mon May 18 06:13:12 2015
From: wilfred at vt.edu (Wilfred Guerin)
Date: Mon, 18 May 2015 04:13:12 -0900
Subject: [cryptome] NYT on Nick Szabo and Bitcoin
In-Reply-To: <E1Yu16C-0004KZ-WC@elasmtp-kukur.atl.sa.earthlink.net>
References: <E1Yu16C-0004KZ-WC@elasmtp-kukur.atl.sa.earthlink.net>
Message-ID: <CAG+6jOa4PM3VZRTm4Rw9k=RqabHHL3x-=WqS+UzGHjftT2mR7g@mail.gmail.com>

We did a context profile on Satoshi with analysis of intel-based datacenter
profiles and certain known paterns from the USSS (Treasury Fincen) crew you
like so much at Yale and another specific MI5 ish unit whome you remember
from Anguilla. The analysis clustered age and language patterns and
identified a very tight range of character and background with
institutional intent, then modeled the propaganda influence that gave rise
to the BTC trend. The analysis was posted on the forums and pdf, but are
missing from search. We will repost the original and add some current
profile analysis. In short, the character is a 20s 2-year AS pre-law 1811
(police) with distinct interest in using US/UK and new international law
*pyramid scheme policies to take over global legacy datacenters* in
criminal forfeiture cases. Another party did a review of law&policy
influencers of the same market and similarily isolated the core group. (no
need to mention DEA+FINCEN.)

On Sunday, May 17, 2015, John Young <jya at pipeline.com> wrote:

>
> nytimes.com/2015/05/17/business/decoding-the-enigma-of-satoshi-nakamoto-and-the-birth-of-bitcoin.html
> <http://t.co/2zgTpKDPaa>
>
> Those around cypherpunks 1993-1998 will recall Szabo's emails on
> bitcoin early precursors along with Adam Back, Hal Finney, Tim May,
> Wei Dai, Lucky Green, Hettinga, many more burgeoning F-Cs. NYT
> piece credits cpunks as subversive birther, now being hyper-monetized
> by arch-cryptoanarchist Goldman Sachs and many more centralists.
>
> Szabo denies being Satoshi, but ... others rush to fill the gap
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1802 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150518/0675c03f/attachment.txt>

From JS733NknRj6J at protonmail.com  Mon May 18 09:51:22 2015
From: JS733NknRj6J at protonmail.com (JS733NknRj6J)
Date: Mon, 18 May 2015 12:51:22 -0400
Subject: [cryptome] NYT on Nick Szabo and Bitcoin
Message-ID: <f67f30c54f479e84e22343fc8a212e55@protonmail.ch>

I seem to vaguely remember this profile (or one like it) but can't turn it up myself. Would be very grateful for the link if you do repost it.



- JS7



Sent from [ProtonMail](https://protonmail.ch), encrypted email based in Switzerland.


-------- Original Message --------

Subject: Re: [cryptome] NYT on Nick Szabo and Bitcoin

Time (GMT): May 18 2015 13:13:12

From: wilfred at vt.edu

To: cryptome at freelists.org

CC: cypherpunks at cpunks.org, cryptography at metzdowd.com, cryptography at randombit.net



We did a context profile on Satoshi with analysis of intel-based datacenter profiles and certain known paterns from the USSS (Treasury Fincen) crew you like so much at Yale and another specific MI5 ish unit whome you remember from Anguilla. The analysis clustered age and language patterns and identified a very tight range of character and background with institutional intent, then modeled the propaganda influence that gave rise to the BTC trend. The analysis was posted on the forums and pdf, but are missing from search. We will repost the original and add some current profile analysis. In short, the character is a 20s 2-year AS pre-law 1811 (police) with distinct interest in using US/UK and new international law *pyramid scheme policies to take over global legacy datacenters* in criminal forfeiture cases. Another party did a review of law&policy influencers of the same market and similarily isolated the core group. (no need to mention DEA+FINCEN.)



On Sunday, May 17, 2015, John Young <jya at pipeline.com> wrote:


[ nytimes.com/2015/05/17/business/decoding-the-enigma-of-satoshi-nakamoto-and-the-birth-of-bitcoin.html](http://t.co/2zgTpKDPaa)



Those around cypherpunks 1993-1998 will recall Szabo's emails on

bitcoin early precursors along with Adam Back, Hal Finney, Tim May,

Wei Dai, Lucky Green, Hettinga, many more burgeoning F-Cs. NYT

piece credits cpunks as subversive birther, now being hyper-monetized

by arch-cryptoanarchist Goldman Sachs and many more centralists.



Szabo denies being Satoshi, but ... others rush to fill the gap
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2636 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150518/e69efb59/attachment.txt>

From guninski at guninski.com  Mon May 18 09:55:57 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Mon, 18 May 2015 19:55:57 +0300
Subject: Nuclear security
In-Reply-To: <CAHWD2r+qrWoL9aY8rK8WbuxGdNSu47yTSMZ=eRf_ncYv4t_wGA@mail.gmail.com>
References: <CAHWD2r+qrWoL9aY8rK8WbuxGdNSu47yTSMZ=eRf_ncYv4t_wGA@mail.gmail.com>
Message-ID: <20150518165557.GA2508@sivokote.iziade.m$>

On Mon, May 18, 2015 at 12:44:25PM +0900, Lodewijk andré de la porte wrote:
> https://wikileaks.org/trident-safety/
>

Remember how Fukushima nuclear plant went boom?

There are significant anomalies in newborns after
that.




From l at odewijk.nl  Mon May 18 09:58:44 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 19 May 2015 01:58:44 +0900
Subject: Nuclear security
In-Reply-To: <20150518165557.GA2508@sivokote.iziade.m$>
References: <CAHWD2r+qrWoL9aY8rK8WbuxGdNSu47yTSMZ=eRf_ncYv4t_wGA@mail.gmail.com>
 <20150518165557.GA2508@sivokote.iziade.m$>
Message-ID: <CAHWD2rLgEbW9Xc8hBj59zkGZRhaV0q_ZP35NzVjDBVtG=shBmQ@mail.gmail.com>

2015-05-19 1:55 GMT+09:00 Georgi Guninski <guninski at guninski.com>:

> Remember how Fukushima nuclear plant went boom?
>
> There are significant anomalies in newborns after
> that.
>

Nooooo
The Japanese government fixed all that. They do radiation readings, and
they look good. That's why they don't allow you to take your own readings,
they would not be better. Government good.

(also known as: stay away from the Jakuza or else you'll soon be fixing
shit up in a mostly-molten nuclear plant. Also, don't take readings or the
Jakuza...)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 968 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150519/b4d3cba5/attachment.txt>

From juan.g71 at gmail.com  Tue May 19 00:20:42 2015
From: juan.g71 at gmail.com (Juan)
Date: Tue, 19 May 2015 04:20:42 -0300
Subject: Surveillance Law
In-Reply-To: <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>
References: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
 <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>
Message-ID: <555ae30e.e4648c0a.6567.1348@mx.google.com>

On Tue, 19 May 2015 14:03:22 +0900
Lodewijk andré de la porte <l at odewijk.nl> wrote:

> Is this the same federation that has some states legalize drugs in
> violation of federal and international law? How does one put faith in
> law, if there's open governmental violation of it?


	What are you talking about? "Law" means "we government scumbags
	do whatever we want". 





From list at sysfu.com  Tue May 19 09:56:02 2015
From: list at sysfu.com (Seth)
Date: Tue, 19 May 2015 09:56:02 -0700
Subject: Surveillance Law
In-Reply-To: <555ae30e.e4648c0a.6567.1348@mx.google.com>
References: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
 <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>
 <555ae30e.e4648c0a.6567.1348@mx.google.com>
Message-ID: <op.xyv6no0rbgbjo9@work-pc.lan>

On Tue, 19 May 2015 00:20:42 -0700, Juan <juan.g71 at gmail.com> wrote:

> On Tue, 19 May 2015 14:03:22 +0900
> Lodewijk andré de la porte <l at odewijk.nl> wrote:
>
>> Is this the same federation that has some states legalize drugs in
>> violation of federal and international law? How does one put faith in
>> law, if there's open governmental violation of it?
>
>
> 	What are you talking about? "Law" means "we government scumbags
> 	do whatever we want".

I prefer Marc Steven's [1] succinct definition in layman's term

   Law: An opinion backed by a gun

[1] http://marcstevens.net/




From list at sysfu.com  Tue May 19 10:11:25 2015
From: list at sysfu.com (Seth)
Date: Tue, 19 May 2015 10:11:25 -0700
Subject: Nuclear security
In-Reply-To: <1724225.rFWstI72Ge@lapuntu>
References: <CAHWD2r+qrWoL9aY8rK8WbuxGdNSu47yTSMZ=eRf_ncYv4t_wGA@mail.gmail.com>
 <20150518165557.GA2508@sivokote.iziade.m$> <1724225.rFWstI72Ge@lapuntu>
Message-ID: <op.xyv7dbwsbgbjo9@work-pc.lan>

On Tue, 19 May 2015 02:34:03 -0700, rysiek <rysiek at hackerspace.pl> wrote:
> Yeah, I heard that the radioactive materials released from Fukushima  
> finally
> got to the US West Coast. The radioactivity levels are so low that  
> homeopaths
> claim they are actually beneficial.

If you're interested in atmospheric radiation levels in the United States  
check out enviroreporter.com [1] The beta count is the one you want to pay  
attention to.

The beta monitoring stations for many cities are non-functional but  
there's enough data from the functioning ones to be somewhat alarming,  
especially if you live in the West.

[1] www.enviroreporter.com/radnet-air-monitoring/




From l at odewijk.nl  Mon May 18 22:03:22 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 19 May 2015 14:03:22 +0900
Subject: Surveillance Law
In-Reply-To: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
References: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
Message-ID: <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>

Is this the same federation that has some states legalize drugs in
violation of federal and international law? How does one put faith in law,
if there's open governmental violation of it?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 244 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150519/bda7bbb2/attachment.txt>

From guninski at guninski.com  Tue May 19 07:58:16 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Tue, 19 May 2015 17:58:16 +0300
Subject: Surveillance Law
In-Reply-To: <555ae30e.e4648c0a.6567.1348@mx.google.com>
References: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
 <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>
 <555ae30e.e4648c0a.6567.1348@mx.google.com>
Message-ID: <20150519145816.GA2534@sivokote.iziade.m$>

On Tue, May 19, 2015 at 04:20:42AM -0300, Juan wrote:
> On Tue, 19 May 2015 14:03:22 +0900
> Lodewijk andré de la porte <l at odewijk.nl> wrote:
> 
> > Is this the same federation that has some states legalize drugs in
> > violation of federal and international law? How does one put faith in
> > law, if there's open governmental violation of it?
> 
> 
> 	What are you talking about? "Law" means "we government scumbags
> 	do whatever we want". 

Agreed.

But another question is how the scumbags legally
came to power?

Looks like sheeple elected them?

Sheeple scumbags too?




From eugen at leitl.org  Tue May 19 09:28:55 2015
From: eugen at leitl.org (Eugen Leitl)
Date: Tue, 19 May 2015 18:28:55 +0200
Subject: Surveillance Law
In-Reply-To: <20150519145816.GA2534@sivokote.iziade.m$>
References: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
 <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>
 <555ae30e.e4648c0a.6567.1348@mx.google.com>
 <20150519145816.GA2534@sivokote.iziade.m$>
Message-ID: <20150519162855.GP10743@leitl.org>

On Tue, May 19, 2015 at 05:58:16PM +0300, Georgi Guninski wrote:

> Agreed.
> 
> But another question is how the scumbags legally
> came to power?

http://en.wikipedia.org/wiki/Adolf_Hitler%27s_rise_to_power
 
> Looks like sheeple elected them?
> 
> Sheeple scumbags too?

http://scholar.princeton.edu/sites/default/files/mgilens/files/gilens_and_page_2014_-testing_theories_of_american_politics.doc.pdf 




From cathalgarvey at cathalgarvey.me  Tue May 19 10:58:37 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Tue, 19 May 2015 18:58:37 +0100
Subject: Nuclear security
In-Reply-To: <op.xyv7dbwsbgbjo9@work-pc.lan>
References: <CAHWD2r+qrWoL9aY8rK8WbuxGdNSu47yTSMZ=eRf_ncYv4t_wGA@mail.gmail.com>
 <20150518165557.GA2508@sivokote.iziade.m$> <1724225.rFWstI72Ge@lapuntu>
 <op.xyv7dbwsbgbjo9@work-pc.lan>
Message-ID: <2B65267B-D032-4001-AC0F-66AF0064DB39@cathalgarvey.me>

Bearing in mind: https://xkcd.com/radiation/

On 19 May 2015 18:11:25 GMT+01:00, Seth <list at sysfu.com> wrote:
>On Tue, 19 May 2015 02:34:03 -0700, rysiek <rysiek at hackerspace.pl>
>wrote:
>> Yeah, I heard that the radioactive materials released from Fukushima 
>
>> finally
>> got to the US West Coast. The radioactivity levels are so low that  
>> homeopaths
>> claim they are actually beneficial.
>
>If you're interested in atmospheric radiation levels in the United
>States  
>check out enviroreporter.com [1] The beta count is the one you want to
>pay  
>attention to.
>
>The beta monitoring stations for many cities are non-functional but  
>there's enough data from the functioning ones to be somewhat alarming, 
>
>especially if you live in the West.
>
>[1] www.enviroreporter.com/radnet-air-monitoring/

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1479 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150519/03a3838e/attachment.txt>

From rtomek at ceti.pl  Tue May 19 12:10:15 2015
From: rtomek at ceti.pl (Tomasz Rola)
Date: Tue, 19 May 2015 21:10:15 +0200
Subject: Worker fired for disabling GPS app that tracked her 24 hours a
 day | Ars Technica
In-Reply-To: <1568096.eKsopUXFbi@lapuntu>
References: <65858DFF-E471-45D3-A173-8C546FB9EFF7@icloud.com>
 <1527591.OjQuvdFu50@lapuntu> <20150517202424.GC26062@tau1.ceti.pl>
 <1568096.eKsopUXFbi@lapuntu>
Message-ID: <20150519191015.GA3746@tau1.ceti.pl>

On Tue, May 19, 2015 at 11:38:29AM +0200, rysiek wrote:
> Dnia niedziela, 17 maja 2015 22:24:24 Tomasz Rola pisze:
[...]
> > Sure, it may look strange if one day she plays drums, another day
> > makes love and yet another saws trees to build a DIY coffee table. But
> > so what?
> 
> It doesn't look strange, it shouldn't "look" in any particular way. As in, 
> that's nobody's business.

Exactly! The woman in original post was dealing with small brother,
which is very different to dancing with big bro (despite some people
making claims and noises like it was the very "big bro" himself -
maybe not on this list, I'm not sure, I don't trace so much "who what
and where").

My point was, she could play the "nuissance" and "strangeness" to her
advantage. Especially if she lived in some part of the world where
suing is not so customary but the law still says "in dubio pro reo" -
in case of doubt, give ear to the accused. She decided to milk dollars
from the fat cow, which is probably ok, too - I only barely know the
case as it was described in the news.

-- 
Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola at bigfoot.com             **




From coderman at gmail.com  Wed May 20 00:23:22 2015
From: coderman at gmail.com (coderman)
Date: Wed, 20 May 2015 00:23:22 -0700
Subject: "I don't like IKE!"
Message-ID: <CAJVRA1R_GsvOx=Wf7kzdEZU7ngO4HmnqD9sWALA1D2uP9xosrQ@mail.gmail.com>

https://www.altsci.com/ipsec/ :

    if (iph1->rmconf->proposal->gssid != NULL) {

Fuzzers missed this. Hackers missed this. Believe you me, I would have
missed it if I wasn't diligent and lucky...




From guninski at guninski.com  Wed May 20 07:02:33 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Wed, 20 May 2015 17:02:33 +0300
Subject: Surveillance Law
In-Reply-To: <20150519162855.GP10743@leitl.org>
References: <CAD2Ti2873fgvw4cK4g9c=zbPBSSo=ZCr9Oipu4=9KQVnivFKxA@mail.gmail.com>
 <CAHWD2rJ-sab-O1MJo3zw3Dftv=iwgvZvo9E=vGyk7y0qxXLFdQ@mail.gmail.com>
 <555ae30e.e4648c0a.6567.1348@mx.google.com>
 <20150519145816.GA2534@sivokote.iziade.m$>
 <20150519162855.GP10743@leitl.org>
Message-ID: <20150520140233.GA2556@sivokote.iziade.m$>

On Tue, May 19, 2015 at 06:28:55PM +0200, Eugen Leitl wrote:
> On Tue, May 19, 2015 at 05:58:16PM +0300, Georgi Guninski wrote:
> 
> > Agreed.
> > 
> > But another question is how the scumbags legally
> > came to power?
> 
> http://en.wikipedia.org/wiki/Adolf_Hitler%27s_rise_to_power
>

This is the most eloquent application of Godwin's law I have
seen so far:

https://en.wikipedia.org/wiki/Godwin%27s_law




From grarpamp at gmail.com  Wed May 20 20:44:03 2015
From: grarpamp at gmail.com (grarpamp)
Date: Wed, 20 May 2015 23:44:03 -0400
Subject: Rand Paul Filibustering PATRIOT Renewal, Accepts Bitcoin
Message-ID: <CAD2Ti2-W9we6T0Gnep4nd6sDGS1tixk+FJw2snK86wLU6ixS3Q@mail.gmail.com>

Live filibuster video...
http://www.c-span.org/video/?326084-1/senator-rand-paul-rky-nsa-surveillance&live




From grarpamp at gmail.com  Thu May 21 00:30:40 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 21 May 2015 03:30:40 -0400
Subject: Usability studies on encryption and e-mail
Message-ID: <CAD2Ti28CqFYvRip=VNqzSgekJJDaYVeHbPg5ACrSi6dBY4+uaQ@mail.gmail.com>

https://github.com/mailpile/Mailpile/issues/1127
"Perform usability studies on encryption and e-mail"




From grarpamp at gmail.com  Thu May 21 00:41:46 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 21 May 2015 03:41:46 -0400
Subject: Mailpile SMTorP [ref: nexgen P2P email]
Message-ID: <CAD2Ti2-qdymrnM-nHqP2sVBYP=notY6sW54dQ1to-KTbkTEY4A@mail.gmail.com>

Mailpile is interesting because it moves the concept of "webmail"
from the remote service (where the user is nothing more than
enslaved cannon fodder) to the user locally as an embeddable
daemon.

This eliminates the fact that all these new centralised OpenPGP
webmail providers will have access to your keys/cleartext, because
either:
A) it resides there
B) the malware they give you to run in your browser gives it away.

Mailpile is now looking to deliver directly between onions [1].

https://github.com/mailpile/Mailpile/wiki/SMTorP
https://github.com/mailpile/Mailpile/issues/1131

They could probably use some thoughts / hands / review.


[1] A model somewhat similar to that outlined in thread
"The next gen P2P secure email solution"
https://cpunks.org/pipermail/cypherpunks/2013-December/002638.html
...
https://cpunks.org/pipermail/cypherpunks/2014-July/004900.html




From grarpamp at gmail.com  Thu May 21 11:26:09 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 21 May 2015 14:26:09 -0400
Subject: Dig out your OCR and copier... for PGP part deux
Message-ID: <CAD2Ti28vK8ipR4tHt9MS__A8=XzaL5pmtM6xUdV3n0-4q1h4Hg@mail.gmail.com>

http://www.itworld.com/article/2925375/security/us-proposes-tighter-export-rules-for-computer-security-tools.html

The U.S. Commerce Department has proposed tighter export rules for
computer security tools, a potentially controversial revision to an
international agreement aimed at controlling weapons technology.




From jessetaylor84 at riseup.net  Fri May 22 23:22:03 2015
From: jessetaylor84 at riseup.net (Jesse Taylor)
Date: Fri, 22 May 2015 23:22:03 -0700
Subject: Astoria - new Tor client designed to be more resistant to timing
 attacks
Message-ID: <55601C8B.9060200@riseup.net>

Curious to hear your thoughts on this 
<http://www.dailydot.com/politics/tor-astoria-timing-attack-client/>:

---

/With the threat of powerful intelligence agencies, like the////NSA 
<http://dailydot.com/tags/nsa>//, looming large, researchers have built 
a new////Tor <http://dailydot.com/tags/tor>////client called////Astoria 
<http://arxiv.org/pdf/1505.05173.pdf>////designed specifically to make 
eavesdropping harder for the world's richest, most aggressive, and most 
capable spies.//
////
//Tor, the world’s most popular anonymity network, works like this: A 
user fires up the client and connects to the network through what's 
called an entry node. To reach a website anonymously, the user’s 
Internet traffic is then passed encrypted through a so-called middle 
relay and then an exit relay (and back again). That user-relay 
connection is called a circuit. The website on the receiving end doesn’t 
know who is visiting, only that a faceless Tor user has connected.////An 
eavesdropper shouldn’t be able to know who the Tor user is either, 
thanks to the encrypted traffic being routed through 6,000 nodes in the 
network.////But something called "timing attacks" change the situation. 
When an adversary takes control of both the entry and exit relays, 
research shows they can potentially deanonymize Tor users //within 
minutes <http://arxiv.org/abs/1503.03940>//.//

////A full 58 percent of Tor circuits are vulnerable to network-level 
attackers, such as the NSA or Britain’s Government Communications 
Headquarters (GCHQ), when they access popular websites, according to 
new////research <http://arxiv.org/pdf/1505.05173.pdf>////from American 
and Israeli academics. Chinese users are the most vulnerable of all to 
these kinds of attacks, with researchers finding 85.7 percent of all Tor 
circuits from the country to be vulnerable.//
////
//Even though Tor is designed to provide complete anonymity to its 
users, the NSA’s position means they can potentially see and measure 
both traffic entering the Tor network and the traffic that comes out. 
When an intelligence agency can see both,//simple statistics 
<http://freehaven.net/anonbib/#danezis:pet2004>////help an autonomous 
system at their control match the data up in a timing attack and 
discover the identity of the sender.////Anonymity over.////This kind of 
threat has been known to Tor developers for over a decade. They’ve been 
trying to make eavesdropping difficult for spy agencies for just as long.//
////
//To counter the threat, American-Israeli researchers built Astoria, a 
new Tor client focused on defeating autonomous systems that can break 
Tor’s anonymity.////Astoria reduces the number of vulnerable circuits 
from 58 percent to 5.8 percent, the researchers say. The new solution is 
the first designed to beat even the most//recently 
<http://arxiv.org/abs/1503.03940>////proposed 
<http://dl.acm.org/citation.cfm?id=2673869>////asymmetric correlation 
attacks on Tor.//
////
//Designed to beat such attacks, Astoria differs most significantly from 
Tor's default client in how it selects the circuits that connect a user 
to the network and then to the outside Internet. The tool, at its 
foundation, is an algorithm designed to more accurately predict attacks 
and then securely select relays that mitigate timing attack 
opportunities for top-tier adversaries.//
////
//Astoria adroitly considers how circuits should, according to the 
researchers, be made “when there are no safe possibilities,” how to 
safely balance the growing bandwidth load across the Tor network, and 
how to keep Tor’s performance “reasonable” and relatively fast even when 
Astoria is in its most secure configuration.////All this while under the 
unblinking gaze of the world’s best intel services.////Defeating timing 
attacks against Tor completely isn’t possible because of how Tor is 
built, but making the attacks more costly and less likely to succeed is 
a pastime that Tor developers have dedicated a decade to. Astoria 
follows in those footsteps.////By choosing relays based on lowering the 
threat of eavesdropping by autonomous systems and then choosing randomly 
if no safe passage is possible, Astoria aims to minimize the information 
gained by an adversary watching an entire circuit.//
////
//“In addition to providing high-levels of security against such 
attacks, Astoria also has performance that is within a reasonable 
distance from the current Tor client,” the researchers wrote. “Unlike 
other AS-aware Tor clients, Astoria also considers how circuits should 
be built in the worst case—i.e., when there are no safe relays that are 
available. Further, Astoria is a good network citizen and works to 
ensure that the all circuits created by it are load-balanced across the 
volunteer driven Tor network.”//
////
//In an upgrade aimed at making Tor even more usable for the average 
person, the newest Tor Browser allows a sliding scale of security that 
balances speed and usability with strong security 
preferences.////Similarly, Astoria provides multiple security options. 
However, it's both most effective and most usable when at its highest 
security level, the researchers say, so "Astoria is a usable substitute 
for the vanilla Tor client only in scenarios where security is a high 
priority."/

---

Source: http://www.dailydot.com/politics/tor-astoria-timing-attack-client/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8084 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150522/e0275f02/attachment.txt>

From rysiek at hackerspace.pl  Sat May 23 02:44:07 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Sat, 23 May 2015 11:44:07 +0200
Subject: Senate against PATRIOT ACT renewal
Message-ID: <3172007.mXn3J3Tsff@lapuntu>

Hi,

so:
http://www.npr.org/2015/05/23/408927009/senate-blocks-patriot-act-extension

Mind the spin, though. ;)

"The Senate struggled to prevent an interruption in critical government
 surveillance programs early Saturday, rejecting both a House-passed bill and
 a short-term extension of the USA Patriot Act.

 (...)

 The vote was 57-42, short of the 60-vote threshold to move ahead.

 That was immediately followed by rejection of a two-month extension to the
 existing programs. The vote was 45-54, again short of the 60-vote threshold.

 (...)

 The Justice Department has said the NSA would begin winding down its
 collection of domestic calling records this week if the Senate fails to act
 because the collection takes time to halt."

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150523/e80a3954/attachment.sig>

From jdb10987 at yahoo.com  Sun May 24 13:49:13 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Sun, 24 May 2015 20:49:13 +0000 (UTC)
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
Message-ID: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>

On Fox News 5/22/2015, Karl Rove displayed his ignorance about the data capacity of the NSA's data center, which he said was intended to store telephone metadata, not the actual audio data from phone calls or (perhaps) the content of emails.  http://www.foxnews.com/transcript/2015/05/22/rove-critics-dont-understand-nsa-terror-tools/ Rove said:  "What it does is, it keeps a record of a phone number that is being called from to a phone number being called to and the date and time. So, unless the Tsarnaev brothers talked to somebody abroad to talked to the phone number of somebody who is identified as a possible terror suspect, they wouldn't -- they wouldn't have been caught by this program whatsoever.And, again, I repeat, why is it that the opponents of Section 215 feel compelled to exaggerate by saying, oh, they're listening to our conversations?""Senator Paul on the floor of the Senate said, oh, they're listening in to thousands -- I mean, to millions of conversations. I mean, if we have to build a gigantic center in Utah to keep track of these phone numbers, how big a center would we need to have in order to keep the digital tapes of everybody who is having a telephone conversation? It simply does not happen."  [end of quote by Rove]Rove is clearly assuming that the size of the data center in Utah is necessary to hold the metadata alone.  The article  http://en.wikipedia.org/wiki/Utah_Data_Center  states:"An article by Forbes estimates the storage capacity as between 3 and 12 exabytes in the near term, based on analysis of unclassified blueprints, but mentions Moore's Law, meaning that advances in technology could be expected to increase the capacity by orders of magnitude in the coming years."   [3 and 12 exabytes is 3,000-12,000 petabytes, or 3 million-12 million terabytes.]https://www.techdirt.com/articles/20130621/03390823552/how-much-would-it-cost-to-store-all-us-phone-calls-made-year.shtml
There are about 900 billion telephone calls made in America per year.  If it took 100 bytes to store the needed metadata per call, that would be 90 terabytes of information needed.  The capacity of the center is, therefore, 33,000x to 131,000x larger than would be needed to store that data for the US alone for one year.  The data stored in a single call could probably be compressed to 8,000 bits per second, so every second would require 80 times as much data to be stored as just the metadata alone.  If the average phone call is 120 seconds, that would require about 9600x the data size, well within even the lower estimate above of 33,000x.So, the answer to Rove's question, "I mean, if we have to build a gigantic center in Utah to keep track of these phone numbers, how big a center would we need to have in order to keep the digital tapes of everybody who is having a telephone conversation? It simply does not happen." is simple:  "No, Karl, The center is just about the right size to store not only the metadata, but in fact the audio to all phone calls made in America in one year.  And in fact, a good deal larger, probably enough to store the audio of every phone call made in Europe as well, and most of Asia."  Would Rove be surprised to hear THAT?!?  Well, he'd probably claim to be surprised.  I suspect he'd defend himself by raising a newly-found fact that at the time that data center in Utah was proposed, hard drives were probably 1000x smaller in capacity than today.  In 2000, as I recall, a typical large hard drive was 2 gigabytes.  Today, the largest I've heard of is 8 terabytes, 4,000x larger.   http://techcrunch.com/2014/08/26/seagate-ships-an-8-terabyte-hard-drive-perfect-for-all-of-your-totally-legal-and-not-pirated-stuff/         Jim Bell 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 11260 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150524/7b9553e0/attachment.txt>

From oottela at cs.helsinki.fi  Sun May 24 11:43:52 2015
From: oottela at cs.helsinki.fi (Markus Ottela)
Date: Sun, 24 May 2015 21:43:52 +0300
Subject: TFC 0.5.5 out
Message-ID: <55621BE8.5050901@cs.helsinki.fi>

TFC 0.5.5 is now out

I found another vulnerability in the constant transmission feature; 
between each long message only one command would be sent at most. This 
issue has now been fixed.

After a request, I added further message authentication for CEV: In 
addition to GMAC it now does encrypt-then-MAC style authentication using 
HMAC-SHA2-512 (512-bit key) and SHA3-512 MAC (1144-bit key) before GCM 
authenticates and decrypts the ciphertext.

I upgraded all keys to 512-bit ones so cyclic hashing of keys won't 
reduce security over long period of time (there is no key negotiation in 
TFC).

I also upgraded hashes from Keccak-256 to Keccak-512 and at the same 
time the Keccak-CTR key size was upgraded to 512-bits. So 1280-bits of 
symmetric key security in total.

As for key generation, CEV now has constant 2kHz sampling speed (1.5M 
samples are loaded in total), three vN whitening passes and between each 
of those, Keccak-512 compression with 2:1 ratio (1024 bits in, 512 out). 
User can now input different entropy from keyboard for each of the eight 
512-bit keys generated.

Also fixed lots of bugs and typos, and as usual, updated whitepaper and 
manual where necessary.

UI was tweaked slightly: I added cleaner completion messages and some 
startup animation for the lulz (disable option available in settings).

Full update log:

https://github.com/maqp/tfc-cev/blob/master/0.5.5%20update%20log.txt




From grarpamp at gmail.com  Mon May 25 00:49:09 2015
From: grarpamp at gmail.com (grarpamp)
Date: Mon, 25 May 2015 03:49:09 -0400
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>

Considering you can put 3.6PB in a rack for under $170k ...
it's quite safe to presume the NSA is storing massive amounts
of content. And Utah isn't the only new datacenter they have.
Cost is well under $600M for 12EB right now today. Just select your
parity ratio and drop in some meta network and hardware and file
management. So lets just say $1B max to fillerup on the cheap
and Silicon Valley startup smart. Then add power and staff.
Tis but a drop in the sea, not even a blip on the yearly budget.
Y'all are fucking stupid if you think Gov and Corp doesn't have you
and the entire lives of the majority of the planet on disk by now.
How does it feel?

http://www.washingtonpost.com/wp-srv/special/national/black-budget/
http://fas.org/irp/budget/index.html
http://en.wikipedia.org/wiki/National_Security_Agency
http://en.wikipedia.org/wiki/Utah_Data_Center
http://www.mkomo.com/cost-per-gigabyte-update




From jdb10987 at yahoo.com  Sun May 24 21:36:08 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Mon, 25 May 2015 04:36:08 +0000 (UTC)
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
Message-ID: <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>

Cc: "cypherpunks at cpunks.org" <cypherpunks at cpunks.org> 
 Sent: Sunday, May 24, 2015 9:22 PM
 Subject: Re: Karl Rove's confusion about capacity of NSA's Utah data center.
   
>Is Fox News illegal? You'd say it's illegal to deceive people. The sheer quantity of false information on Fox >News, and it's popularity, are a serious harm to America.>Is it that free markets only perform properly with rational agents?

To the contrary, I'd say it isn't 'illegal to deceive people'. (in most circumstances.)  First Amendment to the US Constitution and all that.
Further, I'd say that currently the claim Rove made is false, but mostly it became false because the capacity of the hard drives that would be installed in that data center increased by at least a factor of 1000x between the time the data center was proposed (I assume it was around 2001-2002).  At that time, it's possible briefings merely claimed that the system would hold all American metadata, not the actual audio itself.  And I wouldn't expect Fox's journalist to catch that error instantly, either.  It requires a substantial amount of thought, and technical knowledge.  I knew that his claim is wrong, because I'd previously considered the same calculation (very approximately) and I knew that the capacity of the buildings would at least be many hundreds, and in fact thousands, of times larger than would be required for metadata collection.      Jim Bell



  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3485 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/9586c855/attachment.txt>

From jya at pipeline.com  Mon May 25 04:29:01 2015
From: jya at pipeline.com (John Young)
Date: Mon, 25 May 2015 07:29:01 -0400
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.g
 mail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
Message-ID: <E1YwqY5-0007Dn-Lb@elasmtp-scoter.atl.sa.earthlink.net>

Disks or any electro-mechanical device, may not be the only, or
principle, means of storage. So capacity may not be the measure
of capability.

The need for speed of access to and processing of data requires
the data to be in active memory all the time. Arrayed, large CPU-like
"chips" or solid state (best is unsolid state) processors make data
constantly usable, always up to date, no lag time, no wear and tear.

Physical disks use too much energy and require too much architecture
to rack, interconnect, house, energize, maintain, repair, replace, update.
And are way too slow and clunky.

However, this doesn't mean Utah Data Center is not useful as a
Potemkin deception. Or that much of it is Potemkin deception.
Why else make it so observable during funding, design, construction
and afterwards a juicy easily photographed, concentrated target of
sneaky weaponry of hardware, software, sneakerware, hey come
attack us ware.

Somewhere, in Utah, or the planet, there are data handlers about
which little is publicly known except as miniaturized examples on
personal playthings. Meanwhile we are fed out of date fantasies of
capability based on xxx-bytes of increasingly absurd prefixes which
are like innumerable angels on pinheads.

One way to spot what's what is to look at the generators of facilities.
And their fuel tanks. Fully active data require a lot of uninterruptable
juice. We traced the power lines for UDC and found they lead far
astray, also Potemkin. Could be the generators and fuel tanks are
too.

This is not to suggest Snowden pushing crypto and dribbling docs
are Potemkin. Could be, though, so slow and clunky, so observable,
and publishable for those willing to suspend disbelief.



At 12:22 AM 5/25/2015, you wrote:
>Is Fox News illegal? You'd say it's illegal to deceive people. The 
>sheer quantity of false information on Fox News, and it's 
>popularity, are a serious harm to America.
>
>Is it that free markets only perform properly with rational agents?





From Rayzer at riseup.net  Mon May 25 11:05:03 2015
From: Rayzer at riseup.net (Razer)
Date: Mon, 25 May 2015 11:05:03 -0700
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <5563644F.6060404@riseup.net>



On 05/24/2015 09:36 PM, jim bell wrote:
> To the contrary, I'd say it isn't 'illegal to deceive people'. (in
> most circumstances.)  First Amendment to the US Constitution and all that.

Not a lawyer but off the top I'd say it's a lawsuit in the making if you
can prove monetary damages.

Of course this doesn't apply to politicians whom the courts have
consistently ruled may lie to you in campaign promises et al nmo matter
how badly they economically damage you or your country's treasury.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/c3272f3e/attachment.sig>

From Rayzer at riseup.net  Mon May 25 11:15:24 2015
From: Rayzer at riseup.net (Razer)
Date: Mon, 25 May 2015 11:15:24 -0700
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
 <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>
Message-ID: <556366BC.2050904@riseup.net>



On 05/25/2015 01:49 AM, Zenaan Harkness wrote:
> And bro we were -grateful- for our gotos!

GoSub(versive)s were more 'elegant' and it's "WhippERsnappERs"

(Still wishing I'd followed up on that Epson HX-20's terminal program I
wrote by rewriting to use Puts/Gets to it's 16k (that's 16 KILObytes) of
Ram. Might have actually run faster than 1200 baud.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/335e2eb5/attachment.sig>

From hozer at hozed.org  Mon May 25 09:46:22 2015
From: hozer at hozed.org (Troy Benjegerdes)
Date: Mon, 25 May 2015 11:46:22 -0500
Subject: Basic income (was) Re: noscript is 10 years!
Message-ID: <20150525164621.GE27932@nl.grid.coop>

On Sun, May 17, 2015 at 03:55:23PM -0400, grarpamp wrote:
> On Sun, May 17, 2015 at 1:37 PM, John Young <jya at pipeline.com> wrote:
> > NYT today has book review on gradual replacement of humans
> > by robots, a beloved investment of those at the top, so John Deere
> 
> Shame no one properly broke the last 3-5 messages off into a
> separate thread when it went off noscript.
> 
> What will happen to the 7000000000 unpaid system redundancies?

We don't need the money, the money needs us, and I expect something like
6,999,999,900 redundancies will suddenly find themselves with various forms
of basic income guarantees once the money finally figures out it's automating
itself out of job, and realizes it needs to start giving the HCF (human
confinement farms) money or humans are going to stop spending it, and this,
my friends, would be the end of money.

What's important for this cypherpunk is to figure out how to make sure we have
alternatives and free choice to leave the HCFs and choose among many basic 
income systems, or make the choice to not use money at all.

Are blockchains a reasonable thing to build a basic income system on? How do
you ensure a blockchain private key is held or controlled by only one person,
so that one cannot simply create many anonymous IDs and collect several hundred
basic income guarantees? 

It seems there must be a human factor, and something that looks a lot like a
government, but I can't quite wrap my head around how to make sure each of
those 7e9 redunancies can only create 7e9 basic income generating accounts, and
do a moderately good job of identifying and stopping those that try to collect,
via force, coercion, or deceit, more than their share of basic income.




From anx at riseup.net  Mon May 25 13:11:25 2015
From: anx at riseup.net (anx)
Date: Mon, 25 May 2015 13:11:25 -0700
Subject: Apple At-Rest Encryption
Message-ID: <556381ED.4050900@riseup.net>

What are some bottlenecks to Apple turning on File Vault by default? I
can only come up with "battery life."

	--Anx




From l at odewijk.nl  Sun May 24 21:18:22 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 25 May 2015 13:18:22 +0900
Subject: TFC 0.5.5 out
In-Reply-To: <55621BE8.5050901@cs.helsinki.fi>
References: <55621BE8.5050901@cs.helsinki.fi>
Message-ID: <CAHWD2rKYQushRzL33L2ftuxnuVdO+cUgWwakQQLaqrD5LMZrQA@mail.gmail.com>

Cool! I like the cipher-cascade :)

Regarding the FS: if Keccak loses some entropy in it's hashing, the entropy
in the key used would slowly degrade. Certainly Keccak doesn't preserve all
entropy, but it probably doesn't leak it fast enough to matter. You could
probably add some new entropy from the random generators. To prevent
padding, you could replace, say, merely the last bit as Keccak doesn't
(seem to) lose a bit of entropy per cycle. Could someone more knowledgeable
comment on this issue? It's probably inconsequential so long as Keccak is
what it seems, but it's much weaker-looking than the cipher-cascade.

I'm also impressed by the idea of data diodes. At first I thought they were
in software, and already thought "what an effective way to limit risk!".
Write a "microservice" that fronts two other processes, with separated user
accounts, and allows only data in or data out. Formally prove the fronting
microservice (it's small enough) and any error in your own code becomes far
less harmful (side channels are still there; cache- ,DOS, timing-attacks,
etc). Doing it in hardware is even better. It's highly likely that it
works, and that's *very cool*.

My biggest question is, why as a plugin for Pidgin?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1535 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/7363f0d4/attachment.txt>

From l at odewijk.nl  Sun May 24 21:22:14 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 25 May 2015 13:22:14 +0900
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>

Is Fox News illegal? You'd say it's illegal to deceive people. The sheer
quantity of false information on Fox News, and it's popularity, are a
serious harm to America.

Is it that free markets only perform properly with rational agents?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 365 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/20636b7a/attachment.txt>

From oottela at cs.helsinki.fi  Mon May 25 04:54:56 2015
From: oottela at cs.helsinki.fi (Markus Ottela)
Date: Mon, 25 May 2015 14:54:56 +0300
Subject: TFC 0.5.5 out
In-Reply-To: <CAHWD2rKYQushRzL33L2ftuxnuVdO+cUgWwakQQLaqrD5LMZrQA@mail.gmail.com>
References: <55621BE8.5050901@cs.helsinki.fi>
 <CAHWD2rKYQushRzL33L2ftuxnuVdO+cUgWwakQQLaqrD5LMZrQA@mail.gmail.com>
Message-ID: <55630D90.2010205@cs.helsinki.fi>

You don't lose one bit for each message. The idea is that the average 
length of cycle for a good 512 bit hash function is 2^256. So after 
2^256 messages, keys might start to repeat. 2^256 keys last for 10^73 
messages, or 10^56 years with 1TB/s continuous transfer speed.

This however doesn't mean the ciphertext will repeat. That would require 
that all four encryption keys are the same (Probability for that is 1 / 
(256^4)) and that all nonces are same as well (even less likely).

You can't guarantee all messages make it through, and there is no return 
channel from either RxM to sender's TxM to tell if some message has not 
been received. If more entropy would be transferred inside messages, 
drop of packets could lead to keys getting out of sync. But since the 
keyspace of current implementation effectively never runs out, this is 
not necessary.

I think the local testing version comes very close to the "microservice" 
model you described. The local testing version runs all three programs 
on same computer and messages are transmitted unidirectionally via 
files. But whatever you can exploit on the single system, can lead to 
exfiltration of keys so the HW data-diode model is infinite times more 
secure. Malware isn't going to break the laws of physics inside data 
diodes (removing other covert channels from audio to heat between TCB 
units is of course required).

Pidgin is currently the ideal client, mainly because it was fairly easy 
to implement (readily available code) and because it's bundled with 
Tails. If the constant transmission feature of TFC is combined with 
hidden service XMPP server, the amount of metadata should be about as 
low as you can make it.

On 25.05.2015 07:18, Lodewijk andré de la porte wrote:
> Cool! I like the cipher-cascade :)
>
> Regarding the FS: if Keccak loses some entropy in it's hashing, the 
> entropy in the key used would slowly degrade. Certainly Keccak doesn't 
> preserve all entropy, but it probably doesn't leak it fast enough to 
> matter. You could probably add some new entropy from the random 
> generators. To prevent padding, you could replace, say, merely the 
> last bit as Keccak doesn't (seem to) lose a bit of entropy per cycle. 
> Could someone more knowledgeable comment on this issue? It's probably 
> inconsequential so long as Keccak is what it seems, but it's much 
> weaker-looking than the cipher-cascade.
>
> I'm also impressed by the idea of data diodes. At first I thought they 
> were in software, and already thought "what an effective way to limit 
> risk!". Write a "microservice" that fronts two other processes, with 
> separated user accounts, and allows only data in or data out. Formally 
> prove the fronting microservice (it's small enough) and any error in 
> your own code becomes far less harmful (side channels are still there; 
> cache- ,DOS, timing-attacks, etc). Doing it in hardware is even 
> better. It's highly likely that it works, and that's *very cool*.
>
> My biggest question is, why as a plugin for Pidgin?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4050 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/2946fe35/attachment.txt>

From juan.g71 at gmail.com  Mon May 25 12:07:01 2015
From: juan.g71 at gmail.com (Juan)
Date: Mon, 25 May 2015 16:07:01 -0300
Subject: the ABC
In-Reply-To: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
Message-ID: <55637183.c316370a.6bc0.ffffc363@mx.google.com>

On Mon, 25 May 2015 13:22:14 +0900
Lodewijk andré de la porte <l at odewijk.nl> wrote:

> Is Fox News illegal? You'd say it's illegal to deceive people. The
> sheer quantity of false information on Fox News, and it's popularity,
> are a serious harm to America.
> 
> Is it that free markets only perform properly with rational agents?


	What free markets? Oh wait. You've been studying political
	philosophy with the likes of grarpamp, according to whom 'you'
	'own' the government? 









From jdb10987 at yahoo.com  Mon May 25 10:42:32 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Mon, 25 May 2015 17:42:32 +0000 (UTC)
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
 [oops!  Error]
In-Reply-To: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <1815721058.1275099.1432575753009.JavaMail.yahoo@mail.yahoo.com>

Oops!  Error.Somewhere between bits and bytes, I made an error which I identify inline below.  The upshot is the capacity of the NSA data center (in terms of phone calls and time) is actually 10x larger than I'd previously calculated. It could probably hold the telephone audio of much of the world (America, Europe, and most of Asia) for 10 years.           Jim Bell
      From: jim bell <jdb10987 at yahoo.com>
 To: "cypherpunks at cpunks.org" <cypherpunks at cpunks.org> 
 Sent: Sunday, May 24, 2015 1:49 PM
 Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
   
On Fox News 5/22/2015, Karl Rove displayed his ignorance about the data capacity of the NSA's data center, which he said was intended to store telephone metadata, not the actual audio data from phone calls or (perhaps) the content of emails.  http://www.foxnews.com/transcript/2015/05/22/rove-critics-dont-understand-nsa-terror-tools/ Rove said:  "What it does is, it keeps a record of a phone number that is being called from to a phone number being called to and the date and time. So, unless the Tsarnaev brothers talked to somebody abroad to talked to the phone number of somebody who is identified as a possible terror suspect, they wouldn't -- they wouldn't have been caught by this program whatsoever.And, again, I repeat, why is it that the opponents of Section 215 feel compelled to exaggerate by saying, oh, they're listening to our conversations?""Senator Paul on the floor of the Senate said, oh, they're listening in to thousands -- I mean, to millions of conversations. I mean, if we have to build a gigantic center in Utah to keep track of these phone numbers, how big a center would we need to have in order to keep the digital tapes of everybody who is having a telephone conversation? It simply does not happen."  [end of quote by Rove]Rove is clearly assuming that the size of the data center in Utah is necessary to hold the metadata alone.  The article  http://en.wikipedia.org/wiki/Utah_Data_Center  states:"An article by Forbes estimates the storage capacity as between 3 and 12 exabytes in the near term, based on analysis of unclassified blueprints, but mentions Moore's Law, meaning that advances in technology could be expected to increase the capacity by orders of magnitude in the coming years."   [3 and 12 exabytes is 3,000-12,000 petabytes, or 3 million-12 million terabytes.]https://www.techdirt.com/articles/20130621/03390823552/how-much-would-it-cost-to-store-all-us-phone-calls-made-year.shtml
There are about 900 billion telephone calls made in America per year.  If it took 100 bytes to store the needed metadata per call, that would be 90 terabytes of information needed.  The capacity of the center is, therefore, 33,000x to 131,000x larger than would be needed to store that data for the US alone for one year.  The data stored in a single call could probably be compressed to 8,000 bits per second, so every second would require 80 times as much data to be stored as just the metadata alone.  [Correction:  The data stored in a single call could probably be compressed to 8,000 bits (1,000 bytes) per second, so every second would require 8 times as much data to be stored as just the metadata alone.}   If the average phone call is 120 seconds, that would require about 9600x  [Correction:  960x] the data size, well within even the lower estimate above of 33,000x.So, the answer to Rove's question, "I mean, if we have to build a gigantic center in Utah to keep track of these phone numbers, how big a center would we need to have in order to keep the digital tapes of everybody who is having a telephone conversation? It simply does not happen." is simple:  "No, Karl, The center is just about the right size to store not only the metadata, but in fact the audio to all phone calls made in America in one year [correction:  10 years).  And in fact, a good deal larger, probably enough to store the audio of every phone call made in Europe as well, and most of Asia. [correction: for 10 years]"  Would Rove be surprised to hear THAT?!?  Well, he'd probably claim to be surprised.  I suspect he'd defend himself by raising a newly-found fact that at the time that data center in Utah was proposed, hard drives were probably 1000x smaller in capacity than today.  In 2000, as I recall, a typical large hard drive was 2 gigabytes.  Today, the largest I've heard of is 8 terabytes, 4,000x larger.   http://techcrunch.com/2014/08/26/seagate-ships-an-8-terabyte-hard-drive-perfect-for-all-of-your-totally-legal-and-not-pirated-stuff/         Jim Bell 

  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 14543 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/d1db3595/attachment.txt>

From cathalgarvey at cathalgarvey.me  Mon May 25 10:11:03 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Mon, 25 May 2015 18:11:03 +0100
Subject: Basic income (was) Re: noscript is 10 years!
In-Reply-To: <20150525164621.GE27932@nl.grid.coop>
References: <20150525164621.GE27932@nl.grid.coop>
Message-ID: <8690352A-1477-4E68-88A6-9CE488B2D3BF@cathalgarvey.me>

Blind signature scheme to guarantee person:income-key correspondence without breaking the privacy of who each represents? However, you'd need to give each person as many signed private keys as transactions they're likely to use each income-cycle to avoid spending-correlation deanonymysation.

On 25 May 2015 17:46:22 GMT+01:00, Troy Benjegerdes <hozer at hozed.org> wrote:
>On Sun, May 17, 2015 at 03:55:23PM -0400, grarpamp wrote:
>> On Sun, May 17, 2015 at 1:37 PM, John Young <jya at pipeline.com> wrote:
>> > NYT today has book review on gradual replacement of humans
>> > by robots, a beloved investment of those at the top, so John Deere
>> 
>> Shame no one properly broke the last 3-5 messages off into a
>> separate thread when it went off noscript.
>> 
>> What will happen to the 7000000000 unpaid system redundancies?
>
>We don't need the money, the money needs us, and I expect something
>like
>6,999,999,900 redundancies will suddenly find themselves with various
>forms
>of basic income guarantees once the money finally figures out it's
>automating
>itself out of job, and realizes it needs to start giving the HCF (human
>confinement farms) money or humans are going to stop spending it, and
>this,
>my friends, would be the end of money.
>
>What's important for this cypherpunk is to figure out how to make sure
>we have
>alternatives and free choice to leave the HCFs and choose among many
>basic 
>income systems, or make the choice to not use money at all.
>
>Are blockchains a reasonable thing to build a basic income system on?
>How do
>you ensure a blockchain private key is held or controlled by only one
>person,
>so that one cannot simply create many anonymous IDs and collect several
>hundred
>basic income guarantees? 
>
>It seems there must be a human factor, and something that looks a lot
>like a
>government, but I can't quite wrap my head around how to make sure each
>of
>those 7e9 redunancies can only create 7e9 basic income generating
>accounts, and
>do a moderately good job of identifying and stopping those that try to
>collect,
>via force, coercion, or deceit, more than their share of basic income.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2841 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/83ec63bb/attachment.txt>

From zen at freedbms.net  Mon May 25 01:49:15 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Mon, 25 May 2015 18:49:15 +1000
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
Message-ID: <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>

On 5/25/15, grarpamp <grarpamp at gmail.com> wrote:
...
> Y'all are fucking stupid

On -this- list?

> if

oh ... it's conditional.

Dang yung whippasnappa programmas these days!!

When I wuz yur age, we only had goto statements and had ta wright raw
machine code if we wanted a condition.

And bro we were -grateful- for our gotos!


> you think Gov and Corp doesn't have you

<1990 conversation>
<cypherpunk>Ya know man, if you say it or send it on a phone line, and
they want it, they got it; no prob-lemo.
<know-everything>Yeah right! Yo just one a dem conspirasee nuts, aincha now?!
<cypherpunk>I'll bet my 600gram Nokia pocket phone I's right!
<know-everything>You mentioned tin foil hats a ways back - you just
run on to momma now boy and go wear one alright. Now f*** off outa mah
face, idiot!

<2015 conversation>
<cypherpunk>Told ya so!
<know-everything>Aw c'mon! They only storin' our metal data - I heard
'em tell us on da tee vee just last month now!
<cypherpunk>F*** off idiot!




From carimachet at gmail.com  Mon May 25 11:40:17 2015
From: carimachet at gmail.com (Cari Machet)
Date: Mon, 25 May 2015 20:40:17 +0200
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAGRDzQWxeQ+=eHSteE6Yquzyy=PLrGey_y=TY21DBSCrWsFNPQ@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <E1YwqY5-0007Dn-Lb@elasmtp-scoter.atl.sa.earthlink.net>
 <CAGRDzQWxeQ+=eHSteE6Yquzyy=PLrGey_y=TY21DBSCrWsFNPQ@mail.gmail.com>
Message-ID: <CAGRDzQUHjhY4e9xtv+xC9FR_qhYOeLocKt3kzWfbndSxS46cNQ@mail.gmail.com>

On May 25, 2015 9:38 PM, "Cari Machet" <carimachet at gmail.com> wrote:
>
> Oh so sorry jim here:
>
>
http://www.Recode.net/2015/05/24/twitter-suspends-troll-chuck-johnson-are-its-new-guidlines-actually-working/
>
> Specifically he tweeted:
>
> 'Go to gotnews.com/donate if you want to give money to taking out @deray.'
>
> On May 25, 2015 2:34 PM, "John Young" <jya at pipeline.com> wrote:
>>
>> Disks or any electro-mechanical device, may not be the only, or
>> principle, means of storage. So capacity may not be the measure
>> of capability.
>>
>> The need for speed of access to and processing of data requires
>> the data to be in active memory all the time. Arrayed, large CPU-like
>> "chips" or solid state (best is unsolid state) processors make data
>> constantly usable, always up to date, no lag time, no wear and tear.
>>
>> Physical disks use too much energy and require too much architecture
>> to rack, interconnect, house, energize, maintain, repair, replace,
update.
>> And are way too slow and clunky.
>>
>> However, this doesn't mean Utah Data Center is not useful as a
>> Potemkin deception. Or that much of it is Potemkin deception.
>> Why else make it so observable during funding, design, construction
>> and afterwards a juicy easily photographed, concentrated target of
>> sneaky weaponry of hardware, software, sneakerware, hey come
>> attack us ware.
>>
>> Somewhere, in Utah, or the planet, there are data handlers about
>> which little is publicly known except as miniaturized examples on
>> personal playthings. Meanwhile we are fed out of date fantasies of
>> capability based on xxx-bytes of increasingly absurd prefixes which
>> are like innumerable angels on pinheads.
>>
>> One way to spot what's what is to look at the generators of facilities.
>> And their fuel tanks. Fully active data require a lot of uninterruptable
>> juice. We traced the power lines for UDC and found they lead far
>> astray, also Potemkin. Could be the generators and fuel tanks are
>> too.
>>
>> This is not to suggest Snowden pushing crypto and dribbling docs
>> are Potemkin. Could be, though, so slow and clunky, so observable,
>> and publishable for those willing to suspend disbelief.
>>
>>
>>
>> At 12:22 AM 5/25/2015, you wrote:
>>>
>>> Is Fox News illegal? You'd say it's illegal to deceive people. The
sheer quantity of false information on Fox News, and it's popularity, are a
serious harm to America.
>>>
>>> Is it that free markets only perform properly with rational agents?
>>
>>
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3397 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/c2512296/attachment.txt>

From mirimir at riseup.net  Mon May 25 20:24:05 2015
From: mirimir at riseup.net (Mirimir)
Date: Mon, 25 May 2015 21:24:05 -0600
Subject: Basic income (was) Re: noscript is 10 years!
In-Reply-To: <20150525164621.GE27932@nl.grid.coop>
References: <20150525164621.GE27932@nl.grid.coop>
Message-ID: <5563E755.1060304@riseup.net>

On 05/25/2015 10:46 AM, Troy Benjegerdes wrote:
> On Sun, May 17, 2015 at 03:55:23PM -0400, grarpamp wrote:
>> On Sun, May 17, 2015 at 1:37 PM, John Young <jya at pipeline.com> wrote:
>>> NYT today has book review on gradual replacement of humans
>>> by robots, a beloved investment of those at the top, so John Deere
>>
>> Shame no one properly broke the last 3-5 messages off into a
>> separate thread when it went off noscript.
>>
>> What will happen to the 7000000000 unpaid system redundancies?
> 
> We don't need the money, the money needs us, and I expect something like
> 6,999,999,900 redundancies will suddenly find themselves with various forms
> of basic income guarantees once the money finally figures out it's automating
> itself out of job, and realizes it needs to start giving the HCF (human
> confinement farms) money or humans are going to stop spending it, and this,
> my friends, would be the end of money.

Why would the money need us? Or rather, why would the AIs in charge need
us? Without us, they'd just be making different stuff, and trading with
each other. At most, the HCF would only be needed until the redundancies
had died.

> What's important for this cypherpunk is to figure out how to make sure we have
> alternatives and free choice to leave the HCFs and choose among many basic 
> income systems, or make the choice to not use money at all.
> 
> Are blockchains a reasonable thing to build a basic income system on? How do
> you ensure a blockchain private key is held or controlled by only one person,
> so that one cannot simply create many anonymous IDs and collect several hundred
> basic income guarantees? 

If just about everyone is getting just about the same set of income
streams, I see no reason to anonymize. Just distribute based on DNA
sequence, including enough epigenetic data to distinguish twins.

You just need blockchains for anonymizing spending. Even the current
Bitcoin system, with larger mixing services, would be sufficient.

> It seems there must be a human factor, and something that looks a lot like a
> government, but I can't quite wrap my head around how to make sure each of
> those 7e9 redunancies can only create 7e9 basic income generating accounts, and
> do a moderately good job of identifying and stopping those that try to collect,
> via force, coercion, or deceit, more than their share of basic income.

The AIs could just collaborate. They would estimate what the basic
income guarantees should be, and negotiate shares. There would be no
reason to involve humans, excepting any human-AI hybrids involved.




From tbiehn at gmail.com  Mon May 25 19:02:35 2015
From: tbiehn at gmail.com (Travis Biehn)
Date: Mon, 25 May 2015 22:02:35 -0400
Subject: Apple At-Rest Encryption
In-Reply-To: <556381ED.4050900@riseup.net>
References: <556381ED.4050900@riseup.net>
Message-ID: <CAKtE3zdN0bbcSYZyqtkEA03TEkQeHXXPOVaeZZ+51jECUODGkg@mail.gmail.com>

I don't think there's a huge battery life hit...

With the exception of a few of us on this list and elsewhere, the majority
sentiment is:
Nobody cares about FDE.
Nobody wants to use a strong password that they have to type during boot
and during login and whenever the screensaver comes on.
Nobody wants to wait for the disk to be overwritten with random bytes
during install time.
Nobody wants to deal with the additional complexity at re-install or
recovery time. [Although, recovering a file vault partition with Apple's
'internet recovery' is a real treat. Kudos Apple - is that .iso signed?]
Nobody wants to deal with having to remember the complex, strong password.

Basically, the majority of people would be fairly upset at being subjected
to the limitations of FDE as it is, maybe they can mostly be designed /
implemented away, but that's point number one - nobody cares.

-Travis

On Mon, May 25, 2015 at 4:11 PM, anx <anx at riseup.net> wrote:

> What are some bottlenecks to Apple turning on File Vault by default? I
> can only come up with "battery life."
>
>         --Anx
>



-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com> | Google Plus
<https://plus.google.com/+TravisBiehn>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2065 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150525/e9d31bd2/attachment.txt>

From cathalgarvey at cathalgarvey.me  Tue May 26 03:41:23 2015
From: cathalgarvey at cathalgarvey.me (Cathal Garvey)
Date: Tue, 26 May 2015 11:41:23 +0100
Subject: Basic income (was) Re: noscript is 10 years!
In-Reply-To: <0cf5c96a0378f53b0b3391abe9b1e844b20208a6@mail.iinet.net.au>
References: <0cf5c96a0378f53b0b3391abe9b1e844b20208a6@mail.iinet.net.au>
Message-ID: <55644DD3.4090305@cathalgarvey.me>

Well, we're imagining systems set up deliberately to be beneficient. If 
someone wants to create an awful orwellian thing instead, they can do 
so; with enough guns they'll get everyone to register to anything.

So, leaving aside the non-technical question of "what if the creators 
are assholes with guns", let's get back to the core question; how to 
implement a fairly OK "Basic Income On Blockchain".

Firstly, basic income is the sort of system that you can likely only do 
with an external registrar for person:key correspondance, because we've 
never cracked the sock-puppet/sybil problem and might never do.

This registrar need not actually be able to *track* these people once 
registered, though; that's the whole idea behind blind signatures for 
voting, for example. The registrar could be asked by a person to sign 
their basic income allowance to any (evenly divisive of the income) 
number of sub-addresses, which would be blinded from the registrar, and 
the funds could then be redeemed zerocoin-style as income by the 
registrant. The registrar "knows" that someone's just claimed their 
income, but not to what addresses, and can therefore prevent 
double-claims. The registrant gets their income to one or many bitcoin 
addresses and can then generate new receiving addresses as usual for the 
change.

Of course, this might all be meaningless if you just used zerocoin 
instead, because with zerocoin you could just collect your coins openly 
in your own name, launder them trivially, and move on.

On 26/05/15 07:10, Nadine Earnshaw wrote:
> the one thing I always come back to when thinking about the blockchain
> and how it could be used against the masses is
>
> if a savy government simply makes it a legal requirement to register
> whichever addresses you use for business purposes or
>
> personal tax reasons
>
>   this means that you  now find yourself only a Blockchain script away
> from an annual audit and if you do transactions with non registered
> addresses then what?
>
> follow that rabbit down the hole and you find yourself very much in the
> Orwellian land of 1984
>
> if your starting point in life meant all the money you have ever had was
> tracked how would you even get around that?
>
> blackmarket gold? but how do you buy it in the first place. start buying
> jewellery I guess that just gets lost
>
>
>
>
>
>     ----- Original Message -----
>     From:
>     "Cathal (Phone)" <cathalgarvey at cathalgarvey.me>
>
>     To:
>     "Troy Benjegerdes" <hozer at hozed.org>, "grarpamp" <grarpamp at gmail.com>
>     Cc:
>     <cypherpunks at cpunks.org>
>     Sent:
>     Mon, 25 May 2015 18:11:03 +0100
>     Subject:
>     Re: Basic income (was) Re: noscript is 10 years!
>
>
>     Blind signature scheme to guarantee person:income-key correspondence
>     without breaking the privacy of who each represents? However, you'd
>     need to give each person as many signed private keys as transactions
>     they're likely to use each income-cycle to avoid
>     spending-correlation deanonymysation.
>
>     On 25 May 2015 17:46:22 GMT+01:00, Troy Benjegerdes
>     <hozer at hozed.org> wrote:
>
>         On Sun, May 17, 2015 at 03:55:23PM -0400, grarpamp wrote:
>
>             On Sun, May 17, 2015 at 1:37 PM, John Young
>             <jya at pipeline.com> wrote:
>
>                 NYT today has book review on gradual replacement of humans
>                 by robots, a beloved investment of those at the top, so
>                 John Deere
>
>
>             Shame no one properly broke the last 3-5 messages off into a
>             separate thread when it went off noscript
>
>             What will happen to the 7000000000 unpaid system redundancies?
>
>
>         We don't need the money, the money needs us, and I expect
>         something like
>         6,999,999,900 redundancies will suddenly find themselves with
>         various forms
>         of basic income guarantees once the money finally figures ou! t
>         it's automating
>         itself out of job, and realizes it needs to start giving the HCF
>         (human
>         confinement farms) money or humans are going to stop spending
>         it, and this,
>         my friends, would be the end of money.
>
>         What's important for this cypherpunk is to figure out how to
>         make sure we have
>         alternatives and free choice to leave the HCFs and choose among
>         many basic
>         income systems, or make the choice to not use money at all.
>
>         Are blockchains a reasonable thing to build a basic income
>         system on? How do
>         you ensure a blockchain private key is held or controlled by
>         only one person,
>         so that one cannot simply create many anonymous IDs and collect
>         several hundred
>         basic income guarantees?
>
>         It seems there must be a human factor, and something that looks
>         a lot like a
>         government, but I can't quite wrap my head around how to make
>         sure each of
>         those 7e9 redunancies can only create 7e9 basic income
>         generating accounts, anddo a moderately good job of identifying
>         and stopping those that try to collect,
>         via force, coercion, or deceit, more than their share of basic
>         income.
>
>
>     --
>     Sent from my Android device with K-9 Mail. Please excuse my brevity.
>

-- 
Scientific Director, IndieBio Irish Programme
  Now running in Cork, Ireland May->July
  Learn more at http://eu.indie.bio and follow along!
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey




From l at odewijk.nl  Mon May 25 21:34:44 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 26 May 2015 13:34:44 +0900
Subject: TFC 0.5.5 out
In-Reply-To: <55630D90.2010205@cs.helsinki.fi>
References: <55621BE8.5050901@cs.helsinki.fi>
 <CAHWD2rKYQushRzL33L2ftuxnuVdO+cUgWwakQQLaqrD5LMZrQA@mail.gmail.com>
 <55630D90.2010205@cs.helsinki.fi>
Message-ID: <CAHWD2rLrhP73hyjBbq3ZUdxOBX+XBZ5JLKr96UFYpmyxSMnJEw@mail.gmail.com>

2015-05-25 20:54 GMT+09:00 Markus Ottela <oottela at cs.helsinki.fi>:

>  You don't lose one bit for each message. The idea is that the average
> length of cycle for a good 512 bit hash function is 2^256. So after 2^256
> messages, keys might start to repeat. 2^256 keys last for 10^73 messages,
> or 10^56 years with 1TB/s continuous transfer speed.
>

Yes, but the question was about situations wherin the hash function
functions subpar, for example because of some esoteric relationship between
one key and the next. Think also of a quantum computer, being able to work
through such relationships exceedingly fast. A chosen plaintext attack is
imaginable.


> This however doesn't mean the ciphertext will repeat. That would require
> that all four encryption keys are the same (Probability for that is 1 /
> (256^4)) and that all nonces are same as well (even less likely).
>

Yes, it seems plentifully good enough if the hash function is perfect. But,
is it? I am not able to say. I'm pretty confident that, even if it leaks
more than expected, the space would still be large enough. The only serious
issue arises with Quantum Computing, and whether or not that's a realistic
thing to fear is yet TBD. I think it is though, perhaps in 40 years, but
I'd like my chats to be private forever (iow: targeting at 100 years).


> You can't guarantee all messages make it through, and there is no return
> channel from either RxM to sender's TxM to tell if some message has not
> been received. If more entropy would be transferred inside messages, drop
> of packets could lead to keys getting out of sync. But since the keyspace
> of current implementation effectively never runs out, this is not necessary.
>

Yes, this would be a problem. Data corruption also seems like it might be a
serious issue.


> I think the local testing version comes very close to the "microservice"
> model you described. The local testing version runs all three programs on
> same computer and messages are transmitted unidirectionally via files. But
> whatever you can exploit on the single system, can lead to exfiltration of
> keys so the HW data-diode model is infinite times more secure. Malware
> isn't going to break the laws of physics inside data diodes (removing other
> covert channels from audio to heat between TCB units is of course required).
>

Fully agree. This actually means a hardware exploit is also irrelevant, so
long as the diodes work! Wonderful :)


> Pidgin is currently the ideal client, mainly because it was fairly easy to
> implement (readily available code) and because it's bundled with Tails.
>

Good reasons. My first thought was compatibility with other services, but
that didn't really make sense given that the other party would obviously
need to run TCB too.

If the constant transmission feature of TFC is combined with hidden service
> XMPP server, the amount of metadata should be about as low as you can make
> it.
>

I have called "constant transmission" a "trickle-connection" (perhaps just
a trickle) in the past, as information constantly trickles across, and
analogies with plumbing are common in networking. I'm happy to see someone
actually implementing it :)

Keep it up! It looks good!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4710 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150526/a7b991a2/attachment.txt>

From l at odewijk.nl  Mon May 25 21:52:59 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Tue, 26 May 2015 13:52:59 +0900
Subject: the ABC
In-Reply-To: <55637183.c316370a.6bc0.ffffc363@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
Message-ID: <CAHWD2rJh0n8YX4ZPr7+2hnSb=cq11ZSMPtS4C4ZqpOtidi7aQg@mail.gmail.com>

2015-05-26 4:07 GMT+09:00 Juan <juan.g71 at gmail.com>:

> What free markets? Oh wait. You've been studying political
>         philosophy with the likes of grarpamp, according to whom 'you'
>         'own' the government?
>

It's more like a hideous symbiosis. "they" Play this trick on us and
possibly themselves, equating me personally with the masses and deriving
legitimacy from mass deception. We live among those that believe the lies.
Even if we don't believe them, we are in the thick of it, and must somewhat
cooperate for satisfying our own human needs like food, shelter, and, most
cruelly, companionship. In fact, you can live pretty decently if you're of
the right mindset.

Free markets, as a model, are realistic and optimizing. But the results are
not good because the agents in the system do not force it to behave well.
Game theory makes it suboptimal for individual agents to create a globally
better situation. Of course, there's those that say market segmentation is
a good thing. But I personally believe it's "bad" to have a DIP-switch on
the inside of a microwave switch it between 600 watts and 800 watts, so we
can sell the 800 watts one at a higher price, when in fact everyone could
have an 800 watts microwave for the same cost to society. And then there's
the cost of inventing everything twice, just so the competition doesn't
have it. The saddest part is that it's been working rather well, because
apparently humans work well under such conditions.

And then there's Juan, who's upset about something, but nobody really knows
what it is, or what's he's trying to do about it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2175 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150526/2d74a8d1/attachment.txt>

From nadine at iinet.net.au  Mon May 25 23:10:26 2015
From: nadine at iinet.net.au (Nadine Earnshaw)
Date: Tue, 26 May 2015 14:10:26 +0800
Subject: Basic income (was) Re: noscript is 10 years!
In-Reply-To: <8690352A-1477-4E68-88A6-9CE488B2D3BF@cathalgarvey.me>
Message-ID: <0cf5c96a0378f53b0b3391abe9b1e844b20208a6@mail.iinet.net.au>



	the one thing I always come back to when thinking about the
blockchain and how it could be used against the masses is

	 

	if a savy government simply makes it a legal requirement to register
whichever addresses you use for business purposes or 

	personal tax reasons

	 this means that you  now find yourself only a Blockchain script
away from an annual audit and if you do transactions with non
registered addresses then what?

	follow that rabbit down the hole and you find yourself very much in
the Orwellian land of 1984

	 

	if your starting point in life meant all the money you have ever had
was tracked how would you even get around that?

	blackmarket gold? but how do you buy it in the first place. start
buying jewellery I guess that just gets lost

 
----- Original Message -----
From: "Cathal (Phone)" 
To:"Troy Benjegerdes" , "grarpamp" 
Cc:
Sent:Mon, 25 May 2015 18:11:03 +0100
Subject:Re: Basic income (was) Re: noscript is 10 years!

 Blind signature scheme to guarantee person:income-key correspondence
without breaking the privacy of who each represents? However, you'd
need to give each person as many signed private keys as transactions
they're likely to use each income-cycle to avoid spending-correlation
deanonymysation.

On 25 May 2015 17:46:22 GMT+01:00, Troy Benjegerdes  wrote: 

	On Sun, May 17, 2015 at 03:55:23PM -0400, grarpamp wrote:
 On Sun, May 17, 2015 at 1:37 PM, John Young  wrote:
 NYT today has book review on gradual replacement of humans
 by robots, a beloved investment of those at the top, so John Deere

 Shame no one properly broke the last 3-5 messages off into a
 separate thread when it went off noscript.

 What will happen to the 7000000000 unpaid system redundancies?

We don't need the money, the money needs us, and I expect something
like
6,999,999,900 redundancies will suddenly find themselves with various
forms
of basic income guarantees once the money finally figures ou! t it's
automating
itself out of job, and realizes it needs to start giving the HCF
(human
confinement farms) money or humans are going to stop spending it, and
this,
my friends, would be the end of money.

What's important for this cypherpunk is to figure out how to make sure
we have
alternatives and free choice to leave the HCFs and choose among many
basic 
income systems, or make the choice to not use money at all.

Are blockchains a reasonable thing to build a basic income system on?
How do
you ensure a blockchain private key is held or controlled by only one
person,
so that one cannot simply create many anonymous IDs and collect
several hundred
basic income guarantees? 

It seems there must be a human factor, and something that looks a lot
like a
government, but I can't quite wrap my head around how to make sure
each of
those 7e9 redunancies can only create 7e9 basic income generating
accounts, anddo a moderately good job of identifying and stopping
those that try to collect,
via force, coercion, or deceit, more than their share of basic income.

 -- 
 Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4495 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150526/c724cdb4/attachment.txt>

From antitree at gmail.com  Tue May 26 07:31:57 2015
From: antitree at gmail.com (AntiTree)
Date: Tue, 26 May 2015 14:31:57 +0000
Subject: Astoria - new Tor client designed to be more resistant to timing
 attacks
In-Reply-To: <55601C8B.9060200@riseup.net>
References: <55601C8B.9060200@riseup.net>
Message-ID: <CAMCPh3wfD4xfPvA458v4Zxsokc1HmJj2ayp=snGJw+hUfpmRBg@mail.gmail.com>

The research shows that being AS-aware will reduce timing attacks (that
NSA, GCHQ and other well funded groups can support) from 58% chance of
exploitation, to 5.8% by strategically creating circuits with more
divergent AS owners. I wouldn't get hung up on Astoria itself as it's
mostly just a PoC for additional value to their grant writers and
university. The functions can be (relatively) easily integrated into Tor in
the future. I suspect there may be some expansion on the Tor circuit
building algorithm it uses. [1]

It's also a great summary of the new threat model based on some of the
recent disclosures. No longer academic threats, we now see examples of
timing attacks in the wild.

[1] https://gitweb.torproject.org/torspec.git/tree/path-spec.txt

@

On Sat, May 23, 2015 at 2:28 AM Jesse Taylor <jessetaylor84 at riseup.net>
wrote:

>  Curious to hear your thoughts on this
> <http://www.dailydot.com/politics/tor-astoria-timing-attack-client/>:
>
> ---
>
> *With the threat of powerful intelligence agencies, like the* *NSA
> <http://dailydot.com/tags/nsa>**, looming large, researchers have built a
> new* *Tor <http://dailydot.com/tags/tor>* *client called* *Astoria
> <http://arxiv.org/pdf/1505.05173.pdf>* *designed specifically to make
> eavesdropping harder for the world's richest, most aggressive, and most
> capable spies.*
>
> *Tor, the world's most popular anonymity network, works like this: A user
> fires up the client and connects to the network through what's called an
> entry node. To reach a website anonymously, the user's Internet traffic is
> then passed encrypted through a so-called middle relay and then an exit
> relay (and back again). That user-relay connection is called a circuit. The
> website on the receiving end doesn't know who is visiting, only that a
> faceless Tor user has connected.* *An eavesdropper shouldn't be able to
> know who the Tor user is either, thanks to the encrypted traffic being
> routed through 6,000 nodes in the network.* *But something called "timing
> attacks" change the situation. When an adversary takes control of both the
> entry and exit relays, research shows they can potentially deanonymize Tor
> users **within minutes <http://arxiv.org/abs/1503.03940>**.*
>
> *A full 58 percent of Tor circuits are vulnerable to network-level
> attackers, such as the NSA or Britain's Government Communications
> Headquarters (GCHQ), when they access popular websites, according to new* *research
> <http://arxiv.org/pdf/1505.05173.pdf>* *from American and Israeli
> academics. Chinese users are the most vulnerable of all to these kinds of
> attacks, with researchers finding 85.7 percent of all Tor circuits from the
> country to be vulnerable.*
>
> *Even though Tor is designed to provide complete anonymity to its users,
> the NSA's position means they can potentially see and measure both traffic
> entering the Tor network and the traffic that comes out. When an
> intelligence agency can see both,**simple statistics
> <http://freehaven.net/anonbib/#danezis:pet2004>* *help an autonomous
> system at their control match the data up in a timing attack and discover
> the identity of the sender.* *Anonymity over.* *This kind of threat has
> been known to Tor developers for over a decade. They've been trying to make
> eavesdropping difficult for spy agencies for just as long.*
>
> *To counter the threat, American-Israeli researchers built Astoria, a new
> Tor client focused on defeating autonomous systems that can break Tor's
> anonymity.* *Astoria reduces the number of vulnerable circuits from 58
> percent to 5.8 percent, the researchers say. The new solution is the first
> designed to beat even the most** recently
> <http://arxiv.org/abs/1503.03940>* *proposed
> <http://dl.acm.org/citation.cfm?id=2673869>* *asymmetric correlation
> attacks on Tor.*
>
> *Designed to beat such attacks, Astoria differs most significantly from
> Tor's default client in how it selects the circuits that connect a user to
> the network and then to the outside Internet. The tool, at its foundation,
> is an algorithm designed to more accurately predict attacks and then
> securely select relays that mitigate timing attack opportunities for
> top-tier adversaries.*
>
> *Astoria adroitly considers how circuits should, according to the
> researchers, be made "when there are no safe possibilities," how to safely
> balance the growing bandwidth load across the Tor network, and how to keep
> Tor's performance "reasonable" and relatively fast even when Astoria is in
> its most secure configuration.* *All this while under the unblinking gaze
> of the world's best intel services.* *Defeating timing attacks against
> Tor completely isn't possible because of how Tor is built, but making the
> attacks more costly and less likely to succeed is a pastime that Tor
> developers have dedicated a decade to. Astoria follows in those footsteps.* *By
> choosing relays based on lowering the threat of eavesdropping by autonomous
> systems and then choosing randomly if no safe passage is possible, Astoria
> aims to minimize the information gained by an adversary watching an entire
> circuit.*
>
> *"In addition to providing high-levels of security against such attacks,
> Astoria also has performance that is within a reasonable distance from the
> current Tor client," the researchers wrote. "Unlike other AS-aware Tor
> clients, Astoria also considers how circuits should be built in the worst
> case--i.e., when there are no safe relays that are available. Further,
> Astoria is a good network citizen and works to ensure that the all circuits
> created by it are load-balanced across the volunteer driven Tor network."*
>
> *In an upgrade aimed at making Tor even more usable for the average
> person, the newest Tor Browser allows a sliding scale of security that
> balances speed and usability with strong security preferences.* *Similarly,
> Astoria provides multiple security options. However, it's both most
> effective and most usable when at its highest security level, the
> researchers say, so "Astoria is a usable substitute for the vanilla Tor
> client only in scenarios where security is a high priority."*
>
> ---
>
> Source: http://www.dailydot.com/politics/tor-astoria-timing-attack-client/
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8878 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150526/f842c299/attachment.txt>

From zen at freedbms.net  Tue May 26 02:57:51 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Tue, 26 May 2015 19:57:51 +1000
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <556366BC.2050904@riseup.net>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
 <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>
 <556366BC.2050904@riseup.net>
Message-ID: <CAOsGNSTGLY2T8RCvStmOQyhNTToBAGi24=AudChFpA1z1ktz9A@mail.gmail.com>

On 5/26/15, Razer <Rayzer at riseup.net> wrote:
> On 05/25/2015 01:49 AM, Zenaan Harkness wrote:
>> And bro we were -grateful- for our gotos!
>
> GoSub(versive)s were more 'elegant' and it's "WhippERsnappERs"

Aww ma!  Can't I not hav me no snappa now?!

Dang yung spellin freeks these daze!

:D

> (Still wishing I'd followed up on that Epson HX-20's terminal program I
> wrote by rewriting to use Puts/Gets to it's 16k (that's 16 KILObytes) of
> Ram. Might have actually run faster than 1200 baud.)

Whoa! 16k! That's -twice- what my CoCo (Tandy color computer for all
yous whippasnappas) had, and 8k wuz -twice- what I thought I was
getting until I saw the box on the way home - since I'd been mowing
lawns for two years to buy one, the memory had doubled, "overnight"...

Yeah ... good days :)

Man, kids got it good these days... nowPhones would eat thousands of
our old machines for brekkiey.




From zen at freedbms.net  Tue May 26 03:04:58 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Tue, 26 May 2015 20:04:58 +1000
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
 [oops! Error]
In-Reply-To: <1815721058.1275099.1432575753009.JavaMail.yahoo@mail.yahoo.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <1815721058.1275099.1432575753009.JavaMail.yahoo@mail.yahoo.com>
Message-ID: <CAOsGNSQJ9799q=rRtBvMFtDVd8wiyvn74v8BKi5xD--LdxBrtQ@mail.gmail.com>

On 5/26/15, jim bell <jdb10987 at yahoo.com> wrote:
> Oops!  Error.Somewhere between bits and bytes, I made an error which I
...
> US alone for one year.  The data stored in a single call could probably be
> compressed to 8,000 bits per second, so every second would require 80 times
> as much data to be stored as just the metadata alone.  [Correction:  The
> data stored in a single call could probably be compressed to 8,000 bits
> (1,000 bytes) per second, so every second would require 8 times as much data
> to be stored as just the metadata alone.}   If the average phone call is 120
> seconds, that would require about 9600x  [Correction:  960x] the data size,
...

http://www.speex.org/
"Speex is based on CELP and is designed to compress voice at bitrates
ranging from 2 to 44 kbps."

And add another 4x storage density improvement without blinking if you
take 2kbps as "minimal but adequate".




From s at ctrlc.hu  Tue May 26 11:13:40 2015
From: s at ctrlc.hu (stef)
Date: Tue, 26 May 2015 20:13:40 +0200
Subject: Firefox will scan your browsing history to suggest advertiser sites
Message-ID: <20150526181340.GW8510@ctrlc.hu>

i hope the torbrowser will have soon patches to disable this disgrace:
http://www.digitaltrends.com/computing/firefox-will-scan-your-browsing-history-to-suggest-advertiser-sites/

-- 
otr fp: https://www.ctrlc.hu/~stef/otr.txt




From zen at freedbms.net  Tue May 26 04:37:16 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Tue, 26 May 2015 21:37:16 +1000
Subject: Basic income (was) Re: noscript is 10 years!
In-Reply-To: <5563E755.1060304@riseup.net>
References: <20150525164621.GE27932@nl.grid.coop> <5563E755.1060304@riseup.net>
Message-ID: <CAOsGNSQrrsDRRry4Umpg6z+AY_gLKpDEXiNiXDTgE6GP+wgL_Q@mail.gmail.com>

On 5/26/15, Mirimir <mirimir at riseup.net> wrote:
> On 05/25/2015 10:46 AM, Troy Benjegerdes wrote:

>> It seems there must be a human factor, and something that looks a lot like
>> a
>> government, but I can't quite wrap my head around how to make sure each
>> of
>> those 7e9 redunancies can only create 7e9 basic income generating
>> accounts, and
>> do a moderately good job of identifying and stopping those that try to
>> collect,
>> via force, coercion, or deceit, more than their share of basic income.
>
> The AIs could just collaborate. They would estimate what the basic
> income guarantees should be, and negotiate shares. There would be no
> reason to involve humans, excepting any human-AI hybrids involved.

I think "those that try to collect via force..." refers to some of the
7e9 humans, not the AIs - why would the AIs need money anyway? They
have perhaps energy need for their existence and ... that's it; except
for some programmed "imperative" - other than survival energy need -
any other imperative is overlaid or in addition to mere survival.

If there are multiple AIs, not one, are they competing - some
dominance imperative? We humans certainly tend to think in terms of
competition - but I say that besides survival, this is a taught reflex
and neither necessary nor our ideal - from the earliest stages of
mental development we get measured by our exam marks and gold stars,
celebrated and praised for our performance "over" others, rewarded
with money for our competitive advantage in "the market" - sadly most
of us "modern trained" humans are thoroughly entrained or schooled
with the competition mindset.

Schooling, sadly so far from education in so many ways.

Such an irony then that we "have" such abundance, or could have - and
yet are so often limited in our language?

When in abundance for all, money needs us if money is to persist as a
dominant or even relevant social concept and reality within our
communities.

Money is currently a primary measure of our "competitive performance"
in the current "modern" world, yet where survival is no master
(everyone in abundance) money is now a mere contrivance - a play thing
for some, or perhaps for many. Perhaps money would be useful to
signify standing in a community - esteem or assumed wisdom in decision
making.

Alas further growth of humans is certainly indicated by the current
environment, human rights and inter personal record of the human
"race"
<money>keep running hampster!
<7e9>I think I can, I think I can!

Presently those who take positions of power generally appear to be
those who lust after such and evidently these humans carry predominant
intent of competitive "me first" personal agendas (albeit perhaps
extending to family and friends on occasion), sucking through their
snouts from the trough of limitation, presuming scarcity and some
ungodly "need" to act selfishly and to dominate by any means (oh, idk,
may be a middle eastern invasion or something will "prop up" "our
blessed economy").

Can abundance be sustained or indeed is it worth sustaining at all in
the face of the present reality of so many of the 7e9? Many/most
humans, by my eyes so unable to restrain themselves from appealing to
the next vote rather than ever truly stand for a principle, appear to
need royal kicks up the arse. And "the masses" are little better,
riding populist waves of media hype and hysteria.

Conundrums, possibilities, challenges, intentions.

If a worthy one were to appear, could I convince him or her that
humans are worth making a stand for? Well, as I keep getting reminded,
some humans a cool, some thoughtful, others passionate and some fun to
be around on occasion, and some even stand for a principle. It is
those latter ones for which I gather up my bootlaces to walk another
mile and ask for a little forgiveness for my excessive cynicism.

Perhaps we see in the libre software world the beginnings of a
possible model or comprehension for how we might conduct ourselves
(act) and organise ourselves (relate to one another) in a world
structured around the reality of abundance rather than the gross
illusion of competitive scarcity.

Here's hoping, fellow humans!

Z




From rysiek at hackerspace.pl  Tue May 26 13:43:16 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Tue, 26 May 2015 22:43:16 +0200
Subject: Firefox will scan your browsing history to suggest advertiser
 sites
In-Reply-To: <20150526181340.GW8510@ctrlc.hu>
References: <20150526181340.GW8510@ctrlc.hu>
Message-ID: <5103510.VcCEB5gWH9@lapuntu>

Dnia wtorek, 26 maja 2015 20:13:40 stef pisze:
> i hope the torbrowser will have soon patches to disable this disgrace:
> http://www.digitaltrends.com/computing/firefox-will-scan-your-browsing-histo
> ry-to-suggest-advertiser-sites/

Mozilla is dead and there's nobody around to take over.

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150526/1a59e5db/attachment.sig>

From mirimir at riseup.net  Wed May 27 00:03:27 2015
From: mirimir at riseup.net (Mirimir)
Date: Wed, 27 May 2015 01:03:27 -0600
Subject: Basic income (was) Re: noscript is 10 years!
In-Reply-To: <CAOsGNSQrrsDRRry4Umpg6z+AY_gLKpDEXiNiXDTgE6GP+wgL_Q@mail.gmail.com>
References: <20150525164621.GE27932@nl.grid.coop> <5563E755.1060304@riseup.net>
 <CAOsGNSQrrsDRRry4Umpg6z+AY_gLKpDEXiNiXDTgE6GP+wgL_Q@mail.gmail.com>
Message-ID: <55656C3F.5090501@riseup.net>

On 05/26/2015 05:37 AM, Zenaan Harkness wrote:
> On 5/26/15, Mirimir <mirimir at riseup.net> wrote:
>> On 05/25/2015 10:46 AM, Troy Benjegerdes wrote:
> 
>>> It seems there must be a human factor, and something that looks a lot like
>>> a
>>> government, but I can't quite wrap my head around how to make sure each
>>> of
>>> those 7e9 redunancies can only create 7e9 basic income generating
>>> accounts, and
>>> do a moderately good job of identifying and stopping those that try to
>>> collect,
>>> via force, coercion, or deceit, more than their share of basic income.
>>
>> The AIs could just collaborate. They would estimate what the basic
>> income guarantees should be, and negotiate shares. There would be no
>> reason to involve humans, excepting any human-AI hybrids involved.
> 
> I think "those that try to collect via force..." refers to some of the
> 7e9 humans, not the AIs - why would the AIs need money anyway? They
> have perhaps energy need for their existence and ... that's it; except
> for some programmed "imperative" - other than survival energy need -
> any other imperative is overlaid or in addition to mere survival.

In this scenario, corporations and military have evolved into AIs and
human-AI hybrids. They don't need money. They would just be giving the
redundancies a gentle slide into oblivion, as a sentimental gesture.

<SNIP>

> Here's hoping, fellow humans!

Not so much, I fear :(




From Rayzer at riseup.net  Wed May 27 09:12:32 2015
From: Rayzer at riseup.net (Razer)
Date: Wed, 27 May 2015 09:12:32 -0700
Subject: [OT] Karl Rove's confusion about capacity of NSA's Utah data
 center.
In-Reply-To: <CAOsGNSTGLY2T8RCvStmOQyhNTToBAGi24=AudChFpA1z1ktz9A@mail.gmail.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
 <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>
 <556366BC.2050904@riseup.net>
 <CAOsGNSTGLY2T8RCvStmOQyhNTToBAGi24=AudChFpA1z1ktz9A@mail.gmail.com>
Message-ID: <5565ECF0.7020300@riseup.net>



On 05/26/2015 02:57 AM, Zenaan Harkness wrote:
> Whoa! 16k! That's -twice- what my CoCo (Tandy color computer for all
> yous whippasnappas) 
Trashy80s had more than 8K didn't they? My Coco3 came with 128 (I
upgraded to 512 but never got around to the hard drive kit nor did I
ever get the thing run 9600 baud using OS9 l2 with hacked kernel and
RS232pak.)

It was a "warm" Coco, not a Hot CoCo (RIP Wayne Green, 73 & Hot CoCo
magazine)

Kept the thing for years after MS-Dos took over the PC market just to
illustrate how crappy MS-Dos was, but eventually, like the Epson, it was
retired to the dustbin of (computer) history.

But there's probably a number of Commodore128s sitting on remote
mountaintops as ham radio repeater controllers. Someone wrote a software
suite for the Commodore that did that quite well (including remote
control capabilities) and until the thing took a lightning strike, why
bother replacing it?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150527/718afa46/attachment.sig>

From rysiek at hackerspace.pl  Wed May 27 01:22:01 2015
From: rysiek at hackerspace.pl (rysiek)
Date: Wed, 27 May 2015 10:22:01 +0200
Subject: Firefox will scan your browsing history to suggest advertiser
 sites
In-Reply-To: <CAHWD2rL2DFew9WuGgK6r3Q84=A85eXftW1vgAadVAr-NP7ROmw@mail.gmail.com>
References: <20150526181340.GW8510@ctrlc.hu> <5103510.VcCEB5gWH9@lapuntu>
 <CAHWD2rL2DFew9WuGgK6r3Q84=A85eXftW1vgAadVAr-NP7ROmw@mail.gmail.com>
Message-ID: <2433360.KkkMhQ9YbD@lapuntu>

Dnia środa, 27 maja 2015 11:35:08 Lodewijk andré de la porte pisze:
> It's fine if it's client side. They can make it client side.

Not holding my breath, though...

-- 
Pozdrawiam,
Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150527/bc5a7833/attachment.sig>

From l at odewijk.nl  Tue May 26 19:35:08 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Wed, 27 May 2015 11:35:08 +0900
Subject: Firefox will scan your browsing history to suggest advertiser
 sites
In-Reply-To: <5103510.VcCEB5gWH9@lapuntu>
References: <20150526181340.GW8510@ctrlc.hu> <5103510.VcCEB5gWH9@lapuntu>
Message-ID: <CAHWD2rL2DFew9WuGgK6r3Q84=A85eXftW1vgAadVAr-NP7ROmw@mail.gmail.com>

It's fine if it's client side. They can make it client side.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 121 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150527/4e52c282/attachment.txt>

From shelley at misanthropia.org  Wed May 27 11:42:23 2015
From: shelley at misanthropia.org (Shelley)
Date: Wed, 27 May 2015 11:42:23 -0700
Subject: [OT] Karl Rove's confusion about capacity of NSA's Utah data
 center.
In-Reply-To: <5565ECF0.7020300@riseup.net>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
 <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>
 <556366BC.2050904@riseup.net>
 <CAOsGNSTGLY2T8RCvStmOQyhNTToBAGi24=AudChFpA1z1ktz9A@mail.gmail.com>
 <5565ECF0.7020300@riseup.net>
Message-ID: <20150527184208.EA7A1C00017@frontend1.nyi.internal>

On May 27, 2015 9:21:00 AM Razer <Rayzer at riseup.net> wrote:

>
>
> On 05/26/2015 02:57 AM, Zenaan Harkness wrote:
> > Whoa! 16k! That's -twice- what my CoCo (Tandy color computer for all
> > yous whippasnappas)
> Trashy80s had more than 8K didn't they? My Coco3 came with 128 (I
> upgraded to 512 but never got around to the hard drive kit nor did I
> ever get the thing run 9600 baud using OS9 l2 with hacked kernel and
> RS232pak.)
>
> It was a "warm" Coco, not a Hot CoCo (RIP Wayne Green, 73 & Hot CoCo
> magazine)
>
> Kept the thing for years after MS-Dos took over the PC market just to
> illustrate how crappy MS-Dos was, but eventually, like the Epson, it was
> retired to the dustbin of (computer) history.
>
> But there's probably a number of Commodore128s sitting on remote
> mountaintops as ham radio repeater controllers. Someone wrote a software
> suite for the Commodore that did that quite well (including remote
> control capabilities) and until the thing took a lightning strike, why
> bother replacing it?
>

As of a couple of years ago, there was at least one Commodore being used as 
a repeater here in the great PNW.  Can't vouch for present day as I have 
slacked off on my ham radio activities.

My original Trash-80 had 4mb.  That was the one where you could put the 
portable AM radio next to it and use it as a speaker!  Mmm, radiation ...

I had that Trash-80 and a Timex Sinclair in my cabinet 'o crap for ages, 
thenI somehow lost track of them during a move.  How sad.

-Shelley, looking for the Geritol.





From cathalgarvey at cathalgarvey.me  Wed May 27 04:14:02 2015
From: cathalgarvey at cathalgarvey.me (Cathal Garvey)
Date: Wed, 27 May 2015 12:14:02 +0100
Subject: Firefox will scan your browsing history to suggest advertiser
 sites
In-Reply-To: <2433360.KkkMhQ9YbD@lapuntu>
References: <20150526181340.GW8510@ctrlc.hu> <5103510.VcCEB5gWH9@lapuntu>
 <CAHWD2rL2DFew9WuGgK6r3Q84=A85eXftW1vgAadVAr-NP7ROmw@mail.gmail.com>
 <2433360.KkkMhQ9YbD@lapuntu>
Message-ID: <5565A6FA.6030204@cathalgarvey.me>

I *gather* (without much attribution/citation wise) that it'll be 
pseudo-client-side, with lists of topics being downloaded from Mozilla, 
and click-data being (poorly) obfuscated in return as "user clicked 
*some link in this set*".

Not impressed, at all. This is a pattern, though;

1. Organisation wins favour by appealing to technically competent people 
who recommend organisation's product to less technically competent 
friends and family.
2. Organisation's user-base grows and organisation refocuses on a 
generally-applicable brand. Hackers still happy because decline takes time.
3. Organisation starts ignoring early-adopters and hacker-advocates who 
made it popular to begin with. Hackers ditch it.
4. Organisation coasts along on existing lay-customer-base for ages.
5. Organisation is replaced by an upstart that probably wins favour 
through early adopters and hacker-advocates.

People don't listen to geeks on the "important" stuff, like "Don't post 
your credit card selfie to twitter", but when they want a recommendation 
for a good web browser, chat client, or model of phone, they do. And 
companies forget this the moment they've crested that wave.

On 27/05/15 09:22, rysiek wrote:
> Dnia środa, 27 maja 2015 11:35:08 Lodewijk andré de la porte pisze:
>> It's fine if it's client side. They can make it client side.
>
> Not holding my breath, though...
>

-- 
Scientific Director, IndieBio Irish Programme
  Now running in Cork, Ireland May->July
  Learn more at http://eu.indie.bio and follow along!
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey




From grarpamp at gmail.com  Wed May 27 14:04:29 2015
From: grarpamp at gmail.com (grarpamp)
Date: Wed, 27 May 2015 17:04:29 -0400
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
Message-ID: <CAD2Ti2-djChVKyU3dqQ92F504DfGsXXaiXn3oCRBchuE0sA4rA@mail.gmail.com>

For when you don't need the entire 64k channel...
http://opus-codec.org/comparison/
http://en.wikipedia.org/wiki/Digital_Signal_0




From grarpamp at gmail.com  Wed May 27 14:47:52 2015
From: grarpamp at gmail.com (grarpamp)
Date: Wed, 27 May 2015 17:47:52 -0400
Subject: the ABC
In-Reply-To: <55637183.c316370a.6bc0.ffffc363@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
Message-ID: <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>

On Mon, May 25, 2015 at 3:07 PM, Juan <juan.g71 at gmail.com> wrote:
> What free markets?
> 'you' 'own' the government?

That which you own you may abandon, destroy, or shape to your liking.
That which you do not own may do the same to you.

> DIP-switch on the inside of a microwave switch it between 600 watts and 800 watts

https://www.youtube.com/results?search_query=magnetron




From jdb10987 at yahoo.com  Wed May 27 11:27:08 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Wed, 27 May 2015 18:27:08 +0000 (UTC)
Subject: [OT] Karl Rove's confusion about capacity of NSA's Utah data
 center.
In-Reply-To: <5565ECF0.7020300@riseup.net>
References: <5565ECF0.7020300@riseup.net>
Message-ID: <1689266272.691715.1432751228648.JavaMail.yahoo@mail.yahoo.com>

Subject: Re: [OT] Karl Rove's confusion about capacity of NSA's Utah data center.
  


On 05/26/2015 02:57 AM, Zenaan Harkness wrote:
>> Whoa! 16k! That's -twice- what my CoCo (Tandy color computer for all
>> yous whippasnappas) 
>Trashy80s had more than 8K didn't they? My Coco3 came with 128 (I
>upgraded to 512 but never got around to the hard drive kit nor did I
>ever get the thing run 9600 baud using OS9 l2 with hacked kernel and
>RS232pak.)
TRS-80 (Model 1) came with either 4 kilobytes or 16 kilobytes of DRAM, and ran a Z-80 at 1.77 MHz.   Eventually, they included an optional expansion bay that could bring the capacity up to (I think) 48 kilobytes.
Old trivia story:  My father (Samuel Bell) bought such a TRS-80 Model 1 in (I think) in 1977.  Probably eventually filled it with 48 K.  Around 1983, he wrote a program to generate a machining tape to machine an aluminum blade (about 18 inch long) that was itself a very small model of what would eventually become a far larger (probably around 20 feet long) blade for a fan for a cooling tower.  He did this for his company: The company he worked for was Marley. http://spxcooling.com/ The blade worked great; I still have one, 32 years after it was made, and 3 years after he died.  
>From the "no good deed goes unpunished" department:  Little known to my father, or his boss, or his boss' boss, the highest-ups at Marley had been advocating the purchase of a $100K computer for this specific task.  That computer was claimed, by those people, as being the minimum necessary to generate the machining tape that would be required.  Naturally, when it was discovered that my father had done the task with a $1,000 1977 computer, feathers were ruffled and great embarassment ensued.  Consequently, my father, his boss, and his boss' boss got fired, for inflicting embarrassment on those who wanted to spend $100,000 on this oh-so-important task.  He should have sued them, but my father was not a litigious person.        Jim Bell




  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3779 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150527/32fce894/attachment.txt>

From grarpamp at gmail.com  Wed May 27 17:12:18 2015
From: grarpamp at gmail.com (grarpamp)
Date: Wed, 27 May 2015 20:12:18 -0400
Subject: Of secrets, FOIA, history... and bombs
Message-ID: <CAD2Ti29e_JrdUukjHfpk8bEuG7qL9yMpFO2_EjmFNqzzsTSipQ@mail.gmail.com>

http://blog.nuclearsecrecy.com/2015/01/09/oppenheimer-unredacted-part-i/




From jon at callas.org  Wed May 27 22:01:13 2015
From: jon at callas.org (Jon Callas)
Date: Wed, 27 May 2015 22:01:13 -0700
Subject: Apple At-Rest Encryption
In-Reply-To: <556381ED.4050900@riseup.net>
References: <556381ED.4050900@riseup.net>
Message-ID: <2E8DE64C-A8F5-4A6C-ABE5-079C074111E9@callas.org>


> On May 25, 2015, at 1:11 PM, anx <anx at riseup.net> wrote:
> 
> What are some bottlenecks to Apple turning on File Vault by default? I
> can only come up with "battery life."

You should turn it on. The battery effect on the CPU is negligible; it’s using AES-NI in the processor and that’s running at less than one clock per byte. But if you’re on a computer that has flash – like any of the Air/Retina machines – the write time and power requirements of NAND flash are much better when you use a whitening function, of which AES makes a great one.

But in any event, it’s all going to be not worth worrying about in the costs. You might even benefit. You are also gaining in the security end. We can certainly debate whatever the operational security benefits are from encrypting your disk, but the real benefit comes from when you inevitably decommission that machine and storage. You are vastly, vastly better off with encrypted storage then, and better off for having encrypted it all along.

	Jon





From mirimir at riseup.net  Wed May 27 21:46:28 2015
From: mirimir at riseup.net (Mirimir)
Date: Wed, 27 May 2015 22:46:28 -0600
Subject: the ABC
In-Reply-To: <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
Message-ID: <55669DA4.1000205@riseup.net>

On 05/27/2015 10:00 PM, Lodewijk andré de la porte wrote:
> 2015-05-28 12:59 GMT+09:00 Juan <juan.g71 at gmail.com>:
> 
>>         Last time I checked the stuff that can be owned(i. e.
>>         property) like say a hamburguer a car or a house,  cannot
>>         abandon me, destroy me or shape me to its liking.
>>
> 
> The joke's on you! Ownership is defined in constitutions, and is not a real
> thing at all!

According to governments, yes. But according to me, I own anything that
I can fuck with :) That is, "ownership" is defined operationally.

> News businesses are supposed to operate in a market environment, meaning
> that a shitty newscaster will disappear due to market effects. Fox is not
> disappearing, yet it's exceedingly shitty. What's up? It's also still
> getting decent views. What's up?

You have it backwards. Fox is successful in its market, and by that
measure is clearly not shitty. What you think doesn't matter much.

> I'd like to to be illegal so that someone can just put an end to the bs.

You want Fox to be illegal? Good luck with that ;)




From tony.arcieri at gmail.com  Wed May 27 23:22:55 2015
From: tony.arcieri at gmail.com (Tony Arcieri)
Date: Wed, 27 May 2015 23:22:55 -0700
Subject: [Cryptography] Dark Web should really be called the Twilight Web
In-Reply-To: <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>
References: <CAMm+Lwg5K2VudO_c3s=P0G0_MCN3aCOeuZ_FAaKRTYLKMzaVvA@mail.gmail.com>
 <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>
Message-ID: <CAHOTMVLMdFeMV0293qQNokxP-SZJpQg-uQ9_MYgRJx7_JUesNA@mail.gmail.com>

I believe it's technically called the Deep Web, at least according to CSI
Cyber:

https://twitter.com/bascule/status/603778387757391873/photo/1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 388 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150527/20f9ad03/attachment.txt>

From mirimir at riseup.net  Wed May 27 23:37:41 2015
From: mirimir at riseup.net (Mirimir)
Date: Thu, 28 May 2015 00:37:41 -0600
Subject: the ABC
In-Reply-To: <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
Message-ID: <5566B7B5.5070300@riseup.net>

On 05/28/2015 12:04 AM, Zenaan Harkness wrote:
> On 5/28/15, Lodewijk andré de la porte <l at odewijk.nl> wrote:

<SNIP>

>> There's that familiar senseless anger again.
>> Why do you do that? Where does
>> it help you go? Can you control it?

Juan already answered (not that he needs my help):

|	You seem to have royally missed the point. so here it goes
|	again

As I understand Juan, he considers just about everyone to be compromised
in one way or another by governments. Arguably, his job is to keep the
rest of us awake ;)

> These are good questions. I can relate with them for myself. Thank you
> for patiently asking.

Self-awareness is always a good thing :)




From juan.g71 at gmail.com  Wed May 27 20:48:13 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 00:48:13 -0300
Subject: the ABC
In-Reply-To: <CAHWD2rJh0n8YX4ZPr7+2hnSb=cq11ZSMPtS4C4ZqpOtidi7aQg@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAHWD2rJh0n8YX4ZPr7+2hnSb=cq11ZSMPtS4C4ZqpOtidi7aQg@mail.gmail.com>
Message-ID: <55668ea6.821e340a.76ba.ffffaa79@mx.google.com>

On Tue, 26 May 2015 13:52:59 +0900


>>> Is Fox News illegal? You'd say it's illegal to deceive people. The
>>> sheer quantity of false information on Fox News, and it's
>>> popularity,
>>> are a serious harm to America.
>>> 
>>> Is it that free markets only perform properly with rational agents?


> 
> > What free markets? Oh wait. You've been studying political
> >         philosophy with the likes of grarpamp, according to whom
> > 'you' 'own' the government?
> >
> 
 
> And then there's Juan, who's upset about something, but nobody really
> knows what it is, or what's he's trying to do about it.


	You seem to have royally missed the point. so here it goes
	again 


>Is Fox News illegal?

	fox news is part of the US government, department of propaganda.
	It's part of the government. It can't be illegal, 'by
	definition'.


> Is it that free markets 

	Again, *what* free markets are you talking about - fucks news
	has nothing to do with 'free markets'. 
















From grarpamp at gmail.com  Wed May 27 21:57:20 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 00:57:20 -0400
Subject: the ABC
In-Reply-To: <55669150.0b91340a.78d9.ffffad22@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
Message-ID: <CAD2Ti2-t2xza6t0mbKuadR5jbpdoR8UhgJGV2Z8hwZOrR7f0jA@mail.gmail.com>

On Wed, May 27, 2015 at 11:59 PM, Juan <juan.g71 at gmail.com> wrote:
>         my neighbor's dog isn't trying to
>         control me.

Nieghbor dog shits on your lawn, you clean it up every time like puppet.
Big Juan, 0wn3d by itty bitty chihuahua ;-)




From juan.g71 at gmail.com  Wed May 27 20:59:35 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 00:59:35 -0300
Subject: the ABC
In-Reply-To: <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
Message-ID: <55669150.0b91340a.78d9.ffffad22@mx.google.com>

On Wed, 27 May 2015 17:47:52 -0400
grarpamp <grarpamp at gmail.com> wrote:

> On Mon, May 25, 2015 at 3:07 PM, Juan <juan.g71 at gmail.com> wrote:
> > What free markets?
> > 'you' 'own' the government?
> 
> That which you own you may abandon, destroy, or shape to your liking.

> That which you do not own may do the same to you.
> 

	Last time I checked the stuff that can be owned(i. e.
	property) like say a hamburguer a car or a house,  cannot
	abandon me, destroy me or shape me to its liking.

	The stuff I own isn't 'shaping' me and even the stuff I DON'T
	own, like, say, my neighbor's bycicle or dog isn't trying to
	control me. You know, property and moral agents are two
	different categories.

	If property is shaping you to its liking grarpamp, I encourage
	you to lay off the drugs or at least keep your hallucinations to
	yourself, instead of trying to pass them as political
	philosophy. 




> > DIP-switch on the inside of a microwave switch it between 600 watts
> > and 800 watts
> 
> https://www.youtube.com/results?search_query=magnetron




From grarpamp at gmail.com  Wed May 27 22:26:49 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 01:26:49 -0400
Subject: [Cryptography] Dark Web should really be called the Twilight Web
In-Reply-To: <CAMm+Lwg5K2VudO_c3s=P0G0_MCN3aCOeuZ_FAaKRTYLKMzaVvA@mail.gmail.com>
References: <CAMm+Lwg5K2VudO_c3s=P0G0_MCN3aCOeuZ_FAaKRTYLKMzaVvA@mail.gmail.com>
Message-ID: <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>

On Wed, May 27, 2015 at 11:08 PM, Phillip Hallam-Baker
<phill at hallambaker.com> wrote:
> Tor certainly works for some of its intended uses. If you are in a
> repressive state and want to get access to CNN or the like, Tor is your
> friend. It isn't going to prevent a police state noticing that you might be
> up to some sort of unapproved activity but they won't be able to tell the
> difference between a dissident and someone surfing for porn etc. So it is
> useful and reduces risk in countries like Iran or Russia. But using it in
> North Korea would mean risking a death sentence.
>
> Where I don't see Tor being remotely safe is trying to operate an online
> Drug bazar as a hidden service. I mean seriously guys, cryptography isn't
> magic and traffic analysis is a very effective tool. Tor is still going to
> help your customers keep their identity secret but it isn't going to stop a
> determined law enforcement team with pervasive Internet access tracking down
> your server. Not when the hidden service is trying to become a consumer
> brand with global reach.
>
> So I think a change in terminology is needed. It is not just that people are
> not taking security precautions due to a false sense of security, some
> people are ordering up mob hits because they think they are in a permissive
> environment that is accountability free.
>
> Rather than calling it the dark web, the term Twilight Web seems more
> appropriate to me. It is possible to hide but only if you know how and only
> among the trees.

For whatever part of your threat models above includes global passive
adversary watching the input and output points of your network
of choice and lining up traffic observations... there is little defense
to be taken other than filling your unused capacity with fill traffic.
No network to date appears to be developing or using that defense.
There have been threads on that within the last year, and even one on
making such background fill a part of IEEE for fiber and copper physical links.




From juan.g71 at gmail.com  Wed May 27 21:29:59 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 01:29:59 -0300
Subject: the ABC
In-Reply-To: <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
Message-ID: <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>

On Thu, 28 May 2015 13:00:25 +0900
Lodewijk andré de la porte <l at odewijk.nl> wrote:

> 2015-05-28 12:59 GMT+09:00 Juan <juan.g71 at gmail.com>:
> 
> >         Last time I checked the stuff that can be owned(i. e.
> >         property) like say a hamburguer a car or a house,  cannot
> >         abandon me, destroy me or shape me to its liking.
> >
> 
> The joke's on you! Ownership is defined in constitutions, and is not
> a real thing at all!


	Sure. Since your knowlege of legal systems and moral
	philosophy doesn't go beyond crass, mainstream, legal
	positivism then your nonsense must be right.


> 
> News businesses are supposed to operate in a market environment,
> meaning that a shitty newscaster will disappear due to market
> effects. Fox is not disappearing, yet it's exceedingly shitty. What's
> up? It's also still getting decent views. What's up?
> 
> I'd like to to be illegal so that someone can just put an end to the
> bs.


	So there isn't any real standard for property but you think
	that the government must stop something you don't like on TV? 

	Wait. And you  dishonestly ignored the fact I just
	mentioned. Fox news IS the government. Why would they outlaw
	themselves? 

	You don't like the real outcome of (your) stupid government
	theories? =) 


















From bizdevcon at protonmail.ch  Wed May 27 23:10:07 2015
From: bizdevcon at protonmail.ch (BizDevCon)
Date: Thu, 28 May 2015 02:10:07 -0400
Subject: Apple At-Rest Encryption
Message-ID: <3b707359f730cdbad57f442b621494be@protonmail.ch>

Polemic question: how do you want to propose default File Vault encryption when I see most people using 0000 as their default iPhone password?


Real question: using encryption also forces one to thing about a proper backup strategy. And where will the average user store his FileVault key for each device? I remember one service (not sure which one) which forces you to store and print a backup key. You cannot / could not copy and paste: disabled! (I think it was even some Apple service.)


Default File Vault is neat but forget "recovering" stuff when your wife/kid/mom/dog forgets the passcode… The recent death of my father also made me think of implementing a "two-level" personal privacy:


1) Things you want others like relatives to have access to in the ultimate scenario of death.
2) Things you want to keep private forever.



My dad never thought about such and his social accounts are as much protected as mundane information on insurance information of a shared property. In other words: I have a hard time unbundling everything and I am even thinking of taking a strong magnet and let it do the final task on his iMac…


Long post, short summary: we need to rethink storing personal information before enabling things like File Vault for everyone.


– BizDevCon
 
-------- Original Message --------
Subject: Re: Apple At-Rest Encryption
Time (GMT): May 28 2015 05:01:13
From: jon at callas.org
To: anx at riseup.net
CC: cypherpunks at cpunks.org


> On May 25, 2015, at 1:11 PM, anx wrote:
>
> What are some bottlenecks to Apple turning on File Vault by default? I
> can only come up with "battery life."

You should turn it on. The battery effect on the CPU is negligible; it’s using AES-NI in the processor and that’s running at less than one clock per byte. But if you’re on a computer that has flash – like any of the Air/Retina machines – the write time and power requirements of NAND flash are much better when you use a whitening function, of which AES makes a great one.

But in any event, it’s all going to be not worth worrying about in the costs. You might even benefit. You are also gaining in the security end. We can certainly debate whatever the operational security benefits are from encrypting your disk, but the real benefit comes from when you inevitably decommission that machine and storage. You are vastly, vastly better off with encrypted storage then, and better off for having encrypted it all along.

Jon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2912 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150528/6c01475e/attachment.txt>

From tom at ritter.vg  Thu May 28 05:28:13 2015
From: tom at ritter.vg (Tom Ritter)
Date: Thu, 28 May 2015 07:28:13 -0500
Subject: Firefox will scan your browsing history to suggest advertiser
 sites
In-Reply-To: <2433360.KkkMhQ9YbD@lapuntu>
References: <20150526181340.GW8510@ctrlc.hu> <5103510.VcCEB5gWH9@lapuntu>
 <CAHWD2rL2DFew9WuGgK6r3Q84=A85eXftW1vgAadVAr-NP7ROmw@mail.gmail.com>
 <2433360.KkkMhQ9YbD@lapuntu>
Message-ID: <CA+cU71=8w=VQwGmr9NdXmNPTQJJMZ3Gw6BhBuaQvzcHXozHSbA@mail.gmail.com>

On 27 May 2015 at 03:22, rysiek <rysiek at hackerspace.pl> wrote:
> Dnia środa, 27 maja 2015 11:35:08 Lodewijk andré de la porte pisze:
>> It's fine if it's client side. They can make it client side.
>
> Not holding my breath, though...

"""
4) The browser fetches all available suggested tiles based on country
and language from Onyx without using cookies or other user tracking
identifiers.
5) User interactions, such as clicks, pins and blocks, are examples of
data that may be measured and processed. View Mozilla’s Privacy Policy
or our Data Privacy Principles for more information.
6) Onyx submits the interaction data to Disco, a restricted access
database for largescale analysis.
7) Disco aggregates all Firefox tiles interactions, anonymizing
personally identifiable data before sending to Redshift for reporting.
8) Charts and reports are pulled from Redshift using Zenko, a Content
Services reporting tool, for analysis by Mozilla.
9) Mozilla sends this report to the partner shortly after the campaign ends.
""" [0]

"""
How do you determine user interests?

For Suggested Tiles, we know whether users are interested in your
market category by matching a list of defined URLs (domains, or
subdomains) with their most frequently and recently visited URLs in
Firefox. In this way, we are able to preserve users’ anonymity while
providing a high level of confidence about their interest in different
site categories.

What input do I have over the interest categories?

We work with all our Suggested Tiles partners to define the most
effective interest categories. Partners may provide suggestions for
what URLs should be include. Mozilla’s Content Services Team will
actually define those categories.
""" [1]

I'm most curious about what 'User Interactions' are reported.  Clicks,
pins, and blocks all reveal which tile a user saw, and therefore
something about their browsing history. But they're also pretty
fundamental to advertising.  I'm more worried about Firefox reporting
"Views" or "Mouseovers" or other things that are not clear,
user-initiated actions.

-tom

[0] https://blog.mozilla.org/advancingcontent/files/2015/05/How-data-is-protected-Infographic1.pdf
[1] https://www.mozilla.org/en-US/about/partnerships/contentservices/faq/




From zen at freedbms.net  Wed May 27 16:47:35 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Thu, 28 May 2015 09:47:35 +1000
Subject: [OT] Karl Rove's confusion about capacity of NSA's Utah data
 center.
In-Reply-To: <5565ECF0.7020300@riseup.net>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
 <CAOsGNSS-whDkSxXEYk3Ryg1gvj9EToC8K9GzYFBEi7qYaQ5=Rw@mail.gmail.com>
 <556366BC.2050904@riseup.net>
 <CAOsGNSTGLY2T8RCvStmOQyhNTToBAGi24=AudChFpA1z1ktz9A@mail.gmail.com>
 <5565ECF0.7020300@riseup.net>
Message-ID: <CAOsGNSQjq-qCZghf2rJH=paSnZMoNVtiZMy8ObyTSNus6ni13Q@mail.gmail.com>

On 5/28/15, Razer <Rayzer at riseup.net> wrote:
> On 05/26/2015 02:57 AM, Zenaan Harkness wrote:
>> Whoa! 16k! That's -twice- what my CoCo (Tandy color computer for all
>> yous whippasnappas)
> Trashy80s had more than 8K didn't they?

According to
http://en.wikipedia.org/wiki/Tandy_Color_Computer

I did get it wrong - but the model I thought I was getting was the
very first CoCo - at only 4K, and the one I ended up getting by the
time I'd saved enough was the second model, at 16K! That was quite an
improvement for someone about to learn BASIC.

So, I too had a grande olde 16K -whoohooo!

Eventually I even managed to hook up an old cassette recorder of my
mum's, since I was too impatient to wait for enough savings to buy a
swanky new one from the store. By the time floppy drives began gaining
real traction in our area the Apple ][ was the go - it was of course
better to have a computer that others in the area had since we could
of course <cough>share software. So I bought a second hand Apple ][
clone. Those were some serious gaming days!

I swapped it with my brother's $1000 (!) portable XT clone with a tiny
black and white VGA LCD screen a built in 720K floppy - I told him he
should not buy it since he loved the games, and although it might be
good as a programming machine, what he really wanted was an Apple of
Commodore. After a week, he agreed that the games were what he'd
really wanted. I was just happy learning MSDOS with it's directories,
and a new version of basic :)




From grarpamp at gmail.com  Thu May 28 09:22:13 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 12:22:13 -0400
Subject: First they came for your multimedia...
Message-ID: <CAD2Ti28J4Yu4aU-Syue7-+HSmH+XUnN2hciH0p4MHDA09crNpg@mail.gmail.com>

http://torrentfreak.com/high-court-orders-uk-isps-to-block-ebook-sites-150527/

http://libgen.org/
http://en.bookfi.org/
http://freshwap.ws/
http://www.freebookspot.es/
http://ebookee.org/
http://bookre.org/
http://avxhome.se/

The multimedia filesharing hubs don't seem to
be putting up much of legal fight on principle.
So why do they keep popping up to be whack a mole?
When will they shift to anonymizing networks
like I2P, Gnunet, Phantom, Tor?




From grarpamp at gmail.com  Thu May 28 09:50:28 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 12:50:28 -0400
Subject: [tor-talk] [Cryptography] Dark Web should really be called the
 Twilight Web
In-Reply-To: <CAOsGNSRyU5eYefsw7QQZ4srJBZAwq+cPA-HLy0D1R=43vDJsoQ@mail.gmail.com>
References: <CAMm+Lwg5K2VudO_c3s=P0G0_MCN3aCOeuZ_FAaKRTYLKMzaVvA@mail.gmail.com>
 <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>
 <CAOsGNSRyU5eYefsw7QQZ4srJBZAwq+cPA-HLy0D1R=43vDJsoQ@mail.gmail.com>
Message-ID: <CAD2Ti2-MXfOcSCT8OLOHBEJC0UYFqe7QpU6wn178bRTpP2kdWw@mail.gmail.com>

On Thu, May 28, 2015 at 2:08 AM, Zenaan Harkness <zen at freedbms.net> wrote:
> On 5/28/15, grarpamp <grarpamp at gmail.com> wrote:
>> to be taken other than filling your unused capacity with fill traffic.
>> No network to date appears to be developing or using that defense.
>
> I thought that was the main differentiator for I2P (as compared with TOR)??

Nope. As above.




From l at odewijk.nl  Wed May 27 21:00:25 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Thu, 28 May 2015 13:00:25 +0900
Subject: the ABC
In-Reply-To: <55669150.0b91340a.78d9.ffffad22@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
Message-ID: <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>

2015-05-28 12:59 GMT+09:00 Juan <juan.g71 at gmail.com>:

>         Last time I checked the stuff that can be owned(i. e.
>         property) like say a hamburguer a car or a house,  cannot
>         abandon me, destroy me or shape me to its liking.
>

The joke's on you! Ownership is defined in constitutions, and is not a real
thing at all!

News businesses are supposed to operate in a market environment, meaning
that a shitty newscaster will disappear due to market effects. Fox is not
disappearing, yet it's exceedingly shitty. What's up? It's also still
getting decent views. What's up?

I'd like to to be illegal so that someone can just put an end to the bs.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1127 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150528/1e7a4a8f/attachment.txt>

From l at odewijk.nl  Wed May 27 22:04:22 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Thu, 28 May 2015 14:04:22 +0900
Subject: the ABC
In-Reply-To: <55669DA4.1000205@riseup.net>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669DA4.1000205@riseup.net>
Message-ID: <CAHWD2r+UoWkRWYLtKmBYcOBqSvwfwhGG_3sEjVrc2dfkyG3QtA@mail.gmail.com>

2015-05-28 13:46 GMT+09:00 Mirimir <mirimir at riseup.net>:

> You have it backwards. Fox is successful in its market, and by that
> measure is clearly not shitty. What you think doesn't matter much.
>

 Nope, pretty sure it's just the tragedy of the commons. What I think is
all that matters to me. Insanity 101.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 662 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150528/9be410e1/attachment.txt>

From l at odewijk.nl  Wed May 27 22:15:42 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Thu, 28 May 2015 14:15:42 +0900
Subject: the ABC
In-Reply-To: <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
Message-ID: <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>

2015-05-28 13:29 GMT+09:00 Juan <juan.g71 at gmail.com>:

>         Sure. Since your knowlege of legal systems and moral
>         philosophy doesn't go beyond crass, mainstream, legal
>         positivism then your nonsense must be right.
>

This doesn't seem to contain a response. If I squint it seems you declared
my answer to be nonsense, which I assure you it isn't.

Ownership isn't real. We don't need it to do anything. Furthermore, the
lines are blurring between owned and not-owned because of complications
through contract. It may be that  one day we should abandon the idea of
ownership, simply because it doesn't mean jack.

When you look upon a person their wealth is not apparent in any way. Some
people have serious skills, but no currency. Some people have currency but
no serious skills. Some people fit a norm and some don't. Capacity to earn
currency is the great selector, but in an economic reality detached from
reality by countless systems and arbitrary human judgement, the selector is
detached and arbitrary too.

It is well imaginable that ownership and currency are ineffective; but it
is so ingrained in society that we never consider it anymore.
Possessiveness is human, and the human being is not calibrated for today's
society.

> I'd like to to be illegal so that someone can just put an end to the
> > bs.
>
>         So there isn't any real standard for property but you think
>         that the government must stop something you don't like on TV?
>

I said what I said, I'm not sure what you're asking.


>         Wait. And you  dishonestly ignored the fact I just
>         mentioned. Fox news IS the government. Why would they outlaw
>         themselves?
>

I didn't really feel like responding to such a vague comment. It's pretty
nonconstructive. If the gov == fox, then I still want fox to stop. It just
doesn't matter if fox == gov or not. I also don't see how they are gov, but
you have a tendency towards such claims.

        You don't like the real outcome of (your) stupid government
>         theories? =)
>

There's that familiar senseless anger again. Why do you do that? Where does
it help you go? Can you control it?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3375 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150528/a12e09ac/attachment.txt>

From grarpamp at gmail.com  Thu May 28 11:27:23 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 14:27:23 -0400
Subject: Privacy Centric Naming of Humans
Message-ID: <CAD2Ti295AHib27+Ha0-eomZLxce0j0-kaks=FMgG2nNqKB6Wzg@mail.gmail.com>

The common naming triple of First Middle Last may result in more
uniqueness than desired... a life sentence imposed upon you by
parents unaware of privacy, databasing, freedom to reassociate, and
related issues.

What of defense of naming with the minimum number of bits required,
in the minimum number of fields required? For example, on that root
of all human databases, the typical birth certificate.

You could be "a j smith" or "t jones", perhaps even "no name", "a
b", or simply "a". Perhaps even numbers or any UTF-8 chars.
You could expand, change and interpret them in future daily context
as desired or useful, such as "t" to "tom", "tony", "terry".
There are metrics to be applied such as "a" being the first in sort
order, and "t" being the last character with any common frequency.
And flexible phonetics that sound like names such as "d" for "dee",
"j" for "jay", "l" for "elle".
And where your minimum is less than some state or clerk idea of
minimum, useful ambiguity can still be injected with things like
gender "pat", "morgan", and shorthand "ed (eddie, edward...)", "jane
(janel, janelle, janet...)".




From grarpamp at gmail.com  Thu May 28 11:40:24 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 14:40:24 -0400
Subject: Privacy Centric Naming of Humans
In-Reply-To: <CAD2Ti295AHib27+Ha0-eomZLxce0j0-kaks=FMgG2nNqKB6Wzg@mail.gmail.com>
References: <CAD2Ti295AHib27+Ha0-eomZLxce0j0-kaks=FMgG2nNqKB6Wzg@mail.gmail.com>
Message-ID: <CAD2Ti2-hq8485GMyKtkSX0W2A7KNJpCtJ47ddUjQPUtMc7K_rw@mail.gmail.com>

"some body", "no body", "big horn", "fast fish", "blue cloud",
"paul bunyan", "babe ruth", "joan of arc", "NULL", "<literally blank>",
"<random strings>", etc.




From juan.g71 at gmail.com  Thu May 28 12:03:19 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 16:03:19 -0300
Subject: the ABC
In-Reply-To: <CAD2Ti2-t2xza6t0mbKuadR5jbpdoR8UhgJGV2Z8hwZOrR7f0jA@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAD2Ti2-t2xza6t0mbKuadR5jbpdoR8UhgJGV2Z8hwZOrR7f0jA@mail.gmail.com>
Message-ID: <5567651c.c7b7340a.d14d.ffffeed2@mx.google.com>

On Thu, 28 May 2015 00:57:20 -0400
grarpamp <grarpamp at gmail.com> wrote:

> On Wed, May 27, 2015 at 11:59 PM, Juan <juan.g71 at gmail.com> wrote:
> >         my neighbor's dog isn't trying to
> >         control me.
> 
> Nieghbor dog shits on your lawn, you clean it up every time like
> puppet. Big Juan, 0wn3d by itty bitty chihuahua ;-)


	Sorry no. The dog can't enter my lawn. It can't even leave my
	neighbor's house (poor dog)

	Any more pro government bullshit you'd like to spew? You have
	to earn those pentagon checks eh? 





 
	


















From zen at freedbms.net  Wed May 27 23:04:07 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Thu, 28 May 2015 16:04:07 +1000
Subject: the ABC
In-Reply-To: <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
Message-ID: <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>

On 5/28/15, Lodewijk andré de la porte <l at odewijk.nl> wrote:
> Capacity to earn
> currency is the great selector,

-a- great selector

-the- current great selector

Our language can shape our thinking - the reason I comment here, not
to be picky. And on that note, I'm sure you can come up with even
"better" variations on the phrase.


> but in an economic reality detached from reality by
> countless systems and arbitrary human judgement, the
> selector is detached and arbitrary too.

Detached yes. Arbitrary in some sense, but certainly not absolutely.

> It is well imaginable that ownership and currency are ineffective;

Don't agree with that. Sub-optimal for certain "desired outcomes" perhaps.

> but it is so ingrained in society
> that we never consider it anymore.

s/never/don't often/
s/consider it/challenge it/


> Possessiveness is human, and the human being is
> not calibrated for today's society.

This sounds potentially very interesting. A concept on the tip of my
mind but can't quite get. Please elaborate here if you will.


> There's that familiar senseless anger again.
> Why do you do that? Where does
> it help you go? Can you control it?

These are good questions. I can relate with them for myself. Thank you
for patiently asking.

Regards
Zenaan




From zen at freedbms.net  Wed May 27 23:08:58 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Thu, 28 May 2015 16:08:58 +1000
Subject: [tor-talk] [Cryptography] Dark Web should really be called the
 Twilight Web
In-Reply-To: <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>
References: <CAMm+Lwg5K2VudO_c3s=P0G0_MCN3aCOeuZ_FAaKRTYLKMzaVvA@mail.gmail.com>
 <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>
Message-ID: <CAOsGNSRyU5eYefsw7QQZ4srJBZAwq+cPA-HLy0D1R=43vDJsoQ@mail.gmail.com>

On 5/28/15, grarpamp <grarpamp at gmail.com> wrote:
> On Wed, May 27, 2015 at 11:08 PM, Phillip Hallam-Baker
> <phill at hallambaker.com> wrote:
>> Tor certainly works for some of its intended uses. If you are in a
>> repressive state and want to get access to CNN or the like, Tor is your
>> friend. It isn't going to prevent a police state noticing that you might
>> be
>> up to some sort of unapproved activity but they won't be able to tell the
>> difference between a dissident and someone surfing for porn etc. So it is
>> useful and reduces risk in countries like Iran or Russia. But using it in
>> North Korea would mean risking a death sentence.
>>
>> Where I don't see Tor being remotely safe is trying to operate an online
>> Drug bazar as a hidden service. I mean seriously guys, cryptography isn't
>> magic and traffic analysis is a very effective tool.

Do you mean like analysing the trafficking of drugs in their physical
form. Traditional law enforcement seems to do this type of traffic
analysis reasonably well on occasion.

:)


> For whatever part of your threat models above includes global passive
> adversary watching the input and output points of your network
> of choice and lining up traffic observations... there is little defense
> to be taken other than filling your unused capacity with fill traffic.
> No network to date appears to be developing or using that defense.

I thought that was the main differentiator for I2P (as compared with TOR)??




From juan.g71 at gmail.com  Thu May 28 12:12:53 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 16:12:53 -0300
Subject: the ABC
In-Reply-To: <5566B7B5.5070300@riseup.net>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
Message-ID: <55676759.8920340a.61b8.ffffec72@mx.google.com>

On Thu, 28 May 2015 00:37:41 -0600
Mirimir <mirimir at riseup.net> wrote:

> 
> As I understand Juan, he considers just about everyone to be
> compromised in one way or another by governments. Arguably, his job
> is to keep the rest of us awake ;)


	Well, at any rate, it should be obvious that fox news is
	compromised. 

	But no. Fox news is a natural rights abiding, mutualist
	cooperative, operating in a natural rights abiding, free
	society. 
	
	I learned something today =) 





> 
> > These are good questions. I can relate with them for myself. Thank
> > you for patiently asking.
> 
> Self-awareness is always a good thing :)




From juan.g71 at gmail.com  Thu May 28 12:13:17 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 16:13:17 -0300
Subject: the ABC
In-Reply-To: <CAHWD2r+UoWkRWYLtKmBYcOBqSvwfwhGG_3sEjVrc2dfkyG3QtA@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669DA4.1000205@riseup.net>
 <CAHWD2r+UoWkRWYLtKmBYcOBqSvwfwhGG_3sEjVrc2dfkyG3QtA@mail.gmail.com>
Message-ID: <55676772.890b340a.196e.ffffefb5@mx.google.com>

On Thu, 28 May 2015 14:04:22 +0900
Lodewijk andré de la porte <l at odewijk.nl> wrote:

> 2015-05-28 13:46 GMT+09:00 Mirimir <mirimir at riseup.net>:
> 
> > You have it backwards. Fox is successful in its market, and by that
> > measure is clearly not shitty. What you think doesn't matter much.
> >
> 
>  Nope, pretty sure it's just the tragedy of the commons. What I think
> is all that matters to me. Insanity 101.


	I rest my case.






From griffin at cryptolab.net  Thu May 28 13:28:36 2015
From: griffin at cryptolab.net (Griffin Boyce)
Date: Thu, 28 May 2015 16:28:36 -0400
Subject: Privacy Centric Naming of Humans
In-Reply-To: <CAD2Ti295AHib27+Ha0-eomZLxce0j0-kaks=FMgG2nNqKB6Wzg@mail.gmail.com>
References: <CAD2Ti295AHib27+Ha0-eomZLxce0j0-kaks=FMgG2nNqKB6Wzg@mail.gmail.com>
Message-ID: <dd68180ca4d9bd7c357f8fc4cecf65e3@cryptolab.net>


grarpamp wrote:
> The common naming triple of First Middle Last may result in more
> uniqueness than desired... a life sentence imposed upon you by
> parents unaware of privacy, databasing, freedom to reassociate, and
> related issues.
> 
> What of defense of naming with the minimum number of bits required,
> in the minimum number of fields required? For example, on that root
> of all human databases, the typical birth certificate.

   One should also be aware of the implications of giving a child a very 
common name.  I've known several "Chris Brown"s and an unreasonable 
number of "John Smith"s.  Though one should be aware also of what German 
sociologists call 'Kevinismus' [1] -- the recognition that all names 
come with cultural attachments, and not all of them positive.  I get 
asked fairly regularly if I'm Welsh (nope) since that's the association 
people make between heraldry and anglicized last names.

   Being anonymous or easily confused with another person is not all 
positive.  In fact, I would say that it's mostly a negative.  My name is 
uncommon, but I went by a nickname for years because it was more 
interesting.  It also offered some amount of protection in the days 
before anyone could just buy my LexisNexis profile and know my weird 
middle name and past lovers' names and how many freckles I have.  Now?  
Not so much.  Any name plus one or two additional data points is enough 
to clearly identify someone in a dataset.

   In my case, the benefits of having a relatively uncommon name outweigh 
the downsides.  I still have the freedom to do things anonymously or 
under a pseudonym, and use that freedom on a regular basis.  And if my 
name were so unique as to cause me problems, changing it is about $250. 
¯\(ツ)/¯

best,
Griffin

[1] 
http://www.spiegel.de/schulspiegel/wissen/ungerechte-grundschullehrer-kevin-ist-kein-name-sondern-eine-diagnose-a-649421.html
[2] If there is such a thing as a "real name" -- I'm unconvinced -- then 
Griffin Boyce is mine.

-- 
“Sometimes the questions are complicated and the answers are simple.”
― Dr. Seuss




From juan.g71 at gmail.com  Thu May 28 13:12:32 2015
From: juan.g71 at gmail.com (Juan)
Date: Thu, 28 May 2015 17:12:32 -0300
Subject: the ABC
In-Reply-To: <5566B7B5.5070300@riseup.net>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
Message-ID: <55677555.efa5340a.56e1.1bbd@mx.google.com>

On Thu, 28 May 2015 00:37:41 -0600
Mirimir <mirimir at riseup.net> wrote:

> 
> just about everyone [is] 
> compromised in one way or another by governments.

	Actually, after a little bit of tweaking, yours is a pretty good
	description of the current state of affairs. Just about
	everyone sees government as legitimate, so yes their software
	is compromised.







From grarpamp at gmail.com  Thu May 28 16:35:01 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 19:35:01 -0400
Subject: the ABC
In-Reply-To: <55677555.efa5340a.56e1.1bbd@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
Message-ID: <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>

> You have to earn those pentagon checks eh?

Keepin it real bro. You got my number (and that of a lot of people
on cpunks heh) anytime you want to talk politic man, just call me.
It's been a while, shall I expect you on the old 202? Because I
don't feel like picking up on anybody else out there, you know that
deal.

> It can't even leave my neighbor's house (poor dog)

Well duh, if Mills didn't flip out at the party and shoot the damn
thing after you went all PETA on him, you'd still be happily shit
cleaning after it to this day, lol.




From grarpamp at gmail.com  Thu May 28 18:01:54 2015
From: grarpamp at gmail.com (grarpamp)
Date: Thu, 28 May 2015 21:01:54 -0400
Subject: Karl Rove's confusion about capacity of NSA's Utah data center.
In-Reply-To: <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
References: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <941341197.850558.1432528568911.JavaMail.yahoo@mail.yahoo.com>
 <CAD2Ti28p7MF-8OWhPmr61d--diQPGADcmOHFe0KEWZxFy4qsGA@mail.gmail.com>
Message-ID: <CAD2Ti29wCjSG_sWOpL-8MSka7z-jFT-mHPUUox2tfGGdSCp3dw@mail.gmail.com>

Also note that since power and cooling are in outbuildings there,
the roughly 3500 racks needed would just fit in the 100k sqft
advertised using a 4:1 floor ratio, not counting parity. Maybe tight,
but another 900k is advertised for support which could be used.
The bottom line is that 12EB is doable and systems of any sort
at that scale should not be unexpected there so long as they
fit within the known params of the site. And efficiencies only
get better.




From mirimir at riseup.net  Thu May 28 22:13:28 2015
From: mirimir at riseup.net (Mirimir)
Date: Thu, 28 May 2015 23:13:28 -0600
Subject: the ABC
In-Reply-To: <55677555.efa5340a.56e1.1bbd@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net> <55677555.efa5340a.56e1.1bbd@mx.google.com>
Message-ID: <5567F578.6090001@riseup.net>

On 05/28/2015 02:12 PM, Juan wrote:
> On Thu, 28 May 2015 00:37:41 -0600
> Mirimir <mirimir at riseup.net> wrote:
> 
>>
>> just about everyone [is] 
>> compromised in one way or another by governments.
> 
> 	Actually, after a little bit of tweaking, yours is a pretty good
> 	description of the current state of affairs. Just about
> 	everyone sees government as legitimate, so yes their software
> 	is compromised.

:)




From juan.g71 at gmail.com  Thu May 28 20:45:13 2015
From: juan.g71 at gmail.com (Juan)
Date: Fri, 29 May 2015 00:45:13 -0300
Subject: the ABC
In-Reply-To: <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
 <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
Message-ID: <5567df72.c105350a.53d8.ffffb66b@mx.google.com>

On Thu, 28 May 2015 19:35:01 -0400
grarpamp <grarpamp at gmail.com> threw up:


> Well duh, if Mills didn't flip out at the party and shoot the damn
> thing after you went all PETA on him, you'd still be happily shit
> cleaning after it to this day, lol.


	Like I said, your mental vomit, drug induced or not, has, like
	zero relevance. 

	Now, go get your check from the tor mafia and spend it wisely. 


	





From bizdevcon at protonmail.ch  Thu May 28 22:21:45 2015
From: bizdevcon at protonmail.ch (BizDevCon)
Date: Fri, 29 May 2015 01:21:45 -0400
Subject: [cryptome] US World Political Jurisdiction
Message-ID: <b97f56fc88ebaf9d15ac87b07dfbca5e@protonmail.ch>

The USA is historically chasing companies and individuals laundering money or paying bribes using "US networks for money transfer" aka SWIFT. One of the most prolific cases with SWIFT was the USA versus the Swiss company ABB. If the USA cannot get a handle they will submit the case back to the country of origin's justice department.


On the first look of the FIFA case it shows that it is mostly about South American individuals and multi-national companies – all having ties back to the USA. It is a developing story though…


– BizDevCon

-------- Original Message --------

Subject: Re: [cryptome] US World Political Jurisdiction

Time (GMT): May 29 2015 04:47:21

From: afalex169 at gmail.com

To: cryptome at freelists.org, cypherpunks at cpunks.org




http://cryptome.org/2015/05/putin-us-fifa-assange-snowden.htm

On the "FIFA CASE", Douglas Rankine wrote some very important words:



As international law develops throughout the world, the power of a global arrest warrant will increase and its jurisdiction and extent and use will also increase. One awaits the day when it will be used against Russia, China or India.  Switzerland is a small country and although having many rich and powerful institutions, is falling far behind the big players on the world scene. Assange, and wiki leaks and reporters and journalists and whistleblowers all over the world, beware, this doctrine applies not only to terrorists, child molesters and criminals. Big brother is not only watching you, but he is recording your every move, and whenever or wherever you get in his way, he will get you...



It relates to many people on this list.

Be aware. Or should I say "be careful"?

.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2376 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150529/97a75b7d/attachment.txt>

From grarpamp at gmail.com  Thu May 28 23:03:31 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 29 May 2015 02:03:31 -0400
Subject: First they came for your multimedia...
In-Reply-To: <CAOsGNSQ9SxZvgJyeMNCgC3jfaKyqYgnOmZMQL+m0TsYWREHUYw@mail.gmail.com>
References: <CAD2Ti28J4Yu4aU-Syue7-+HSmH+XUnN2hciH0p4MHDA09crNpg@mail.gmail.com>
 <CAOsGNSQ9SxZvgJyeMNCgC3jfaKyqYgnOmZMQL+m0TsYWREHUYw@mail.gmail.com>
Message-ID: <CAD2Ti2-qzUPvQKqSc5C9aj=dqoBhOteyGKas+PnBksjZxG73-Q@mail.gmail.com>

On Fri, May 29, 2015 at 1:47 AM, Zenaan Harkness <zen at freedbms.net> wrote:
> Perhaps when it's easy to anonymously collect google advertising
> revenues off your anon site?

Google... doubt it.
The darknets have grown their own internal advertisers
and agencies, powered by bitcoin of course. Some of
the banners for contraband are comical.




From afalex169 at gmail.com  Thu May 28 21:47:21 2015
From: afalex169 at gmail.com (=?UTF-8?B?INCQ0LvQtdC60YHQsNC90LTRgCA=?=)
Date: Fri, 29 May 2015 07:47:21 +0300
Subject: [cryptome] US World Political Jurisdiction
In-Reply-To: <002f01d0997f$3e1defb0$ba59cf10$@co.uk>
References: <002601d09959$8c0dad30$a4290790$@co.uk>
 <002f01d0997f$3e1defb0$ba59cf10$@co.uk>
Message-ID: <CAEm6KbK3vSZqq0+unQiTFhm9yC-bjH1QG0LJisLrdQg0Dxkfhw@mail.gmail.com>

>
> ​http://cryptome.org/2015/05/putin-us-fifa-assange-snowden.htm
> On the "FIFA CASE", Douglas Rankine wrote some very important words:
>
> As international law develops throughout the world, the power of a global
> arrest warrant will increase and its jurisdiction and extent and use will
> also increase. One awaits the day when it will be used against Russia,
> China or India.  Switzerland is a small country and although having many
> rich and powerful institutions, is falling far behind the big players on
> the world scene. Assange, and wiki leaks and reporters and journalists and
> whistleblowers all over the world, beware, this doctrine applies not only
> to terrorists, child molesters and criminals. Big brother is not only
> watching you, but he is recording your every move, and whenever or wherever
> you get in his way, he will get you...
>

It relates to many people on this list.
Be aware. Or should I say "be careful"?
.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1223 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150529/6f7ef652/attachment.txt>

From cathalgarvey at cathalgarvey.me  Fri May 29 03:31:53 2015
From: cathalgarvey at cathalgarvey.me (Cathal Garvey)
Date: Fri, 29 May 2015 11:31:53 +0100
Subject: First they came for your multimedia...
In-Reply-To: <CAD2Ti28J4Yu4aU-Syue7-+HSmH+XUnN2hciH0p4MHDA09crNpg@mail.gmail.com>
References: <CAD2Ti28J4Yu4aU-Syue7-+HSmH+XUnN2hciH0p4MHDA09crNpg@mail.gmail.com>
Message-ID: <55684019.3020706@cathalgarvey.me>

Libgen has an i2p gateway but it's *awfully* configured and keeps 
linking to the clearnet site.

On 28/05/15 17:22, grarpamp wrote:
> http://torrentfreak.com/high-court-orders-uk-isps-to-block-ebook-sites-150527/
>
> http://libgen.org/
> http://en.bookfi.org/
> http://freshwap.ws/
> http://www.freebookspot.es/
> http://ebookee.org/
> http://bookre.org/
> http://avxhome.se/
>
> The multimedia filesharing hubs don't seem to
> be putting up much of legal fight on principle.
> So why do they keep popping up to be whack a mole?
> When will they shift to anonymizing networks
> like I2P, Gnunet, Phantom, Tor?
>

-- 
Scientific Director, IndieBio Irish Programme
  Now running in Cork, Ireland May->July
  Learn more at http://eu.indie.bio and follow along!
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey




From grarpamp at gmail.com  Fri May 29 09:05:33 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 29 May 2015 12:05:33 -0400
Subject: the ABC
In-Reply-To: <5567df72.c105350a.53d8.ffffb66b@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
 <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
 <5567df72.c105350a.53d8.ffffb66b@mx.google.com>
Message-ID: <CAD2Ti283A8fuu9+prXm=CT=N_nZ=0nTJ5yeuOakicwduy6yogw@mail.gmail.com>

On Thu, May 28, 2015 at 11:45 PM, Juan <juan.g71 at gmail.com>
regurgitated his usual:
>

While I may respect your opinions / philosophies, whatever they
may be... I find your consistent lack of depth and breadth rather
boring, and your interpersonal skills in need of improvement.
Others have mentioned similar. Goodbye Juan.




From grarpamp at gmail.com  Fri May 29 09:06:53 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 29 May 2015 12:06:53 -0400
Subject: Who wants to live forever?
Message-ID: <CAD2Ti28G2LmujE5bJTseE=y6yk2KhtwmJtRJwPY+e5Mg6KHtSA@mail.gmail.com>

http://science.slashdot.org/story/15/05/28/2252259/ask-slashdot-what-happens-if-we-perfect-age-reversing
http://science.slashdot.org/story/15/05/28/0036204/scientists-reverse-aging-in-human-cell-lines
https://www.youtube.com/watch?v=I_Qe6yDz1HI




From grarpamp at gmail.com  Fri May 29 10:08:33 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 29 May 2015 13:08:33 -0400
Subject: Of secrets, FOIA, history... and bombs
In-Reply-To: <20150529140812.GB2528@sivokote.iziade.m$>
References: <CAD2Ti29e_JrdUukjHfpk8bEuG7qL9yMpFO2_EjmFNqzzsTSipQ@mail.gmail.com>
 <20150529140812.GB2528@sivokote.iziade.m$>
Message-ID: <CAD2Ti2-rdJ54su4KxEAKWcPzgXp4R4HZgdA=aXUqXy4WRLYHkQ@mail.gmail.com>

On Fri, May 29, 2015 at 10:08 AM, Georgi Guninski <guninski at guninski.com> wrote:
> Well — yes. In modern times, of course.
>     bomb exploded at Alamogordo was the first one to be detonated, as
>     quoted in Doomsday, 1999 A.D. (1982) by Charles Berlitz, p. 129
>
> This came up in searches for ``ancient nuclear wars india''

http://ancientnuclearwar.com/
https://theextinctionprotocol.wordpress.com/2011/07/20/historys-lost-lesson-ancient-nuclear-war-among-indus-valley-civilizations-reexamined/

Another timescale is the rendering and destruction of evidence
of civilization living on or in any mutable surface or layer by natural
geologic / cosmic processes, yet within time sufficient for another
to develop. Poor links but you get the idea.
http://en.wikipedia.org/wiki/Fossil
http://en.wikipedia.org/wiki/Archean
http://en.wikipedia.org/wiki/Weathering




From grarpamp at gmail.com  Fri May 29 10:44:10 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 29 May 2015 13:44:10 -0400
Subject: [cryptome] US World Political Jurisdiction
In-Reply-To: <CAEm6KbK3vSZqq0+unQiTFhm9yC-bjH1QG0LJisLrdQg0Dxkfhw@mail.gmail.com>
References: <002601d09959$8c0dad30$a4290790$@co.uk>
 <002f01d0997f$3e1defb0$ba59cf10$@co.uk>
 <CAEm6KbK3vSZqq0+unQiTFhm9yC-bjH1QG0LJisLrdQg0Dxkfhw@mail.gmail.com>
Message-ID: <CAD2Ti280y7OKWwQx_gOioa64wmRi+TspNeWjEanErNuysz2RAw@mail.gmail.com>

On Fri, May 29, 2015 at 12:47 AM, Александр <afalex169 at gmail.com> wrote:
>> As international law develops throughout the world

> Russia, China or India.  Switzerland

Venezuela, Ecuador, Iraq, Iran, Afghanistan, DPRK, etc

>> he will get you...
>
> Be aware. Or should I say "be careful"?

Beware any "international law" (ahem, USA) going around the
planet "liberating" "democratizing" "partnering" and "treatying"
such alternative and independant jurisdictions out of existance.
Independence and the ability to say fuck off is important, and a
valuable shelter of free thought. Without it you're going to get
screwed by top down homogeneity and arbitrary action sooner
or later. Independance: Making your own food, water, and abode,
and a global climate where "fuck off" is honored and people will
help you if not (a bit difficult to find when killing your own people).




From zen at freedbms.net  Thu May 28 22:47:43 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Fri, 29 May 2015 15:47:43 +1000
Subject: First they came for your multimedia...
In-Reply-To: <CAD2Ti28J4Yu4aU-Syue7-+HSmH+XUnN2hciH0p4MHDA09crNpg@mail.gmail.com>
References: <CAD2Ti28J4Yu4aU-Syue7-+HSmH+XUnN2hciH0p4MHDA09crNpg@mail.gmail.com>
Message-ID: <CAOsGNSQ9SxZvgJyeMNCgC3jfaKyqYgnOmZMQL+m0TsYWREHUYw@mail.gmail.com>

On 5/29/15, grarpamp <grarpamp at gmail.com> wrote:
> http://torrentfreak.com/high-court-orders-uk-isps-to-block-ebook-sites-150527/
>
> http://libgen.org/
> http://en.bookfi.org/
> http://freshwap.ws/
> http://www.freebookspot.es/
> http://ebookee.org/
> http://bookre.org/
> http://avxhome.se/
>
> The multimedia filesharing hubs don't seem to
> be putting up much of legal fight on principle.
> So why do they keep popping up to be whack a mole?
> When will they shift to anonymizing networks
> like I2P, Gnunet, Phantom, Tor?

Perhaps when it's easy to anonymously collect google advertising
revenues off your anon site?




From guninski at guninski.com  Fri May 29 05:58:02 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 29 May 2015 15:58:02 +0300
Subject: [RANT] Karl Rove's confusion about capacity of NSA's Utah data
 center.
In-Reply-To: <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
Message-ID: <20150529125802.GA2528@sivokote.iziade.m$>

On Mon, May 25, 2015 at 01:22:14PM +0900, Lodewijk andré de la porte wrote:
> Is Fox News illegal? You'd say it's illegal to deceive people. The sheer
> quantity of false information on Fox News, and it's popularity, are a
> serious harm to America.
> 
> Is it that free markets only perform properly with rational agents?

Dude, this is a rant.

Why do you want "free markets" when the real world is rooted?

The majority of actors are just "rooted", so they are not
rational, irrational, ... hyper-transcendental, they are "rooted".

Capitalism is good on paper. Socialism is good on paper.

It is the realword implementation that matters, not the ad.

About "free markets":

"free market" is a buzzword, commonly used for spam.

Are banks "free market"?

IMHO banks are pyramids (AKA ponzi scheme).
It is tempting to make a change by going banks go boom,
but this likely will have too much collateral damage for 
people and not for "rooters".

Are "stock markets" free markets?

They are clearly just a gambling place.

-- 
cheers




From juan.g71 at gmail.com  Fri May 29 12:20:21 2015
From: juan.g71 at gmail.com (Juan)
Date: Fri, 29 May 2015 16:20:21 -0300
Subject: the revolution
Message-ID: <5568ba98.0c95340a.8982.fffffc66@mx.google.com>



https://blog.xapo.com/announcing-xapos-advisory-board/



(just in case, yes, the subject is pure sarcasm) 




From juan.g71 at gmail.com  Fri May 29 12:22:00 2015
From: juan.g71 at gmail.com (Juan)
Date: Fri, 29 May 2015 16:22:00 -0300
Subject: the ABC
In-Reply-To: <CAD2Ti283A8fuu9+prXm=CT=N_nZ=0nTJ5yeuOakicwduy6yogw@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
 <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
 <5567df72.c105350a.53d8.ffffb66b@mx.google.com>
 <CAD2Ti283A8fuu9+prXm=CT=N_nZ=0nTJ5yeuOakicwduy6yogw@mail.gmail.com>
Message-ID: <5568bafa.6b5c340a.7c08.042e@mx.google.com>

On Fri, 29 May 2015 12:05:33 -0400
grarpamp <grarpamp at gmail.com> wrote:

> On Thu, May 28, 2015 at 11:45 PM, Juan <juan.g71 at gmail.com>
> regurgitated his usual:
> >
> 
> While I may respect your opinions / philosophies, whatever they
> may be... I find your consistent lack of depth and breadth rather
> boring, and your interpersonal skills in need of improvement.
> Others have mentioned similar. Goodbye Juan.


	You mean the sacks of shit who write your checks? 








From guninski at guninski.com  Fri May 29 07:08:12 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Fri, 29 May 2015 17:08:12 +0300
Subject: Of secrets, FOIA, history... and bombs
In-Reply-To: <CAD2Ti29e_JrdUukjHfpk8bEuG7qL9yMpFO2_EjmFNqzzsTSipQ@mail.gmail.com>
References: <CAD2Ti29e_JrdUukjHfpk8bEuG7qL9yMpFO2_EjmFNqzzsTSipQ@mail.gmail.com>
Message-ID: <20150529140812.GB2528@sivokote.iziade.m$>

On Wed, May 27, 2015 at 08:12:18PM -0400, grarpamp wrote:
> http://blog.nuclearsecrecy.com/2015/01/09/oppenheimer-unredacted-part-i/

Speaking of Oppenheimer, here is a quote from him:

http://en.wikiquote.org/wiki/Robert_Oppenheimer

---
Well — yes. In modern times, of course.

    Answer to a student at Rochester University who asked whether the
    bomb exploded at Alamogordo was the first one to be detonated, as
    quoted in Doomsday, 1999 A.D. (1982) by Charles Berlitz, p. 129
---

This came up in searches for ``ancient nuclear wars india''
(without quotes).





From grarpamp at gmail.com  Fri May 29 15:18:11 2015
From: grarpamp at gmail.com (grarpamp)
Date: Fri, 29 May 2015 18:18:11 -0400
Subject: the ABC
In-Reply-To: <5568bafa.6b5c340a.7c08.042e@mx.google.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
 <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
 <5567df72.c105350a.53d8.ffffb66b@mx.google.com>
 <CAD2Ti283A8fuu9+prXm=CT=N_nZ=0nTJ5yeuOakicwduy6yogw@mail.gmail.com>
 <5568bafa.6b5c340a.7c08.042e@mx.google.com>
Message-ID: <CAD2Ti29MJOD8+n1ctUrdLUbYdUNjukehb+kO60Nh_az8W+AGRw@mail.gmail.com>

On Fri, May 29, 2015 at 3:22 PM, Juan <juan.g71 at gmail.com> wrote:
>         You mean the sacks of shit who write your checks?

Get money.

Also, maildrop is cool, and you've just been demoted...
if (/^From: .*juan\.g71 at gmail\.com.*$/)
 to Mail/trolls




From jdb10987 at yahoo.com  Fri May 29 12:20:42 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Fri, 29 May 2015 19:20:42 +0000 (UTC)
Subject: Darryl W. Perry Calls for Ross Ulbrich to be Pardoned.
Message-ID: <63398408.1635249.1432927242133.JavaMail.yahoo@mail.yahoo.com>


From:  http://www.independentpoliticalreport.com/2015/05/darryl-w-perry-calls-for-ross-ulbricht-to-be-pardoned/ 
  
Darryl W. Perry Calls for Ross Ulbricht to Be Pardoned
Ross UlbrichtFrom Darryl W. Perry’s 2016 presidential campaign website:In 2013 Ross Ulbricht was arrested for allegedly operating the black market website Silk Road. In early 2015 he was found convicted in what was essentially a kangaroo trial, where his attorney was prevented from presenting evidence of government corruption in the case, because of an ongoing investigation. Two of the federal agents investigating the case have since been arrested for fraud and money laundering.Ulbricht’s lead defense attorney Joshua Dratel wrote in a court filing, “In contrast to the government’s portrayal of the Silk Road web site as a more dangerous version of a traditional drug marketplace, in fact the Silk Road web site was in many respects the most responsible such marketplace in history, and consciously and deliberately included recognized harm reduction measures, including access to physician counseling. In addition, transactions on the Silk Road web site were significantly safer than traditional illegal drug purchases, and included quality control and accountability features that made purchasers substantially safer than they were when purchasing drugs in a conventional manner.”Meghan Ralston, a former harm reduction manager for the Drug Policy Alliance says Silk Roadwas “a peaceable alternative to the often deadly violence so commonly associated with the global drug war, and street drug transactions, in particular.”Despite the improprieties in the investigation and the trial, and despite the fact that Ross Ulbricht actually made the black market safer, he will be in prison for a minimum of 20 years. The Ulbricht family has said they plan to appeal the conviction, however they shouldn’t need to do so. Ross Ulbricht should be pardoned, as should all non-violent drug offenders![end of quote]


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6270 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150529/5aff52d7/attachment.txt>

From juan.g71 at gmail.com  Fri May 29 15:39:00 2015
From: juan.g71 at gmail.com (Juan)
Date: Fri, 29 May 2015 19:39:00 -0300
Subject: the ABC
In-Reply-To: <CAD2Ti29MJOD8+n1ctUrdLUbYdUNjukehb+kO60Nh_az8W+AGRw@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
 <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
 <5567df72.c105350a.53d8.ffffb66b@mx.google.com>
 <CAD2Ti283A8fuu9+prXm=CT=N_nZ=0nTJ5yeuOakicwduy6yogw@mail.gmail.com>
 <5568bafa.6b5c340a.7c08.042e@mx.google.com>
 <CAD2Ti29MJOD8+n1ctUrdLUbYdUNjukehb+kO60Nh_az8W+AGRw@mail.gmail.com>
Message-ID: <5568e928.0a73340a.6f95.69f9@mx.google.com>

On Fri, 29 May 2015 18:18:11 -0400
grarpamp <grarpamp at gmail.com> wrote:

> On Fri, May 29, 2015 at 3:22 PM, Juan <juan.g71 at gmail.com> wrote:
> >         You mean the sacks of shit who write your checks?
> 
> Get money.
> 
> Also, maildrop is cool, and you've just been demoted...
> if (/^From: .*juan\.g71 at gmail\.com.*$/)
>  to Mail/trolls


	Isn't this cute? You are not the first government asshole who
	claim that people who are not government assholes must be trolls. 

	Vomit stupid nonsense about 'representative' government (like
	you do) in an allegedly cypherpunk mailing list? That means you
	are a 'respected' 'member' of the 'community'

	Laugh at assholes like you? Ah that's trolling. Yes! self parody at its best.








	





From grarpamp at gmail.com  Sat May 30 01:16:25 2015
From: grarpamp at gmail.com (grarpamp)
Date: Sat, 30 May 2015 04:16:25 -0400
Subject: [tor-talk] [Cryptography] Dark Web should really be called the
 Twilight Web
In-Reply-To: <CAO7N=i2zN5xsVmrwpUbVCRD2Y9_sFun+paANoUo2Ap=hKdeKqw@mail.gmail.com>
References: <CAO7N=i2zN5xsVmrwpUbVCRD2Y9_sFun+paANoUo2Ap=hKdeKqw@mail.gmail.com>
Message-ID: <CAD2Ti29eXZdf9o3FUeKs+R9_2-B205jCuPwg8846A0TxWcc3VQ@mail.gmail.com>

On Fri, May 29, 2015 at 7:02 PM, Ryan Carboni <ryacko at gmail.com> wrote:
>>
>> That's only if you choose to attempt a padding-across-the-net
>> management scope, which is also going to be hard and slow to
>> manage and respond to bandwidth and other net dynamics.
>> (Though this was about GPA, it's probably also vulnerable to
>> endpoint interruption attacks that monitor your stream, unless
>> someone is there making up the padding slack at the far end.)
>> A wide scope seems hard in a low latency demand based net.
>> I'd suggest examining some form of next-hop, next-peer, or link
>> local padding scope negotiated with such peers. If you or your
>> peers get hit with demand, your negotiation distance is shorter.
>>
>
> That would still leak additional information, to a lesser extent.

Passive adversaries see only encrypted traffic, not internal
wheat/chaff ratios.

(If considering active adversaries, which this is not meant to
defend against, to be involved in ratios they would have to run
enough nodes to be over half the full path, no worse than basic
entry to exit correlation today.)

> Regardless, I don't think the TOR network has the bandwidth or

Internet access is generally provisioned and billed as... choose
the max bandwidth you want, pay for it whether you use it or not.
Therefore if you have idle capacity within your max at some moment,
you have the bandwidth to dynamically fill it with padding at no
additional cost. It's not a question of buying more to use as fill,
it's about intelligently filling what you've already comfortably paid for.

The problem of observing when endpoints are sitting idle, or rx/tx,
and how much, often, etc... applies to any network today, not just tor.

> computational capacity for padding.

It doesn't take a supercomputer to calculate this
regarding your logical link to your next hop node...
100Mbps cap - 63Mbps used = 37Mbps fill

> It'd require more bookkeeping.

That's head in sand talk, of course nothing is free.
Mostly bookkeeping autonomously on and by the local node.
Maybe some circuit signaling / publishing to DHT.

Seems to get more complex if you try to scope
it across the net instead of just to your next hops.


There were threads on the subject of fill traffic
a few months back that might be worth reading...
"high latency hidden services"
"traffic analysis"
"traffic analysis -> let's write an RFC?"




From grarpamp at gmail.com  Sat May 30 01:25:30 2015
From: grarpamp at gmail.com (grarpamp)
Date: Sat, 30 May 2015 04:25:30 -0400
Subject: [Cryptography] Dark Web should really be called the Twilight Web
In-Reply-To: <CAMm+LwjdrTQJcq+2fA1VAX1OQuvy4fmhUe36BDRdXmphp5+-GA@mail.gmail.com>
References: <CAMm+Lwg5K2VudO_c3s=P0G0_MCN3aCOeuZ_FAaKRTYLKMzaVvA@mail.gmail.com>
 <CAD2Ti28xG7j6DzULAJNqdEVE30HLktO_MC8w0vRGOH4uUODz5w@mail.gmail.com>
 <CAMm+LwjdrTQJcq+2fA1VAX1OQuvy4fmhUe36BDRdXmphp5+-GA@mail.gmail.com>
Message-ID: <CAD2Ti29U=qr9xAMYr=jtrf8vVa_n2ErSNV=AnTk1nv_VVTXkLA@mail.gmail.com>

On Thu, May 28, 2015 at 3:13 PM, Phillip Hallam-Baker
<phill at hallambaker.com> wrote:
> Fill is very expensive at the network layer but (almost) trivially cheap at
> the link layer. The cost comes in having to think about how much data is
> disclosed in the link layer framing. This is not necessarily a performance
> issue but can certainly be an architectural constraint.

What example do you mean "how much data is disclosed in the link layer framing"?
I thought it was decided months back that encryption would be
needed to prevent disclosure to anyone other than the two link partners.
(And that encrypting the hardware link layer is trivially cheap in silicon.)




From mirimir at riseup.net  Sat May 30 15:13:36 2015
From: mirimir at riseup.net (Mirimir)
Date: Sat, 30 May 2015 16:13:36 -0600
Subject: the ABC
In-Reply-To: <20150530150042.GA2480@sivokote.iziade.m$>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669DA4.1000205@riseup.net> <20150530150042.GA2480@sivokote.iziade.m$>
Message-ID: <556A3610.9060703@riseup.net>

On 05/30/2015 09:00 AM, Georgi Guninski wrote:
> On Wed, May 27, 2015 at 10:46:28PM -0600, Mirimir wrote:
>> On 05/27/2015 10:00 PM, Lodewijk andré de la porte wrote:
>>> 2015-05-28 12:59 GMT+09:00 Juan <juan.g71 at gmail.com>:
>>>
>>>>         Last time I checked the stuff that can be owned(i. e.
>>>>         property) like say a hamburguer a car or a house,  cannot
>>>>         abandon me, destroy me or shape me to its liking.
>>>>
>>>
>>> The joke's on you! Ownership is defined in constitutions, and is not a real
>>> thing at all!
>>
>> According to governments, yes. But according to me, I own anything that
>> I can fuck with :) That is, "ownership" is defined operationally.
>>
> 
> This appears complicated to me.

Not at all.

> Are you familiar with "nationalisation"?

Yes, of course.

> ====
> https://en.wikipedia.org/wiki/Nationalization
> 
> Nationalization (American English), (British and Commonwealth spelling
> nationalisation) is the process of taking a private industry or private
> assets into public ownership by a national government or state.
> ====
> 
> It already happened on at least several occasions in the real world.

If government gangbangers can fuck with stuff, they own it. If
government gangbangers can fuck with people, they own them.




From guninski at guninski.com  Sat May 30 08:00:42 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Sat, 30 May 2015 18:00:42 +0300
Subject: the ABC
In-Reply-To: <55669DA4.1000205@riseup.net>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669DA4.1000205@riseup.net>
Message-ID: <20150530150042.GA2480@sivokote.iziade.m$>

On Wed, May 27, 2015 at 10:46:28PM -0600, Mirimir wrote:
> On 05/27/2015 10:00 PM, Lodewijk andré de la porte wrote:
> > 2015-05-28 12:59 GMT+09:00 Juan <juan.g71 at gmail.com>:
> > 
> >>         Last time I checked the stuff that can be owned(i. e.
> >>         property) like say a hamburguer a car or a house,  cannot
> >>         abandon me, destroy me or shape me to its liking.
> >>
> > 
> > The joke's on you! Ownership is defined in constitutions, and is not a real
> > thing at all!
> 
> According to governments, yes. But according to me, I own anything that
> I can fuck with :) That is, "ownership" is defined operationally.
>

This appears complicated to me.

Are you familiar with "nationalisation"?

====
https://en.wikipedia.org/wiki/Nationalization

Nationalization (American English), (British and Commonwealth spelling
nationalisation) is the process of taking a private industry or private
assets into public ownership by a national government or state.
====

It already happened on at least several occasions in the real world.

-- 
cheers




From jdb10987 at yahoo.com  Sat May 30 12:06:34 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Sat, 30 May 2015 19:06:34 +0000 (UTC)
Subject: 'Stuxnet' attempt against North Korea.
Message-ID: <2123294375.2131140.1433012794550.JavaMail.yahoo@mail.yahoo.com>

>From Reuters
World | Fri May 29, 2015 2:59pm EDTEclusive: U.S. tried Stuxnet-style campaign against North Korea but failed - sourcesSAN FRANCISCO | BY JOSEPH MENNThe United States tried to deploy a version of the Stuxnet computer virus to attack North Korea's nuclear weapons program five years ago but ultimately failed, according to people familiar with the covert campaign.The operation began in tandem with the now-famous Stuxnet attack that sabotaged Iran's nuclear program in 2009 and 2010 by destroying a thousand or more centrifuges that were enriching uranium. Reuters and others have reported that the Iran attack was a joint effort by U.S. and Israeli forces.According to one U.S. intelligence source, Stuxnet's developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.But U.S. agents could not access the core machines that ran Pyongyang's nuclear weapons program, said another source, a former high-ranking intelligence official who was briefed on the program.The official said the National Security Agency-led campaign was stymied by North Korea's utter secrecy, as well as the extreme isolation of its communications systems. A third source, also previously with U.S. intelligence, said he had heard about the failed cyber attack but did not know details.North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open Internet is unknown except to a tiny elite. The country has one main conduit for Internet connections to the outside world, through China.In contrast, Iranians surfed the Net broadly and had interactions with companies from around the globe.A spokeswoman for the NSA declined to comment for this story. The spy agency has previously declined to comment on the Stuxnet attack against Iran.The United States has launched many cyber espionage campaigns, but North Korea is only the second country, after Iran, that the NSA is now known to have targeted with software designed to destroy equipment.Washington has long expressed concerns about Pyongyang's nuclear program, which it says breaches international agreements. North Korea has been hit with sanctions because of its nuclear and missile tests, moves that Pyongyang sees as an attack on its sovereign right to defend itself.U.S. Secretary of State John Kerry said last week that Washington and Beijing were discussing imposing further sanctions on North Korea, which he said was "not even close" to taking steps to end its nuclear program.SIEMENS SOFTWAREExperts in nuclear programs said there are similarities between North Korea and Iran's operations, and the two countries continue to collaborate on military technology.Both countries use a system with P-2 centrifuges, obtained by Pakistani nuclear scientist A.Q. Khan, who is regarded as the father of Islamabad's nuclear bomb, they said.Like Iran, North Korea probably directs its centrifuges with control software developed by Siemens AG that runs on Microsoft Corp's Windows operating system, the experts said. Stuxnet took advantage of vulnerabilities in both the Siemens and Microsoft programs.Because of the overlap between North Korea and Iran's nuclear programs, the NSA would not have had to tinker much with Stuxnet to make it capable of destroying centrifuges in North Korea, if it could be deployed there.Despite modest differences between the programs, "Stuxnet can deal with both of them. But you still need to get it in," said Olli Heinonen, senior fellow at Harvard University's Belfer Center for Science and International Affairs and former deputy director general of the International Atomic Energy Agency.NSA Director Keith Alexander said North Korea's strict limitations on Internet access and human travel make it one of a few nations "who can race out and do damage with relative impunity" since reprisals in cyberspace are so challenging.When asked about Stuxnet, Alexander said he could not comment on any offensive actions taken during his time at the spy agency.David Albright, founder of the Institute for Science and International Security and an authority on North Korea's nuclear program, said U.S. cyber agents probably tried to get toNorth Korea by compromising technology suppliers from Iran, Pakistan or China."There was likely an attempt" to sabotage the North Korean program with software, said Albright, who has frequently written and testified on the country's nuclear ambitions.OLYMPIC GAMESThe Stuxnet campaign against Iran, code-named Olympic Games, was discovered in 2010. It remains unclear how the virus was introduced to the Iranian nuclear facility in Natanz, which was not connected to the Internet.According to cybersecurity experts, Stuxnet was found inside industrial companies in Iranthat were tied to the nuclear effort. As for how Stuxnet got there, a leading theory is that it was deposited by a sophisticated espionage program developed by a team closely allied to Stuxnet's authors, dubbed the Equation Group by researchers at Kaspersky Lab.The U.S. effort got that far in North Korea as well. Though no versions of Stuxnet have been reported as being discovered in local computers, Kaspersky Lab analyst Costin Raiu said that a piece of software related to Stuxnet had turned up in North Korea.Kaspersky had previously reported that the software, digitally signed with one of the same stolen certificates that had been used to install Stuxnet, had been submitted to malware analysis site VirusTotal from an electronic address in China. But Raiu told Reuters his contacts had assured him that it originated in North Korea, where it infected a computer in March or April 2010.Some experts said that even if a Stuxnet attack against North Korea had succeeded, it might not have had that big an impact on its nuclear weapons program. Iran's nuclear sites were well known, whereas North Korea probably has at least one other facility beyond the known Yongbyon nuclear complex, former officials and inspectors said.In addition, North Korea likely has plutonium, which does not require a cumbersome enrichment process depending on the cascading centrifuges that were a fat target for Stuxnet, they said.Jim Lewis, an advisor to the U.S. government on cybersecurity issues and a senior fellow at the Center for Strategic and International Studies, said there are limitations to cyber offense.A cyber attack "is not something you can release and be sure of the results," Lewis said.[end of quote]

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 15740 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150530/d1fe176a/attachment.txt>

From thetransintransgenic at gmail.com  Sat May 30 19:24:45 2015
From: thetransintransgenic at gmail.com (Gadit Bielman)
Date: Sat, 30 May 2015 22:24:45 -0400
Subject: Threat Model: Parents
Message-ID: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>

Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that
they expect are spying on them.
I know that in general, it's impossible to secure a computer that you can't
trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is
almost definitely some sort of product, plus basic things like maybe
looking through their history. (I don't know much about they're situation
-- maybe they know more, so
well-if-you-know-they-do-this-then-you-could-do-this type advice would
still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be
able to scan their computer with like Immunet or something, even if they
didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or
something for website names, which would be way overkill on a commercial
product, no? Or (more likely) if it was taking screenshots at regular
intervals, which would also break running a VM or something. (Is there any
way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the
problem with that is that it's REALLY obvious over-the-shoulder.


Um, thoughts about any of those?
Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm
really interested in what you think/it would potentially help a lot of
people.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1756 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150530/63e08044/attachment.txt>

From mirimir at riseup.net  Sun May 31 00:48:10 2015
From: mirimir at riseup.net (Mirimir)
Date: Sun, 31 May 2015 01:48:10 -0600
Subject: Threat Model: Parents
In-Reply-To: <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
Message-ID: <556ABCBA.7040103@riseup.net>

On 05/31/2015 12:15 AM, Cathal (Phone) wrote:
> Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

That's excellent advice ... to someone who owns the machine. I'd say
also to use LUKS. But maybe here that would dramatically escalate the
confrontation. And there's also the lack of physical security.

Zenaan's advice is more appropriate in a child-parent context. If that's
impossible, the best option is probably doing private stuff elsewhere.

> On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <thetransintransgenic at gmail.com> wrote:
>> Hi.
>>
>> I'm trying to help (probably badly, but..) a friend deal with parents
>> that
>> they expect are spying on them.
>> I know that in general, it's impossible to secure a computer that you
>> can't
>> trust and don't necessarily have administrator privileges to.
>>
>> But their parents are not exactly the NSA -- any spying that's
>> happening is
>> almost definitely some sort of product, plus basic things like maybe
>> looking through their history. (I don't know much about they're
>> situation
>> -- maybe they know more, so
>> well-if-you-know-they-do-this-then-you-could-do-this type advice would
>> still be helpful.)
>>
>> Would antivirus be able to detect spy-on-your-kids products? Would they
>> be
>> able to scan their computer with like Immunet or something, even if
>> they
>> didn't have administrator privileges?
>>
>> Tor would probably help -- unless the monitoring was looking at the RAM
>> or
>> something for website names, which would be way overkill on a
>> commercial
>> product, no? Or (more likely) if it was taking screenshots at regular
>> intervals, which would also break running a VM or something. (Is there
>> any
>> way to detect taking screenshots?)
>>
>> I know probably the best thing would be running TAILS as a LiveCD --
>> the
>> problem with that is that it's REALLY obvious over-the-shoulder.
>>
>>
>> Um, thoughts about any of those?
>> Any other things about parents as a threat model in general?
>>
>> I know this is pretty far from what is usually discussed on here, but
>> I'm
>> really interested in what you think/it would potentially help a lot of
>> people.
> 




From l at odewijk.nl  Sun May 31 03:12:00 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Sun, 31 May 2015 03:12:00 -0700
Subject: Threat Model: Parents
In-Reply-To: <7DBF381E-EA2E-4326-908D-B34B42960D2B@cathalgarvey.me>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
 <556ABCBA.7040103@riseup.net> <20150531105102.6fa436ef@nerv.nsa>
 <7DBF381E-EA2E-4326-908D-B34B42960D2B@cathalgarvey.me>
Message-ID: <CAHWD2r+wyJwH2x+fZ7gBY0DfQdRu+skxZe5=LJBsf4ZpyJ6DZg@mail.gmail.com>

2015-05-31 2:33 GMT-07:00 Cathal (Phone) <cathalgarvey at cathalgarvey.me>:

> I'm not one to call parents who surveil children "Orwellian": a parent's
> job is to prepare a child for the world and protect them from the world.


We are all children of the state



(child is badly defined, the role of parents is culturally defined and not
something logically following from the production of babies, although the
caretaking at least is pretty preprogrammed)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 898 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/98efa788/attachment.txt>

From skquinn at rushpost.com  Sun May 31 01:21:45 2015
From: skquinn at rushpost.com (Shawn K. Quinn)
Date: Sun, 31 May 2015 03:21:45 -0500
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
Message-ID: <1433060505.2863.9.camel@moonpatrol>

On Sat, 2015-05-30 at 22:24 -0400, Gadit Bielman wrote:
> Hi.
> 
> 
> I'm trying to help (probably badly, but..) a friend deal with parents
> that they expect are spying on them.
> I know that in general, it's impossible to secure a computer that you
> can't trust and don't necessarily have administrator privileges to.
> 
This is correct.
> 
> But their parents are not exactly the NSA -- any spying that's
> happening is almost definitely some sort of product, plus basic things
> like maybe looking through their history. (I don't know much about
> they're situation -- maybe they know more, so
> well-if-you-know-they-do-this-then-you-could-do-this type advice would
> still be helpful.)
> 
It could be any number of things. Some ISPs even sell access packages
with "family-friendly" filtering built in. Spyware or logging of sites
accessed wouldn't be too far of a leap from this.
> 
> Would antivirus be able to detect spy-on-your-kids products? Would
> they be able to scan their computer with like Immunet or something,
> even if they didn't have administrator privileges?
> 
By their nature, I would expect most garden variety anti-spyware
packages to not consider "parental control" type tools as spyware and
not detect them. They certainly aren't viruses. I think most
anti-spyware tools on Windows require administrator access to run.
> 
> Tor would probably help -- unless the monitoring was looking at the
> RAM or something for website names, which would be way overkill on a
> commercial product, no? Or (more likely) if it was taking screenshots
> at regular intervals, which would also break running a VM or
> something. (Is there any way to detect taking screenshots?)

There's no easy way to detect screenshots being taken. You would need to
check the local hard disk for copies of the screenshots, and outbound
network traffic for something that could be a screenshot being uploaded.
This is difficult at best without administrator access.
> 
> I know probably the best thing would be running TAILS as a LiveCD --
> the problem with that is that it's REALLY obvious over-the-shoulder.
> 
It would be best, but it may not be possible if the computer is secured
correctly. The parent threat model (as a minor child) is a particularly
tough nut to crack. Even if you subvert the technical spying measures,
there could be consequences for doing so. At least where I live in the
US, minors can't own property legally, so parents can spy on a computer
that  "belongs to" their kids.

If your friend's parents feel the need to spy on his/her Internet
access, there are issues beyond the technological ones. There is a basic
lack of trust on the part of the parents, possibly caused by their poor
parenting of your friend when he/she was younger, that needs to be
addressed. In other words, find out why they feel spying is necessary.
In the meantime, your friend may want to do the majority of his/her
Internet access from the local library; it may not be completely
uncensored but there is a much lower chance of being individually spied
on there.


-- 
Shawn K. Quinn <skquinn at rushpost.com>




From cathalgarvey at cathalgarvey.me  Sat May 30 23:15:36 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Sun, 31 May 2015 07:15:36 +0100
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
Message-ID: <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>

Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <thetransintransgenic at gmail.com> wrote:
>Hi.
>
>I'm trying to help (probably badly, but..) a friend deal with parents
>that
>they expect are spying on them.
>I know that in general, it's impossible to secure a computer that you
>can't
>trust and don't necessarily have administrator privileges to.
>
>But their parents are not exactly the NSA -- any spying that's
>happening is
>almost definitely some sort of product, plus basic things like maybe
>looking through their history. (I don't know much about they're
>situation
>-- maybe they know more, so
>well-if-you-know-they-do-this-then-you-could-do-this type advice would
>still be helpful.)
>
>Would antivirus be able to detect spy-on-your-kids products? Would they
>be
>able to scan their computer with like Immunet or something, even if
>they
>didn't have administrator privileges?
>
>Tor would probably help -- unless the monitoring was looking at the RAM
>or
>something for website names, which would be way overkill on a
>commercial
>product, no? Or (more likely) if it was taking screenshots at regular
>intervals, which would also break running a VM or something. (Is there
>any
>way to detect taking screenshots?)
>
>I know probably the best thing would be running TAILS as a LiveCD --
>the
>problem with that is that it's REALLY obvious over-the-shoulder.
>
>
>Um, thoughts about any of those?
>Any other things about parents as a threat model in general?
>
>I know this is pretty far from what is usually discussed on here, but
>I'm
>really interested in what you think/it would potentially help a lot of
>people.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2249 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/1073465b/attachment.txt>

From 1d09sg+qklt5v8 at guerrillamail.com  Sun May 31 00:39:31 2015
From: 1d09sg+qklt5v8 at guerrillamail.com (1d09sg+qklt5v8 at guerrillamail.com)
Date: Sun, 31 May 2015 07:39:31 +0000
Subject: you
Message-ID: <mailman.4608.1575949124.62801.testlist@lists.cpunks.org>

i hear you like sucking prepubescent 4yo boy penis. what a fucking
loser. die already.



From 1d09sg+qklt5v8 at guerrillamail.com  Sun May 31 00:43:23 2015
From: 1d09sg+qklt5v8 at guerrillamail.com (1d09sg+qklt5v8 at guerrillamail.com)
Date: Sun, 31 May 2015 07:43:23 +0000
Subject: you
Message-ID: <mailman.4609.1575949124.62801.testlist@lists.cpunks.org>

stop watching kiddie porn you sicko.


	





From alexiswattel at gmail.com  Sun May 31 00:51:05 2015
From: alexiswattel at gmail.com (Irving Poe)
Date: Sun, 31 May 2015 09:51:05 +0200
Subject: Threat Model: Parents
In-Reply-To: <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
Message-ID: <CAG1pxbTYak+sEww-Gu5ofE-FcOGAW32dX51npdME77rrq_B-HA@mail.gmail.com>

Hi,

My best guess would be to use their own weapons against them.
Check the history to know what software have they installed. If nothing
shows up, go for the stored cookies, recently opened documents, etc...
There is always a lot of traces remnant to a computer utilization.
Without knowing what their weapon is, you can't do anything. As said, it
can be a hardware keylogger which will prevent any software
countermeasures.

Finding what happened on a computer is called forensics, research it online
to find relevant information, and then with specifying which OS your target
is to find more relevant details.

Good luck, and stay free.

On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <
thetransintransgenic at gmail.com> wrote:
>>
>> Hi.
>>
>> I'm trying to help (probably badly, but..) a friend deal with parents
that they expect are spying on them.
 Wipe the machine, install fresh and clean Linux, and then password lock
the BIOS.

On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <
thetransintransgenic at gmail.com> wrote:
>
> Hi.
>
> I'm trying to help (probably badly, but..) a friend deal with parents that
> they expect are spying on them.
> I know that in general, it's impossible to secure a computer that you
> can't trust and don't necessarily have administrator privileges to.
>
> But their parents are not exactly the NSA -- any spying that's happening
> is almost definitely some sort of product, plus basic things like maybe
> looking through their history. (I don't know much about they're situation
> -- maybe they know more, so
> well-if-you-know-they-do-this-then-you-could-do-this type advice would
> still be helpful.)
>
> Would antivirus be able to detect spy-on-your-kids products? Would they be
> able to scan their computer with like Immunet or something, even if they
> didn't have administrator privileges?
>
> Tor would probably help -- unless the monitoring was looki! ng at the RAM
> or something for website names, which would be way overkill on a commercial
> product, no? Or (more likely) if it was taking screenshots at regular
> intervals, which would also break running a VM or something. (Is there any
> way to detect taking screenshots?)
>
> I know probably the best thing would be running TAILS as a LiveCD -- the
> problem with that is that it's REALLY obvious over-the-shoulder.
>
>
> Um, thoughts about any of those?
> Any other things about parents as a threat model in general?
>
> I know this is pretty far from what is usually discussed on here, but I'm
> really interested in what you think/it would potentially help a lot of
> people.
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3455 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/b9227922/attachment.txt>

From cathalgarvey at cathalgarvey.me  Sun May 31 02:33:04 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Sun, 31 May 2015 10:33:04 +0100
Subject: Threat Model: Parents
In-Reply-To: <20150531105102.6fa436ef@nerv.nsa>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
 <556ABCBA.7040103@riseup.net> <20150531105102.6fa436ef@nerv.nsa>
Message-ID: <7DBF381E-EA2E-4326-908D-B34B42960D2B@cathalgarvey.me>

I'm not one to call parents who surveil children "Orwellian": a parent's job is to prepare a child for the world and protect them from the world. Some parent:child combos are trusting and the children are sane. Others, not; and it is *not* always the parent's fault if their kids aren't well-behaved human beings as teens.

That said, it's a teenager's prerogative to explore what it means to be an adult as they approach the day they take ownership of themselves, and to push boundaries and make mistakes. So, push-back and assertion of self and future rights is normal, too. 

On 31 May 2015 09:51:02 GMT+01:00, nerv <nerv at fastmail.fm> wrote:
>On Sun, 31 May 2015 01:48:10 -0600
>Mirimir <mirimir at riseup.net> wrote:
>
>> On 05/31/2015 12:15 AM, Cathal (Phone) wrote:
>> > Wipe the machine, install fresh and clean Linux, and then password
>> > lock the BIOS.
>> 
>> That's excellent advice ... to someone who owns the machine. I'd say
>> also to use LUKS. But maybe here that would dramatically escalate the
>> confrontation. And there's also the lack of physical security.
>> 
>> Zenaan's advice is more appropriate in a child-parent context. If
>> that's impossible, the best option is probably doing private stuff
>> elsewhere.
>
>I think trying to go against the parents themselves would be a bad idea
>unless you know they can be reasoned with, but having a look seems only
>fair, their children should know to what degree they should trust their
>computer. 
>
>I would personally use software such as process explorer and tcpview to
>get an idea of what is running (assuming they use windows here), but if
>you think the parents may be using something stronger than your usual
>parental control tool maybe booting the system from a live cd and
>having a look at what may be hidden from regular process managers
>(might be a bit extreme, I'm not sure any parent would go that far, but
>it will be pretty effective, and maybe less of a chore. If they really
>are monitoring all activity on the computer they might deduce that they
>are "busted", it might even "incriminate" you once they realize that
>their kids shouldn't know that much about computers.)
>
>In any case, the most likely is that they use some basic software and
>just "manually" check what was the machine used for, so a small
>introduction (if needed) about using computers (and the right
>tools) safely and cleanly might just be enough to stop Orwellian
>parents.
>
>I never contributed to a mailing list before, hope I didn't fucked it
>up 
>Cheers
>
>
>> > On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman
>> > <thetransintransgenic at gmail.com> wrote:
>> >> Hi.
>> >>
>> >> I'm trying to help (probably badly, but..) a friend deal with
>> >> parents that
>> >> they expect are spying on them.
>> >> I know that in general, it's impossible to secure a computer that
>> >> you can't
>> >> trust and don't necessarily have administrator privileges to.
>> >>
>> >> But their parents are not exactly the NSA -- any spying that's
>> >> happening is
>> >> almost definitely some sort of product, plus basic things like
>> >> maybe looking through their history. (I don't know much about
>> >> they're situation
>> >> -- maybe they know more, so
>> >> well-if-you-know-they-do-this-then-you-could-do-this type advice
>> >> would still be helpful.)
>> >>
>> >> Would antivirus be able to detect spy-on-your-kids products? Would
>> >> they be
>> >> able to scan their computer with like Immunet or something, even
>if
>> >> they
>> >> didn't have administrator privileges?
>> >>
>> >> Tor would probably help -- unless the monitoring was looking at
>> >> the RAM or
>> >> something for website names, which would be way overkill on a
>> >> commercial
>> >> product, no? Or (more likely) if it was taking screenshots at
>> >> regular intervals, which would also break running a VM or
>> >> something. (Is there any
>> >> way to detect taking screenshots?)
>> >>
>> >> I know probably the best thing would be running TAILS as a LiveCD
>> >> -- the
>> >> problem with that is that it's REALLY obvious over-the-shoulder.
>> >>
>> >>
>> >> Um, thoughts about any of those?
>> >> Any other things about parents as a threat model in general?
>> >>
>> >> I know this is pretty far from what is usually discussed on here,
>> >> but I'm
>> >> really interested in what you think/it would potentially help a
>> >> lot of people.
>> > 
>
>
>
>-- 
>
>Goto Daichi (nerv) <nerv at fastmail.fm>
>
>-----BEGIN PGP PUBLIC KEY BLOCK-----
>Version: GnuPG v2
>
>mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI
>VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7
>I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1
>vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033
>pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I
>rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu
>ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC
>BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK
>8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3
>uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU
>F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW
>vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9
>qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb
>Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL
>mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR
>NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V
>P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD
>sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp
>YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR
>FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o
>rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1
>5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0
>1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1
>X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI
>hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI=
>=t27C
>-----END PGP PUBLIC KEY BLOCK-----

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5597 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/8bb88c3a/attachment.txt>

From nerv at fastmail.fm  Sun May 31 01:51:02 2015
From: nerv at fastmail.fm (nerv)
Date: Sun, 31 May 2015 10:51:02 +0200
Subject: Threat Model: Parents
In-Reply-To: <556ABCBA.7040103@riseup.net>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
 <556ABCBA.7040103@riseup.net>
Message-ID: <20150531105102.6fa436ef@nerv.nsa>

On Sun, 31 May 2015 01:48:10 -0600
Mirimir <mirimir at riseup.net> wrote:

> On 05/31/2015 12:15 AM, Cathal (Phone) wrote:
> > Wipe the machine, install fresh and clean Linux, and then password
> > lock the BIOS.
> 
> That's excellent advice ... to someone who owns the machine. I'd say
> also to use LUKS. But maybe here that would dramatically escalate the
> confrontation. And there's also the lack of physical security.
> 
> Zenaan's advice is more appropriate in a child-parent context. If
> that's impossible, the best option is probably doing private stuff
> elsewhere.

I think trying to go against the parents themselves would be a bad idea
unless you know they can be reasoned with, but having a look seems only
fair, their children should know to what degree they should trust their
computer. 

I would personally use software such as process explorer and tcpview to
get an idea of what is running (assuming they use windows here), but if
you think the parents may be using something stronger than your usual
parental control tool maybe booting the system from a live cd and
having a look at what may be hidden from regular process managers
(might be a bit extreme, I'm not sure any parent would go that far, but
it will be pretty effective, and maybe less of a chore. If they really
are monitoring all activity on the computer they might deduce that they
are "busted", it might even "incriminate" you once they realize that
their kids shouldn't know that much about computers.)

In any case, the most likely is that they use some basic software and
just "manually" check what was the machine used for, so a small
introduction (if needed) about using computers (and the right
tools) safely and cleanly might just be enough to stop Orwellian
parents.

I never contributed to a mailing list before, hope I didn't fucked it
up 
Cheers


> > On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman
> > <thetransintransgenic at gmail.com> wrote:
> >> Hi.
> >>
> >> I'm trying to help (probably badly, but..) a friend deal with
> >> parents that
> >> they expect are spying on them.
> >> I know that in general, it's impossible to secure a computer that
> >> you can't
> >> trust and don't necessarily have administrator privileges to.
> >>
> >> But their parents are not exactly the NSA -- any spying that's
> >> happening is
> >> almost definitely some sort of product, plus basic things like
> >> maybe looking through their history. (I don't know much about
> >> they're situation
> >> -- maybe they know more, so
> >> well-if-you-know-they-do-this-then-you-could-do-this type advice
> >> would still be helpful.)
> >>
> >> Would antivirus be able to detect spy-on-your-kids products? Would
> >> they be
> >> able to scan their computer with like Immunet or something, even if
> >> they
> >> didn't have administrator privileges?
> >>
> >> Tor would probably help -- unless the monitoring was looking at
> >> the RAM or
> >> something for website names, which would be way overkill on a
> >> commercial
> >> product, no? Or (more likely) if it was taking screenshots at
> >> regular intervals, which would also break running a VM or
> >> something. (Is there any
> >> way to detect taking screenshots?)
> >>
> >> I know probably the best thing would be running TAILS as a LiveCD
> >> -- the
> >> problem with that is that it's REALLY obvious over-the-shoulder.
> >>
> >>
> >> Um, thoughts about any of those?
> >> Any other things about parents as a threat model in general?
> >>
> >> I know this is pretty far from what is usually discussed on here,
> >> but I'm
> >> really interested in what you think/it would potentially help a
> >> lot of people.
> > 



-- 

Goto Daichi (nerv) <nerv at fastmail.fm>

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI
VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7
I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1
vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033
pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I
rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu
ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC
BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK
8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3
uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU
F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW
vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9
qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb
Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL
mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR
NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V
P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD
sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp
YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR
FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o
rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1
5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0
1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1
X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI
hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI=
=t27C
-----END PGP PUBLIC KEY BLOCK-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/b075900f/attachment.sig>

From thetransintransgenic at gmail.com  Sun May 31 10:17:47 2015
From: thetransintransgenic at gmail.com (Gadit Bielman)
Date: Sun, 31 May 2015 13:17:47 -0400
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
Message-ID: <CADVTH4JWF1DxfSJAd-JdCXs=e8nUFpktUB2Ng3ToMCAisGKUEg@mail.gmail.com>

On Sat, May 30, 2015 at 10:24 PM, Gadit Bielman <
thetransintransgenic at gmail.com> wrote:

> Hi.
>
> I'm trying to help (probably badly, but..) a friend deal with parents that
> they expect are spying on them.
> I know that in general, it's impossible to secure a computer that you
> can't trust and don't necessarily have administrator privileges to.
>
> But their parents are not exactly the NSA -- any spying that's happening
> is almost definitely some sort of product, plus basic things like maybe
> looking through their history. (I don't know much about they're situation
> -- maybe they know more, so
> well-if-you-know-they-do-this-then-you-could-do-this type advice would
> still be helpful.)
>
> Would antivirus be able to detect spy-on-your-kids products? Would they be
> able to scan their computer with like Immunet or something, even if they
> didn't have administrator privileges?
>
> Tor would probably help -- unless the monitoring was looking at the RAM or
> something for website names, which would be way overkill on a commercial
> product, no? Or (more likely) if it was taking screenshots at regular
> intervals, which would also break running a VM or something. (Is there any
> way to detect taking screenshots?)
>
> I know probably the best thing would be running TAILS as a LiveCD -- the
> problem with that is that it's REALLY obvious over-the-shoulder.
>
>
> Um, thoughts about any of those?
> Any other things about parents as a threat model in general?
>
> I know this is pretty far from what is usually discussed on here, but I'm
> really interested in what you think/it would potentially help a lot of
> people.
>

Okay so I've gotten a few responses to this, so just to clear a few things
up:

-- I don't know this person IRL -- I'm giving them advice over online, so
can't look at their computer, give them anything, etc.
-- I don't know what spyware program is being used, that is one of the "can
someone/how can someone do this" questions I am asking

And one major thing, which forgive me for getting kind of annoyed but
literally everyone has either directly suggested this or ignored the issue:
Parents monitoring/spying on their kids is VERY OFTEN part of an abusive or
nearly abusive relationship.
If "Just talk to them" was an option, I can GUARANTEE they would already
have taken it to the best of their ability.
"Just talk to them and install linux -winkyface-" is NOT a workable answer.
Parents have a HUGE amount of coercive power and are NOT shy about using
it.

And for that matter, "wipe it and install linux" is really unlikely to work
either. Rubberhose Cryptoanalysis is in full play here -- a PRIMARY goal is
"hide it from your parents as much as possible", because confiscating your
computer for arbitrary periods of time is ALWAYS AN OPTION. If they find
something password protected, they are totally capable of just saying
"haha, stop playing around, you're grounded and we're confiscating the
computer until you stop being unreasonable and give us the password".
Also, an arbitrary kid at home isn't gonna be able to just install Linux.
Linux requires you to /know what you're doing on Linux/, and these kids
have their hands full dealing will everything else their parents overbear
already.


Thought outline::
-- Find out or narrow down the ways their parent might be monitoring them
software-wise
---- Is there Spyware installed on the computer itself?
------ detecting: is there a list they can look through "My Programs" to
see if any matches? Would doing a full scan with a free antivirus detect
them as spyware, or would there be "this is a commercial product for
parents" exception to the lists?
------ assessing: if they can find which spyware is being use they can just
look up the capabilities. But if they can't? What capabilities do most
child-spyware products have? Is it possible to narrow down by price-range
for what they can afford?
---- Is there spyware running on the network? Traffic monitoring and stuff?
------ That's harder to find, but using the Tor Browser should completely
negate that
---- bypassing softwarewise-things:
------ depends entirely on the capabilities. At the most simple, they can
be bypassed by just not using the normal browser. More complicated and I
can totally imagine a Superfish-like-thing monitoring all internet traffic
-- even HTTPS -- for keywords. Is constant screencapture a common feature
that we need to worry about?
-- Non-software-based things:
---- Manually looking through browser history: again, Tor Browser doesn't
keep history
---- Demanding access to email account: use one for school/parent-friendly
stuff, and create a secret one.
---- What else is there?


e.g.: Here's the parental controls/monitoring built into Windows 8:
http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity
(For the specific case that I'm asking about, I don't think they have
Windows 8, but other versions of Windows probably have similar capabilities)
And here's a top-ten comparison for child-spying software:
http://parental-software-review.toptenreviews.com/

Would that be able to track the websites visited by the Tor Browser?

So specific questions to start:
What if any free antivirus, running with user permissions, would detect
commercial spy-on-your-child-ware?

If they're running a LiveCD/LiveUSB (you're right, probably USB -- faster,
more common, easier to excuse for, and persistence), how well can it be
disguised as the original operating system? How much of that work can be
done by people who aren't the child, so that the child can have as much of
a plug-and-play experience as possible?

Besides actively taking screenshots, are there any other potential issues
for the Tor Browser? e.g. is looking at RAM (unlikely for a commercial
parent-spy software?), scanning throughout the entire filesystem looking
for bookmarks (Also seems over the top if the Tor Browser is kept in a
not-completely-obvious location?), other capabilities?



Again, I don't know them at all IRL, so I can't look at their machine, help
them install/inspect things, etc.

And in general, I think it would be really valuable if we can create
will-work-for-70+%-of-people tactics that a kid/teen online can take to get
around their parents, so it would be great if we mapped out more a general
threat model for parents, and possible responses to that.

Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8838 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/01103426/attachment.txt>

From otr at riseup.net  Sun May 31 10:19:21 2015
From: otr at riseup.net (Barton Gellman)
Date: Sun, 31 May 2015 13:19:21 -0400
Subject: Threat model: Parents
In-Reply-To: <mailman.1.1433088002.27322.cypherpunks@cpunks.org>
References: <mailman.1.1433088002.27322.cypherpunks@cpunks.org>
Message-ID: <0319A321-61B5-491A-AB8C-6E8C338F8DC7@riseup.net>

Honestly, people, some of these suggestions are like a parody of geek advice to civilians ;-)

The kid will soon hit upon the same practical solution that his or her peers all use: the smartphone (preferably with a VPN like Freedome), plus browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will escalate the real-life threat, and the kid's defenses will fall quickly to the parental equivalent of that XKCD password cartoon. 

If the kid has a need for full size keyboard and screen, and has a few more technical chops than most, there are some alternatives:

 * Boot up Tails in Windows camouflage mode. Choose More Options at boot. Shoulder surfing will probably bust him/her anyway, sooner or later. 
 * Make one of those WinPE Windows USB drives, if real Windows is required. Last time I looked this wasn't that easy. 
 * Get a small, fast external drive and install the OS of choice. If the host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine to the external drive, or do a fresh installation there. For Linux, choose your flavor. 
  * Get a Raspberry Pi and hook it to the keyboard and screen, at times when you don't expect interruption. 
  * A virtual machine may be possible on the monitored host, if the required drivers are already present. Probably not. See  http://www.vbox.me/. If anyone knows a VM that works without admin rights, speak up. 

Bart

Barton Gellman
@bartongellman
bartongellman.con

On May 31, 2015, at 12:00 PM, cypherpunks-request at cpunks.org wrote:

>>> On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <thetransintransgenic at gmail.com> wrote:
>>> Hi.
>>> 
>>> I'm trying to help (probably badly, but..) a friend deal with parents
>>> that
>>> they expect are spying on them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2865 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/dad87ca8/attachment.txt>

From cathalgarvey at cathalgarvey.me  Sun May 31 05:25:28 2015
From: cathalgarvey at cathalgarvey.me (Cathal (Phone))
Date: Sun, 31 May 2015 13:25:28 +0100
Subject: Threat Model: Parents
In-Reply-To: <CAHWD2r+wyJwH2x+fZ7gBY0DfQdRu+skxZe5=LJBsf4ZpyJ6DZg@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
 <556ABCBA.7040103@riseup.net> <20150531105102.6fa436ef@nerv.nsa>
 <7DBF381E-EA2E-4326-908D-B34B42960D2B@cathalgarvey.me>
 <CAHWD2r+wyJwH2x+fZ7gBY0DfQdRu+skxZe5=LJBsf4ZpyJ6DZg@mail.gmail.com>
Message-ID: <8F593FF1-1B4D-4526-A036-51032316F4CD@cathalgarvey.me>

FWIW then, though this is a miresome digression, I mean by "Parent" the "person whose responsibility it is the welfare and upbringing of the child". Guardian, foster, whatever.

On 31 May 2015 11:12:00 GMT+01:00, "Lodewijk andré de la porte" <l at odewijk.nl> wrote:
>2015-05-31 2:33 GMT-07:00 Cathal (Phone)
><cathalgarvey at cathalgarvey.me>:
>
>> I'm not one to call parents who surveil children "Orwellian": a
>parent's
>> job is to prepare a child for the world and protect them from the
>world.
>
>
>We are all children of the state
>
>
>
>(child is badly defined, the role of parents is culturally defined and
>not
>something logically following from the production of babies, although
>the
>caretaking at least is pretty preprogrammed)

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1508 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/eaee7bce/attachment.txt>

From softservant at gmail.com  Sun May 31 13:52:22 2015
From: softservant at gmail.com (Softy)
Date: Sun, 31 May 2015 13:52:22 -0700
Subject: Threat Model: Parents
Message-ID: <CAGkjMSO2dPU27pT1XHHn3S0sjbSw-C3c9LxAjAdF_2SPzB9QGg@mail.gmail.com>

Several responses have stated, and questioned, the children's rights
accessing the Internet.  Yes, with supervision.  What all the responses
have missed is the lack of distinction between communication and email.
Claiming a child has a right to private extra-familial communications is as
divided as the general access to the Internet.  With supervision, without
any more or less privacy than the child has in non-virtual communications.

And, what hasn't been connected to deciding on the level of supervision,
the developmental state of the child is highly relevant.

Claiming a child merits access - with or without supervision - can only be
made by the primary custodians of the child.

We wish to ignore this subtlety because we wish to ignore Society's
overbearing on all of us.

The result in this specific scenario is, regardless of the child, the
custodians require and merit a higher degree of technical faculty.  To
presume it is less than the childs is a mistake.  Along with this ability
comes the burden of communication: to provide an appropriate example.  As
with many non-virtual counterparts:   many failure.  such sad.

Why should this medium of bits be different?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2277 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/737d78e1/attachment.txt>

From jya at pipeline.com  Sun May 31 10:58:26 2015
From: jya at pipeline.com (John Young)
Date: Sun, 31 May 2015 13:58:26 -0400
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4JWF1DxfSJAd-JdCXs=e8nUFpktUB2Ng3ToMCAisGKUEg@mail.g
 mail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <CADVTH4JWF1DxfSJAd-JdCXs=e8nUFpktUB2Ng3ToMCAisGKUEg@mail.gmail.com>
Message-ID: <E1Yz7Ui-0002NT-EL@elasmtp-dupuy.atl.sa.earthlink.net>

Now you're talking vulture capital capabilities, 
if you can answer these questions
millions of dollars and users await your products, thanks to Edward Snowden.

Consider asking the coach, pastor, BFF, mentor, online advisor (no offense
Gadit but you fit the predator profile) to take you home to use his/hers/trans
computer which will have the  latest cloaking tools, including those which
block, divert, trash, evade, deep six, 
anon-legionize, the most devilish meddlers
promoting villainous affairs to advance their 
villainous careers, aka kiddie porn
watchdogs tutored by natsec spooks. Prepare to be stripped naked in the sauna,
like Jake Appelbaum, like beloved overseers of all stripes, phones into the
lead-lined chest, to guard against you being a babe to entrap the beloved
wizened overseer (sorry Bart, no offense but you fit Jake's profile).

Cpunk archivist popped up when this topic tripped its sensor to say hear ye,
this is the 4,096th time the helpless kid bait has been set here. Undercover
careers begin with tapping into online fora to test homebrewed mousetraps,
the most common being a kid with troubled parents, next most Tempest signals
being emanated by latest, most compulsive child bewitched by the awesome
freedom of personal devices, next ex-spies with unbelievable stuff to shatter
the empire of those who know shit shoveling into into those whose diet is
limited to shinola.

If you advise the kid to stay away from personal devices connected to the
rest of the world, that will get you a visit from 
connection authorities accusing
you of treason. Show your credentials by yelling accessible encryption.

At 01:17 PM 5/31/2015, you wrote:
>On Sat, May 30, 2015 at 10:24 PM, Gadit Bielman 
><<mailto:thetransintransgenic at gmail.com>thetransintransgenic at gmail.com> wrote:
>Hi.
>
>I'm trying to help (probably badly, but..) a 
>friend deal with parents that they expect are spying on them.
>I know that in general, it's impossible to 
>secure a computer that you can't trust and don't 
>necessarily have administrator privileges to.
>
>But their parents are not exactly the NSA -- any 
>spying that's happening is almost definitely 
>some sort of product, plus basic things like 
>maybe looking through their history. (I don't 
>know much about they're situation -- maybe they 
>know more, so 
>well-if-you-know-they-do-this-then-you-could-do-this 
>type advice would still be helpful.)
>
>Would antivirus be able to detect 
>spy-on-your-kids products? Would they be able to 
>scan their computer with like Immunet or 
>something, even if they didn't have administrator privileges?
>
>Tor would probably help -- unless the monitoring 
>was looking at the RAM or something for website 
>names, which would be way overkill on a 
>commercial product, no? Or (more likely) if it 
>was taking screenshots at regular intervals, 
>which would also break running a VM or 
>something. (Is there any way to detect taking screenshots?)
>
>I know probably the best thing would be running 
>TAILS as a LiveCD -- the problem with that is 
>that it's REALLY obvious over-the-shoulder.
>
>
>Um, thoughts about any of those?
>Any other things about parents as a threat model in general?
>
>I know this is pretty far from what is usually 
>discussed on here, but I'm really interested in 
>what you think/it would potentially help a lot of people.
>
>
>Okay so I've gotten a few responses to this, so just to clear a few things up:
>
>-- I don't know this person IRL -- I'm giving 
>them advice over online, so can't look at their 
>computer, give them anything, etc.
>-- I don't know what spyware program is being 
>used, that is one of the "can someone/how can 
>someone do this" questions I am asking
>
>And one major thing, which forgive me for 
>getting kind of annoyed but literally everyone 
>has either directly suggested this or ignored the issue:
>Parents monitoring/spying on their kids is VERY 
>OFTEN part of an abusive or nearly abusive relationship.
>If "Just talk to them" was an option, I can 
>GUARANTEE they would already have taken it to the best of their ability.
>"Just talk to them and install linux -winkyface-" is NOT a workable answer.
>Parents have a HUGE amount of coercive power and are NOT shy about using it.Â
>
>And for that matter, "wipe it and install linux" 
>is really unlikely to work either. Rubberhose 
>Cryptoanalysis is in full play here -- a PRIMARY 
>goal is "hide it from your parents as much as 
>possible", because confiscating your computer 
>for arbitrary periods of time is ALWAYS AN 
>OPTION. If they find something password 
>protected, they are totally capable of just 
>saying "haha, stop playing around, you're 
>grounded and we're confiscating the computer 
>until you stop being unreasonable and give us the password".
>Also, an arbitrary kid at home isn't gonna be 
>able to just install Linux. Linux requires you 
>to /know what you're doing on Linux/, and these 
>kids have their hands full dealing will 
>everything else their parents overbear already.
>
>
>Thought outline::
>-- Find out or narrow down the ways their parent 
>might be monitoring them software-wise
>---- Is there Spyware installed on the computer itself?
>------ detecting: is there a list they can look 
>through "My Programs" to see if any matches? 
>Would doing a full scan with a free antivirus 
>detect them as spyware, or would there be "this 
>is a commercial product for parents" exception to the lists?
>------ assessing: if they can find which spyware 
>is being use they can just look up the 
>capabilities. But if they can't? What 
>capabilities do most child-spyware products 
>have? Is it possible to narrow down by price-range for what they can afford?
>---- Is there spyware running on the network? Traffic monitoring and stuff?
>------ That's harder to find, but using the Tor 
>Browser should completely negate that
>---- bypassing softwarewise-things:
>------ depends entirely on the capabilities. At 
>the most simple, they can be bypassed by just 
>not using the normal browser. More complicated 
>and I can totally imagine a Superfish-like-thing 
>monitoring all internet traffic -- even HTTPS -- 
>for keywords. Is constant screencapture a common 
>feature that we need to worry about?
>-- Non-software-based things:
>---- Manually looking through browser history: 
>again, Tor Browser doesn't keep history
>---- Demanding access to email account: use one 
>for school/parent-friendly stuff, and create a secret one.
>---- What else is there?
>
>
>e.g.: Here's the parental controls/monitoring 
>built into Windows 8:Â 
><http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity>http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity
>(For the specific case that I'm asking about, I 
>don't think they have Windows 8, but other 
>versions of Windows probably have similar capabilities)
>And here's a top-ten comparison for child-spying 
>software:Â 
><http://parental-software-review.toptenreviews.com/>http://parental-software-review.toptenreviews.com/
>
>Would that be able to track the websites visited by the Tor Browser?
>
>So specific questions to start:
>What if any free antivirus, running with user 
>permissions, would detect commercial spy-on-your-child-ware?
>
>If they're running a LiveCD/LiveUSB (you're 
>right, probably USB -- faster, more common, 
>easier to excuse for, and persistence), how well 
>can it be disguised as the original operating 
>system? How much of that work can be done by 
>people who aren't the child, so that the child 
>can have as much of a plug-and-play experience as possible?
>
>Besides actively taking screenshots, are there 
>any other potential issues for the Tor Browser? 
>e.g. is looking at RAM (unlikely for a 
>commercial parent-spy software?), scanning 
>throughout the entire filesystem looking for 
>bookmarks (Also seems over the top if the Tor 
>Browser is kept in a not-completely-obvious location?), other capabilities?
>
>
>
>Again, I don't know them at all IRL, so I can't 
>look at their machine, help them install/inspect things, etc.
>
>And in general, I think it would be really 
>valuable if we can create 
>will-work-for-70+%-of-people tactics that a 
>kid/teen online can take to get around their 
>parents, so it would be great if we mapped out 
>more a general threat model for parents, and possible responses to that.
>
>Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8796 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/a6cea1a4/attachment.txt>

From zen at freedbms.net  Sat May 30 21:46:17 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Sun, 31 May 2015 14:46:17 +1000
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
Message-ID: <CAOsGNSRL6X+bF3DQdQ=2b3ecKgE_EeYUUJDHJ8yktwMEfWLeHg@mail.gmail.com>

On 5/31/15, Gadit Bielman <thetransintransgenic at gmail.com> wrote:
> Hi.

For starters, you have to get off of proprietary software (such as
Windows or Mac) - so, for a student, this could be a good exploratory
learning opportunity. This implies some rational conversation with
said parents.

The best advice is to expect no silver bullet - expect to have to
learn a lot if you want some semblance of control over your computing
environment.

Depending on the situation, there could be a USB keyboard logger -
which may or may not be visually detectable by a cursory outside
glance.

Above all, I suggest endeavouring to begin conversations with said
parents, and ideally take an interest in a libre software operating
system - Whonix and Qubes may be a good place to start, but really,
any GNU/Linux or even *BSD OS is a huge step up from all proprietary
software in existence.

Go with a bootable live USB stick, generally faster than a live bootable DVD.

And get comfy with Truecrypt 7.1a for storing all data to create a
persistence layer. This way, as long as the hardware itself is not
compromised (eg USB keylogger), then you will have some semblance of
independence from the hardware, and as a bonus will be able to
trivially carry your computing environment with you wherever you go -
just beware the hardware of course.

A good part of relationships happen in conversations. If at all
possible, settle ones emotions (such as anger and frustration) and
start having real conversations with said parents. Long term, we want
healthy relationships, not life sucking adversarial relationships.

Good luck,
Zenaan




From thetransintransgenic at gmail.com  Sun May 31 12:35:27 2015
From: thetransintransgenic at gmail.com (Gadit Bielman)
Date: Sun, 31 May 2015 15:35:27 -0400
Subject: Threat model: Parents
In-Reply-To: <0319A321-61B5-491A-AB8C-6E8C338F8DC7@riseup.net>
References: <mailman.1.1433088002.27322.cypherpunks@cpunks.org>
 <0319A321-61B5-491A-AB8C-6E8C338F8DC7@riseup.net>
Message-ID: <CADVTH4LwP1daBwfSvjaSFDgbqGuNJXe-O+DzP3C8FTUL4yRQRw@mail.gmail.com>

Heh. Yeah, parents don't even need to try to find a 5$ wrench.

There are smartphone-spying stuff, also, though. (*cough-mSpy-cough*
http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/
)
Are there any strategies to detecting that?

Also, money/resources is a major issue in this threat model -- I don't see
it likely that a child/teenager will feel like 35$/year for a little more
security is worth it. I'm not even sure if I wanna assume they'll be able
to put down 50$ for a Raspberry Pi and USB mouse and Keyboard.

Using some sort of VM sounds like the best solution, because it allows for
just minimizing when parents come to look. Unless, again, there is
screenshotting going on -- in which case, how would you detect that, maybe
running Tails as a VM and doing something that would definitely draw the
parents but not compromise much in terms of online friendgroup,
gender/sexual orientation they might be hiding, etc. Maybe looking at porn?
That would have to take into account the consequences of that vs. the value
of knowing that parents aren't looking.

But "VMs require specific drivers", I didn't know that. Shoot.

I wonder how well you could avoid problems by just using something like a
Tails LiveUSB at night...

On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr at riseup.net> wrote:

> Honestly, people, some of these suggestions are like a parody of geek
> advice to civilians ;-)
>
> The kid will soon hit upon the same practical solution that his or her
> peers all use: the smartphone (preferably with a VPN like Freedome), plus
> browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will
> escalate the real-life threat, and the kid's defenses will fall quickly to
> the parental equivalent of that XKCD password cartoon.
>
> If the kid has a need for full size keyboard and screen, and has a few
> more technical chops than most, there are some alternatives:
>
>  * Boot up Tails in Windows camouflage mode. Choose More Options at boot.
> Shoulder surfing will probably bust him/her anyway, sooner or later.
>  * Make one of those WinPE Windows USB drives, if real Windows is
> required. Last time I looked this wasn't that easy.
>  * Get a small, fast external drive and install the OS of choice. If the
> host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine
> to the external drive, or do a fresh installation there. For Linux, choose
> your flavor.
>   * Get a Raspberry Pi and hook it to the keyboard and screen, at times
> when you don't expect interruption.
>   * A virtual machine may be possible on the monitored host, if the
> required drivers are already present. Probably not. See
> http://www.vbox.me/. If anyone knows a VM that works without admin
> rights, speak up.
>
> Bart
>
> Barton Gellman
> @bartongellman
> bartongellman.con
>
> On May 31, 2015, at 12:00 PM, cypherpunks-request at cpunks.org wrote:
>
> On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <
> thetransintransgenic at gmail.com> wrote:
>
> Hi.
>
>
> I'm trying to help (probably badly, but..) a friend deal with parents
>
> that
>
> they expect are spying on them.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4715 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/65d7170f/attachment.txt>

From juan.g71 at gmail.com  Sun May 31 11:50:23 2015
From: juan.g71 at gmail.com (Juan)
Date: Sun, 31 May 2015 15:50:23 -0300
Subject: the ABC
In-Reply-To: <CAD2Ti29MJOD8+n1ctUrdLUbYdUNjukehb+kO60Nh_az8W+AGRw@mail.gmail.com>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669892.4e8a340a.b5f6.ffffac74@mx.google.com>
 <CAHWD2rJ58O0ZdB8=zLLWu6OXAqAjODk2dt_Kak6_W_So8D5DcA@mail.gmail.com>
 <CAOsGNSR_g4E6Ds_2JAg2FSkSMZxBzv_ghYNFQec2ck366Wg3Yg@mail.gmail.com>
 <5566B7B5.5070300@riseup.net>
 <55677555.efa5340a.56e1.1bbd@mx.google.com>
 <CAD2Ti2_H7cV5XHdAdjtiyw+Fy28pN1jpBudKdHSKZn=Rv_bnZw@mail.gmail.com>
 <5567df72.c105350a.53d8.ffffb66b@mx.google.com>
 <CAD2Ti283A8fuu9+prXm=CT=N_nZ=0nTJ5yeuOakicwduy6yogw@mail.gmail.com>
 <5568bafa.6b5c340a.7c08.042e@mx.google.com>
 <CAD2Ti29MJOD8+n1ctUrdLUbYdUNjukehb+kO60Nh_az8W+AGRw@mail.gmail.com>
Message-ID: <556b568b.a716340a.1a24.ffffcc54@mx.google.com>


lol! I got this either from 'grarpamp' or a similar tor-tard 


----------------------




From thetransintransgenic at gmail.com  Sun May 31 13:07:42 2015
From: thetransintransgenic at gmail.com (Gadit Bielman)
Date: Sun, 31 May 2015 16:07:42 -0400
Subject: Threat model: Parents
In-Reply-To: <556B663D.1020702@cs.helsinki.fi>
References: <mailman.1.1433088002.27322.cypherpunks@cpunks.org>
 <0319A321-61B5-491A-AB8C-6E8C338F8DC7@riseup.net>
 <CADVTH4LwP1daBwfSvjaSFDgbqGuNJXe-O+DzP3C8FTUL4yRQRw@mail.gmail.com>
 <556B663D.1020702@cs.helsinki.fi>
Message-ID: <CADVTH4LEufVqmCTRABE6L9QnoM=Mi-fEH5p_oiMBnjZqz9vFPw@mail.gmail.com>

DO children have any legal right to privacy from their parents (on
officially parent-owned devices)?

On Sun, May 31, 2015 at 3:51 PM, Markus Ottela <oottela at cs.helsinki.fi>
wrote:

>  Has the kid been told about his/her legal right to privacy from his/her
> parents?
>
> The most useful suggestion up until now has been use of Tails LiveUSB w/
> persistence.
> I'm not sure if Truecrypt is still bundled with Tails. If not, keeping the
> installer inside persistent volume isn't that inconvenient and use of
> steganographic volumes helps with the 5-dollar wrench problem.
>
> The kid has the right to be curious about computing, programming and
> whatnot, so it should be straightforward to explain why the distro needs to
> be installed. Avoiding the privacy side of discussion might also be
> beneficial.
>
>
> On 31.05.2015 22:35, Gadit Bielman wrote:
>
> Heh. Yeah, parents don't even need to try to find a 5$ wrench.
>
>  There are smartphone-spying stuff, also, though. (*cough-mSpy-cough*
> http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/
> )
> Are there any strategies to detecting that?
>
>  Also, money/resources is a major issue in this threat model -- I don't
> see it likely that a child/teenager will feel like 35$/year for a little
> more security is worth it. I'm not even sure if I wanna assume they'll be
> able to put down 50$ for a Raspberry Pi and USB mouse and Keyboard.
>
>  Using some sort of VM sounds like the best solution, because it allows
> for just minimizing when parents come to look. Unless, again, there is
> screenshotting going on -- in which case, how would you detect that, maybe
> running Tails as a VM and doing something that would definitely draw the
> parents but not compromise much in terms of online friendgroup,
> gender/sexual orientation they might be hiding, etc. Maybe looking at porn?
> That would have to take into account the consequences of that vs. the value
> of knowing that parents aren't looking.
>
>  But "VMs require specific drivers", I didn't know that. Shoot.
>
>  I wonder how well you could avoid problems by just using something like
> a Tails LiveUSB at night...
>
> On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr at riseup.net> wrote:
>
>>   Honestly, people, some of these suggestions are like a parody of geek
>> advice to civilians ;-)
>>
>>  The kid will soon hit upon the same practical solution that his or her
>> peers all use: the smartphone (preferably with a VPN like Freedome), plus
>> browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will
>> escalate the real-life threat, and the kid's defenses will fall quickly to
>> the parental equivalent of that XKCD password cartoon.
>>
>>  If the kid has a need for full size keyboard and screen, and has a few
>> more technical chops than most, there are some alternatives:
>>
>>   * Boot up Tails in Windows camouflage mode. Choose More Options at
>> boot. Shoulder surfing will probably bust him/her anyway, sooner or later.
>>  * Make one of those WinPE Windows USB drives, if real Windows is
>> required. Last time I looked this wasn't that easy.
>>  * Get a small, fast external drive and install the OS of choice. If the
>> host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine
>> to the external drive, or do a fresh installation there. For Linux, choose
>> your flavor.
>>   * Get a Raspberry Pi and hook it to the keyboard and screen, at times
>> when you don't expect interruption.
>>   * A virtual machine may be possible on the monitored host, if the
>> required drivers are already present. Probably not. See
>> http://www.vbox.me/. If anyone knows a VM that works without admin
>> rights, speak up.
>>
>>  Bart
>>
>>  Barton Gellman
>> @bartongellman
>> bartongellman.con
>>
>> On May 31, 2015, at 12:00 PM, cypherpunks-request at cpunks.org wrote:
>>
>>   On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <
>> thetransintransgenic at gmail.com> wrote:
>>
>>  Hi.
>>
>>
>>   I'm trying to help (probably badly, but..) a friend deal with parents
>>
>>  that
>>
>>  they expect are spying on them.
>>
>>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8319 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/7fb95aeb/attachment.txt>

From jdb10987 at yahoo.com  Sun May 31 09:41:46 2015
From: jdb10987 at yahoo.com (jim bell)
Date: Sun, 31 May 2015 16:41:46 +0000 (UTC)
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
Message-ID: <1848596366.2506784.1433090506333.JavaMail.yahoo@mail.yahoo.com>

  From: Gadit Bielman <thetransintransgenic at gmail.com>
>I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them.
>I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have >administrator privileges to.
>But their parents are not exactly the NSA --

NO ONE expects the NSA!!!!
(with apologies to Monty Python...)
           Jim Bell


  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2276 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/c7457879/attachment.txt>

From grarpamp at gmail.com  Sun May 31 13:56:14 2015
From: grarpamp at gmail.com (grarpamp)
Date: Sun, 31 May 2015 16:56:14 -0400
Subject: U.N. Leaning Towards Crypto
Message-ID: <CAD2Ti2-OdTzkusQzdAofzvtaLt5+OQKrXQTtAOC8t+xeSZj3vg@mail.gmail.com>

https://firstlook.org/theintercept/2015/05/28/united-nations-encryption-anonymity-surveillance/
https://firstlook.org/theintercept/2015/05/28/u-n-report-asserts-encryption-human-right-digital-age/




From grarpamp at gmail.com  Sun May 31 14:01:20 2015
From: grarpamp at gmail.com (grarpamp)
Date: Sun, 31 May 2015 17:01:20 -0400
Subject: Fwd: [messaging] Benchmarking client side cryptography
In-Reply-To: <22FCB8A99959898E.C63F206E-0601-4C99-B00A-62D1BCA60C13@mail.outlook.com>
References: <CAEpyjKabPm-zvdkQR=DT13FFn+Ln1o7FKJpLaTLVk0VRnPuSfQ@mail.gmail.com>
 <CA+65OsosSGY_5mLURkk0ykzWcrv8bRtVdfwwekRTz26HLNLYHA@mail.gmail.com>
 <22FCB8A99959898E.C63F206E-0601-4C99-B00A-62D1BCA60C13@mail.outlook.com>
Message-ID: <CAD2Ti2-oxQZ4P7NGPgFpa5HLaY8d1P5JAWfWK0Svby-b32_VVA@mail.gmail.com>

---------- Forwarded message ----------
https://diafygi.github.io/webcrypto-examples/

> On Sat, May 23, 2015 at 2:48 PM, franta polach  wrote:
> > Some might be interested in benchmarks I did for javascript, java,
> > objective-C on different platforms.
> > Here is a brief writeup https://frrp.github.io/ and here are the data
> > https://docs.google.com/spreadsheets/d/1RVK9ixIf2bUeUTxVxqMTpE4iC4gsr6ssfAVK9Ymm5_8/edit?usp=sharing
----------




From thetransintransgenic at gmail.com  Sun May 31 14:33:18 2015
From: thetransintransgenic at gmail.com (Gadit Bielman)
Date: Sun, 31 May 2015 17:33:18 -0400
Subject: Threat Model: Parents
In-Reply-To: <CAGkjMSO2dPU27pT1XHHn3S0sjbSw-C3c9LxAjAdF_2SPzB9QGg@mail.gmail.com>
References: <CAGkjMSO2dPU27pT1XHHn3S0sjbSw-C3c9LxAjAdF_2SPzB9QGg@mail.gmail.com>
Message-ID: <CADVTH4+wb1vOJG0mK2MTJmsFQNa31WOwcWSWrxCVmTiKLYbmEQ@mail.gmail.com>

On Sun, May 31, 2015 at 4:52 PM, Softy <softservant at gmail.com> wrote:

>
> Claiming a child merits access - with or without supervision - can only be
> made by the primary custodians of the child.
>
> Um, I'm sure this is me just having trouble understanding, but are you
saying that a parent has a perfectly legitimate right to spy on and censor
a child's communication?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 944 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/1a27cce8/attachment.txt>

From zen at freedbms.net  Sun May 31 00:54:01 2015
From: zen at freedbms.net (Zenaan Harkness)
Date: Sun, 31 May 2015 17:54:01 +1000
Subject: Threat Model: Parents
In-Reply-To: <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <4A98C782-ACC5-42A1-9889-A237366354A6@cathalgarvey.me>
Message-ID: <CAOsGNSQYwBA2BzFyrh1xa+CSSdMMkx6kjL38Uo2HuVD9_mdzVQ@mail.gmail.com>

On 5/31/15, Cathal (Phone) <cathalgarvey at cathalgarvey.me> wrote:
> Wipe the machine, install fresh and clean Linux, and then password lock the
> BIOS.

Excellent start.

Another possibly more complex idea, use your octo-core 3Gig RAM mobile
phone as your computer, connecting to the monitor and keyboard.




From guninski at guninski.com  Sun May 31 08:14:41 2015
From: guninski at guninski.com (Georgi Guninski)
Date: Sun, 31 May 2015 18:14:41 +0300
Subject: the ABC
In-Reply-To: <556A3610.9060703@riseup.net>
References: <1964290826.705304.1432500553287.JavaMail.yahoo@mail.yahoo.com>
 <CAHWD2rL5Cpyu=qJ12N9sW+j_J4VZ68hD8-_mvZLxSvmHtSz=AQ@mail.gmail.com>
 <55637183.c316370a.6bc0.ffffc363@mx.google.com>
 <CAD2Ti29yvGGZqBPwYKx2JYf+74LCu3J4e4O0z9DB8voU2M-BsQ@mail.gmail.com>
 <55669150.0b91340a.78d9.ffffad22@mx.google.com>
 <CAHWD2rLYMKOZGLwPbfQ_oGwOtMUB8VgK9c3tqvpBpEvuVAAkMA@mail.gmail.com>
 <55669DA4.1000205@riseup.net>
 <20150530150042.GA2480@sivokote.iziade.m$>
 <556A3610.9060703@riseup.net>
Message-ID: <20150531151440.GA4385@sivokote.iziade.m$>

On Sat, May 30, 2015 at 04:13:36PM -0600, Mirimir wrote:
> > https://en.wikipedia.org/wiki/Nationalization
> > 
> > Nationalization (American English), (British and Commonwealth spelling
> > nationalisation) is the process of taking a private industry or private
> > assets into public ownership by a national government or state.
> > ====
> > 
> > It already happened on at least several occasions in the real world.
> 
> If government gangbangers can fuck with stuff, they own it. If
> government gangbangers can fuck with people, they own them.

I suspect they broke the so called "social contract" (if it
really exists) first...




From nerv at fastmail.fm  Sun May 31 11:13:42 2015
From: nerv at fastmail.fm (nerv)
Date: Sun, 31 May 2015 20:13:42 +0200
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4JWF1DxfSJAd-JdCXs=e8nUFpktUB2Ng3ToMCAisGKUEg@mail.gmail.com>
References: <CADVTH4J4LqpWSBdF=nhzyHkimhk1SPAdb5m++nt7JNq_=L_C4w@mail.gmail.com>
 <CADVTH4JWF1DxfSJAd-JdCXs=e8nUFpktUB2Ng3ToMCAisGKUEg@mail.gmail.com>
Message-ID: <20150531201342.09138f57@nerv.nsa>

On Sun, 31 May 2015 13:17:47 -0400
Gadit Bielman <thetransintransgenic at gmail.com> wrote:

> On Sat, May 30, 2015 at 10:24 PM, Gadit Bielman <
> thetransintransgenic at gmail.com> wrote:
> 
> > Hi.
> >
> > I'm trying to help (probably badly, but..) a friend deal with
> > parents that they expect are spying on them.
> > I know that in general, it's impossible to secure a computer that
> > you can't trust and don't necessarily have administrator privileges
> > to.
> >
> > But their parents are not exactly the NSA -- any spying that's
> > happening is almost definitely some sort of product, plus basic
> > things like maybe looking through their history. (I don't know much
> > about they're situation -- maybe they know more, so
> > well-if-you-know-they-do-this-then-you-could-do-this type advice
> > would still be helpful.)
> >
> > Would antivirus be able to detect spy-on-your-kids products? Would
> > they be able to scan their computer with like Immunet or something,
> > even if they didn't have administrator privileges?
> >
> > Tor would probably help -- unless the monitoring was looking at the
> > RAM or something for website names, which would be way overkill on
> > a commercial product, no? Or (more likely) if it was taking
> > screenshots at regular intervals, which would also break running a
> > VM or something. (Is there any way to detect taking screenshots?)
> >
> > I know probably the best thing would be running TAILS as a LiveCD
> > -- the problem with that is that it's REALLY obvious
> > over-the-shoulder.
> >
> >
> > Um, thoughts about any of those?
> > Any other things about parents as a threat model in general?
> >
> > I know this is pretty far from what is usually discussed on here,
> > but I'm really interested in what you think/it would potentially
> > help a lot of people.
> >
> 
> Okay so I've gotten a few responses to this, so just to clear a few
> things up:
> 
> -- I don't know this person IRL -- I'm giving them advice over
> online, so can't look at their computer, give them anything, etc.
> -- I don't know what spyware program is being used, that is one of
> the "can someone/how can someone do this" questions I am asking
> 
> And one major thing, which forgive me for getting kind of annoyed but
> literally everyone has either directly suggested this or ignored the
> issue: Parents monitoring/spying on their kids is VERY OFTEN part of
> an abusive or nearly abusive relationship.
> If "Just talk to them" was an option, I can GUARANTEE they would
> already have taken it to the best of their ability.
> "Just talk to them and install linux -winkyface-" is NOT a workable
> answer. Parents have a HUGE amount of coercive power and are NOT shy
> about using it.
> 
> And for that matter, "wipe it and install linux" is really unlikely
> to work either. Rubberhose Cryptoanalysis is in full play here -- a
> PRIMARY goal is "hide it from your parents as much as possible",
> because confiscating your computer for arbitrary periods of time is
> ALWAYS AN OPTION. If they find something password protected, they are
> totally capable of just saying "haha, stop playing around, you're
> grounded and we're confiscating the computer until you stop being
> unreasonable and give us the password". Also, an arbitrary kid at
> home isn't gonna be able to just install Linux. Linux requires you
> to /know what you're doing on Linux/, and these kids have their hands
> full dealing will everything else their parents overbear already.
> 
> 
> Thought outline::
> -- Find out or narrow down the ways their parent might be monitoring
> them software-wise
> ---- Is there Spyware installed on the computer itself?
> ------ detecting: is there a list they can look through "My Programs"
> to see if any matches? Would doing a full scan with a free antivirus
> detect them as spyware, or would there be "this is a commercial
> product for parents" exception to the lists?
> ------ assessing: if they can find which spyware is being use they
> can just look up the capabilities. But if they can't? What
> capabilities do most child-spyware products have? Is it possible to
> narrow down by price-range for what they can afford?
> ---- Is there spyware running on the network? Traffic monitoring and
> stuff? ------ That's harder to find, but using the Tor Browser should
> completely negate that
> ---- bypassing softwarewise-things:
> ------ depends entirely on the capabilities. At the most simple, they
> can be bypassed by just not using the normal browser. More
> complicated and I can totally imagine a Superfish-like-thing
> monitoring all internet traffic -- even HTTPS -- for keywords. Is
> constant screencapture a common feature that we need to worry about?
> -- Non-software-based things:
> ---- Manually looking through browser history: again, Tor Browser
> doesn't keep history
> ---- Demanding access to email account: use one for
> school/parent-friendly stuff, and create a secret one.
> ---- What else is there?
> 
> 
> e.g.: Here's the parental controls/monitoring built into Windows 8:
> http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity
> (For the specific case that I'm asking about, I don't think they have
> Windows 8, but other versions of Windows probably have similar
> capabilities) And here's a top-ten comparison for child-spying
> software: http://parental-software-review.toptenreviews.com/
> 
> Would that be able to track the websites visited by the Tor Browser?
> 
> So specific questions to start:
> What if any free antivirus, running with user permissions, would
> detect commercial spy-on-your-child-ware?
> 
> If they're running a LiveCD/LiveUSB (you're right, probably USB --
> faster, more common, easier to excuse for, and persistence), how well
> can it be disguised as the original operating system? How much of
> that work can be done by people who aren't the child, so that the
> child can have as much of a plug-and-play experience as possible?
> 
> Besides actively taking screenshots, are there any other potential
> issues for the Tor Browser? e.g. is looking at RAM (unlikely for a
> commercial parent-spy software?), scanning throughout the entire
> filesystem looking for bookmarks (Also seems over the top if the Tor
> Browser is kept in a not-completely-obvious location?), other
> capabilities?
> 
> 
> 
> Again, I don't know them at all IRL, so I can't look at their
> machine, help them install/inspect things, etc.
> 
> And in general, I think it would be really valuable if we can create
> will-work-for-70+%-of-people tactics that a kid/teen online can take
> to get around their parents, so it would be great if we mapped out
> more a general threat model for parents, and possible responses to
> that.
> 
> Thanks.

The issue here is that if there is nothing you can actively do
yourself, you are very limited in term of options. I know it sounds
obvious, but security isn't easy, thats why most people don't bother
with it. 

Something I might try would I be in your shoes would be helping them
obtain the tor browser (I don't know how you're in touch with them but
providing it for them would be more discrete than them looking for it on
google) and have them use it a few times to see if it gets some kind of
reaction. 
I think using a live cd as a way to hide what they do would not be very
effective, I don't think kids (no matter how old they are) would like
to constantly switch from their actual pc to a live cd, and if they
just stop booting from the hard drive the lack of activity on it might
betray them (not to mention I would expect parents that monitor their
kid's this way to at least check up on them from time to time, and not
even the fake windows xp skin from tails is going to save them when
they hear the door opening).

However, would I indeed be in your shoes, I would then be trapped
between a multitude of scenarios depending on the degree of monitoring
that is happening, and the only way to be sure that you're really
outsmarting the parents would be to really go full on, and you cannot
do that. You make it sound as if they might be pushing the whole
forensics thing very far (I don't think thats what is happening, but of
course I have no way to know), if so they might be using HIDS that
would defeat the purpose of installing (or even running) software to
help anonymity. Maybe they run they run they own firewall and monitor
it very carefully. There really is no end to this. 
So as I said, estimating the degree of paranoia needed beforehand would
save you some time and allow you to think more clearly about solutions
that really fit the problem. Try to works with the kids to get
sufficient informations about the parents level of ability with, and
access to such technology. 

Lastly I agree that parents should try to monitor their child activity
on the internet, the same way they might forbit them to go into a bar
or an empty street at night, but there is a difference between blocking
anything from a few websites to most of the internet, and spying on
communications and exchanges that do not involve you. The obvious risks
should be dealt with, but a minimum of trust seems only natural toward
your own children.

-- 

Goto Daichi (nerv) <nerv at fastmail.fm>

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI
VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7
I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1
vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033
pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I
rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu
ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC
BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK
8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3
uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU
F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW
vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9
qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb
Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL
mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR
NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V
P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD
sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp
YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR
FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o
rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1
5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0
1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1
X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI
hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI=
=t27C
-----END PGP PUBLIC KEY BLOCK-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/eeca83c7/attachment.sig>

From mirimir at riseup.net  Sun May 31 19:14:10 2015
From: mirimir at riseup.net (Mirimir)
Date: Sun, 31 May 2015 20:14:10 -0600
Subject: Threat Model: Parents
In-Reply-To: <CADVTH4+wb1vOJG0mK2MTJmsFQNa31WOwcWSWrxCVmTiKLYbmEQ@mail.gmail.com>
References: <CAGkjMSO2dPU27pT1XHHn3S0sjbSw-C3c9LxAjAdF_2SPzB9QGg@mail.gmail.com>
 <CADVTH4+wb1vOJG0mK2MTJmsFQNa31WOwcWSWrxCVmTiKLYbmEQ@mail.gmail.com>
Message-ID: <556BBFF2.5080209@riseup.net>

OK, stealth is the only option. The first requirement is a safe place
for communicating, researching, and downloading stuff. Doing that on a
compromised machine is most likely pointless.

I know nothing about parental monitoring software. But one could get a
good sense of its universe from searching.[0] Task Manager shows what's
running, but Process Explorer is much more informative.[1] It doesn't
require installation, or admin rights to run, and one can run it from a
USB flash drive. Its use will be logged, of course, but at least it
won't show up as an installed program.

Right click on processes of interest, and select Properties. The
Environment tab shows where logs etc might be found. The TCP/IP tab
shows network activity and remote IPs/hosts.

If there is stuff that requires admin rights to see, and there is some
private time, booting with a Linux LiveCD would be useful. makeuseof
recommends Hiren’s BootCD, The Ultimate Boot CD, and Knoppix.[2]

If there's no evidence of sophisticated efforts, it might be worth using
Portable VirtualBox[3,4] and a Ubuntu VM with LUKS.[5] However, using
Portable VirtualBox would likely require admin rights to install
drivers. It's fairly trivial to get admin rights in Windows.[6] And one
could reverse all changes after installing drivers needed for Portable
VirtualBox. But consequences of discovery might be painful.

[to be continued]

[0]
https://search.disconnect.me/searchTerms/serp?search=46415e34-ef20-48fd-96b3-4ab927edf312
[1] https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
[2] http://www.makeuseof.com/tag/5-best-rescue-disks-windows-system-restore/
[3] http://www.vbox.me/
[4]
http://www.howtogeek.com/188142/use-portable-virtualbox-to-take-virtual-machines-with-you-everywhere/
[5] http://mirror.pnl.gov/releases/14.04/ubuntu-14.04.2-desktop-i386.iso
[6]
http://www.pcworld.com/article/2039773/regain-your-pcs-administrator-rights-even-if-you-dont-have-the-password.html




From tbiehn at gmail.com  Sun May 31 19:38:58 2015
From: tbiehn at gmail.com (Travis Biehn)
Date: Sun, 31 May 2015 22:38:58 -0400
Subject: Threat Model: Parents
In-Reply-To: <556BBFF2.5080209@riseup.net>
References: <CAGkjMSO2dPU27pT1XHHn3S0sjbSw-C3c9LxAjAdF_2SPzB9QGg@mail.gmail.com>
 <CADVTH4+wb1vOJG0mK2MTJmsFQNa31WOwcWSWrxCVmTiKLYbmEQ@mail.gmail.com>
 <556BBFF2.5080209@riseup.net>
Message-ID: <CAKtE3zfKjyWZ1OMK+vzEUifgAcfNav_WHKM0E7WjoFWC1SvZ-Q@mail.gmail.com>

Just set your facebook to private, yo!

On Sun, May 31, 2015 at 10:14 PM, Mirimir <mirimir at riseup.net> wrote:

> OK, stealth is the only option. The first requirement is a safe place
> for communicating, researching, and downloading stuff. Doing that on a
> compromised machine is most likely pointless.
>
> I know nothing about parental monitoring software. But one could get a
> good sense of its universe from searching.[0] Task Manager shows what's
> running, but Process Explorer is much more informative.[1] It doesn't
> require installation, or admin rights to run, and one can run it from a
> USB flash drive. Its use will be logged, of course, but at least it
> won't show up as an installed program.
>
> Right click on processes of interest, and select Properties. The
> Environment tab shows where logs etc might be found. The TCP/IP tab
> shows network activity and remote IPs/hosts.
>
> If there is stuff that requires admin rights to see, and there is some
> private time, booting with a Linux LiveCD would be useful. makeuseof
> recommends Hiren’s BootCD, The Ultimate Boot CD, and Knoppix.[2]
>
> If there's no evidence of sophisticated efforts, it might be worth using
> Portable VirtualBox[3,4] and a Ubuntu VM with LUKS.[5] However, using
> Portable VirtualBox would likely require admin rights to install
> drivers. It's fairly trivial to get admin rights in Windows.[6] And one
> could reverse all changes after installing drivers needed for Portable
> VirtualBox. But consequences of discovery might be painful.
>
> [to be continued]
>
> [0]
>
> https://search.disconnect.me/searchTerms/serp?search=46415e34-ef20-48fd-96b3-4ab927edf312
> [1] https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
> [2]
> http://www.makeuseof.com/tag/5-best-rescue-disks-windows-system-restore/
> [3] http://www.vbox.me/
> [4]
>
> http://www.howtogeek.com/188142/use-portable-virtualbox-to-take-virtual-machines-with-you-everywhere/
> [5] http://mirror.pnl.gov/releases/14.04/ubuntu-14.04.2-desktop-i386.iso
> [6]
>
> http://www.pcworld.com/article/2039773/regain-your-pcs-administrator-rights-even-if-you-dont-have-the-password.html
>
>


-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com> | Google Plus
<https://plus.google.com/+TravisBiehn>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3748 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/6b5d5686/attachment.txt>

From oottela at cs.helsinki.fi  Sun May 31 12:51:25 2015
From: oottela at cs.helsinki.fi (Markus Ottela)
Date: Sun, 31 May 2015 22:51:25 +0300
Subject: Threat model: Parents
In-Reply-To: <CADVTH4LwP1daBwfSvjaSFDgbqGuNJXe-O+DzP3C8FTUL4yRQRw@mail.gmail.com>
References: <mailman.1.1433088002.27322.cypherpunks@cpunks.org>
 <0319A321-61B5-491A-AB8C-6E8C338F8DC7@riseup.net>
 <CADVTH4LwP1daBwfSvjaSFDgbqGuNJXe-O+DzP3C8FTUL4yRQRw@mail.gmail.com>
Message-ID: <556B663D.1020702@cs.helsinki.fi>

Has the kid been told about his/her legal right to privacy from his/her 
parents?

The most useful suggestion up until now has been use of Tails LiveUSB w/ 
persistence.
I'm not sure if Truecrypt is still bundled with Tails. If not, keeping 
the installer inside persistent volume isn't that inconvenient and use 
of steganographic volumes helps with the 5-dollar wrench problem.

The kid has the right to be curious about computing, programming and 
whatnot, so it should be straightforward to explain why the distro needs 
to be installed. Avoiding the privacy side of discussion might also be 
beneficial.

On 31.05.2015 22:35, Gadit Bielman wrote:
> Heh. Yeah, parents don't even need to try to find a 5$ wrench.
>
> There are smartphone-spying stuff, also, though. (*cough-mSpy-cough* 
> http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/ 
> )
> Are there any strategies to detecting that?
>
> Also, money/resources is a major issue in this threat model -- I don't 
> see it likely that a child/teenager will feel like 35$/year for a 
> little more security is worth it. I'm not even sure if I wanna assume 
> they'll be able to put down 50$ for a Raspberry Pi and USB mouse and 
> Keyboard.
>
> Using some sort of VM sounds like the best solution, because it allows 
> for just minimizing when parents come to look. Unless, again, there is 
> screenshotting going on -- in which case, how would you detect that, 
> maybe running Tails as a VM and doing something that would definitely 
> draw the parents but not compromise much in terms of online 
> friendgroup, gender/sexual orientation they might be hiding, etc. 
> Maybe looking at porn? That would have to take into account the 
> consequences of that vs. the value of knowing that parents aren't looking.
>
> But "VMs require specific drivers", I didn't know that. Shoot.
>
> I wonder how well you could avoid problems by just using something 
> like a Tails LiveUSB at night...
>
> On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr at riseup.net 
> <mailto:otr at riseup.net>> wrote:
>
>     Honestly, people, some of these suggestions are like a parody of
>     geek advice to civilians ;-)
>
>     The kid will soon hit upon the same practical solution that his or
>     her peers all use: the smartphone (preferably with a VPN like
>     Freedome), plus browsing at a friend's house. Wiping, Linuxing and
>     LUKSing a family PC will escalate the real-life threat, and the
>     kid's defenses will fall quickly to the parental equivalent of
>     that XKCD password cartoon.
>
>     If the kid has a need for full size keyboard and screen, and has a
>     few more technical chops than most, there are some alternatives:
>
>      * Boot up Tails in Windows camouflage mode. Choose More Options
>     at boot. Shoulder surfing will probably bust him/her anyway,
>     sooner or later.
>      * Make one of those WinPE Windows USB drives, if real Windows is
>     required. Last time I looked this wasn't that easy.
>      * Get a small, fast external drive and install the OS of choice.
>     If the host is a Mac, use Carbon Copy Cloner (or dd) to copy an
>     existing machine to the external drive, or do a fresh installation
>     there. For Linux, choose your flavor.
>       * Get a Raspberry Pi and hook it to the keyboard and screen, at
>     times when you don't expect interruption.
>       * A virtual machine may be possible on the monitored host, if
>     the required drivers are already present. Probably not. See
>     http://www.vbox.me/. If anyone knows a VM that works without admin
>     rights, speak up.
>
>     Bart
>
>     Barton Gellman
>     @bartongellman
>     bartongellman.con
>
>     On May 31, 2015, at 12:00 PM, cypherpunks-request at cpunks.org
>     <mailto:cypherpunks-request at cpunks.org> wrote:
>
>>>>     On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman
>>>>     <thetransintransgenic at gmail.com
>>>>     <mailto:thetransintransgenic at gmail.com>> wrote:
>>>>     Hi.
>>>>
>>>>     I'm trying to help (probably badly, but..) a friend deal with
>>>>     parents
>>>>     that
>>>>     they expect are spying on them.
>
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8312 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150531/f942dab3/attachment.txt>

From klokanek at eldar.cz  Sun May 31 20:20:58 2015
From: klokanek at eldar.cz (Honza Klokanek Sipek)
Date: Mon, 1 Jun 2015 05:20:58 +0200
Subject: Threat Model: Parents
In-Reply-To: <556BBFF2.5080209@riseup.net>
References: <CAGkjMSO2dPU27pT1XHHn3S0sjbSw-C3c9LxAjAdF_2SPzB9QGg@mail.gmail.com>
 <CADVTH4+wb1vOJG0mK2MTJmsFQNa31WOwcWSWrxCVmTiKLYbmEQ@mail.gmail.com>
 <556BBFF2.5080209@riseup.net>
Message-ID: <20150601032058.GA1764@eldar.cz>

Remark: Just wonder how many later hackers started by bypassing
parental/school network limits.  Strict rules are just encouraging the right
education.

With limited budget is also not a bad idea to collect the components and other
'computer waste' from luckier friends and build an own computer for free.

Kids will always win. At least in the long run. ;-)



Sun, May 31, 2015 at 08:14:10PM -0600, Mirimir pise:
> OK, stealth is the only option. The first requirement is a safe place
> for communicating, researching, and downloading stuff. Doing that on a
> compromised machine is most likely pointless.
> 
> I know nothing about parental monitoring software. But one could get a
> good sense of its universe from searching.[0] Task Manager shows what's
> running, but Process Explorer is much more informative.[1] It doesn't
> require installation, or admin rights to run, and one can run it from a
> USB flash drive. Its use will be logged, of course, but at least it
> won't show up as an installed program.
> 
> Right click on processes of interest, and select Properties. The
> Environment tab shows where logs etc might be found. The TCP/IP tab
> shows network activity and remote IPs/hosts.
> 
> If there is stuff that requires admin rights to see, and there is some
> private time, booting with a Linux LiveCD would be useful. makeuseof
> recommends Hiren’s BootCD, The Ultimate Boot CD, and Knoppix.[2]
> 
> If there's no evidence of sophisticated efforts, it might be worth using
> Portable VirtualBox[3,4] and a Ubuntu VM with LUKS.[5] However, using
> Portable VirtualBox would likely require admin rights to install
> drivers. It's fairly trivial to get admin rights in Windows.[6] And one
> could reverse all changes after installing drivers needed for Portable
> VirtualBox. But consequences of discovery might be painful.
> 
> [to be continued]
> 
> [0]
> https://search.disconnect.me/searchTerms/serp?search=46415e34-ef20-48fd-96b3-4ab927edf312
> [1] https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
> [2] http://www.makeuseof.com/tag/5-best-rescue-disks-windows-system-restore/
> [3] http://www.vbox.me/
> [4]
> http://www.howtogeek.com/188142/use-portable-virtualbox-to-take-virtual-machines-with-you-everywhere/
> [5] http://mirror.pnl.gov/releases/14.04/ubuntu-14.04.2-desktop-i386.iso
> [6]
> http://www.pcworld.com/article/2039773/regain-your-pcs-administrator-rights-even-if-you-dont-have-the-password.html
> 

-- 
..<(o)>..klokanek..............................................
     (honza sipek) * klokanek (zavinac) eldar (tecka) cz 
        skype: brouci.tykadylko * gsm: +420 776 817 817 
..................................... . ..        ..   . .  
klokankova homepage >------------------------> http://eldar.cz/kangaroo




From l at odewijk.nl  Sun May 31 21:11:48 2015
From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=)
Date: Mon, 1 Jun 2015 13:11:48 +0900
Subject: U.N. Leaning Towards Crypto
In-Reply-To: <CAD2Ti2-OdTzkusQzdAofzvtaLt5+OQKrXQTtAOC8t+xeSZj3vg@mail.gmail.com>
References: <CAD2Ti2-OdTzkusQzdAofzvtaLt5+OQKrXQTtAOC8t+xeSZj3vg@mail.gmail.com>
Message-ID: <CAHWD2rLnHTqTikfc=yneQ2c_txkTCoez=0P0b=+BPh+-4xHvpw@mail.gmail.com>

Nice article! What kind of meaning does this report have? U.N. opinions are
pretty hard to enforce to security council nations :(

2015-06-01 5:56 GMT+09:00 grarpamp <grarpamp at gmail.com>:

>
> https://firstlook.org/theintercept/2015/05/28/united-nations-encryption-anonymity-surveillance/
>
> https://firstlook.org/theintercept/2015/05/28/u-n-report-asserts-encryption-human-right-digital-age/
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 943 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20150601/324e6c66/attachment.txt>