From grarpamp at gmail.com Tue Mar 1 00:15:44 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 1 Mar 2016 03:15:44 -0500 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: <20160301065454.GA2577@sivokote.iziade.m$> References: <20160229074429.GA2571@sivokote.iziade.m$> <20160229100643.GB2571@sivokote.iziade.m$> <20160229113804.GC2571@sivokote.iziade.m$> <20160301065454.GA2577@sivokote.iziade.m$> Message-ID: On 3/1/16, Georgi Guninski wrote: > Is jitter/fill traffic full solution? Again, to what threat model? I've only mention GPA, fix for which may involve, at possible minimum, all nodes encrypting full fill traffic reclocked with jitter, under some form of negotiated and enforced possibly dynamic traffic contracts with peers. I may also be on crack. > What if they disrupt or slow X times your traffic to Tor? That's an active attack, not a GPA trolling through packets. Then your peers may de-peer you until things look normal. Or it may take a while for you to get signal through. And if they're already close enough to disrupt you specifically, you've probably got other problems. > This will be observable at the other end. Not when every node is doing reclocking and de-peering peers that seem to be misbehaving or dishonoring contracts. > Probably easier is to just own me via some application > sploit (as suggested in this thread). Again, that's active, and application level, not GPA. > RE: cost of ownage/minor offenses. > Don't exclude the possibility single investment to result > in compromise of all of Tor and then deanonimizing will > be just a simple query. You mean like rooting a bunch of Linux nodes, 6+:1 ratio ... 6831 Linux 696 Windows 291 FreeBSD 74 OpenBSD 33 Darwin 8 NetBSD 4 ElectroBSD 4 Bitrig 3 SunOS 2 DragonFly 1 GNU/kFreeBSD 1 CYGWIN_NT-10.0-WOW Or compromising the repo or developers or 3rd party libraries... Or asking your friends AT&T et al to help... What's the threat? > "NSA can deanonimize some Tor users ... Again, talk about whatever, but people need to specify the threat model if they're going to really discuss solutions. Nor is Tor the only active network currently subject to attack. > This is consistent with the fate of Lulzsec. > According to the official story (which I don't believe), > the first of them got caught because "he forgot to use > tor when on irc..." Do they and their court docs officially say that? Or just some blogger reading 4chan? From Rayzer at riseup.net Tue Mar 1 09:16:54 2016 From: Rayzer at riseup.net (Rayzer) Date: Tue, 1 Mar 2016 09:16:54 -0800 Subject: Standard Operating Procedure 303 In-Reply-To: References: <567C7A53.3050207@riseup.net> Message-ID: <56D5CE86.9010607@riseup.net> Zenaan Harkness wrote: > On 12/28/15, coderman wrote: >> On 12/24/15, Rayzer wrote: >>> On January 8 2016 the US Supreme Court will consider a petition for >>> certiorari in the EPIC v. DHS "Standard Operating Procedure 303" FOIA >>> suit. SOP 303 is also known as the 'National Emergency Wireless >>> Kill-Switch' >>> >>> “Standard Operating Procedure 303,” is the protocol that codifies a >>> “shutdown and restoration process for use by commercial and private >>> wireless networks during national crisis.” > Any update on this SCOTUS case? EPIC, January 11... http://epic.org/foia/dhs/internet-kill-switch/ ars technica January 12, filed under "Law & Disorder / Civilization & Discontents": Supreme Court won’t force DHS to reveal secret plan to cut cell service Full text of US cell phone kill-switch policy to remain under lock and key. http://arstechnica.com/tech-policy/2016/01/supreme-court-wont-force-dhs-to-reveal-secret-plan-to-cut-cell-service/ -- RR "I believe democracy has so far disappeared in the United States that no “two evils” exist. There is but one evil party with two names." ~W.E.B. Dubois >> a new FOIA: >> ''' >> Documents regarding the "Chain of Command" necessary to exercise >> "Standard Operating Procedure 303", also known as the "National > ... >> - https://www.muckrock.com/foi/united-states-of-america-10/sop303-23071/ > Any update on this FOIA? > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From guninski at guninski.com Tue Mar 1 01:43:45 2016 From: guninski at guninski.com (Georgi Guninski) Date: Tue, 1 Mar 2016 11:43:45 +0200 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: References: <20160229074429.GA2571@sivokote.iziade.m$> <20160229100643.GB2571@sivokote.iziade.m$> <20160229113804.GC2571@sivokote.iziade.m$> <20160301065454.GA2577@sivokote.iziade.m$> Message-ID: <20160301094345.GC2577@sivokote.iziade.m$> On Tue, Mar 01, 2016 at 03:15:44AM -0500, grarpamp wrote: > On 3/1/16, Georgi Guninski wrote: > > Is jitter/fill traffic full solution? > > Again, to what threat model? > > The threat model is the entire world -- in real life do you care much what accident will "own" your life? If this is too broad for you, the threat model are state sponsored actors including NSA. > You mean like rooting a bunch of Linux nodes, 6+:1 ratio ... > > ... > Or compromising the repo or developers or 3rd party libraries... > > Or asking your friends AT&T et al to help... > > What's the threat? > Combination of many threats -- owning, timing, crypto, etc > > This is consistent with the fate of Lulzsec. > > According to the official story (which I don't believe), > > the first of them got caught because "he forgot to use > > tor when on irc..." > > Do they and their court docs officially say that? > Or just some blogger reading 4chan? Don't know about courts, here is a reference from thereg: http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/ > Police locked onto Hector Xavier Monsegur, an unemployed 28-year-old > from New York – allegedly LulzSec hacktivist supremo Sabu – after he > apparently made the mistake of logging into an IRC chat server without > using the Tor anonymisation service (^1) From grarpamp at gmail.com Tue Mar 1 10:52:24 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 1 Mar 2016 13:52:24 -0500 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: <20160301094345.GC2577@sivokote.iziade.m$> References: <20160229074429.GA2571@sivokote.iziade.m$> <20160229100643.GB2571@sivokote.iziade.m$> <20160229113804.GC2571@sivokote.iziade.m$> <20160301065454.GA2577@sivokote.iziade.m$> <20160301094345.GC2577@sivokote.iziade.m$> Message-ID: On 3/1/16, Georgi Guninski wrote: >> > Is jitter/fill traffic full solution? > The threat model is the entire world -- Then the full solution is to unplug, smash, and go outside and play... > in real life do you care much what accident > will "own" your life? ... just be sure to wear your helmet :) > Combination of many threats -- owning, timing, crypto, etc If the thread is a thread just griping on threats that's fine. But lumping them all in versus fill traffic (being a possible solution to the one specific subthreat of GPA)... probably isn't productive towards solving anything... whether the entire threat or any particular subthreat. Especially when fill traffic hasn't yet been speculated here to enhance the efficacy of any other existing threat, or to create new threats. >> Do they and their court docs officially say that? > > Don't know about courts, here is a reference from thereg: > http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/ That's not a quote from an original source. Neither is what it references... http://blog.erratasec.com/2012/03/notes-on-sabu-arrest.html ... which goes to Fox, which probably goes to... and to... and to... ... including possibly to stretching / ignoring the law, parallel construction... or to some other legit defendant screwup... at least until the quote is validated. Have the actual chain of custodied investigative materials as to exactly how the SilkRoad server was found come out yet? (And other similarly fishy cases where nodes on supposedly strong overlay networks were found...) Or is that still wrapped in grand jury, work product, state secret, in camera, sealed... From grarpamp at gmail.com Tue Mar 1 15:23:07 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 1 Mar 2016 18:23:07 -0500 Subject: Chertoff Group's new 28-page report on Encryption In-Reply-To: References: Message-ID: https://www.youtube.com/watch?v=6HNnVcp6NYA ---------- Forwarded message ---------- From: Henry Baker Date: Tue, 01 Mar 2016 12:11:18 -0800 To: cryptography at metzdowd.com FYI -- "The Ground Truth About Encryption, and The Consequences of Extraordinary Access" http://chertoffgroup.com/cms-assets/documents/238024-282765.groundtruth.pdf Abstract: U.S. policy makers are currently engaged in a debate regarding the merits of mandating a means of “extraordinary access” to encrypted data for U.S. law enforcement, what is sometimes referred to as an encryption “backdoor.” This paper examines modern encryption technologies, the feasibility of providing law enforcement with extraordinary access, the impact that encryption technology is currently having on U.S. law enforcement (which some have referred to as “going dark”), and the likely impacts that an extraordinary access requirement would have on U.S. national security, the technology sector, and continued innovation in the security field. We conclude that an extraordinary access requirement is likely to have a negative impact on technological development, the United States’ international standing, and the competitiveness of the U.S. economy and will have adverse long-term effects on the security, privacy, and civil liberties of citizens. From carimachet at gmail.com Tue Mar 1 12:39:17 2016 From: carimachet at gmail.com (Cari Machet) Date: Tue, 1 Mar 2016 21:39:17 +0100 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: References: <20160229074429.GA2571@sivokote.iziade.m$> <20160229100643.GB2571@sivokote.iziade.m$> <20160229113804.GC2571@sivokote.iziade.m$> <20160301065454.GA2577@sivokote.iziade.m$> <20160301094345.GC2577@sivokote.iziade.m$> Message-ID: i like the idea of mathmatical echo as solution http://guap.ru/guap/nids/pdf_2010/kuyumchev.pdf On Tue, Mar 1, 2016 at 7:52 PM, grarpamp wrote: > On 3/1/16, Georgi Guninski wrote: > >> > Is jitter/fill traffic full solution? > > The threat model is the entire world -- > > Then the full solution is to unplug, smash, and go outside and play... > > > in real life do you care much what accident > > will "own" your life? > > ... just be sure to wear your helmet :) > > > > Combination of many threats -- owning, timing, crypto, etc > > If the thread is a thread just griping on threats that's fine. > But lumping them all in versus fill traffic (being a possible solution > to the one specific subthreat of GPA)... probably isn't productive > towards solving anything... whether the entire threat > or any particular subthreat. Especially when fill traffic hasn't > yet been speculated here to enhance the efficacy of any other > existing threat, or to create new threats. > > > >> Do they and their court docs officially say that? > > > > Don't know about courts, here is a reference from thereg: > > http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/ > > That's not a quote from an original source. Neither is what it > references... > http://blog.erratasec.com/2012/03/notes-on-sabu-arrest.html > ... which goes to Fox, which probably goes to... and to... and to... > ... including possibly to stretching / ignoring the law, parallel > construction... > or to some other legit defendant screwup... at least until the quote > is validated. > > Have the actual chain of custodied investigative materials as to exactly > how the SilkRoad server was found come out yet? (And other similarly fishy > cases where nodes on supposedly strong overlay networks were found...) > Or is that still wrapped in grand jury, work product, state secret, > in camera, sealed... > -- Cari Machet NYC 646-436-7795 carimachet at gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 4003 bytes Desc: not available URL: From zen at freedbms.net Wed Mar 2 01:18:56 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Wed, 2 Mar 2016 09:18:56 +0000 Subject: Fwd: NSW. New cycling laws: One of the first bike riders hit with $319 fine for not wearing a helmet. In-Reply-To: References: Message-ID: Finally! For those who pine for the cozy safety of a modern democratic socialist nation, yes Australia is here for you. Razer (I think), your concerns about cycling safety have been answered in abundance, and are being enforced :D As folks round here already know, the government's right to legislate is absolute. At least now we'll bring appropriate pressure on all those irresponsible parents who fail to clip a helmet to their poor defenseless child as they hurtle off round the neighbourhood. Please, who will think of the children? The Australian government, that's who. And for those who have yet to experience the smallest of peaceful civil dissent or disobedience or peaceful political protest, and it's consequences, your protest will almost always be couched by the government solicitors as something like "The zero tolerance cycling safety laws are valid. They serve a legitimate object of government power, that is, the safety of its citizens." And so they strive, almost always successfully, to couch your case, not in terms of the rights you believe are unalienable, but in terms of the validity of their pathetic whining little bastard children of legislation making, the god almighty Statute Laws though shalt obey and praise the state! This "validity of the law" position that the govt takes is entirely deceptive: unless you really go into the depths of the invalidity of the government itself, the Australian states have given themselves catch-all power of "the power to pass any law for the good governance of the people." A loud and bombastic, indeed theatrical "OBJECTION!" is advised in such moments as the validity of the law is being raised and or pounded into your posterior... However! Hark, there is hope! The common law right has almost never been removed, and must be explicitly removed by an act for that common law right to be taken to be removed - the mere affirmation of a legislative power (e.g. for a concern of safety), in the guise of an almighty statute, does -not- by itself remove that common law right. Yes you heard me right. At least in Australia although the citation is forgotten just at the moment, this is the position of the High Court of Australia (HCA), comparable to SCOTUS. It's an intellectual deception the govt invariably runs against you and your dirty, dirty human rights, but you need to master this particular deception if you wish to prevail in the Australian courts on a common law civil liberties/ common law right legal ground. Oh, and you might also have to be willing to shoot up to the High Court on appeal. Which, unless you are bold enough to stand in front of the bench and speak your right by yourself, that is without a lawyer, barrister, solicitor or queens counsel (if you have a spare $80K lying around...), might be costly and/ or intimidating. And for those who -do- have the $80k just lying around, TAKE NOTICE: most legal representatives in -this- country will phrase -your- defence of the government's charge(s) against you (in your peaceful political protest), in terms of the validity of the law, thereby selling you out before you even get near enough to the HCA to realise you've been sold out because yes, "your" lawyer/barrister/etc asked the wrong damn question from the start, applying at each level of appeal, all the way to High Court where you case is resoundingly dismissed since "We find that this particular law is valid..." At that point it's too late to say wtf! Good luck, Zenaan ---------- Forwarded message ---------- From: Jim Date: Wed, 2 Mar 2016 19:17:01 +1100 Subject: NSW. New cycling laws: One of the first bike riders hit with $319 fine for not wearing a helmet. NSW's finest dropkick politicians have lost the plot again by imposing ridiculous fines against cyclists for victimless "offences." If stupidity was a criminal offence most Aussie politicians should be doing life in prison for multiple offences. Jim New cycling laws: One of the first bike riders hit with $319 fine for not wearing a helmet news.com.au Jim O’Rourke and Miles Godfrey, The Daily Telegraph March 2, 2016 Cyclist Ben Ackerley was fined for not wearing a helmet while riding his bike on the first day new cycling laws came into effect. Picture: Ross Schultz New cycling laws come into play Opinion: ‘New bike laws are a joke’ DESPITE the threat of the massive new fines for running red lights, not wearing helmets and riding dangerously, The Daily Telegraph witnessed cyclists continuing to flout the road rules. Ben Ackerley, who recently moved to Sydney from the United States, became possibly the first rider to be booked under the new fine regime. The restaurant manager from Darlinghurst was riding on Oxford St just before midday and was not wearing a helmet. Ben Ackerley was upset over being fined $319 for not wearing a helmet while riding his bike. Picture: Ross SchultzSource:News Corp Australia A police Highway Patrol officer on a motorcycle pulled Mr Ackerley over and hit him with the new $319 fine – up from just $71. “I’d just picked the bike up from the bike shop after getting it fixed,” he said. “It got wrecked in an accident with a taxi on Market St about three weeks ago. I knew about the no helmet laws but I was just riding about a mile and a half (1.6km) home. “I’ve just come from living in New York City. The cops there have got better things to do than worry about this sort of stuff.” Mr Ackerley said he may appeal for leniency. As part changes to cycling laws beginning Tuesday, fines for five offences have increased by up to 500 per cent. The $319 fine which Mr Ackerley said he may appeal, asking for leniency. Source: News Corp Australia As well as new fines for no wearing helmets, cyclists risk $425 fines for running a red light; riding dangerously and; not stopping at pedestrian crossings. Motorists who do not leave a 1m buffer between their vehicle and a bike when travelling up to 60km/h can be hit with a $319 fine and lose two demerit points. Those travelling more than 60km/h must leave a 1.5m space. During today’s morning peak, The Daily Telegraph saw riders shooting through on the red light at busy intersections along Oxford St, between Taylor Square at Darlinghurst and College St in the CBD. While the vast majority of cyclists kept to the left lane, some riders weaved among the traffic, coming less than a metre from vehicles moving slowly through the rush hour traffic. At the intersections with Flinders, Crown and Riley streets, a number of cyclists pushed to the front of the traffic queues stopped at red lights, leading to some distance issues between cars and bikes when the lights turned green. In Randwick, a number of cyclists were spotted riding in the middle lane of the three city-bound lanes, on Alison Rd. Ben Ackerley poses with his bike and his $319 fine. Picture: Ross Schultz Source: News Corp Australia Several weaved among the traffic even though a shared cycle/pedestrian path runs along the northern side of the road. On King St at Newtown, a rider, without a helmet, insisted on riding on the footpath. Along busy Bondi Rd at Bondi, several riders darted between vehicles slowing moving towards the city. Police could not confirm any other incidents of vehicle drivers being fined for not giving enough space to cyclists. On Monday, Traffic and Highway Patrol Commander John Hartley said his officers would use their discretion, but would book those who were obviously breaking the new laws. A spokesman for the police Highway Patrol said it had not scheduled a specific enforcement operation targeting cyclists to coincide with the first morning of the new laws. “Police, including our Motorcycle Response Teams, were undertaking their regular duties this morning,” the spokesman said. The government’s Transport Management Centre said it had not recorded any incidents involving cyclists during the morning peak. Bicycle NSW CEO Ray Rice said the majority of cyclists are keen to do the right thing and obey all road rules. While he strongly supports the new minimum passing distance rule, because it offers extra protection to riders, the cycling community is opposed to the increased fines and mandatory photo ID for bicycle riders. In the lead up to the law changes, Bicycle NSW handed a petition containing 10,000 signatures to the state government demanding the government immediately rescind the fine increases and photo ID sections of the legislation. Mr Rice said last month that regulation should be a last resort and described NSW as fast becoming Australia’s nanny state. Mr Rice said no other state has fines this high - and no other state will be introducing mandatory photo identification for bicycle riders. “These two measures do nothing to help the government achieve their aim of doubling the number of riders using bikes for transport,” he said. Mr Rice urged the government to mount a stronger and more sustained public education campaign to inform all road users of how the distance laws work. “We are just not getting the cut through required,” Mr Rice said. “But we know police are not going to be out there with a tape measure trying to work out the distance between cars and bikes.” The NRMA today said it supports the increase in fines. “We support the argument that cyclists should have to carry ID because what we know is that the overwhelming majority of cyclists do the right thing and this is targeting the ones who don’t,” spokesman Peter Khoury said. “They are putting their lives at risk and we don’t want that.” City of Sydney Liberal councillor Christine Forster said cyclists are road users so should be expected to obey the rules. “That should, I imagine, foster mutual respect among cyclists and drivers,” Ms Forster said. Originally published as The first cyclist hit with tough new laws http://www.news.com.au/national/nsw-act/news/new-cycling-laws-one-of-the-first-bike-riders-hit-with-319-fine-for-not-wearing-a-helmet/news-story/ae3b9623f948d15f7d11c89b0d975830 -------------------------------------------------------------------------------- What the bell? New fines for cyclists a bloody joke news.com.au Matthew Dunn March 2, 2016 8:51am OPINION FOR as long as I can remember, I have been using a bicycle as my main source of transport. I love the feeling of doing something good for the environment and vastly improving my health and fitness levels at the same time. However, more than anything I love how much money I save using pedal power. Well, that was until New South Wales premier Mike Baird decided popping me $106 dollars for not having a bell on my bike was a good idea. This is just one of the many ridiculous new fines introduced today by the NSW Government, which appear to be a blatant attempt at revenue raising. Sorry, I shouldn’t be so cynical. Roads Minister Duncan Gay said the new laws were not targeting cyclists; they were targeting “risky behaviour”. Sh*t, I know not having a bell or horn on my bicycle is putting endless lives at risk. Without a bell, how would I ever be able to warn other pedestrians and road users that I am nearby? I should be ashamed at myself for acting with such reckless abandon. Please forgive me, Mr Gay. Oh wait, that’s right. I have this thing called a voice. You know that sound produced in a person’s larynx and uttered through the mouth, as speech or song. Yeah, that thing. NSW Police are making the world a better place catching this ruthless criminal riding with no bike helmet. Anyway, I am just sounding bitter. Surely there is a need to raise the fine for not wearing a helmet from $71 to $319, in order to match the penalty given to motorcyclists breaking the same law. It makes complete sense because we all know I am able to maintain the speed limits, while riding in the middle of heavy traffic. Oh, that’s right. It’s virtually impossible for me to match the power and speeds of a motorbike, even in the safe confines of a bicycle lane. Based on this justification, I am guessing there are some people in the NSW government that must have some powerful legs. Maybe they should sign up for the Commonwealth Games instead of worrying about making these changes to reduce “risky behaviours”. The next increase will see the fine for running a red light jumping from $71 to $425, so that it is equivalent to the penalty given to car drivers for the same offence. Seems fair, given a bicycle causes as much damage to the road infrastructure and emits as much pollution as a two-tonne vehicle. Plus, there is also the small fact that at many intersections bicycles are unable to trigger the traffic signal. It’s fine though, we will just sit there until a car comes up, so we can safely ride on. Don’t want to be partaking in “risky behaviour”. You boys were riding dangerously. Do you know what that means? No? Neither do we. There are also the dubious fines for “riding dangerously” which have increased from $71 to $425. What I want to know is precisely what constitutes “riding dangerously”. If I am facing fines of $425, it would be nice to know exactly what actions I need to avoid. In hoping to clear things up, I headed to the NSW Road Safety website for more information. Unfortunately, there are no specifics listed. I guess I just have to rely on the individual interpretations of police for what they define as riding dangerously. Seems really fair and totally justifiable. Oh, wait. This isn’t even to mention the heavy police presence expected to crack down on these laws. Don’t worry about solving crimes that are a real risk to community, you just put our tax payer money to good use and get dozens of police on the streets solving big issues, like people riding without bells. Why not let people take the risk themselves instead of babying them? And if you do need to fine people, surely there is no need to go to these extents. You should be implementing measures to get people to use alternate modes of transport, not making them scared to even leave the house. Wake up to yourself, NSW Government and get with the times. Continue the discussion on Twitter @mattydunn11 http://www.news.com.au/technology/innovation/motoring/nsw-has-introduced-new-fines-for-cyclists-and-they-are-a-bloody-joke/news-story/358f66ffc225c3c3ec2cda1cfd834453 -------------------------------------------------------------------------------- From grarpamp at gmail.com Wed Mar 2 11:46:21 2016 From: grarpamp at gmail.com (grarpamp) Date: Wed, 2 Mar 2016 14:46:21 -0500 Subject: zeronet.io Message-ID: https://www.reddit.com/r/trackers/comments/48d41h/play_worlds_first_serverless_p2p_distributed/ From carimachet at gmail.com Wed Mar 2 06:54:58 2016 From: carimachet at gmail.com (Cari Machet) Date: Wed, 2 Mar 2016 15:54:58 +0100 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: <20160302140144.GC2536@sivokote.iziade.m$> References: <20160229074429.GA2571@sivokote.iziade.m$> <20160229100643.GB2571@sivokote.iziade.m$> <20160229113804.GC2571@sivokote.iziade.m$> <20160301065454.GA2577@sivokote.iziade.m$> <20160301094345.GC2577@sivokote.iziade.m$> <20160302140144.GC2536@sivokote.iziade.m$> Message-ID: "That was enough for a judge to grant the FBI a warrant and permission to secretly install what’s known as a pen/trap device, which allowed for the monitoring of Hammond’s Internet activity at the end of February 2012. That, coupled with the physical surveillance, allowed the agency to see when he was home. What they found correlated with his Tor usage—which allowed him to hide his IP address—and when “yohoho” was online, " http://kernelmag.dailydot.com/issue-sections/headline-story/9895/jeremy-hammond-fbi-surveillance-bust/#sthash.qrw4hBVT.dpuf "Bello Coffee appears to be the cafe from which police say Ulbricht logged into the virtual private network (VPN) that he allegedly used as an extra layer of protection to access Tor and Silk Road. The prosecution says they have records from Google showing Ulbricht logging into his Gmail account from the Internet cafe on a regular basis, including on days when the VPN was used from the same cafe." oh its too funny.... so what jeremy says about his case is that they just did lots of different types of investigations and that is what got him - he also states that he should have been mobile - nomadic ... maybe solutions should be nomadic as well On Wed, Mar 2, 2016 at 3:01 PM, Georgi Guninski wrote: > On Tue, Mar 01, 2016 at 01:52:24PM -0500, grarpamp wrote: > > > Don't know about courts, here is a reference from thereg: > > > http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/ > > > > That's not a quote from an original source. Neither is what it > references... > > http://blog.erratasec.com/2012/03/notes-on-sabu-arrest.html > > ... which goes to Fox, which probably goes to... and to... and to... > > ... including possibly to stretching / ignoring the law, parallel > > construction... > > or to some other legit defendant screwup... at least until the quote > > is validated. > > > > Have the actual chain of custodied investigative materials as to exactly > > how the SilkRoad server was found come out yet? (And other similarly > fishy > > cases where nodes on supposedly strong overlay networks were found...) > > Or is that still wrapped in grand jury, work product, state secret, > > in camera, sealed... > > If you find out, let us know. > > This is the most "official" version for me for now. > > -- Cari Machet NYC 646-436-7795 carimachet at gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5586 bytes Desc: not available URL: From guninski at guninski.com Wed Mar 2 06:01:44 2016 From: guninski at guninski.com (Georgi Guninski) Date: Wed, 2 Mar 2016 16:01:44 +0200 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: References: <20160229074429.GA2571@sivokote.iziade.m$> <20160229100643.GB2571@sivokote.iziade.m$> <20160229113804.GC2571@sivokote.iziade.m$> <20160301065454.GA2577@sivokote.iziade.m$> <20160301094345.GC2577@sivokote.iziade.m$> Message-ID: <20160302140144.GC2536@sivokote.iziade.m$> On Tue, Mar 01, 2016 at 01:52:24PM -0500, grarpamp wrote: > > Don't know about courts, here is a reference from thereg: > > http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/ > > That's not a quote from an original source. Neither is what it references... > http://blog.erratasec.com/2012/03/notes-on-sabu-arrest.html > ... which goes to Fox, which probably goes to... and to... and to... > ... including possibly to stretching / ignoring the law, parallel > construction... > or to some other legit defendant screwup... at least until the quote > is validated. > > Have the actual chain of custodied investigative materials as to exactly > how the SilkRoad server was found come out yet? (And other similarly fishy > cases where nodes on supposedly strong overlay networks were found...) > Or is that still wrapped in grand jury, work product, state secret, > in camera, sealed... If you find out, let us know. This is the most "official" version for me for now. From mirimir at riseup.net Wed Mar 2 15:07:25 2016 From: mirimir at riseup.net (Mirimir) Date: Wed, 2 Mar 2016 16:07:25 -0700 Subject: fun with Tor Message-ID: <56D7722D.1070404@riseup.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Just for fun, but maybe useful: Onion SSH Hosts for Login Chaining https://www.ivpn.net/privacy-guides/onion-ssh-hosts-for-login-chaining You too can chain multiple onion SSH logins, isolated by intervening multihop VPN links. Lots of latency and jitter, to annoy watchers. It hogs relays, I admit. But at least, there are no exit nodes involved. OpenVPN Onion VPS for Evading Discrimination Against Tor https://dbshmc5frbchaum2.onion/OpenVPN-Onion-VPS.html You look like typical VPN users. They get banned too. But you can easily change VPS. They're inexpensive. And again, there are no Tor exit nodes involved. Maybe there's a commercial opportunity here. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJW13IqAAoJEGINZVEXwuQ+aIoH/2eSqk9cDKqpkpdAgB0nx5Jt rptP3tkKxBjG9cZY8Pidy01vgtRGPx87/6nB7e8SABUugIrfct0uB6xaqfwjbfq6 bon3UsqImmd/jKZmOseGT4Z7nPweo7gk+cBrzCN/Wh8SCHv+bTe3EHU/au6hKs34 Xhm/ZWkERVl6+xWVny4OuIHn9qIpInilD09Sxm/KHCXa+cX5YfuLTN2l3WqJy4VP 03X3CeT7QVQEZZD85n5gjrmOOHY7DJ98NMikVygYvOqUeCxMhI0T9elrA3/akZ59 N/xMYXdhxJcgBx8zy7IQksYJpTIdB2QdvTnhuEpeMOrIcYh4vv1+h6X8DK+o/c4= =ezP3 -----END PGP SIGNATURE----- From grarpamp at gmail.com Wed Mar 2 19:27:44 2016 From: grarpamp at gmail.com (grarpamp) Date: Wed, 2 Mar 2016 22:27:44 -0500 Subject: [Cryptography] LibreSSL unaffected by DROWN In-Reply-To: <20160302202224.GS10917@mournblade.imrryr.org> References: <20160302202224.GS10917@mournblade.imrryr.org> Message-ID: On 3/2/16, Viktor Dukhovni wrote: > OpenSSL 1.1.0 (days away from beta), which does break compatibility > with 1.0.x, also removes SSLv2, and has many improvements that > LibreSSL does not. Neither is strictly better, there are surely > things that are better in LibreSSL than in OpenSSL 1.1.0. > > Theo is an avid marketer, the reality is a bit more complex. So then where is the link to an independant website which stays current and puts say Libre 2.2.[x] and Open 1.0.2[x] side by side in a feature / protocol / api review table? From grarpamp at gmail.com Wed Mar 2 19:59:16 2016 From: grarpamp at gmail.com (grarpamp) Date: Wed, 2 Mar 2016 22:59:16 -0500 Subject: [Cryptography] iPhone hardware attacks In-Reply-To: <20160302151557.0cc4eda9@jabberwock.cb.piermont.com> References: <20160302151557.0cc4eda9@jabberwock.cb.piermont.com> Message-ID: On 3/2/16, Perry E. Metzger wrote: > I keep wondering what the odds are that the NSA has no method > available to decap the chips within an iPhone and extract secret > keying material. I suspect they must be able to do that, even from one > of the more modern iPhones with hardware based security modules. If IBM can image and arrange single atoms, you can bet the NSA can do something as simple as ablate them. Got the shakes and cook a few extra along the way... no problem, chips still have much larger features. https://en.wikipedia.org/wiki/IBM_(atoms) > The techniques for doing this sort of thing are both well known and in > the open literature. Even skilled amateurs manage such feats on older > hardware quite routinely -- I've personally witnessed chips being > decapped and put into university grade equipment for analysis. Given > the NSA's budget and mission, it seems highly, highly unlikely that > such methods are unavailable to them. > > This brings up another question. FBI officials have testified under > oath that there is no government agency that can extract such > information on their behalf. Is that very careful spin, willful > ignorance, or simple perjury? Doesn't matter, they just contract out to their good ole boys at IBM or their favorite university. From juan.g71 at gmail.com Wed Mar 2 21:42:11 2016 From: juan.g71 at gmail.com (juan) Date: Thu, 3 Mar 2016 02:42:11 -0300 Subject: [Cryptography] iPhone hardware attacks In-Reply-To: References: <20160302151557.0cc4eda9@jabberwock.cb.piermont.com> Message-ID: <56d7cef6.44208c0a.61327.ffffaf88@mx.google.com> On Wed, 2 Mar 2016 22:59:16 -0500 grarpamp wrote: > On 3/2/16, Perry E. Metzger wrote: > > I keep wondering what the odds are that the NSA has no method > > available to decap the chips within an iPhone and extract secret > > keying material. why would they bother extracting something they already know From cmagistrado at gmail.com Thu Mar 3 04:29:10 2016 From: cmagistrado at gmail.com (Chris Magistrado) Date: Thu, 3 Mar 2016 04:29:10 -0800 Subject: Research Paper on The Eternal Life of Cryptocurrencies. Message-ID: I've been reading this mailing list for quite some time now, and usually don't message or write here much. Maybe one other time. I'm writing a paper on the vitality of Cryptocurrencies. My argument is that they are here to stay, and will only continue to rise as our technology becomes better. Some of the statistics I plan to use are the growth in market value, not only in BTC, but in Altcoins as well, the pros of BTC and how altcoins can do what BTC cannot, and lastly the versatility of exchanging coins via places like Shapeshift.io. Any suggestions on data or stats that might be useful? Shamir just said at RSA, "Yet to see a use case for blockchain that can't be solved with an existing simpler technology" I simply disagree. I believe the use of Cryptocurrencies are not only a statement against government control, but also a currency used by people whom want to remain private. (obviously, again, better coins than btc). -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1015 bytes Desc: not available URL: From admin at pilobilus.net Thu Mar 3 01:57:15 2016 From: admin at pilobilus.net (Steve Kinney) Date: Thu, 3 Mar 2016 04:57:15 -0500 Subject: According to www.virustotal.com, lists.debian.org are hosting attachment .DOC virus In-Reply-To: <20160303084422.GD2384@sivokote.iziade.m$> References: <20160303084422.GD2384@sivokote.iziade.m$> Message-ID: <56D80A7B.2020902@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/03/2016 03:44 AM, Georgi Guninski wrote: > According to www.virustotal.com, lists.debian.org are hosting > attachment .DOC virus. > > Would someone confirm or deny this? > > Warning: DO NOT OPEN THE .DOC! Discalimer: Nothing personal > against Debian > > https://lists.debian.org/debian-consultants/2016/01/msg00000.html > > links to: > > https://lists.debian.org/debian-consultants/2016/01/docyrW4BlUhzH. doc Well > phooey. I wanted to see what ClamAV said about it and what the textual content was, but... ~/Desktop $ wget https://lists.debian.org/debian-consultants/2016/01/docyrW4BlUhzH.do c [...] (lists.debian.org)|82.195.75.100|:443... connected. HTTP request sent, awaiting response... 404 Not Found 2016-03-03 04:49:28 ERROR 404: Not Found. So, Bog only knows. I imagine it was uploaded by a user, probably one of them "Windoze apologists" would would rather fight than switch and probably don't know anything is wrong with their workstation. :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW2Ap5AAoJEDZ0Gg87KR0LbDcQALq8j5NbrWFCyKJP6CGAKAEc HClqhchO83dwiJBir+h2v6nJOHV53vgARYQa8wE/9u3fvRXnaYoOuPt5+GK6dp1w Q6Uex2zp9z9CNzA28wRWMMCL5M+ZbTVi9bmU2IxU+ej4Lic0Ziz69R+X+UotvFHV N5qOWFr/CLuAuJvAsBYLAdh1wpZvzuw8Aa1fLOqRDVdBZuA6vIIJOlmg/VowEW79 VqilEosQ+SUc6eqn8Ky1cTE3sCY8JFh3rqwkLf3OAS4t1549c7zMqu0ApxOSsIXZ U9yAI0THIRVBXzzKp2MMRZj5XCcICq6FJ4a0Y5vT3iLKJLk963RFugv6BPscDdmX 3UduCfbc8HACJbUB6+k0HWmHqn1Uu+saf8jNiC1WFMhB4gI2qv2O0jQIMduG5XtD wYGT9z+mF538VAh2aCh0Ayhqu+qIqlv93ZWFNY4Vw4ruuWigYgtuy05u3YxiTJLT 0YYdVjkAKZkqE/HAQ58U4qdoskTFfqXTvte3GWGHDiRBR098S4VjyCUVTK888bH4 7dtzCt7qmuUlZa1kem/tg5JCi+Qzywp6v+Jh4PQsjumUvrVujkSr3hBWwRFTWqW7 KCSdkMM4bwolcYjcSqW9GyahbFouVI7IlQcmI4bDPfnXA4sWkxeUzEiqCjxzj35j X7FsmIsAHcoYM2IXDha/ =53tl -----END PGP SIGNATURE----- From guninski at guninski.com Wed Mar 2 22:10:44 2016 From: guninski at guninski.com (Georgi Guninski) Date: Thu, 3 Mar 2016 08:10:44 +0200 Subject: [Cryptography] LibreSSL unaffected by DROWN In-Reply-To: References: <20160302202224.GS10917@mournblade.imrryr.org> Message-ID: <20160303061043.GA2384@sivokote.iziade.m$> On Wed, Mar 02, 2016 at 10:27:44PM -0500, grarpamp wrote: > > Theo is an avid marketer, the reality is a bit more complex. > > So then where is the link to an independant website which > stays current and puts say Libre 2.2.[x] and Open 1.0.2[x] > side by side in a feature / protocol / api review table? Both share usage of a lot of if(0) {label:}, what C experts say about this? in libressl 2.3.2 (latest as of now) and openssl 1.0.1p (and probably later) in ssl/s3_clnt.c 984: if (CBS_len(&cert_list) < 3) goto truncated; 1657: if (0) { truncated: SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_BAD_PACKET_LENGTH); } Some more info on my blog: https://j.ludost.net/blog/archives/2016/03/02/literate_programming_in_c_if0/index.html From dan at geer.org Thu Mar 3 05:34:14 2016 From: dan at geer.org (dan at geer.org) Date: Thu, 03 Mar 2016 08:34:14 -0500 Subject: participation in sensor networks Message-ID: <20160303133414.74CCDA06DBB@palinka.tinho.net> Most everyone I know is participating in sensor networks beginning with carrying smartphones. Let us assume, for the moment, this is with their eyes wide open as to the possible extent of such networks' implications. Here's another one, http://www.nauto.com, which I mention as the recording of license plates and everything else in the surround, not just the driver's performance envelope, now comes to consumer gear which, undoubtedly, insurance rates will soon reflect and, in the fullness of time, subpoenas will seek. There are a bejillion other technologies of like import coming and coming soon. Those (of us) who opt-out will face price discrimination and, quite likely, participation discrimination on an accelerating pace; look to Sweden's stance on cash money for an example (banks no longer accept cash deposits, as I understand it). The question here is perhaps obvious: Will you opt out and suffer the consequences thereof? --dan From jm at porup.com Thu Mar 3 06:40:36 2016 From: jm at porup.com (J.M. Porup) Date: Thu, 3 Mar 2016 09:40:36 -0500 Subject: participation in sensor networks In-Reply-To: <20160303133414.74CCDA06DBB@palinka.tinho.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> Message-ID: <20160303144035.GC1729@fedora-21-dvm> On Thu, Mar 03, 2016 at 08:34:14AM -0500, dan at geer.org wrote: > The question here is perhaps obvious: Will you opt out and suffer > the consequences thereof? yippee kay yay, motherfucker. jmp From guninski at guninski.com Thu Mar 3 00:44:22 2016 From: guninski at guninski.com (Georgi Guninski) Date: Thu, 3 Mar 2016 10:44:22 +0200 Subject: According to www.virustotal.com, lists.debian.org are hosting attachment .DOC virus Message-ID: <20160303084422.GD2384@sivokote.iziade.m$> According to www.virustotal.com, lists.debian.org are hosting attachment .DOC virus. Would someone confirm or deny this? Warning: DO NOT OPEN THE .DOC! Discalimer: Nothing personal against Debian https://lists.debian.org/debian-consultants/2016/01/msg00000.html links to: https://lists.debian.org/debian-consultants/2016/01/docyrW4BlUhzH.doc Submitting the last .doc URL at: https://www.virustotal.com and then going to: Go to downloaded file analysis gives: https://www.virustotal.com/en/file/c7210dc26e00a0d9f9bf8fb3b4850d52b62bb5836a7fa34bb669fc1b1553005e/analysis/1456991242/ SHA256: c7210dc26e00a0d9f9bf8fb3b4850d52b62bb5836a7fa34bb669fc1b1553005e File name: docyrW4BlUhzH.doc Detection ratio: 17 / 54 the first few results are: AVG W97M/Downloader 20160303 AVware Trojan-Downloader.O97M.Adnel.n (v) 20160303 AegisLab W97M.Gen!c 20160303 Arcabit HEUR.VBA.Trojan.e 20160303 Avast VBA:Downloader-ABC [Trj] 20160303 ESET-NOD32 VBA/TrojanDownloader.Agent.AOM 20160303 and some report it as clean. The .doc is downloadable with the same checksum. From Rayzer at riseup.net Thu Mar 3 11:16:30 2016 From: Rayzer at riseup.net (Rayzer) Date: Thu, 3 Mar 2016 11:16:30 -0800 Subject: Bitcoin: A Miner Problem In-Reply-To: References: Message-ID: <56D88D8E.4060808@riseup.net> grarpamp wrote: > http://qntra.net/2016/03/a-miner-problem/ > > That the notion of "a majority of Bitcoin nodes" is void of content, > That a cartel of Bitcoin miners is deliberately and systematically > withholding blocks for an interval of about 20 minutes to a half hour, > so as to ensure themselves a (significant) advantage over any would-be > competitors. > That neither above item makes sense or could long survive without the other > Makes sense to anyone not addicted to bitcoin gambling. -- RR "What the world needs now is a new mythical 'currency' like I need a hole in my head." ~Anonymous Cracker ... This is what he learnt from those euro-trash girlz at Uncle Charlie's Summer Camp -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From grarpamp at gmail.com Thu Mar 3 08:45:47 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 11:45:47 -0500 Subject: Bitcoin: A Miner Problem Message-ID: http://qntra.net/2016/03/a-miner-problem/ That the notion of "a majority of Bitcoin nodes" is void of content, That a cartel of Bitcoin miners is deliberately and systematically withholding blocks for an interval of about 20 minutes to a half hour, so as to ensure themselves a (significant) advantage over any would-be competitors. That neither above item makes sense or could long survive without the other From guninski at guninski.com Thu Mar 3 03:07:39 2016 From: guninski at guninski.com (Georgi Guninski) Date: Thu, 3 Mar 2016 13:07:39 +0200 Subject: According to www.virustotal.com, lists.debian.org are hosting attachment .DOC virus In-Reply-To: <56D80A7B.2020902@pilobilus.net> References: <20160303084422.GD2384@sivokote.iziade.m$> <56D80A7B.2020902@pilobilus.net> Message-ID: <20160303110739.GE2384@sivokote.iziade.m$> On Thu, Mar 03, 2016 at 04:57:15AM -0500, Steve Kinney wrote: > phooey. I wanted to see what ClamAV said about it and what > the textual content was, but... > > ~/Desktop $ wget > https://lists.debian.org/debian-consultants/2016/01/docyrW4BlUhzH.do > c > > [...] > > (lists.debian.org)|82.195.75.100|:443... connected. > HTTP request sent, awaiting response... 404 Not Found > 2016-03-03 04:49:28 ERROR 404: Not Found. > Try scanning the .doc urls in virustotal from archive.org: https://web.archive.org/web/20160303105351/https://lists.debian.org/debian-s390/2015/10/msg00002.html https://web.archive.org/web/20160303105748/https://lists.debian.org/debian-hurd/2015/10/msg00029.html Make sure then to follow "Go to downloaded file analysis". From oss-security-admin at lists.openwall.com Thu Mar 3 05:49:09 2016 From: oss-security-admin at lists.openwall.com (oss-security-admin at lists.openwall.com) Date: 3 Mar 2016 13:49:09 -0000 Subject: Returned post for oss-security@lists.openwall.com Message-ID: us-ascii Hi! This is the ezmlm program. I'm managing the oss-security at lists.openwall.com mailing list. I'm working for my owner, who can be reached at oss-security-owner at lists.openwall.com. I'm sorry, your message (enclosed) was not accepted by the moderator. If the moderator has made any comments, they are shown below. >>>>> -------------------- >>>>> If you ever have anything valuable to share, like software bugs you used to find 10+ years ago, please feel free. Other than that, please consider the kind of content you've been posting lately unwelcome on oss-security. We also have a policy to discourage CC'ing other lists on oss-security postings (because this attracts less-relevant postings from other lists), but of course you didn't know nor care. (And the CC's were not particularly bad in this case, I admit. It's worse when someone CC's LKML.) /sd <<<<< ----------------- On Thu, Mar 03, 2016 at 10:28:09AM +0000, Cord Beermann wrote: > Hallo! Du (Adam D. Barratt) hast geschrieben: > > > If you want an answer from those who deal with lists, you have to ask them. > > debian-legal@ is just another mailing list. > > The file has been removed. > > Yours, > Cord, Debian Listmaster of the day Many thanks. You fixed the _entire_ messy issue with a single `rm`. btw, didn't your marketoid debian overlords taught you to hypocritically say `thanks' in issues like this? Goodbye oss-security-unsubscribe@ and debia ----- End forwarded message ----- From guninski at guninski.com Thu Mar 3 05:14:44 2016 From: guninski at guninski.com (Georgi Guninski) Date: Thu, 3 Mar 2016 15:14:44 +0200 Subject: [oss-security] According to www.virustotal.com, lists.debian.org are hosting attachment .DOC virus In-Reply-To: <20160303102809.GH20296@bendel.debian.org> References: <20160303084422.GD2384@sivokote.iziade.m$> <20160303102809.GH20296@bendel.debian.org> Message-ID: <20160303131444.GF2384@sivokote.iziade.m$> On Thu, Mar 03, 2016 at 10:28:09AM +0000, Cord Beermann wrote: > Hallo! Du (Adam D. Barratt) hast geschrieben: > > > If you want an answer from those who deal with lists, you have to ask them. > > debian-legal@ is just another mailing list. > > The file has been removed. > > Yours, > Cord, Debian Listmaster of the day Many thanks. You fixed the _entire_ messy issue with a single `rm`. btw, didn't your marketoid debian overlords taught you to hypocritically say `thanks' in issues like this? Goodbye oss-security-unsubscribe@ and debian-legal@ From juan.g71 at gmail.com Thu Mar 3 10:20:46 2016 From: juan.g71 at gmail.com (juan) Date: Thu, 3 Mar 2016 15:20:46 -0300 Subject: participation in sensor networks In-Reply-To: <20160303133414.74CCDA06DBB@palinka.tinho.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> Message-ID: <56d880bd.0551370a.1780c.7f03@mx.google.com> On Thu, 03 Mar 2016 08:34:14 -0500 dan at geer.org wrote: > look to Sweden's stance on cash money for an example (banks > no longer accept cash deposits, as I understand it). that's because of a law that your governmnt and employeer pulled out of their 'legal' ass. and you know what that means? It means that the real problem is government - and you know what government is? - It's a collection of government employees - criminal tax parasites like yourself. > > The question here is perhaps obvious: Will you opt out and suffer > the consequences thereof? > > --dan > From guninski at guninski.com Thu Mar 3 06:16:08 2016 From: guninski at guninski.com (Georgi Guninski) Date: Thu, 3 Mar 2016 16:16:08 +0200 Subject: Fwd: Returned post for oss-security@lists.openwall.com Message-ID: <20160303141608.GJ2384@sivokote.iziade.m$> ----- Forwarded message from oss-security-admin at lists.openwall.com ----- From juan.g71 at gmail.com Thu Mar 3 13:07:44 2016 From: juan.g71 at gmail.com (juan) Date: Thu, 3 Mar 2016 18:07:44 -0300 Subject: Bitcoin: A Miner Problem In-Reply-To: <56D88D8E.4060808@riseup.net> References: <56D88D8E.4060808@riseup.net> Message-ID: <56d8a7e0.d4198c0a.7982d.100f@mx.google.com> On Thu, 3 Mar 2016 11:16:30 -0800 Rayzer wrote: > grarpamp wrote: > > http://qntra.net/2016/03/a-miner-problem/ > > "The only thing that can save Bitcoin, at this point, is completely breaking down the Chinese miner cartel. Which yes, means bricking all their hardware. It's time to do this, not least of all because having this precedent is extremely important for safeguarding Bitcoin in the future. We must show that we ~are~ able to destroy a miner cartel, or else." Damn! The yellow peril. But popescu and his superhero friends will save the world or at least bitcoin, by 'bricking' the yellow hardware... From jdb10987 at yahoo.com Thu Mar 3 12:50:23 2016 From: jdb10987 at yahoo.com (jim bell) Date: Thu, 3 Mar 2016 20:50:23 +0000 (UTC) Subject: participation in sensor networks In-Reply-To: <20160303133414.74CCDA06DBB@palinka.tinho.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> Message-ID: <1577405571.3167320.1457038223050.JavaMail.yahoo@mail.yahoo.com> >From: "dan at geer.org" >Here's another one, http://www.nauto.com, which I mention as the >recording of license plates and everything else in the surround, Nearly 20 years ago, I first heard of "3M Louvered film", thin plastic sheets with opaque black plastic molded perpendicularly to the plane of the sheet. It would be very useful to help block the viewing of license plates from the side of the road, or above on poles or overpasses. Google-search '3M louvered film". http://www.apioptics.com/pdf/3M-Display-Film-Summary.pdf http://www.freepatentsonline.com/3919559.html http://www.freepatentsonline.com/EP0466460A2.html Two sheets installed perpendicularly to each other would render a license plate readable only from a limited viewing cone behind, or in front of, the car. Jim Bell -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2839 bytes Desc: not available URL: From grarpamp at gmail.com Thu Mar 3 18:25:29 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 21:25:29 -0500 Subject: Bitcoin: A Miner Problem In-Reply-To: <56d8a7e0.d4198c0a.7982d.100f@mx.google.com> References: <56D88D8E.4060808@riseup.net> <56d8a7e0.d4198c0a.7982d.100f@mx.google.com> Message-ID: On 3/3/16, juan wrote: >> grarpamp wrote: >> > http://qntra.net/2016/03/a-miner-problem/ > > "The only thing that can save Bitcoin, at this point, is > completely breaking down the Chinese miner cartel. Which yes, means > bricking all their hardware. It's time to do this, not least of all > because having this precedent is extremely important for safeguarding > Bitcoin in the future. We must show that we ~are~ able to destroy a > miner cartel, or else." > > > Damn! The yellow peril. But popescu and his superhero friends > will save the world or at least bitcoin, by 'bricking' the > yellow hardware... Flag days are completely rational in bitcoin network exactly the same and entirely rational as the banking network has roughly 8-16 hours in a night to flag change their junk. Especially since bitcoin and any other digital currency offers a new paradigm of expectation to follow. Software updates is one of those things to expects. Bricking through change is a great defensive idea if needed, however unfortunately it applies to all miners, clients, etc that currently exist following the protocol. Therefore the only way to break self interested cartels is for the end user community to get together, realize there is a real problem, and act to solve it. Seemingly in this case, to openly design sell distribute open high performance mining hardware under legally enforced open sales records contract models at scale exclusively to distributed end users at cost. Communities of digital currencies will wake up to this when they see their assets / dreams being pushed to zero by such cartel influences. After all, that action is the supposed model of these decentral digital currencies. Right about now would be a good time to wake up. Amazed there isn't already an AP price on some heads. And that Satoshi may be laughing rather than speaking in all this bullshit. From grarpamp at gmail.com Thu Mar 3 18:50:26 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 21:50:26 -0500 Subject: Two more Apple amicus briefs In-Reply-To: References: Message-ID: ---------- Forwarded message ---------- From: Henry Baker Date: Thu, 03 Mar 2016 18:19:23 -0800 Subject: [Cryptography] Two more Apple amicus briefs To: cryptography at metzdowd.com -- a whole bunch of tech companies: https://assets.documentcloud.org/documents/2746620/Apple-Amicus-Brief-by-Airbnb-EBay-Twitter-and.pdf -- ATT: https://assets.documentcloud.org/documents/2746626/Apple-Amicus-Brief-From-AT-amp-T.pdf _______________________________________________ The cryptography mailing list cryptography at metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography From saekung at gmail.com Thu Mar 3 13:08:35 2016 From: saekung at gmail.com (saekung) Date: Thu, 3 Mar 2016 22:08:35 +0100 Subject: participation in sensor networks In-Reply-To: <1577405571.3167320.1457038223050.JavaMail.yahoo@mail.yahoo.com> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <1577405571.3167320.1457038223050.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56D8A7D3.4080704@gmail.com> On 03/03/2016 21:50, jim bell wrote: > > >From: "dan at geer.org" >Here's another one, http://www.nauto.com, which I mention as the >> recording of license plates and everything else in the surround, > Nearly 20 years ago, I first heard of "3M Louvered film", thin plastic sheets with opaque black plastic molded perpendicularly to the plane of the sheet. It would be very useful to help block the viewing of license plates from the side of the road, or above on poles or overpasses. Google-search '3M louvered film". http://www.apioptics.com/pdf/3M-Display-Film-Summary.pdf http://www.freepatentsonline.com/3919559.html http://www.freepatentsonline.com/EP0466460A2.html Two sheets installed perpendicularly to each other would render a license plate readable only from a limited viewing cone behind, or in front of, the car. Jim Bell > > I would think that is illegal in most countries. From jdb10987 at yahoo.com Thu Mar 3 14:27:28 2016 From: jdb10987 at yahoo.com (jim bell) Date: Thu, 3 Mar 2016 22:27:28 +0000 (UTC) Subject: participation in sensor networks In-Reply-To: <56D8A7D3.4080704@gmail.com> References: <56D8A7D3.4080704@gmail.com> Message-ID: <1275359159.3231766.1457044048534.JavaMail.yahoo@mail.yahoo.com> From: saekung On 03/03/2016 21:50, jim bell wrote:> >From: "dan at geer.org" >Here's another one, http://www.nauto.com, which I mention as the >> recording of license plates and everything else in the surround, > Nearly 20 years ago, I first heard of "3M Louvered film", thin plastic sheets with opaque black plastic molded perpendicularly to the plane of the sheet. It would be very useful to help block the viewing of license plates from the side of the road, or above on poles or overpasses. Google-search '3M louvered film". http://www.apioptics.com/pdf/3M-Display-Film-Summary.pdf http://www.freepatentsonline.com/3919559.html http://www.freepatentsonline.com/EP0466460A2.html Two sheets installed perpendicularly to each other would render a license plate readable only from a limited viewing cone behind, or in front of, the car. Jim Bell >I would think that is illegal in most countries. A policeman might, and presumably has, argued that. But go to your typical car-parts store (in America), and you will see plenty of license-plate covers which shield the plate from dirt and dust. That doesn't mean that it is definitely 'legal', merely that most of the time, cops tend to look the other way if they can easily see the plate itself. One actually claims that it prevents photographing the plate: http://www.ontrackcorp.com/original-protector.cfm?id=03 25 years ago, I did some research into making a car 'infrared stealthy'. The technology of (cheap) laser radar was just coming into play. I learned that such laser speedgun units used 905 nanometers IR, pulsed at about 25 nanoseconds. I concluded that covering a car's corner-cube plastic retroreflectors with an IR-absorptive glass (PPG's Azurlite absorbed all but 6% of 905 nm IR). Azurlite could also be used to cover a license plate, although it had a distinctive bluish color. Etching the inside surface of the glass with ammonium bifluoride etchant (art stores) greatly decreased the retroreflectance from the plate itself.I found an LED, Stanley DN305, (since discontinued)which had a rise/fall time of about 10 nanoseconds. It would have made an excellent jammer. Presumably, better ones exist today. Jim Bell -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 5268 bytes Desc: not available URL: From grarpamp at gmail.com Thu Mar 3 19:44:15 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 22:44:15 -0500 Subject: Two more Apple amicus briefs In-Reply-To: References:

Message-ID: > https://assets.documentcloud.org/documents/2746620/Apple-Amicus-Brief-by-Airbnb-EBay-Twitter-and.pdf > https://assets.documentcloud.org/documents/2746626/Apple-Amicus-Brief-From-AT-amp-T.pdf It may interest reader interpretation that the former companies may speak around being somewhat interested in customer privacy (even if perhaps motivated / bound by their own datamining TOS / profit interests rather than genuine), where old buddy AT&T may just want to be told what to do (given telecoms freewheeling events in history) while not mentioning any particular ethos themselves. Discuss... https://en.wikipedia.org/wiki/Project_SHAMROCK http://www.vice.com/en_ca/read/a-brief-history-of-the-united-states-governments-warrentless-spying https://en.wikipedia.org/wiki/Qwest#Refusal_of_NSA_surveillance_requests https://en.wikipedia.org/wiki/Joseph_Nacchio https://en.wikipedia.org/wiki/MAINWAY She also noted that no U.S. telecommunications company had legally refused to turning over customer metadata, "despite the mechanism for doing so". https://en.wikipedia.org/wiki/Claire_Eagan From grarpamp at gmail.com Thu Mar 3 20:22:55 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 23:22:55 -0500 Subject: [Cryptography] Two more Apple amicus briefs In-Reply-To: References: Message-ID: On 3/3/16, Allen wrote: > On Thu, Mar 3, 2016 at 9:19 PM, Henry Baker wrote: >> https://assets.documentcloud.org/documents/2746620/Apple-Amicus-Brief-by-Airbnb-EBay-Twitter-and.pdf >> https://assets.documentcloud.org/documents/2746626/Apple-Amicus-Brief-From-AT-amp-T.pdf >> >> > Someone should file an amicus brief that basically says the FBI violated > federal contracting rules by not putting the hacking work out to > competitive bid through the RFP process, and therefore it's request to > force Apple to do this work violates federal law and should be struck down > as against public policy. I'm not actually familiar enough with the > federal contracting process to know if that is true or not, but it seems > plausible, and it also seems there are many companies that would like to > have a crack at doing this work instead of being forced to do it. At > minimum, the FBI would find out through the RFP process if what it seeks > might be available through another channel and therefore Apple's assistance > is not required. And in the meantime RFP and results are out in the open giving makers more time to roll out and get embedded in society per and for customer interest, impenetrable crypto schemes. Embedding crypto to, for, and in conscience of society as a private and personal tool... is a race condition. And one you want to win. So do it... nao !!! From grarpamp at gmail.com Thu Mar 3 20:34:10 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 23:34:10 -0500 Subject: Crypto Individualism Required For Civilization To Reach The Stars? Message-ID: > Embedding crypto to, for, and in conscience of society as > a private and personal tool... is a race condition. > And one you want to win. > So do it... nao !!! Will humanity be able to advance and even reach the stars unless they are able to cryptographically securely extend and embed some portion of both the private and computational function of their brains... in the same private way brains function today... into devices and systems both large and small? bitcoin:16xRaqrjBwckR7HiqVKdKEmRDpb3dnJmSb Because... philosophy. From grarpamp at gmail.com Thu Mar 3 20:55:15 2016 From: grarpamp at gmail.com (grarpamp) Date: Thu, 3 Mar 2016 23:55:15 -0500 Subject: participation in sensor networks In-Reply-To: <20160303133414.74CCDA06DBB@palinka.tinho.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> Message-ID: On 3/3/16, dan at geer.org wrote: > The question here is perhaps obvious: Will you opt out and suffer > the consequences thereof? Will you, as principal member[s] of such companies and organizations, recognize that certain things in humanity are distinctly human and necessary to humanity, therefore are of greater purpose than control and profit... and worthy preserving even in the face of risk... and therefore decline to develop, produce, market, and force such supposed solutions, even laws and structures, upon humanity... for what may even boil down to being your own self interest[s]? bitcoin:1CURA2mBjCghNaRujAjTN7Xy34Qai2NS5C Because... philosophy... and hungry. From grarpamp at gmail.com Thu Mar 3 21:11:43 2016 From: grarpamp at gmail.com (grarpamp) Date: Fri, 4 Mar 2016 00:11:43 -0500 Subject: participation in sensor networks In-Reply-To: <1275359159.3231766.1457044048534.JavaMail.yahoo@mail.yahoo.com> References: <56D8A7D3.4080704@gmail.com> <1275359159.3231766.1457044048534.JavaMail.yahoo@mail.yahoo.com> Message-ID: On 3/3/16, jim bell wrote: > It > would have made an excellent jammer. Presumably, better ones exist today. Plates and lights leaves left only how much beams back from micro scratches in windshields? And of course that even consumer flat black spray paint seems to still return some fraction of a real laser beam. Some locales do have laws regarding plate visibility and or modification [via overlays / surrounds]. And some makers do advertise those 3M-like structures in their plate cover products, some even specifying visibility width angles in degrees. But the headlight / retroreflector thing is uncaptured market at the moment. So like with the plate guys, you should go for it if you can solve the problem of production for and application to all the 3d shapes of those lights / retros on vehicle models. From grarpamp at gmail.com Thu Mar 3 21:33:30 2016 From: grarpamp at gmail.com (grarpamp) Date: Fri, 4 Mar 2016 00:33:30 -0500 Subject: [Cryptography] More Apple news In-Reply-To: <6AABF366-6DC7-4299-809A-D34B6A85ED2E@dukhovni.org> References: <6AABF366-6DC7-4299-809A-D34B6A85ED2E@dukhovni.org> Message-ID: On 3/3/16, Viktor Dukhovni wrote: > > http://arstechnica.com/tech-policy/2016/03/san-bernardino-da-says-seized-iphone-may-hold-dormant-cyber-pathogen/ > > "The iPhone is a county owned telephone that may have connected to > the San Bernardino County computer network. The seized iPhone may > contain evidence that can only be found on the seized phone that > it was used as a weapon to introduce a lying dormant cyber pathogen > that endangers San Bernardino's infrastructure," according to a court > filing (PDF) by Michael Ramos, the San Bernardino County District > Attorney. > > This seems so far beyond remotely plausible that one wonders whether > the responsible lawyers can be disbarred for blatant fabrication... If these 31337 criminals wanted to pathogenically jack the county systems they would have jacked in their own USB firmware sploits to fubar the systems starting with any workstations in reach. This lawyers own kids and himself have probably messed with and installed so much shit on his issued iphone to consider it compromised and warranting search. LOL totally made my day. From grarpamp at gmail.com Thu Mar 3 22:09:18 2016 From: grarpamp at gmail.com (grarpamp) Date: Fri, 4 Mar 2016 01:09:18 -0500 Subject: Research Paper on The Eternal Life of Cryptocurrencies. In-Reply-To: References: Message-ID: On 3/3/16, Chris Magistrado wrote: > I'm writing a paper on the vitality of Cryptocurrencies. My argument is > ... > growth in market value, not only in BTC, but in Altcoins as well, the pros > ... > of exchanging coins via places like Shapeshift.io. There is to consider the long tail of dying / dead currencies, who holds and runs them [hobby?] still, who got stuck and why. And I probably posted here once about some situations in which given currency turns rapidly plunging out of control beyond exchange capacity / pricing into other currencies or even goes to zero wiping out billions in vested interests thereby potentially prompting unrest / action / controls in the digital or physical space. Look to past failures and imagine. Post link to paper when finished. From jya at pipeline.com Fri Mar 4 04:09:22 2016 From: jya at pipeline.com (John Young) Date: Fri, 04 Mar 2016 07:09:22 -0500 Subject: USG v. Apple - Amici Applications Through 3 March 2016 Message-ID: https://cryptome.org/2016/03/usg-apple-025-049.pdf (179 pp, 20MB) Few of the applications have been ordered by the court. Thumbnail descriptions provide rationale for each case. Most are lazy, thin and repetitious in argument, not much that's new from previous battles. Faintheatedness suggests riskless PR is the intent, or worse, fear of antagonizing the biggest customer for crypto, govs, reduxing all crypto strutting, mock battles, gov-com-org business conducted in secrecy, public left to believe duplicitous comsec mandated by natsec, or not, usually not. From guninski at guninski.com Thu Mar 3 23:00:51 2016 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 4 Mar 2016 09:00:51 +0200 Subject: Research Paper on The Eternal Life of Cryptocurrencies. In-Reply-To: References: Message-ID: <20160304070051.GB2300@sivokote.iziade.m$> Crypto attack, major math breakthrough almost surely will kill them all in their present form. AFAICT effect of quantum computer is open (might be wrong). Consider checking: On Bitcoin Security in the Presence of Broken Crypto Primitives http://eprint.iacr.org/2016/167.pdf From guninski at guninski.com Fri Mar 4 00:49:23 2016 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 4 Mar 2016 10:49:23 +0200 Subject: Bitcoin: A Miner Problem In-Reply-To: References: Message-ID: <20160304084923.GE2300@sivokote.iziade.m$> On Thu, Mar 03, 2016 at 11:45:47AM -0500, grarpamp wrote: > http://qntra.net/2016/03/a-miner-problem/ > > That the notion of "a majority of Bitcoin nodes" is void of content, > That a cartel of Bitcoin miners is deliberately and systematically > withholding blocks for an interval of about 20 minutes to a half hour, > so as to ensure themselves a (significant) advantage over any would-be > competitors. > That neither above item makes sense or could long survive without the other IIRC sufficiently many dishonest nodes (51%?) might screw bitcoin much worse, it had something to do with consesus/transactions. Is the above true? Isn't this "cartel" the "free market" in juan's anarchist utopia? From guninski at guninski.com Fri Mar 4 04:06:16 2016 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 4 Mar 2016 14:06:16 +0200 Subject: participation in sensor networks In-Reply-To: <20160303133414.74CCDA06DBB@palinka.tinho.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> Message-ID: <20160304120616.GF2300@sivokote.iziade.m$> On Thu, Mar 03, 2016 at 08:34:14AM -0500, dan at geer.org wrote: > The question here is perhaps obvious: Will you opt out and suffer > the consequences thereof? > > --dan Let me counter-ask only `dan': Will you exchange a walk on part in a war for a lead role in a cage? This is not exactly quote from Floyd's song. From jdb10987 at yahoo.com Fri Mar 4 09:44:57 2016 From: jdb10987 at yahoo.com (jim bell) Date: Fri, 4 Mar 2016 17:44:57 +0000 (UTC) Subject: participation in sensor networks In-Reply-To: References: Message-ID: <2136427955.3668399.1457113497168.JavaMail.yahoo@mail.yahoo.com> From: grarpamp On 3/3/16, jim bell wrote:>> It would have made an excellent jammer. Presumably, better ones exist today. >Plates and lights leaves left only how much beams back from >micro scratches in windshields? Probably very little. The emitted laser power of the unit I had the documentation foremitted 15 watts. Most of that would have hit the car, but only a tiny fraction wouldhave been reflected back to the laser gun. Google search "Lambertian". https://en.wikipedia.org/wiki/Lambertian_reflectance (The reflectance of a piece ofwhite paper is primarily 'lambertian': It doesn't act like a mirror;nor does it act like a retroreflector. >And of course that even consumer flat black spray paint >seems to still return some fraction of a real laser beam. I didn't and don't expect that anybody was going to re-paint their car for thispurpose. Disabling the retro-reflectors is relatively easy. >Some locales do have laws regarding plate visibility and >or modification [via overlays / surrounds]. >And some makers do advertise those 3M-like structures >in their plate cover products, some even specifying visibility >width angles in degrees. I understood that some of these modifications might arguably be called in violation of the law. The main one, covering the license plate, seemsto be a minor issue. >But the headlight / retroreflector thing is uncaptured market >at the moment. So like with the plate guys, you should go >for it if you can solve the problem of production for and >application to all the 3d shapes of those lights / retros on >vehicle models. I don't know how big the laser radar market currently is. When I did the research in 1990-91, it was not clear how big an issue it would eventuallybe. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 4927 bytes Desc: not available URL: From jya at pipeline.com Sat Mar 5 03:17:44 2016 From: jya at pipeline.com (John Young) Date: Sat, 05 Mar 2016 06:17:44 -0500 Subject: Lavabit's and Snowden's Solos Message-ID: Lavabit's brief for Apple has the gutsiest skin in the game, going solo, no joining a pack. None of the fattest of strutting corporate cats rushed to defend Lavabit against absence of FBI corporate-coddling, Congress-stroking, corraling the frightened herd for taking down mavericks like Lavabit and Snowden. https://cryptome.org/2016/03/usg-apple-102-105.pdf From guninski at guninski.com Sat Mar 5 01:21:23 2016 From: guninski at guninski.com (Georgi Guninski) Date: Sat, 5 Mar 2016 11:21:23 +0200 Subject: According to www.virustotal.com, lists.debian.org are hosting attachment .DOC virus In-Reply-To: <20160303110739.GE2384@sivokote.iziade.m$> References: <20160303084422.GD2384@sivokote.iziade.m$> <56D80A7B.2020902@pilobilus.net> <20160303110739.GE2384@sivokote.iziade.m$> Message-ID: <20160305092122.GA2412@sivokote.iziade.m$> On Thu, Mar 03, 2016 at 01:07:39PM +0200, Georgi Guninski wrote: > > Try scanning the .doc urls in virustotal from archive.org: > > https://web.archive.org/web/20160303105351/https://lists.debian.org/debian-s390/2015/10/msg00002.html > https://web.archive.org/web/20160303105748/https://lists.debian.org/debian-hurd/2015/10/msg00029.html > > These are still alive even on debian, though I told this to two debian developers in private mail. One of them suggested to clean their site by clicking "report as spam": https://lists.debian.org/debian-legal/2016/03/msg00005.html From zen at freedbms.net Sat Mar 5 04:43:53 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Sat, 5 Mar 2016 12:43:53 +0000 Subject: Do punks denounce anti-prostitution, anti-pimping and anti-trafficking policies invariably used to repress women? Message-ID: A new and compelling perspective for me... https://www.opendemocracy.net/beyondslavery/sws/gail-pheterson/at-long-last-listen-to-women At long last, listen to the women! Gail Pheterson 2 March 2016 State entrapment, extortion, imprisonment and slander sharpen the consciousness of sex workers who denounce anti-prostitution, anti-pimping and anti-trafficking policies invariably used to repress women and undermine feminist liberation struggles. 'Proud to be whores'. Prostitutes demonstrate in Paris in 2008. philippe leroyer/Flickr. (CC 2.0 by-nc-nd) --- Gail Pheterson began organising with the sex workers of COYOTE in San Francisco in 1984 during a sabbatical year at the Institute for the Study of Social Change, University of California, Berkeley. While in San Francisco she designed an alliance project of whores, wives and dykes that transformed into a network of Bad Girl Rap Groups. Co-facilitated with Margo St. James, Scarlot Harlot/Carol Leigh, Priscilla Alexander, Sharon Kaiser, E. Kitch Childs, Gloria Locket and others, the Bad Girl Rap Groups were open to "any woman who had ever been stigmatised as bad by her work, colour, class, sexuality, history of abuse, or just plain gender". Upon her return to Europe, she co-founded the Red Thread and Pink Thread, two interwoven Dutch organisations of sex workers and allies, with Margot Alvarez, Ans van der Drift, Martine Groen, Violet and others. She also co-organised with Margo St. James the First World Whores’ Congress in Amsterdam and the Second World Whores’ Congress at the European Parliament in Brussels, and co-founded the International Committee for Prostitutes' Rights. Gail Pheterson edited the transcripts of the Whores' Congresses for publication in A Vindication of the Rights of Whores (released in Spanish under the title Nosotras Las Putas) and published a series of essays titled The Prostitution Prism (also in Spanish and French), including her most known and widely translated essay, ‘The Whore Stigma: Female Dishonor and Male Unworthiness’. --- Women mobilised a grassroots liberation movement fifty years ago in defiant resistance against oppression. Those feminists knew their struggle was dangerous but they were unrelenting in claiming rights for women as autonomous persons. Where are we now in this crusade for freedom? The idea of equality between the sexes has moved into the global limelight over the past decades, but women's liberation is still a far cry from home. Government authorities, world organisations, and social reformers continue to undermine radical analysis of pervasive sexism with emotionally-charged rhetoric of individual female misfortune and male misconduct. Exposés of criminal and perverse men capturing helpless women ignite public outrage while leaving intact institutional obstacles to women’s mobility, work, and bodily self-determination. This rhetoric sabotages liberation strategies by taking women-on-the-run into protective custody of the status quo. Anti-violence discourse then serves to reinforce state repression of women. Knowingly or unknowingly, the establishment has succeeded in wrenching the feminist agenda from its subversive fibre. The result is effective camouflage of the political cause for women's flight and disregard for women's material needs, social choices and, most insidiously, agency in thinking and shaping their destinies. All women have reason to seek liberty, but all do not face the same life conditions. The contemporary foot soldiers of our movement are rightless migrant women disallowed from leaving home, crossing borders, earning money, or living independently. Without rights, they are forced to bargain their survival with abusive profiteers inside and outside the law. In legislation, popular media, police records, UN conventions, and even ill-founded feminist tracts, they are branded trafficked women, trapped in the nexus of global power relations, and categorised as this or that kind of victim or tramp. Savvy feminists Sex worker activists are savvy feminist analysts of these machinations, their consciousness undoubtedly sharpened by daily trials of (escaping) state entrapment, extortion, imprisonment, and slander. As intimates of both backroom and front stage men, prostitutes are solicited by government officials to serve as undercover agents and informants. Their advantage over socially reputable women is their exclusion from polite society and direct experience of institutional vice. Mainstream feminists would do well to listen to their word in public as male authorities do in private. Their first demand is decriminalisation of sex work. This implies repealing prohibitions against negotiations and services attached to the sex industry, including the hiring of third parties to facilitate management of businesses and travel to foreign markets. In other words, sex workers demand the abolition of anti-prostitution, anti-pimping and anti-trafficking laws. They know that such laws invariably translate into discriminatory surveillance, fines, arrest, detention, and expulsion of migrant women. Since popular opinion equates pimping and trafficking with the vile use and abuse of women, well-intentioned reformers persist in promoting restrictive legislation that curtails women's sexual negotiations and geographic displacements. Most existing criminal laws against pimping and trafficking are about sex, money, and travel – not about violence. Some countries do require evidence of force to proceed with prosecution, but women are nonetheless subject to discriminatory surveillance rationalised as preventive measures ‘for their own good’. Violence, coercion, and deceit do, of course, occur in prostitution, as elsewhere in the sex class system. Certainly sex workers should have the same recourse to laws against those crimes as any legitimate plaintiff would have in cases of battery, rape, fraud, kidnapping, or other offense against their person. But equal juridical treatment is incompatible with prejudicial classification as prostitute or trafficked woman. Sex workers demand generic, gender-neutral consideration undifferentiated from other workers, citizens, or human beings. Crimes against women are not crimes against incapacitated dependents, property, or morality; they are crimes against individuals. Criminalise marriage? Women have ample cause for class action to claim compensation for a host of injustices, whether unpaid labour, insult, assault, or discrimination. Reparation could be a feminist collective demand. Matrimony and maternity are clearly the key historical sites of subjugation for women in terms of toil and sacrifice. But feminists have never called for prohibition of marriage or pregnancy, regardless of the risks and documented damages. Feminists have fought to give women alternatives or escapes from heterosexual coercions with divorce rights, battered women shelters and lesbians legitimacy. And they have fought to give women escapes from forced pregnancy or forced sterilisation by demanding reproductive choice and by facilitating access to contraception and abortion. But surely they would not deny women the right to decide for themselves whether to marry or bear a child or even whether to remain with an abusive husband. And they would not deny the rewards and satisfactions some women experience as wives or mothers. Why do sex workers not receive the same respect? There could also be a feminist class action to claim compensation for injustices in the sex industry. And clearly, alternatives and escape channels depend upon feminist struggles for migrant rights, labour rights, and residency permits for independent women. But there is no justification for denying the right to negotiate payment for sexual services. Individually we are each in the grip of specific realities, each a unique person, and each entitled to our own thought processes and life choices. Collectively we can shape visions and common liberatory goals without judging any individual woman for her meanderings in the sex class system. This article is published as part of the 'Sex workers speak: who listens?' series on Beyond Trafficking and Slavery, generously sponsored by COST Action IS1209 ‘Comparing European Prostitution Policies: Understanding Scales and Cultures of Governance' (ProsPol). ProsPol is funded by COST. The University of Essex is its Grant Holder Institution. About the author Gail Pheterson is currently Associate Professor [Maître de conférences] of social psychology, Université de Picardie Jules Verne, Amiens, France, and Researcher at the Centre de recherches sociologiques et politiques de Paris, CNRS/University Paris 8. In alliance with sex workers, she organised the International Committee for Prostitutes' Rights and the World Whores' Congresses in 1985-86. She is editor of A Vindication of the Rights of Whores, and author of The Prostitution Prism and Femmes en flagrant délit d'indépendance. Related Articles We speak but you don’t listen: migrant sex worker organising at the border x:talk project Ava Caradonna What gives them the right to judge us? Roses d'Acier Sex workers speak: who listens? P.G. Macioti Giulia Garofalo Geymonat Read On bracelet-280.jpg Sexual surveillance and moral quarantines: a history of anti-trafficking JESSICA R. PLILEY Convenient conflations: modern slavery, trafficking, and prostitution JULIA O’CONNELL DAVIDSON Speaking of “dead prostitutes”: how CATW promotes survivors to silence sex workers JASON CONGDON Anti-trafficking campaigns, sex workers and the roots of damage CAROL LEIGH Decriminalising sex work in New Zealand: its history and impact FRASER CRICHTON Amnesty’s proposal to decriminalise sex work: contents and discontents SIMANTI DASGUPTA Why decriminalise sex work? GLOBAL NETWORK OF SEX WORK PROJECTS Amnesty International: adopt the proposed policy on sex work INTERNATIONAL COMMITTEE ON THE RIGHTS OF SEX WORKERS IN EUROPE Subjects Sex workers speak: who listens? Related Articles We speak but you don’t listen: migrant sex worker organising at the border https://www.opendemocracy.net/beyondslavery/sws/ava-caradonna-x-talk-project/we-speak-but-you-don-t-listen-migrant-sex-worker-organisi From admin at pilobilus.net Sat Mar 5 10:08:56 2016 From: admin at pilobilus.net (Steve Kinney) Date: Sat, 5 Mar 2016 13:08:56 -0500 Subject: participation in sensor networks In-Reply-To: <20160304120616.GF2300@sivokote.iziade.m$> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> Message-ID: <56DB20B8.2010909@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/04/2016 07:06 AM, Georgi Guninski wrote: > On Thu, Mar 03, 2016 at 08:34:14AM -0500, dan at geer.org wrote: >> The question here is perhaps obvious: Will you opt out and >> suffer the consequences thereof? >> >> --dan > > Let me counter-ask only `dan': > > Will you exchange a walk on part in a war for a lead role in a > cage? > > This is not exactly quote from Floyd's song. I for one welcome universal surveillance, an unavoidable consequence of universal data network access. Corporate and intelligence service surveillance databases will always be valuable enough to keep, and will eventually become the communal property of the human species and its descendants. Osiris Ani is not half so immortal as you and I; what we do goes in mankind's permanent record. All the world is now a stage, so get your act together and make it count. https://www.youtube.com/watch?v=Zo6UnKr6Bwg :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW2yCwAAoJEDZ0Gg87KR0L4GcP/3UZoLt3omhbVQ+4MppUfFJC dun731+03yVKJkwVTRGhdrKD0li7d6rt3cSt+pfkEjcbq3dP4KHs4rRVz+uO4mWS 0c9eAhdqrkglqCkMZLtpEVRm1f24I+rYV3qFpcbc2rvqic1dvgCF6V0NEAptXgZk 6BPT6Xc26tZ9p1s+fMT0+rbRzTvm9K9F2IGydbmXrzem3xj9ptyUHG6kn6cY1/x9 IDem7/aGaSyoN97idIAepMBI5plkvQ9TYQgsmhp/f0EFLS2dYmA7jAB+BxnU5/vs MyD7KY76IPwfk9deX9Fil9p8aafpCq4gENUSn62Ld6YVzKvf+OsO/RatcqySNqeC ZVKqorEQYAiqRO6pecbxnoicfHJ++NdCkLJLAViu+aY1VgkEvjx4r86XkvD4TYZH IdKtOao2OWWIFYGfVYt2PqYWpHlWEHE4LvJQNHxKwXpqWPp/S1u2nWAjEbTdrXoj ni3jkiLD1/yVVIpF6pe7uUxyL3j8U5waqo2m5ddQMLwBjIXu1+U5CGYeq3IqXR6b CiIp85ODLZpbP14qYZea3oa2GvgwHhaeko0sa8VF0g/pQ0Ojhe9rMuI5T5kTblOG oljbCIdsF/an5WbyaMZa0EkJMIXGgun7sXSeM9j+GMsxibdc9I6XQ4CI2SvqNAmP LnJ8s9ErOmI9RpK8RTVP =T01l -----END PGP SIGNATURE----- From grarpamp at gmail.com Sat Mar 5 11:45:27 2016 From: grarpamp at gmail.com (grarpamp) Date: Sat, 5 Mar 2016 14:45:27 -0500 Subject: Bitcoin: A Miner Problem In-Reply-To: <20160304084923.GE2300@sivokote.iziade.m$> References: <20160304084923.GE2300@sivokote.iziade.m$> Message-ID: On 3/4/16, Georgi Guninski wrote: >> http://qntra.net/2016/03/a-miner-problem/ > > IIRC sufficiently many dishonest nodes (51%?) might screw bitcoin much > worse, it had something to do with consesus/transactions. > > Is the above true? Theres some random link http://bitcoin.stackexchange.com/questions/658/what-can-an-attacker-with-51-of-hash-power-do > Isn't this "cartel" the "free market" in juan's anarchist utopia? Yes. That's supposed to happen. t's also supposed to happen that there will be many independant brains out there that introduce opposing forces. But traditional sheeple don't exactly spin up as independant actors quickly when anarchism is suddenly dropped on them, thus they get raped for a while till they do. The one or two past situations over 50% were voluntarily rebalanced by pools and miners. However since pools are still too uneven few and large multi percent chunks the possible combinations and motives aren't ideal. People will eventually realize that they, as millions of users, are the ones who should be doing the mining, all independantly under a known and necessary code of poolsize limiting, a vested stake in preserving value of their own assets and economy, thus distributed impossible to be abused by large pools / entity cabal miners. Most users don't get that yet. Though the 21 of things is a step towards that. They also don't seem to get that ineffective bitcoin leadership (for those that don't believe in the anarchist blockchain as a possibility itself) is repressing and destroying their value and utility. From juan.g71 at gmail.com Sat Mar 5 10:19:03 2016 From: juan.g71 at gmail.com (juan) Date: Sat, 5 Mar 2016 15:19:03 -0300 Subject: participation in sensor networks In-Reply-To: <56DB20B8.2010909@pilobilus.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> Message-ID: <56db2355.8e4a370a.21598.3c01@mx.google.com> On Sat, 5 Mar 2016 13:08:56 -0500 Steve Kinney wrote: > I for one welcome universal surveillance, Crazy. Perhaps you didn't notice that what you welcome is even more absolute state power? > an unavoidable > consequence of universal data network access. Corporate and > intelligence service surveillance databases will always be > valuable enough to keep, and will eventually become the communal > property of the human species and its descendants. > > Osiris Ani is not half so immortal as you and I; what we do goes > in mankind's permanent record. All the world is now a stage, so > get your act together and make it count. > > https://www.youtube.com/watch?v=Zo6UnKr6Bwg > > :o) > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (GNU/Linux) > > iQIcBAEBAgAGBQJW2yCwAAoJEDZ0Gg87KR0L4GcP/3UZoLt3omhbVQ+4MppUfFJC > dun731+03yVKJkwVTRGhdrKD0li7d6rt3cSt+pfkEjcbq3dP4KHs4rRVz+uO4mWS > 0c9eAhdqrkglqCkMZLtpEVRm1f24I+rYV3qFpcbc2rvqic1dvgCF6V0NEAptXgZk > 6BPT6Xc26tZ9p1s+fMT0+rbRzTvm9K9F2IGydbmXrzem3xj9ptyUHG6kn6cY1/x9 > IDem7/aGaSyoN97idIAepMBI5plkvQ9TYQgsmhp/f0EFLS2dYmA7jAB+BxnU5/vs > MyD7KY76IPwfk9deX9Fil9p8aafpCq4gENUSn62Ld6YVzKvf+OsO/RatcqySNqeC > ZVKqorEQYAiqRO6pecbxnoicfHJ++NdCkLJLAViu+aY1VgkEvjx4r86XkvD4TYZH > IdKtOao2OWWIFYGfVYt2PqYWpHlWEHE4LvJQNHxKwXpqWPp/S1u2nWAjEbTdrXoj > ni3jkiLD1/yVVIpF6pe7uUxyL3j8U5waqo2m5ddQMLwBjIXu1+U5CGYeq3IqXR6b > CiIp85ODLZpbP14qYZea3oa2GvgwHhaeko0sa8VF0g/pQ0Ojhe9rMuI5T5kTblOG > oljbCIdsF/an5WbyaMZa0EkJMIXGgun7sXSeM9j+GMsxibdc9I6XQ4CI2SvqNAmP > LnJ8s9ErOmI9RpK8RTVP > =T01l > -----END PGP SIGNATURE----- From grarpamp at gmail.com Sat Mar 5 12:23:18 2016 From: grarpamp at gmail.com (grarpamp) Date: Sat, 5 Mar 2016 15:23:18 -0500 Subject: [Cryptography] EFF amicus brief in support of Apple In-Reply-To: References: <20160304220134.81297.qmail@ary.lan> Message-ID: > Bottom line: if FBI/DoJ can strongarm Apple into electronically > signing malware, then we have entered into a truly new imperial > era, where trillion-dollar companies can be rubber-hosed into > misusing their private crypto keys. > > No amount of technology, per se, can prevent this particular > MITM attack. We're now going to have to have multiple keys > from multiple "trusted" sources prior to accepting a firmware > update. Forget visiting Switzerland or the Cayman Islands > for access to $$$; you may now have to physically go there to > get your iPhone securely updated. See this is a problem. All this trust in single entities, singular and closed systems you keep needing to place. Why in the fuck do you keep doing this? You compute hardware should be completely open. You compute software should be completely open. You should fuse your own keys into your own hardware for software builds you reproducibly build sign and install yourself from distributed opensource software. Open designs, open fabs, open products, open source. You are NOT going to solve these problems without it. And quit crying profit... the work of your plumber is all in the open and profitable. Or quality... all quality is currently shit, but at least you stand a chance of seeing the flies on it if it's open. > I'm sure that Microsoft/HP/Dell are looking upon these > proceedings with mixed feelings, as I suspect that they've > *already* provided their code-signing keys to the govt Like all those call and other data... just for the asking, thus retroactive immunity for them, thus rolled up for absorption and enacted by an unaccountable government. > -- perhaps under FISA NSL > -- or perhaps out of a misplaced sense of patriotism. These two are one and the same. > Apple's digital signature is tied to their credible responsibility that software > they sign is theirs Yes it's theirs, which they can fuck you with at any time... because you trusted them, oops. > and in the best interest of their customers and Apple's business. These are in tenacious conflict. > As a minimum the existence of compelled software lays waste to the EULA. Shrinkwrap hardware / software EULAs offer you nothing concrete, trustworthy, or compensatable. All to them, none to you. Negotiated contracts are different but just as tricky. From admin at pilobilus.net Sat Mar 5 12:41:04 2016 From: admin at pilobilus.net (Steve Kinney) Date: Sat, 5 Mar 2016 15:41:04 -0500 Subject: participation in sensor networks In-Reply-To: <56db2355.8e4a370a.21598.3c01@mx.google.com> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> Message-ID: <56DB4460.8090007@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/05/2016 01:19 PM, juan wrote: > On Sat, 5 Mar 2016 13:08:56 -0500 Steve Kinney > wrote: > > >> I for one welcome universal surveillance, > > Crazy. Perhaps you didn't notice that what you welcome is even > more absolute state power? Crazy? More like far out. Universal surveillance enables abuses of State power only when access to collected data is restricted to State sanctioned actors. When everything becomes searchable by anybody, the inability of State sanctioned actors to conceal their activities or effectively lie about their history and motives will inhibit their potential for destructive action. "Power over others" depends in large part on secrecy, while "powers of self determination" depend largely on free and open access to information. In the long run, the secrecy problem will take care of itself, because the abuses of power it enables have already killed the State: At least, in the sense that a trans-national State hard wired for self destruction, defending that program by any means necessary, is "already dead." :o) >> an unavoidable consequence of universal data network access. >> Corporate and intelligence service surveillance databases >> will always be valuable enough to keep, and will eventually >> become the communal property of the human species and its >> descendants. >> >> Osiris Ani is not half so immortal as you and I; what we do >> goes in mankind's permanent record. All the world is now a >> stage, so get your act together and make it count. >> >> https://www.youtube.com/watch?v=Zo6UnKr6Bwg >> >> :o) >> >> >> >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 >> (GNU/Linux) >> >> iQIcBAEBAgAGBQJW2yCwAAoJEDZ0Gg87KR0L4GcP/3UZoLt3omhbVQ+4MppUfFJC >> >> dun731+03yVKJkwVTRGhdrKD0li7d6rt3cSt+pfkEjcbq3dP4KHs4rRVz+uO4mWS >> 0c9eAhdqrkglqCkMZLtpEVRm1f24I+rYV3qFpcbc2rvqic1dvgCF6V0NEAptXgZk >> >> 6BPT6Xc26tZ9p1s+fMT0+rbRzTvm9K9F2IGydbmXrzem3xj9ptyUHG6kn6cY1/x9 >> IDem7/aGaSyoN97idIAepMBI5plkvQ9TYQgsmhp/f0EFLS2dYmA7jAB+BxnU5/vs >> >> MyD7KY76IPwfk9deX9Fil9p8aafpCq4gENUSn62Ld6YVzKvf+OsO/RatcqySNqeC >> ZVKqorEQYAiqRO6pecbxnoicfHJ++NdCkLJLAViu+aY1VgkEvjx4r86XkvD4TYZH >> >> IdKtOao2OWWIFYGfVYt2PqYWpHlWEHE4LvJQNHxKwXpqWPp/S1u2nWAjEbTdrXoj >> ni3jkiLD1/yVVIpF6pe7uUxyL3j8U5waqo2m5ddQMLwBjIXu1+U5CGYeq3IqXR6b >> >> CiIp85ODLZpbP14qYZea3oa2GvgwHhaeko0sa8VF0g/pQ0Ojhe9rMuI5T5kTblOG >> oljbCIdsF/an5WbyaMZa0EkJMIXGgun7sXSeM9j+GMsxibdc9I6XQ4CI2SvqNAmP >> >> LnJ8s9ErOmI9RpK8RTVP >> =T01l -----END PGP SIGNATURE----- > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW20RdAAoJEDZ0Gg87KR0LvfEQAJ6RHhumNVAqlEyYpKkyi8Cp i376vY+SDoo6Idvtvd21fDc1xi/YWJYMG1vhlzkgsK7UYL0Z+slLNWjSLTqo4ReD b8+o6KHFDDHLeTWRB12rxVa48ZzuOq0WFxdDsyhLRcs0Th6WQdndoSFCUvqYiUOu 9q2tTUVyriKBal76fN8xb3dFGnC5Pwvt9mXl7fBSig4aLzp507kB5d8y+sccP6oe fqlmHR0D4hrQ9uHmMj7TqpBMXB0yT0YcVd3kM2fjgvqQqDsXM8126fgiiCPovDJi uz4ZP1Nc+9ObLw1aetxazy1AWXu35nv/PXsMkdp6wJsXZL54jRluFrsXJJ+pypKf IO6skr3mQAVDWuKzBX8C82VaeXvudx7t9goyjMTTtj7uNe8sI+B0TKNudQIJro/m UJpcfqyYNEjQJZA/qtwqtwLs7kSEAxeWUi4D6xYPCsXVUYNC1/tvNfgIjZKCa1UX BDuGTFwaT4Lzc5W391rNtfXuOX8coLYCTQDbdYEKrtwwSpcbNnX5Z+8zK0BzQEkU qNy/P9DUPsPV7pc4YKhnuEV9MPnU2WRDyzo/ScglJ7BayMj81nMdqD7riLApj0Fd TkFglMBjd+fxnu0XIeeD0AWcfarnuwDdI53/6hshRLqT3IhwVnOrliNOmZpSbwVA E+qukltW+n/7IJHF9x2Q =i8lz -----END PGP SIGNATURE----- From hozer at hozed.org Sat Mar 5 15:39:21 2016 From: hozer at hozed.org (Troy Benjegerdes) Date: Sat, 5 Mar 2016 17:39:21 -0600 Subject: [Cryptography] EFF amicus brief in support of Apple In-Reply-To: References: <20160304220134.81297.qmail@ary.lan> Message-ID: <20160305233921.GZ3544@nl.grid.coop> On Sat, Mar 05, 2016 at 03:23:18PM -0500, grarpamp wrote: > > Bottom line: if FBI/DoJ can strongarm Apple into electronically > > signing malware, then we have entered into a truly new imperial > > era, where trillion-dollar companies can be rubber-hosed into > > misusing their private crypto keys. > > > > No amount of technology, per se, can prevent this particular > > MITM attack. We're now going to have to have multiple keys > > from multiple "trusted" sources prior to accepting a firmware > > update. Forget visiting Switzerland or the Cayman Islands > > for access to $$$; you may now have to physically go there to > > get your iPhone securely updated. > > See this is a problem. All this trust in single entities, > singular and closed systems you keep needing to place. > Why in the fuck do you keep doing this? > > You compute hardware should be completely open. > You compute software should be completely open. > You should fuse your own keys into your own hardware > for software builds you reproducibly build sign and install > yourself from distributed opensource software. > > Open designs, open fabs, open products, open source. > You are NOT going to solve these problems without it. > > And quit crying profit... the work of your plumber is all in the > open and profitable. > > Or quality... all quality is currently shit, but at least > you stand a chance of seeing the flies on it if it's open. > The http://q3ube.be , https://puri.sm/ and http://efabless.com are open for business. If you happen to own a chain of gas stations you might decide an open hardware and multi-signature payment system that lets the customers authenticate the gas pump before payment might be a good long-term investment if you want to keep your customers. http://www.wthr.com/story/31039979/credit-card-skimmers-hit-again-in-central-indiana Place your orders now, or learn how to eat the cost of systems re-compromised with legislative trojans and court-order malware. And if you want to make any money in this space, think like a plumber and get used to dealing with everyone else's shit. -- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer at hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash From juan.g71 at gmail.com Sat Mar 5 13:01:38 2016 From: juan.g71 at gmail.com (juan) Date: Sat, 5 Mar 2016 18:01:38 -0300 Subject: participation in sensor networks In-Reply-To: <56DB4460.8090007@pilobilus.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> <56DB4460.8090007@pilobilus.net> Message-ID: <56db4971.c152370a.3c27b.4c42@mx.google.com> On Sat, 5 Mar 2016 15:41:04 -0500 Steve Kinney wrote: > > Universal surveillance enables abuses of State power only when > access to collected data is restricted to State sanctioned actors. Yeah well. The obvious assumption(fact) is that surveillance is carried by the state and its proxies and only they have access to the data. Which is exactly what's happening now. Oh, and not only they have access to the data, they also have access to the guns. So the more data they have, the more damage they can cause. > When everything becomes searchable by anybody, the inability of > State sanctioned actors to conceal their activities or effectively > lie about their history and motives will inhibit their potential > for destructive action. Sorry, I'm not buying that. First, the idea that joe-six-pack is going to have access to the pentagon's satellites is sheer nonsense. And even if he somehow did he wouldn't have access to the the guns. So what good would the information be? > "Power over others" depends in large part > on secrecy, Power over others depends on guns. > while "powers of self determination" depend largely on > free and open access to information. Information is required but information alone will get you nowhere. Or more likely it would get you in jail. > In the long run, the secrecy problem will take care of itself, > because the abuses of power it enables have already killed the > State: > At least, in the sense that a trans-national State hard > wired for self destruction, defending that program by any means > necessary, is "already dead." Well, the only thing missing to prove that claim is...evidence. > > :o) > > From doricuo6 at hartfordbrass.com Sat Mar 5 07:39:50 2016 From: doricuo6 at hartfordbrass.com (Elinor Staton) Date: Sat, 5 Mar 2016 19:09:50 +0330 Subject: Embarrassed of a locker room issue? Then add some inches to him. Message-ID: <000d01d176f5$417ea920$6400a8c0@doricuo6> Since your early childhood you were embarrassed of the size of your little friend? Now you can overcome your fear by enlarging it to the needed extend and get the desired confidence. Why don't you click -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 695 bytes Desc: not available URL: From admin at pilobilus.net Sat Mar 5 17:22:30 2016 From: admin at pilobilus.net (Steve Kinney) Date: Sat, 5 Mar 2016 20:22:30 -0500 Subject: Unredacted SecureDrop 0.3.4 audit report Message-ID: <56DB8656.4030406@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 An independent audit found a substantial deficiency in one of the dependencies of the SecureDrop document submission / management protocol. SecureDrop gave the devs time to fix it before publishing, but so far the issue remains unresolved: Publishing the unredacted SecureDrop 0.3.4 audit report https://freedom.press/blog/2015/12/publishing-unredacted-securedrop- 034-audit-report vs. https://tinyurl.com/hgeyab8 FTA: SecureDrop uses OSSEC, a popular open source host-based intrusion detection system (HIDS). The OSSEC architecture consists of a single central server, called the Manager, which monitors one or more systems. The monitored systems have programs called Agents, which collect a variety of information and forward it to the Manager for analysis and correlation. The Manager and the Agents may communicate with one of two protocols: "syslog" or "secure". The "secure" protocol is a custom crypto protocol based on shared secret keys that are set up during OSSEC deployment. NCC Group reviewed the custom protocol and found two serious issues in its cryptographic design: Protocol messages are encrypted with the shared secret key using Blowfish in CBC mode. Unfortunately, the protocol uses a static initialization vector (IV) to encrypt and decrypt all messages. This essentially reduces CBC mode to ECB mode and fails to achieve semantic security. Protocol messages are not authenticated. Each message includes an MD5 hash of the plaintext payload with the encrypted content, but this is not a strong authenticator. Among other things, it violates Moxie Marlinspike's "Cryptographic Doom Principle". For more detail, see the finding in the unredacted audit report. NCC Group did not take the time to investigate a proof of concept (PoC) attack based on this vulnerability, but that is not surprising given the limited duration of their engagement and the fact that their focus was on SecureDrop, not OSSEC. Nonetheless, these are serious cryptographic design flaws that could lead to a practical attack in the future. We encourage all OSSEC users to examine their current deployments, consider the level of exposure of any OSSEC "secure" protocol traffic to potential adversaries, and make changes accordingly. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW24ZTAAoJEDZ0Gg87KR0LJHAP/ihVjalG8ZNc8kvIQxgSCRro DtwCzakkNSxPzCSjX28UMhDy2nnBkz6IIBBcMP7A7p40lQHKmRRhg34ceGgk1rOw 1SGrPZWeZCZH+s2T30mGHZDGskpe6tmnlZTajbZ5oEe3qSNW1soRqsYTa3K4vNC6 ezPV28SNIwUaqKZ3JWu1Z+QMnHW6lLsbmIpGmCRByAI5tYOYoxpyXEoxRb4sA9Iq //B1vJgfhkAdE7eES2aVGwAidOfPGUHi6M3mWy5TP912yMUok9YW2kyIqDisBpjr BMJRutGCiK9ih0OFiJig/kcHpENGROQVtD0cAa7mEJhBLUB/Mt4brYHT2+XQFSC6 rpjEBbm4iHr+0mn4JBZC+Op4ImJpU8Bhx26EaDU2t5xVZ3m3GFMTQal7PuMieZS+ 05vKIFHMJhkg0tOS6SqC62wKYuxy9XcvlaUlpXcAfnKn9E3tYXP1P2Ez5Ahuqhml WXiIX+JCbE9nLcvuK6IFUvTvWe62JTP3IXv38vP1tFi7j2OWlnYd5PsVsvJecT/U ibiUb/uw8gdsmLHmcAXEJ/YgWsIC7zOul8ORL7MGwa2rcytOf8i3ckUbA6dGM9iA 6nzM//V/H91DsHicngwZ9+zMQRtm3vmp+biXPsSv+fXGdRhxOGiePbrbeeEuVvqq d67XJxo5T/IpitF2L4j0 =gRP3 -----END PGP SIGNATURE----- From grarpamp at gmail.com Sun Mar 6 01:27:54 2016 From: grarpamp at gmail.com (grarpamp) Date: Sun, 6 Mar 2016 04:27:54 -0500 Subject: Bitcoin: A Miner Problem In-Reply-To: <20160306063159.GA2459@sivokote.iziade.m$> References: <20160304084923.GE2300@sivokote.iziade.m$> <20160306063159.GA2459@sivokote.iziade.m$> Message-ID: On 3/6/16, Georgi Guninski wrote: > social engineered and/or owned again. > Hope this is wrong. Nobody's going to want to pay BTC over 3% CC fee in retail. Dark money can tolerate more fees, but how much? We still see in and out at up to 10% local and washing at 2*3%, plus the 4+*3% real world retail tolerance txfee limit, is 38+% the dark max before they too bail out? So eventually, real soon now... - Every bitcoin user must realize they have to volunteer, develop, sell at cost, and put a $25 open mining chip in their system. This kills mining profit cartels and gives top end network tx capacity (nodecount) beyond visa+mc+banks... after tuning network protocols. (Hypothesis of mining requiring / enabled by profit, instead of just to keep the net up so your unspent value can play, was likely design flaw... lots of networks operate fine on volunteerism without pay.) - Tx scaling must be solved into that new distributed capacity. - Blockchain disk storage must be distributed into distributed protocol archives, possibly with aging by requiring unspents be spent past archive checkpoints. More protocol work for this. In all this, nobody can have their keys invalidated, diminished in value, or be required to push their unspent through a realworld exchange into some other value (black and private market cap, whether entity or personal, are now huge and will refuse to play that). Nor is it known if and for how many hours flag days could be done. All seems sortof deadlocked right now... Popcorn at the halfening for sure :) I'm hodling. From admin at pilobilus.net Sun Mar 6 05:08:10 2016 From: admin at pilobilus.net (Steve Kinney) Date: Sun, 6 Mar 2016 08:08:10 -0500 Subject: participation in sensor networks In-Reply-To: <56db4971.c152370a.3c27b.4c42@mx.google.com> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> <56DB4460.8090007@pilobilus.net> <56db4971.c152370a.3c27b.4c42@mx.google.com> Message-ID: <56DC2BBA.9040909@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/05/2016 04:01 PM, juan wrote: > On Sat, 5 Mar 2016 15:41:04 -0500 Steve Kinney > wrote: > > >> >> Universal surveillance enables abuses of State power only >> when access to collected data is restricted to State >> sanctioned actors. > > Yeah well. The obvious assumption(fact) is that surveillance > is carried by the state and its proxies and only they have > access to the data. Which is exactly what's happening now. > > Oh, and not only they have access to the data, they also have > access to the guns. So the more data they have, the more > damage they can cause. "The guns" tend to backfire: Common or garden variety capital murders by police officers in the U.S. has re-ignited the Civil Rights movement, for example. Putting that big black genii back in the bottle is a job for covert political warfare via propaganda, deception and PsyOps. The outcome of every revolution I have studied was determined before the first shot was fired. The real damage enabled by mass surveillance in State and Corporate hands includes: Fine tuning and targeting of propaganda in near realtime to achieve maximum influence. Early detection and proactive response to disrupt and co-opt "trending" populist and radical factions. Automated social network mapping and behavior analysis in support of political warfare. >> When everything becomes searchable by anybody, the inability >> of State sanctioned actors to conceal their activities or >> effectively lie about their history and motives will inhibit >> their potential for destructive action. > > > Sorry, I'm not buying that. First, the idea that joe-six-pack > is going to have access to the pentagon's satellites is sheer > nonsense. And even if he somehow did he wouldn't have access > to the the guns. So what good would the information be? Not so much Joe Six Pack as Jane Citizen Journalist. Up to a point of diminishing returns, every time "the guns" are used against her, a dozen more of her appear. As the point of diminishing returns for that function approaches, civil uprisings in response to State violence become likely. >> "Power over others" depends in large part on secrecy, > > Power over others depends on guns. The most important single item of State propaganda against populist and radical politics: Power over others depends on guns. Any challenge to State power that depends primarily on armed conflict has a single, certain outcome: Victory for the State. Again, the outcome of a revolution is determined before the first shot is fired. Building a large base of popular support and a network of ideologically committed cadres is the key to success, and the principal objective of State political warfare is to prevent this from happening. Naive wannabe anarchists who want to "go directly to guns, do not pass the hat, do not collect 200 supporters" only provide the State with a handy means of discrediting its more /effective/ opponents. >> while "powers of self determination" depend largely on free >> and open access to information. > Information is required but information alone will get you > nowhere. Or more likely it would get you in jail. > > >> In the long run, the secrecy problem will take care of >> itself, because the abuses of power it enables have already >> killed the State: At least, in the sense that a >> trans-national State hard wired for self destruction, >> defending that program by any means necessary, is "already >> dead." > > > Well, the only thing missing to prove that claim > is...evidence. Evidence means nothing without context; information that is not actionable is not intelligence. Step one, know your adversary. Who and what IS the State, and why is it so toxic? Some clues from the Harvard National Security Journal here: National Security and Double Government by Michael J. Glennon http://harvardnsj.org/wp-content/uploads/2014/01/Glennon-Final.pdf :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW3Cu2AAoJEDZ0Gg87KR0LmSAQAK4nS9NJ3k87dH8ODw3eH0O+ oNxhX6us0RKkq04jo8bn4mi/DzdzPmWYfxsyhJlgx2Gzp8+0/wWL35Qu7Tcj87la gfTMwUYIw6an+y1xztn4DhTYRliRybLj6egs9JWLNLm7y3Rp80Z5GmtPhpeiCjwQ XGq+qZzepKak9LDGSVogrPDlfKMlH8hvJpccf5TWKoNU+R+RaHLOlS0cmz5grNwd JfNv3opRZisueeqme93MlWBS2c4Y9fAT4/U+lZoLt/Ye8R+wTI4RbPxcHVtfFruh I9jUrqoZNZ9BQTv6NZDuWU4laMFFXKmXF+nVW+JXx3Y40DXm8qb65bw2lvyLQ3QF wD6Ht+TFCWuSYPAO9qsC8LN4APtRKUP7/pkmHSRMtroGLjgUx6xo5/gYSVl6XDwE fQG2578tNUsSNRt0skXJysXz/NShc07MAQGR7/+uejvcUPry1CcSsbbpYfSIk7UI Xmk6MVLlx6RPUxH1rJNO7PVEf515ro+67xHx2d/Bv/ABFT9cNXZ/c962nglp+T5D 6ILcvaJRqVhvgUcAy8psVbawmYWN55DMceM9KOM5eAIEWvW3XHFaj7+uwKBycZT8 SxImCUW/MSPhugvTbx/SliIKS7hnUG0BpcjwvsRD+5JHF+Tc7JNSH978qXRJzt+0 z42HWVWYmP/rv4feXy5u =MmU2 -----END PGP SIGNATURE----- From guninski at guninski.com Sat Mar 5 22:31:59 2016 From: guninski at guninski.com (Georgi Guninski) Date: Sun, 6 Mar 2016 08:31:59 +0200 Subject: Bitcoin: A Miner Problem In-Reply-To: References: <20160304084923.GE2300@sivokote.iziade.m$> Message-ID: <20160306063159.GA2459@sivokote.iziade.m$> On Sat, Mar 05, 2016 at 02:45:27PM -0500, grarpamp wrote: > > Isn't this "cartel" the "free market" in juan's anarchist utopia? > .... > People will eventually realize that they, as millions of users, are the ones > who should be doing the mining, all independantly under a known > and necessary code of poolsize limiting, a vested stake in preserving > value of their own assets and economy, thus distributed impossible to > be abused by large pools / entity cabal miners. Most users don't get that > yet. Though the 21 of things is a step towards that. > Don't expect people to change for good in real life and likely even in bitcoin. Probably the best can happen is they get pissed off because of starvation, make a revolution, then soon after get social engineered and/or owned again. Hope this is wrong. From carimachet at gmail.com Sun Mar 6 00:04:03 2016 From: carimachet at gmail.com (Cari Machet) Date: Sun, 6 Mar 2016 09:04:03 +0100 Subject: WIRED: The Future of Wi-Fi Is 10,000 Times More Energy Efficient Message-ID: Engineering students have discovered a way to reflect Wi-Fi packets instead of broadcasting them. http://www.wired.com/2016/03/future-wi-fi-10000-times-energy-efficient/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 284 bytes Desc: not available URL: From admin at pilobilus.net Sun Mar 6 06:25:09 2016 From: admin at pilobilus.net (Steve Kinney) Date: Sun, 6 Mar 2016 09:25:09 -0500 Subject: Postscript re popular vs. State power In-Reply-To: <56DC2BBA.9040909@pilobilus.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> <56DB4460.8090007@pilobilus.net> <56db4971.c152370a.3c27b.4c42@mx.google.com> <56DC2BBA.9040909@pilobilus.net> Message-ID: <56DC3DC5.8010704@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> Well, the only thing missing to prove that claim >> is...evidence. > > Evidence means nothing without context; information that is > not actionable is not intelligence. Step one, know your > adversary. Who and what IS the State, and why is it so toxic? > Some clues from the Harvard National Security Journal here: > > National Security and Double Government by Michael J. Glennon > > http://harvardnsj.org/wp-content/uploads/2014/01/Glennon-Final.pdf Postscript: > The State maintains people on payroll whose job is to study popular uprisings and revolutions, the better to direct those whose job is to put them down by force. Manuals written for the State's own cadres incidentally provide instruction for those who are interested in starting an 'insurgency' of their own: https://publicintelligence.net/usarmy-revolution-insurgency-studies/ Notes: Volumes 2 and 3 are of the most interest. Volume 3 incorporates both historical fact and Big Lie propaganda into its narrative, as required for its contemporary U.S. military audience. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW3D3DAAoJEDZ0Gg87KR0LhOIQANgNiF6LnaKDPDPYvynqOLvs b/uAOJBEjlCnWzBRqRBL4Sj7tscoW7hdsnXv8ID4TMaxmwoRlywS9Et31C4iz5Ny KY30QBvtkuHIHeiYcvv01TfiiwkUWJ7tABuNeNxMJjW447Z4Iacv5xZAGCoPt3ne 3YsRpj/Tpk9j+1Yb+i/yD8tFpM0stKcjMFA4m01t7VoePWzZWJ3GDjwV4O5AKxxt uuja6+PtKLAox3e0qJ+rcNC2Q59HbXZpCEbjX1GEQmnLNLrdRzHrCfVi6sDkuA95 a8/tESLBaMkM7A85qpf1FGzSj3gLjRFMDghBMsd8vx3RMQcsnE1skLAfPTy7OWGj 01qHOz4WR5NHTvhMXlC3/p5q4lgaCswdcQOkRlTLaiJxV9DwSr001vrAD86An13j LQ3K3YQSfCKiDqen/++9g3G80MuLmj3NkwsqDPM+UIFKLZh5kCIwwWfm5K2ETWww t8uuH/vhvwi6UEXS7He+T9Pk3cSrKV/YtwbEOlhinkDeHn5hEKcLH/8/VxtJljG+ YToY0nxJLZrJ2jdjwyPqGvBtsdR8R1Il6o602ywPs9ikbLORn72RI3ukOH70KMOu cuOplCNgNrQBeF/U9NJR4B2Tue24dYoj284UNxtZx04KVkEXJfK3o/ieHRCrqrlF uPM5Z6bZ99DKs1dxUQEB =IZ0G -----END PGP SIGNATURE----- From jya at pipeline.com Sun Mar 6 07:28:55 2016 From: jya at pipeline.com (John Young) Date: Sun, 06 Mar 2016 10:28:55 -0500 Subject: The rewards of frenzied comsec-shopping should be a pardon for Snowden Message-ID: NY Times surmises NSA does not want to reveal its crypto cracking capabilities, that the FBI hopes unskilled users will make exploitable mistakes implementing, that DoD hopes to exploit holes, doubt and errors rather than see them corrected, that hackers and corporations expect to continue to sell 0-days for high prices, that Obama staff has mixed views of weak and strong comsec, that the US hacks both friends and foes, engages in cyber defense and offense, all this feeding opportunistic and obliging media fanning flames with anonymous sources, secret briefings, revolving door job offers of op-eds, essays, speeches, testimonies and spy-approved tattle-tales. Essential to crypto fire-storm is fueling a fire-sale Snowden 0-day attribution. The rewards of this frenzied comsec-shopping should be a pardon for Snowden, along with a life-time free travel in search of anywhere crypto is not needed, just his word comms are good to go naked. From agave at openmailbox.org Sun Mar 6 08:20:54 2016 From: agave at openmailbox.org (agave) Date: Sun, 6 Mar 2016 11:20:54 -0500 Subject: Distributed protocols that combat economy of scale In-Reply-To: <3928149.NAsv7Jq6H8@lapuntu> References: <3928149.NAsv7Jq6H8@lapuntu> Message-ID: <20160306112054.3ca17154@bristlecone> On Sun, 06 Mar 2016 16:41:05 +0100 rysiek wrote: > Hi, > > as "A Miner Problem" shows, even a distributed, p2p solution like > BitCoin suffers from a secondary centralisation flaw. Simply put, > economy of scale lets the biggest player or a cartel of thoise > basically undermine the "decentralized" part and take control over > the network. > > A similar thing has happened with e-mail and GMail. GMail basically > dictates the rules in the e-mail world, simply because they're the > largest and have the most users. Again, economy of scale is to blame. > > So let me pose a question here: is it possible to design a protocol > that does not succumb to economy of scale-based secondary > centralisation? Is it possible to design a protocol that does not > lend itself to economy of scale? > There's always things like TorChat for instant messaging and IPFS for content distribution. There's no concept of any centralisation in either - they're completely peer-to-peer. I'm not sure why you drew a comparison to e-mail - it's inherently centralized, just among several servers. From grarpamp at gmail.com Sun Mar 6 10:42:11 2016 From: grarpamp at gmail.com (grarpamp) Date: Sun, 6 Mar 2016 13:42:11 -0500 Subject: [Cryptography] EFF amicus brief in support of Apple In-Reply-To: <2CF1E7EA-B2F5-4CBA-98BC-63CF511EB96E@lrw.com> References: <20160304220134.81297.qmail@ary.lan> <20160306103307.5fdd9f98@jabberwock.cb.piermont.com> <2CF1E7EA-B2F5-4CBA-98BC-63CF511EB96E@lrw.com> Message-ID: > It's time we stopped believing that there's something magic about open > source software. > There's no way the average person can build their own software from > source [...] forcing your 80 year old grandfather who used to be a chef to audit a > few million lines of source code, compile them, and load them onto > his phone before he can make a phone call isn't going to help No. See, those are the real problems... mindset. You all who say this type of talk are disbelieving apologists still trying to advance control, profit, babysitting, trust us we know better, etc... over others. No one is asserting that opensource is currently better or magic. However, when a billion humans around the world *may* look at and even participate in the hw and sw if they wanted to, versus only 25 people locked in the coderoom of a megacorp whose primary raison d etre is by definition making money... the possible odds that it *could* be better and even a solution to everything as you say... are in fact better. Because it's open, not closed. And even if that doesn't happen, then with opensource there are *still* just 25 talented people involved in and hacking on it... openly, not closed. Nor do I see you offering to personally help those grandfathers around you get their phone / cpu up and running when they understand *why* they want to use the open hw and sw, but come asking some human they know who can help the details. Or setting up some local collectives that do so openly for fun. From grarpamp at gmail.com Sun Mar 6 11:30:19 2016 From: grarpamp at gmail.com (grarpamp) Date: Sun, 6 Mar 2016 14:30:19 -0500 Subject: [Cryptography] EFF amicus brief in support of Apple In-Reply-To: <56DC5D0E.3070102@sonic.net> References: <20160304220134.81297.qmail@ary.lan> <20160306103307.5fdd9f98@jabberwock.cb.piermont.com> <56DC5D0E.3070102@sonic.net> Message-ID: On 3/6/16, Ray Dillinger wrote: > It is possible that a profit center can be identified outside The profit center, and moreover even change for good in other areas, is the Boards and Officers of Apple, Google, Microsoft and so on... standing up and offering additional value... "Hey world, we are now going fully open hardware and software and integrating security and right to privacy models into all our products. Join us." These are the biggest corporations on Earth, and it's time for the grand experiment of open, secure, and private to begin. It's not insane, it's new. From juan.g71 at gmail.com Sun Mar 6 10:30:24 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 6 Mar 2016 15:30:24 -0300 Subject: Bitcoin: A Miner Problem In-Reply-To: References: <20160304084923.GE2300@sivokote.iziade.m$> Message-ID: <56dc777c.c8908c0a.929a0.ffffaeee@mx.google.com> On Sat, 5 Mar 2016 14:45:27 -0500 grarpamp wrote: > On 3/4/16, Georgi Guninski wrote: > >> http://qntra.net/2016/03/a-miner-problem/ > > Isn't this "cartel" the "free market" in juan's anarchist utopia? > > Yes. That's supposed to happen. No, this isn't the free market. For starters, it should be obvious that bitcoin doesn't operate in a free market. If we had a free market in money we wouldn't need bitcoin... Bitcoin is more like a black market. Similar to the black market for, say, some drugs the gov't doesn't like. And actually, bitcoin is more like a single a company, not a 'market'. Finally, allegedly, some people are 'exploiting' a 'known flaw' in the 'bitcoin protocol'. That's not 'a market'. 'Utopian' anarchy assumes that most people behave honestly. And service providers do what they are supposed to do. In this case miners are supposed to 'secure' the network, not attack it. If they attack it then we are not dealing with any kind of 'utopian anarchy', but with ordinary fraud. > it's also supposed to happen > that there will be many independant brains out there that introduce > opposing forces. But traditional sheeple don't exactly spin up as > independant actors quickly when anarchism is suddenly dropped > on them, thus they get raped for a while till they do. > > The one or two past situations over 50% were voluntarily rebalanced > by pools and miners. However since pools are still too uneven few and > large multi percent chunks the possible combinations and motives > aren't ideal. People will eventually realize that they, as millions > of users, are the ones who should be doing the mining, all > independantly under a known and necessary code of poolsize limiting, > a vested stake in preserving value of their own assets and economy, > thus distributed impossible to be abused by large pools / entity > cabal miners. Most users don't get that yet. Though the 21 of things > is a step towards that. > > They also don't seem to get that ineffective bitcoin leadership > (for those that don't believe in the anarchist blockchain as a > possibility itself) is repressing and destroying their value and > utility. From grarpamp at gmail.com Sun Mar 6 12:38:46 2016 From: grarpamp at gmail.com (grarpamp) Date: Sun, 6 Mar 2016 15:38:46 -0500 Subject: [Cryptography] EFF amicus brief in support of Apple In-Reply-To: <20160306142028.79be0d1f@jabberwock.cb.piermont.com> References: <20160304220134.81297.qmail@ary.lan> <20160306103307.5fdd9f98@jabberwock.cb.piermont.com> <2CF1E7EA-B2F5-4CBA-98BC-63CF511EB96E@lrw.com> <20160306142028.79be0d1f@jabberwock.cb.piermont.com> Message-ID: On 3/6/16, Perry E. Metzger wrote: > I'm a practical person. I want systems that work, not that provide > some sort of philosophical warm fuzzies. > Economies of scale are real things. It is nice for a hundred million > people to be able to download patches to their systems automatically > without even having to think about it or understand what a patch is > It is nice for people to be able to download a > game or a to-do application without having to personally audit Open and secure does not preclude any of these things. > Where's the evidence for your assertion? What is your potential when you're chained to a wall? With open, possibility is a right of others, with closed, you forclose it upon them, and likely to serve yourself. That may be part of the potential. > If you look at Android vs. > iOS, iOS, with its much more restrictive environment, seems (as a > practical matter) to be more secure. iOS/Android haven't even hit 10 years old and neither they nor their underlying platforms truly have openness in their core ethos so they can't really be contrasted against each other in the suggested way. > What you're suggesting is impossible. There is no way any of us The general reply is that the overall model of open and all these related things simply hasn't had enough time to develop, execute, and be evaluated in a world that has only known closed. However one thing is of absolute certainty: believing that getting off the rock is impossible... will never get you off the rock. From rysiek at hackerspace.pl Sun Mar 6 07:19:05 2016 From: rysiek at hackerspace.pl (rysiek) Date: Sun, 06 Mar 2016 16:19:05 +0100 Subject: Once again: Tor timing attacks and a Tor confession In-Reply-To: References: <20160229074429.GA2571@sivokote.iziade.m$> <56D443FA.4010609@pilobilus.net> Message-ID: <1570987.9yU48PruzS@lapuntu> Hi, Dnia poniedziałek, 29 lutego 2016 16:57:02 grarpamp pisze: > > My preferred solution: Defund the the agencies that can and > > almost certainly do defeat all current network anonymity > > protocols. My program for accomplishing this objective: Wait. > > They are hell bend on self destruction and Nature will provide. > > You'll be dead by then. It's more fun to risk dying now ;) My personal solution of choice would also be defunding, but I believe this needs some help to happen. > Tor is looking at some forms of network fill traffic, which may > or may not be integrated to the entire network wide sense, or > useful in your own designs... I was thinking (and I'm sure somebody else also got the idea) that maybe combining ideas from Tor with ideas from BotTorrent might be a way to go. Distribute the stuff people access among people accessing it and it becomes harder to do timing attacks, and the network might work a bit faster too. However, it's basically running full speed into one of the two hard problems in IT -- cache invalidation. So, I don't know. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Sun Mar 6 07:41:05 2016 From: rysiek at hackerspace.pl (rysiek) Date: Sun, 06 Mar 2016 16:41:05 +0100 Subject: Distributed protocols that combat economy of scale Message-ID: <3928149.NAsv7Jq6H8@lapuntu> Hi, as "A Miner Problem" shows, even a distributed, p2p solution like BitCoin suffers from a secondary centralisation flaw. Simply put, economy of scale lets the biggest player or a cartel of thoise basically undermine the "decentralized" part and take control over the network. A similar thing has happened with e-mail and GMail. GMail basically dictates the rules in the e-mail world, simply because they're the largest and have the most users. Again, economy of scale is to blame. So let me pose a question here: is it possible to design a protocol that does not succumb to economy of scale-based secondary centralisation? Is it possible to design a protocol that does not lend itself to economy of scale? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From agave at openmailbox.org Sun Mar 6 13:52:13 2016 From: agave at openmailbox.org (agave) Date: Sun, 6 Mar 2016 16:52:13 -0500 Subject: Distributed protocols that combat economy of scale In-Reply-To: <10061069.QLp78G3N7N@lapuntu> References: <3928149.NAsv7Jq6H8@lapuntu> <20160306112054.3ca17154@bristlecone> <10061069.QLp78G3N7N@lapuntu> Message-ID: <20160306165213.398e4310@bristlecone> On Sun, 06 Mar 2016 22:13:41 +0100 rysiek wrote: > It's not centralized in a way Facebook is, for example. While e-mail > was obviously never a p2p system, it was not a centralized system. > The idea was decentralized, federated among *many* servers. > Oh, I see what you mean. > Such was also the idea in BitCoin. As we can see, there's a secondary > (not protocol-level) centralisation happening there. Cartels emerge, > because economy of scale makes them viable, and indeed profitable. > Hmm, I'm not sure if there's any particular way to solve that problem for BitCoin. I can't imagine any ways of establishing consensus among a completely decentralized protocol other than by popular consensus of the participants, and popular consensus can be manipulated easily as the post you mentioned shows. Maybe decentralization ought to be left to communications only? From juan.g71 at gmail.com Sun Mar 6 12:02:34 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 6 Mar 2016 17:02:34 -0300 Subject: participation in sensor networks In-Reply-To: <56DC2BBA.9040909@pilobilus.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> <56DB4460.8090007@pilobilus.net> <56db4971.c152370a.3c27b.4c42@mx.google.com> <56DC2BBA.9040909@pilobilus.net> Message-ID: <56dc8d1c.cfdc8c0a.e2bc8.ffffb60c@mx.google.com> On Sun, 6 Mar 2016 08:08:10 -0500 Steve Kinney wrote: me : > > Oh, and not only they have access to the data, they also have > > access to the guns. So the more data they have, the more > > damage they can cause. > you : > "The guns" tend to backfire: Common or garden variety capital > murders by police officers in the U.S. has re-ignited the Civil > Rights movement, I don't think so. There may have been some backlash caused by 'excessive' police brutality, but overall the state's grip keeps tightening. And surveillance is a key factor. Also, if they kill a bit too many people and that hurts their 'public relations' efforts, all they have to do is kill a bit less people. But it's not like the US state killers are going to surrender their guns any time soon. > > The outcome of every revolution I have studied was determined > before the first shot was fired. The real damage enabled by mass > surveillance in State and Corporate hands includes: > > Fine tuning and targeting of propaganda in near realtime to > achieve maximum influence. > > Early detection and proactive response to disrupt and co-opt > "trending" populist and radical factions. > > Automated social network mapping and behavior analysis in support > of political warfare. Yes, that's part of the damage. Given those problems (and there are more), how can you 'welcome' total surveillance? > > Sorry, I'm not buying that. First, the idea that joe-six-pack > > is going to have access to the pentagon's satellites is sheer > > nonsense. And even if he somehow did he wouldn't have access > > to the the guns. So what good would the information be? > > Not so much Joe Six Pack as Jane Citizen Journalist. Up to a > point of diminishing returns, every time "the guns" are used > against her, a dozen more of her appear. One would think that exactly the opposite happens. It's basic incentives... If doing X gets people jailed, maimed or killed, then people are less likely to do X, not more likely. > As the point of > diminishing returns for that function approaches, civil uprisings > in response to State violence become likely. That's nice wishful thinking but it doesn't address the original point : why should be mass surveillance be welcomed? > > >> "Power over others" depends in large part on secrecy, > > > > Power over others depends on guns. > > The most important single item of State propaganda against > populist and radical politics: Power over others depends on guns. That's a basic fact. It is THE basic fact of 'political theory'. I could in turn retort that trying to obscure that fact is propaganda... Anyway, I should have been more precise. State power comes from guns and organization. People who go against the state are ultimately facing an efficient organization of killers. Victims of the state are outgunned and outnumbered. It should be obvious that total surveillance on the hands of such organization is very problematic. > > Any challenge to State power that depends primarily on armed > conflict has a single, certain outcome: Victory for the State. That depends on particular circumstances. I wasn't primarily advocating armed conflict anyway... > Again, the outcome of a revolution is determined before the first > shot is fired. Building a large base of popular support and a > network of ideologically committed cadres is the key to success, I agree. > and the principal objective of State political warfare is to > prevent this from happening. Well, yes. And intimidation and outright violence are pretty useful tools. It's not just 'propaganda' (although propaganda does play an important role) > > Naive wannabe anarchists who want to "go directly to guns, do not > pass the hat, do not collect 200 supporters" only provide the > State with a handy means of discrediting its more /effective/ > opponents. Like I said I should have mentioned that organization is the other source of state power, even more effective than guns if you wish. So, in order to counter the state organization some sort of coordination is required... > > >> while "powers of self determination" depend largely on free > >> and open access to information. > > Information is required but information alone will get you > > nowhere. Or more likely it would get you in jail. > > > > > >> In the long run, the secrecy problem will take care of > >> itself, because the abuses of power it enables have already > >> killed the State: At least, in the sense that a > >> trans-national State hard wired for self destruction, > >> defending that program by any means necessary, is "already > >> dead." > > > > > > Well, the only thing missing to prove that claim > > is...evidence. > > Evidence means nothing without context; Come on Steve =) You seem to believe that the state is done for because of its 'internal contradictions' or something like that but the evidence shows exactly the opposite. State power keeps growing. And the surveillance mechanisms you said you 'welcome' play an important role in extending state power, not limiting it. > information that is not > actionable is not intelligence. Step one, know your adversary. > Who and what IS the State, and why is it so toxic? Some clues > from the Harvard National Security Journal here: I don't think I need the harvard security' journal to teach what the state is, but I'll take a look anyway. Thanks. Meanwhile you can provide evidence supporting this claims "the abuses of power [surveillance?] enables have already killed the State" The state is alive and kicking. "a trans-national State hard wired for self destruction, defending that program by any means necessary, is "already dead." Fact is, the most powerful nation states, 'led' by the american nation state can morph into a transnational state. Allegedly they already are morphing. And they are not 'self destructing' at all. They are increasing their power. Sorry about not sharing your optimism, but the facts don't lend themselves to any optimistic twisting. > > National Security and Double Government by Michael J. Glennon > > http://harvardnsj.org/wp-content/uploads/2014/01/Glennon-Final.pdf > > :o) > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (GNU/Linux) > > iQIcBAEBAgAGBQJW3Cu2AAoJEDZ0Gg87KR0LmSAQAK4nS9NJ3k87dH8ODw3eH0O+ > oNxhX6us0RKkq04jo8bn4mi/DzdzPmWYfxsyhJlgx2Gzp8+0/wWL35Qu7Tcj87la > gfTMwUYIw6an+y1xztn4DhTYRliRybLj6egs9JWLNLm7y3Rp80Z5GmtPhpeiCjwQ > XGq+qZzepKak9LDGSVogrPDlfKMlH8hvJpccf5TWKoNU+R+RaHLOlS0cmz5grNwd > JfNv3opRZisueeqme93MlWBS2c4Y9fAT4/U+lZoLt/Ye8R+wTI4RbPxcHVtfFruh > I9jUrqoZNZ9BQTv6NZDuWU4laMFFXKmXF+nVW+JXx3Y40DXm8qb65bw2lvyLQ3QF > wD6Ht+TFCWuSYPAO9qsC8LN4APtRKUP7/pkmHSRMtroGLjgUx6xo5/gYSVl6XDwE > fQG2578tNUsSNRt0skXJysXz/NShc07MAQGR7/+uejvcUPry1CcSsbbpYfSIk7UI > Xmk6MVLlx6RPUxH1rJNO7PVEf515ro+67xHx2d/Bv/ABFT9cNXZ/c962nglp+T5D > 6ILcvaJRqVhvgUcAy8psVbawmYWN55DMceM9KOM5eAIEWvW3XHFaj7+uwKBycZT8 > SxImCUW/MSPhugvTbx/SliIKS7hnUG0BpcjwvsRD+5JHF+Tc7JNSH978qXRJzt+0 > z42HWVWYmP/rv4feXy5u > =MmU2 > -----END PGP SIGNATURE----- From juan.g71 at gmail.com Sun Mar 6 13:34:42 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 6 Mar 2016 18:34:42 -0300 Subject: Distributed protocols that combat economy of scale In-Reply-To: <3928149.NAsv7Jq6H8@lapuntu> References: <3928149.NAsv7Jq6H8@lapuntu> Message-ID: <56dca2b0.44e58c0a.38fdd.7961@mx.google.com> On Sun, 06 Mar 2016 16:41:05 +0100 rysiek wrote: > Hi, > > as "A Miner Problem" shows, Sorry is there any other source/analysis for popescu's claims? > even a distributed, p2p solution like > BitCoin suffers from a secondary centralisation flaw. Actually, if the cartel exists, what it shows is a flaw in the bitcoin protocol. A look at the original bitcoin paper suggests that the author(s) didn't bother too much with the network side of things. Didn't forsee the use of specialized hardware. Et cetera. "The network itself requires minimal structure." "The network is robust in its unstructured simplicity." Looks like it isn't... > Simply put, > economy of scale lets the biggest player or a cartel of thoise > basically undermine the "decentralized" part and take control over > the network. > > A similar thing has happened with e-mail and GMail. Good example. Because google isn't the result of 'economy of scale' but it's a great example of what the state can accomplish using a 'private' facade. > GMail basically > dictates the rules in the e-mail world, simply because they're the > largest and have the most users. Again, economy of scale is to blame. > > So let me pose a question here: is it possible to design a protocol > that does not succumb to economy of scale-based secondary > centralisation? Is it possible to design a protocol that does not > lend itself to economy of scale? > From juan.g71 at gmail.com Sun Mar 6 13:53:20 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 6 Mar 2016 18:53:20 -0300 Subject: Postscript re popular vs. State power In-Reply-To: <56DC3DC5.8010704@pilobilus.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> <56DB4460.8090007@pilobilus.net> <56db4971.c152370a.3c27b.4c42@mx.google.com> <56DC2BBA.9040909@pilobilus.net> <56DC3DC5.8010704@pilobilus.net> Message-ID: <56dca70f.b1178c0a.f7252.ffffc136@mx.google.com> On Sun, 6 Mar 2016 09:25:09 -0500 Steve Kinney wrote: > > National Security and Double Government by Michael J. Glennon > > > > http://harvardnsj.org/wp-content/uploads/2014/01/Glennon-Final.pdf > abstract : "U.S. national security policy is defined by the network of executive officials who manage the departments and agencies responsible for protecting U.S. national security and who, responding to structural incentives embedded in the U.S. political system, operate largely removed from public view and from constitutional constraints. " I think I already knew that. The three branches of american government? Hollywood, corporate, the military. I'm reading the article anyway, although it's far too long. Did you read it? Am I supposed to look for something in particular? From skquinn at rushpost.com Sun Mar 6 17:11:03 2016 From: skquinn at rushpost.com (Shawn K. Quinn) Date: Sun, 06 Mar 2016 19:11:03 -0600 Subject: Distributed protocols that combat economy of scale In-Reply-To: <20160306112054.3ca17154@bristlecone> References: <3928149.NAsv7Jq6H8@lapuntu> <20160306112054.3ca17154@bristlecone> Message-ID: <1457313063.6719.4.camel@moonpatrol> On Sun, 2016-03-06 at 11:20 -0500, agave wrote: > On Sun, 06 Mar 2016 16:41:05 +0100 > rysiek wrote: > > > Hi, > > > > as "A Miner Problem" shows, even a distributed, p2p solution like > > BitCoin suffers from a secondary centralisation flaw. Simply put, > > economy of scale lets the biggest player or a cartel of thoise > > basically undermine the "decentralized" part and take control over > > the network. > > > > A similar thing has happened with e-mail and GMail. GMail basically > > dictates the rules in the e-mail world, simply because they're the > > largest and have the most users. Again, economy of scale is to blame. > > > > So let me pose a question here: is it possible to design a protocol > > that does not succumb to economy of scale-based secondary > > centralisation? Is it possible to design a protocol that does not > > lend itself to economy of scale? > > > > There's always things like TorChat for instant messaging and IPFS for > content distribution. There's no concept of any centralisation in > either - they're completely peer-to-peer. I'm not sure why you drew a > comparison to e-mail - it's inherently centralized, just among > several servers. As used today, with many people using services like GMail, Hotmail, etc it could be considered centralized. However, in the sense that I can set up my own email server, and have someone email me at a given address without having to get approved by a central authority first, it is decentralized. Email doesn't even strictly require DNS to work, as there is an email address syntax (rarely used these days, but still technically valid) for addressing email directly to a given userid at a specific IP address by dotted quad. -- Shawn K. Quinn From juan.g71 at gmail.com Sun Mar 6 14:24:23 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 6 Mar 2016 19:24:23 -0300 Subject: Postscript re popular vs. State power In-Reply-To: <56DC3DC5.8010704@pilobilus.net> References: <20160303133414.74CCDA06DBB@palinka.tinho.net> <20160304120616.GF2300@sivokote.iziade.m$> <56DB20B8.2010909@pilobilus.net> <56db2355.8e4a370a.21598.3c01@mx.google.com> <56DB4460.8090007@pilobilus.net> <56db4971.c152370a.3c27b.4c42@mx.google.com> <56DC2BBA.9040909@pilobilus.net> <56DC3DC5.8010704@pilobilus.net> Message-ID: <56dcae56.8add370a.1b9db.ffffbd3f@mx.google.com> On Sun, 6 Mar 2016 09:25:09 -0500 Steve Kinney wrote: > > National Security and Double Government by Michael J. Glennon > > > > http://harvardnsj.org/wp-content/uploads/2014/01/Glennon-Final.pdf > OK. Finished browsing those more than 100 pages of 'academic' garbage. What's the bottom line according to you? The author is lying about the relationship between bureaucracies like the nsa/cia/fbi etc and bureaucracies like the US 'congress'. Both bureaucracies fully cooperate and are sides of the same coin. The author is of course pretty dishonest about the whole thing. At times it seems at if he's critical of the state while at the same time constantly praises the 'national security' bureaucracy. "The benefits derived by the United States from double government —enhanced technical expertise, institutional memory and experience, quick-footedness, opaqueness in confronting adversaries, policy stability, and insulation from popular political oscillation and decisional idiosyncrasy —need hardly be recounted." Aren't his nsa buddies great. All in all a long piece of statist propaganda from harvard university using the very traditional americunt propaganda technique of posing as 'liberal 'libertarian' 'critics' of the system. From grarpamp at gmail.com Sun Mar 6 18:05:08 2016 From: grarpamp at gmail.com (grarpamp) Date: Sun, 6 Mar 2016 21:05:08 -0500 Subject: Distributed protocols that combat economy of scale In-Reply-To: <56dca2b0.44e58c0a.38fdd.7961@mx.google.com> References: <3928149.NAsv7Jq6H8@lapuntu> <56dca2b0.44e58c0a.38fdd.7961@mx.google.com> Message-ID: On 3/6/16, juan wrote: > Good example. Because google isn't the result of 'economy of > scale' but it's a great example of what the state can > accomplish using a 'private' facade. http://news.slashdot.org/story/16/03/06/1834211/eric-schmidt-gets-a-job-at-the-pentagon From agave at openmailbox.org Sun Mar 6 18:52:25 2016 From: agave at openmailbox.org (agave) Date: Sun, 6 Mar 2016 21:52:25 -0500 Subject: Distributed protocols that combat economy of scale In-Reply-To: <1666763.tqbl8Ym1JK@lapuntu> References: <3928149.NAsv7Jq6H8@lapuntu> <10061069.QLp78G3N7N@lapuntu> <20160306165213.398e4310@bristlecone> <1666763.tqbl8Ym1JK@lapuntu> Message-ID: <20160306215225.32ac4729@bristlecone> On Mon, 07 Mar 2016 00:21:30 +0100 rysiek wrote: > The BitCoin example is particularily complex, as there's no good way > to tell, on the protocol level, "all those nodes are part of a single > cartel, controlled by a single entity". But maybe there is a way of > basing this on behaviour? If nodes X, Y, Z behave in a very similar > manner, lower their weight in consensual decisions? > That's a good idea. It would need to be fine-tuned, though; I'm reminded of the days when I used Windows with antivirus software that would very often false-flag and delete things that I needed. Although, I suppose the consequences wouldn't nearly be as severe. > I see economies of scale driving a lot of not-so-great outcomes > (centralisation of e-mail providers; centralisation of ISPs and the > general Internet infrastructure, introducing single points of failure > in many places). And that makes me wonder what can be done about it. > > > Maybe decentralization ought to be left to communications only? > > How so? > I was going to say that because the simple sharing of information from one person to another doesn't rely on messy things like consensus that come from managing a distributed database like the BitCoin block chain, it's thus immune to economies of scale and fits snugly and easily into the decentralization model, but I didn't really think of the physical infrastructure of communication. Mesh networks do effectively address the problem of centralized infrastructure, though, but it's unfortunate that they aren't yet popular or saturated with resources enough to serve as a viable alternative in most cases. freifunk.net in Germany is a good example. I guess this goes back to your example of GMail again. Mesh networks aren't viable yet because tons of people don't use them yet, and tons of people don't use them yet because tons of people don't use them yet. The network effect is very unfortunate. From rysiek at hackerspace.pl Sun Mar 6 13:13:41 2016 From: rysiek at hackerspace.pl (rysiek) Date: Sun, 06 Mar 2016 22:13:41 +0100 Subject: Distributed protocols that combat economy of scale In-Reply-To: <20160306112054.3ca17154@bristlecone> References: <3928149.NAsv7Jq6H8@lapuntu> <20160306112054.3ca17154@bristlecone> Message-ID: <10061069.QLp78G3N7N@lapuntu> Dnia niedziela, 6 marca 2016 11:20:54 piszesz: > There's always things like TorChat for instant messaging and IPFS for > content distribution. There's no concept of any centralisation in > either - they're completely peer-to-peer. Such was also the idea in BitCoin. As we can see, there's a secondary (not protocol-level) centralisation happening there. Cartels emerge, because economy of scale makes them viable, and indeed profitable. Yes, TorChat, IPFS, Tox are good examples. I'd be hard-pressed to identify any economy of scale possible there, I guess. > I'm not sure why you drew a comparison to e-mail - it's inherently > centralized, just among several servers. It's not centralized in a way Facebook is, for example. While e-mail was obviously never a p2p system, it was not a centralized system. The idea was decentralized, federated among *many* servers. But economy of scale did its magic and now we have a small number of companies controlling almost all of it. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Sun Mar 6 15:21:30 2016 From: rysiek at hackerspace.pl (rysiek) Date: Mon, 07 Mar 2016 00:21:30 +0100 Subject: Distributed protocols that combat economy of scale In-Reply-To: <20160306165213.398e4310@bristlecone> References: <3928149.NAsv7Jq6H8@lapuntu> <10061069.QLp78G3N7N@lapuntu> <20160306165213.398e4310@bristlecone> Message-ID: <1666763.tqbl8Ym1JK@lapuntu> Dnia niedziela, 6 marca 2016 16:52:13 agave pisze: > > Such was also the idea in BitCoin. As we can see, there's a secondary > > (not protocol-level) centralisation happening there. Cartels emerge, > > because economy of scale makes them viable, and indeed profitable. > > Hmm, I'm not sure if there's any particular way to solve that problem > for BitCoin. I can't imagine any ways of establishing consensus among a > completely decentralized protocol other than by popular consensus of > the participants, and popular consensus can be manipulated easily as the > post you mentioned shows. Indeed, and the whole mining thing was supposed to protect BitCoin from such manipulation. Granted, it made it hard, but at some point, with enough money/value involved, economy of scale made it viable. And that's what bothers me, and that's my question: Is it possible to design a protocol in a way that makes economy of scale not work? The BitCoin example is particularily complex, as there's no good way to tell, on the protocol level, "all those nodes are part of a single cartel, controlled by a single entity". But maybe there is a way of basing this on behaviour? If nodes X, Y, Z behave in a very similar manner, lower their weight in consensual decisions? Apologies for being vague; I just feel there's something to it, but can't really put my finger on it. I see economies of scale driving a lot of not-so-great outcomes (centralisation of e-mail providers; centralisation of ISPs and the general Internet infrastructure, introducing single points of failure in many places). And that makes me wonder what can be done about it. > Maybe decentralization ought to be left to communications only? How so? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From juan.g71 at gmail.com Sun Mar 6 19:23:20 2016 From: juan.g71 at gmail.com (juan) Date: Mon, 7 Mar 2016 00:23:20 -0300 Subject: Distributed protocols that combat economy of scale In-Reply-To: References: <3928149.NAsv7Jq6H8@lapuntu> <56dca2b0.44e58c0a.38fdd.7961@mx.google.com> Message-ID: <56dcf469.0551370a.d0557.ffffe336@mx.google.com> On Sun, 6 Mar 2016 21:05:08 -0500 grarpamp wrote: > On 3/6/16, juan wrote: > > Good example. Because google isn't the result of 'economy of > > scale' but it's a great example of what the state can > > accomplish using a 'private' facade. > > http://news.slashdot.org/story/16/03/06/1834211/eric-schmidt-gets-a-job-at-the-pentagon But thanks jesus and marx, the good government is there to regulate the evil corporations. Just ask stallman and the rest of lefty geniuses... From zen at freedbms.net Sun Mar 6 23:23:41 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Mon, 7 Mar 2016 07:23:41 +0000 Subject: Distributed protocols that combat economy of scale In-Reply-To: <56dcf469.0551370a.d0557.ffffe336@mx.google.com> References: <3928149.NAsv7Jq6H8@lapuntu> <56dca2b0.44e58c0a.38fdd.7961@mx.google.com> <56dcf469.0551370a.d0557.ffffe336@mx.google.com> Message-ID: On 3/7/16, juan wrote: > On Sun, 6 Mar 2016 21:05:08 -0500 > grarpamp wrote: > >> On 3/6/16, juan wrote: >> > Good example. Because google isn't the result of 'economy of >> > scale' but it's a great example of what the state can >> > accomplish using a 'private' facade. >> >> http://news.slashdot.org/story/16/03/06/1834211/eric-schmidt-gets-a-job-at-the-pentagon > > > But thanks jesus and marx, the good government is there to > regulate the evil corporations. Just ask stallman and the > rest of lefty geniuses... Oh come on! That's so facetious! You should thank Google, Facebook and Citigroup for government, at least they pay for the elections... it's all very above board. From zen at freedbms.net Mon Mar 7 00:26:19 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Mon, 7 Mar 2016 08:26:19 +0000 Subject: Who we are up against In-Reply-To: <566F2BAC.7070703@pilobilus.net> References: <20151213160135.GB3799@sivokote.iziade.m$> <566DF771.3060506@pilobilus.net> <566E697D.1040900@pilobilus.net> <566F2BAC.7070703@pilobilus.net> Message-ID: On 12/14/15, Steve Kinney wrote: > On 12/14/2015 03:11 AM, Zenaan Harkness wrote: >>>> Another shot to prod you along a bit further: >>>> >>>> Those who are compliant with despotic external authority in >>>> the face of their own inner conscience of right and wrong, >>>> ought be regarded as other/ outer/ "them", and treated with >>>> extreme caution! >>>> >>>> "Those" sheep happens to be about 60% to 90% of everyone! >>>> You wanna sweep -that- under the carpet of your politically >>>> correct boat? >>> >>> The presumption that people who are notably compliant with >>> illegitimate authority have a "conscience" and fixed notions >>> of right and wrong is questionable. >> >> We're talking about the Milgram experiment - instructor >> (authority, actor), teacher (the sheep), learner (electro shock >> pain receiver for wrong answers, actor). > > [ ... ] > >> The results speak for themselves! > > Indeed they do. In a context where the test subjects are > self-selected (volunteers) from a population and culture deeply > committed to elaborate, labor intensive submission to authority > (college students), with "the boss" hovering over them demanding > compliance (politely of course), most will continue "only > following orders" to the point of endangering the lives of > anonymous strangers. > > I'm not sure this generalizes to describe the behavior of whole > populations in the wild, though. Certainly, every country of any > size has more than enough pathological "followers" to field > military forces, run concentration camps, etc. But I think "60% > to 90%" of any population is a very high estimate. > >> The results speak for themselves. You keep apologising in >> subtle(?) ways - "oh, it's only the most eager sociopaths" and >> "all the others must have had some other disorders". >> >> Seriously? > > Nope: I was expressly talking about "Those who comply most > eagerly", not the much larger number Milgram shows otherwise. Your are expressing nothing more than your personal opinion porn. Back it up with facts, or Milgram's experiment, repeated by other researchers many times, in many countries, with both genders, and even in relatively recent times, is consistent - 60% to 90% of people, in general, -will- push a button that they know/ believe is likely to kill someone, merely under the verbal pressure of an authority above them. > whose compliance is marginal, > grudging, or largely pretended. This is delusion on your part. Did you read the full wikipedia page? Find some facts to support your position, if you want your position to be taken as factual in any way. >> This result doesn't need our qualification nor any apology! >> 'We' need a solution to educating 'ourselves' - our 'fellow >> sheep'! > > You'll get no arguments from me on that point: If I could find a > way to put that on a paying basis, I would probably not be flat > broke today. That's a good start. Let me also put it this way: even if "only" 10 to 15% of the population are sociopathically or "despotically" authority-compliant, rather than the definitive 60% yo 90% as ascertained by Milgram, we are still in an incredibly bad situation, since it appears evident when it's relevant, those exact people (the despotically compliant) end up having to kill or torture the rest - Pol Pot, Nuremberg, Stalin, and more recently the Ukronazis in Ukraine. From what I've read, the concentration camps of the "allies" of WWII were no better, and in some ways quite possibly worse, that the German camps - and many of us are aware of the level the Japanese took to "the fine art of incredible way to torture humans." This problem, and a problem it is, rears its sociopathic head in every historically relevant situation. No "people" are immune, no nation is immune. There is no point burying our heads in the sand - a peaceful transition will always be the better option, if we can ever get enough sheeple to join hands in a government-overturning kumbaya. Short of that, revolution and tyranny must rein for the period of transition. I am not envious of those living in large American cities at this particular point in history. Good luck to those who are, Zenaan From guninski at guninski.com Mon Mar 7 06:18:31 2016 From: guninski at guninski.com (Georgi Guninski) Date: Mon, 7 Mar 2016 16:18:31 +0200 Subject: Distributed protocols that combat economy of scale In-Reply-To: <3928149.NAsv7Jq6H8@lapuntu> References: <3928149.NAsv7Jq6H8@lapuntu> Message-ID: <20160307141831.GA908@sivokote.iziade.m$> On Sun, Mar 06, 2016 at 04:41:05PM +0100, rysiek wrote: > So let me pose a question here: is it possible to design a protocol that does > not succumb to economy of scale-based secondary centralisation? Is it possible > to design a protocol that does not lend itself to economy of scale? > Maybe it is possible to design such, but design is not that important. You _must_ implement it in the real world(tm). Some of your threats include: people technology (backdoors, bugs, sickyouaruty) TLAs governments Won't be surprised if bitcoin is illegal in parts of the real world(tm). From grarpamp at gmail.com Mon Mar 7 23:30:19 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 8 Mar 2016 02:30:19 -0500 Subject: Fwd: [Cryptography] News flash: FBI in the "dark" about "numbers" radio stations In-Reply-To: References: Message-ID: ---------- Forwarded message ---------- From: Henry Baker Date: Mon, 07 Mar 2016 14:34:50 -0800 Subject: [Cryptography] News flash: FBI in the "dark" about "numbers" radio stations To: cryptography at metzdowd.com FYI -- http://www.thedailybeast.com/articles/2016/03/06/the-stupidly-simple-spy-messages-no-computer-could-decode.html The Stupidly Simple Spy Messages No Computer Could Decode Shane Harris 03.06.16 5:01 AM ET Every day, hour after hour, the world’s spies send top secret information you can easily listen in on. "But the numbers are just gibberish without that key, known in spycraft as a one-time pad. As its name suggests, it’s used only once. And that’s what makes it so secure." --- These radio communications to/from *terrorists* have been going on since WWII, and yet James Comey hasn't filed suit against the radio receiver manufacturers... From carimachet at gmail.com Mon Mar 7 20:13:38 2016 From: carimachet at gmail.com (Cari Machet) Date: Tue, 8 Mar 2016 05:13:38 +0100 Subject: Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web Message-ID: Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web Ahmed Ghappour UC Hastings College of the Law March 5, 2016 http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2742706 -- Cari Machet NYC 646-436-7795 carimachet at gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 3684 bytes Desc: not available URL: From jdb10987 at yahoo.com Mon Mar 7 23:36:59 2016 From: jdb10987 at yahoo.com (jim bell) Date: Tue, 8 Mar 2016 07:36:59 +0000 (UTC) Subject: Microsoft is trying to force Windows 10 on just about everyone. In-Reply-To: References: Message-ID: <1297616873.5680378.1457422619469.JavaMail.yahoo@mail.yahoo.com> Microsoft is trying to force Windows 10 on just about everyone. http://www.howtogeek.com/241329/upgrade-now-or-upgrade-tonight-how-microsoft-has-aggressively-pushed-windows-10-to-everyone/ Jim Bell -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1073 bytes Desc: not available URL: From themikebest at gmail.com Tue Mar 8 07:29:26 2016 From: themikebest at gmail.com (Michael Best) Date: Tue, 8 Mar 2016 10:29:26 -0500 Subject: Help wanted: classification czar needed for oversight of national security secrecy system Message-ID: http://fas.org/blogs/secrecy/2016/03/help-wanted-isoo/ The government is looking for a person to oversee, and perhaps sometimes to overrule, classification decisions made throughout the Executive Branch. A job opening for the position of Director of the Information Security Oversight Office (ISOO) was announced in *USA Jobs* last week. The ISOO director is appointed by the Archivist of the United States, since ISOO is housed at the National Archives. But ISOO takes policy direction from the National Security Council, and the director’s authority over classification and declassification policy extends throughout the executive branch. The previous ISOO director , John P. Fitzpatrick, left for the National Security Council in January. Read on at FAS: http://fas.org/blogs/secrecy/2016/03/help-wanted-isoo/ -- Veritas aequitas liberabit vos Veri universum vici That 1 Archive @NatSecGeek -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2835 bytes Desc: not available URL: From grarpamp at gmail.com Tue Mar 8 15:28:34 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 8 Mar 2016 18:28:34 -0500 Subject: [onioncat] Onioncat v2 In-Reply-To: <56DE8F93.4050307@abenteuerland.at> References:

<56DE8F93.4050307@abenteuerland.at> Message-ID: On 3/8/16, Bernhard R. Fischer wrote: > "Do we want to keep this nice automatic IPv6/Onion-ID translation feature?" > > If NO: > There's no problem. Everybody can setup his own hosts-file for the > translation. > > If YES: > Independent of the final solution there is a need for a > lookup-database/service of any kind. This goes to two things... - the usage models you expect - the usage models you want to enable Let's keep in mind that the fundamental strengths of onioncat and reason that it exists are... - tor and other anonymous overlay networks often do not support full IP semantics, with tor it's TCP only, which cripples or eliminates certain apps. - anonymous overlay networks often do not support interfaces to the traditional IP stack of OS's, with tor it's onion only, which you can't bind(2) to, except via hack within the tor daemon... which only does tcp, which doesn't route, or packet filter, or VM, or... "NO" ... well, that's fine for individual people who meetup elsewhere and personally agree to exchange keys and addresses (or find such listed on the web, etc) in order to communicate. It scales only to the extent one can personally manage it, and it is not oppurtunistic as far as making random new introductions. "YES"... this is where the real potential lies. Lots of apps are p2p, or at least rely on central servers to tell them of their peers in real time. Bitcoin and bittorrent are purely p2p with peers coming in via the network itself at random. VOIP could be thought to be central yet random. This list of non-manual config apps is really long. Then evaluate which are popular in the opensource space whereby they're possibly not run by popular centrals like facebook, but by community (XMPP), or strictly p2p. It seems that NO would still serve a purpose and thus would be a call to making an onioncat v2. And that YES would be a very interesting project that needs to look at many potential solutions some of which people post ideas about on list. > IMO we should use an existing database and we should not try to Yes if it is available, or willing to be developed and integrated by the overlays for such use. > establish a new system because this depends always on people willing to > run these. For example, it may be possible that the [transmission] bittorrent, and cryptocoin, communities might see a reason to run something separate if it gave them p2p access to anonymous transport layers. > I do not know about the userbase of OnionCat but we should > assume that it is small, hence, not (yet) able to keep enough Onioncats > up for running a DB (DHT or whatever). Public usage is all in supply, demand, and advertising. Private usage has seen some successful onion/i2p like what.cd [nee i2p/onion] membership. Evaluating the needs of some VOIP and messaging protocols re IPv6 UDP and tun interface might be useful. We already know bittorrent needs udp and trackerless p2p to be efficient. Another way to think is... can the overall utility of anonymous overlay networks ever grow if they continue to be restricted to, say, TCP and their own proprietary addressing stacks? Are there RFC type proposals to interoperate / expand that among the community of overlay networks? And is onioncat a good place to enable that if either are no? From grarpamp at gmail.com Tue Mar 8 17:12:31 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 8 Mar 2016 20:12:31 -0500 Subject: FBI claims to modify its bilateral trolling re NSA data... in secret of course Message-ID: http://news.slashdot.org/story/16/03/08/2316212/fbi-quietly-changes-its-privacy-rules-for-accessing-nsa-data-on-americans https://news.ycombinator.com/item?id=11248320 From grarpamp at gmail.com Tue Mar 8 17:26:48 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 8 Mar 2016 20:26:48 -0500 Subject: Unix more / better UTF-8 Message-ID: http://www.dragonflybsd.org/release44/ https://news.ycombinator.com/item?id=11248847 https://wiki.gentoo.org/wiki/UTF-8/it philes... not just high ASCII anymore... From zen at freedbms.net Tue Mar 8 18:20:57 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Wed, 9 Mar 2016 02:20:57 +0000 Subject: Rojava - direct democracy, Kurdistan, gender equality, polyethnic In-Reply-To: References: Message-ID: There's a lot of history between the Kurds and the Russians - over two centuries. This article covers in a number of pages, the bulk of that history, with a bit of analysis of how the relationship is with also USA, Turkey and Iran. A lot of information... After reading this article, I am not so hopeful about "Rojava", although I do still think it would be an excellent experiment, if the power players (Russia, USA) can agree to it, to experiment with a mini state with a political anarchist foundation. If an 'independent' Kurdistan is carved up out of the mid east, perhaps "Rojava the political anarchist micro state" will yet be allowed to exist within that mini state. As a social species, we owe it to ourselves to at least see what might come out of such an experiment... : http://russia-insider.com/en/politics/history-lesson-russia-kurds-oldest-great-power-patron/ri13228 Idea of Vladimir Putin as the 'Godfather' of Kurdistan Isn't Half as Crazy as You Think This article is quite short, pasted below. I suspect "the USA thinks" it will get more influence/ control/ money in the middle east with a separate Kurdistan... at this point in history I can only see America's actions in a highly cynical light. Or as the article suggests, this may also be payment for past support. : http://russia-insider.com/en/turks-arent-going-it-us-building-two-airstrips-syrian-kurdistan/ri13218 " Turks Aren't Going to Like This: US Building Two Airstrips in Syrian Kurdistan Which can mean only one thing: more US hardware for the Kurdish militias Joshua Grimes 2016-03-08 According to Kurdish reports US is building two airstrips in north-eastern Syria under the control of the Kurdish YPG militia. Asked for a comment Americans neither denied nor confirmed the reports saying they were not "in control" of any airfields in Syria but were "consistently looking for ways to increase efficiency for logistics". – Obviously it's possible to have airstrips built or expanded (or ask to have them expanded) to enhance their 'efficiency for logistics' without taking formal control of them. The airstrips are clearly not intended to serve as US airbases (as Kurds also claim), but that's going to do little to comfort Ankara. US is already delivering supplies to the Kurdish YPG, particularly in the Syrian north-east. If airstrips are being expanded that can only mean that such deliveries are to be increased – possibly to be delivered by larger aircraft. Indeed, in recent days the Kurds have been making progress against ISIS, and have been doing so in the southern direction towards Raqqa and along the Syrian-Iraqi border favored by the US. (Rather than in the Kurdish-favored western direction that would see them link up with the Kurdish Afrin corridor and seal off Syria's northern border from Turkey completely.) Are Kurds getting their reward for playing along? " From zen at freedbms.net Tue Mar 8 18:37:42 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Wed, 9 Mar 2016 02:37:42 +0000 Subject: Unix more / better UTF-8 In-Reply-To: References: Message-ID: For those who have -not- yet read the canonical UTF-8 advocacy blog post from many years ago, and for whom doing so is relevant, it really is a must read: http://utf8everywhere.org/ On 3/9/16, grarpamp wrote: > http://www.dragonflybsd.org/release44/ When I read something like: "We introduced "short codes", so now codes like "de_DE", "fr_FR", "en_US", "el_GR", etc. These short-codes are generally mapped to 8-bit character sets such ia ISO-8859-x, but sometimes they are mapped to UTF-8 if the traditional single-byte encoding doesn't adequately cover the locale anymore (e.g. the currency is not supported)." I think "people still haven't cottoned on - UTF-8 should be the default, and only vary if really necessary. Now I must qualify this statement, since I don't know BSD, nor much about locales. Debian is my friend. > https://news.ycombinator.com/item?id=11248847 "Xterm(1) now UTF-8 by default on OpenBSD" - great news! Better late than never... > https://wiki.gentoo.org/wiki/UTF-8/it > > philes... not just high ASCII anymore... Wonders never cease. Now, if only Java could properly handle Unicode characters and had a string class which could properly work with UTF-8: https://zenaan.github.io/zen/javadoc/zen/lang/string.html Note1: Motivated by my extreme frustration with Java's Unicode limitations to the point of not even being able to implement a proper string formatter, by the utf8everywhere.org website, and by having quite some days in a row to figure out why the problem existed in the first place and exactly what -is- Java's problem in this particular regard. Note2: The documentation at the top of this link is the relevant part, the class is just a note pad... Note3: I have a pretty solid CodePointCursor.java class (yet to be uploaded), well tested by a uint and tagged string CodePointParser, if anyone actually wants to finish a proper Java string class such as above... From zen at freedbms.net Tue Mar 8 22:12:30 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Wed, 9 Mar 2016 06:12:30 +0000 Subject: =?UTF-8?Q?Beginning_of_the_USD_end=3F_=2D_Re=3A_Petrodollar_further_?= =?UTF-8?Q?analysis_=2D_Putin_buying_gold_with_=E2=80=9Clittle_fanfare=2C_but_on_?= =?UTF-8?Q?a_large_scale=E2=80=9D?= Message-ID: Beginning of the end of the USD? "The Inflation Genie is Out of the Bottle" http://www.zerohedge.com/news/2016-03-08/inflation-genie-out-bottle (Short article, but a few graphs, so just a key quote, and --beware-- the pyramid(?) futures marketing scheme at the end, so perhaps not such a reputable site, unfortunately - but the inflation figures seem genuine enough:) "Put simply, the inflation genie is out of the bottle. Core inflation is already moving higher at a time when prices of most basic goods are at 19-year lows. Any move higher in Oil and other commodities will only PUSH core inflation higher. The Fed is cornered. Inflation is back." See also: https://en.wikipedia.org/wiki/Inflation In related news: http://www.pravdareport.com/russia/economics/01-03-2016/133690-russia_gold-0/ Russia becomes world's largest buyer of gold 01.03.2016 http://www.zerohedge.com/news/2016-03-02/global-central-banks-continue-longest-gold-buying-spree-vietnam-war Global Central Banks Continue Longest Gold-Buying-Spree Since Vietnam War (with graphs of central bank gold holdings) https://www.rt.com/business/334498-canada-gold-reserves-economy/ Canada’s golden age is over Published time: 4 Mar, 2016 09:29 "Canada has used up all of its gold reserves. For the first time since 1935 the country is out of gold. ..." (Not much foresight in Canada it seems, or perhaps we can say "insider gold sales to my buddies" by some other name.) From seanl at literati.org Wed Mar 9 16:12:27 2016 From: seanl at literati.org (Sean Lynch) Date: Wed, 9 Mar 2016 16:12:27 -0800 Subject: WIRED: The Future of Wi-Fi Is 10,000 Times More Energy Efficient In-Reply-To: References: Message-ID: On Sun, Mar 6, 2016 at 12:04 AM, Cari Machet wrote: > Engineering students have discovered a way to reflect Wi-Fi packets > instead of broadcasting them. > > http://www.wired.com/2016/03/future-wi-fi-10000-times-energy-efficient/ > Neat! It does seem like you're trading "pollution" of the band for power consumption, though. Even ignoring the tone generated by the "plugged in device", which is carrying energy but no information and much of which is wasted, their modulation technique results in significantly more energy outside of the passband of the receiver than inside. So overall power consumption goes way up, even though it's not from the battery-powered device. And then if a bunch of people start using these, the total amount of energy you need to pump out will keep getting higher and higher due to the added interference, which will cause battery powered devices to have to use more power. Possibly surmountable, but still interesting. I suspect (and I think you may have had this in mind as well) that backscatter modulation will end up being more interesting for covert applications, where you use a tiny device with a tiny (or no) battery that transmits by reflecting some signal that is already in the environment, like an FM radio station, and you use a receiver that is designed for receiving the reflected signal including the "mirror image" and a couple of the extra harmonics. You could see that as a kind of "free" spread spectrum. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1936 bytes Desc: not available URL: From guninski at guninski.com Wed Mar 9 07:20:35 2016 From: guninski at guninski.com (Georgi Guninski) Date: Wed, 9 Mar 2016 17:20:35 +0200 Subject: Microsoft is trying to force Windows 10 on just about everyone. In-Reply-To: <1297616873.5680378.1457422619469.JavaMail.yahoo@mail.yahoo.com> References: <1297616873.5680378.1457422619469.JavaMail.yahoo@mail.yahoo.com> Message-ID: <20160309152034.GA662@sivokote.iziade.m$> On Tue, Mar 08, 2016 at 07:36:59AM +0000, jim bell wrote: > Microsoft is trying to force Windows 10 on just about everyone. http://www.howtogeek.com/241329/upgrade-now-or-upgrade-tonight-how-microsoft-has-aggressively-pushed-windows-10-to-everyone/ > > lol. According to the theregister, m$ crashed (not sure if in the cloud) and they couldn't restore from backup (trust 'em). Then they asked their partners to send them CA audits... Hope someone helped them in the crash/backup. From carimachet at gmail.com Wed Mar 9 10:31:41 2016 From: carimachet at gmail.com (Cari Machet) Date: Wed, 9 Mar 2016 19:31:41 +0100 Subject: Warrant for hacks Message-ID: PDF for the FBI warrant used to hack computers in Greece, Chile, and probably the UK: https://t.co/dLvOf1h5cQ Around 1300 devices in all -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 233 bytes Desc: not available URL: From themikebest at gmail.com Thu Mar 10 08:43:01 2016 From: themikebest at gmail.com (Michael Best) Date: Thu, 10 Mar 2016 11:43:01 -0500 Subject: Intelius opt-out Message-ID: Should make it harder to find you by searching, at least in the U.S. https://www.intelius.com/optout If you trust them. FWIW. -- Veritas aequitas liberabit vos Veri universum vici That 1 Archive @NatSecGeek -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 819 bytes Desc: not available URL: From cmagistrado at gmail.com Thu Mar 10 14:18:49 2016 From: cmagistrado at gmail.com (Chris Magistrado) Date: Thu, 10 Mar 2016 14:18:49 -0800 Subject: Snowden sasys FBI can unlock iPhone Message-ID: https://www.aclu.org/blog/free-future/one-fbis-major-claims-iphone-case-fraudulent Is the technical part true? I don't feel like it is... Can anyone confirm this? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 338 bytes Desc: not available URL: From admin at pilobilus.net Thu Mar 10 12:23:37 2016 From: admin at pilobilus.net (Steve Kinney) Date: Thu, 10 Mar 2016 15:23:37 -0500 Subject: Microsoft is trying to force Windows 10 on just about everyone. In-Reply-To: <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> References: <20160309152034.GA662@sivokote.iziade.m$> <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56E1D7C9.2000409@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/10/2016 02:43 PM, jim bell wrote: > From: Georgi Guninski > > > Subject: Re: Microsoft is trying to force Windows 10 on just > about everyone. On Tue, Mar 08, 2016 at 07:36:59AM +0000, jim > bell wrote: >>> Microsoft is trying to force Windows 10 on just about >>> everyone. >>> http://www.howtogeek.com/241329/upgrade-now-or-upgrade-tonight-h ow-microsoft-has-aggressively-pushed-windows-10-to-everyone/> >>> >> >> lol. According to the theregister, m$ crashed (not sure if in >> the cloud) and they couldn't restore from backup (trust >> 'em). Then they asked their partners to send them CA >> audits... Hope someone helped them in the crash/backup. > > I'd like to read more about this crash. Are you talking about > something that happened within the last week? Jim bell The Register quotes Microsoft: "As many of you may have just noticed, our system just generated a bunch of emails informing many of you that you are subject to removal because Microsoft does not have evidence of a qualifying audit on file. This is likely an error on our side, but we need your help. "Our CRM system suffered a data loss, and it looks like it rolled back to an old backup. As a result, we lost audit data for about 147 roots. If you received a message, please don't panic. Instead, please just send Microsoft your most-recent audit data, and we will update our records. Sorry for the confusion. The Register says: "As part of Microsoft’s Trusted Root program’s compliance requirements, Certificate Authorities must provide a courtesy copy of their audit data to the company annually. We’re reliably informed that Microsoft stores these internally in a standalone tool. An error occurred with the tool, so Microsoft contacted some CAs and requested they resubmit a copy of their latest audit data, sources confirm. "Microsoft is a player in backup and the cloud, through Microsoft Azure. Asking third parties for data on themselves in the wake of a back-up bungle is not the biggest disaster in the world, but it doesn’t look good either. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW4dfHAAoJEDZ0Gg87KR0L/nAP/07sYYKn55vLgB9OTGEZsshn C0Sh3itw9HhmRdGfi52o2LopJzYbVNo9uIVwFoTdiV2+Vpix9B9y7FX+GBT0/heJ uXbwqIqmT7vfc8kjQuE8qeSNHhI47Fugwl1tUbiU+dRiKexU/sEIPSLQ5S3QG58A psPeLJz/G6qqR5IuE+XIg/AIJAsJ48/MXTD1aAIeVsabEUXRfSdtbGBCIZ3MUtBY YNjHbnN9qMm+ve99BocN2UJarwigh8wLUUVQXeqBWRda767ScT0Zdkf8weMXF6yB xI7b+i4VMPD1Z15CKwf99kYPbofvZJjeVuUKVYCM+gBzzwruKZld1O7CXC59VrLZ pK/MIJRJrKdDN4gBMlwi0/8UOjhigOrikP0rBmm+SLgv0jTBFIEAqyVZ1+wVSdbi BQCwwzCnvvB8rgflV2VQRs5vwlKjGc33BGZGjFn0TqcrHlVLtvGqzYS3WMUQ4XlQ uKyuhnTvA2ZQC9fzWIfg7MvMlGjpx/A9dY5YICkMVrv2AD9quTyW0FXiWZ/gOf1C zqhyj3Wls2sVj5O30g67suX4r5ST/nP9Zt8to7D3D86KnO2bom/dTkG9TJwr1xZo 2zDSIihyjR4v3jz6zO14MqnIwkKJR390UmvJXdIN5aEO52G+nTBd2Myv6wjzcUhL cubWo3p3T2ZMXJu8owsf =aSZj -----END PGP SIGNATURE----- From jya at pipeline.com Thu Mar 10 13:22:56 2016 From: jya at pipeline.com (John Young) Date: Thu, 10 Mar 2016 16:22:56 -0500 Subject: USG Support of Motion to Compel Apple Decrypt, iPhone Forensics Message-ID: USG v. Apple - USG Support of Motion to Compel Apple Decrypt https://cryptome.org/2016/03/usg-apple-149.pdf (484 pp, 11MB) FBI agent details Farook's iPhone forensics, Apple discussions https://cryptome.org/2016/03/usg-apple-149-02.pdf From admin at pilobilus.net Thu Mar 10 16:14:56 2016 From: admin at pilobilus.net (Steve Kinney) Date: Thu, 10 Mar 2016 19:14:56 -0500 Subject: Snowden sasys FBI can unlock iPhone In-Reply-To: References: Message-ID: <56E20E00.40209@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/10/2016 06:46 PM, Travis Biehn wrote: > This is all true. > > It's a bit easier to attack, actually. Yup, if the erasable "user selected" key can be read out then restored from backup after the OS erases it, no problem: A few days of careful tinkering with hardware, testing proofs of concept against /other/ iPhones, then a few minutes of automated attack against the /interesting/ iPhone. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW4g3+AAoJEDZ0Gg87KR0L8LIQAJKA2FplSF7x+wpeQZmJPAi3 mnPGhBsZswrip5xyDv91EQxGwT3PUp0+LERCEM23YO1r9oimsq31PBNQBUn7B/NA jJS5+rTh2phseHLySYpHiTCpfrUMkUCLuNzUEiu6A4gHfGVM6SemtQLkICql1Ggw NEAxThXKcl3Syz5X/cDAJlSBeGR7JOvYRVmVD7XUxss01cVoenpRc9dlRM9Am8TR 5BS+hRkQn359JU+R7dCSm+zVoYqLVI2ui+gpp72+uLX1SbemxyJQz6RXKbEXfEjv zTKsUaBxNHe2EWcVsTXMBXYT55Ut3cwn2zUU4TKmaMbOEbguYF21KRAlWem2zHNj EpihLwjImR71zoW/uXfitbRv9r2c+ibMOUF2Am15j7Cs0iXPF+IASLzZW+74D5qt cHnyHQY52OD473xowgFpyaGs9lPBtDrTYFFuGqiZ+XazgLXIuepNe8iBDJypUDm0 f0gN7a0E4cvKodyPMfKbN213mY7pLW4CclZtTk+kYxocxslasT3palISsOqjs5LI jalMzTGfH57cAzvpDUxVix19dC63iBRbQVRkUJQMf7LQB+l7uSK1XtfpEw0kJB7T ww17VsOVQ7vq3FetoGywE3XugylKmRvPxjMGiLjt7go6tvf7okiu8dxhkbPGAJy4 SbPvrfoxYLWTDCZvdUz3 =rllm -----END PGP SIGNATURE----- From jdb10987 at yahoo.com Thu Mar 10 11:43:37 2016 From: jdb10987 at yahoo.com (jim bell) Date: Thu, 10 Mar 2016 19:43:37 +0000 (UTC) Subject: Microsoft is trying to force Windows 10 on just about everyone. In-Reply-To: <20160309152034.GA662@sivokote.iziade.m$> References: <20160309152034.GA662@sivokote.iziade.m$> Message-ID: <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> From: Georgi Guninski Subject: Re: Microsoft is trying to force Windows 10 on just about everyone. On Tue, Mar 08, 2016 at 07:36:59AM +0000, jim bell wrote: >> Microsoft is trying to force Windows 10 on just about everyone. http://www.howtogeek.com/241329/upgrade-now-or-upgrade-tonight-how-microsoft-has-aggressively-pushed-windows-10-to-everyone/> > >lol. >According to the theregister, m$ crashed (not sure if in the cloud) and >they couldn't restore from backup (trust 'em). >Then they asked their partners to send them CA audits... >Hope someone helped them in the crash/backup. I'd like to read more about this crash. Are you talking about something that happened within the last week? Jim bell From rysiek at hackerspace.pl Thu Mar 10 14:12:05 2016 From: rysiek at hackerspace.pl (rysiek) Date: Thu, 10 Mar 2016 23:12:05 +0100 Subject: Distributed protocols that combat economy of scale In-Reply-To: <20160307141831.GA908@sivokote.iziade.m$> References: <3928149.NAsv7Jq6H8@lapuntu> <20160307141831.GA908@sivokote.iziade.m$> Message-ID: <1543752.gLMoHjkTDD@lapuntu> Dnia poniedziałek, 7 marca 2016 16:18:31 Georgi Guninski pisze: > On Sun, Mar 06, 2016 at 04:41:05PM +0100, rysiek wrote: > > So let me pose a question here: is it possible to design a protocol that > > does not succumb to economy of scale-based secondary centralisation? Is > > it possible to design a protocol that does not lend itself to economy of > > scale? > Maybe it is possible to design such, but design is not that important. > > You _must_ implement it in the real world(tm). Don't I need a protocol first? :) > Some of your threats include: > (...) > Won't be surprised if bitcoin is illegal in parts of the real world(tm). Thank you, Captain Obvious. Would you be interested in this rock? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From tbiehn at gmail.com Thu Mar 10 15:46:03 2016 From: tbiehn at gmail.com (Travis Biehn) Date: Thu, 10 Mar 2016 23:46:03 +0000 Subject: Snowden sasys FBI can unlock iPhone In-Reply-To: References: Message-ID: This is all true. It's a bit easier to attack, actually. -Travis On Thu, Mar 10, 2016, 5:23 PM Chris Magistrado wrote: > > https://www.aclu.org/blog/free-future/one-fbis-major-claims-iphone-case-fraudulent > > Is the technical part true? > I don't feel like it is... > Can anyone confirm this? > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 776 bytes Desc: not available URL: From ilsa.bartlett at gmail.com Fri Mar 11 01:33:29 2016 From: ilsa.bartlett at gmail.com (ilsa) Date: Fri, 11 Mar 2016 01:33:29 -0800 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <20160311064333.GA1919@sivokote.iziade.m$> References: <20160311064333.GA1919@sivokote.iziade.m$> Message-ID: Hello, I rather read then post. Today I wish to share the Japan's Nuclear Trauma, as the leaks continue unabated, on it's Fifth Birthday. Georgi, Thank you for posting, your comment is so true... Tomorrow just after 2:00, Five Years Ago was the 9.2 Earth Quake in Japan. 1800 + people died instantly. Our world is still awash with radio active waste still out flowing toward the west coast of the United States in all water around our globe. A Journey In Disaster. This is a Warning To The World! http://www.theguardian.com/…/uk-government-new-plant-fukush… < http://www.theguardian.com/environment/2013/nov/19/uk-government-new-plant-fukushima-nuclear-disaster-warning > I ask you not to forget how the corporation Teco lied. http://fukushimaupdate.com/ < http://l.facebook.com/l.php?u=http%3A%2F%2Ffukushimaupdate.com%2F&h=8AQGlITYaAQHoY9TeQmYrNXgqAlXYeoqc55Kq5zmGj8bgHQ&enc=AZODk0JWlAbkXs3BKkevjuWK68pnyeT8RATOsDhmhvm1pRYV9iOico967DK5OI266QK6bRW2_4t-av_PKDRcqJBCrxAZYSQIqjb4LEOas0WSCH6NK0dbwtttydioRNxemQxZc0gIqg7YqsknoTIIcUxNSO4KMJQ4CfDOjvKI_--KFPFPbaqLeqFV8g11Q-VT_iY&s=1 Japan has enough bomb quality plutonium to make more than 400 hydrogen bombs over the number they already have as test examples for how to build a better killing bomb. http://www.jnfl.co.jp/english/ < http://l.facebook.com/l.php?u=http%3A%2F%2Fwww.jnfl.co.jp%2Fenglish%2F&h=vAQHcZVw6AQH3ZXgmTi0B8q8mKhg-foaClcSTz8fmtg4nnw&enc=AZOgbC5oegQ_Vm3PW7uPSBVJMXQgHQqH-DUiyMuevli2lr6d4kjFvOuGPS_pHpLKOMLTtgXDl2wLqZJ9MUyK4TqTGoVIkZNsbq2WuVcR-a9n_8mMtln_N2dtRk0gIEI6q2Z_6jho3qXX2IIcD3rnDEGMEjEznVZUyseu6OffP9nSargo-GZx3-DMEVHH6S0xR9M&s=1 > > > This is a great example of Money over Human Values > > http://www.nytimes.com/ …/japan-indicts-3-former-executives-… > < http://www.nytimes.com/2016/03/01/world/asia/japan-indicts-3-former-executives-over-fukushima-nuclear-disaster.html?_r%3D0&_r=0 > > > Gratitude and Respect, Smile "Don't ever get so big or important that you can not hear and listen to every other person."-John Col trane On Thu, Mar 10, 2016 at 10:43 PM, Georgi Guninski wrote: > Remember the Fukushima nuclear disaster and the causes for it? > > The punky angle is that sufficiently large boom will kill all > punks as a side effect. > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 4699 bytes Desc: not available URL: From guninski at guninski.com Thu Mar 10 21:09:43 2016 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 11 Mar 2016 07:09:43 +0200 Subject: Microsoft is trying to force Windows 10 on just about everyone. In-Reply-To: <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> References: <20160309152034.GA662@sivokote.iziade.m$> <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> Message-ID: <20160311050943.GA740@sivokote.iziade.m$> On Thu, Mar 10, 2016 at 07:43:37PM +0000, jim bell wrote: > From: Georgi Guninski > > > Subject: Re: Microsoft is trying to force Windows 10 on just about everyone. > On Tue, Mar 08, 2016 at 07:36:59AM +0000, jim bell wrote: > >> Microsoft is trying to force Windows 10 on just about everyone. http://www.howtogeek.com/241329/upgrade-now-or-upgrade-tonight-how-microsoft-has-aggressively-pushed-windows-10-to-everyone/> > > > >lol. > >According to the theregister, m$ crashed (not sure if in the cloud) and > >they couldn't restore from backup (trust 'em). > >Then they asked their partners to send them CA audits... > >Hope someone helped them in the crash/backup. > > I'd like to read more about this crash. Are you talking about something that happened within the last week? > Jim bell http://www.theregister.co.uk/2016/03/04/ms_loses_data_after_crm_crash/ Consider searching theregister for "microsoft weird update". From jdb10987 at yahoo.com Thu Mar 10 23:34:20 2016 From: jdb10987 at yahoo.com (jim bell) Date: Fri, 11 Mar 2016 07:34:20 +0000 (UTC) Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <20160311064333.GA1919@sivokote.iziade.m$> References: <20160311064333.GA1919@sivokote.iziade.m$> Message-ID: <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> From: Georgi Guninski To: cypherpunks at cpunks.org >Remember the Fukushima nuclear disaster and the causes for it? Sure, the fools put a nuclear reactor in a location susceptible to both earthquakes and tsunamis...and then they forgot to provide for cooling the core to prevent meltdown in case they had to 'scram' the reaction. (A nuclear reactor ordinarily has a rather large population of 'radioactive daughter elements' that continue to decay and emit heat for hours and days after the neutron-absorbing control rods are put back into place. This continued heat production has the ability, for a few hours, to melt down the core unless cooling water continues to flow. In an emergency like Fukushima, they needed to provide for such continued water flow for hours, lest the core melt down. They didn't. It did.) Jim Bell From guninski at guninski.com Thu Mar 10 22:43:33 2016 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 11 Mar 2016 08:43:33 +0200 Subject: Remember, remember the Fukushima nuclear disaster on this day? Message-ID: <20160311064333.GA1919@sivokote.iziade.m$> Remember the Fukushima nuclear disaster and the causes for it? The punky angle is that sufficiently large boom will kill all punks as a side effect. From guninski at guninski.com Fri Mar 11 00:24:32 2016 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 11 Mar 2016 10:24:32 +0200 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> Message-ID: <20160311082432.GB1919@sivokote.iziade.m$> On Fri, Mar 11, 2016 at 07:34:20AM +0000, jim bell wrote: > Sure, the fools put a nuclear reactor in a location susceptible to .. They aren't no fools. In simple words this is business/profit at all costs. I remember the Chernobyl disaster being relatively near and its causes are quite controversial, especially for anti-russians. Is there relatively objective study about the damages Fukushima vs Chernobyl? (What I read was flamewars or propaganda). From Rayzer at riseup.net Fri Mar 11 12:17:27 2016 From: Rayzer at riseup.net (Rayzer) Date: Fri, 11 Mar 2016 12:17:27 -0800 Subject: Microsoft is trying to force Windows 10 on just about everyone. In-Reply-To: <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> References: <20160309152034.GA662@sivokote.iziade.m$> <605112359.7692457.1457639017902.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56E327D7.2070107@riseup.net> jim bell wrote: > From: Georgi Guninski > > > Subject: Re: Microsoft is trying to force Windows 10 on just about everyone. > On Tue, Mar 08, 2016 at 07:36:59AM +0000, jim bell wrote: >>> Microsoft is trying to force Windows 10 on just about everyone. http://www.howtogeek.com/241329/upgrade-now-or-upgrade-tonight-how-microsoft-has-aggressively-pushed-windows-10-to-everyone/> >> lol. >> According to the theregister, m$ crashed (not sure if in the cloud) and >> they couldn't restore from backup (trust 'em). >> Then they asked their partners to send them CA audits... >> Hope someone helped them in the crash/backup. > I'd like to read more about this crash. Are you talking about something that happened within the last week? > Jim bell > The articles I dug up were 2012 vintage. -- RR "Through counter-intelligence it should be possible to pinpoint potential trouble-makers ... And neutralize them, neutralize them, neutralize them" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From jya at pipeline.com Fri Mar 11 10:26:37 2016 From: jya at pipeline.com (John Young) Date: Fri, 11 Mar 2016 13:26:37 -0500 Subject: Apple Attorneys Move to Join CA and NY Cases Message-ID: USG-Apple EDNY - Apple Attorneys Move to Join CA and NY Cases https://cryptome.org/2016/03/usg-apple-edny-0 31-034.pdf From Rayzer at riseup.net Fri Mar 11 14:05:50 2016 From: Rayzer at riseup.net (Rayzer) Date: Fri, 11 Mar 2016 14:05:50 -0800 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <56e32bf3.8af68c0a.5611e.6673@mx.google.com> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <56e32bf3.8af68c0a.5611e.6673@mx.google.com> Message-ID: <56E3413E.6050605@riseup.net> juan wrote: > On Fri, 11 Mar 2016 07:34:20 +0000 (UTC) > jim bell wrote: > >> From: Georgi Guninski >> >> To: cypherpunks at cpunks.org >> >>> Remember the Fukushima nuclear disaster and the causes for it? >> >> Sure, the fools put a nuclear reactor in a location susceptible to >> both earthquakes and tsunamis...and then they forgot to provide for >> cooling the core to prevent meltdown in case they had to 'scram' the >> reaction. > > "The reactors for Units 1, 2, and 6 were supplied by General > Electric, those for Units 3 and 5 by Toshiba, and Unit 4 by Hitachi. > > All six reactors were designed by General Electric." > > > https://en.wikipedia.org/wiki/Fukushima_Daiichi_Nuclear_Power_Plant > > > Nuclear Radiation as a rational energy source for boiling water aside, it's a 'real estate problem' Location Location Location! Not that the design engineering is all that... Recently, within the last week or so in California a skin diver accidentally got into the cooling intake system for a nuclear power plant. I'd guess they can't really put screens on the inlets as trash would quickly clog it but you'd think, with all the millions of dollars spent on designing these things they would have come up with some way of keeping debris, and errant divers, out. It's been discussed, and has been hanging fire since 2010... So I'd guess keeping a tsunami from swamping a reactor after a major earthquake isn't water cooler talk at GE. http://articles.latimes.com/2010/mar/01/local/la-me-cooling1-2010mar01 -- RR "Through counter-intelligence it should be possible to pinpoint potential trouble-makers ... And neutralize them, neutralize them, neutralize them" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From admin at pilobilus.net Fri Mar 11 11:32:05 2016 From: admin at pilobilus.net (Steve Kinney) Date: Fri, 11 Mar 2016 14:32:05 -0500 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <20160311082432.GB1919@sivokote.iziade.m$> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <20160311082432.GB1919@sivokote.iziade.m$> Message-ID: <56E31D35.7010702@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/11/2016 03:24 AM, Georgi Guninski wrote: > Is there relatively objective study about the damages Fukushima > vs Chernobyl? > > (What I read was flamewars or propaganda). I haven't seen such a comparison, although from my reading it appears that the Russian government may have done a better job with their evacuation - understandable, because tsunami. And, after first exhausting every wrong answer (Russian military used conventional firefighting methods, greatly exacerbating the situation), they finally listened to the engineers and stabilized the remains of the melted reactor. Not so the Japanese; last I heard they have not even /located/ the fissionable material that's still cooking merrily along. According to a National Geographic article citing Japanese govt. sources, groundwater from under the Fukushima complex was entering the Pacific at a rate of 300 tons daily. Same article said strontium 90 was 100 times more abundant than cesium isotopes in collected waste water stored on-site. http://news.nationalgeographic.com/news/energy/2013/08/130807-fukush ima-radioactive-water-leak/ Reuters article from 2012: "Small amounts of cesium-137 and cesium-134 were detected in 15 tuna caught near San Diego in August 2011, about four months after these chemicals were released into the water off Japan's east coast, scientists reported on Monday ." http://www.reuters.com/article/us-japan-nuclear-tuna-idUSBRE84R0MF20 120528 Strotium was not tested for, as that costs way more than looking for cesium isotopes. Fun fact: Strontium 90 mimics calcium and concentrates in food chains. The Japan Current runs north to the Aleutians and east to North America. But the Pacific based seafood industries can breathe easy: USDA has increases allowable levels of hot isotopes, and if you can't prove in Court that a particular environmental source caused your cancer, nobody is liable. So, how much /worse/ is Fukushima than Chernobyl? As Gully Foyle would say, "guesses for grabs." My guess is, in terms of long term environmental and human health, way worse. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW4x00AAoJEDZ0Gg87KR0LrbkQAKYA1+IKdoXvJhbBJipWrWYy pl1plcrbOv9da82jiAtCxBpFyzzA/W5tFEpSBZsTSvzGjmipOWbmE3dMUOT/HGx/ CkiN46qMlsX+p6T6AkgOsB0Yp/HvctHPlURVFAyGuqFkQP2XMYd1fe/hOCjszb0Y nIh419uuZ2D8Ck0vSwEwgTAzhuUqQlBVaN/p7y7XRHNDrE6v6DorfzDuwqMcEnKH k+JMXkQ/ZpX0vL1E3Y4sDYlWzEe2heMOindAQRl4zDRzIGcxR1oeCA5+AC7oyrez 0zp8LRpNQTvGg/XLIRRuTBQgCrbLaHpuFr4mApdPq4NXZglRld2L5rdD/bUHN5TR 1LP85csAhHmxDGHlTAO7omJZC/k1gCqzUawP271A3dwLagZ4ehQnCDm8xJglHe1o GqkI/Rg+obhu1dJWVIJ/4zalfa1gGVUmON0u/PODycWIUREk2wuURTMcOg6FF+V/ lPA4r8s8nY8ycAWCP9iY9x3K7HQWi/AswCC2a4pJF1qk+OMmyobAugNEmwz2yJla yLoB35Djn341bJN0Cnhn17PRZtV6/rj4oGg3rOeX0NwLlXepye82H/vz4mw9Qy7a sjD7g9r542rXfc+kh368oMWCcAS5XooymcgfqLekdL/5ABIdFZVjYy4r+jy5M+dA ZVxU1IMI5uwCxaDrRH+G =/WBq -----END PGP SIGNATURE----- From jason.mcvetta at gmail.com Fri Mar 11 14:51:13 2016 From: jason.mcvetta at gmail.com (Jason McVetta) Date: Fri, 11 Mar 2016 14:51:13 -0800 Subject: On XML - was Fwd: [Yaml-core] Next YAML: drop equality definition In-Reply-To: References:

Message-ID: On Fri, Mar 11, 2016 at 2:28 PM, Zenaan Harkness wrote: > Nope. The next choice will be YAML 2. Then the next choice will be > JSON 1. Then the next choice will be JSON 2. Then the next choice will > be native serialization in your language of choice. Then custom binary > serialization. Then a continually permutating algorithmic mixing > stream, just for laughs. There are infinite alternatives to XML and if > worse comes to worst, I suggest hard transcoding your data into COBOL > statements and serializing those in Base63. > XML is a pain to write by hand, for sure. But one shouldn't be doing that. There are perfectly good libraries for working with XML in almost every programming language. It's a bit over-engineered, but one really can represent almost any sort of data as XML. (Whether that's a good idea is a whole different question.) YAML is a lot easier to write a small file by hand, but it's kinda brittle & easy to fuck up. Not nearly as expressive as XML either. Great for small config files; imho not so great for most other things. JSON strikes a nice balance between expressiveness and human readability. That's probably why REST (or if you eschew buzzwords, JSON over HTTP) is so popular these days. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1843 bytes Desc: not available URL: From juan.g71 at gmail.com Fri Mar 11 12:34:04 2016 From: juan.g71 at gmail.com (juan) Date: Fri, 11 Mar 2016 17:34:04 -0300 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56e32bf3.8af68c0a.5611e.6673@mx.google.com> On Fri, 11 Mar 2016 07:34:20 +0000 (UTC) jim bell wrote: > From: Georgi Guninski > > To: cypherpunks at cpunks.org > > >Remember the Fukushima nuclear disaster and the causes for it? > > > Sure, the fools put a nuclear reactor in a location susceptible to > both earthquakes and tsunamis...and then they forgot to provide for > cooling the core to prevent meltdown in case they had to 'scram' the > reaction. "The reactors for Units 1, 2, and 6 were supplied by General Electric, those for Units 3 and 5 by Toshiba, and Unit 4 by Hitachi. All six reactors were designed by General Electric." https://en.wikipedia.org/wiki/Fukushima_Daiichi_Nuclear_Power_Plant From jya at pipeline.com Fri Mar 11 15:15:03 2016 From: jya at pipeline.com (John Young) Date: Fri, 11 Mar 2016 18:15:03 -0500 Subject: [Cryptography] Apple Attorneys Move to Join CA and NY Cases In-Reply-To: References: Message-ID: At 01:26 PM 3/11/2016, John Young wrote: >USG-Apple EDNY - Apple Attorneys Move to Join CA and NY Cases >https://cryptome.org/2016/03/usg-apple-edny-031-034.pdf > Correction: this is not a joining of cases, only an Apple request for extension of time to respond and filing of pro hac vices by 3 CDCA attorneys in EDNY. No way will the CA and NY attorneys plot together, absolutely not. All the attorneys and eagle eyes who objected to our title unanimously agree, offensively and defensively, a couple irately, guiltily. But some of those have a stake in the furious practice of PHVs. Shortly thereafter USG filed an objection to the extension of time: https://cryptome.org/2016/03/usg-apple-edny-035.pdf From admin at pilobilus.net Fri Mar 11 15:28:30 2016 From: admin at pilobilus.net (Steve Kinney) Date: Fri, 11 Mar 2016 18:28:30 -0500 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <56E3413E.6050605@riseup.net> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <56e32bf3.8af68c0a.5611e.6673@mx.google.com> <56E3413E.6050605@riseup.net> Message-ID: <56E3549E.5020108@pilobilus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/11/2016 05:05 PM, Rayzer wrote: > Nuclear Radiation as a rational energy source for boiling water > aside, it's a 'real estate problem' > > Location Location Location! Lemme drag out my soap box... I have a three point plan for safe nuclear power: 1) Repeal the industry's blanket immunity from prosecution for civil liabilities. If it's so safe, why do the owners need to be above the law? 2) Remove the industry's public funding, which presently includes massive subsidies on many fronts. If it's such a freakin' technology miracle, it can pay for itself. 3) Open source every detail of design, construction, operation, QA and safety inspection, and decommissioning of nuclear power plants and their inputs/ouputs (fuel, waste), with publication as near to realtime as materially possible. Near-miss and slow-leak containment breaches due to noncompliance with inspection schedules need to just go away. In the United States, compliance with part 1 would end all investment in, and operation of, nuclear power plants: No investor or insurance provider will underwrite a nuclear power plant's exposure under equally applied tort law. Compliance with part 2 would disentangle the nuclear power industry from the nuclear warhead and military reactor industry, its de facto sponsor and sugar daddy - as well as removing tax incentives and "free money" awarded by Utilities Commissions. No free ride on the public's nickel means no nuclear power industry, balance-sheet wise. Part 3, which invokes "many eyeballs" to assure maybe just barely safe enough for optimists safety, would unleash a massive shitstorm/clusterfuck of commercial and military secrecy issues, and require extraordinary budgets for QA compliance and reporting. Oops, that too should be enough by itself to shut the industry down . Me no rikey nuclear electric power plants. The Obama Administration's firmly committed support of the nuclear power industry reflects an ideological and political-economy mandate to reduce global carbon emissions while /preserving/ centralized ownership, control and income from power generation. Decentralized solutions are non-starters because high-density power generation means high-density capitalization and income streams. /soap box -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJW41ScAAoJEDZ0Gg87KR0LugsQAJ3Vt0LwuedBIM4QS8BMefJt V5Z6xzF2wl8P6QW3Qoh0GE96tqV6ajo7imCq1wkkeI07NKjOfq+TGeKfcIh662nR vuIu9ZyY8Ei9N0MrkRsIWFarwc0E1F3FW+y1P8U6jQYa9I6O9Jr/BOdMWdDi55qE cqT/yBJNPcADy/v9lfBj7Q2uVuvWfQ7hTjn6rp7WIttzQyIiCUABuIzoO8XnPil6 sRfrXQ2G0WwYWgnW2GrfUHTgyGKiIZ82uazxLNTeHkNziH2ebHXya+o0N5rlviM6 c7ysfKulx7vBktfr+kz6cTjghLWp86WRFQgDSzT3r5WjnhBsFskxVZU33ADQdyD0 qe8em8C9DanelP78XkZHh43PJHKJ5X8QnhCbxX4itmKUtfz0sVK0VmJASJu1yXPF N/3pOLbOYvtZ6sG7HbOYnRZP4+GPr1/zmRvwoXMqnB/JY4N5j4g6Oe551svowwd9 Gm27kE2fTG7gMnkh2yvVuHvl8lCzSHv3mAscsLyZJeFLPV5x0Dtln+k+xeWE8Cy8 3M+geK+snNcW+7BAqxv0MzmM17HdmKElXE5JpvDvyHsg/GG1EScbTiOXrVZBthJN cIwQf4Isb6X8kf5/p9DCYvc8QsRdBDS5ieWEklrMWviDwCS3wUUcSMbQPvAwGb5X 4G4+u5JvVuWoxTG7dB5j =VFRs -----END PGP SIGNATURE----- From zen at freedbms.net Fri Mar 11 14:28:39 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Fri, 11 Mar 2016 22:28:39 +0000 Subject: Fwd: On XML - was Fwd: [Yaml-core] Next YAML: drop equality definition In-Reply-To: References: Message-ID: I only forward the last part of this email, since the rest is domain specific (YAML de/serialization minutiae). Z ---------- Forwarded message ---------- From: Zenaan Harkness Subject: Re: [Yaml-core] Next YAML: drop equality definition On 3/10/16, Osamu TAKEUCHI wrote: ... >> One of the reason we explicitly listed the goals, >>_in order_,was to break ties when different goals >>pushed us in different directions. Order the goals >>differently, and you'll get a different spec. I think >>you would end up with JSON if you ordered them in a >>different way. Or even, god help us, XML ;-) ... > If we give up YAML, the next choice will indeed be XML. Nope. The next choice will be YAML 2. Then the next choice will be JSON 1. Then the next choice will be JSON 2. Then the next choice will be native serialization in your language of choice. Then custom binary serialization. Then a continually permutating algorithmic mixing stream, just for laughs. There are infinite alternatives to XML and if worse comes to worst, I suggest hard transcoding your data into COBOL statements and serializing those in Base63. Nowhere would one willingly choose XML. Hell, I'd choose HTML if I was ordered to use XML on a project, just to make sure the next guy who touches that code knows that the serialization format has to be changed. Manager: "Z, did you finish that, what's it called again? Yeah, the XML serialization?" Me: "Sure did! And it's Netscape 3.1 compatible too." HTML Manager: "Oh, cool! That's just great! I knew I'd finish on time, and I'll tell marketing our new name too, 'NewScope compatible' - has a great ring to it. Great ring! Good job Z, you'll go places you know. Go places in this world!" > Actually, my library is build to replace XML serializer > that is provided by C#. Since we want YAML to be able > to serialize both kinds of documents, we have to think > the best balance. Should be easy. Anything's more enjoyable than XML... whoops, there I go again... :) From zen at freedbms.net Fri Mar 11 16:05:24 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Sat, 12 Mar 2016 00:05:24 +0000 Subject: On XML - was Fwd: [Yaml-core] Next YAML: drop equality definition In-Reply-To: References:

Message-ID: > YAML is a lot easier to write a small file by hand, but it's kinda brittle > & easy to fuck up. Not nearly as expressive as XML either. Great for > small config files; imho not so great for most other things. > > JSON strikes a nice balance between expressiveness and human readability. > That's probably why REST (or if you eschew buzzwords, JSON over HTTP) is so > popular these days. Unfortunately JSON requires quotes around everything, which on English keyboards requires the same + keypresses as XML. Might look a little better than XML, but not a lot better for editing/ typing files... From grarpamp at gmail.com Fri Mar 11 23:13:39 2016 From: grarpamp at gmail.com (grarpamp) Date: Sat, 12 Mar 2016 02:13:39 -0500 Subject: Obama At SXSW: No On Personal Secure Crypto And Decentral Cryptocurrencies Message-ID: https://news.ycombinator.com/item?id=11270529 http://yro.slashdot.org/story/16/03/11/2336205/obama-government-cant-let-smartphones-be-black-boxes https://www.reddit.com/r/Bitcoin/comments/4a1hcp/obama_indirectly_attacks_bitcoin_users_at_sxsw_if Because terrists and children of course. Typical govt drivel, strategy, and game playing position rollout timeline. Attn Peeps... ur bein 0wn3d. From guninski at guninski.com Fri Mar 11 22:06:11 2016 From: guninski at guninski.com (Georgi Guninski) Date: Sat, 12 Mar 2016 08:06:11 +0200 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <56E31D35.7010702@pilobilus.net> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <20160311082432.GB1919@sivokote.iziade.m$> <56E31D35.7010702@pilobilus.net> Message-ID: <20160312060611.GA1464@sivokote.iziade.m$> On Fri, Mar 11, 2016 at 02:32:05PM -0500, Steve Kinney wrote: > Aleutians and east to North America. But the Pacific based > seafood industries can breathe easy: USDA has increases allowable > levels of hot isotopes, and if you can't prove in Court that a > particular environmental source caused your cancer, nobody is > liable. > Radiation therapy kills due to software bugs: http://royal.pingdom.com/2009/03/19/10-historical-software-bugs-with-extreme-consequences/ From guninski at guninski.com Sat Mar 12 01:29:16 2016 From: guninski at guninski.com (Georgi Guninski) Date: Sat, 12 Mar 2016 11:29:16 +0200 Subject: [OT] Would someone please check if links2 and elinks verify certificates on clean install of Debian 8? Message-ID: <20160312092916.GB1464@sivokote.iziade.m$> Apologies for offtopic (this might be mildly ontopic about the current state of crypto in open source). Would someone please check if links2 and elinks verify certificates on fresh install of Debian 8? To verify, try to open site which doesn't properly chain to trusted root, say https://cacert.org (unless you trust their root ) and check if it opens or there is error/warning. For me, on updated system, both don't verify certificates. Looks like at least ubuntu and fedora killed the elinks bug long ago. Searching the web for "$browser self signed certificate" shows some relevant results. From themikebest at gmail.com Sat Mar 12 10:18:50 2016 From: themikebest at gmail.com (Michael Best) Date: Sat, 12 Mar 2016 13:18:50 -0500 Subject: SPICE: Special Purpose Integrated Communications Equipment Message-ID: Does anyone know ANYTHING about Special Purpose Integrated Communications Equipment (SPICE) or a Special Purpose Integrated Communications (SPICECOM) center in Nevada? -- Veritas aequitas liberabit vos Veri universum vici That 1 Archive @NatSecGeek -----BEGIN PGP PUBLIC KEY BLOCK----- Version: SKS 1.1.5 Comment: Hostname: pgp.mit.edu mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR 4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4 ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4 p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO 3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM 9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0 /d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7 0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0 /u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8 FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH KOwU9K76VKot+UikGqeFQsS/Ig== =M+du -----END PGP PUBLIC KEY BLOCK----- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 4198 bytes Desc: not available URL: From themikebest at gmail.com Sat Mar 12 11:40:56 2016 From: themikebest at gmail.com (Michael Best) Date: Sat, 12 Mar 2016 14:40:56 -0500 Subject: Foreign Intelligence Relations Management System (FIRMS) Message-ID: Anyone heard of Foreign Intelligence Relations Management System (FIRMS)? All I can dig up ATM is the abbreviation itself. Not sure if it's State, CIA, or etc. jurisdiction -- Veritas aequitas liberabit vos Veri universum vici That 1 Archive @NatSecGeek -----BEGIN PGP PUBLIC KEY BLOCK----- Version: SKS 1.1.5 Comment: Hostname: pgp.mit.edu mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR 4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4 ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4 p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO 3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM 9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0 /d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7 0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0 /u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8 FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH KOwU9K76VKot+UikGqeFQsS/Ig== =M+du -----END PGP PUBLIC KEY BLOCK----- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 4205 bytes Desc: not available URL: From juan.g71 at gmail.com Sat Mar 12 11:51:33 2016 From: juan.g71 at gmail.com (juan) Date: Sat, 12 Mar 2016 16:51:33 -0300 Subject: SPICE: Special Purpose Integrated Communications Equipment In-Reply-To: References: Message-ID: <56e4737a.c51c8c0a.27f26.ffffec8d@mx.google.com> On Sat, 12 Mar 2016 13:18:50 -0500 Michael Best wrote: > Does anyone know ANYTHING about Special Purpose Integrated > Communications Equipment (SPICE) or a Special Purpose Integrated > Communications (SPICECOM) center in Nevada? > Yes, it was created by Jesus and the Master American Race to protect American Children from terrorism and to exterminate any evil entity that opposes american supremacy. From juan.g71 at gmail.com Sat Mar 12 11:51:59 2016 From: juan.g71 at gmail.com (juan) Date: Sat, 12 Mar 2016 16:51:59 -0300 Subject: Foreign Intelligence Relations Management System (FIRMS) In-Reply-To: References: Message-ID: <56e47394.0b50370a.c5664.ffffe8df@mx.google.com> On Sat, 12 Mar 2016 14:40:56 -0500 Michael Best wrote: > Anyone heard of Foreign Intelligence Relations Management System > (FIRMS)? All I can dig up ATM is the abbreviation itself. Not sure if > it's State, CIA, or etc. jurisdiction > Yes, it was created by Jesus and the Master American Race to protect American Children from terrorism and to exterminate any evil entity that opposes american supremacy. From Rayzer at riseup.net Sat Mar 12 18:19:26 2016 From: Rayzer at riseup.net (Rayzer) Date: Sat, 12 Mar 2016 18:19:26 -0800 Subject: Foreign Intelligence Relations Management System (FIRMS) In-Reply-To: References: Message-ID: <56E4CE2E.1090804@riseup.net> Michael Best wrote: > Anyone heard of Foreign Intelligence Relations Management System > (FIRMS)? All I can dig up ATM is the abbreviation itself. Not sure if > it's State, CIA, or etc. jurisdiction > > -- https://fas.org/irp/cfr.html maybe. No direct mention but... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From rysiek at hackerspace.pl Sat Mar 12 14:04:43 2016 From: rysiek at hackerspace.pl (rysiek) Date: Sat, 12 Mar 2016 23:04:43 +0100 Subject: [OT] Would someone please check if links2 and elinks verify certificates on clean install of Debian 8? In-Reply-To: <20160312092916.GB1464@sivokote.iziade.m$> References: <20160312092916.GB1464@sivokote.iziade.m$> Message-ID: <1513592.hl1PrHAnzv@lapuntu> Dnia sobota, 12 marca 2016 11:29:16 Georgi Guninski pisze: > Apologies for offtopic (this might be mildly ontopic about the current > state of crypto in open source). > > Would someone please check if links2 and elinks verify certificates on > fresh install of Debian 8? > > To verify, try to open site which doesn't properly chain to trusted > root, say https://cacert.org (unless you trust their root ) and check > if it opens or there is error/warning. > > For me, on updated system, both don't verify certificates. Verified on a clean Debian 8 install. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From zen at freedbms.net Sat Mar 12 15:29:26 2016 From: zen at freedbms.net (Zenaan Harkness) Date: Sat, 12 Mar 2016 23:29:26 +0000 Subject: SPICE: Special Purpose Integrated Communications Equipment In-Reply-To: References: Message-ID: I still find that signature of your Mike, just makes me so secure about your 1 sentence email -warm fuzzies in my heart. A toast, to Mike the trusty. :) On 3/12/16, Michael Best wrote: > Does anyone know ANYTHING about Special Purpose Integrated Communications > Equipment (SPICE) or a Special Purpose Integrated Communications (SPICECOM) > center in Nevada? > > -- > Veritas aequitas liberabit vos > Veri universum vici > > That 1 Archive > @NatSecGeek > > -----BEGIN PGP PUBLIC KEY BLOCK----- > > Version: SKS 1.1.5 > Comment: Hostname: pgp.mit.edu > > mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD > nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU > OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA > HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR > 4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W > xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx > jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG > U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo > fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo > bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl > c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv > bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb > AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4 > ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz > BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4 > p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs > hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO > 3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz > MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr > L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM > 9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK > GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq > IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX > rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR > n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0 > /d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ > vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF > Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl > SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG > hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7 > 0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM > k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU > o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ > xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE > Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP > zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0 > /u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi > CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8 > FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG > NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE > vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL > aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH > KOwU9K76VKot+UikGqeFQsS/Ig== > =M+du > -----END PGP PUBLIC KEY BLOCK----- > From grarpamp at gmail.com Sun Mar 13 01:35:55 2016 From: grarpamp at gmail.com (grarpamp) Date: Sun, 13 Mar 2016 05:35:55 -0400 Subject: Intelius opt-out In-Reply-To: References: Message-ID: > https://www.intelius.com/optout > If you trust them. FWIW. Yeah, give them all your correct and private info they want in return for frontend mask of [potentially helpfully inaccurate] data, while their AUP/Privacy policy and secret practices still permit and gang rape you on the backside. Brilliant. Inject more bad data instead. From jya at pipeline.com Sun Mar 13 04:30:40 2016 From: jya at pipeline.com (John Young) Date: Sun, 13 Mar 2016 07:30:40 -0400 Subject: Apple in EDNY added as interested party in another iPhone case in EDNY Message-ID: Apple in EDNY added as interested party in another iPhone case in EDNY https://cryptome.org/2016/03/usg-apple-feng-edny-144.pdf (151 pp, 10MB) Magistrate Judge James Orenstein: The Clerk of Court shall add Apple Inc. as an interested party in United States v. Feng. All documents must be filed on both dockets. (Brodie, Margo) (Entered: 03/12/2016) From guninski at guninski.com Sat Mar 12 22:35:43 2016 From: guninski at guninski.com (Georgi Guninski) Date: Sun, 13 Mar 2016 08:35:43 +0200 Subject: participation in sensor networks In-Reply-To: <20160312221328.F2EB3A06DF9@palinka.tinho.net> References: <20160304120616.GF2300@sivokote.iziade.m$> <20160312221328.F2EB3A06DF9@palinka.tinho.net> Message-ID: <20160313063543.GB730@sivokote.iziade.m$> On Sat, Mar 12, 2016 at 05:13:28PM -0500, dan at geer.org wrote: > Georgi Guninski writes: > | On Thu, Mar 03, 2016 at 08:34:14AM -0500, dan at geer.org wrote: > | > The question here is perhaps obvious: Will you opt out and suffer > | > the consequences thereof? > | > > | > --dan > | > | Let me counter-ask only `dan': > | > | Will you exchange a walk on part in a war for > | a lead role in a cage? > | > | This is not exactly quote from Floyd's song. > > > After looking up the lyrics and reading a few pages about them, > I confess to still being confused as to what they mean and, hence, > what their question is. That is an honest answer -- I am not good > (at all) with anything that is "high art" or whatever the right > terminology here would be. > > Now, as a guess, I'll counter by asking if the lyric is simply a > light modernization of: > > I must study politics and war, that my sons may have the liberty > to study mathematics and philosophy, natural history and naval > architecture, in order to give their children a right to study > painting, poetry, music, architecture, tapestry, and porcelain. > -- John Adams, 2nd US President > > If the "Floyd" lyric asks whether yours is a purpose-driven life, > then my answer to "freedom, security, comfort, choose two" is freedom > and security, abjuring comfort, per se. > > Never mind the lyrics, assume it doesn't exist. Assuming you are the same dan geer who is some boss at in-q-tel, which appears closely related to the cia, what is your definition of "freedom" -- what the usgov decides to give to the enslaved peasants? From seanl at literati.org Sun Mar 13 09:23:56 2016 From: seanl at literati.org (Sean Lynch) Date: Sun, 13 Mar 2016 09:23:56 -0700 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <20160312060611.GA1464@sivokote.iziade.m$> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <20160311082432.GB1919@sivokote.iziade.m$> <56E31D35.7010702@pilobilus.net> <20160312060611.GA1464@sivokote.iziade.m$> Message-ID: On Fri, Mar 11, 2016 at 10:06 PM, Georgi Guninski wrote: > On Fri, Mar 11, 2016 at 02:32:05PM -0500, Steve Kinney wrote: > > Aleutians and east to North America. But the Pacific based > > seafood industries can breathe easy: USDA has increases allowable > > levels of hot isotopes, and if you can't prove in Court that a > > particular environmental source caused your cancer, nobody is > > liable. > > > > I can't find any evidence USDA did this, but I do recall reading that the Japanese health authorities had. But the old levels, much like FCC RF exposure limits, weren't based on any science showing harm, just on the levels they'd typically see. That doesn't mean the new levels aren't dangerous, but it also doesn't mean the old levels were safe. It's all about cost of compliance. We just need more research to know what levels are genuinely safe or dangerous. Though to some extent the Japanese are providing this by acting as a living experiment. If there isn't an increase of cancers from eating food at the higher levels, then hopefully the higher levels are fine. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1515 bytes Desc: not available URL: From Rayzer at riseup.net Sun Mar 13 10:29:02 2016 From: Rayzer at riseup.net (Rayzer) Date: Sun, 13 Mar 2016 10:29:02 -0700 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <20160311082432.GB1919@sivokote.iziade.m$> <56E31D35.7010702@pilobilus.net> <20160312060611.GA1464@sivokote.iziade.m$> Message-ID: <56E5A35E.4060905@riseup.net> Sean Lynch wrote: > > On Fri, Mar 11, 2016 at 10:06 PM, Georgi Guninski > > wrote: > > On Fri, Mar 11, 2016 at 02:32:05PM -0500, Steve Kinney wrote: > > Aleutians and east to North America. But the Pacific based > > seafood industries can breathe easy: USDA has increases allowable > > levels of hot isotopes, and if you can't prove in Court that a > > particular environmental source caused your cancer, nobody is > > liable. > > > > > I can't find any evidence USDA did this, but I do recall reading that > the Japanese health authorities had. But the old levels, much like FCC > RF exposure limits, weren't based on any science showing harm, just on > the levels they'd typically see. That doesn't mean the new levels > aren't dangerous, but it also doesn't mean the old levels were safe. > It's all about cost of compliance. We just need more research to know > what levels are genuinely safe or dangerous. Though to some extent the > Japanese are providing this by acting as a living experiment. If there > isn't an increase of cancers from eating food at the higher levels, > then hopefully the higher levels are fine. Can always get your fish from the Gulf of Mexico "Scientists have found a 10 million gallon 'bath mat' of oil on the floor of the Gulf of Mexico" Despite the article's claim it's NOT just from the BP Deepwater/Horizon disaster. NO ONE is keeping tabs on all those thousands of abandoned capped off wells in the Gulf either. http://www.businessinsider.com/bps-deepwater-horizon-spill-has-left-tons-of-oil-on-the-gulfs-floor-2015-2 -- RR "The earth is not dying, it is being killed, and those who are killing it have /names and addresses/." ~U. Utah Phillipsx -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From guninski at guninski.com Sun Mar 13 01:25:50 2016 From: guninski at guninski.com (Georgi Guninski) Date: Sun, 13 Mar 2016 11:25:50 +0200 Subject: [OT] Would someone please check if links2 and elinks verify certificates on clean install of Debian 8? In-Reply-To: <1513592.hl1PrHAnzv@lapuntu> References: <20160312092916.GB1464@sivokote.iziade.m$> <1513592.hl1PrHAnzv@lapuntu> Message-ID: <20160313092550.GD730@sivokote.iziade.m$> On Sat, Mar 12, 2016 at 11:04:43PM +0100, rysiek wrote: > > For me, on updated system, both don't verify certificates. > > Verified on a clean Debian 8 install. > Thanks for confirming. Let's see when Debian will learn about this. (This reminds me of a real vim bug posted 1 April looong ago). oss-security and Fyodor's full disclosure are moderating me. From juan.g71 at gmail.com Sun Mar 13 12:04:39 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 13 Mar 2016 16:04:39 -0300 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <56E3549E.5020108@pilobilus.net> References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <56e32bf3.8af68c0a.5611e.6673@mx.google.com> <56E3413E.6050605@riseup.net> <56E3549E.5020108@pilobilus.net> Message-ID: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> So after s quick search, seems that the containment of the general electric designed reactor(s) failed? Maybe americunts should be paying damages? From juan.g71 at gmail.com Sun Mar 13 13:09:05 2016 From: juan.g71 at gmail.com (juan) Date: Sun, 13 Mar 2016 17:09:05 -0300 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <1257926295.729037.1457898570042.JavaMail.yahoo@mail.yahoo.com> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> <1257926295.729037.1457898570042.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56e5c917.c54f370a.482b9.61ec@mx.google.com> On Sun, 13 Mar 2016 19:49:30 +0000 (UTC) jim bell wrote: > > > From: juan > To: cypherpunks at cpunks.org \> So after s quick search, seems that > the containment of the> general electric designed reactor(s) failed? > Maybe americunts > > should be paying damages? > If a court were to address the issue, I think the Japanese would > lose, It, of course, dewpends on the court. It would be ridiculous to try this case in a state court, especially in a court of 'justice' owned by, say, general electric and the american state. Strictly speaking the guilty parties are the american and japanese government and the 'private' mafias that do 'engineering' for them. > primarily because it had been about 40 years before the > earthquake/tsunami occurred. And that changes the fact that the general electric's design failed? > The question would be, "Could the > Japanese have prevented or ameliorated the damages by modifying the > equipment between 1970 and 2010?". I think the answer is obviously > "yes". They should have anticipated that a tsunami would short out > electrical lines outside the plant's walls, rendering them unuseable. And what has that got to do with the fact that the containment that is supposed to contain material in case of a meltdown, does not contain anything? > This was a fixable problem; they simply chose to continue to operate > the plant containing a known defect. Jim Bell > > > > From jdb10987 at yahoo.com Sun Mar 13 12:49:30 2016 From: jdb10987 at yahoo.com (jim bell) Date: Sun, 13 Mar 2016 19:49:30 +0000 (UTC) Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> Message-ID: <1257926295.729037.1457898570042.JavaMail.yahoo@mail.yahoo.com> From: juan To: cypherpunks at cpunks.org \> So after s quick search, seems that the containment of the> general electric designed reactor(s) failed? Maybe americunts > should be paying damages? If a court were to address the issue, I think the Japanese would lose, primarily because it had been about 40 years before the earthquake/tsunami occurred. The question would be, "Could the Japanese have prevented or ameliorated the damages by modifying the equipment between 1970 and 2010?". I think the answer is obviously "yes". They should have anticipated that a tsunami would short out electrical lines outside the plant's walls, rendering them unuseable. This was a fixable problem; they simply chose to continue to operate the plant containing a known defect. Jim Bell -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2314 bytes Desc: not available URL: From juan.g71 at gmail.com Mon Mar 14 02:21:11 2016 From: juan.g71 at gmail.com (juan) Date: Mon, 14 Mar 2016 06:21:11 -0300 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56e682bb.cfdc8c0a.be83a.ffffa55a@mx.google.com> On Mon, 14 Mar 2016 06:49:30 +0000 (UTC) jim bell wrote: > > > From: juan > To: cypherpunks at cpunks.org > So after s quick search, seems that > the containment of the > general electric designed reactor(s) > failed? Maybe americunts > should be paying damages? > How so? Did you see my previous message? https://cpunks.org/pipermail/cypherpunks/2016-March/012590.html > It looks like it worked like it was designed to work. The design was supposed to contain the melted suff in case of a 'melt-down' - but it didn't. So, no, I don't think it worked like it was designed to. > The > problem is, a decision had been made about making a seawall only a > certain height, and putting the switching circuitry in the basement > which could be flooded. Well, yes, more than a few things failed at once. > No doubt both these decisions had been > approved by the Japanese involved. Now, if it had been determined > later that they wanted to protect against much larger earthquakes and > higher tsunamis, they could have increased the seawall height and > sealed the basement of the reactor better. They chose not to do so. > Jim Bell > > > > From juan.g71 at gmail.com Mon Mar 14 02:24:14 2016 From: juan.g71 at gmail.com (juan) Date: Mon, 14 Mar 2016 06:24:14 -0300 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> Message-ID: <56e68371.d4198c0a.2de4e.ffffaa1d@mx.google.com> >The design was supposed to contain the melted suff molten stuff From jdb10987 at yahoo.com Sun Mar 13 23:49:30 2016 From: jdb10987 at yahoo.com (jim bell) Date: Mon, 14 Mar 2016 06:49:30 +0000 (UTC) Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> Message-ID: <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> From: juan To: cypherpunks at cpunks.org > So after s quick search, seems that the containment of the > general electric designed reactor(s) failed? Maybe americunts > should be paying damages? How so? It looks like it worked like it was designed to work. The problem is, a decision had been made about making a seawall only a certain height, and putting the switching circuitry in the basement which could be flooded. No doubt both these decisions had been approved by the Japanese involved. Now, if it had been determined later that they wanted to protect against much larger earthquakes and higher tsunamis, they could have increased the seawall height and sealed the basement of the reactor better. They chose not to do so. Jim Bell -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2369 bytes Desc: not available URL: From juan.g71 at gmail.com Mon Mar 14 03:08:09 2016 From: juan.g71 at gmail.com (juan) Date: Mon, 14 Mar 2016 07:08:09 -0300 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <20160314095125.GE679@sivokote.iziade.m$> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> <20160314095125.GE679@sivokote.iziade.m$> Message-ID: <56e68dbd.42138c0a.c6845.ffffab1c@mx.google.com> On Mon, 14 Mar 2016 11:51:25 +0200 Georgi Guninski wrote: > I heard the Fukushima reactors were not secure compared to others, > they are "single contour". > > Whether the Japanese would have blown better reactor is not clear to > me. The thing is, even assuming the japanese were fully responsible for blowing the reactors, the reactors are not supposed to leak anything. Well, except for the garbage reactors designed by general electric... > > Do reactors have guarantee? For how long? Were the Fukushima reactors > in guarantee? From guninski at guninski.com Sun Mar 13 22:57:59 2016 From: guninski at guninski.com (Georgi Guninski) Date: Mon, 14 Mar 2016 07:57:59 +0200 Subject: Noam Chomsky on the 2016 Republicans: 'I Have Never Seen Such Lunatics in the Political System' Message-ID: <20160314055759.GA679@sivokote.iziade.m$> Noam Chomsky on the 2016 Republicans: 'I Have Never Seen Such Lunatics in the Political System' http://www.alternet.org/election-2016/noam-chomsky-2016-republicans-i-have-never-seen-such-lunatics-political-system From guninski at guninski.com Sun Mar 13 23:53:36 2016 From: guninski at guninski.com (Georgi Guninski) Date: Mon, 14 Mar 2016 08:53:36 +0200 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: References: <20160311064333.GA1919@sivokote.iziade.m$> <632367055.8137868.1457681660487.JavaMail.yahoo@mail.yahoo.com> <20160311082432.GB1919@sivokote.iziade.m$> <56E31D35.7010702@pilobilus.net> <20160312060611.GA1464@sivokote.iziade.m$> Message-ID: <20160314065336.GB679@sivokote.iziade.m$> On Sun, Mar 13, 2016 at 09:23:56AM -0700, Sean Lynch wrote: > are genuinely safe or dangerous. Though to some extent the Japanese are > providing this by acting as a living experiment. If there isn't an increase > of cancers from eating food at the higher levels, then hopefully the higher > levels are fine. Searching the web for "fukushima anomalies newborn" shows contradicting results, some mention the west coast of the usa. The damage need not be now, it may be in the future. As a living experiment, the Japanese might be more interesting for consequences of being nuked by the usa in WWII. From coderman at gmail.com Mon Mar 14 01:42:37 2016 From: coderman at gmail.com (coderman) Date: Mon, 14 Mar 2016 09:42:37 +0100 Subject: Mathematicians Discover Prime Conspiracy Message-ID: Mathematicians Discover Prime Conspiracy A previously unnoticed property of prime numbers seems to violate a longstanding assumption about how they behave. By: Erica Klarreich March 13, 2016 Two mathematicians have uncovered a simple, previously unnoticed property of prime numbers — those numbers that are divisible only by 1 and themselves. Prime numbers, it seems, have decided preferences about the final digits of the primes that immediately follow them. Among the first billion prime numbers, for instance, a prime ending in 9 is almost 65 percent more likely to be followed by a prime ending in 1 than another prime ending in 9. In a paper posted online today, Kannan Soundararajan and Robert Lemke Oliver of Stanford University present both numerical and theoretical evidence that prime numbers repel other would-be primes that end in the same digit, and have varied predilections for being followed by primes ending in the other possible final digits. “We’ve been studying primes for a long time, and no one spotted this before,” said Andrew Granville, a number theorist at the University of Montreal and University College London. “It’s crazy.” The discovery is the exact opposite of what most mathematicians would have predicted, said Ken Ono, a number theorist at Emory University in Atlanta. When he first heard the news, he said, “I was floored. I thought, ‘For sure, your program’s not working.’” This conspiracy among prime numbers seems, at first glance, to violate a longstanding assumption in number theory: that prime numbers behave much like random numbers. Most mathematicians would have assumed, Granville and Ono agreed, that a prime should have an equal chance of being followed by a prime ending in 1, 3, 7 or 9 (the four possible endings for all prime numbers except 2 and 5). “I can’t believe anyone in the world would have guessed this,” Granville said. Even after having seen Lemke Oliver and Soundararajan’s analysis of their phenomenon, he said, “it still seems like a strange thing.” Yet the pair’s work doesn’t upend the notion that primes behave randomly so much as point to how subtle their particular mix of randomness and order is. “Can we redefine what ‘random’ means in this context so that once again, [this phenomenon] looks like it might be random?” Soundararajan said. “That’s what we think we’ve done.” Prime Preferences Soundararajan was drawn to study consecutive primes after hearing a lecture at Stanford by the mathematician Tadashi Tokieda, of the University of Cambridge, in which he mentioned a counterintuitive property of coin-tossing: If Alice tosses a coin until she sees a head followed by a tail, and Bob tosses a coin until he sees two heads in a row, then on average, Alice will require four tosses while Bob will require six tosses (try this at home!), even though head-tail and head-head have an equal chance of appearing after two coin tosses. Soundararajan wondered if similarly strange phenomena appear in other contexts. Since he has studied the primes for decades, he turned to them — and found something even stranger than he had bargained for. Looking at prime numbers written in base 3 — in which roughly half the primes end in 1 and half end in 2 — he found that among primes smaller than 1,000, a prime ending in 1 is more than twice as likely to be followed by a prime ending in 2 than by another prime ending in 1. Likewise, a prime ending in 2 prefers to be followed a prime ending in 1. Soundararajan showed his findings to postdoctoral researcher Lemke Oliver, who was shocked. He immediately wrote a program that searched much farther out along the number line — through the first 400 billion primes. Lemke Oliver again found that primes seem to avoid being followed by another prime with the same final digit. The primes “really hate to repeat themselves,” Lemke Oliver said. Lemke Oliver and Soundararajan discovered that this sort of bias in the final digits of consecutive primes holds not just in base 3, but also in base 10 and several other bases; they conjecture that it’s true in every base. The biases that they found appear to even out, little by little, as you go farther along the number line — but they do so at a snail’s pace. “It’s the rate at which they even out which is surprising to me,” said James Maynard, a number theorist at the University of Oxford. When Soundararajan first told Maynard what the pair had discovered, “I only half believed him,” Maynard said. “As soon as I went back to my office, I ran a numerical experiment to check this myself.” Lemke Oliver and Soundararajan’s first guess for why this bias occurs was a simple one: Maybe a prime ending in 3, say, is more likely to be followed by a prime ending in 7, 9 or 1 merely because it encounters numbers with those endings before it reaches another number ending in 3. For example, 43 is followed by 47, 49 and 51 before it hits 53, and one of those numbers, 47, is prime. But the pair of mathematicians soon realized that this potential explanation couldn’t account for the magnitude of the biases they found. Nor could it explain why, as the pair found, primes ending in 3 seem to like being followed by primes ending in 9 more than 1 or 7. To explain these and other preferences, Lemke Oliver and Soundararajan had to delve into the deepest model mathematicians have for random behavior in the primes. Random Primes Prime numbers, of course, are not really random at all — they are completely determined. Yet in many respects, they seem to behave like a list of random numbers, governed by just one overarching rule: The approximate density of primes near any number is inversely proportional to how many digits the number has. In 1936, Swedish mathematician Harald Cramér explored this idea using an elementary model for generating random prime-like numbers: At every whole number, flip a weighted coin — weighted by the prime density near that number — to decide whether to include that number in your list of random “primes.” Cramér showed that this coin-tossing model does an excellent job of predicting certain features of the real primes, such as how many to expect between two consecutive perfect squares. Despite its predictive power, Cramér’s model is a vast oversimplification. For instance, even numbers have as good a chance of being chosen as odd numbers, whereas real primes are never even, apart from the number 2. Over the years, mathematicians have developed refinements of Cramér’s model that, for instance, bar even numbers and numbers divisible by 3, 5, and other small primes. These simple coin-tossing models tend to be very useful rules of thumb about how prime numbers behave. They accurately predict, among other things, that prime numbers shouldn’t care what their final digit is — and indeed, primes ending in 1, 3, 7 and 9 occur with roughly equal frequency. Yet similar logic seems to suggest that primes shouldn’t care what digit the prime after them ends in. It was probably mathematicians’ overreliance on the simple coin-tossing heuristics that made them miss the biases in consecutive primes for so long, Granville said. “It’s easy to take too much for granted — to assume that your first guess is true.” The primes’ preferences about the final digits of the primes that follow them can be explained, Soundararajan and Lemke Oliver found, using a much more refined model of randomness in primes, something called the prime k-tuples conjecture. Originally stated by mathematicians G. H. Hardy and J. E. Littlewood in 1923, the conjecture provides precise estimates of how often every possible constellation of primes with a given spacing pattern will appear. A wealth of numerical evidence supports the conjecture, but so far a proof has eluded mathematicians. The prime k-tuples conjecture subsumes many of the most central open problems in prime numbers, such as the twin primes conjecture, which posits that there are infinitely many pairs of primes — such as 17 and 19 — that are only two apart. Most mathematicians believe the twin primes conjecture not so much because they keep finding more twin primes, Maynard said, but because the number of twin primes they’ve found fits so neatly with what the prime k-tuples conjecture predicts. In a similar way, Soundararajan and Lemke Oliver have found that the biases they uncovered in consecutive primes come very close to what the prime k-tuples conjecture predicts. In other words, the most sophisticated conjecture mathematicians have about randomness in primes forces the primes to display strong biases. “I have to rethink how I teach my class in analytic number theory now,” Ono said. At this early stage, mathematicians say, it’s hard to know whether these biases are isolated peculiarities, or whether they have deep connections to other mathematical structures in the primes or elsewhere. Ono predicts, however, that mathematicians will immediately start looking for similar biases in related contexts, such as prime polynomials — fundamental objects in number theory that can’t be factored into simpler polynomials. And the finding will make mathematicians look at the primes themselves with fresh eyes, Granville said. “You could wonder, what else have we missed about the primes?” --- https://www.quantamagazine.org/20160313-mathematicians-discover-prime-conspiracy/ From coderman at gmail.com Mon Mar 14 02:02:13 2016 From: coderman at gmail.com (coderman) Date: Mon, 14 Mar 2016 10:02:13 +0100 Subject: Arithmetic Coding and Blinding for Lattice Cryptography Message-ID: https://eprint.iacr.org/2016/276 Abstract: In this work we apply information theoretically optimal arithmetic coding and a number of novel side-channel blinding countermeasure techniques to create BLZZRD, a practical, compact, and more quantum-resistant variant of the BLISS Ring-LWE Signature Scheme. We show how the hash-based random oracle can be modified to be more secure against quantum preimage attacks while decreasing signature size at any given security level. Most lattice-based cryptographic algorithms require non-uniformly distributed ciphertext, signature, and public/private key data to be stored and transmitted; hence there is a requirement for compression. Arithmetic Coding offers an information theoretically optimal compression for stationary and memoryless sources, such as the discrete Gaussian distributions often used in Lattice-based cryptography. We show that this technique gives better signature sizes than the previously proposed advanced Huffman-based compressors. We further demonstrate that arithmetic decoding from an uniform source to target distribution is also an optimal Gaussian sampling method in the sense that a minimal amount of true random bits is required. Performance of the new Binary Arithmetic Coding (BAC) sampler is comparable to other mainstream samplers. The same code, tables, or circuitry can be utilised for both tasks, eliminating the need for separate sampling and compression components. We also describe a simple blinding technique that can be applied to anti-cyclic polynomial multiplication to mask timing- and power consumption side-channels in ring arithmetic. We further show that Gaussian sampling can also be blinded by a split-and-permute technique while reducing the size of required CDF tables. From guninski at guninski.com Mon Mar 14 02:31:02 2016 From: guninski at guninski.com (Georgi Guninski) Date: Mon, 14 Mar 2016 11:31:02 +0200 Subject: Mathematicians Discover Prime Conspiracy In-Reply-To: References: Message-ID: <20160314092941.GD679@sivokote.iziade.m$> On Mon, Mar 14, 2016 at 09:42:37AM +0100, coderman wrote: > property of prime numbers — those numbers that are divisible only by 1 > and themselves. .... Isn't $1$ counterexample to this definition? Are there links to the papers? And what is the difference with Chebyshev's bias (look it up on wikipedia) which is modulo 4, i.e. base 4? From rysiek at hackerspace.pl Mon Mar 14 03:31:28 2016 From: rysiek at hackerspace.pl (rysiek) Date: Mon, 14 Mar 2016 11:31:28 +0100 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <20160314065336.GB679@sivokote.iziade.m$> References: <20160311064333.GA1919@sivokote.iziade.m$> <20160314065336.GB679@sivokote.iziade.m$> Message-ID: <2106724.1j4y8XQGkV@lapuntu> Dnia poniedziałek, 14 marca 2016 08:53:36 Georgi Guninski pisze: > On Sun, Mar 13, 2016 at 09:23:56AM -0700, Sean Lynch wrote: > > are genuinely safe or dangerous. Though to some extent the Japanese are > > providing this by acting as a living experiment. If there isn't an > > increase > > of cancers from eating food at the higher levels, then hopefully the > > higher > > levels are fine. > > Searching the web for "fukushima anomalies newborn" shows contradicting > results, some mention the west coast of the usa. I hear the radiation on the US west coast was so miniscule it was considered beneficial by the homeopaths. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From guninski at guninski.com Mon Mar 14 02:51:25 2016 From: guninski at guninski.com (Georgi Guninski) Date: Mon, 14 Mar 2016 11:51:25 +0200 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> References: <56e5b9fb.43858c0a.2d78b.582d@mx.google.com> <393316439.986541.1457938170399.JavaMail.yahoo@mail.yahoo.com> Message-ID: <20160314095125.GE679@sivokote.iziade.m$> On Mon, Mar 14, 2016 at 06:49:30AM +0000, jim bell wrote: > How so? It looks like it worked like it was designed to work. The problem is, a decision had been made about making a seawall only a certain height, and putting the switching circuitry in the basement which could be flooded. No doubt both these decisions had been approved by the Japanese involved. > Now, if it had been determined later that they wanted to protect against much larger earthquakes and higher tsunamis, they could have increased the seawall height and sealed the basement of the reactor better. They chose not to do so. Jim Bell > I heard the Fukushima reactors were not secure compared to others, they are "single contour". Whether the Japanese would have blown better reactor is not clear to me. Do reactors have guarantee? For how long? Were the Fukushima reactors in guarantee? From guninski at guninski.com Mon Mar 14 05:25:28 2016 From: guninski at guninski.com (Georgi Guninski) Date: Mon, 14 Mar 2016 14:25:28 +0200 Subject: Arithmetic Coding and Blinding for Lattice Cryptography In-Reply-To: References: Message-ID: <20160314122528.GF679@sivokote.iziade.m$> Happy pi day, 3.14.2016! On Mon, Mar 14, 2016 at 10:02:13AM +0100, coderman wrote: > https://eprint.iacr.org/2016/276 > > Abstract: In this work we apply information theoretically optimal > arithmetic coding and a number of novel side-channel blinding > countermeasure techniques to create BLZZRD, a practical, compact, and > more quantum-resistant variant of the BLISS Ring-LWE Signature Scheme. "more quantum-resistant"??? WTF. Is it known to be provably quantum resistant at all? Or just nobody disclosed the quantum attack _yet_? From seanl at literati.org Mon Mar 14 16:50:18 2016 From: seanl at literati.org (Sean Lynch) Date: Mon, 14 Mar 2016 16:50:18 -0700 Subject: SPICE: Special Purpose Integrated Communications Equipment In-Reply-To: References: Message-ID: On Sat, Mar 12, 2016 at 3:29 PM, Zenaan Harkness wrote: > I still find that signature of your Mike, just makes me so secure > about your 1 sentence email -warm fuzzies in my heart. > > A toast, to Mike the trusty. > > :) > > The message is not actually signed. It just has a public key attached. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 677 bytes Desc: not available URL: From Rayzer at riseup.net Mon Mar 14 20:35:33 2016 From: Rayzer at riseup.net (Rayzer) Date: Mon, 14 Mar 2016 20:35:33 -0700 Subject: They call it "Going Dark" because you wouldn't be scared if they called it "Bad Guy Go Buh Bye" Message-ID: <56E78305.2090604@riseup.net> In light of Apple’s very public battle with the FBI over encryption, John Oliver designed a satirical ad for Apple to help “both their customers and the government” understand just how hard it is to protect data. The host of /Last Week Tonight/ – who last April famously boiled down the argument about NSA surveillance to its core issue, dick picks – said he takes Apple’s side, but acknowledged that the company wasn’t doing a very good job of explaining its position. Watch the two-minute fake ad here . It’s the last two minutes of the segment, embedded below. “We’re barely one step ahead of hackers at all times,” a voiceover actress explains. “So that when you idiots lose your phone, your information doesn’t wind up in the hands of guys like Gary.” Gary is a creepy hacker gratifying himself over family photos on a phone he stole. Apple engineers are pictured panicking and cursing. “So if the FBI comes to us and asks us if we can undermine our encryption without compromising everyone’s emails, texts, and skateboarding videos, this is our response,” the voiceover continues. “Are you fucking kidding me? We’re engineers, not wizards,” says an engineer. https://theintercept.com/2016/03/14/john-oliver-produces-fake-ad-for-apple-about-protecting-data/ RR "Through counter-intelligence it should be possible to pinpoint potential trouble-makers ... And neutralize them, neutralize them, neutralize them" -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2270 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From grarpamp at gmail.com Mon Mar 14 23:00:23 2016 From: grarpamp at gmail.com (grarpamp) Date: Tue, 15 Mar 2016 02:00:23 -0400 Subject: [Cryptography] Govt Can't Let Smartphones Be 'Black Boxes, ' Obama Says In-Reply-To: References: <98e4834a9ef8ad47e039217702aa1735@cannon-ciota.info>

Message-ID: On 3/13/16, Henry Baker wrote: > At 05:59 PM 3/13/2016, Michael Froomkin - U.Miami School of Law wrote: >>No, you really can't argue this in good faith in court. The designation of >> crypto as a 'munition' was done by an administrative agency as a >> classificatory convenience to manage the export control regime (it was >> considered a dual use technology). That has no constitutional resonance >> at all. >> >>On Sat, 12 Mar 2016, Henry Baker wrote: >> >>>A case could be made that citizen crypto is protected -- at least in the >>> U.S. -- by the *Second* Amendment. Crypto has been considered "arms" on >>> & off for hundreds of years, so crypto is as much a right under the >>> Second Amendment as a firearm. > > One if by land; two if by sea. > > Code/encryption -- all part of being a militia. > > The real reason no one wants to argue this is that most of the folks who are > for citizen encryption are against citizen guns. So they've tied their own > hands when they go to argue in court. Even if said crypto citizens don't argue... the one group that is for citizen guns, the NRA [1], is also rather against surveillance / spying and databases and for privacy [2][3], so were you to reach out to them you might find a powerful symbiotic ally in the crypto fight. [1] And other similar RKBA groups. [2] See their national rally videos on youtube. [3] Though they may not know how to reach out to crypto to consult and integrate the philosophy into their position for their benefit. https://www.nra.org/ https://www.nraila.org/ From admin at pilobilus.net Tue Mar 15 04:10:39 2016 From: admin at pilobilus.net (Steve Kinney) Date: Tue, 15 Mar 2016 07:10:39 -0400 Subject: SPICE: Special Purpose Integrated Communications Equipment In-Reply-To: References:

Message-ID: <56E7EDAF.9010608@pilobilus.net> On 03/14/2016 07:50 PM, Sean Lynch wrote: > On Sat, Mar 12, 2016 at 3:29 PM, Zenaan Harkness > wrote: > > I still find that signature of your Mike, just makes me so secure > about your 1 sentence email -warm fuzzies in my heart. > > A toast, to Mike the trusty. > > :) > > > The message is not actually signed. It just has a public key attached. Or a super sneaky secret message hidden in plain sight? gpg --import yields: gpg: invalid radix64 character 3A skipped gpg: invalid radix64 character 2E skipped gpg: invalid radix64 character 2E skipped gpg: invalid radix64 character 3A skipped gpg: invalid radix64 character 3A skipped gpg: invalid radix64 character 2E skipped gpg: invalid radix64 character 2E skipped gpg: CRC error; 02A730 - 33E76E gpg: [don't know]: invalid packet (ctb=55) gpg: read_block: read error: Invalid packet gpg: import from `[stdin]' failed: Invalid keyring gpg: Total number processed: 0 :o) From dan at geer.org Tue Mar 15 15:22:42 2016 From: dan at geer.org (dan at geer.org) Date: Tue, 15 Mar 2016 18:22:42 -0400 Subject: Remember, remember the Fukushima nuclear disaster on this day? In-Reply-To: Your message of "Fri, 11 Mar 2016 10:24:32 +0200." <20160311082432.GB1919@sivokote.iziade.m$> Message-ID: <20160315222242.1426FA06E75@palinka.tinho.net> See www.transatomicpower.com --dan From dan at geer.org Tue Mar 15 15:34:21 2016 From: dan at geer.org (dan at geer.org) Date: Tue, 15 Mar 2016 18:34:21 -0400 Subject: Intelius opt-out In-Reply-To: Your message of "Sun, 13 Mar 2016 05:35:55 -0400." Message-ID: <20160315223421.A5C25A06DF6@palinka.tinho.net> Two recommendations .............................................. "The Secrets of Surveillance Capitalism", Shoshana Zuboff http://www.faz.net/aktuell/feuilleton/debatten/the-digital-debate/shoshana-zuboff-secrets-of-surveillance-capitalism-14103616-p2.html .............................................. --and-- .............................................. _Obfuscation_, Finn Brunton and Helen Nissenbaum, MIT Press https://mitpress.mit.edu/books/obfuscation .............................................. --dan From jya at pipeline.com Tue Mar 15 17:08:30 2016 From: jya at pipeline.com (John Young) Date: Tue, 15 Mar 2016 20:08:30 -0400 Subject: Apple Reply to USG Opposition to Vacate Decrypt Message-ID: Apple Reply to USG Opposition to Vacate Decrypt, March 15, 2016 https://cryptome.org/2016/03/usg-apple-177.pdf (351 pp, 22MB) From grarpamp at gmail.com Tue Mar 15 23:56:42 2016 From: grarpamp at gmail.com (grarpamp) Date: Wed, 16 Mar 2016 02:56:42 -0400 Subject: [Cryptography] Govt Can't Let Smartphones Be 'Black Boxes, ' Obama Say In-Reply-To: References: <56E4C11C.5070302@sonic.net> Message-ID: On 3/15/16, Phillip Hallam-Baker wrote: > On Sat, Mar 12, 2016 at 8:23 PM, Ray Dillinger wrote: > >> It would be a damned sight easier to take a view that allowed >> exceptional access with warrants, etc, if in the past the USG >> had abided by the notion that such access is in fact exceptional >> rather than routine, and needs to be provided for with warrants, >> etc. > > PRISM and the mass surveillance program violated our norms, no > question. But these were not a surprise to anyone who had been paying > attention. The big surprise for me was the Abu Ghraib photographs. Any > way you consider them, the photographs demonstrate a total collapse of > the moral fabric of the US military. And to this day, nobody has been > punished for committing the torture. The only jail sentences handing > down was for taking the photographs which led to the program being > exposed. Governments always absolve and immunize themselves (and their partners), particularly at the highest levels. Torture, Murder, Surveillance, Drone Kills, Cops Killing, Political Lies, Too Big To Fail, Generally Fucking Shit Up, etc... all typical. The only time they're stopped, indicted, prosecuted, and jailed is when they're failed / overthrown, invaded, or both. In the meantime till people wake up... they've come up with this cool thing called elections to make you forget and think the guard has changed... it hasn't... the same old game. Don't believe it? Ask History. Some history and deja vu... https://en.wikipedia.org/wiki/Church_Committee#Results_of_the_investigation https://en.wikipedia.org/wiki/Clipper_chip https://en.wikipedia.org/wiki/Cabinet_noir http://history.howstuffworks.com/historical-events/10-long-lived-empires.htm/printable From dan at geer.org Wed Mar 16 08:05:09 2016 From: dan at geer.org (dan at geer.org) Date: Wed, 16 Mar 2016 11:05:09 -0400 Subject: blockchain startup Message-ID: <20160316150509.F02F1A06E89@palinka.tinho.net> Good team... Freemit (New York City, NY) http://www.freemit.com Freemit is creating an alternative to current remittance and currency exchange systems. It uses the blockchain and a local currency in/local currency out service, along with a phone app and virtual credit card, to simplify and streamline cross-border money transfers. From guninski at guninski.com Wed Mar 16 06:07:14 2016 From: guninski at guninski.com (Georgi Guninski) Date: Wed, 16 Mar 2016 15:07:14 +0200 Subject: [Cryptography] Govt Can't Let Smartphones Be 'Black Boxes, ' Obama Say In-Reply-To: References: <56E4C11C.5070302@sonic.net> Message-ID: <20160316130714.GA1171@sivokote.iziade.m$> On Wed, Mar 16, 2016 at 02:56:42AM -0400, grarpamp wrote: > till people wake up... Do you think enough people will wake up? Does this list helps waking up people in non-negligible way? I am sceptical to both questions. From jya at pipeline.com Wed Mar 16 14:13:47 2016 From: jya at pipeline.com (John Young) Date: Wed, 16 Mar 2016 17:13:47 -0400 Subject: [Cryptography] Lavabit's and Snowden's Solos In-Reply-To: <56E9BBE7.4050507@sonic.net> References: