On Tue, 25 Mar 2003, Ian Grigg wrote:
>On Monday 24 March 2003 19:26, bear wrote: >> him running roughshod over the law. He set up routing tables >> to fool DNS into thinking his machine was the shortest distance >> from the courthouse where she worked to her home ISP and >> eavesdropped on her mail. Sent a message to every fax machine >> in town calling her a "Jezebellian whore" after getting the >> skinny on the aftermath of an affair that she was discussing >> with her husband. > >I love it! Then, I'm wrong on that point, we >do in fact have some aggressive MITMs >occuring in some mediums over the net. >Steve Bellovin pointed one out, this is >another. > >Which gets us to the next stage of the >analysis (what did they cost!). Wait. Time out. Setting aside the increased monetary cost of her reelection campaign in a fairly conservative state capitol, and setting aside the increased difficulty of raising money for that campaign, the main costs here are intangible. On a professional level, she had reduced power in office because of the scandal this clown created publishing her personal email, but the intangible costs go both directions from there. Toward the personal end of the spectrum, discussing the aftermath of an affair with one's husband is sensitive and personal, and making that whole thing public can't have done either of them, or their marriage for that matter, any good. In the public sphere, this is a case in which information gained from an attack on email was being employed directly for undeserved influence on government officials. Being timed to interfere with her reelection makes it a direct means of removing political opponents from office, and it has probably had a "chilling effect" on other council members in that benighted city who might otherwise have voted in ways Phred didn't like. What he did was nothing less than a direct assault on the democratic process of government. I don't think mere monetary costs are even germane to something like this. The costs, publicly and personally, are of a different kind than money expresses. And we're going to continue to have this problem for as long as we continue to use unencrypted SMTP for mail transport. Bear --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]