Re: layered deception
At 11:46 PM 4/28/2001 -0400, Declan McCullagh wrote: I rather like the idea of encrypting the logs on the fly and shipping them offshore. Your offshore partner will be instructed to turn over the logs only if you are not asking for them under duress. (A reasonable protocol can probably be worked out. Would a court order instruct you to lie? If so, would it be valid?) One of the simplest and most effective ways to accomplish this is to require the legally responsible corporate person to physically show up at the offshore location as proof of a lack of duress. steve
RE: layered deception
At 01:04 PM 4/29/2001 -0400, Matthew Gaylor wrote: Declan McCullagh [EMAIL PROTECTED] wrote: Right, in most circumstances you're not required to keep logs. But there are some cases, albeit a fairly narrow subset, in which you'd want to have log files that are available to you but not an adversary using legal process. -Declan Which would/could get you charged with obstruction of justice/contempt/conspiracy etc, etc. You can protect your log files safely enough by not having any- But protecting your real ASSets is a bit more difficult. Almost anything the court does not like can get you so charged. So what else is new? Still, if the information or principle is sufficiently important you will eventually be released (if you are even held). steve
Re: As Dot-Coms Go Bust in the U.S., Bermuda Hosts a Little Boomlet
At 10:54 AM 1/10/01 -0600, Jim Burnes wrote: On Wednesday 10 January 2001 05:29, Ken Brown wrote: ... The sun still doesn't set on the British Empire (not while we have Pitcairn!), London is still the heart of darkness, it is is still the place where the money is (most of the money in the world, by orders of magnitude, is in meaninglessly large dollar accounts in databases owned by London banks, representing currency trades), and if you think you can trust these guys to do anything other than act in the interests of their own profits you are making a big mistake. Their interests are in making capital grow and prosper. These are diametrically opposed to the interests of high taxation and socialism. I don't think the Bermuda dot-coms are worried about these guys acting in their own interests. I think they are banking on it Published Wednesday, Jan. 10, 2001, in the San Jose Mercury News WORLD NEWS offshore banking Developed nations pushing to get rid of tax havens Wealthy countries aiming to recover billions of dollars lost to offshore tax havens are trying to convince small countries to give up the banking secrecy that has helped their fragile economies survive. Officials from about 40 countries and territories were to reconvene Tuesday in Barbados for a second and final day of discussion about what the Paris-based Organization for Economic Cooperation and Development terms ``harmful tax practices.'' The organization's 30 member nations, which include the world's wealthiest nations, have set up international standards that they want all nations to abide by. Countries that have no taxes or low taxes are being pushed to change their laws steve
Re: Anarchy Eroded: Project Efnext
At 10:01 AM 12/31/00 -0800, Eric Cordian wrote: Jim Choate writes: Making people "part of the process" is one of the first things one learns in management. How to simultaneously make sure they have zero chance of actually altering what you have planned for them is the second thing. They already are, and have been for years. Usenet is another service that could use some sort of p2p datahaven environment. This should be one of the Cypherpunk 'target projects'. Uh, right. Let us know when you have working code. It shouldn't be very hard to bridge Usenet and Mojo Nation. steve
Re: Zionist Entity Tactical Laser Fizzles
At 03:34 PM 12/7/00 -0800, Eric Cordian wrote: I must have been mistaken, according to the material at http://www.fas.org/spp/military/program/asat/miracl.htm no CO2 is employed, rather "a fuel (ethylene, C2H4) is burned with an oxidizer (nitrogen trifluoride, NF3). Free, excited fluorine atoms are one of the combustion products. Just downstream from the combustor, deuterium and helium are injected into the exhaust. Deuterium combines with the excited fluorine to give excited deuterium fluoride (DF) molecules, while the helium stabilizes the reaction and controls the temperature. The laser's resonator mirrors are wrapped around the excited exhaust gas and optical energy is extracted. The cavity is actively cooled and can be run until the fuel supply is exhausted. The laser's output power can be varied over a wide range by altering the fuel flow rates and mixture/" steve
Industry Standard: Legislating Cookies
Legislating Cookies By John Roemer November 28, 2000 In the absence of legislation written specifically to regulate Net privacy, should a 14-year-old wiretapping law be applied to Internet privacy issues? Two federal class actions filed last week raise this question, claiming that online ad companies violate federal laws by tracking consumers' browsing habits without their permission. Filed in Denver against Excite@Home subsidiary MatchLogic and in Redmond, Wash., against the online advertiser Avenue A, the suits complain that the two companies planted cookies on consumers' hard drives to track their Web habits for commercial purposes, thereby violating the Electronic Communications Privacy Act, passed by Congress to deter wiretapping, and the Computer Fraud and Abuse Act. As concerns about Internet privacy grow, legal experts believe that the outcome of these two suits could shape the development of future Net privacy practices. If the judges decide that existing wiretapping laws forbid the practice of tracking consumer information via cookies, Web advertisers will face legal liability for cookie use unless they are scrupulous about notifying consumers of the practice. Conversely, if the courts decide that the existing wiretapping laws don't forbid the use of cookies without adequate notification, it could be open season for advertisers to harvest and sell information about site visitors, at least until Congress drafts new legislation to govern consumers' privacy rights in cyberspace. Although both companies declined to comment on the suits, attorneys at the powerhouse class-action firm Milberg Weiss Bershad Hynes Lerach who joined both suits are trying to convince the judges that the existing law regulating wiretapping can also be applied to the Web. They argue that the online advertisers accessed consumers' information without their knowledge, using a method similar to one a wiretapper would use to intercept a phone conversation. But Denver attorney Philip Gordon, an expert in wiretapping statutes and a fellow of the nonprofit Privacy Foundation, points out that Congress intended ECPA to protect the content of communications, such as the words spoken in a phone conversation, not transactional data, such as the number dialed and the length and cost of the call. In Web usage, that transactional information is of value to advertisers. Gordon noted that the cases might turn on whether the defendants can show that users reviewed and understood the privacy policies that were posted on the sites. Another hurdle for the plantiffs is whether all of Net users' experiences are sufficiently similar for the cases to qualify as a class action. The outcome, whichever direction it takes, is likely to clarify an area of Internet law that remains murky, at least for the time being. "Internet law is simply not developed in this area," Gordon says. "Ideally, the courts should grapple with these issues and decide if federal statutes can be applied to the novel technologies presented." Online Ad Companies Hit With Privacy Suits http://news.cnet.com/news/0-1005-200-3821026.html Review: Online Toy Stores Fall Short on Privacy Protection (InfoWorld) http://tm0.com/thestandard/sbct.cgi?s=64852336i=281243d=672624 Privacy Foundation http://www.privacyfoundation.org
re: Imagine
Title: FW: A view from the developing world 1. Imagine that we read of an election occurring anywhere in the third world in which the self-declared winner was the son of the former prime minister and that former prime minister was himself the former head of that nation's secret police (CIA). Correction. He was declared the winner by the fact that he hasreceived 271 of the needed 270 electoral votes. Let's beaccuratePlease!2. Imagine that the self-declared winner lost the popular vote but won based on some old colonial holdover (Electoral College) from the nation's pre-democracy past. 1. This country is a republic, not a democracy. 2.The electoral college was designed to protect states rights, it is not a colonial holdover. It is interesting that leading up to the election, democrats were afraid thatPrince Al (as the democrats would like to viewhim) was going to win on the electoral vote but lose the popular vote. At that time the republicans were silent but the dem's were spinning and spinning that the electoral college is the"law of the land" and we must abide by the law. Funny when things do go as expected for the dem's how they canreverse their spin so quickly. Bottom line. IT IS THE LAW!!! 3. Imagine that the self-declared winner's 'victory' turned on disputed votes cast in a province governed by his brother! Again, let's work with facts - About 1% of the ballots that the machines registered as "no president vote" in Dade county.Prince Al claims that these have never been counter. Realitycheck: In the past elections in 92 and 96, Dade county showed about 1% of the ballots registered as "no vote for president". In the exit polls for Dade county there were an estimated count of 1% that claimed to not have voted for president. Prince Al would have us believe that if the ballot is punched for democrats but only a scratch on the card (note a scratch that only a democrat canvassing board member can see) means a vote for Prince Al. However, the truth is the only ballots that have not been counted in Florida, are the thousands of Military absentee ballots that the democrat "mob" has managed to get rejected PRIOR to any count. 4. Imagine that the poorly drafted ballots of one district, a district heavily favoring the self-declared winner's opponent, led thousands of voters to vote for the wrong candidate. A Ballot designed by the losing candidates party members, approved by the losing candidates party and campaign staff, andis the same ballot layout used in that county in 1996 without complaint, and is the same ballotthat when given to 4 grade children 98% were able to figure it out.Finally, if a ballot is a secret vote, and that once cast cannot be traced back to the individual voter, how the ^#$% can the dem's claim that these people knew they voted for the wrong person? If they knew they made a mistake, the "CONFUSING BALLOT" had these strange words on it along with signs in the polling place, that the voter could request a new ballot. 5. Imagine that members of that nation's most despised caste, fearing for their lives/livelihoods, turned out in record numbers to vote in near-universal opposition to the self-declared winner's candidacy. This item makes no sense at all except it doesecho the words of who has to be the writers greatest heroVladimir Iljitsh Uljanov (Lenin). 6. Imagine that state police operating under the authority of the self-declared winner's brother intercepted hundreds of members of that most-despised caste on their way to the polls.see answer to item 5 above.i.e. BULL@@$#$7. Imagine that six million people voted in the disputed province and that the self-declared winner's 'lead' was only 327 votes. Fewer, certainly, than the vote counting machines' margin of error.and even after a recount, and hand recount with democrat operatives managing the hand recount still had thelegally declared winner as the winner. 8. Imagine that the self-declared winner and his political party opposed a more careful by-hand inspection and re-counting of the ballots in the disputed province or in its most hotly disputed district. You know it is interesting that people who claim some level of intelligencecan not see thevote engineering that was attempted by democrat operatives in some counties in an attempt to STEAL the election from the rightful winner. We have had a count,a recount, a rerecount, and the same guy won each time. Al lost. GET OVER IT! 9. Imagine that the self-declared winner, himself a governor of a major province, had the worst human rights record of any province in his nation and actually led the nation in executions. This statement is beneath contempt. 10. Imagine that a major campaign promise of the self-declared winner was to appoint like-minded human rights
Re: Carnivore All-Consuming
At 06:21 PM 11/19/00 +, Jim Dixon wrote: On Sat, 18 Nov 2000 [EMAIL PROTECTED] wrote: EPIC FOIA... http://www.latimes.com/wires/20001117/tCB00V0387.html WASHINGTON--The FBI's controversial e-mail surveillance tool, known as Carnivore, can retrieve all communications that go through an Internet service -far more than FBI officials have said it does -a recent test of its potential sweep found, according to bureau documents [snip] Carnivore is an NT-based PC. How could it conceivably process all communications through even a mid-sized ISP? There are at least two problems: processing power and network architecture. As regards the first, our customers, many of them smaller ISPs, find it necessary to employ NT clusters to handle subsets of their traffic (Usenet news, Web proxies, and so forth). So it is difficult to believe that a single NT box could monitor their entire traffic load. A PC, using off-the-shelf HW, is capable of filtering a full 100 Mbps link (144K packets/sec) as demonstrated by the BlackICE products http://www.networkice.com/html/blackice_sentry.html steve As regards the second, most ISPs of any size have multiple PoPs and multiple high-speed connections to other networks. It would require incredible contortions to route all of their traffic to one point for monitoring. And for the larger network, the bandwidth into that single point would be unmanageable. The UK government proposed building something more sophisticated than Carnivore. Consultants led them to believe that this was feasible, and costed a solution. The UK ISP associations (the LINX and ISPA) replied to their proposals by saying that (a) the proposals showed no understanding of the technical structure of the Internet and (b) their cost estimates were ridiculously low, even if the Internet could be distorted sufficiently to be monitored in the manner envisioned. As far as we can see, the UK government as an institution is not capable of even understanding the Internet. They simply do not have enough competent technical staff. They do have a lot of relatively senior people who claim to be competent - and give bad advice, some of which finds its way into legislation and programs of action. The overall capacity and the complexity of the Internet is increasing at an explosive rate. For better or for worse, this far exceeds the growth in any government's capability of monitoring Internet traffic.
Fwd: $9.4 MILLION IS RECOVERED IN MEDI-CAL FRAUD / Abstracted f =?
To: Article Submission Topica Newsletter [EMAIL PROTECTED] From: "Graham Crabtree/ C.E.G. Ltd." [EMAIL PROTECTED] Subject: $9.4 MILLION IS RECOVERED IN MEDI-CAL FRAUD / Abstracted f =? Date: Wed, 23 Aug 2000 03:47:35 -0700 Reply-To: [EMAIL PROTECTED] X-Topica-Loop: 1300010620 X-Mailer: Microsoft Outlook Express 5.00.2314.1300 US ABSTRACTS: $9.4 MILLION IS RECOVERED IN MEDI-CAL FRAUD Los Angeles Times - US Abstracts, Aug 22, 2000, 143 words State investigators have managed to recover $9.4m stolen from Medi-Cal, California's healthcare program for the poor, from secret bank accounts in Liechtenstein. The fraud's ringleader, Marcus Fontaine, will soon finish his 10-year prison sentence for mail fraud and money laundering. The breakthrough came when a FBI agent suggested trying the names of Mr. Fontaine's family's pets as the password on his personal organizer. The name of his sister's dog turned out to be the correct password, giving agents vital new clues to the whereabouts of the money. Once the money had been found, a civil lawsuit was launched as the funds were tied up in a foundation and the trustees refused to give them back to the state of California, despite a letter of authority from Mr. Fontaine, who hoped to reduce his sentence. Eventually, however, the trustees agreed to release the money. "It took 10 years, but we've gotten all that he had hidden in Liechtenstein," said Deputy Atty. Gen. David Haxton. Abstracted from: Los Angeles Times Copyright © Financial Times Information Graham Crabtree Director Unless an e-mail message is encrypted it can be intercepted/read at any point/node in transit. For this reason suggest that you encrypt your messages. PGP is Preferred. We use version 6.5.1. Go to http://www.pgpi.org, select download wizard, international version at the appropriate points - the non-commercial version is free. Then send a request for our public key The information in this e-mail any attachment is confidential. It may be subject to client-attorney privilege or otherwise legally protected and is for the addressee's use only. If you aren't the intended recipient, please let us know immediately and delete it from your computer/system; you shouldn't copy the message or disclose its contents to anyone. This entity/author accepts no legal responsibility for the contents of this message. We take reasonable precautions to ensure that any attachment is swept for viruses but accept no liability for damage sustained as a result of any viruses. Thank you. ___ T O P I C A The Email You Want. http://www.topica.com/t/16 Newsletters, Tips and Discussions on Your Favorite Topics
Fwd: British e-mail law shelved / By Jean Eaglesham, Legal Correspondent/ Source: Fi
To: Article Submission Topica Newsletter [EMAIL PROTECTED] From: "Graham Crabtree/ C.E.G. Ltd." [EMAIL PROTECTED] Subject: British e-mail law shelved / By Jean Eaglesham, Legal Correspondent/ Source: Fi Date: Fri, 25 Aug 2000 03:52:23 -0700 Reply-To: [EMAIL PROTECTED] X-Topica-Loop: 1300010620 X-Mailer: Microsoft Outlook Express 5.00.2314.1300 The British government on Thursday abandoned its attempt to rush through rules on employers' monitoring of employees' e-mails ahead of the October 2 introduction of the Human Rights Act in the face of ferocious industry criticism. The Home Office has been adamant the Regulation of Investigatory Powers Act governing e-mail and phone snooping must be in force by October 2. The existing surveillance regime has already failed a human rights challenge in the European Court of Human Rights, and Jack Straw, the home secretary, is keen to avoid similar challenges being mounted successfully against government departments and other public sector employers under the landmark new rights act. But the Department of Trade and Industry has been rocked by the extent of industry criticism of its proposed rules on business monitoring of e-mails. A leading industry group will on Friday warn that the rules as drafted could force companies to ban staff from sending any personal e-mails. The DTI on Thursday agreed to a three-week extension to the consultation period on the proposed rules, originally due to end on Friday. The rules will now come into force on October 24. Industry strongly welcomed the time this will allow to discuss the radical changes they think need to be made. But lawyers warned that the move leaves many employers - particularly in the public sector, where there is a direct duty to abide by the Human Rights Act - vulnerable to being sued for breaching employees' rights to privacy. "Public authorities are open to a human rights challenge during the hiatus," said Nick Buckley of Taylor Joynson Garrett, the law firm. The Home Office said last night it "was aware [the delay] could have a possible knock-on effect on public authorities but it was felt that the balance [of merit] lay in allowing more time to receive industry views on this important issue". It added that public authorities had been advised of the risk of a human rights challenge. The Alliance for Electronic Business, which includes the Confederation of British Industry, the employers' organisation, will condemn the government's approach on Friday in its response to the DTI's consultation paper as being "totally impractical and indeed impossible" to comply with. The draft rules would "deny businesses day-to-day access to their own correspondence when conducted electronically by means of e-mail or voice mail". "We find it hard to believe that the government intends the [RIP] Act and regulations to have this startling consequence". The proposed rules require companies to get the consent of both the sender and receiver of e-mails and other messages, for any monitoring by an employer. Graham Crabtree Director Unless an e-mail message is encrypted it can be intercepted/read at any point/node in transit. For this reason suggest that you encrypt your messages. PGP is Preferred. We use version 6.5.1. Go to http://www.pgpi.org, select download wizard, international version at the appropriate points - the non-commercial version is free. Then send a request for our public key The information in this e-mail any attachment is confidential. It may be subject to client-attorney privilege or otherwise legally protected and is for the addressee's use only. If you aren't the intended recipient, please let us know immediately and delete it from your computer/system; you shouldn't copy the message or disclose its contents to anyone. This entity/author accepts no legal responsibility for the contents of this message. We take reasonable precautions to ensure that any attachment is swept for viruses but accept no liability for damage sustained as a result of any viruses. Thank you. ___ T O P I C A The Email You Want. http://www.topica.com/t/16 Newsletters, Tips and Discussions on Your Favorite Topics
Re: stupid hackers
At 05:35 PM 8/19/00 -0700, Anonymous wrote: Isn't it better to encrypt account data and send to a maillist or ng ? Its been suggested for rev 0.2 steve
Re: stupid hackers
At 08:39 AM 8/20/00 -0700, you wrote: Here's another protocol question though; how could the script kiddies have *used* the keys (eg, to get money) without creating a route through which they could be traced? Remember ATMs all mount cameras these days, and their locations are, of course, known. It's clear that the script kiddies are not thinking in terms of protocols though -- they've got pretty much the same approach as those idiots who rob banks without bothering to wear gloves or a mask. You've answered your own question. Walk up to the ATM late at night wearing a mask. steve
C2NET sold
We have another winner! Red Hat adds Web server software with C2Net buy By Stephen Shankland Staff Writer, CNET News.com August 14, 2000, 10:20 a.m. PT Red Hat has agreed to acquire C2Net in a stock deal worth about $44 million, expanding its domain from Linux to another major open-source package, Apache Web server software. The move puts pressure on Covalent Technologies, a start-up that also sells support for Apache software, and Linuxcare, which plans to expand to support other open-source software packages besides Linux. http://news.cnet.com/news/0-1003-200-2518832.html
Publius
ONLINE AND UNIDENTIFIABLE? Issue: Internet Today researchers at ATT Labs will reveal a new technology that can help Internet users evade censors. "It seems like more and more, technologies are being introduced that limit the freedom of individuals--especially in repressive administrations" around the world, said Aviel D. Rubin, who developed Publius with ATT colleague Lorrie F. Cranor and graduate student Marc Waldman. "We are hoping that by providing some tools to help the individual, we can help offset this trend a little bit." Publius works by encrypting files--from text to pictures and music--and dividing them into smaller pieces to be distributed over a number of servers, making it hard to trace the original transaction. [SOURCE: Washington Post (E1), AUTHOR: John Schwartz] (http://washingtonpost.com/wp-dyn/articles/A21689-2000Jun29.html) Technical description and Publius home page: http://cs1.cs.nyu.edu/waldman/publius/ steve