Apparently one can spell Snake Oil in Capital Letters, too (Re: CRYPTO-GRAM, August 15, 2004)
At 11:26 PM -0500 8/14/04, Bruce Schneier wrote: From: Ken Lavender [EMAIL PROTECTED] Subject: ICS Atlanta I am APPAULED at your comments that you had made on your website: http://www.schneier.com/crypto-gram-0407.html#9 You have statements are nothing but slander defamation. They shall be dealt with accordingly. Lie #1: How do they demonstrate Tree's security? 'Over 100 professionals in mathematics in computer science at Massachusetts Institute of Technology at Georgia Tech, had sample encoded messages submitted to them. Not a single person could break this code!' That is not the ONLY way we prove it. We have examples offer to allow people to submit their OWN messages to have encoded to SEE how good the code is. So there are THREE methods, NOT just ONE as you IMPLY. Lie #2: These guys sent unsolicited e-mails... HOW do you KNOW that this was the case? Have any PROOF of such? NO! Lie #3: And if all that isn't enough to make you run screaming from these guys, their website proudly proclaims: 'Tree Encoded Files Can Be Zipped.' Because they can be zipped does NOT mean that it is bad encoding. The code talkers of ww2 used LANGUAGE to code the messages, and THOSE COULD BE ZIPPED!!! And that code was NEVER BROKEN!!! Lie #4: That's right; their encryption is so lousy that the ciphertext doesn't even look random. AGAIN, HOW would you KNOW??? Did you break it? NO! And what is random??? random : without definite aim, direction, rule, or method So lousy? HOW WOULD YOU KNOW??? You would have to KNOW how we encode BEFORE you can make such a statement, YOU DO NOT KNOW HOW!!! If it is SO LOUSY, how come NOBODY HAS BROKEN IT YET??? And we have people ALL THE TIME trying to, with ZERO SUCCESS. I do not like you slandering something that you do not understand. ATALL!!! The ONLY question you asked was how long is the key AND THAT WAS IT! HOW long was the key that the 'code talkers' used? ZERO!!! JUST AS OUR IS. The encoding routine was created, tested, verified on PAPER PENCIL WITHOUT COMPUTERS! A child could encode data using our routine. The computer is merely used to speed-up the process, NOT TO CREATE IT. Our routine is based on LANGUAGE, NOT MATH. So all of you comments are just false, misleading just plain ole lies! SHOW PROVE that it is NOT random. What is the PATTERN THEN??? I am DEMANDING A FULL RETRACTION OF YOUR COMMENTS A FULL, COMPLETE APOLOGY TO THESE AND ALL STATEMENTS. I am a person who tries to work with people as a man w/o having to drag others into the mess. Others? THE COURTS. You have violated Calf law by your statements. [Text of California Civil Code Section 46 deleted.] Your LIES have damaged my respect in my job has damaged any sales of this routine. You have ZERO proof of your comments, ANY OF THEM!!! I beseech of you, do the RIGHT THING and comply. I DO NOT wish to escalate this matter any higher. And remember this, Tree is based on LANGUAGE, NOT MATH! [Phone number deleted out of mercy.] -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
You have the advantage of me! :)
Rise and shine! True glory lies in nolbe deesd.Ka dish day z,D
Take out someone worthwhile this evening from here ,. This is the place where youll find that person you want ,, . chablis anecdotal
This evening will be fun "Finish your profile and then come check out all of the different pages available for these lone ly ladies They have all been starving for attention. With our s ite you'll be in contact with more ho tties that you can imagine." She wont be been waiting forever for you right here Just copy and pa ste the addr.ess below into your browser to visit us. www.ldkecvczienmburw.dadivico.info/p/5/ scythe ludicrous referee. confound breastplate vermiculite sesame retrospect. binomial congolese loaf consultative typeface pyridine molybdenite. plz no more http://rukjcpzuqjkv.serigeti.info/goodbye/
The Denouement = stable .n. hard errection
The denouement is stable .n. hard errection CIALIS (Also called Super Viagra) The action not less than about 36 hours; You can do it within just ten m.; Can be mixed with alcoholic drinks; Select the provider you can trust! You may bcome to known additionaly about this product and buy it immediately: PLZ LOOK This is Express time limited price bid: Just three $ for doze portion. Prices are valid until 17 of Aug.! We deliver to over120 locations Visit: http://doctor36.info /sv/chair.php to configure you own mail settings
Re: yes, they look for stego, as a Hacker Tool
At 02:43 AM 8/15/04 +0200, Thomas Shaddack wrote: On Sat, 14 Aug 2004, Major Variola (ret) wrote: It was disturbing that, as the bottom fell out of telecom, and handsets became commoditized, faceplates and ringtones were highly profitable. Faceplates are at least made of atoms. There are several lessons there, from economic to sociobiological (if there's a difference), none of which are terribly pleasing in my aesthetic. Care to elaborate further, please? I found it troubling that the tech was becoming commoditized, since this disturbs the innovation that I find attractive. OTOH cheap products are nice. And commoditization is the end-game for tech anyway. Selling ringtones (static bits, not even a service) struck me as oldschool as selling music, enforced in this case by proprietary cellphone standards. That personalization features were lucrative I found to be a comment on human nature. Or human-teens' nature. Since I tend to have an engineer's aesthetic, which I take to be fairly spartan/functional, as well as believing that personalization should be done by the person desiring it, I found mass-market faceplates kind of silly. But then I don't own any Nike baseball caps or Coke t-shirts to express myself. I am un-Amerikan, clearly. There is something I clearly don't get. Herd mentality, perhaps. Besides, the phones should be covered in conformal photocells to trickle charge them. Fortunately the whole PDA vs. cell vs. camera vs GPS vs. smartcard vs MP3 player vs. email-pager etc bat-belt [1] frenzy will resolve in a few years, and perhaps some of the Linux based solutions will not be involuntary citizen-tracking devices and will support privacy of data stored, and in transit, including voice data. And free ring tones :-) All that's needed is one of the hardware-selling companies to start the process, making money off the atoms, and possibly Sharp's Zaurus (?) already has? Or buy an Enfora Enabler GSM/GPRS module, add a Gumstix module with built-in bluetooth, slap in a suitable display and keyboard, eventually add a GPS receiver, and we're set. All features and security modes we can imagine, and then some. I liked the Handspring's modularity, but don't know how they did in the marketplace. I do think that the cell makers have a decent enough market share to take over the PDA/camera/email etc. market, and they know that and are working on it. I read recently that in 5 years only pros will own digital cameras that do nothing else. Similarly with GPS, PDAs, MP3 renderers recorders, calculators, authentication tokens, smart cards, etc. How much extra does a hifi audio ADC or DAC cost than an 8 Khz telecom one? Why not let users see their location, even if its only triangulated and not satellite based? Non-volitile memory is only getting cheaper, smaller, with less power requirements or awkward properties like page-based access. Preventing spatial tracking is difficult though, as we're dependent on the cellular network for staying online. Though if the given area has wifi mesh coverage, it could be easier. (And if the device becomes widely popular, the handsets can serve as mesh nodes themselves - but that's a song of rather far future.) Yes, but a nice Heinleinian corollary. Perhaps there's a biz model in buying a 3-D color prototyping machine for $40K and setting up a custom faceplate biz for the integrated gizmo of the near future. Hmm, with freedom-enabling software being distributed on the side, it sounds like a Heinlein novel... Why not? :) Isn't the main purpose of science-fiction (at least its certain kinds) to be the inspiration for the future? On the other hand, perhaps it's cheaper to just get a bulk supply of blank faceplates and hire an artist with an airbrush and a talent. It's also possibly easier (and cheaper) to make the parts in more classical way, eg. by casting them from resin. The rapid prototyping machines so far usually don't provide parts that are both nice-looking, accurate, and with suitable mechanical properties at once. I was thinking there are too many models to keep the things in stock on a little beachside storefront; and you could add custom textures with a prototyping machine. Its also possible I'm enamoured of 3D printers which have no place right now in making consumer products. [1] Batman (tm) wore a belt with too many gizmos. Some widget-fetishist friends/early adopters are similarly afflicted. There is nothing like too many gizmos! (Well, you could call such situation almost enough, but never too many.) Aesthetics and convenience. OTOH when your Everything Gizmo dies, you are seriously out of luck. Much like when your combo fax/printer/copier/scanner power supply dies, you have zero functionality, instead of the degraded functionality you'd have if each were a separate machine. And sometimes the integrated gizmo does nothing very well, eg early cell-phone cameras. But integration (done well, and
RPOW - Reusable Proofs of Work
I'd like to invite members of this list to try out my new hashcash-based server, rpow.net. This system receives hashcash as a Proof of Work (POW) token, and in exchange creates RSA-signed tokens which I call Reusable Proof of Work (RPOW) tokens. RPOWs can then be transferred from person to person and exchanged for new RPOWs at each step. Each RPOW or POW token can only be used once but since it gives birth to a new one, it is as though the same token can be handed from person to person. Because RPOWs are only created from equal-value POWs or RPOWs, they are as rare and valuable as the hashcash that was used to create them. But they are reusable, unlike hashcash. The new concept in the server is the security model. The RPOW server is running on a high-security processor card, the IBM 4758 Secure Cryptographic Coprocessor, validated to FIPS-140 level 4. This card has the capability to deliver a signed attestation of the software configuration on the board, which any (sufficiently motivated) user can verify against the published source code of the system. This lets everyone see that the system has no back doors and will only create RPOW tokens when supplied with POW/RPOW tokens of equal value. This is what creates trust in RPOWs as actually embodying their claimed values, the knowledge that they were in fact created based on an equal value POW (hashcash) token. I have a lot more information about the system at rpow.net, along with downloadable source code. There is also a crude web interface which lets you exchange POWs for RPOWs without downloading the client. This system is in early beta right now so I'd appreciate any feedback if anyone has a chance to try it out. Please keep in mind that if there are problems I may need to reload the server code, which will invalidate any RPOW tokens which people have previously created. So don't go too crazy hoarding up RPOWs quite yet. Thanks very much - Hal Finney
wh'at a de.al
This week only: FREE GENERlC VlAGRA Cover the shipping, and we'll send youour product at N0 C0ST to prove its effectiveness. W0N'T LAST...HURRY No thanks
Billing Information M6ADMV
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Sunday, August 15, 2004 at 18:54:18 --- : Dear Paypal customer,we are sorry to inform you that we are having problem's with the billing information on your account. We would appreciate it if you would goto our website and fill out the proper information that we require to keep your account active Please Update your account information by visiting our updates web site below. http:\\r.aol.com\cgi\redir-complex?url=http://accountupdate.no-ip.com We are here to serve you Steve Johnson. Billing Updates Center Acoount Updates Team. 2004 http:\\r.aol.com\cgi\redir-complex?url=http://accountupdate.no-ip.com IVLYF5brbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrA23VBU ---
Urgent Update VA8PS9
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Sunday, August 15, 2004 at 19:42:51 --- : Dear Paypal customer,we are sorry to inform you that we are having problem's with the billing information on your account. We would appreciate it if you would goto our website and fill out the proper information that we require to keep your account active Please Update your account information by visiting our updates web site below. http:\\r.aol.com\cgi\redir-complex?url=http://accountupdate1.no-ip.com We are here to serve you Steve Johnson. Billing Updates Center Acoount Updates Team. 2004 http:\\r.aol.com\cgi\redir-complex?url=http://accountupdate1.no-ip.com QG2RRDbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrPXLJ4F ---
Fw: Dirty Neighbour Teens Ejaculation movies
I think you're meant to sprinlke salt on it... :) Average Amateur Slut gushing loads The bset liar is he who makes the smalelst amount of lying go the lneogst way. A deo M,j
How to Find Osama
--- begin forwarded text From: [EMAIL PROTECTED] Date: Sun, 15 Aug 2004 15:59:11 EDT Subject: Richard Rahn's How to Find Osama (The Washington Times) To: undisclosed-recipients: ; The Washington Times www.washingtontimes.com How to find Osama By Richard W. Rahn Published August 15, 2004 Having just finished reading the report of the September 11 commission, I was shocked; shocked to learn major U.S. government bureaucracies are incompetent. Washington being Washington, most of the solutions proposed revolved around reorganizing and creating more bureaucracies. It seems not to have occurred to anyone there are market solutions for many information problems the intelligence community faces. Two examples follow. The first is the general problem of economic intelligence, and the second is using the market to find a particular someone -- Osama bin Laden. A couple of decades ago, I became aware the CIA was systematically overstating the size of the Soviet and Eastern European economies, An article I wrote about it was published in 1984. My critique, and those of others then, had no impact. At the end of the Cold War, we indeed found real per capita incomes in the Soviet Union and Eastern Europe were on average about one-third the CIA estimates. The CIA greatly overestimated the size of these countries' civilian economies because the agency overrelied on the translations of official documents and periodicals rather than have agents or embassy personnel walk about and see what goods were available at what price. This is market research. Those of us who had spent time in the former communist countries before and during the economic transition were well aware few goods in the old Soviet Union actually were available in any quantity at official prices. For example, the Soviet press might state the official price of a refrigerator was 100 rubles, but in fact there were no refrigerators available at that price. With luck, a Soviet citizen might actually have been able to find a refrigerator on the black market for 400 rubles. That there were far fewer goods at much higher prices was well known to many in the Western press and business community, but the CIA ignored much of this evidence -- I suspect partly because it would have diminished the perceived threat. Intelligence agencies should do much more contracting out. There are economic and market research firms operating in virtually every country with considerable local expertise. For the right price, they could provide the CIA much better information, at a far less cost, than it would likely obtain on its own. Using principles of market economics should not be limited to gathering economic intelligence, but greatly expanded to gathering information on weapons systems and terrorists. At some price, there is almost always someone who will reveal secrets any government might like to know -- and usually this price is far lower than other ways of seeking the information. For instance, after three years and expenditure of many tens of billions of dollars, we (i.e., the CIA and others) still have not found Osama bin Laden. A couple of years ago, the U.S. government offered a bounty of $25 million for his head. Many in Washington believe this shows bounties don't work. In fact, it shows the price was too low. Suppose we increased the bounty $5 million a month until he was brought in dead or alive. What do you think would happen? The reason $25 million has not worked is that getting bin Laden is both dangerous and expensive, and you would probably need a team to do it. So by the time you add up your expenses and divide the net amount after taxes among your team, the risk-reward ratio is not sufficiently attractive. At some price, getting bin Laden becomes attractive to many reasonably competent people, and some brave and enterprising soul would get him. At the moment, $25 million plus $5 million a month since September 11, 2001, adds up to a bounty of about $200 million. That may sound like a lot of money, but it only works out less than a dollar for each American, and we have already spent many times that sum trying to find him. I expect $200 million is a large enough pot to even induce thousands of American trial lawyers to start combing the hills of Afghanistan, like gold prospectors in California in 1849 -- and nothing could be more beneficial to the U.S. economy. Richard W. Rahn is a senior fellow of the Discovery Institute and an adjunct scholar of the Cato Institute. Copyright © 2004 News World Communications, Inc. All rights reserved. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Cyber Fears On Fed's Web Plan
http://www.nypost.com/business/18671.htm The New York Post CYBER FEARS ON FED'S WEB PLAN By HILARY KRAMER Email Archives Print Reprint August 15, 2004 -- With little fanfare, the Federal Reserve will begin transferring the nation's money supply over an Internet-based system this month - a move critics say could open the U.S.'s banking system to cyber threats. The Fed moves about $1.8 trillion a day on a closed, stand-alone computer network. But soon it will switch to a system called FedLine Advantage, a Web-based technology. Proponents say the system is more efficient and flexible. The current system is outdated, using DOS - Microsoft's predecessor to the Windows operating system. But security experts say the threat of outside access is too big a risk. The Fed is now going to be vulnerable in two distinct ways. A hacker could break in to the Fed's network and have full access to the system, or a hacker might not have complete access but enough to cause a denial or disruptions of service, said George Kurtz, co-author of Hacking Exposed and CEO of Foundstone, an Internet security company. If a security breach strikes the very heart of the financial world and money stops moving around, then our financial system will literally start to collapse and chaos will ensue. FedLine is expected to move massive amounts of money. Currently, Fedwire transfers large-dollar payments averaging $3.5 million per transaction among Federal Reserve offices, financial institutions and federal government agencies. Patti Lorenzen, a spokeswoman for the Federal Reserve, said the agency is taking every precaution. Of course, we will not discuss the specifics of our security measures for obvious reasons, she said. We feel confident that this system adheres to the highest standards of security. Without disclosing the specifics, it is important to note that our security controls include authentication, encryption, firewalls, intru sion detection and Federal Reserve conducted reviews. Ron Gula, president of Tenable Network Security and a specialist in government cyber security, said he's sure the Fed is taking every precaution. But no system is 100 percent foolproof. If the motive was to manipulate the money transferring, there are Tom Clancy scenarios where there are ways to subvert underlying technologies, Gula said. For example, a malicious programmer can put something in the Fed's network to cause the system to self-destruct or to wire them money. The biggest concern isn't the 13-year-old who hacks into the Fedwire and sends himself some money - it's terrorism. On July 22, the Department of Homeland Security released an internal report saying a cyber attack could result in widespread disruption of essential services ... damag(ing) our economy and put(ting) public safety at risk. But the Fed's undertaking of this massive overhaul is considered a necessity. Our strategy is to move to Web-based technology because there are inherent limitations with DOS based technology and our goal is to provide better and robust product offerings to meet our customers' needs, said Laura Hughes, vice president of national marketing at the Chicago Fed, which has spearheaded this program. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
MSNBC - Terrorism: Leads From a Laptop
http://www.msnbc.msn.com/id/5709166/site/newsweek/print/1/displaymode/1098/ MSNBC.com Terrorism: Leads From a Laptop Newsweek Aug. 23 issue - As frightening as the recent terror warnings about attacks on the homeland have been, U.S. intelligence officials are still stumped by one key question: did any of the plots represent live threats or had Al Qaeda shelved the plans long ago? Raids in Pakistan and Britain over the past few weeks led to a windfall of intelligence about terrorist cells, operations and tradecraft. The major bonanza was a computer and related gear seized from captured Qaeda fixer Muhammed Neem Noor Khan-who, U.S. officials tell NEWSWEEK, was in at least indirect contact with Osama bin Laden. It was from Khan's computer disks that the Feds learned about plans to attack major financial targets in New York and Washington. But intel officials also revealed that the operatives cased the potential targets more than three years ago, suggesting the plot may not have been active. What they have not disclosed, NEWSWEEK has learned, was intelligence that strongly suggested terrorists were actively planning to strike somewhere in Britain. Sources say Khan and Babar Ahmad, a cousin in London who ran pro-bin Laden Web sites, had recently exchanged messages about such an operation. The plotters apparently researched numerous targets, but none in depth, suggesting they had not made any final decision or that, in the words of a senior U.S. law-enforcement official, They were very flexible. (The method of attack is unclear.) Sources close to the case say that Ahmad-who was arrested by British authorities on a U.S. extradition warrant earlier this month-recently quit his job and moved to sell his house in South London, possibly in preparation for leaving the country. (Ahmad's lawyers failed to respond to requests for comment.) A British official acknowledged that authorities were aware of possible plots but said there is no specific identification of targets-either individuals or locations. British authorities have spent nearly two weeks questioning several other suspects, one of whom is Esa al-Hindi, the high-level Qaeda operative who is believed to have written some of the surveillance reports of financial buildings in New York and Washington that were found in Khan's computer. U.S. officials say al-Hindi is the author of a jihad recruitment book published in Birmingham, England, which describes him as a Hindu convert who once served as an instructor in an Afghan training camp. A representative of the publisher told NEWSWEEK he met al-Hindi once, and that he was short and spoke with a London accent. U.S. officials, NEWSWEEK has learned, have photos of al-Hindi that they are eager to make public and show to employees in the cased buildings, hoping to jog memories, especially about possible accomplices. But they have so far been blocked from doing so by British authorities who say such premature publicity could blow their case. British law requires that al-Hindi and other suspects be released or charged early this week-at which time the photos are likely to be released. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Cyberspace Gives Al Qaeda Refuge
http://news.yahoo.com/news?tmpl=storycid=2026u=/latimests/20040815/ts_latimes/cyberspacegivesalqaedarefugeprinter=1 Yahoo! Cyberspace Gives Al Qaeda Refuge Sun Aug 15, 7:55 AM ET By Douglas Frantz, Josh Meyer and Richard B. Schmitt Times Staff Writers ISTANBUL, Turkey - In December, Al Qaeda operatives posted a manifesto on the Internet calling for attacks inside countries allied with the United States in Iraq (news - web sites). Spain, with elections approaching, was singled out as a target. On March 11, terrorists set off bombs on four commuter trains in Madrid and killed 191 people. Three days later, Spanish voters replaced the pro-war government with a party whose leader had promised to withdraw the country's 1,300 troops from Iraq. The posting of the strategy and the timing of the Madrid bombings shocked even the most hardened Al Qaeda watchers recently when they reviewed the little-known manifesto. It's quite extraordinary in that you have a group of people talking about influencing a political process and then having it happen, said a U.S. national security official who analyzed the 54-page posting and spoke on condition that his name not be used. Reading through this thing, it is just mind-blowing. Since Osama bin Laden (news - web sites) and his followers were driven from their bases in Afghanistan (news - web sites), the Al Qaeda terrorist network has demonstrated an increasing ability to exploit the Internet as it reconfigures itself as a semi-leaderless global extremist movement far more elusive than the original incarnation. Websites run by Al Qaeda and its backers have become virtual classrooms for terrorists, offering instructions for activities such as kidnapping and using cellphones to set off bombs, like the ones used in Madrid. Independent Al Qaeda cells and the network's loose hierarchy use easily available encoding programs and simple techniques to exchange virtually undetectable messages between Internet cafes in Karachi and libraries in London. The Internet's importance to Al Qaeda was highlighted this month by the disclosure that Pakistani authorities had apprehended Mohammed Naeem Noor Khan, a suspected Al Qaeda computer engineer, and collected a wealth of electronic material. E-mail and other information from Khan's computers led to the arrests of 13 suspects in Britain and sent investigators scrambling to unravel electronic links among militants in Pakistan, Europe and the United States, British, U.S., and Pakistani authorities said. The discovery of files on financial institutions in New York and Washington among Khan's trove also played a role in prompting the Bush administration to issue a terrorist warning. Although it has long been known that Al Qaeda used the Internet to conduct reconnaissance on potential U.S. targets, the disks and hard drives taken from Khan disclose much about the resiliency and adaptability of a far-flung network hiding in plain sight, said U.S. and foreign intelligence officials and outside experts interviewed for this report. The Internet allows the organization to become a virtual self-perpetuating and changing entity in cyberspace that provides technological guidance and moral inspiration to a new generation, said Magnus Ranstorp, a counter-terrorism expert at the University of St. Andrews in Scotland. Rather than the computer whizzes often described by government officials and the press, the Al Qaeda operatives are more often people with everyday skills who have harnessed the Internet in a campaign against the United States and its allies. Even Khan, whom senior U.S. officials describe as extremely computer savvy, used skills available to many people with computer training. Over time, they developed and shared techniques to avoid detection. An Al Qaeda survival manual warned adherents not to use the same Internet cafe too many times. Messages should be written on a word processor and pasted into an e-mail to avoid keeping the computer connected to the Internet for too long, it said. The result is a changing definition not only of Al Qaeda but also of the threat from what is known as cyber-terrorism. After Sept. 11, the biggest fear of terrorists using the Internet was their potential to disable air traffic control systems or disrupt the electric power grid of the United States. Billions were spent shoring up infrastructure defense. Although those concerns remain, authorities said no incident of cyber-terrorism has been recorded and worries have receded. Instead, the discovery of the December manifesto, the arrest in Pakistan last month and the accumulation of other evidence are leading to recognition that for now, at least, cyberspace is not a weapon for Al Qaeda, but a tool - one more difficult to counter than gunmen huddled in caves and tents. James Lewis, director of technology policy at the Center for Strategic and International Studies in Washington, said one clear advantage for Al Qaeda
Want to go out this evening . She will be waiting for you right here . . ramada velar
Have a blast this evening "For less than the cost of gas youll be able to visit all of our lon e ly ladies. They're are ready and ready now. This this the top alternative dating site for 2004. We will never stop growing and always hope you will check out what an amazing serv ice we're providing our custo mers. Enjoy." This is the place where youll find that person you want Put that addr.ess below into your browser using copy and pa ste. www.avonpzrkzeaidbgvuecsie.strogerz.info/p/4/ sturgeon lineup glutamine copeland craftspeople boatman. fourteen agrimony de towboat. bruckner rex eminent trustworthy. not again http://isdoyjfnefqp.forlathe.info/goodbye/
Discover the Details about Money Debt. Use it for your benefit
Say good riddance to your card balances. Bring the calls to a dead halt using legal methods. This wont spoil your Cr. ratings. To learn more press to stop receiving or not send to postal center slot 1200 b, Or anje stad, A ruba Good-by! MrsJoslyn, with a scream of terror, hid her face in her hands He'll break his neck! cried the astounded father, tipping back his head to look after his departing son
Did you decide yet?
Wish you had a college degree? No tests, books, or classes needed We offer bachelors, masters, doctorate degrees in many different available fields Make a change in your life, don't put off your future any longerCall for more information: (1) 801 469 9957
Final Notice: Payment Due
Wish you had a college degree? No tests, books, or classes needed We offer bachelors, masters, doctorate degrees in many different available fields Make a change in your life, don't put off your future any longerCall for more information: (1) 801 469 9957
Hey sorry about the late response..
Want more earning power? How about a degree? No tests, books, or classes ever needed We can offer you a bachelors, or masters, or even doctorate degree in many different available fields Stop wasting your life and make the call today!Call for more information: (1) 801 469 9957
L@@KTWO DOLLARS and YOURE INL@@K
The One Dollar Money Machine! This is NOT SPAM. You Agreed to receive a message from me and my other fellow PRO FFA Page owners when posting your link to MyWayFFA Network. Hello, This program is a good little money maker for me and has the potential to be a great money maker in the future. The more people you get to come to your site, the more money you make. (and these people don't even have to buy anything!) Come to my site and see how this works! So, are you ready to get unlimited $1 deposits? You have come to the right place. Over 500,000 people view this site every week, and get $1 unlimited times, and FOREVER! Join our system and start receiving unlimited $1 deposits forever! Our system is unique. We are the only true randomizing affiliate system on the internet... DollarBuddy.com is more like a global electronic share-holding corporation than just a simple randomizer, where the work load is minimal. Profit is easy, logical, legal, and plentiful. You need to do absolutely no advertising, and you can also view detailed statistics in your member section, if we miss a payment, we will pay it twice. This money machine works without even lifting a finger. http://www.dollarbuddy.com/[EMAIL PROTECTED] By becoming a DollarBuddy.com member you will receive access to our full featured member area with hundreds of dollars worth of eBooks and software which we have purchased resale rights to. You may resell this software anytime for any price to earn extra profit! This list is updated weekly as we find titles that are good enough for our members.
The New Digital Media: You Might Have It, But Not Really Own It
Anyone who knows about cryptography quickly comes to the conclusion that if it's encrypted, and I have the key it's *my* property. It doesn't matter what the lawyers say -- or even the guys they hire with guns at your friendly local geographic force monopoly. :-). Now if we can figure out a way to pay for that property cheap enough that nobody *cares* who owns it, as long as they get paid... Cheers, RAH --- http://online.wsj.com/article_print/0,,SB109260940215891895,00.html The Wall Street Journal August 16, 2004 PORTALS The New Digital Media: You Might Have It, But Not Really Own It By NICK WINGFIELD Staff Reporter of THE WALL STREET JOURNAL August 16, 2004 Buying music used to be simple: You coughed up $14 or so for a CD, and as long as you didn't bootleg it or charge crowds of people to listen to it, the music was yours. The Internet and other technologies are changing all that, opening up a slew of new options for purchasing entertainment, be it music or movies or games. That's a good thing. The not-so-good thing is that in the next few years, the sheer number and complexity of those new options are likely to bewilder many consumers. You may no longer be able to own a movie or own a CD, at least in the sense those phrases have been used. Instead, you will merely have rights to the content, enforced by technology. Those rights might change over time, even at the whim of the music or movie company you get them from. The technology allowing all this is called digital-rights management, or DRM. It's a kind of invisible software lock securely bolted onto a song or movie. Being software, it's a very flexible sort of lock. A music label, for example, might let you download a song free and then listen to it for a day, but then require you to pay up to keep on listening. For a taste of what DRM might bring, check out Apple Computer's iTunes Music Store, which sells songs for 99 cents. ITunes comes with a DRM system that prevents customers from playing those songs on more than five computers, or burning more than seven identical lists of songs onto CDs. (Before you can play a song on a sixth computer, you need to use the DRM software to de-authorize it from one of the first five machines.) Of course, no such technical limits exist on normal music CDs, though recording companies, especially in Europe, are experimenting with restrictions. Some iTunes users are grumbling. In June, science-fiction writer Cory Doctorow gave a talk critical of DRM technology in which he related how he hit Apple's limit on the number of computers he could play his music on -- three machines at the time. One computer was in the shop, another was at his parents' house and a third was a defective machine he had returned to Apple -- without first remembering to de-authorize his music on it so he could play it on another machine. As a result, Mr. Doctorow said he was unable to listen to hundreds of dollars worth of music. Apple says such problems aren't common, especially since the company upped its computer limit to five in April. But that change itself was a lesson in the power of DRM: Apple's increase was retroactive, and applied to all songs, not just those purchased after the change took effect. In this case, Apple gave users more liberal rights. (It also curbed some types of CD burning, but the change didn't apply to previously purchased music.) However, there's nothing preventing Apple from making its DRM retroactively more restrictive -- though the company says that's unlikely. Apple set up the iTunes DRM as a way of getting the big labels -- badly burned by the original Napster -- comfortable with music online. It deserves credit for helping legalize digital music: iTunes has had more than 100 million downloads. And even with the restrictions, iTunes customers more or less own their music once they've bought it. By contrast, consumers only rent music at subscription services like RealNetworks's Rhapsody, which typically charge a $10 or so monthly fee for playing as much music as customers want. The catch: Rhapsody subscribers can play their songs only on their PCs, not portable audio players, and only as long as they keep paying their monthly bills. That's the main reason these rental sites haven't done as well as iTunes. (By the end of this year, a new version of Microsoft's DRM will allow subscription users to transfer content to portable players.) It's not just Internet music that's getting more complicated. Most of today's movie DVDs contain restrictions that prevent users from copying them, or playing them in a different geographic region from where they are bought. But Hollywood studios, along with technology and consumer electronic companies, are working on a new generation of DVDs that will, in addition to holding more data for high-definition movies, also have a much more flexible DRM. As a result, different studios might end up imposing different DVD restrictions. You may, for
You can eliminate spouse's separate card accounts along with your own!
Say Goodbye to your card payments. They will no longer call you about your late payment. No Damage to your ratings history. To learn more press to stop receiving or not send to postal center slot 1200 b, Or anje stad, A ruba So he set the indicator to that point and began gliding swiftly toward the southeastHe now remembered that it was twenty-four hours since he had eaten the first electrical tablet As he rode through the air he consumed another
Trust no one: backdoored CPUs
We worried about compromized OSes, BIOSes, read last week about a PNG library bug that lets images run buffer exploits, now CPUs can be backdoored: From Scheier's Crypto-gram: Here's an interesting hardware security vulnerability. Turns out that it's possible to update the AMD K8 processor (Athlon64 or Opteron) microcode. And, get this, there's no authentication check. So it's possible that an attacker who has access to a machine can backdoor the CPU. http://www.realworldtech.com/forums/index.cfm?action=detailPostNum=252 7Thread=1entryID=35446roomID=11 or http://tinyurl.com/43kod
Re: Trust no one: backdoored CPUs
On Sun, 15 Aug 2004, Major Variola (ret) wrote: We worried about compromized OSes, BIOSes, read last week about a PNG library bug that lets images run buffer exploits, now CPUs can be backdoored: From Scheier's Crypto-gram: Here's an interesting hardware security vulnerability. Turns out that it's possible to update the AMD K8 processor (Athlon64 or Opteron) microcode. And, get this, there's no authentication check. So it's possible that an attacker who has access to a machine can backdoor the CPU. http://www.realworldtech.com/forums/index.cfm?action=detailPostNum=252 7Thread=1entryID=35446roomID=11 or http://tinyurl.com/43kod Old news. The ability to update CPU microcode has been around (publicly) since the Pentium Pro. I have no proof (other than vague memories), but I believe this was around even earlier on some of the more archaic CPU lines in the middle 80's. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Children of criminals to be 'targeted' and 'tracked'
http://news.independent.co.uk/low_res/story.jsp?story=551894host=3dir=62 The Independent Children of criminals to be 'targeted' and 'tracked' By Marie Woolf ,Chief Political Correspondent 16 August 2004 Children of criminals to be 'targeted' and 'tracked' Hazel Blears: Shedding new light on the old cops-and-robbers story Bruce Anderson: Blunkett and Howard are right to focus on the collapse of order and rising crime? Children of criminals are to be targeted and tracked from an early age by the Government to prevent them following their parents into a life of crime, as part of a campaign to tackle the next generation of offenders. In an offensive on youth crime, a programme to prevent 125,000 children whose fathers are in prison from joining them in jail, is being planned by the Home Office. In an interview with The Independent, Hazel Blears, the Policing minister, says she is optimistic that tracking and targeting can help prevent children becoming criminals like their parents. Studies showed that children with criminal fathers and under-achievers who grow up in local authority care have a significant chance of turning to crime themselves. About 125,000 kids have got a dad in prison. That's a huge risk factor. Something like 65 per cent of those kids will end up in prison themselves, she said. We need to track the children who are most at risk. We can predict the risk factors that will lead a child into offending behaviour. However, she is aware the plan, based on research showing children of criminals are far more likely to end up in jail than their peers, may lead to accusations they are being unfairly singled out. I don't think it is stigmatising those children by targeting them, she said. You can intervene at an early age and say 'your life can be different and we will help you and your parents make your life different.' Let's put the support in as early as we can. The Policing minister has been in talks with Margaret Hodge, the minister for Children, about an early intervention scheme to prevent children of burglars, muggers, and gangsters from breaking the law. She wants to use methods used in Labour's Sure Start programme for under-fives in deprived areas to give extra support to children from criminal backgrounds. Children would be tracked by the authorities from the time they are in nappies to their teenage years with extra support and help to nip disruptive behaviour in the bud. One study showed that the most violent offenders began to display bad behaviour as young as six. Another study which tracked children into adult life found under-controlled children who exhibited disruptive behaviour at the age of three were four times more likely to be convicted of violent offences. If you can tackle the 125,000 kids with dads in jail by providing extra support and help there's a chance, Ms Blears said. Teenagers with criminal fathers would be monitored and offered extra support at school and by social services as well as being introduced to sport, drama and other after-school activities. You can get the parents into parenting classes. We can get some of the older kids involved in arts, sports drama. Give them something to succeed at. If you go to school every day and everybody tells you you are rubbish you are never going to succeed, she said. Ms Blears also wants to see a crackdown on violence and bullying in schools. Studies show classroom bullies are more likely to be involved in muggings, car theft and attacks outside school. I don't think you can afford to let it go. It's a bit like zero tolerance, she said. The judicial system should help offenders, including drug addicts who rob to fuel their habit, to change their ways. But if they refuse to change, the police should provide a hostile environment for them. We will help you change your life but if you want to go back to robbing we will be on your doorstep, she said. Meanwhile, children up to the age of five are to be kept in prison with their mothers at Cornton Vale, near Stirling, it emerged yesterday. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Extended auto warranty to save on repairs
Cypherpunks Mon, 16 Aug 2004 03:20:24 -0400 No time for a breakdown? We cover most vehicles with less than 150,000 miles on the odometer. http://vautowarranty.net/?partid=s25 Future reference options: http://vautowarranty.net/st.html strive erlenmeyer recovery chordate codomain chromium duly benthic oakwood sophisticate ammeter jimenez mist doubleton afferent cohomology effluvium peaceful columbia dwarf controllable starling
(no subject) LIDWMU
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Sunday, August 15, 2004 at 20:57:08 --- : Get A Free IPOD With Out Paying A Single Dime!! If you didnt know what a IPOD is well let me tell you. Its a small portable music player that holds over 1,000 songs. In stores it costs well over 350$ and all you have to do is go to this link http://freeipod.com.au.tt and follow the 3 easy steps. Enjoy ur Free IPOD =) NC66EPbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrXWXKAI ---
Israelis voting for Bush defeated Gore
Contrary to widespread belief, it was more likely American voters in Israel, not Florida, who put George W. Bush in the White House four years ago a phenomenon that has Kerry's supporters in Israel vowing to do whatever it takes to make certain that doesn't happen again in November. Those who doubt that Americans living abroad could tip the balance in 2004 might consider this: Various chads aside, Al Gore (news - web sites) received 202 more votes than George W. Bush on Election Day 2000 in Florida. Only after all the overseas votes were counted, including more than 12,000 from Israel alone, was Bush's election victory certified. The margin was 537 votes. ... But in the 2000 presidential election, Zober points out, it made no difference how Israeli immigrants from New York voted. All that mattered was how expatriates from Florida cast their ballots. Israel is home to roughly 6,000 former Floridians expatriates who tend to be more conservative than Jewish voters in New York and many of whom voted for Bush in the last election, Zober said. http://news.yahoo.com/news?tmpl=storyu=/ap/20040815/ap_on_el_ge/election_the_overseas_factor
listagem de e-mails
Mais Emails, venda online de listas de email, fazemos mala direta e propaganda de sua empresa ou negócio para milhões de emails. Temos listas de email Mala Direta, Mala-Direta, Cadastro de Emails, Lista de Emails, Mailing List, Milhões de Emails, Programas de Envio de Email, Email Bombers, Extratores de Email, Listas Segmentadas de Email, Emails Segmentados, Emails em Massa, E-mails http://www.promonet.mx.gs Temos listas de email Mala Direta, Mala-Direta, Cadastro de Emails, Lista de Emails, Mailing List, Milhões de Emails, Programas de Envio de Email, Email Bombers, Extratores de Email, Listas Segmentadas de Email, Emails Segmentados, Emails em Massa, E-mails http://www.promonet.mx.gs
Re: Israelis voting for Bush defeated Gore
On Sun, 15 Aug 2004, Major Variola (ret) wrote: 2000 in Florida. Only after all the overseas votes were counted, including more than 12,000 from Israel alone, was Bush's election victory certified. Yet another reason to nuke Israel. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Final Notice
Want more earning power? How about a degree? No tests, books, or classes ever needed We can offer you a bachelors, or masters, or even doctorate degree in many different available fields Stop wasting your life and make the call today!Call for more information: (1) 801 469 9957
Re: yes, they look for stego, as a Hacker Tool
At 02:43 AM 8/15/04 +0200, Thomas Shaddack wrote: On Sat, 14 Aug 2004, Major Variola (ret) wrote: It was disturbing that, as the bottom fell out of telecom, and handsets became commoditized, faceplates and ringtones were highly profitable. Faceplates are at least made of atoms. There are several lessons there, from economic to sociobiological (if there's a difference), none of which are terribly pleasing in my aesthetic. Care to elaborate further, please? I found it troubling that the tech was becoming commoditized, since this disturbs the innovation that I find attractive. OTOH cheap products are nice. And commoditization is the end-game for tech anyway. Selling ringtones (static bits, not even a service) struck me as oldschool as selling music, enforced in this case by proprietary cellphone standards. That personalization features were lucrative I found to be a comment on human nature. Or human-teens' nature. Since I tend to have an engineer's aesthetic, which I take to be fairly spartan/functional, as well as believing that personalization should be done by the person desiring it, I found mass-market faceplates kind of silly. But then I don't own any Nike baseball caps or Coke t-shirts to express myself. I am un-Amerikan, clearly. There is something I clearly don't get. Herd mentality, perhaps. Besides, the phones should be covered in conformal photocells to trickle charge them. Fortunately the whole PDA vs. cell vs. camera vs GPS vs. smartcard vs MP3 player vs. email-pager etc bat-belt [1] frenzy will resolve in a few years, and perhaps some of the Linux based solutions will not be involuntary citizen-tracking devices and will support privacy of data stored, and in transit, including voice data. And free ring tones :-) All that's needed is one of the hardware-selling companies to start the process, making money off the atoms, and possibly Sharp's Zaurus (?) already has? Or buy an Enfora Enabler GSM/GPRS module, add a Gumstix module with built-in bluetooth, slap in a suitable display and keyboard, eventually add a GPS receiver, and we're set. All features and security modes we can imagine, and then some. I liked the Handspring's modularity, but don't know how they did in the marketplace. I do think that the cell makers have a decent enough market share to take over the PDA/camera/email etc. market, and they know that and are working on it. I read recently that in 5 years only pros will own digital cameras that do nothing else. Similarly with GPS, PDAs, MP3 renderers recorders, calculators, authentication tokens, smart cards, etc. How much extra does a hifi audio ADC or DAC cost than an 8 Khz telecom one? Why not let users see their location, even if its only triangulated and not satellite based? Non-volitile memory is only getting cheaper, smaller, with less power requirements or awkward properties like page-based access. Preventing spatial tracking is difficult though, as we're dependent on the cellular network for staying online. Though if the given area has wifi mesh coverage, it could be easier. (And if the device becomes widely popular, the handsets can serve as mesh nodes themselves - but that's a song of rather far future.) Yes, but a nice Heinleinian corollary. Perhaps there's a biz model in buying a 3-D color prototyping machine for $40K and setting up a custom faceplate biz for the integrated gizmo of the near future. Hmm, with freedom-enabling software being distributed on the side, it sounds like a Heinlein novel... Why not? :) Isn't the main purpose of science-fiction (at least its certain kinds) to be the inspiration for the future? On the other hand, perhaps it's cheaper to just get a bulk supply of blank faceplates and hire an artist with an airbrush and a talent. It's also possibly easier (and cheaper) to make the parts in more classical way, eg. by casting them from resin. The rapid prototyping machines so far usually don't provide parts that are both nice-looking, accurate, and with suitable mechanical properties at once. I was thinking there are too many models to keep the things in stock on a little beachside storefront; and you could add custom textures with a prototyping machine. Its also possible I'm enamoured of 3D printers which have no place right now in making consumer products. [1] Batman (tm) wore a belt with too many gizmos. Some widget-fetishist friends/early adopters are similarly afflicted. There is nothing like too many gizmos! (Well, you could call such situation almost enough, but never too many.) Aesthetics and convenience. OTOH when your Everything Gizmo dies, you are seriously out of luck. Much like when your combo fax/printer/copier/scanner power supply dies, you have zero functionality, instead of the degraded functionality you'd have if each were a separate machine. And sometimes the integrated gizmo does nothing very well, eg early cell-phone cameras. But integration (done well, and
Apparently one can spell Snake Oil in Capital Letters, too (Re: CRYPTO-GRAM, August 15, 2004)
At 11:26 PM -0500 8/14/04, Bruce Schneier wrote: From: Ken Lavender [EMAIL PROTECTED] Subject: ICS Atlanta I am APPAULED at your comments that you had made on your website: http://www.schneier.com/crypto-gram-0407.html#9 You have statements are nothing but slander defamation. They shall be dealt with accordingly. Lie #1: How do they demonstrate Tree's security? 'Over 100 professionals in mathematics in computer science at Massachusetts Institute of Technology at Georgia Tech, had sample encoded messages submitted to them. Not a single person could break this code!' That is not the ONLY way we prove it. We have examples offer to allow people to submit their OWN messages to have encoded to SEE how good the code is. So there are THREE methods, NOT just ONE as you IMPLY. Lie #2: These guys sent unsolicited e-mails... HOW do you KNOW that this was the case? Have any PROOF of such? NO! Lie #3: And if all that isn't enough to make you run screaming from these guys, their website proudly proclaims: 'Tree Encoded Files Can Be Zipped.' Because they can be zipped does NOT mean that it is bad encoding. The code talkers of ww2 used LANGUAGE to code the messages, and THOSE COULD BE ZIPPED!!! And that code was NEVER BROKEN!!! Lie #4: That's right; their encryption is so lousy that the ciphertext doesn't even look random. AGAIN, HOW would you KNOW??? Did you break it? NO! And what is random??? random : without definite aim, direction, rule, or method So lousy? HOW WOULD YOU KNOW??? You would have to KNOW how we encode BEFORE you can make such a statement, YOU DO NOT KNOW HOW!!! If it is SO LOUSY, how come NOBODY HAS BROKEN IT YET??? And we have people ALL THE TIME trying to, with ZERO SUCCESS. I do not like you slandering something that you do not understand. ATALL!!! The ONLY question you asked was how long is the key AND THAT WAS IT! HOW long was the key that the 'code talkers' used? ZERO!!! JUST AS OUR IS. The encoding routine was created, tested, verified on PAPER PENCIL WITHOUT COMPUTERS! A child could encode data using our routine. The computer is merely used to speed-up the process, NOT TO CREATE IT. Our routine is based on LANGUAGE, NOT MATH. So all of you comments are just false, misleading just plain ole lies! SHOW PROVE that it is NOT random. What is the PATTERN THEN??? I am DEMANDING A FULL RETRACTION OF YOUR COMMENTS A FULL, COMPLETE APOLOGY TO THESE AND ALL STATEMENTS. I am a person who tries to work with people as a man w/o having to drag others into the mess. Others? THE COURTS. You have violated Calf law by your statements. [Text of California Civil Code Section 46 deleted.] Your LIES have damaged my respect in my job has damaged any sales of this routine. You have ZERO proof of your comments, ANY OF THEM!!! I beseech of you, do the RIGHT THING and comply. I DO NOT wish to escalate this matter any higher. And remember this, Tree is based on LANGUAGE, NOT MATH! [Phone number deleted out of mercy.] -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: yes, they look for stego, as a Hacker Tool
At 05:30 AM 8/14/04 +0200, Thomas Shaddack wrote: On Fri, 13 Aug 2004, Major Variola (ret) wrote: Even if you map a particular hash into one of a million known-benign values, which takes work, there are multiple orthagonal hash algorithms included on the NIST CD. (Eg good luck finding values that collide in MD5 SHA-1 SHA-256 simultaneously!) Argh. You misunderstood me. I don't want to find hash collisions, to create a false known hash - that is just too difficult. I want to make every file in the machine recognized as unidentifiable. No, I understood this. In a later post it was brought up that this is essentially watermarking your content with a unique ID, which can be bad for P2P tracing purposes. So I was suggesting that by using a finite set of 'watermarks' one could avoid essentially embedding a unique label to one's copy of some content, at some cost in Cycles. The signature busting of MP3s has a disadvantage, though: makes their sharing back to the P2P pool more difficult, and a lot of programs relying on their hash (emule, Kazaa(?),...) instead of their file name will consider them a different file, which causes problems with multisource download (though the problem won't be on your side). True. But I've found some manual intervention to be required anyway, sometimes you find a few copies of the same content stored as independent files due to slight differences in naming or truncation. Sorta like the National Forests... resource of many uses... may as well include a mixmaster payload in that worm :-) which also provides some other overt free benefit like antivirus or anti-helmetic or defrag or game or bayesian spamfilter or chat or screensaver or anon remailing client or free ringtone :-) Free ringtones. Good attractant these days. I tend to forget about them as I tend to shun fancy tones - telephones should have a distinctive ring but distinctive does not have to mean orchestral. But apparently there are large sets of people who like it. Weird... It was disturbing that, as the bottom fell out of telecom, and handsets became commoditized, faceplates and ringtones were highly profitable. Faceplates are at least made of atoms. There are several lessons there, from economic to sociobiological (if there's a difference), none of which are terribly pleasing in my aesthetic. Fortunately the whole PDA vs. cell vs. camera vs GPS vs. smartcard vs MP3 player vs. email-pager etc bat-belt [1] frenzy will resolve in a few years, and perhaps some of the Linux based solutions will not be involuntary citizen-tracking devices and will support privacy of data stored, and in transit, including voice data. And free ring tones :-) All that's needed is one of the hardware-selling companies to start the process, making money off the atoms, and possibly Sharp's Zaurus (?) already has? Perhaps there's a biz model in buying a 3-D color prototyping machine for $40K and setting up a custom faceplate biz for the integrated gizmo of the near future. Hmm, with freedom-enabling software being distributed on the side, it sounds like a Heinlein novel... [1] Batman (tm) wore a belt with too many gizmos. Some widget-fetishist friends/early adopters are similarly afflicted.
[osint] FBI Warns Storage Unit Operators
--- begin forwarded text To: Bruce Tefft [EMAIL PROTECTED] Thread-Index: AcSAr6Y/Mj9PmYHqQZO/G2/Eo29FYgAgaLTg From: Bruce Tefft [EMAIL PROTECTED] Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] Date: Fri, 13 Aug 2004 08:30:35 -0400 Subject: [osint] FBI Warns Storage Unit Operators Reply-To: [EMAIL PROTECTED] FBI Warns Storage Unit Operators Terrorist alert is extended to self-storage units Joyce Lavoy is a manager for South Toledo Self Storage. Lavoy says she was stunned when an FBI agent walked into her office and told her to be on the lookout for possible terrorist activity. Local FBI agents are visiting about 350 storage places in 19 northwest Ohio communities, including Toledo, Lucas County, and Sandusky. They're handing out alerts to owners and employees on potential terrorist activity in storage facilities. Federal sources tell 13 Action News in the past, terror suspects have been known to use storage units to devise their plans. Everytime Joyce Lavoy unlocks an empty storage unit and lifts the door, she's looking for the warning signs of possible terrorist activity. Lavoy has worked in the storage business for five years. She says she's never had an FBI agent walk into her office. I thought there was someone renting a storage unit he was looking for. That wasn't the case. Lavoy says FBI agents wanted to put managers on alert that terrorists have been known to store and mix deadly chemicals in storage units. The FBI alert cautions storage owners and employees to be on the lookout for: suspicious people who visit the storage facility late at night or at unusual times. unusual fumes, liquids, residues or odors emanating from their storage unit. explosives, blasting caps, fuses, weapons, and ammunition. flight manuals or other similar materials. Lavoy says security cameras are in place and she's taking extra trips around the building with her employees looking for anything suspicious. Source: _http://abclocal.go.com/wtvg/news/811_storageunits.html_ (http://abclocal.go.com/wtvg/news/811_storageunits.html) This information is provided by PURE PURSUIT as a service to members of the Military and Air Defense Community with the purpose of offering relevant and timely information on defense, aviation, emergency, law enforcement and terrorism issues. Posts may be forwarded to other individuals, organizations and lists for non-commercial purposes. For new subscriptions please send an e-mail with Pure Pursuit in the subject line to Nena Wiley at : [EMAIL PROTECTED] Yahoo! Groups Sponsor ~-- Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/TySplB/TM ~- -- Want to discuss this topic? Head on over to our discussion list, [EMAIL PROTECTED] -- Brooks Isoldi, editor [EMAIL PROTECTED] http://www.intellnet.org Post message: [EMAIL PROTECTED] Subscribe:[EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: yes, they look for stego, as a Hacker Tool
On Sat, 14 Aug 2004, Major Variola (ret) wrote: Argh. You misunderstood me. I don't want to find hash collisions, to create a false known hash - that is just too difficult. I want to make every file in the machine recognized as unidentifiable. No, I understood this. In a later post it was brought up that this is essentially watermarking your content with a unique ID, which can be bad for P2P tracing purposes. So I was suggesting that by using a finite set of 'watermarks' one could avoid essentially embedding a unique label to one's copy of some content, at some cost in Cycles. We can also periodically reuniquize the shared files, in some sane period, say every weekend. (That pollutes the shared-files pool with a lot of almost-the-same copies, diminishing the advantage of multisource download. So perhaps is it better to just use encrypted data storage and anonymized P2P network, and keep uniquicity only of the system executables?) on their hash (emule, Kazaa(?),...) instead of their file name will consider them a different file, which causes problems with multisource download (though the problem won't be on your side). True. But I've found some manual intervention to be required anyway, sometimes you find a few copies of the same content stored as independent files due to slight differences in naming or truncation. Yes. However, depending on the system, same files (with the same hash) differing only by name will look as a single file (eg. edonkey or WinMX). Other systems, depending on the file name only (eg. OpenNap), will show files with different names as different, even if identical inside. It was disturbing that, as the bottom fell out of telecom, and handsets became commoditized, faceplates and ringtones were highly profitable. Faceplates are at least made of atoms. There are several lessons there, from economic to sociobiological (if there's a difference), none of which are terribly pleasing in my aesthetic. Care to elaborate further, please? Fortunately the whole PDA vs. cell vs. camera vs GPS vs. smartcard vs MP3 player vs. email-pager etc bat-belt [1] frenzy will resolve in a few years, and perhaps some of the Linux based solutions will not be involuntary citizen-tracking devices and will support privacy of data stored, and in transit, including voice data. And free ring tones :-) All that's needed is one of the hardware-selling companies to start the process, making money off the atoms, and possibly Sharp's Zaurus (?) already has? Or buy an Enfora Enabler GSM/GPRS module, add a Gumstix module with built-in bluetooth, slap in a suitable display and keyboard, eventually add a GPS receiver, and we're set. All features and security modes we can imagine, and then some. Preventing spatial tracking is difficult though, as we're dependent on the cellular network for staying online. Though if the given area has wifi mesh coverage, it could be easier. (And if the device becomes widely popular, the handsets can serve as mesh nodes themselves - but that's a song of rather far future.) Perhaps there's a biz model in buying a 3-D color prototyping machine for $40K and setting up a custom faceplate biz for the integrated gizmo of the near future. Hmm, with freedom-enabling software being distributed on the side, it sounds like a Heinlein novel... Why not? :) Isn't the main purpose of science-fiction (at least its certain kinds) to be the inspiration for the future? On the other hand, perhaps it's cheaper to just get a bulk supply of blank faceplates and hire an artist with an airbrush and a talent. It's also possibly easier (and cheaper) to make the parts in more classical way, eg. by casting them from resin. The rapid prototyping machines so far usually don't provide parts that are both nice-looking, accurate, and with suitable mechanical properties at once. [1] Batman (tm) wore a belt with too many gizmos. Some widget-fetishist friends/early adopters are similarly afflicted. There is nothing like too many gizmos! (Well, you could call such situation almost enough, but never too many.)
RPOW - Reusable Proofs of Work
I'd like to invite members of this list to try out my new hashcash-based server, rpow.net. This system receives hashcash as a Proof of Work (POW) token, and in exchange creates RSA-signed tokens which I call Reusable Proof of Work (RPOW) tokens. RPOWs can then be transferred from person to person and exchanged for new RPOWs at each step. Each RPOW or POW token can only be used once but since it gives birth to a new one, it is as though the same token can be handed from person to person. Because RPOWs are only created from equal-value POWs or RPOWs, they are as rare and valuable as the hashcash that was used to create them. But they are reusable, unlike hashcash. The new concept in the server is the security model. The RPOW server is running on a high-security processor card, the IBM 4758 Secure Cryptographic Coprocessor, validated to FIPS-140 level 4. This card has the capability to deliver a signed attestation of the software configuration on the board, which any (sufficiently motivated) user can verify against the published source code of the system. This lets everyone see that the system has no back doors and will only create RPOW tokens when supplied with POW/RPOW tokens of equal value. This is what creates trust in RPOWs as actually embodying their claimed values, the knowledge that they were in fact created based on an equal value POW (hashcash) token. I have a lot more information about the system at rpow.net, along with downloadable source code. There is also a crude web interface which lets you exchange POWs for RPOWs without downloading the client. This system is in early beta right now so I'd appreciate any feedback if anyone has a chance to try it out. Please keep in mind that if there are problems I may need to reload the server code, which will invalidate any RPOW tokens which people have previously created. So don't go too crazy hoarding up RPOWs quite yet. Thanks very much - Hal Finney
The New Digital Media: You Might Have It, But Not Really Own It
Anyone who knows about cryptography quickly comes to the conclusion that if it's encrypted, and I have the key it's *my* property. It doesn't matter what the lawyers say -- or even the guys they hire with guns at your friendly local geographic force monopoly. :-). Now if we can figure out a way to pay for that property cheap enough that nobody *cares* who owns it, as long as they get paid... Cheers, RAH --- http://online.wsj.com/article_print/0,,SB109260940215891895,00.html The Wall Street Journal August 16, 2004 PORTALS The New Digital Media: You Might Have It, But Not Really Own It By NICK WINGFIELD Staff Reporter of THE WALL STREET JOURNAL August 16, 2004 Buying music used to be simple: You coughed up $14 or so for a CD, and as long as you didn't bootleg it or charge crowds of people to listen to it, the music was yours. The Internet and other technologies are changing all that, opening up a slew of new options for purchasing entertainment, be it music or movies or games. That's a good thing. The not-so-good thing is that in the next few years, the sheer number and complexity of those new options are likely to bewilder many consumers. You may no longer be able to own a movie or own a CD, at least in the sense those phrases have been used. Instead, you will merely have rights to the content, enforced by technology. Those rights might change over time, even at the whim of the music or movie company you get them from. The technology allowing all this is called digital-rights management, or DRM. It's a kind of invisible software lock securely bolted onto a song or movie. Being software, it's a very flexible sort of lock. A music label, for example, might let you download a song free and then listen to it for a day, but then require you to pay up to keep on listening. For a taste of what DRM might bring, check out Apple Computer's iTunes Music Store, which sells songs for 99 cents. ITunes comes with a DRM system that prevents customers from playing those songs on more than five computers, or burning more than seven identical lists of songs onto CDs. (Before you can play a song on a sixth computer, you need to use the DRM software to de-authorize it from one of the first five machines.) Of course, no such technical limits exist on normal music CDs, though recording companies, especially in Europe, are experimenting with restrictions. Some iTunes users are grumbling. In June, science-fiction writer Cory Doctorow gave a talk critical of DRM technology in which he related how he hit Apple's limit on the number of computers he could play his music on -- three machines at the time. One computer was in the shop, another was at his parents' house and a third was a defective machine he had returned to Apple -- without first remembering to de-authorize his music on it so he could play it on another machine. As a result, Mr. Doctorow said he was unable to listen to hundreds of dollars worth of music. Apple says such problems aren't common, especially since the company upped its computer limit to five in April. But that change itself was a lesson in the power of DRM: Apple's increase was retroactive, and applied to all songs, not just those purchased after the change took effect. In this case, Apple gave users more liberal rights. (It also curbed some types of CD burning, but the change didn't apply to previously purchased music.) However, there's nothing preventing Apple from making its DRM retroactively more restrictive -- though the company says that's unlikely. Apple set up the iTunes DRM as a way of getting the big labels -- badly burned by the original Napster -- comfortable with music online. It deserves credit for helping legalize digital music: iTunes has had more than 100 million downloads. And even with the restrictions, iTunes customers more or less own their music once they've bought it. By contrast, consumers only rent music at subscription services like RealNetworks's Rhapsody, which typically charge a $10 or so monthly fee for playing as much music as customers want. The catch: Rhapsody subscribers can play their songs only on their PCs, not portable audio players, and only as long as they keep paying their monthly bills. That's the main reason these rental sites haven't done as well as iTunes. (By the end of this year, a new version of Microsoft's DRM will allow subscription users to transfer content to portable players.) It's not just Internet music that's getting more complicated. Most of today's movie DVDs contain restrictions that prevent users from copying them, or playing them in a different geographic region from where they are bought. But Hollywood studios, along with technology and consumer electronic companies, are working on a new generation of DVDs that will, in addition to holding more data for high-definition movies, also have a much more flexible DRM. As a result, different studios might end up imposing different DVD restrictions. You may, for
Trust no one: backdoored CPUs
We worried about compromized OSes, BIOSes, read last week about a PNG library bug that lets images run buffer exploits, now CPUs can be backdoored: From Scheier's Crypto-gram: Here's an interesting hardware security vulnerability. Turns out that it's possible to update the AMD K8 processor (Athlon64 or Opteron) microcode. And, get this, there's no authentication check. So it's possible that an attacker who has access to a machine can backdoor the CPU. http://www.realworldtech.com/forums/index.cfm?action=detailPostNum=252 7Thread=1entryID=35446roomID=11 or http://tinyurl.com/43kod
Re: Trust no one: backdoored CPUs
On Sun, 15 Aug 2004, Major Variola (ret) wrote: We worried about compromized OSes, BIOSes, read last week about a PNG library bug that lets images run buffer exploits, now CPUs can be backdoored: From Scheier's Crypto-gram: Here's an interesting hardware security vulnerability. Turns out that it's possible to update the AMD K8 processor (Athlon64 or Opteron) microcode. And, get this, there's no authentication check. So it's possible that an attacker who has access to a machine can backdoor the CPU. http://www.realworldtech.com/forums/index.cfm?action=detailPostNum=252 7Thread=1entryID=35446roomID=11 or http://tinyurl.com/43kod Old news. The ability to update CPU microcode has been around (publicly) since the Pentium Pro. I have no proof (other than vague memories), but I believe this was around even earlier on some of the more archaic CPU lines in the middle 80's. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
