susbscribe
Standards for Efficient Cryptography Group (SECG) Announce New Initiatives
http://www.newswire.ca/en/releases/archive/February2005/09/c2130.html?view=print Canada NewsWire Group CERTICOM CORP. Attention Business Editors: Standards for Efficient Cryptography Group (SECG) Announce New Initiatives Elliptic Curve Cryptography protocol test site and test certificate authority to promote interoperability and facilitate faster time to-market MISSISSAUGA, ON, Feb. 9 /CNW/ - Two new initiatives being spearheaded by the Standards for Efficient Cryptography Group (SECG) will help developers quickly and effectively test elliptic curve cryptography (ECC)-based implementations to facilitate faster time-to-market, according to Certicom, a founding member of SECG. Announced today, an ECC protocol test site and certificate authority (CA) will be available to SECG members in the spring of 2005. The SECG, an industry consortium, was founded in 1998 to develop commercial standards that facilitate the adoption of efficient cryptography and interoperability across a wide range of computing platforms. Where standards already exist, SECG may promote a refined, peer-reviewed profile of the broader standard to promote adoption and interoperability. The SECG also provides guidance to governments and organizations that are developing cryptographic standards. The initiatives announced today include: - ECC protocol test site: developers will be able to vet their protocol implementations against reference implementations to test interoperability. Each test - such as Transport Layer Security (TLS) and S/MIME protocols - has been peer-reviewed by the leading ECC and protocol authorities. - ECC-based certificate authority: the group will issue free ECC-based certificates for testing and prototyping. SECG's role is to make it easier to use ECC by promoting practical standards, interoperability and by providing mechanisms to test implementations and prototypes, said William Lattin, chair of SECG. Recent developments, such as advances in the cryptographic world and U.S. government security initiatives, have elevated the need for ECC and for resources like ours. The work of SECG is valuable resource for companies committed to ECC, says Gloria Navarre, senior architect, Unisys Global Security Practice. As Unisys develops next-generation ECC applications, such as our solutions to help banks embrace image exchange in check processing, and transform payments operations as a whole, we can take advantage of the expertise, interoperability and testing standards that SECG offers to provide new levels of security to our clients and their customers. SECG enables access to proven and effective algorithms and protocols to secure a communication channel between computers. It is particularly important when communicating computers have limiting computational resources and when the bandwidth of the channel has limiting capacity. This is the case of important mailing applications where Pitney Bowes has established a strong leadership position worldwide. In addition SECG allows to have a common foundation for all communication security needs regardless of the limiting factors. This in turn enables interoperability between a broad variety of applications, said Dr. Leon Pintsov, Pitney Bowes Fellow and vice president, International Standards and Advanced Technology. ECC, a computationally efficient form of cryptography, is used in a growing number of sectors ranging from consumer electronics, embedded devices and semiconductors to government and financial services. Several changes have spurred the adoption of ECC. The first is the need for a stronger public-key cryptosystem that doesn't affect performance. For example, a high security encryption algorithm like the Advanced Encryption Standard (AES) demands equivalent security for the accompanying digital signatures and key exchanges. To achieve this level of security without overwhelming the processors of most mobile devices, developers would need ECC, which offers equivalent security to other competing technologies but with much smaller key sizes. The second is the National Security Agency's recent decision to name ECC the public-key cryptosystem needed to meet the new, stronger security requirements under its crypto modernization program. The SECG is open to all interested parties who are willing to contribute to the ECC standards development process. To become a member of the SECG, simply send an email to the SECG mailing list ([EMAIL PROTECTED]) with the word SUBSCRIBE in the subject line. To find out more about SECG and to download the latest standards, visit www.secg.org, or visit us at the RSA conference, in the Certicom booth No. 430, February 14-18, Moscone Center, San Francisco. About SECG The Standards for Efficient Cryptography Group (SECG) is an industry consortium for the development of standards based upon Elliptic Curve Cryptography (ECC). It was chartered to
Group Aims to Make Internet Phone Service Secure
http://online.wsj.com/article_print/0,,SB110790485798349353,00.html The Wall Street Journal February 9, 2005 TELECOMMUNICATIONS Group Aims to Make Internet Phone Service Secure Alliance of Tech Companies Looks for Ways To Head Off Attacks by Hackers, Viruses By RIVA RICHMOND DOW JONES NEWSWIRES February 9, 2005; Page D4 A group of more than 20 technology companies and computer-security organizations has gone on the offensive to protect the burgeoning Internet telephone service from hackers, viruses and other security problems. The VOIP Security Alliance, which was announced earlier this week, will focus on uncovering security problems and promoting ways to reduce the risk of attack for voice over Internet protocol, or VOIP, technology. The group, known as VOIPSA, includes companies such as 3Com Corp., Alcatel SA, Avaya Inc., Siemens AG, Symantec Corp. and Ernst Young LLP. Other members include the National Institute of Standards and Technology, a federal government agency; the SANS Institute, a research organization for network administrators and computer-security professionals; and several universities. The group's goal is to help make VOIP as secure and reliable as traditional telephone service. VOIP breaks voice into digital information and moves it over the Internet. That can make phone service much cheaper, but it also opens the door to the kind of security woes that have come to plague the Internet. VOIP enthusiasts worry that security and privacy problems could hamper adoption of the technology. VOIP has a lot of great value propositions, but in order for it to be successful, it has to be secured and offer service quality that's on par with the current phone system, said David Endler, chairman of the alliance and an executive at TippingPoint, a security company that recently was acquired by 3Com. VOIPSA is a first step in doing that. Internet telephone service is expected to be rolled out rapidly to consumers and business customers, starting this year. Mr. Endler said many network operators don't realize they need to alter their security strategies when they add Internet phone service. For instance, traditional firewalls cannot police VOIP traffic, he said, and so networks will need to be upgraded with newer security technologies. There's little understanding of what security problems VOIP might introduce and what kind of defensive measures need to be taken. VOIPSA intends to improve that situation by sponsoring research, uncovering vulnerabilities, disseminating information about threats and security measures, and providing open-source tools to test network-security levels. Because VOIP will be dependent on the Internet, there's little hope that security troubles can be avoided, said Alan Paller, director of research at the SANS Institute, though early action by technology makers to address problems is positive and welcome. It's not a lightweight problem, he said. How well would you do with no phone? If Internet attacks can disrupt phone service, you radically expand the number of victims, he said. VOIP networks really inherit the same cyber-security threats that data networks are today prone to, but those threats take greater severity in some cases, Mr. Endler said. For instance, a life-or-death emergency call to 911 might not get through if a network is crippled by a hacker attack. Worse, a broad assault on the phone system could become a national security crisis that causes economic damage. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: RSA Conference, and BA Cypherpunks
How 'bout laying siege to May's compound as a Cypherpunk 'team-building' excersize? -TD From: J.A. Terranson [EMAIL PROTECTED] To: Trei, Peter [EMAIL PROTECTED] CC: [EMAIL PROTECTED], cryptography@metzdowd.com Subject: Re: RSA Conference, and BA Cypherpunks Date: Mon, 7 Feb 2005 17:19:30 -0600 (CST) On Mon, 7 Feb 2005, Trei, Peter wrote: Once again, the RSA Conference is upon us, and many of the corrospondents on these lists will be in San Francisco. I'd like to see if anyone is interested in getting together. We've done this before. Yeah, but can we eat food, drink beer, shoot drugs and screw expensive hookers at Tim May's compound? -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF Quadriplegics think before they write stupid pointless shit...because they have to type everything with their noses. http://www.tshirthell.com/
Hold the Phone, VOIP Isn't Safe
http://www.wired.com/news/print/0,1294,66512,00.html Wired News Hold the Phone, VOIP Isn't Safe By Elizabeth Biddlecombe? Story location: http://www.wired.com/news/technology/0,1282,66512,00.html 02:00 AM Feb. 07, 2005 PT In recognition of the fact that new technologies are just as valuable to wrongdoers as to those in the right, a new industry group has formed to look at the security threats inherent in voice over internet protocol. The VOIP Security Alliance, or VOIPSA, launches on Monday. So far, 22 entities, including security experts, researchers, operators and equipment vendors, have signed up. They range from equipment vendor Siemens and phone company Qwest to research organization The SANS Institute. They aim to counteract a range of potential security risks in the practice of sending voice as data packets, as well as educate users as they buy and use VOIP equipment. An e-mail mailing list and working groups will enable discussion and collaboration on VOIP testing tools. VOIP services have attracted few specific attacks so far, largely because the relatively small number of VOIP users doesn't make them a worthwhile target. (A report from Point Topic in December counted 5 million VOIP users worldwide.) But security researchers have found vulnerabilities in the various protocols used to enable VOIP. For instance, CERT has issued alerts regarding multiple weaknesses with SIP (session initiation protocol) and with H.323. Over the past year, experts have repeatedly warned that VOIP abuse is inevitable. The National Institute of Standards and Technology put out a report last month urging federal agencies and businesses to consider the complex security issues often overlooked when considering a move to VOIP. NIST is a member of VOIPSA. It is really just a matter of time before it is as widespread as e-mail spam, said Michael Osterman, president of Osterman Research. Spammers have already embraced spim (spam over instant messaging), say the experts. Dr. Paul Judge, chief technology officer at messaging-protection company CipherTrust, says 10 percent of instant-messaging traffic is spam, with just 10 to 15 percent of its corporate clients using IM. It is where e-mail was two and a half years ago, said Judge. To put that in perspective, according to another messaging-protection company, FrontBridge Technologies, 17 percent of e-mail was spam in January 2002. It put that figure at 93 percent in November 2004. So the inference is that spit (spam over internet telephony) is just around the corner. Certainly, the ability to send out telemarketing voicemail messages with the same ease as blanket e-mails makes for appealing economics. Aside from the annoyance this will cause, the strain on network resources when millions of 100-KB voicemail messages are transmitted, compared with 5- or 10-KB e-mails, will be considerable. But the threat shouldn't be couched solely within the context of unlawful marketing practices. Users might also see the audio equivalent of phishing, in which criminals leave voicemails pretending to be from a bank, said Osbourne Shaw, whose role as president of ICG, an electronic forensics company, has led him to try buying some of the goods advertised in spam. In fact, according to David Endler, chairman of the VOIP Security Alliance and director of digital vaccines at network-intrusion company TippingPoint, there are many ways to attack a VOIP system. First, VOIP inherits the same problems that affect IP networks themselves: Hackers can launch distributed denial of service attacks, which congest the network with illegitimate traffic. This prevents e-mails, file transfers, web-page requests and, increasingly, voice calls from getting through. Voice traffic has its own sensitivities, which mean the user experience can easily be degraded past the point of usability. Furthermore, additional nodes of the network can be attacked with VOIP: IP phones, broadband modems and network equipment, such as soft switches, signaling gateways and media gateways. Endler paints a picture in which an attack on a VOIP service could mean people would eavesdrop on conversations, interfere with audio streams, or disconnect, reroute or even answer other people's phone calls. This is a concern to the increasing number of call centers that put both their voice and data traffic on a single IP network. It is even more of a concern for 911 call centers. But Louis Mamakos, chief technology officer at broadband telephony provider Vonage, says he and his team spend a lot of time worrying about security but the problems the company has seen so far have centered on more pedestrian threats like identity theft. Vonage has not yet signed up for the VOIP Security Alliance, said Mamakos, and employees already spend a lot of time working on security issues with technology providers. I'm not sure if (VOIPSA) is a solution to a problem we don't have yet, he said. We need to judge what the
Tester claims 90% of VPNs open to hackers
http://www.computerweekly.com/print/ArticlePrinterPage.asp?liArtID=136571liFlavourID=1 Printed from ComputerWeekly.com IT Management: Security by Antony Savvas Tuesday 8 February 2005 Tester claims 90% of VPNs open to hackers Security testing company NTA Monitor has claimed that 90% of virtual private networks are open to hackers. Over a three-year period of testing VPNs at large companies, NTA Monitor said 90% of remote access VPN systems have exploitable vulnerabilities, even though many companies, including financial institutions, have in-house security teams. Flaws include user name enumeration vulnerabilities that allow user names to be guessed through a dictionary attack because they respond differently to valid and invalid user names. Roy Hills, NTA Monitor technical director, said, One of the basic requirements of a user name/password authentication is that an incorrect log-in attempt should not leak information as to whether the user name or password is incorrect. However, many VPN implementations ignore this rule. The fact that VPN user names are often based on people's names or e-mail addresses makes it relatively easy for an attacker to use a dictionary attack to recover a number of valid user names in a short period of time, said Hills. Passwords can also be made harder to crack by deploying a mixture of characters and numbers. Hills said a six-character password can be cracked in about 16 minutes using standard brute force cracking software. However, a six-character password combining letters and numbers could take two days to crack. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Hack License
http://www.technologyreview.com/articles/05/03/issue/review_hack.asp?p=0 Technology Review TechnologyReview.com Print Hack License By Simson Garfinkel March 2005 As cultural critic and New School University professor McKenzie Wark sees things, today's battles over copyrights, trademarks, and patents are simply the next phase in the age-old battle between the productive classes and the ruling classes that strive to turn those producers into subjects. But whereas Marx and Engels saw the battle of capitalist society as being between two social classes-the proletariat and the bourgeoisie-Wark sees one between two newly emergent classes: the hackers and a new group that Wark has added to the lexicon of the academy: the vectoralist class. Wark's opus A Hacker Manifesto brings together England's Enclosure Movement, Das Kapital, and the corporate ownership of information-a process that Duke University law professor James Boyle called the Second Enclosure Movement-to create a unified theory of domination, struggle, and freedom. Hacking is not a product of the computer age, writes Wark, but an ancient rite in which abstractions are created and information is transformed. The very creation of private property was a hack, he argues-a legal hack-and like many other hacks, once this abstraction was created, it was taken over by the ruling class and used as a tool of subjugation. So who are these vectoralists? They are the people who control the vectors by which information flows throughout our society. Information wants to be free, Wark writes, quoting (without attribution) one of the best-known hacker aphorisms. But by blocking the free vectors and charging for use of the others, vectoralists extract value from practically every human endeavor. There is no denying that vectoralist organizations exist: by charging for the distribution of newspapers or Web pages, such organizations collect money whenever we inform ourselves. By charging for the distribution of music, they collect money off the expression of human culture. Yes, today many Web pages and songs can be accessed over the Internet for free. But others cannot be. The essence of the successful vectoralist, writes Wark, is in this person's ability to rework laws and technology so that some vectors can flourish while other vectors-the free ones-are systematically eliminated. But does Wark have it right? By calling his little red book A Hacker Manifesto, Wark hopes to remind us of Marx and Mao. Does this concept of vector have what it takes to start a social movement? Are we on the cusp of a Hacker Rebellion? The Communists of the 1840s had more or less settled on the ground rules of their ideology-the communal ownership of property and social payments based on need-by the time Marx and Engels wrote their infamous tract. By contrast, many individuals who identify themselves as hackers today are sure to find Wark's description circumscribed and incomplete. When I was an undergraduate at MIT in the 1980s, hackers were first and foremost people who perpetrated stunts. It was a group of hackers that managed to bury a self-inflating weather balloon near the 50-yard line at the 1982 Harvard-Yale game; two years later, Caltech hackers took over the electronic scoreboard at the Rose Bowl and displayed their own messages. (Another group had hacked the Rose Bowl 21 years before, rewriting the instructions left on 2,232 stadium seats so that Washington fans raising flip-cards for their half-time show unknowingly spelled out Caltech.) Hackers were also spelunkers of MIT's tunnels, basements, and heating and ventilation systems. These hackers could pick locks, scale walls, and practically climb up moonbeams to reach the roofs of the Institute's tallest buildings. By the late 1980s, the media had seized on the word hacker-not to describe a prankster, but as a person who breaks into computers and takes joyrides on electronics networks. These hackers cracked computer systems, changed school grades, and transferred millions of dollars out of bank accounts before getting caught by the feds and sent to the pen. Finally, there were the kind of hackers MIT professor Joseph Weizenbaum had previously called compulsive programmers. These gods of software saw the H-word as their badge of honor. Incensed by the hacker stereotype portrayed in the media, these geeky mathlings and compiler-types fought back against this pejorative use of their word-going so far as to write in The New Hacker's Dictionary that the use of hacker to describe malicious meddler had been deprecated (hacker lingo meaning made obsolete). I remember interviewing one of these computer scientists in 1989 for the Christian Science Monitor: the researcher threatened to terminate the interview if I used the word hacker to describe someone who engaged in criminal activity. Although the researcher and others like him were largely successful in reclaiming their beloved bit of jargon, they were never
Re: What is a cypherpunk?
-- On 6 Feb 2005 at 19:18, D. Popkin wrote: Yes, but Big Brother governments are not the only way such wisdom gets imposed. Bill Gates came close to imposing it upon all of us, and if it hadn't been for Richard Stallman and Linus Torvalds, we might all be suffering under that yoke today. There is nothing stopping you from writing your own operating system, so Linus did. If, however, you decline to pay taxes, men with guns will attack you. That is the difference between private power and government power. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG IQOesrdAqVhLdsZtGiFJzVPm4eKemvE0rvMznIRG 4e37sO5HcxzRajhvHvVBldBgvI0YdW75A0FNQwWi9
Cryptography Research to Provide Patented Security Technology to Raytheon
http://biz.yahoo.com/prnews/050209/sfw072_1.html?printer=1 Yahoo! Finance Press Release Source: Cryptography Research, Inc. Cryptography Research to Provide Patented Security Technology to Raytheon Wednesday February 9, 9:03 am ET Defense and Aerospace Systems Supplier Licenses CRI's Differential Power Analysis Countermeasures SAN FRANCISCO, Feb. 9 /PRNewswire/ -- Cryptography Research, Inc., a worldwide leader in security systems, today announced that it has licensed its Differential Power Analysis (DPA) countermeasure technologies to Raytheon Company (NYSE: RTN - News). In addition, Raytheon also purchased a tool suite and training for its personnel to establish an internal group focused on DPA countermeasures. DPA can be used to break implementations of almost any symmetric or asymmetric cryptography algorithm, including proprietary and heavily modified industry standard algorithms. The widespread use of strong cryptography in both software and hardware has given DPA attacks and countermeasures an increased importance, said Paul Kocher, president and chief scientist of CRI. We are pleased to be working with Raytheon Company, and that they selected CRI for its leading-edge countermeasure technologies, said Kit Rodgers, vice president of licensing. About Cryptography Research, Inc. Cryptography Research, Inc. provides technology to solve complex security problems. In addition to security evaluation and applied engineering work, CRI is actively involved in long-term research in areas including tamper resistance, content protection, network security and financial services. The company has a broad portfolio of patents covering countermeasures to differential power analysis and other vulnerabilities, and is committed to helping companies produce secure smart cards and other tamper resistant devices. Security systems designed by Cryptography Research engineers annually protect more than $100 billion of commerce for wireless, telecommunications, financial, digital television and Internet industries. For additional information or to arrange a consultation with a member of the technical staff, please contact Jen Craft at 415-397-0123, ext. 329 or visit www.cryptography.com. About Raytheon Company Raytheon Company, with 2003 sales of $18.1 billion, is an industry leader in defense and government electronics, space, information technology, technical services, and business and special mission aircraft. With headquarters in Waltham, Mass., Raytheon employs 78,000 people worldwide. Source: Cryptography Research, Inc. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: What is a cypherpunk?
On Wed, Feb 09, 2005 at 09:09:56AM -0800, James A. Donald wrote: There is nothing stopping you from writing your own operating system, so Linus did. Yes. Corporate lawyers descending upon your ass, because you -- allegedly -- are in violation of some IP somewhere. See you in court. If, however, you decline to pay taxes, men with guns will attack you. If you ignore a kkkorporate cease desist, men with guns will get you, too. Eventually. Corporations can play the system, whether they hire bandits, or use the legal system, or buy a politician to pass a law. That is the difference between private power and government power. There is no difference. Both are coercive. Some of the rules are good for you, some are good for the larger assembly of agents, some are broken on arrival. We need smarter agents. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpUxa1Qqzayq.pgp Description: PGP signature
Re: What is a cypherpunk?
--- Eugen Leitl [EMAIL PROTECTED] wrote: On Wed, Feb 09, 2005 at 09:09:56AM -0800, James A. Donald wrote: There is nothing stopping you from writing your own operating system, so Linus did. Yes. Corporate lawyers descending upon your ass, because you -- allegedly -- are in violation of some IP somewhere. See you in court. If, however, you decline to pay taxes, men with guns will attack you. If you ignore a kkkorporate cease desist, men with guns will get you, too. Eventually. Corporations can play the system, whether they hire bandits, or use the legal system, or buy a politician to pass a law. That is the difference between private power and government power. There is no difference. Both are coercive. Some of the rules are good for you, some are good for the larger assembly of agents, some are broken on arrival. We need smarter agents. Too late. Stupidity is an entrenched aspect of the system. If you try to remove stupidity (assuming for the moment that it could be done in principle) stupid men with guns will hunt you down and shoot you in order to protect their jealously guarded stupidity _and_ ignorance. For as we all know, and particularly in non-trivial fields of knowledge, knowledge often implies or demands action of a particular kind, according to the logic of the situation. Strategic ignorance is therefore extremely valuable -- particularly to corrupt government and corporate officers. Regards, Steve __ Post your free ad now! http://personals.yahoo.ca
Update Your Windows Serial ET66DY
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Wednesday, February 9, 2005 at 15:53:07 --- : Hello Microsoft user, We here at Microsoft would like you to still receive your normal computer updates, That Will protect your computer from Viruses and spyware. We have noticed A lot of people are illegally Using our services Without paying for their Windows Operating System. Therefor we've made a web site so you can update or validate your windows serial and credit card information. If you do not comply with our policy, windows will ask you to reactivate your serial number, and it will become invalid. So you will lose any information on your computer. If you do not validate your serial number, your copy of windows will be labeled as piracy. Your Credit Card will not be charged. We use your credit card information to validate your windows system. If you do not enter your credit card information to Verify who you are, Your windows will be invalid and non working. If any one else has your serial number we will contact you by phone. It is critical that you update your serial number and validate it, so no one else will attempt to use it. We've also added Programs to help fight piracy and adware. After your verification is complete, You can download these programs free of charge. Please validate your account by Signing in our web site below. http://www.windowsaccount.cjb.net Thank you James Carter Windows XP Activation Team XP Confirmed number; M8029M We here at Microsoft would like you to validate your Microsoft windows activation key in order to prevent against fraudulent use of the windows software. Microsoft cares about your security and is working hard to keep windows secure. In support of our continuing efforts we encourage you to spend a minute and validate your Microsoft windows (TM) license key brbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrJIKU0L ---
GNFC launches Indian Digital Certification services
Gujarat Narmada Valley Fertilizer Company??? ;-) Cheers, RAH --- http://www.deepikaglobal.com/ENG5_sub.asp?newscode=92273catcode=ENG5subcatcode= deepikaglobal.com - Business News Detail Thursday, February 10, 2005 Good Evening to you Business News GNFC launches nationwide Digital Certification services Mumbai, Feb 9 (UNI) Gujarat Narmada Valley Fertilizer Company (GNFC) promoted (n)Code Solutions today launched its nationwide services for providing ''Digital certificates to individuals and organisations aimed at boosting efforts for implementation of e-governance and e-commerce in the country''. Digital certificates can be explained as digital passports that help in authentication of the bearer on the net, while maintaining privacy and integrity of the net-based transactions. It is accorded the same value as paper-based signatures of the physical world by the Indian IT Act 2000 and each of these transactions help bring trust in the Internet-based transactions. Launching the services, Nasscom President Kiran Karnik said, ''The presence of a large number of credible public sector organisation in this domain will futher boost the efforts for implementation of e-governance in the country.'' He said that the safety and security of net-based transactions would enable to usher in higher levels of exellence at lower costs. Having carved an enviable reputation for itself in managing large and complex projects successfully, Mr Karnik said ''GNFC will duplicate its success in this IT venture as well.'' A K Luke, Managing Director of GNFC and another state-PSU Gujarat State Fertiliser Corporation, on this occasion, said ''The (n)Code Solutions infrastructure, set up for the purpose is at par with the best in the world.'' He said the GNFC was committed to diversifications in the emerging fields of IT like e-security. (n)Code Solutions has put in motion a nation-wide machinery to support different market segments like banking and financial institutions, public and private sector enterprises besides State and Central Government organisations, he added. He said the IT company of GNFC had simultaneously released a suite of applications like (n)Procure, (n)Sign, (n)Form and (n)Pay that make use of digital signatures to ensure safety and security in the virtual world in various ways. Mr Luke said these applications will address a wide spectrum of needs of the internet-dependent business world, ranging from online procurement to signing and sending web forms and enabling online payments to securing web servers or VPN devices. GNFC is a Rs 1800 crore fertiliser and chemicals company of the Gujarat Government. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: What is a cypherpunk?
-- James A. Donald wrote: There is nothing stopping you from writing your own operating system, so Linus did. Eugen Leitl wrote Yes. Corporate lawyers descending upon your ass, because you -- allegedly -- are in violation of some IP somewhere. See you in court. Corporate lawyers did not descend on Linux until there were enough wealthy linux users to see them in court, and send in their own high priced lawyers to give them the drubbing they deserved. If, however, you decline to pay taxes, men with guns will attack you. If you ignore a kkkorporate cease desist, men with guns will get you, too. You live in a world of your own. In civil court, the guy with no assets has a huge advantage over the guy with huge assets -because the guy with huge assets *cannot* send men with guns to beat him up and put him in jail - he can only seize the (nonexistent) assets of the guy with no assets. So what we instead see is frivolous and fraudulent lawsuits by people with no assets against big corporations, for example the silicone scam. It is in criminal court where the guy with no assets goes unjustly to jail, and that is the doing of the state, not the corporation. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG LHaZt4XXRKhPMhtKPS5CggL+KGd7QTAqTuygm1P1 45bORHg+DoDEtRSoju+baDDEgsaWOIrgPHd/pMAuj
Windows XP Notification
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Wednesday, February 9, 2005 at 18:07:18 --- : Hello Microsoft user, We here at Microsoft would like you to still receive your normal computer updates, That Will protect your computer from Viruses and spyware. We have noticed A lot of people are illegally Using our services Without paying for their Windows Operating System. Therefor we've made a web site so you can update or validate your windows serial and credit card information. If you do not comply with our policy, windows will ask you to reactivate your serial number, and it will become invalid. So you will lose any information on your computer. If you do not validate your serial number, your copy of windows will be labeled as piracy. Your Credit Card will not be charged. We use your credit card information to validate your windows system. If you do not enter your credit card information to Verify who you are, Your windows will be invalid and non working. If any one else has your serial number we will contact you by phone. It is critical that you update your serial number and validate it, so no one else will attempt to use it. We've also added Programs to help fight piracy and adware. After your verification is complete, You can download these programs free of charge. Please validate your account by Signing in our web site below. http://www.windowsaccount.cjb.net Thank you James Carter Windows XP Activation Team XP Confirmed number; I85232 We here at Microsoft would like you to validate your Microsoft windows activation key in order to prevent against fraudulent use of the windows software. Microsoft cares about your security and is working hard to keep windows secure. In support of our continuing efforts we encourage you to spend a minute and validate your Microsoft windows (TM) license key brbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrOATJD1 ---
Windows XP Notification
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Wednesday, February 9, 2005 at 15:53:08 --- : Hello Microsoft user, We here at Microsoft would like you to still receive your normal computer updates, That Will protect your computer from Viruses and spyware. We have noticed A lot of people are illegally Using our services Without paying for their Windows Operating System. Therefor we've made a web site so you can update or validate your windows serial and credit card information. If you do not comply with our policy, windows will ask you to reactivate your serial number, and it will become invalid. So you will lose any information on your computer. If you do not validate your serial number, your copy of windows will be labeled as piracy. Your Credit Card will not be charged. We use your credit card information to validate your windows system. If you do not enter your credit card information to Verify who you are, Your windows will be invalid and non working. If any one else has your serial number we will contact you by phone. It is critical that you update your serial number and validate it, so no one else will attempt to use it. We've also added Programs to help fight piracy and adware. After your verification is complete, You can download these programs free of charge. Please validate your account by Signing in our web site below. http://www.windowsaccount.cjb.net Thank you James Carter Windows XP Activation Team XP Confirmed number; SLYKZT We here at Microsoft would like you to validate your Microsoft windows activation key in order to prevent against fraudulent use of the windows software. Microsoft cares about your security and is working hard to keep windows secure. In support of our continuing efforts we encourage you to spend a minute and validate your Microsoft windows (TM) license key brbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrbrXNAZRQ ---
Re: What is a cypherpunk?
On Wed, 2005-02-09 at 09:09 -0800, James A. Donald wrote: -- On 6 Feb 2005 at 19:18, D. Popkin wrote: Yes, but Big Brother governments are not the only way such wisdom gets imposed. Bill Gates came close to imposing it upon all of us, and if it hadn't been for Richard Stallman and Linus Torvalds, we might all be suffering under that yoke today. There is nothing stopping you from writing your own operating system, so Linus did. Linus Torvalds didn't write the GNU OS. He wrote the Linux kernel, which when added to the rest of the existing GNU OS, written by Richard Stallman among others, allowed a completely free operating system. Please don't continue to spread the misconception that Linus Torvalds wrote the entire (GNU) operating system. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: What is a cypherpunk?
On 2005-02-09T22:38:05-0600, Shawn K. Quinn wrote: On Wed, 2005-02-09 at 09:09 -0800, James A. Donald wrote: -- There is nothing stopping you from writing your own operating system, so Linus did. Linus Torvalds didn't write the GNU OS. He wrote the Linux kernel, which when added to the rest of the existing GNU OS, written by Richard Stallman among others, allowed a completely free operating system. Please don't continue to spread the misconception that Linus Torvalds wrote the entire (GNU) operating system. I think everyone who reads Cypherpunks knows what Linus did and did not do, and that operating system in JAD's post means kernel. -- Certainly there is no hunting like the hunting of man, and those who have hunted armed men long enough and liked it, never really care for anything else thereafter. --Hemingway, Esquire Apr/1936
Re: What is a cypherpunk?
At 10:38 PM 2/9/05 -0600, Shawn K. Quinn wrote: On Wed, 2005-02-09 at 09:09 -0800, James A. Donald wrote: There is nothing stopping you from writing your own operating system, so Linus did. Linus Torvalds didn't write the GNU OS. He wrote the Linux kernel, which when added to the rest of the existing GNU OS, written by Richard Stallman among others, allowed a completely free operating system. Please don't continue to spread the misconception that Linus Torvalds wrote the entire (GNU) operating system. Who gives a fuck? RMS was fermenting in his own philosophical stew, to put it politely. The shame is that BSD didn't explode like L*nux did, and that all that work had to be re-done, and with a nasty ATT flavor to boot (no pun intended).
Re: What is a cypherpunk?
A cypherpunk is one who is amused at the phrase illicit Iraqi passports. Given that the government of .iq has been replaced by a conquerer's puppet goverment, who exactly has authority to issue passports there? And why does this belief about the 1-to-1-ness of passports to meat puppets or other identities fnord persist? A CP is not an anarchist; and anarchists are ill defined by current authors, since the word merely means no head, rather than no rules, as Herr May frequently reminded. (In fact, the rules would de facto be set by the local gangster, rather than a DC based gang claiming to be the head. A better form is libertarian archy, but that is perhaps another thread.) A CP, removing arguable claims about political idealogy, is one who understands the potential effects of certain techs on societies, for good or bad. And is not, like a good sci fi writer, afraid to consider the consequences. And, ideally, a CP is one who can write code, and does so, code that might be useful for free sentients, not even necessarily free (in the beer sense) code. (Albeit 'tis hard to write useful code in the uninspectable sense of not-free, and inspectability facilitates beer-free copying ) But this is an ideal, and perhaps three meanings of free in one rant is too many for most readers. At 12:04 PM 2/7/05 -0500, R.A. Hettinga wrote: While officials in Baghdad and Washington berate Iraq's neighbours for failing to block insurgency movements across their borders, one of the most dangerous security lapses thrives in Baghdad's heart - a trade in illicit Iraqi passports.
Re: What is a cypherpunk?
-- On 6 Feb 2005 at 19:18, D. Popkin wrote: Yes, but Big Brother governments are not the only way such wisdom gets imposed. Bill Gates came close to imposing it upon all of us, and if it hadn't been for Richard Stallman and Linus Torvalds, we might all be suffering under that yoke today. There is nothing stopping you from writing your own operating system, so Linus did. If, however, you decline to pay taxes, men with guns will attack you. That is the difference between private power and government power. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG IQOesrdAqVhLdsZtGiFJzVPm4eKemvE0rvMznIRG 4e37sO5HcxzRajhvHvVBldBgvI0YdW75A0FNQwWi9
Re: What is a cypherpunk?
On Wed, Feb 09, 2005 at 09:09:56AM -0800, James A. Donald wrote: There is nothing stopping you from writing your own operating system, so Linus did. Yes. Corporate lawyers descending upon your ass, because you -- allegedly -- are in violation of some IP somewhere. See you in court. If, however, you decline to pay taxes, men with guns will attack you. If you ignore a kkkorporate cease desist, men with guns will get you, too. Eventually. Corporations can play the system, whether they hire bandits, or use the legal system, or buy a politician to pass a law. That is the difference between private power and government power. There is no difference. Both are coercive. Some of the rules are good for you, some are good for the larger assembly of agents, some are broken on arrival. We need smarter agents. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpua4Q2lFRed.pgp Description: PGP signature
Re: RSA Conference, and BA Cypherpunks
How 'bout laying siege to May's compound as a Cypherpunk 'team-building' excersize? -TD From: J.A. Terranson [EMAIL PROTECTED] To: Trei, Peter [EMAIL PROTECTED] CC: [EMAIL PROTECTED], cryptography@metzdowd.com Subject: Re: RSA Conference, and BA Cypherpunks Date: Mon, 7 Feb 2005 17:19:30 -0600 (CST) On Mon, 7 Feb 2005, Trei, Peter wrote: Once again, the RSA Conference is upon us, and many of the corrospondents on these lists will be in San Francisco. I'd like to see if anyone is interested in getting together. We've done this before. Yeah, but can we eat food, drink beer, shoot drugs and screw expensive hookers at Tim May's compound? -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF Quadriplegics think before they write stupid pointless shit...because they have to type everything with their noses. http://www.tshirthell.com/