Re: eJazeera?
On Sun, Nov 10, 2002 at 03:44:53PM -0500, Tyler Durden wrote: (snip) Other methods seek to eliminate the need for various levels of pre-knowledge between Bob and Alice, and to also stave off the round up scenario where a large group is examined and cleansed of all electronica, before data can make it onto the public net. (Less likely in US now, but easily possible elsewhere). I don't think you can rule that out in the US -- seems to have been happening a lot in recent times, the pigs corral a large group, keep them stationary for some time, possibly with mass arrest following. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General http://www.thesunmagazine.org/bully.html
Re: Photos in transport plane of prisoners: Time for eJazeera?
On Sun, 10 Nov 2002, Adam Shostack wrote: A full police state can't prevent anything, it can just make some things less common. For example, samizdat in the USSR still got copied and passed around. Drug use is a problem in US prisons. Etc. that kind of info can be limited by simply shooting everyone who was close enough to take pictures. No other military personell are going to risk taking more. Drugs are different than info. there's real cash transfered, so guards can quadruple their paychecks in a week. But maybe that's a hint on how to keep info flowing :-) Patience, persistence, truth, Dr. mike
Re: eJazeera?
Other methods seek to eliminate the need for various levels of pre-knowledge between Bob and Alice, and to also stave off the round up scenario where a large group is examined and cleansed of all electronica, before data can Live streaming is out of question as it would make detection trivial (not with triangulation but by looking at the live video.) So the mode would be 1) capture 2) move to the edge of the arena 3) stream via standardised protocol using (camouflaged) 8 3db omni stick antenna. Do this in AP mode. 4) go to 1 Relayers could just point their 18 dB dishes from places as far as 3-4 miles and capture (3). You can bet that every single news crew would be also dishing for signal. The countermeasure would be jamming 2.4 GHz, but this just means positioning (2) farther away. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
Transparent drive encryption now in FreeBSD
FreeBSD's 5.0 release, due out in a couple of weeks, will offer much anticipated transparent mass storage encryption. Subscribers to this list so inclined are encouraged to review and test this new feature. URLs: http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/gbde/ http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/geom/bde/ Thanks, --Lucky Green
Workshop on HCI and Security at CHI2003
I think that the intersection of usability and security is of tremendous import, and wanted to share an under-advertised sort of workshop announcement: http://www.acm.org/sigchi/ The conference home page is http://www.chi2003.org/ The workshop page is http://www.iit.nrc.ca/~patricka/CHI_2003/HCISEC/workshop.html I thought that the workshop info would be accessible from the conference site, but that appears not to be the case (at least not yet). Feel free to forward the URL to anyone else you think might be interested. Since it's at CHI, I expect we'll get plenty of people from that community, but we also really want attendees from the security community as well. - Chris
Re: eJazeera?
At 12:44 PM -0800 11/10/02, Tyler Durden wrote: The methods can be various, but the easiest one was (I think) described by Tim May. Bob and Alice are pre-known to each other. Bob holds a camera, Alice has a Wi-Fi enabled laptop operational in her knapsack. After Bob takes the photos/video, he transfers the images to ALice, who walks off and moves the data to a secure and public site. FWIW - I saw a TV transmitter kit in Fry's for $28. It takes input from Camcorders and broadcasts it on channel 3 or 4. (It is low power so it comes under FCC part 15 regulations.) If you give one of these to the camera holder, and one or more others have receivers/recorders, you have a simple, cheap, off the shelf system. Cheers - Bill - Bill Frantz | The principal effect of| Periwinkle -- Consulting (408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave. [EMAIL PROTECTED] | fair use. | Los Gatos, CA 95032, USA
The End of the Golden Age of Crypto
Tim May wrote: So, in these four areas real code is being generated. These get mentioned on the list...one just has to notice them, and remember. My main point is to refute the defeatism that often is clothed in the language of cynicism and ennui. Much is still being done. It isn't getting the attention of the press, which is probably a good thing. (They have moved on to other topics. And nobody is being threatened with jail, so crypto is no longer as edgy as it was when PRZ was facing prosecution, when crypto exports were illegal, when Clipper was in the news.) Crypto export has been decriminalized, and cryptanalysis programs are now illegal circumvention devices under the DMCA. I am hard pressed to view this as an improvement. If DECSS and Advanced eBook Processor produce an exhaltation of prosecutors bent on putting the authors in jail, I doubt we'll be hearing if someone invents DE-SSH or DE-AES. This greatly reduces my faith in the robustness of ciphers, particularly those that have been around to have their tires kicked for a decade or two. Break a code, go to jail. Even a silly code, like XOR. The 90's were the Golden Age of public access to crypto, largely driven by public key cryptography and the need for people to do secure communication over the Internet without physically meeting to exchange keys. The 00's will be the Golden Age of something else. Superintelligent AI perhaps. Even Rivest, Shamir, and Adleman knew essentially no number theory. One of them got the idea that maybe the difficulty of factoring could be used as the core for what they were doing...I have also heard that the idea came from another on the staff at MIT, but I won't get into that right now. Then they crammed and learned what they needed to learn about stuff like Euler's totient function, methods for finding primes, etc. It was enough. Such cryptography is based on faith, much like tea-leaf reading. We have absolutely no hard mathematical evidence that factoring is any harder than multiplying or taking square roots, or of the existence of easily computed functions with computationally intractable inverses. We infer the existence of such things solely from the observation that the human mind has not yet produced solutions to such problems. If they were really easy, we conjecture, someone would have figured out the answer by now. Well, maybe. Evidence is begining to emerge which suggests that such a view may be fundamentally flawed, and just as most humans cannot multiply 100 digit numbers in their heads, so there are countless wonderful and simple formulas whose derivation from scratch is so complex that no one will ever find them simply by trying to derive them directly. Are hard problems hard because they have no simple solutions, or simply because their simple solutions lie slightly beyond the range of our current deductive radar? Are they hard, or are we simply bad programmers? Compelling evidence for the latter explanation is beginning to mass. Consider, for instance, the following simple power series (Bailey,Borwein,Plouffe) for Pi as a sum of inverse powers of 16. Multiply by a power of 16 and take the fractional part, and you can compute hexadecimal digits of Pi starting anywhere. Pi = sum[0,infinity] [4/(8n+1) - 2/(8n+4) - 1/(8n+5) - 1/(8n+6)] * 1/16^n Now it's pretty easy to verify that this does indeed compute Pi, with a symbolic integrator, a pile of scratch paper, and much cancellation. Going in the other direction, however, is virtually impossible, unless you already know precisely what you are looking for. Given the task of locating a rapidly convergent series for Pi in inverse powers of 16, suitable for calculating arbitrary hexidecimal digits of Pi, one might very well bumble around calculating forever, without stumbling across it. The derivation is simply too difficult, and exists in a forest of equally difficult derivations which don't produce Pi. So how, one might inquire, did we come into possession of this handy formula? Well, it wasn't derived in a conventional sense. Instead, a computer program, PSLQ, a polynomial time numerically stable algorithm for finding relationships between real numbers, was used to examine all such formulas, and see if any of them produced Pi. One did. It is likely our ability to generate algorithms by a direct grep of all formulas having a specific form, and perhaps in the near future, all formulas under a certain length, will uncover many simple but difficult to directly derive formulas that do useful things. It is this ability which poses the greatest threat to cryptography in the current decade, as we find to our surprise that many of the things we thought were hard, like factorization, were merely obtuse, like trying to multiply big numbers in your head. I think there's a very good chance that by the end of the decade, we will all be laughing hysterically at how we ever could have thought
eJazeera?
Well, the rason d'etre of 'eJazeera' as I see it is primarily for publically-taken photos and videos to be quickly gypsied away from their port of origination (ie, the camera that took them), so that they can eventually make it into a public place on ye old 'Net. The enabling technology as I see it here is802.11b, Wi-Fi. A typical scenario is the case of public demonstrations where the local authorities are called in, and where they get, shall we say, a little overzealous. In many such cases (here, New York City, Here, USA, and there--China, etc...), such authorities will attempt to confiscate devices that could have captured the events or captured the perpetrators (and their badge numbers, if applicable) in photo or video. The ultimate aim of eJazeera is to make even the thought of capturing such video non-existent, due to the commonplace practices outlined in an eJazeera-type document (or eventually tribal knowledge). Short of that, it is of course in itself desirable for such events to get onto the public 'Net. The methods can be various, but the easiest one was (I think) described by Tim May. Bob and Alice are pre-known to each other. Bob holds a camera, Alice has a Wi-Fi enabled laptop operational in her knapsack. After Bob takes the photos/video, he transfers the images to ALice, who walks off and moves the data to a secure and public site. Other methods seek to eliminate the need for various levels of pre-knowledge between Bob and Alice, and to also stave off the round up scenario where a large group is examined and cleansed of all electronica, before data can make it onto the public net. (Less likely in US now, but easily possible elsewhere). ALso to be addressed in the document are (possibly) suggested technologies, down to the actual gadgets and manufacturers, and recommended spacial resolutions vs distances in order to record, say, badge numbers and facial features. Also, powering requirements won't hurt, as well as suggested methods for mitigating power issues. (Hey--this might be way beyond what's needed or desirable, butI still think like an engineer). In a reasonably just world, such images might be used in he short run to prosecute those that overstepped their legal bounds. Inthe long run, the commonplace practice of uploading such images should act as a deterrent to such overzealousness. As it turns out, however, those POWs being transported were photographed in such a way as to not need something like eJazeera (unless the scope as I imagine it is broadened...is it worthwhile to consider the robust creation of image links etc... on the 'Net?). -TD From: Major Variola (ret) [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: Photos in transport plane of prisoners: Time for eJazeera? Date: Sat, 09 Nov 2002 17:53:48 -0800 At 08:32 PM 11/9/02 -0500, Tyler Durden wrote: So I'm still playing with the idea of a publically-accessible document that outlines the strategies, technologies, aims and requirements for somehow uploading images and data to public repositorioes. Such a document should enumerate the threat model and describe how each threat is resisted, or not. Specific use-cases can be written: the GI who took the picture; the photo-developer-tech who kept copies; the bored netop who intercepted the pix; an activist who is under insert type surveillance. Anyone interested? And what does it mean (if anything) to do this within the context of the Cypherpunk list? Dis be da place, at least for talk :-) _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Hollings loss is our gain
Those with an interest in consumer rights and DRM may take heart. With the Republicans taking control of the Senate, Sen. Ernst Hollings will no longer be Chairman of the Commerce Committee. His drive to sell out consumers for the special interests from Hollywood may now be blunted. It will be interesting to see which Republican is selected to replace him and what policies are emphasized in the coming term. steve
Re: eJazeera?
As always, standards are driven by the mass-market and the mass market is already speaking on this one. In 18 months time there will be no difference between mobile phones cheap digital cameras - all but the cheapest phones will come with built-in cameras. Its almost certain that these devices will have GPS location, and probable that they will have Bluetooth as well. 802.11 less likely because of power consumption - possible that there will be little base stations to go Blt - WiFi so the Bluetooth becomes a wireless drop cable. Realtime video isn't on the horizon unless someone pulls a lot of bandwidth out of the bag, as ever network speeds grow more slowly than processing power. So effectively everybody will be walking around with the ability to take timestamped photos and transmit them. BrinWorld arrives, at least in public places. No policeman gets to bludgeon a demonstrator unrecorded ever again - expect them to wear visors and helmets increasingly often, and to remove the identifying marks from uniforms (as, or course, riot cops and vigilantes have been doing for decades) The authorities will be able to take down the cell networks - though they won't be able to do that without causing some publicity. They won't be able to confiscate all phones from everyone who is walking the street. Presumably in high-security situation (like interviews with presidents or rides on torture planes) phones can be removed from visitors but they will be rare. Mobile phones are now so ubiquitous that taking them away has come to seem as odd as asking visitors to remove their shoes or to wear face masks. Ken Brown Tyler Durden wrote: Well, the rason d'etre of 'eJazeera' as I see it is primarily for publically-taken photos and videos to be quickly gypsied away from their port of origination (ie, the camera that took them), so that they can eventually make it into a public place on ye old 'Net. The enabling technology as I see it here is802.11b, Wi-Fi. A typical scenario is the case of public demonstrations where the local authorities are called in, and where they get, shall we say, a little overzealous. In many such cases (here, New York City, Here, USA, and there--China, etc...), such authorities will attempt to confiscate devices that could have captured the events or captured the perpetrators (and their badge numbers, if applicable) in photo or video. The ultimate aim of eJazeera is to make even the thought of capturing such video non-existent, due to the commonplace practices outlined in an eJazeera-type document (or eventually tribal knowledge). Short of that, it is of course in itself desirable for such events to get onto the public 'Net.
Re: The End of the Golden Age of Crypto
Mike Duvos writes: Break a code, go to jail. Even a silly code, like XOR. This is probably true. In the current political climate, anyone who posts turbo-factor on the Internet, and destroys secure communications worldwide, can probably expect the secret tribunal followed by lethal injection, after being smeared in the press as a traitor. Remember, if you're not on Shrub's bandwagon, helping him beat his little drum, you're with the terrorists. The 00's will be the Golden Age of something else. Superintelligent AI perhaps. Opposite ends of the complexity spectrum. Superintelligent AI can break strong crypto. Strong crypto means superintelligent AI requires intractable computation. Perhaps the complexity landscape permits only a middle ground. Not particularly smart AI, and not particularly strong crypto. Even Rivest, Shamir, and Adleman knew essentially no number theory. ... cryptography is based on faith, much like tea-leaf reading. A .sigfile quality observation, I'm sure. We have absolutely no hard mathematical evidence that factoring is any harder than multiplying or taking square roots, ... I've always found it irksome that we haven't managed to move beyond combination of congruences/homomorphism-based factoring techniques. There has to be a simpler technique for unraveling multiplication, which, after all, is a very simple and straightforward manipulation of bits. It is likely our ability to generate algorithms by a direct grep of all formulas having a specific form, and perhaps in the near future, all formulas under a certain length, will uncover many simple but difficult to directly derive formulas that do useful things. Automated mining of reality for awesome but simple equations whose derivations are just a bit too messy for humans to manually perform will probably play an increasingly important role in the future of mathematics. Ramanujan, as I recall, produced a lot of stuff which proved to be correct, but which seemed impossible to arrive at without knowing it in the first place. Delete PGP, Win a Free Turkey, Har. Yes, folks. It's the End of the Golden Age of Crypto. Well, I'm not quite ready to run out and close the patent office yet. We still have quantum cryptography and one-time pads, which, if our current understanding is correct, are intrinsically unbreakable. If one-way functions turn out to have been a crack-induced hallucination, quantum cryptography can replace public key systems for secure key exchange. Some crypto-notable, I forget who, proposed putting satellites in orbit which transmitted high bandwidth random noise, which one would XOR with ones data before sending it. The recipient, also receiving the satellite signal, would know the starting bit in the random garbage, and could decrypt. Since it would be impractical to record the output of the satellite over any period of time, this would preclude messages being later decrypted, no matter how much CPU was thrown at them, as the information to decrypt them would no longer exist. Techniques like this, with satellite-based quantum crypto key exchange services, would permit us to retain a reliable national crypto infrastructure, should complexity-based systems fall apart under increased combinatorial scrutiny. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division Do What Thou Wilt Shall Be The Whole Of The Law
Re: [eros-arch] Did you *really* zeroize that key?
On Sunday, November 10, 2002, at 07:33 PM, Jonathan S. Shapiro wrote: 4. Encrypt all *used* storage as it goes to disk, whereupon you don't need to worry about explicitly zeroing the deleted storage. This can be a problem when you are somehow forced to decrypt your storage contents to allow forensics. The last, I think, is the right answer. On the whole, when my laptop is stolen I don't want anybody to get *anything* useful off of that drive. If they can't get anything useful, then in particular they cannot get my crypto keys and I'm done. Law enforcement can get your crypto keys in some backward countries. First question: what is your threat model? -J -- Jeroen C. van Gelderen -- [EMAIL PROTECTED] If you took the entire world-population (~6.5bn) and put them in Nebraska (~77k square miles) you'd get a population density of 84k per square mile. For reference: the population density in Manhattan is 85k per square mile.
Re: eJazeera?
As always, standards are driven by the mass-market and the mass market is already speaking on this one. In 18 months time there will be no difference between mobile phones cheap digital cameras - all but the cheapest phones will come with built-in cameras. hate to bud in but ... it is the cheap phones plans that actually capitalize on the camera phones. In Japan the easy example is J-Phone. They couldn't migrate to 3G or upgrade to full 2.5G, so they put out really, really cheap camera phones (subsidized with rebates to make them practically free) and captured the teen market. In the US (as seen by TO-Mobiles extremely cheap new camera phone currently being hocked in the US for a carrier that had to be rebranded in order to now be sold off), this approach will be picked up by more and more of the discount carriers (including pay as you go schemes) - especially as rates are whatever the carrier want to make them for data. Its almost certain that these devices will have GPS location, and probable that they will have Bluetooth as well. 802.11 less likely because of power consumption - possible that there will be little base stations to go Blt - WiFi so the Bluetooth becomes a wireless drop cable. The GPS locators all come pre-built in to the newer phones in Asia and Europe are heading to the US quicker then you can say government ailout -- now whether the carrier's announce this feature and/ or the crack sales staffs at their stores know about them or not is irrelevant. Just getting a Cingular or ATT Wireless carrier or salesperson to acknowledge that you can flip chips from their phones to other phones is impossible, (based on extensive personal research in the DC and NYC areas) as they won't or don't understand the concept - but that doesn't mean it can't and isn't being done. Wi-Fi doesn't exist yet, but it is being experimented on and will come as bandwidth use picks up, in order to cash in on VoIP schemes (especially since this use - voice or not - could be labeled as data and carriers could price at will and this would make up for the lost money from the flat rate pricing wars). Realtime video isn't on the horizon unless someone pulls a lot of bandwidth out of the bag, as ever network speeds grow more slowly than processing power. Actually in Asia (notably Korea and Japan) it works as well as internet RealPlayer streaming video (in Japan, KDDI's flips from 2.5 to 3G without a hitch and when going from 3 to 2.5G presents just a short time lag in time - think of the buffering on RealPlayer - NTT DoCoMo's all 3G video works pretty flawlessly, but has certain area restrictions that they're working on correcting). Europe's lagging a bit, but several government EU loans are subsidizing infrastructure costs and new intra-carrier arrangements are helping them move towards video-capability by years end (at least in the bigger cities). In the US the bandwidth is being sat on by carriers, as most carriers own it already (remember the 3G Auctions a few years ago?) they just don't have the money to roll-out a new infrastructure at the moment our government doesn't look ready to subsidize a complete infrastructure redo like the French, German, Swedish (et al). As soon as the telcos see a money making app they'll be on it quicker then you could imagine -- and with several foreign carriers looking for investments in the US mobile market in Q1 2003, it could be a lot sooner then anyone thinks. ;~) e So effectively everybody will be walking around with the ability to take timestamped photos and transmit them. BrinWorld arrives, at least in public places. No policeman gets to bludgeon a demonstrator unrecorded ever again - expect them to wear visors and helmets increasingly often, and to remove the identifying marks from uniforms (as, or course, riot cops and vigilantes have been doing for decades) The authorities will be able to take down the cell networks - though they won't be able to do that without causing some publicity. They won't be able to confiscate all phones from everyone who is walking the street. Presumably in high-security situation (like interviews with presidents or rides on torture planes) phones can be removed from visitors but they will be rare. Mobile phones are now so ubiquitous that taking them away has come to seem as odd as asking visitors to remove their shoes or to wear face masks. Ken Brown Tyler Durden wrote: Well, the rason d'etre of 'eJazeera' as I see it is primarily for publically-taken photos and videos to be quickly gypsied away from their port of origination (ie, the camera that took them), so that they can eventually make it into a public place on ye old 'Net. The enabling technology as I see it here is802.11b, Wi-Fi. A typical scenario is the case of public demonstrations where the local authorities are called in, and where they get, shall we say, a little overzealous. In many such cases (here, New York City,
Re: [eros-arch] Did you *really* zeroize that key?
[Dave: since Bill forwarded his reply to eros-arch, I'm copying you and cypherpunks on the reply.] Background: Dave suggested language-level support for storage that must be zeroed when freed. Bill Frantz forwarded this to me in the context of paging-related optimizations and a possible exposure arising in EROS on this issue. So first, the OS *has* to know about the zero on free requirement, or it *cannot* do the right thing. This is an issue both for swap and for persistent data. In each case, blocks can be released without being explicitly zeroed. The EROS system provides a per-block this block is zero bit as part of the per-block metadata. This tremendously helps us avoid I/Os, but it creates an exposure to offline forensics that could be quite serious in the absence of other provisions. There are analogous issues in conventional file systems that do lazy storage clearing. I think it's useful to differentiate two bugs: exposure resulting from reallocation of uncleaned storage, and exposure to offline forensics through failure to clear the data. The first is just a bug, plain and simple. The second is part of a much larger problem. While cryptographic keys are arguably more sensitive than most other data, they are certainly not the *only* sensitive data, and it is impossible in general for applications to know which data are sensitive. Wiley Coyote probably wants his ACME A-Bomb plans encrypted, but might not care about the HOWTO: Drop Big Rock on Roadrunner document. Lacking any knowledge of content semantics, the word processor cannot tell which is which (a point I found difficulty making clear to the Air Force recently). In abstract, there appear to be four feasible design options: 1. Expose yourself to forensics! [Picture of disk drive in open trenchcoat will not appear in countries where such content would be considered lewd or suggestive]. That is, don't try to solve the problem at all. 2. Accept a limited window of vulnerability by using background zeroing during otherwise idle cycles. Problem is that the exposure at any given time is unknown. 3. Tell the OS what to do, e.g. by a new option M_MUSTZERO to mmap() or equivalent. The ELF object file format could very easily be extended in this way today by adding a new section type and teaching the dynamic loader about it -- the necessary directives are already in place in the compilers to support the .init section. Big problem: it's yet another exceptional condition that can go wrong. 4. Encrypt all *used* storage as it goes to disk, whereupon you don't need to worry about explicitly zeroing the deleted storage. The last, I think, is the right answer. On the whole, when my laptop is stolen I don't want anybody to get *anything* useful off of that drive. If they can't get anything useful, then in particular they cannot get my crypto keys and I'm done. Of course, this requires a per-device secure memory... shap
Re: Transparent drive encryption now in FreeBSD
Sorry, I'm new, but does this refer to the notion of splitting up a document holographically, and placing the various pieces of numerous servers throughout the 'Net? (Any one piece will probably not contain a complete copy of the information, and is encrypted too, sot that it is not possible to say that Server X holds forbidden piece of info Y.) Andas I remember, removal of any one (or multiple) pieces on varying servers will do nothing towards elimating that content from the Universe. Can any one confirm that this is more or less Transparent Mass Sotage Encryption? From: Lucky Green [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Transparent drive encryption now in FreeBSD Date: Sun, 10 Nov 2002 21:40:42 -0800 FreeBSD's 5.0 release, due out in a couple of weeks, will offer much anticipated transparent mass storage encryption. Subscribers to this list so inclined are encouraged to review and test this new feature. URLs: http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/gbde/ http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/geom/bde/ Thanks, --Lucky Green _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
Re: eJazeera?
All you need is 1. A few activists incl. a few to capture the content (eg, videographer, photographer) who are willing to carry a few extra pounds 2. Someone to pony up the equiptment (some of which must be treated as expendable) 3. Someone to set up test the rig with the deployees. Depending on your circles, you may find each of these types in different abundances. The enabling technology as I see it here is802.11b, Wi-Fi. A typical scenario is the case of public demonstrations where the local authorities are called in, and where they get, shall we say, a little overzealous. In many such cases (here, New York City, Here, USA, and there--China, etc...), such authorities will attempt to confiscate devices that could have captured the events or captured the perpetrators (and their badge numbers, if applicable) in photo or video.
Re: eJazeera?
3) stream via standardised protocol using (camouflaged) 8 3db omni stick antenna. Do this in AP mode. Camoflaging this in the obvious place we note that our metallicized underwear provides a nice ground plane reflector, adding a db or two.
Re: eJazeera?
On Monday 11 November 2002 15:38, Major Variola (ret) wrote: 3) stream via standardised protocol using (camouflaged) 8 3db omni stick antenna. Do this in AP mode. Camoflaging this in the obvious place we note that our metallicized underwear provides a nice ground plane reflector, adding a db or two. Hey, that's a _good_ idea! And we can get side shielding by sticking the antenna between a fat guy's ass cheeks. The Fedz might notice that he's always keeping his butt pointed in one direction, but maybe that's normal at these events. -- Steve FurlongComputer Condottiere Have GNU, Will Travel Vote Idiotarian --- it's easier than thinking
Re: Workshop on HCI and Security at CHI2003
Since posting, I got a better web page: http://www.iit.nrc.ca/~patricka/CHI2003/HCISEC/index.html Adam On Mon, Nov 11, 2002 at 09:54:51AM -0500, Adam Shostack wrote: | I think that the intersection of usability and security is of | tremendous import, and wanted to share an under-advertised sort of | workshop announcement: | | http://www.acm.org/sigchi/ | | The conference home page is | | http://www.chi2003.org/ | | The workshop page is | | http://www.iit.nrc.ca/~patricka/CHI_2003/HCISEC/workshop.html | | I thought that the workshop info would be accessible from the | conference site, but that appears not to be the case (at least not | yet). | | Feel free to forward the URL to anyone else you think might be | interested. Since it's at CHI, I expect we'll get plenty of people | from that community, but we also really want attendees from the | security community as well. | | - Chris | | - | The Cryptography Mailing List | Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: [eros-arch] Did you *really* zeroize that key?
Jeroen C. van Gelderen wrote: The last, I think, is the right answer. On the whole, when my laptop is stolen I don't want anybody to get *anything* useful off of that drive. If they can't get anything useful, then in particular they cannot get my crypto keys and I'm done. Law enforcement can get your crypto keys in some backward countries. Yup, the UK is one of them. I think we are more concerned with hacking and outright theft though, rather than being presented with a warrant and told hand them thare key thingies over, sonny Well I am anyhow :)
Re: Transparent drive encryption now in FreeBSD
Tyler Durden wrote: Sorry, I'm new, but does this refer to the notion of splitting up a document holographically, and placing the various pieces of numerous servers throughout the 'Net? No. It is referring to conventional encryption of your local hard disk.
Re: [Dewayne-Net] RE: Hollings loss is our gain
At 12:29 PM 11/11/2002 -0800, Dewayne Hendricks wrote: [Note: This comment comes from reader Chuck Jackson. DLH] At 11:00 -0800 11/11/02, Steve Schear wrote: With the Republicans taking control of the Senate, Sen. Ernst Hollings will no longer be Chairman of the Commerce Committee. SNIP It will be interesting to see which Republican is selected to replace him and what policies are emphasized in the coming term. It is virtually certain to be Senator McCain. Although it always difficult to determine where a politician really stands on an issue. Senator John McCain's (R-Arizona) said: I believe the concerns of content providers are justified. They invest creativity, effort, and capital into producing high quality films and programming and should be able, adequately, to protect their investments. I am apprehensive, however, of proposals that select technological winners and losers and mandate government intervention in the marketplace. steve
RE: Transparent drive encryption now in FreeBSD
Tyler wrote: Sorry, I'm new, but does this refer to the notion of splitting up a document holographically, and placing the various pieces of numerous servers throughout the 'Net? (Any one piece will probably not contain a complete copy of the information, and is encrypted too, sot that it is not possible to say that Server X holds forbidden piece of info Y.) Andas I remember, removal of any one (or multiple) pieces on varying servers will do nothing towards elimating that content from the Universe. FreeBSD's new GBDE subsystem has a different objective: it simply provides for local drive-level encryption. I called it a mass storage encryption system since the encryption is not necessarily limited to hard drives, but could be used for other file systems, such as those on a USB token or MemoryStick. The URLs in my original post explain some of the details of what GBDE offers. [...] FreeBSD's 5.0 release, due out in a couple of weeks, will offer much anticipated transparent mass storage encryption. Subscribers to this list so inclined are encouraged to review and test this new feature. URLs: http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/gbde/ http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/geom/bde/ Thanks, --Lucky Green _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
