Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
Under the new law, running shoes will be classified as burgler's tools if their use is not authorized or exceeds reasonable levels for leisure activity. On Sun, Feb 09, 2003 at 03:28:04AM +, Peter Fairbrother wrote: The Act proposes that a federal felony should be created of willfully using running in the commission of a felony. No more than five years in prison plus a hefty fine. Criminals use running in their attempts to get away with their crimes. It's harder for overworked (and especially overweight) Policemen to catch them if they run. Criminals also use running as part of their criminal technique, so the Act introduces the misdemeanour of running without lawful reason. A list of lawful reasons for running is in Appendix C. Law enforcement agents will abviously need powers to stop and detain people who are running, in order to determine whether they have a lawful reason for doing so. These powers are introduced in the Act. There are accepted innocent uses for jogging, and running on licenced athletics tracks, and this legislation will in no way impinge on citizens who run in competitions or jog for fitness. Oh, and another felony of using masks or beards in the commission of a felony. They makes it harder to prosecute criminals. Hats too, in fact the Police need powers to stop people and search them for hats. Oops, I forgot, that's already tabled elsewhere. -- Peter Fairbrother
Re: Forced Oaths to Pieces of Cloth
And also freedom of religion. Forcing someone to say Under God for example. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Fri, 7 Feb 2003, Major Variola (ret) wrote: At 12:22 AM 2/8/03 +0100, Thomas Shaddack wrote: But recite they must. Under a state law that takes effect today, almost every student in Pennsylvania - from preschool through high school, in schools public and private - must face the Stars and Stripes each school day and say the pledge or sing the national anthem. Are there any penalties for refusing to take part in this circus? If yes, isn't the contract - pledge - forced, and hence legally invalid? The 1st prohibits both State banning and the *compulsion* of speech, as this clearly is an example of.
Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
The Act proposes that a federal felony should be created of willfully using running in the commission of a felony. No more than five years in prison plus a hefty fine. Criminals use running in their attempts to get away with their crimes. It's harder for overworked (and especially overweight) Policemen to catch them if they run. Criminals also use running as part of their criminal technique, so the Act introduces the misdemeanour of running without lawful reason. A list of lawful reasons for running is in Appendix C. Law enforcement agents will abviously need powers to stop and detain people who are running, in order to determine whether they have a lawful reason for doing so. These powers are introduced in the Act. There are accepted innocent uses for jogging, and running on licenced athletics tracks, and this legislation will in no way impinge on citizens who run in competitions or jog for fitness. Oh, and another felony of using masks or beards in the commission of a felony. They makes it harder to prosecute criminals. Hats too, in fact the Police need powers to stop people and search them for hats. Oops, I forgot, that's already tabled elsewhere. -- Peter Fairbrother
RE: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
Declan wrote: Note the draft legislation creates a new federal felony of willfully using encryption in the commission of a felony. No more than five years in prison plus a hefty fine. This seems at first glance to be remarkably similar to what was in the SAFE bill years ago. Here's a Politech message from 1998, before the politechbot.com archives: http://www.inet-one.com/cypherpunks/dir.98.05.11-98.05.17/msg0 0046.html Question: When encryption is omnipresent in everything from wireless networks to hard drives to SSH clients, might the basic effect of such a law be to boost potential maximum prison terms by five years? According to my reading of the text, the enhanced penalties only come into effect if the person happens to know that encryption is being used in the communication medium. In other words, the enhanced penalties only apply if the person is a past or present reader of the Cypherpunks or similar mailing lists. --Lucky Green
Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
[Apologies if this item was passed through the list. It was news to me.] Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG K. Jallad, J. Katz, and B. Schneier Information Security Conference 2002 Proceedings, Springer-Verlag, 2002, to appear. ABSTRACT: We recently noted that PGP and other e-mail encryption protocols are, in theory, highly vulnerable to chosen-ciphertext attacks in which the recipient of the e-mail acts as an unwitting decryption oracle. We argued further that such attacks are quite feasible and therefore represent a serious concern. Here, we investigate these claims in more detail by attempting to implement the suggested attacks. On one hand, we are able to successfully implement the described attacks against PGP and GnuPG (two widely-used software packages) in a number of different settings. On the other hand, we show that the attacks largely fail when data is compressed before encryption. Interestingly,the attacks are unsuccessful for largely fortuitous reasons; resistance to these attacks does not seem due to any conscious effort made to prevent them. Based on our work, we discuss those instances in which chosen-ciphertext attacks do indeed represent an important threat and hence must be taken into account in order to maintain confidentiality. We also recommend changes in the OpenPGP standard to reduce the effectiveness of our attacks in these settings. http://www.counterpane.com/pgp-attack.html Reality must take precedence over public relations, for nature cannot be fooled. -- Richard P. Feynman
Re: FC: DOJ quietly drafts USA Patriot II, includes anti-crypto section
Time to start a new ad campaign: You don't run around naked in public do you? Neither should your packets! Encrypt your traffic - it's just common sense! Your internet packets are naked! Clothe them with IPSEC Don't help the terrorists to your financial info - encrypt! You wouldn't want Osama reading your email, would you? Encrypt Then when everything's encrypted, such laws can be challenged. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Fri, 7 Feb 2003, Declan McCullagh wrote: Thanks to Joe for being the first one to submit this... Here's a duplicate URL if the original is too slow: http://www.privacy.org/patriot2draft.pdf Note the draft legislation creates a new federal felony of willfully using encryption in the commission of a felony. No more than five years in prison plus a hefty fine. This seems at first glance to be remarkably similar to what was in the SAFE bill years ago. Here's a Politech message from 1998, before the politechbot.com archives: http://www.inet-one.com/cypherpunks/dir.98.05.11-98.05.17/msg00046.html
Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
Declan McCullagh wrote: Note the draft legislation creates a new federal felony of willfully using encryption in the commission of a felony. No more than five years in prison plus a hefty fine. Any person who, during the commission of a felony under federal law. knowingly and willfully encrypts any incriminating communication or information relating to that felony - [gets 5 years 1st time, 10 the second, +fines]. Felons, be sure and use good crypto, with ephemeral keys!! And whatever you do, don't give keys in the cells! Really, makes you wonder what they're on. Prisoner's Dilemma steroids, I suppose. -- Peter Fairbrother ps would it include using a GSM mobile in a bank robbery?
DOJ worried about domestic-int'l terror links
http://www.dailyrotten.com/source-docs/patriot2draft.html The limitation to international terrorism in existing law is an impediment to the effective use of national security letters because it may not be apparent in the early stages of a terrorism investigation-or even after it has continued for some time-whether domestic or international terrorism is involved. The Oklahoma City bombing and the anthrax letter incidents illustrate this point. Moreover, in the current circumstances, domestic terrorists who attempt to ally with or are inspired to emulate international terrorists are an increasing concern. The dangers posed to the national security by such persons may be comparable to those posed by international terrorists, and national security letters should likewise be an available tool in the investigation of their criminal activities.
Re: My favorite line from the DOJ's latest draft bill
On Sun, 9 Feb 2003, Declan McCullagh wrote: http://www.dailyrotten.com/source-docs/patriot2draft.html terrorism is at least as dangerous to the United States' national security as drug offenses That's a good find! People sitting around laughing their butts off is really a dangerous phenomena! Just like the killing of 3000 people! I want the drugs those guys have, there's no view of reality warped quite that bad I've ever seen on of my trips! Patience, persistence, truth, Dr. mike
Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
On Sat, Feb 08, 2003 at 10:36:35PM -0500, Greg Newby wrote: Under the new law, running shoes will be classified as burgler's tools if their use is not authorized or exceeds reasonable levels for leisure activity. I always thought that breathing during the commission of a crime should result in an extra five to ten years in prison. At least. -Declan
Re: [IP] Open Source TCPA driver and white papers (fwd)
On Sun, 9 Feb 2003, Anonymous via the Cypherpunks Tonga Remailer wrote: However note: you can't defend TCPA as being good vs Palladium bad (as you did by in an earlier post) by saying that TCPA only provides key storage. TPM != TCPA. TCPA with *user* control is good. As Michel noted TCPA and Palladium both provide remote attestation and sealing, and it is this pair of functions which provides the DRM functionality. Therefore for DRM purposes TCPA and Palladium are both socially bad technologies. It's bad only if the *user* does not have control over their own machines. If each enterprise can control their own machines, completely independently of all other external organizations, then TCPA could be really useful. If only Bill Gates controls all machines, it's bad for the rest of us (but pretty damn good for Bill!!) Patience, persistence, truth, Dr. mike
Re: Putting the NSA Data Overwrite Standard Legend to Death... (fwd)
Jim Choate wrote: Yes, it can mount the partition. That isn't the problem. The problem is that for lilo to do this it has to have access to the key in plaintext. That makes the entire exercise moot. not if you have to type it every time. if you take that as criteria, then *all* encryption is moot, as I can't think of any you don't have to supply a key or passphrase for. you could also have lilo look at a dongle (a usb drive, say) for its key.
Re: Putting the NSA Data Overwrite Standard Legend to Death...(fwd)
On Sat, 8 Feb 2003, Sunder wrote: In real life this will not work as most Windoze hard disk encryption schemes can't encrypt the OS disk - and this is where the temp/cache stuff goes. These can have more than enough info to reveal what's on your crypto disk (ie. shortcuts to url's you've recently visited, recently opened documents, etc...) At least with a unixish OS you can mount your crypto file systems up at boot time before the OS really starts up (before the system goes to multi-user mode for example (at the end of /etc/rc1.d and before the rc2.d init starts.) Which is a blind path since those files -must- be unencrypted and if they do mount the disk they have to have access to the key to unencrypt the fs hence you're in the same boat as with Winblows. -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
Re: Putting the NSA Data Overwrite Standard Legend to Death... (fwd)
Jim Choate wrote: On Sat, 8 Feb 2003, Sunder wrote: In real life this will not work as most Windoze hard disk encryption schemes can't encrypt the OS disk - and this is where the temp/cache stuff goes. Not always - certainly, windows cache goes to a partition that must be available at windows startup - but webbrowser cache can happily live on an encrypted disk (I have done this many times) Further, there is always the Drivecrypt pluspack which mounts an encrypted volume before windoze starts, and hands over to windoze as it comes up (I believe the same mechanism is used as for doublespaced drives, but I can't be sure; drivecrypt is closed source, hence I refuse to use it) At least with a unixish OS you can mount your crypto file systems up at boot time before the OS really starts up (before the system goes to multi-user mode for example (at the end of /etc/rc1.d and before the rc2.d init starts.) Which is a blind path since those files -must- be unencrypted and if they do mount the disk they have to have access to the key to unencrypt the fs hence you're in the same boat as with Winblows. At least in theory a lilo boot could mount an encrypted partition while still in the initrd stage; as crypto support is moved into the kernel, I expect to see this become an available option.
Re: The Register - Computer ballot outfit perverts Senate race, theorist says (fwd)
On Sun, 9 Feb 2003, [iso-8859-1] André Esteves wrote: A problem in democracy, is that when you tamper with things, and got with it, it will probably be ve dificult to prove you did it. Think: It's evolution!!! There is a wit war between any forces in a democracy to get away with it. Anyone outsmarting everybody, will just get better So don't complain with conspiracy theory... it's the natural conclusion to any democracy. The weapon of the powerless literat... It's not limited to democracy, all human activities have this problem. The reality is that most folks simply want to get to a place where they don't have to play by the same rules as everyone else. -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
Re: The Register - Computer ballot outfit perverts Senate race, theorist says (fwd)
On Sunday, 9 de February de 2003 20:58, you wrote: http://www.theregister.co.uk/content/55/29247.html This kinda makes me remenber a sarcasm by a ucranian friend of mine: Ucrania has the most advanced democracy on earth. There is no need for special interests and lobbying in the ucranian parlamentary system. It's so advanced that the deputies are the special interests and lobby for themselves (and their mafias)... It seems that the USA has, finaly, achieved such a state of grace. (don't worry.. Portugal is no better.. As a recent democracy, a non-presidential, parlamentary system also has been able to party-wize every part of the society and economy...) Now for the real matter at hand... Indeed, Hagel did exceptionally well in his Senate race -- far better than anyone had anticipated, especially his opponent. A problem in democracy, is that when you tamper with things, and got with it, it will probably be ve dificult to prove you did it. Think: It's evolution!!! There is a wit war between any forces in a democracy to get away with it. Anyone outsmarting everybody, will just get better So don't complain with conspiracy theory... it's the natural conclusion to any democracy. The weapon of the powerless literat... Cheers, Aife
Re: Forced Oaths to Pieces of Cloth
On Sunday, February 9, 2003, at 10:57 AM, Bill Frantz wrote: At 6:55 AM -0800 2/9/03, Sunder wrote: And also freedom of religion. Forcing someone to say Under God for example. Back in the dark ages (the 1950s, and don't anyone get nostalgic for them), when the phrase under god was added to the pledge, I was a student in school. From what they had taught me, I knew then that this addition violated the establishment of religion clause. The solution I devised was to simply remain silent when this phrase was said. During the possibly more radical 60s, some of us uttered under Satan during this sequence. One of my friends got a trip to the Principal's office for this, where he explained that he believed in Satan and that God was just a pretender, and if the Principal could demonstrate that the U.S. officially recognizes one deity over another he would reconsider. Unfortunately having started to question the relation between the pledge and the ideals of the country, I started to wonder why I was pledging to the flag, instead of the country. So over the years, I have a somewhat edited version (removed parts in brackets): I don't pledge to either a flag or a country. I just live here. And this is where the stuff I own is located. All I ask of government is that they stay out of my way. --Tim May
Re: Forced Oaths to Pieces of Cloth
At 6:55 AM -0800 2/9/03, Sunder wrote: And also freedom of religion. Forcing someone to say Under God for example. Back in the dark ages (the 1950s, and don't anyone get nostalgic for them), when the phrase under god was added to the pledge, I was a student in school. From what they had taught me, I knew then that this addition violated the establishment of religion clause. The solution I devised was to simply remain silent when this phrase was said. Unfortunately having started to question the relation between the pledge and the ideals of the country, I started to wonder why I was pledging to the flag, instead of the country. So over the years, I have a somewhat edited version (removed parts in brackets): I pledge allegiance to [the flag of] the United States of America [and to the republic for which it stands], one nation [under god], indivisible, with liberty and justice for all. Except for the fact that one should not trust pledges that are made under coercion, I am reasonably comfortable with this edited version. It expresses the ideal nation that I wish the United States would become. Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the Ameican | 16345 Englewood Ave. [EMAIL PROTECTED] | way. | Los Gatos, CA 95032, USA
Re: Forced Oaths to Pieces of Cloth
At 11:34 AM 2/9/2003 -0800, Tim May wrote: On Sunday, February 9, 2003, at 10:57 AM, Bill Frantz wrote: Unfortunately having started to question the relation between the pledge and the ideals of the country, I started to wonder why I was pledging to the flag, instead of the country. So over the years, I have a somewhat edited version (removed parts in brackets): I don't pledge to either a flag or a country. I just live here. And this is where the stuff I own is located. All I ask of government is that they stay out of my way. I think parents should teach their children that they should condition the recital of the pledge to when those elected to office are routinely held accountable to breaches of the oath of office. steve
Re: Putting the NSA Data Overwrite Standard Legend to Death...(fwd)
On Sun, 9 Feb 2003, Dave Howe wrote: Jim Choate wrote: Yes, it can mount the partition. That isn't the problem. The problem is that for lilo to do this it has to have access to the key in plaintext. That makes the entire exercise moot. not if you have to type it every time. Then I'd say lilo isn't mounting it, you are. But you get the gist, either the key is there in plaintext or somebody who knows it is. That is a -very- limited application area for computers and encryption. if you take that as criteria, then *all* encryption is moot, as I can't think of any you don't have to supply a key or passphrase for. Not at all, it simply means that encryption is not the solution for -stand alone- applications (at least not at the state of encryption and hardware today). In my mind the utility of encryption on a machine is questionable unless that machine can reboot and recover -without intervention and without needing a plaintext key-. Only when that state can be achieved will encryption offer the sort of security many of us are looking for. One of the extensions that I'm looking at in Plan 9 is a mechanism to use the distributed process and name space as a mechanism to do something about this. It may be possible to get a server to boot an encrypted partition without ever passing the actual key (Plan 9 uses a token ala kerberos - but it's not kerberos). you could also have lilo look at a dongle (a usb drive, say) for its key. Same problem, the key has to be on the dongle in the clear. Several years ago the Austin Cypherpunks ran a mixmaster remailer for several months and we used a floppy to do this sort of stuff. If you have the floppy you have the system. -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
Re: Putting the NSA Data Overwrite Standard Legend to Death... (fwd)
Jim Choate wrote: On Sun, 9 Feb 2003, Dave Howe wrote: Jim Choate wrote: Yes, it can mount the partition. That isn't the problem. The problem is that for lilo to do this it has to have access to the key in plaintext. That makes the entire exercise moot. not if you have to type it every time. Then I'd say lilo isn't mounting it, you are. no, lilo is. if you you can mount a pgpdisk (say) without software, then you are obviously much more talented than I am :) for virtual drives, the real question is at what point in the boot process you can mount a drive - if it is not until the os is fully functional, then you are unable to protect the os itself. if the bootstrap process can mount the drive before the os is functional, then you *can* protect the os. Win9x uses dos as its bootstrap (and drivespace gives a good example of a virtual drive system that can hand over to a 32bit driver as the os starts). lilo *could* kick a virtual drive into existence during the kernel boot, given such a driver and some patches to both kernel and lilo itself. that it would need a password from somewhere during this process is both obvious and not a major issue.
Subject: c'punks.
Hey, asshole, why don't you quit using the cypherpunks list as your own private soapbox? Hey asshole why don't you just try and make me? Just about everybody twitfiltered you long ago, but you're burning up a shitload of bandwidth with your spew. More than photo's of ground zero? If you don't know what your talking about you might try and keep your big trap shut btw. AT BEST you should only be posting the URLs of whatever sites you are copy/pasting from, I should listen to you because...? FUCK YOU JACKASS! but even that is doubtful as to the usefulness, since much of what you post has little or nothing to do with things of interest to the list. Yeah I noticed no one's commented on all the quantum crypto stuff I was first with,so the site has a lot of dickhead 'libertarians',so? All the more reason to treat them with contempt.Are you their best spokesdickhead? LOL. Even the subject lines of your messages suck. Suck my dick faggot. They don't even induce the reader to suspect that you might have posted something of relevence. Not that that's likely. Say hello to Choate down there in the bit-bucket. Regards Whatever, Sluggo [EMAIL PROTECTED]you fucking whinger.Have a good cry baby,you'll feel better.
Secure Government? Yeah!!!
I've been wondering... One might be able to successfully sue a private company (or possibly the government) for NOT encrypting one's private data (ie credit records and so on)...does anyone know if this has been tried before? -TD _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Re: Forced Oaths to Pieces of Cloth
Bill Frantz wrote... Except for the fact that one should not trust pledges that are made under coercion, I am reasonably comfortable with this edited version. It expresses the ideal nation that I wish the United States would become. Well, this is probably a lot better than nothing, particularly for a young person. But for someone older I would suggest that this is, to some extent, a dodge. Why? Because who is it you are pledging TO? The notion of the Pledge of Alleigiance as we know it is a public proclamation of one's affinities. And in this case, if no one in authority can make out that certain portions of the Pledge are not being stated, then I would argue that not stating them is almost as good as useless. It's kind of like a kid crossing his fingers behind his back while telling a promise, to negate the lie of the promise. -TD From: Bill Frantz [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Forced Oaths to Pieces of Cloth Date: Sun, 9 Feb 2003 10:57:14 -0800 At 6:55 AM -0800 2/9/03, Sunder wrote: And also freedom of religion. Forcing someone to say Under God for example. Back in the dark ages (the 1950s, and don't anyone get nostalgic for them), when the phrase under god was added to the pledge, I was a student in school. From what they had taught me, I knew then that this addition violated the establishment of religion clause. The solution I devised was to simply remain silent when this phrase was said. Unfortunately having started to question the relation between the pledge and the ideals of the country, I started to wonder why I was pledging to the flag, instead of the country. So over the years, I have a somewhat edited version (removed parts in brackets): I pledge allegiance to [the flag of] the United States of America [and to the republic for which it stands], one nation [under god], indivisible, with liberty and justice for all. Except for the fact that one should not trust pledges that are made under coercion, I am reasonably comfortable with this edited version. It expresses the ideal nation that I wish the United States would become. Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the Ameican | 16345 Englewood Ave. [EMAIL PROTECTED] | way. | Los Gatos, CA 95032, USA _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
I always thought that breathing during the commission of a crime should result in an extra five to ten years in prison. Or, failure to inform authorities of your specific plans to commit a crime should result in an additional 5 to 10. -TD From: Declan McCullagh [EMAIL PROTECTED] To: Greg Newby [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty Date: Sun, 9 Feb 2003 14:13:24 -0500 On Sat, Feb 08, 2003 at 10:36:35PM -0500, Greg Newby wrote: Under the new law, running shoes will be classified as burgler's tools if their use is not authorized or exceeds reasonable levels for leisure activity. I always thought that breathing during the commission of a crime should result in an extra five to ten years in prison. At least. -Declan _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail