Re: Do 'Ocean's Twelve'-Style Heists Really Happen?
On 2004-12-15T10:14:14-0500, R.A. Hettinga wrote: This popped up in my bearer filter this morning... Cheers, RAH --- http://www.mtv.com/movies/news/articles/1494863/12142004/story.jhtml MTV.com - Movies - News 12.14.2004 9:03 PM EST Reel To Real: Do 'Ocean's Twelve'-Style Heists Really Happen? Sometimes, but the real-life criminals can't possibly be as hot as George Clooney and Brad Pitt. http://home.earthlink.net/~kinnopio/news/news040922.htm (it's gone, but google still has it cached) The Bank Job will have Statham playing a real-life bank robber. The plot is based on the true story of Britain's biggest bank robbery ever: In 1971 the Baker Street bank in London was robbed, no arrests were ever made, and none of the money was ever found. It's a story that hasn't been told in 30 years because of a government-issued gag order. The incident is also discussed briefly here: http://www.lukeford.net/profiles/profiles/ross_bell.htm There is some doubt whether the heist was real... if it did happen, it's been covered up for so long that finding any real proof would be difficult. It could be a scam just to make money off of a movie.
Re: Gait advances in emerging biometrics
At 12:31 PM 12/14/04 -0500, Sunder wrote: Original URL: http://www.theregister.co.uk/2004/12/14/alt_biometrics/ Gait advances in emerging biometrics By John Leyden (john.leyden at theregister.co.uk) Published Tuesday 14th December 2004 15:07 GMT Great Juno comes; I know her by her gait. William Shakespeare, The Tempest Retinal scans, finger printing or facial recognition get most of the publicity but researchers across the world are quietly labouring away at alternative types of biometrics. Recognition by the way someone walk (their gait), the shape of their ears, the rhythm they make when they tap and the involuntary response of ears to sounds all have the potential to raise the stock of biometric techniques. According to Professor Mark Nixon, of the Image Speech and Recognition Research Group at the University of Southampton, each has unique advantages which makes them worth exploring. Look up Johansson, et al. Point light displays. Yes you can tell sex, age, etc., from the ratios of rotational axes, etc, but a stone in the shoe is a bitch. All faith is in drivers' licenses, a total joke, I got gummies on your 'prints, all your time-derivatives are mine. But grant$ are good, and flavor$ of DARPA be bitchin.
pgp global directory bugged instructions
So PGP are now running a pgp key server which attempts to consilidate the inforamtion from the existing key servers, but screen it by ability to receive email at the address. So they send you an email with a link in it and you go there and it displays your key userid, keyid, fingerprint and email address. Then it says: | Please verify that the email address on this key, [EMAIL PROTECTED], | is your email address, and is properly configured to send and | receive PGP secured email. | | If the information is correct, click 'Accept'. By clicking 'Accept', | your key will be published to the directory, where other PGP users | will be able to retrieve it in order to encrypt messages to you and | verify signed messages from you. | | If this information is incorrect, click 'Cancel'. By clicking | 'Cancel', this key will not be published. You may then submit | another key with the correct information. So here's the problem: it does not mention anything about checking that this is your fingerprint. If it's not your fingerprint but it is your email address you could end up DoSing yourself, or at least perpetuating a imposter key into the new supposedly email validated keyserver db. (For example on some key servers there are keys with my name and email that are nothing to do with me -- they are pure forgeries). Suggest they add something to say in red letters check the fingerprint AND keyid matches your key. Adam
Re: Off-the-Record Messaging (IM plugin)
Nikita Borisov and Ian Goldberg have released Off-the-Record Messaging (http://www.xelerance.com/mirror/otr/), It looks like Ian Goldberg's site might be a more authoritative source, http://www.cypherpunks.ca/otr/ . One interesting feature is authentication + deniability. You know who you are talking to, but afterwards anyone who captured a transcript can't prove who said it. Usually we do authentication with digital signatures, but the problem is that binds you to what you say and it can be used against you afterwards. OTR does it by signing the key exchange which creates a MAC key for each direction. (A MAC is a keyed hash which is then applied to each message.) Each message gets MAC'd and this way you know that the messages are authentic and untampered. This already protects you against your conversant; both of you know the MAC keys in each direction (one knows them in order to MAC new messages; the other knows them in order to verify the MAC), so each guy can forge messages created by the other guy and create a bogus transcript. That means that neither person can publish a transcript and credibly claim that it authentically represents what was said. Then, there's another trick: when you are through with them you publish your MAC keys, in the clear. This does not compromise secrecy; all of the data is encrypted with a different key. But it means that now, anyone could in retrospect forge a transcript showing you saying anything at all. And that of course means that no such transcript has any credibility in terms of providing cryptographic evidence of what you said. Hal
Off-the-Record Messaging (IM plugin)
Nikita Borisov and Ian Goldberg have released Off-the-Record Messaging (http://www.xelerance.com/mirror/otr/), an IM plugin for private communication providing not only the usual encryption and authentication, but also deniability and perfect forward secrecy. Deniability avoids digital signatures on messages (while preserving authenticity and integrity), so there is no hard-to-deny proof you wrote anything in particular; in fact, there is a toolkit to help people forge messages, making it extra-hard to pin things on you. Perfect forward secrecy means that your past messages and conversations remain protected even if your keys are compromised. You can read the OTR protocol description, download the source code for the gaim-otr plugin, or grab a gaim-otr binary package for Debian or Fedora Core.
Re: Gait advances in emerging biometrics
On Wed, Dec 15, 2004 at 07:58:27PM -0800, Major Variola (ret) wrote: Look up Johansson, et al. Point light displays. Yes you can tell sex, age, etc., from the ratios of rotational axes, etc, but a stone in the shoe is a bitch. Isolated biometrics are nigh to useless. But integrated, they become increasingly more and more difficult to fool. Some of it is cheap, too. There are phase-evaluating 2d integrated sensors which have a depth of up to 7 m, which are very cheap in principle. Mounted in a gate, this will give you face/ear/head geometry. Calculating a fingerprint from a topology map is something any embedded can do. With IR/NIR you'll get a skin pigmentation map. Teraherz will give you body geometry. Olfactorics will give you volatile MHC fragments, and thus a hash of your immune diversity (and your current perfume). Add gait recognition, and you've got a real rich telebiometrics signature. Anyone who owns that infrastructure is even more dangerous than who 0wns the voting machines. The perfect enabler to establish a totalitarian control system. All faith is in drivers' licenses, a total joke, I got gummies on your 'prints, all your time-derivatives are mine. But grant$ are good, and flavor$ of DARPA be bitchin. Absolutely. It's like owning a mint for grant money. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpS2DE63LApa.pgp Description: PGP signature