NYTimes article on privacy, identity theft
http://nytimes.com/2005/05/18/technology/18data.html?hpex=1116475200en=7f0572052438ec3bei=5094partner=homepage Good NYTimes article on privacy, identity theft, and easy correlation of data in public records. Usual Suspect Professor Avi Rubin at Johns Hopkins has his grad students demonstrating things you can find out. Betty Ostergren's Virginia Watchdog website http://www.opcva.com/watchdog/ reinforces complaints about public records privacy by outing the records of public officials to make her points to them. [NYTimes articles usually require free registration; I'm not sure if there's currently a cypherpunks userID there, but I think some of the strings following the ? in the URL indicate that you don't need registration if you use this URL..] Bill Stewart
Re: NYTimes article on privacy, identity theft
On 5/18/05, Bill Stewart [EMAIL PROTECTED] wrote: http://nytimes.com/2005/05/18/technology/18data.html?hpex=1116475200en=7f0572052438ec3bei=5094partner=homepage Good NYTimes article on privacy, identity theft, and easy correlation of data in public records. Usual Suspect Professor Avi Rubin at Johns Hopkins has his grad students demonstrating things you can find out. Betty Ostergren's Virginia Watchdog website http://www.opcva.com/watchdog/ reinforces complaints about public records privacy by outing the records of public officials to make her points to them. [NYTimes articles usually require free registration; I'm not sure if there's currently a cypherpunks userID there, but I think some of the strings following the ? in the URL indicate that you don't need registration if you use this URL..] there is also 'bugmenot.com', last time i tried it took about the 16th ID, but it worked. -- Michael Bill Stewart
Re: Len Adleman (of R,S, and A): Universities need a little Limbaugh
Now before you label me as a right-wing ideologue, let me present my credentials as a centrist. Limbaugh has well-known positions on the following issues: abortion, capital punishment, affirmative action, prayer in school, gun control, the Iraq war. I disagree with him on half of these. Any speculations on which half? My guess is that he agrees on affirmative action and gun control (opposing both) and probably the Iraq war (a conservative is a liberal who's been mugged, and many people took 9/11 personally). He certainly disagrees on prayer in school, probably on capital punishment (opposing both, while Limbaugh supports them), and probably supports abortion rights, which Limbaugh opposes. CP
Re: /. [Dissidents Seeking Anonymous Web Solutions?]
Link: http://slashdot.org/article.pl?sid=05/05/13/0250226 [1]DocMurphy asks: I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafis are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access publishing a reality under repressive regime run Internet access? There were some good ideas presented, the best of which were probably to first compose an email at home, then PGP encrypt it, then stego-ize it, then put it on a USB token and bring it to the internet cafe, and send it there. For receiving, download a bunch of junk from a mailing list used for this purpose onto the token, go home and de-stego and de-PGP it. This doesn't work though for web browsing. For that you need a real time channel. You can go to various proxies, and some people run them specifically to help the Chinese, the slashdot replies talked about this. But first, the Chinese block them when they find out, and second, it makes you look suspicious if you're visiting one. Be nice if there were a high bandwidth stego channel that was widely available. For example, imagine an open source P2P multi player game which intentionally included a reasonably high bandwidth channel of random data. It would be a service to the public to play this game and thereby provide people who need it the ability to communicate undetectably. Dissidents could use a hacked version which would replace some of the random noise bits with their messages. Only the recipients could distinguish the results from noise. CP
Re: Secure MPC( ab )
hi, --- Adam Back [EMAIL PROTECTED] wrote: There is a simple protocol for this described in Schneier's Applied Crypto if you have one handy... Yes, I found it. Thankyou. --- cypherpunk [EMAIL PROTECTED] wrote: That is known as a multi party computation or MPC True, Its a secure MPC protocol. I confused it with Zero knowledge protocols. --- Justin [EMAIL PROTECTED] wrote: I don't recall that particular protocol in AC, but it's a mistake to call such a thing zero-knowledge, since it mandatorily leaks ~1.585 bits of information (the first time) about the other person's integer. How is there information leakage? Mr.Bruce Schneier in his book titled Appiled Cryptography mentions the following MPC protocol to compare the income of two parties, Alice and Bob without revealing their income. The protocol works as follows: Let 'i' be Alice's income. Let 'j' be Bob's income. Let Eb be Bob's public key. Let Db be Bob's privare key. Let n be Bob's public modulus. To start with we assume that the range of i and j is from 1 to 100. 1) Alice chooses a random number x and using Bob's public key computes c=x^Eb (mod n) 2) Alice computes k = c-i and sends the result to Bob. 3) Bob computes the following 100 numbers y1 = (k+1)^Db (mod n) y2 = (k+2)^Db (mod n) [.] y100 = (k+100)^Db (mod n) Bob now chooses a large prime p, such that px. Bob doesnot know the value of x but Alice can tell Bob about the _size_ of x. 4) Bob then computes z1 = y1 (mod p) z2 = y2 (mod p) [.] z100 = y100 (mod p) He verifies that |zi-zj|=2 for all i,j in the range 1 to 100. If this is not true Bob chooses another prime and starts again. 5) Bob sends Alice the sequence in the exact order let _ denote subscript, e.g. a_b is a subscript b. Z1, Z2, ...,Zj, Z_(j+1) +1, ..., Z_(j+100) +1, p 6) Alice checks if the (i th) number in the sequence is congruent to x mod p. If yes, she concludes i=j, otherwise ij. When we have the case ij, Bob computes Z_(j+1) +1, .., Z_(j+100) +1, this makes the (i th) sequence Alice looks at incongruent (mod p) and makes the protocol work. We have |zi-zj|=2 so that the sequences donot collide with one another. The protocol as such donot detect cheaters in the scheme. thanks, Sarad. Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html