RE: Fwd: Re: Simple RF Weapon Can Fry PC Circuits

[John Young]

Sandy prognost'd:

What I'm waiting for is the portable, concealable boom box killer.  It's
time to take back the streets.

Amen, sugah, and killing the car alarm, car tracker, cellphone, digital lock, 
keyboard sniffer, PAL, and, and, go on, do a SCS reachback communications 
snuffer, to, ah, take back here-watched-unnameables.

amford-bay tells about Princeton being the home of NSA's principal
cryptological research until 60's student protestors got too close to the
truth of it, then it was hidden in another off-campus building among
the numerous edu-corp IP covert developers. Is that still going on there
or is Felten among open-hearts?

SSN Publishing Banned by WA Judge

[John Young]

A Washington State judge has issued an injunction against
publication of SSNs in City of Kirkland Cops v. JusticeFiles.org:

   http://cryptome.org/cops-v-1A.htm

The judge ruled that publication of the names and addresses of 
the cops and their families is protected by the First Amendment.

Tim May can now go after the IRS Intelligence Office,
Seattle, Jeff Gordon AIC, for publishing his SSN. Though
I'll be a co-defendant I reckon, being the shit who transcribed
the revealing document and put it on the evil privacy-forget-it Net.

No, now that I got my facts zapped straight, that was done by
Greg Broiles. Or was it Declan McCullagh? Yes, it was Declan,
panopticonartist. No, it was Hettinga, or Vulis, or Detweiler, or 
Denning. Choate, it was fucking fried-egg-brain Choate. I'll swear.

My head hurts, gimme a pill, CJ.

Re: The Culture of Secrecy, Disinformation, and , Propaganda...

[John Young]

Steve Thompson blundered:

With all due respect, only geezers reminisce about the good old days.

You're age is showing.

Steve, if you live within a nuke's radius of NYC, move.
Tim's got at least a dozen Samsons lockered in this area
already. This bunker can resist only a baker's.

Last time I did a genital mental inspection of subscribers 
here most were Gzrs, and heavily armed, iron and attitude, 
none Viagara'd. Forget about intervention. Think safety off.

Think so many to off, so little time. WMD are the problem 
and the solution. Freedom out of the barrel of a homeland
rig, etc.

AP is a kiddie version of what tickling the tiger's tail of a
Gzr MAD scientist can command. Most of these venerable
assassinators work for governments, but some of them 
moonlight.

Tinker for fun. Get pissed at co-workers, bosses. Gzrs
hooked on revenge. Call it dreaming of immortality.

Hypno Crypto

[John Young]

A 1952 document from the CIA's MKULTRA program reports
on an interview with a professional hypnotist about
ideas that might be useful to the Agency. An excerpt:

An individual who has been hypnotized makes a very
excellent courier. They can be given messages while
under hypnosis which they themselves do not know and
only an individual knowing the code can get this
message from this courier. Even assuming that the
post-hypnotic control could be broken or the
individual hypnotized, it could still be protected
perhaps as follows:

  A person could regressed to a certain time and date
  and then given the message and unless the person who
  subsequently gained control of the subject regressed
  the subject to the correct date and time set out, he
  could not get the message. Even more secure would be
  to move the individual forward. If he were moved from
  thirty years of age to thirty-five years of age at a
  given date and time and then given the message,
  unless the individual could guess the age, the time,
  and the date in the future, he could not obtain the
  message.

A later document states that CIA pursued this idea.

Qeustions:

Has this technique been used in connection with protecting
pass phrases for digital crypto, or for that matter has
hypnosis been used to crack a person's pass phrase with
amnesia that it had been done?

---

Several Congressional investigations and hearings in the 
mid-1970s revealed the MKULTRA behavorial/mind control 
and assassination research program.

We've been sent some 1200 digitized MKULTRA documents
by IntellNet.org and are slowly wading through them for 
interesting items to transcribe and publish from the

It appears that the collection is mostly composed of the
FOIA material John Marks got for use in his 1978 book on 
MKULTRA, which is online:

  http://www.druglibrary.org/schaffer/lsd/marks.htm

A number of documents are dated after Marks book
so it is not clear where that material came from -- 
IntellNet claims to have got the stuff from an anonymous 
source.

Re: Entire ISP Forced to Close

[John Young]

Eric gets a star for raising a genuinely hard-core political topic here.
And there has not as much good discussion for it as for other, 
easier, if hoary, disputes. From that lacuna, one might suspect that 
the feds and remnant nuclear family proponents would find 
sympathizers here for the crackdown on the first tier or two of 
stigmatized, yeah, even criminalized, differently humaned. 
Plonk from the Net, all right, send them sub rosa.

Ah, forget it, I'm a mainstream-swimming coward, too, so fuck this little 
boy topic. Oops, was that a baldly put clue to my hidden desires?

Re: Kirkland SSN document, comments and snapshot of what we're

[John Young]

Eric fingered:

But Tim, don't you realize that you, by posting to the list, have just
placed the banned information into every single Cypherpunks archive 
on the entire Internet?

And that's why Tim will get a subpoena to a Grand Jury to explain
why he did this. And for him to deny who he is working with. And 
to refuse to provide all other material in his possession which 
bears on the matter. And so will his roll-over ISP who has diligently 
archived his subversive thoughts not because they have it in for Tim, 
but only because you just never know when it will be useful to 
re-direct attention away from yourself.

Now Declan is a certified troublemaker, often getting subpoenas
to disclose what his confidants have confided and taunting authorities
with stories of that. Tim, on the other foot, is a clean as a whistle, a 
temple-going fellow, more tolerant and civic-minded than most, and 
there's no reason whatsoever to think he would ever be drawn into a
law-defying conspiracy by Yellow Devil Declan just to boost Washington
State's reputation as a hotbed of wild-eyed prosecutors conspiring
to uphold the techno-dissent-suppressing products of Boeing, Microsoft, 
Intel, Amazon, Starbucks, FBI Seattle, and so on.

No other region in America west of DC city limits is so avid to teach
the ways of authoritarian government as Washington State -- named 
you will remember for the First Father back in Neo-Europe to distinguish 
itself from the vulgar frontier of Oregon Territory. WA got a inferiority 
complex, they say in old and new Yerp. So it's like to shoot then 
ask for an order.

EuroParl Report on Echelon

[John Young]

We offer an HTML version of a 92-page draft EuroParl 
report on ECHELON, dated May 4, 2001:

  http://cryptome.org/echelon-ep.htm (246KB)

This is derived from the leaked PDF original:

  http://fas.org/irp/program/process/europarl_draft.pdf  (868KB)

Before a session last night of four ex-Directors of Central Intelligence
-- Woolsey, Deutch, Turner and Wester -- at the Council on Foreign 
Relations (web-cast), I asked James Woolsey about the EuroParl 
report, in which he is quoted. He said he had not seen it but had 
nothing to add. Instead he urged me to look into his new firm 
Invicta.

On NSA going deaf, Woolsey and Deutch said that while NSA 
has some problems they will be overcome with sufficient funding, 
and urged that those resources be promptly provided.

Deutch noted that when the telegraph was invented, French
intelligence bemoaned its loss of easy access to letters, but
promptly adjusted to the new technology -- indeed came to
welcome its much easier access than paper letters. He said
NSA will have no problem doing the same if properly financed.

I had hoped to ask the ex-DCIs about privatization of intelligence
and to note that several of them, like Deutch and Woosley, along
with the likes of Kissinger and William Cohen, are involved in 
such lucrative activities. And is that reduction in governmental 
intelligence indicated by the burgeoning outsourcing of the IC 
products and the rising prowess of commercial and private
spying.

No luck getting the moderator's attention, only friendly questions
were allowed. Nobody asked Deutch about his security lapses.
To be sure, the CFR is not a forum to show hostility to the cozy
intel cartel.

The session is one of many nowadays where the successes of the 
IC are bruited and the need for more funds repeated by those reaping 
its private rewards by selling intel services and products. Zilch new 
was said.

Re: Firewall Spoofing

[John Young]

Several have pointed out that Frank Jones, of Codex,
DIRT's producer, has allegedly had some problems with
the law, fiercely attacks whoever calls attention to these
problems or questions the quality of his services, and 
more sleaze. 

There have been questions about DIRT's fulfilling its 
promises in the past, and that it may be nothing more 
than a version of Back Orifice being peddled to clueless
governments who think restricting the product to gov
means the product is hot shit.

Much of this came out in the past as noted here. What
I found intriguing was the new firewall transgression feature.
Whether this feasible and what could be done to prevent 
firewall spoofing if it is feasible.

And figured that it's time to ask whether anybody had ever 
discovered being subject to an attack by DIRT now that it 
has been around for a while. And if so, what could be done 
to analyze a system to see if it has invaded, and what 
could be done to exterminate the pests.

Codex's KeyKatch is a nasty little gadget, too, which registers
everything done on a box.

Firewall Spoofing

[John Young]

The venerable DIRT remote interception program,
first reported here in 1998, is now offering an anti-
firewall feature that will spoof all known firewalls
and allow an investigator to get inside a violated
computer, to hide behind a simulated firewall icon, 
and then to rummage undetected, to install a keystroke 
and passphrase sniffer, to plant file ID tags in 
documents, issue covert commands, and so on, 
as originally offered by the gov-only program.

Someone in gov got a restricted copy of DIRT's
presentation and passed it along for public
education on what the outlaw cops, judges and
spooks are up to:

  http://cryptome.org/dirty-secrets2.htm

A timely warning about global outlaw cops, judges 
and spooks from the sole superDIRT:

  http://cryptome.org/dirty-secrets.htm

Re: Ed Felten and researchers sue RIAA, DOJ over right to publish

[John Young]

May it please the court to spell Ed's name Feltun, or Feltren, or Fellwock,
or just et al.

Perry Fellwock wrote the anonymous 1972 Ramparts article that first
described Echelon. Ed Felten is Perry's namesake, though Ed believes
there's no connection between worldwide misspelling of Ed's last
name and getting a free-pass of Dictionary.

Perry Metzger is a different branch of the grammar diagram, find under
*PLONK*, always upper case, always bi-starred as if that would not
be data-mined as PAL-armed.

Re: The Credentialling of America

[John Young]

Note that Princeton University is not a plaintiff. Though that might come
later if the institution does not have contracts with any of the defendants.

So it is not yet clear if the case will benefit those affiliated with an
institution, which must ever supplicate to the copyright industry.

Disclaimer: I'm a licensed professional, but not for anything ever
discussed here, so it's not a defense for vile behavior.

First cpunk meeting I went to in a Chinese greaser in Manhattan,
I paraded my credential and was immediately banished forever for
callow by DF, SS, SL, DM, S, RA, two narcs and a PGP-pimp. 
And forbidden to ever have an online sig, though I had a 
beauty in the works which resumed more than in fact exists, as
highly educated mod-up. As with Princeton's preen to lure, 
to manufacture, over-self-esteemeds needing protection from
the janitors.

RE: The Credentialling of America

[John Young]

Many years ago I explained that I, like Sandy, write explicitly
for money, as much as possible, and the people who pay me
expect that I will do whatever text can do to get readers to
obey those who pay for the text. One method for this is to
write clearly in the most authoritarian language of the day,
the most grammatically correct, the most literate, the most
accepted as being the proper way to write in an unmarked,
unidiosyncratic way, the most likely to have been written
by someone who embraced without shame the way the
masters of writing write, the way the writing manuals
recommend, and recommend as nauseum, purest banal.

And to never write the way poets do, oddballs do, gibbering
idiots do, for that will allegedly diminish the value of your
writing the way the payers want you to write, that is to
write as if their and your shit don't smell, your and their
skin is hued the preferred color,  our accent the dominant
unaccent of the day, you and they don't copulate the wrong 
kind of people, you and they have no faults to hide, you and
they have no guts to face up to your inability to break away 
from hiding behind conformity not of your making.

Shit, I understand Sandy all too well. And totally admire
his talent to blow prefabricated sunshine where it's needed.

Even so I won't do what the grammatically correct crowd
never cease trying to impose here. Fuck them as one of
them has said often here when he's tired of explaining why
he won't do what some assholes keep demanding. Or to say 
it my way, correct writing, clear writing, comprehensively 
coherent writing, is just another way to tyrannize, bully, 
hector and obscure jive-ass agendas, though those who do 
it don't always own up to , or not admit the arousal it gives 
them to be part of a me-too maleducated mob.

This is a friendly joke, as ever, in respect for the asshole
language rules-makers here. (Spit)

Homeland Defense and the Prosecution of Jim Bell

[John Young]

http://cartome.org/homeland.htm

So, say goodnight to Joshua ... 

Homeland Defense and the Prosecution of Jim Bell

Deborah Natsios
Cartome

8 June 2001

  A sparsely attended trial which unfolded in Tacomas US district 
  courthouse the first week of April 2001 hardly seemed an event 
  that might open a small but revealing view onto the shifting national 
  security apparatus. But to outside observers following the criminal 
  prosecution of Washington State resident Jim Bell, accused of 
  stalking and intimidating local agents of the IRS, Treasury 
  Department and BATF, the defendant was a symptomatic target, 
  and the governments stated case against him only a fragment of 
  a more complex campaign linked to the evolving landscape of
  national and homeland defense.

  In the governments estimation, Bell had placed its Pacific Northwest 
  agents in reasonable fear of death or serious bodily injury1. But for 
  some trial-watchers, the case against James Dalton Bell, 43, was 
  underpinned by a constellation of factors that made him more than 
  the disaffected neighbor projecting antigovernment bile. Bell had
  invited the governments fullest prosecutorial zeal because his 
  technical skills placed him in more ambiguous terrain, that of 
  untested gray zones within emerging national defense landscapes, 
  which, by calling into question the impregnability of the national
  border, have been taking national security tactics incountry in 
  unprecedented ways, deploying new rules of engagement to 
  challenge national security threats within the US domestic interior.

Chapters:

Homeland
WarCoast
Cypherpunks
PosterBoy
Joshua
Tacoma
Doppleganger
BattlespaceSuburbia
Holdout

Re: Pap Smear

[John Young]

A tactic used by the anti-pedo vigilantes and narcs is to
covertly bury pedo porno amongst adult porno and then
finger the adult downloaders as pedophiles knowing the
evidence will be found without the downloaders knowing
it is there until discovered during a raid.

A federal case here in Manhattan got a conviction this way.
Or so I am told by the convict, who got a ten year sentence.

Cleanse your files, kiddie sluts.

And who saw the arousing report in Saturday's New York
Times about the practice of bestiality, yes, sex with
animals, that is now coming out of the closet. The last
taboo is getting its day. One gent goes on talk shows 
with his dog to tell what it's like.

Debate rages on whether it's rape if the animal does
not explicitly give consent. Some animal protection
advocates say that the lovemaking is okay with them, 
better to go all the way with animals rather than raise 
for killing and eating.

(No comparison of Swift's advocacy of raising Irish
children for food.)

Really, in the New York Times, descriptions of French
kissing your dog, and why not, since that is far more
sanitary than doing it with a human.

Someone suggested the article is just part of Hollywood's
promo of Animal.

Thermal Imaging Decision Applicable to TEMPEST?

[John Young]

The Supreme Court's decision against thermal imaging appears 
to be applicable to TEMPEST emissions from electronic devices.
And is it not a first against this most threatening vulnerability
in the digital age? And long overdue.

Remote acquisition of electronic emissions, say from outside a 
home, are not currently prohibited by law as far as I know. And
the language of the thermal imaging decision makes it applicable
to any technology not commonly in use.

Conventional wisdom of security wizards are that the emissions
are very difficult to acquire from more than a hundred yards or
so, but James Bamford claims in his recent Body of Secrets that
NSA was able to acquire leaky emissions from Russian crypto 
equipment 6 miles offshore Cuba in the 1960s. Advances in 
technology would presumbably increase that capability.

Re: Thermal Imaging Decision Applicable to TEMPEST?

[John Young]

David Honig wrote:

Two words: antenna design.

A third is signal analysis.

A principle argument against being able to sort through the geometric
increase in devices that leak emissions since the 1960s is that it is 
nearly impossible to find a pin in the hugely noisy haystack of the
electrogmagnetic spectrum.

Help me out here with signal analysis capability even with the niagara
of the digital age. Is it not possible to sort through a very large range
of signal using readily available algorithms to then pinpoint the
signature of types of sources, then home in on subsets of those
sources, to finally single out a particular source?

With the increase in signal volume has come a corresponding increase 
in signal analysis capability. Analysis of the full electromagnetic spectrum
has been possible for quite a while, if public documents on military research
are a reliable guide, and comprehensive analysis is ever being refined with
with increasingly fine granularity.

While there are billions of electronic devices leaking emissions, there
are no where near as many EM slots used by those devices and their
emissions. In fact, there are only a small number of public slots -- so 
long as devices conform to regulations. EM leakage is regulated as well.

If the world's devices conform to regulations, and those EM slots are
known and catalogued for signal analysis, then there is a question
about the leakage of the leakage, that is, emissions that escape
regulation, by poor device design, by granularity, or unintentionally.

The signature of a device which leaks, or makes noise, in a unique way 
is what presumably is searched for in sophisticated signal analysis. 
A few hundred submarines are identified this way, as are potentially
billions of people.

Are there too many unique device signatures to acquire and identify?
Perhaps so, but I suspect that enterprise is being diligently worked
on, beginning with data provided by manufacturers, catalogung
implanted emissive attributes in the devices, using benchmarks
for types of devices, tracking taggants and moles, cooking up
new variants on Hidden Markov and the host of search/sort/analyze/ID
algos.

Jumping off the cliff of ignorance, I suspect that signal analysis,
as with cryptanalysis, will be always able to find a way to get 
around obscurity. If you don't want to be acquired, don't signal.
Silencio, mafia.

Re: Thermal Imaging Decision Applicable to TEMPEST?

[John Young]

Bill Stewart wrote:

TEMPEST really refers to two kinds of technology -
keeping equipment quiet, and reading signals from not-quiet-enough
equipment.  The former category is the main thing that would
apply to private citizens, and it's not addressed here.

Yes, and the confusion between the two sometimes leads to
gaps in understanding as well as security. And I don't know the name
of the technology that acquires signals by illumination of objects
bouncing emissions -- some say it is all TEMPEST, others
say don't be fooled by that misnomer -- ther really good stuff is
several generations beyond what is know as TEMPEST. Maybe
that is what NONSTOP and HIJACK and other codewords refer
to.

We have tried and failed to get NSA to open up more on its standards
for both types and blacker stuff. TEMPEST suppliers -- products and 
services -- have said that it's tough getting NSA to clarify what can 
be exported and what cannot by any means except by submitting 
products for review, waiting and getting back a yes or no, but not 
by getting precise requirements beforehand. Maybe that will 
change to follow the lead of crypto as demand for TEMPEST 
picks up.

Meanwhile it is probable that NSA is testing TEMPEST products
for blacker weaknesses, again like crypto, or rather the systems
and programs for crypto use.

We've been told by suppliers that the export market for TEMPEST (both
types) produce would blossom without restrictions on commercial/private 
use. 

Govs get approvals for the best stuff (unspecified mil grade) but not biz and 
citz. Don't know about banks and telecomms and drug-kingpins, maybe 
they get special treatment for allowing access to data and dope. 
Outrageous, sure, but it is reported to happen.

Still, as far as this amateur knows, there is no restriction on any type
of TEMPEST inside the US, so the standard of protection is victim 
beware.

And don't believe for a second anything you see in public about how far
away emissions can be acquired or how to protect against TEMPEST with
market-available products. Experts in the employ of the gov whisper you
won't see the truth about TEMPEST in public any time soon though there
will be a whole lot of smoke. The increasing smoke I can vouch for.

Even TSCM's and electronic PI's admit all the public stuff about TEMPEST 
standards is prefabricated sunshine. Though that might be a DIRT ploy to 
sell really, really, really totally reliable, better than mil-grade,
protection.

Did you hear how Joel McNamara was thought to have been killed fighting 
a forest fire? Remember the A-10 seeming to fly aimlessly over the Rockies? 
The suppressed AF report on its avionics going haywire? Think NONSTOP,
HIJACK.

Re: TIME.com: Nation -- Supreme Court: Relax. The Heat is Off

[John Young]

Let me try again after reading Time's QA and the responding
attorney claiming that anything inside a home is protected but
nothing outside it is.

My question concerns the methodology of illuminating or
radiating an object, say, within a home, in order to acquire
signal that may be striking that object, say emissions from
an electronic device but not escaping to the outside under
there own momentum.

Peter Wright in Spycatcher describes use of this technology
to acquire signal from crypto machines, French as I recall.
There was discussion of this here a while back, in connection 
with the contraption concealed by the Soviets behind the great 
seal in the US Embassy in Moscow. Wright analyzed that 
contraption for the US to understand how it worked.

Wright is not altogether precise in describing the methodology
nor that of other counterintelligence tools he and others
invented, but some of them appear to be related to acoustic
analysis. (Wright and his father worked for Marconi which
specialized in producing classified comsec products for the UK
military and secret services.)

In any event, if a method is used to acquire signal *within*
a home, would that acquisition be forbidden by the thermal 
decision? That is, if a signal is sent into a home to acquire
an interior signal, is that a violation?

This may seem to be similar to a bug planted just outside the
face of an exterior wall of a home, or reading the vibrations of
window glass, but I'm trying to imagine an alternative technology
to these, perhaps one that remains classified.

BTW, there has been speculation that NONSTOP and/or HIJACK
are codewords for acoustic vulnerabilities of the sort I'm
fumbling with.

The reason I'm pursuing this is that I've been told we are not
asking NSA the right questions to be answered under FOIA,
that there is technology which has not been revealed in
public and whose names are secret. But we haven't been 
able to determine what to ask besides stuff usually associated 
with TEMPEST.

Xerox Sux

[John Young]

A Wall Street Journal article today on the SDMI/DCMA lawsuit
by Ed Felten, et al, includes this nasty:

  The decision to file the lawsuit hasn't been without consequences.
  Dr. Drew Dean is scheduled to resign from the Xerox research
  center tomorrow and says, without elaborating, that the resignation
  is 'related' to the DMCA lawsuit. A Xerox spokesman says that
  the legal challenge is 'not something the corporation wished to
  be involved in' but declined to comment further.

Drew, like Dan Wallach, was a grad student of Felten's and the
Xerox job was his first, I believe.

Will Princeton boot Felten, will Rice boot Wallach? Depends on
the courage of the trustees to resist their buddies' pressure,
as half-dead Xerox could not.

All hail the principled scientists, buck up trustees.

RE: Xerox Sux

[John Young]

Philip Zakas wrote:

is a legal defense fund in place for felten/dean/wallach?  if so, anyone
have the contact info for it?

EFF is funding the suit and welcomes contributions: 

  www.eff.org

Drew Dean should get separate headlines on the Xerox axing.

If shit comes down on the other plaintiffs from their piggy institutional
employers that should light a fire under Congress. 

Rice is loaded, not up there with the Princeton and Ivys but sitting 
on tons of endowment. My alma mater, and it will inherit billions 
from the Young's dry holes awaiting horizontal exploitation.

Re: Slashdot | @Home Cuts Newsgroups Due to DMCA Complaints

[John Young]

Check out today's EU final copyright directive which perfectly
mirrors the DMCA:


http://www.europa.eu.int/eur-lex/en/dat/2001/l_167/l_16720010622en00100019.p
df (153KB)

We offer an HTML version:

  http://cryptome.org/eu-copyright.htm (57KB)

Here's an excerpt on circumvention devices:

Article 6
Obligations as to technological measures

1. Member States shall provide adequate legal protection 
against the circumvention of any effective technological 
measures, which the person concerned carries out in the 
knowledge, or with reasonable grounds to know, that he 
or she is pursuing that objective.

2. Member States shall provide adequate legal protection 
against the manufacture, import, distribution, sale, rental, 
advertisement for sale or rental, or possession for 
commercial purposes of devices, products or components 
or the provision of services which:

(a) are promoted, advertised or marketed for the purpose 
of circumvention of, or

(b) have only a limited commercially significant purpose 
or use other than to circumvent, or

(c) are primarily designed, produced, adapted or performed 
for the purpose of enabling or facilitating the circumvention of,
any effective technological measures.

3. For the purposes of this Directive, the expression 'technological 
measures' means any technology, device or component that, in 
the normal course of its operation, is designed to prevent or 
restrict acts, in respect of works or other subject-matter, 
which are not authorised by the rightholder of any copyright 
or any right related to copyright as provided for by law or the 
sui generis right provided for in Chapter III of Directive 96/9/EC. 
Technological measures shall be deemed 'effective' where the 
use of a protected work or other subject-matter is controlled 
by the rightholders through application of an access control or 
protection process, such as encryption, scrambling or other 
transformation of the work or other subject-matter or a copy 
control mechanism, which achieves the protection objective.

[End excerpt]

NSA Snooping Domestic Crypto

[John Young]

Debate on whether the NSA spies domestically on US 
persons appears to be yes according to USSID 18, dated 
July 23, 1993, which was obtained by the National Security 
Archive a while back, for which we offer an HTML:

  http://cryptome.org/nsa-ussid18.htm

Parts previously redacted concerning domestic surveillance 
are now  revealed, among them these provisions for acquiring 
and retaining indefinitely domestically acquired encipherments:

[Quote]

(2) Domestic communications reasonably believed to 
contain technical data base information may be retained 
for a period sufficient to allow a thorough exploitation and 
to permit access to data that are, or are reasonably believed
likely to become, relevant to a current or future foreign 
intelligence requirement. Sufficient duration may vary 
with the nature of the exploitation.   (S-CCO)

a. In the context of a cryptanalytic effort, maintenance of 
technical data bases requires retention of all communications 
that are enciphered or reasonably believed to contain secret 
meaning, and sufficient duration may consist of any period of 
time during which encrypted material is subject to, or of use
in, cryptanalysis. (S-CCO)

b. In the case of communications that are not enciphered or 
otherwise thought to contain secret meaning, sufficient duration 
is one year unless the Deputy Director for Operations, NSA, 
determines in writing that retention for a longer period is 
required to respond to authorized foreign intelligence or 
counterintelligence requirements. (S-CCO)

[End quote]

Again, these sections were censored in versions of USSID 18
previously made public, a 1980 version here:

  http://cryptome.org/nsa-ussid18-80.htm

While the quoted material is a small part of the 52-page
document, variations on it are repeated more than
once, and seems to be the one exception to the
requirement to avoid domestic interceptions and
to destroy any that are inadvertently acquired.

The classification (S-CCO) is not explained but some
think it perhaps indicates material limited to the UK/USA
agreement and/or the Echelon partners. A better answer
is welcomed.

DoJ Summons Offshore Credit Cards

[John Young]

FOR IMMEDIATE RELEASE March 25, 2002

The Department of Justice and The United States Attorney's 
Office for the Northern District of California today asked a 
federal court in San Francisco to approve its service of a 
John Doe summons on VISA International. John Doe 
summonses permit the IRS to obtain information about 
people whose identities are unknown. The information 
expected in response to the summons will help the IRS 
identify people who use offshore accounts to evade their 
United States income tax liabilities. There are VISA-
sponsored credit, charge or debit cards issued by banks 
in more than 30 countries, including Switzerland, Latvia,
Luxembourg, Hong Kong, Bermuda and numerous 
Caribbean nations.

Also today, in a federal court in Miami, The Department 
of Justice filed papers reflecting American Express's 
agreement to turn over records relating to people who 
may be subject to United States income taxes and who 
have credit card accounts with addresses in Antigua 
and Barbuda, the Bahamas or the Cayman Islands.

MasterCard has already produced over 1.7 million 
records, involving over 230,000 accounts, in response to 
a John Doe summons, According to the IRS, that 
information will be used in civil audits and criminal 
investigations.

If the MasterCard information is representative of 
the industry, there could be 1 to 2 million U.S. citizens 
with debit/credit cards issued by offshore banks. 
This compares with only 170,000 Reports of Foreign 
Bank  Financial Accounts (FBARS) being filed in 
2000 and only 117,000 individual 1040 filers indicating 
they had offshore bank accounts (tax year 1999).

Full press release:

  http://cryptome.org/doj-doe-cards.htm

Re: Maybe It's Snake Oil All the Way Down

[John Young]

The White House Communications Agency is also working
hard to secure presidential communications, with legacy
systems needing ever-increasing maintenance and upgrades,
the market continuing to outpace the big-ticket legacy
clunker equipment, too expensive to chuck outright, yet having
flaws begging for discovery, patches galore (most relying
upon obscurity and secrecy), and the operators from the
four military branches which run the system turning over
regularly and each new wave needing special training to 
work the patchwork klutz, with retiring old salts who are
the only ones who know how the hybrids work and whether
they are truly secure, and not least, NSA doing it damndest
to get new systems installed in all the prez's habitats and
vehicles and layovers around the world, deploying crypto
tools partly off the shelf, partly purpose-built at Ft Meade -- 
and the whole precarious mess subject to a 20-year-old 
pulling a thumb out of the dike and letting flow proof that the 
leader of the free world is up to what you'd expect despite 
the multi-million rig to hide the obvious. Rumor is that 98%
of what is handled top secretly is trivial fluff, as with most
mil comm, SIGINT, cellphone, microwave, fiber-optic, so that
snake oil is apt protection. If all telecomm was shut down no
more would change than pulling the plug on television.

The other 2% is what the billions and billions is trying to find
among the EM cataract of plaintext and speak smoke and whine 
-- by whoever may be plotting a world of pure bugfuck. But that
could also be discovered by thoughtful analysis of any singular
mania, whether religion, higher-ed, sport, stock market, politics, 
or mil-biz.

Here's a recent account from Army Communicator of 
what's up at ever busier and harried and thumbplugging
WHCA:

  http://cryptome.org/whca2003.pdg  (680KB)

WHCA itself is recruiting thumbs:

  http://www.disa.mil/whca

Irag Piss Poor Compared to 911

[John Young]

There was more fighting and carnage in Gulf War 1 than this
piddling latest. This was not a war but a training exercise, a
rattling of sabers, gunboat diplomacy.

The military provided more information in Gulf War 1 than all
the embedded and free-lancers in the latest. Almost no gunship
videos and bombs hitting targets compared to GW1, while the
US was smothered with talking heads doing not much different
than they did in the studio.

The videos in Baghdad showed kiddie versions of Iraqi defenses 
lighting up the sky, just boring shots of a few vehicles moving
as if there was nothing much going on. No cowering journalists, 
breaking glass, running for the basement.

If you wanted to kill reporting you could hardly have done better
than putting the mouthpieces in the field far from the bombing,
and mostly away from the diddly shit combat.

The purpose of the war seems to be to scare the bejesus out of
likely targets, a display of power a notch or two above a war game,
but nothing as thrilling as a movie -- which are showing more
warporn and gore than was shown in GW2.

The attack on WTC and the Pentagon was much superior politics,
theater, diplomacy, art, entertainment, grief, shock and awe.

War porn lovers will just have to replay those tapes until a great
blockbuster comes again. A liquified gas tanker in San Diego 
Bay and another off Staten Island. Tens of the highest hazard 
dams (thousands of them still listed and ranked on the Internet). 
Several stadia of sports fans. 5 or 6 suspension bridges. None 
of these need a MOAB to cause more casualties than GWB's GW2.

Welfare mutants are not the targets, dream on racist greedy 
motherfuckers,  your fat GWB predatory life style is. The military
can't protect you from terrorists, nor can the police from mutants
outfucking you every day. Blue-eyed supremacists are chasing
the dodo, guns and bombs ineffectual.

Spread Spectrum Image Steganography Patent

[John Young]

The US Army today announced the availability of licensing
of its patent for Spread Spectrum Image Steganography:

  http://cryptome.org/usa-patent.htm(with copy of the patent)

Patent Abstract

The Spread Spectrum Image Steganography (SSIS) 
of the present invention is a data hiding/secret communication 
steganographic system which uses digital imagery as a cover 
signal. SSIS provides the ability to hide a significant quantity 
of information bits within digital images while avoiding detection 
by an observer. The message is recovered with low error 
probability due the use of error control coding. SSIS payload 
is, at a minimum, an order of magnitude greater than of 
existing watermarking methods. Furthermore, the original 
image is not needed to extract the hidden information. The 
proposed recipient need only possess a key in order to reveal 
the secret message. The very existence of the hidden 
information is virtually undetectable by human or computer 
analysis. Finally, SSIS provides resiliency to transmission 
noise, like that found in a wireless environment and low levels 
of compression.

Patent No.: 6,557,103

Granted:  April 29, 2003

Inventors:
Boncelet, Jr.; Charles G. (Newark, DE);   
Marvel; Lisa M. (Churchville, MD); 
Retter; Charles T. (Belcamp,  MD)

Assignee:
The United States of America as represented
by the Secretary of the Army (Washington, DC)