puscii:
http://www.puscii.nl/blog/content/whats-wrong-kids-these-days
What's wrong with the kids these days?
On the moral decay of the Dutch hacker scene
I'm really happy to see that someone took the time to write this article
and I'm also happy to see that it was related to puscii. For
Shava Nerad:
I was fascinated today to see Mother Jones and many others reposting,
entirely without reflection or comment, what seemed to me to be not
crowdsourced images but second story surveillance camera shots of the FBI
suspects. (Who, in addition, are being howled after as guilty until
Maxim Kammerer:
On Fri, Apr 19, 2013 at 10:55 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
I find it telling that the local news papers in Seattle referred to
their photos as 'potential suspects' on the front page. The use of
language is telling - it suggests that to be suspect
Andrés Leopoldo Pacheco Sanfuentes:
Jacob, it's all that and worse, I'm sure. Why wouldn't be any different?
Why indeed?
After all, there has been a terrorist attack in Boston, so one would expect
the state of the art in counter-terrorism in full force here!
Terrorism is not an excuse for
Andrés Leopoldo Pacheco Sanfuentes:
They (FBI, DHS) did call them persons of interest - nbd, it's all the same
To suggest it is all the same is to miss the subtle changes in language
and how the subtle changes in language change us.
We might be OK with these changes and yet it feels dishonest
Maxim Kammerer:
On Fri, Apr 26, 2013 at 2:12 AM, Richard Brooks r...@clemson.edu
wrote:
I have a student trying to make a modified build of the Liberte
Linux distribution. If anyone would have time and be willing to
give her some pointers, please send me an email and I will forward
to her.
Hi,
I've long heard things about BlackBerry and RIM regarding BBIM. I was
unable to substantiate until this morning when a friend pointed me at this:
http://docs.blackberry.com/en/admin/deliverables/21760/PIN_encryption_keys_for_BBM_1840226_11.jsp
The relevant part is here:
The PIN encryption
Griffin Boyce:
Jacob Appelbaum ja...@appelbaum.net wrote:
When people ask how secure BBIM is - I suppose we can now cite RIM's
official documentation on the topic - without a BES server, it's
encrypted with a key that is embedded in all handsets.
This was critical in the London Riots
, disclosed to LE and intel agencies, specifically
to retain or to enhance their marketshare.
To me, it's disingenuous for companies to promote secure solutions that
they know allow some kind of backdoor access.
Jacob Appelbaum ja...@appelbaum.net wrote:
What an embarrassing joke
Keep
Griffin Boyce:
Jacob Appelbaum ja...@appelbaum.net wrote:
Griffin Boyce:
I disagree. Blackberry isn't openly selling your data or
otherwise gifting it to third parties, but I don't think that's
really enough.
That is exactly what they're doing. They have a key that is static
and from
Griffin Boyce:
Jacob Appelbaum ja...@appelbaum.net wrote:
You already know this, but for the benefit of the list snip
Unless these are on a BES server - it's all insecure - if it is on a BES
server, it may still be insecure depending on a few factors.
Depends on whether they enable
Why is there this rhetoric as if all of the bugs in JS crypto are unique to
JS crypto? These breaks happen in other platforms too, but simply occur in
different forms. However, overwhelmingly, the frequency and severity do
compare.
There are specific bugs in the JS crypto library and as a
Sarah Lai Stirland:
http://www.newyorker.com/online/blogs/newsdesk/2013/05/strongbox-and-aaron-swartz.html
http://www.newyorker.com/online/blogs/backissues/2013/05/strongbox-the-new-yorker-investigates.html
Kevin Poulsen suggested I open issues on Github and I've been doing so
as 'ioerror'
Dear Libtech,
We've waited a long time for this kind of FISA court document to leak -
we see clearly evidence that there is still dragnet surveillance that is
ongoing - the current order leaked is still valid as of today, it will
continue to be valid until the middle of July.
This specifically
Hi,
Top secret PRISM program claims direct access to servers of firms
including Google, Facebook and Apple and others.
Some of the world's largest internet brands are claimed to be part of
the information-sharing program since its introduction in 2007.
Microsoft – which is currently running an
Oh man, Glenn Greenwald is my hero and a hero to us all. Everyone on
this list who was looking for 'some evidence' about global surveillance
and previously ignored all other evidence, well, here you go!
Revealed: The NSA's powerful tool for cataloguing data – including
figures on US collection
x z:
2013/6/8 Jacob Appelbaum ja...@appelbaum.net
Oh man, Glenn Greenwald is my hero and a hero to us all.
Do you still believe Glenn's reporting that NSA has direct access to
servers of firms including Google, Apple and Facebook?
Yeah, I think it is clearly a FISA interface or API
Nadim Kobeissi:
Jake, I don't agree with x z (and rather agree with you), but I'm
really tired of just how aggressive and rude you always are on
Libtech. And it doesn't appear to just be towards me. I'm not the
only person who feels like this.
Even if you're right, tone your ego knob down
Nadim Kobeissi:
On 2013-06-09, at 1:02 PM, Jacob Appelbaum ja...@appelbaum.net
wrote:
Nadim Kobeissi:
Jake, I don't agree with x z (and rather agree with you), but
I'm really tired of just how aggressive and rude you always are
on Libtech. And it doesn't appear to just be towards me. I'm
Maxim Kammerer:
On Mon, Jun 10, 2013 at 12:01 PM, x z xhzh...@gmail.com wrote:
Occam's razor would give us the following is what has actually happened in
the past three days: a semi-clueless whistle blower fed an overzealous
journalist a low-quality powerpoint deck, which met the
x z:
@Jacob, I agree with your points regarding American exceptionalism.
@Eugen, to prepare for the worst scenario is one thing, to advocate some
shady rumor as fact is another.
@Rich, those are good movie scripts :-). But it does not work for 9 firms,
and hundreds of execs all with diverse
x z:
I argue that direct access or not is is substantive, not semantic. We have
the following two versions of the story:
*A: The Guardian story alleges that NSA has direct access to user data from
major internet firms, and these firms are willingly cooperating with NSA
for the capability of
Rich Kulawiec:
On Sun, Jun 09, 2013 at 10:11:08AM -0400, Nadim Kobeissi wrote:
On 2013-06-09, at 10:08 AM, Rich Kulawiec r...@gsp.org wrote:
Second: stupidity, in all forms, fully deserves to be slapped down --
This is where I stop reading.
I have to admit, even though I've read this half
Hi,
I'm really excited to say that Tor Browser has had some really important
changes. Mike Perry has really outdone himself - from deterministic
builds that allow us to verify that he is honest to actually having
serious usability improvements. I really mean it - the new TBB is
actually awesome.
Hi,
I encourage all Skype users and security people to read this article
about Silicon Valley and the spying world:
http://www.nytimes.com/2013/06/20/technology/silicon-valley-and-spy-agency-bound-by-strengthening-web.html?pagewanted=all_r=0
This bit about Skype is fantastic:
Skype, the
From the we-told-you-so-again-gosh-this-is-the-free-west department:
GCHQ taps fibre-optic cables for secret access to world's communications
Exclusive: British spy agency collects and stores vast quantities of
global email messages, Facebook posts, internet histories and calls, and
shares them
in the installer is translated, btw).
Is there anything I can help?
Best regards,
MH
2013/6/17 Jacob Appelbaum ja...@appelbaum.net
Hi,
I'm really excited to say that Tor Browser has had some really important
changes. Mike Perry has really outdone himself - from deterministic
builds
Jillian C. York:
Minor piece of feedback:
Why StartPage as default search engine? They employ safe search by
default.
That is a good question - I think it is open to discussion. Generally
speaking, I think that a censorship free search engine that requires no
cookies, no javascript, no
Michael Carbone:
DuckDuckGo seems to work well with Tor and without
javascript/cookies/etc. They also run it as a hidden service so you
can keep your search in the Tor cloud -- I don't know of other search
engines that do that: 3g2upl4pq6kufc4m.onion
I generally feel friendly to DuckDuckGo.
micah:
Eleanor Saitta e...@dymaxion.org writes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.24 07.19, Douwe Schmidt wrote:
Dear LibTech Readers,
In a little bit over a month OHM2013 is happening in The
Netherlands. There has been a lot of controversy in the run-up to
Jillian C. York:
+1
On Mon, Jun 24, 2013 at 2:38 PM, Cooper Quintin
coo...@radicaldesigns.orgwrote:
Start page also allows you to generate a url that has certain settings,
for example this one (
https://startpage.com/do/mypage.pl?prf=c2a9ee9b20d61e980b6f6cce7026bc91
)has safe search
Griffin Boyce:
Not only am I going to be presenting three talks at OHM, I will be
presenting talks that are (in many ways) totally dead conversations in the
US.
Congratulations. I look forward to seeing them, probably on a remote
stream but also perhaps in person.
It's interesting how
phryk:
On Mon, 24 Jun 2013 21:17:16 +
Jacob Appelbaum ja...@appelbaum.net wrote:
This is a false dichotomy of an argument if ever I've heard one. I
keep hearing it too. It bums me out to no end.
I understand that removing ourselves from specific discussions removes
our voices from
Nadim Kobeissi:
On 2013-06-24, at 6:23 PM, Griffin Boyce griffinbo...@gmail.com
wrote:
Not only am I going to be presenting three talks at OHM, I will be
presenting talks that are (in many ways) totally dead conversations
in the US.
It's interesting how much of the debate centers
Jurre andmore:
Sorry, but why would 30c3 be this place and not any other venue in the
world? Without context this sounds silly.
It was merely a suggestion and it is hardly without context.
Any event or space that is willing to create an explicitly safe space
for an open dialog is probably in
Jurre andmore:
I wish we all spoke out against the police being present 20 years ago and
not in 2013.
Actually, I think a lot of old-school Dutch hackers did just that -
especially against the undercover cops who infiltrated the scene. This
was documented in the hacking zines of that era.
In
Mike Perry:
Nick:
Quoth Mike Perry:
Hidden service circuits require ~4X as many Tor router traversals
as normal Tor exit circuits to set up, and unlike normal Tor exit
circuits, they are often *not* prebuilt. Once they are set up, they
still require 2X as many Tor router traversals
Eleanor Saitta:
On 2013.06.29 10.27, Jonathan Wilkes wrote:
It's not a simplistic choice between using modern devices and being
a Luddite. It's about people having a better understanding about
what the threats are, digesting that information (unfortunately,
slowly) and then using tools to
Paul Bernal (LAW):
None of this should be surprising, should it? It's a reasonable
assumption that all intelligence agencies share their data on a
pretty regular basis - certainly with 'friendly' nations, and almost
certainly with others, on a quid pro quo basis. It's always been that
way.
Eleanor Saitta:
On 2013.06.29 12.37, Jacob Appelbaum wrote:
Eleanor Saitta:
None of those tools exist right now, not for locational privacy
and metadata obfuscation.
I disagree about the existence. Perhaps, I think we might be able
to agree on certain values of 'unusable' rather than
Nikola Kotur:
On Sun, 30 Jun 2013 02:25:54 -0500
Anthony Papillion anth...@cajuntechie.org wrote:
what exactly is the problem with Pidgin OTR
This page summarizes what might be wrong with Pidgin and OTR:
Eleanor Saitta:
On 2013.07.01 15.15, Julian Oliver wrote:
..on Mon, Jul 01, 2013 at 06:03:01PM +, adrelanos wrote:
In response to the tool doesn't exist...
apt-get install tor torify wget http://path.to/file
And how did you verify the trust path for your initial debian install
It is
Hi,
What we're seeing in Der Spiegel, The Guardian, Washington Post and
other select publications is the birth of new threat models - not just
for activists but for all of civil society, parliamentarians, companies
and more. This is a threat model that many have known and yet at the
same time,
Patrick Mylund Nielsen:
If it's so easy, go ahead and produce a more secure alternative that people
will use. Talking about how exceedingly easy it is in Internet forums
doesn't contribute much.
I'm not sure if you're away but Maxim did exactly this many years ago.
He wrote a system called
Patrick Mylund Nielsen:
On Tue, Jul 9, 2013 at 9:22 AM, Eugen Leitl eu...@leitl.org wrote:
On Tue, Jul 09, 2013 at 09:12:21AM -0400, Patrick Mylund Nielsen wrote:
If it's so easy, go ahead and produce a more secure alternative that
people
You mean something like http://dee.su/ ?
And
Nadim Kobeissi:
Hi Jacob,
You've said a lot about Cryptocat's SSL configuration — can you recommend a
better configuration that is similarly compatible?
Hi Nadim,
I mentioned this on the cryptography list - I suggest several things.
First up - either disable all non-forward secure SSL/TLS
Jonathan Wilkes:
On 07/09/2013 10:29 AM, Jacob Appelbaum wrote:
Patrick Mylund Nielsen:
On Tue, Jul 9, 2013 at 9:22 AM, Eugen Leitl eu...@leitl.org wrote:
On Tue, Jul 09, 2013 at 09:12:21AM -0400, Patrick Mylund Nielsen wrote:
If it's so easy, go ahead and produce a more secure alternative
Andreas Bader:
Eugen Leitl:
Grimes: How many exploits does your unit have access to?
Cyber warrior: Literally tens of thousands -- it's more than that. We have
tens of thousands of ready-to-use bugs in single applications, single
operating systems.
Grimes: Is most of it zero-days?
A new Spiegel edition is out and it is awesome. It contains leaked
documents that show that the BND, BfV, NSA and CIA worked together to do
domestic spying in Germany. It also covers more information about XKEYSCORE.
The PDF of the article has been leaked too:
Griffin Boyce:
Al,
We may have to disagree as to the way forward. I hate to be
contentious, but it seems unlikely that Tor applied a patch without
reading firefox's changelog. Two days ago I presented a talk which
emphasized how useful Tor is -- and I stand by that. Tor is still the
best
Nadim Kobeissi:
On 2013-08-06, at 3:19 AM, Jacob Appelbaum ja...@appelbaum.net
wrote:
Griffin Boyce:
Al,
We may have to disagree as to the way forward. I hate to be
contentious, but it seems unlikely that Tor applied a patch
without reading firefox's changelog. Two days ago I
Nadim Kobeissi:
On 2013-08-06, at 11:46 AM, Al Billings alb...@openbuddha.com
wrote:
Nadim you seem confused by how this works. Tor doesn't need to
issue advisories for Firefox issues. We, at Mozilla, already issue
them. Perhaps they can link to them clearly but if you want to know
about
Maxim Kammerer:
On Tue, Aug 6, 2013 at 12:30 PM, Jacob Appelbaum ja...@appelbaum.netwrote:
Please feel free to answer the question, we're happy to learn from an
example. Are either of you involved in such an example? Might we learn
from your example? If so, where might we see it?
Tails
Nadim Kobeissi:
On 2013-08-06, at 12:55 PM, Jacob Appelbaum ja...@appelbaum.net
wrote:
Nadim Kobeissi:
On 2013-08-06, at 11:46 AM, Al Billings alb...@openbuddha.com
wrote:
Nadim you seem confused by how this works. Tor doesn't need to
issue advisories for Firefox issues. We
Maxim Kammerer:
On Tue, Aug 6, 2013 at 1:07 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
Somewhere there is a line and clearly, we failed to meet
the high standards of a few folks on this list. I'm mostly curious if
that high standard will be expressed in a cohesive manner where we might
Asa Rossoff:
Jacob Appelbaum:
Nadim Kobeissi:
On 2013-08-06, at 11:46 AM, Al Billings alb...@openbuddha.com
wrote:
Nadim you seem confused by how this works. Tor doesn't need to
issue advisories for Firefox issues. We, at Mozilla, already issue
them. Perhaps they can link to them clearly
Joseph Lorenzo Hall:
On 8/6/13 6:41 AM, Jacob Appelbaum wrote:
(2) Even have an RSS feed of them available through the TBB, as well as RSS
of TBB releases, and what security issues are covred including one advised
by Firefox. This could notify of stable, alpha and beta releases, so
Nadim Kobeissi:
On 2013-08-06, at 1:23 PM, Jacob Appelbaum ja...@appelbaum.net
wrote:
Nadim Kobeissi:
On 2013-08-06, at 12:55 PM, Jacob Appelbaum
ja...@appelbaum.net wrote:
Nadim Kobeissi:
On 2013-08-06, at 11:46 AM, Al Billings
alb...@openbuddha.com wrote:
Nadim you seem
intrigeri:
Hi,
Maxim Kammerer wrote (06 Aug 2013 09:52:36 GMT) :
Tails references upstream advisories, or at least did so in the past.
https://tails.boum.org/security/Numerous_security_holes_in_0.18/
Right, and we have no plan to stop doing this. What we've been doing
for years when
konfku...@riseup.net:
Jacob Appelbaum:
I like this idea - though I wonder how users would feel about it? Will
they read it? Should it be our own RSS feed or an RSS feed of Mozilla's
data?
I don't like the idea. You need to worry about the upgrading behavior of
casual users of TBB, who
Nadim Kobeissi:
On 2013-08-07, at 12:58 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
Nadim Kobeissi:
On 2013-08-07, at 12:44 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
Bbrewer:
We're understaffed, so we tend to pick the few things we might
accomplish and writing such advisory
The advisory was about bug being exploited in the wild, so, yes.
That was covered well in Roger's last email.
I'm aware, I did read his email. I was just under the impression that
you publish advisories about *vulnerabilities*, not about *exploits*.
But perhaps you're teaching me (and the
Ali-Reza Anghaie:
I understand we're talking about verifiable builds and software
distribution but using the Zetas as an example is getting kind of
ridiculous.
The point of using the Zetas is perhaps not clear but I think I
understand well what Zooko means. We've talked about it a few times
Ali-Reza Anghaie:
OK. I still disagree - in these threat models they don't care about effort.
Who doesn't?
They dissuade people by killing a few first.
If someone starts harming say, Ubuntu developers, I think very few
Debian developers will worry. I think very few RHEL developers will
Hi,
I think a lot of people would benefit from reading Mike Perry's latest
blog post. He addresses how The Tor Project is working towards the
problems referenced by Zooko in his latest open letter to Silent Circle:
On 06/12/2012 09:29 PM, Naiz Mudin wrote:
Ladies Gentlemen,
I have discovered, by serendipity, an iOS application that is evidently
also available for Windows Phone and Symbian (soon to be replaced with
Windows Phone 8). It is called, SafeSession and claims 256-bit AES
encryption between
On 06/18/2012 07:40 PM, Eleanor Saitta wrote:
On 2012.06.18 13.29, Parker Higgins wrote:
On 6/18/12 8:36 AM, Yosem Companys wrote:
Hi Liberationtech folks, is this always the case? I've heard cases
where people can still be tracked whether they have batteries in
their cell phones or not...
On 06/19/2012 01:37 PM, michael gurstein wrote:
I would have thought it was more like a huge fear of being (unreasonably)
trolled.
For those that wish to send their support, I suggest using this contact
form for the Ecuadorian mission in the UK:
http://www.ecuadorembassyuk.org.uk/contact
On 06/28/2012 06:28 AM, Nathan of Guardian wrote:
On 06/28/2012 04:58 AM, ilf wrote:
Opinions on this? Has there been any peer-review?
Not as far as I know, but I think can tackle it quickly here from what
is on their website. Most of this is the usual open-vs-closed type
issues, but still
On 06/29/2012 09:20 AM, fr...@journalistsecurity.net wrote:
We are looking for a few Arabic-speaking digital safety trainers to help
teach
basic concepts and some tool usage to citizen journalists operating in
critical
nations. Training will occur remotely using VPNs to reach select
ilf:
Found this in HOPE 9 schedule:
https://ostel.me/
This service is a public testbed of the Open Secure Telephony Network
(OSTN) project, with the goal of promoting the use of free, open
protocols, standards and software, to power end-to-end secure voice
communications on mobile
Hi,
I generally avoid engaging with you Catherine but I wanted to ask you
some very specific questions that almost beg to be asked by your email.
I have kept it on the list because I felt that if you could show
evidence for your claims, we'd all be better for it. If not, I figured
it would be
Jillian C. York:
It's difficult. I'm not a technologist, but I understand the issues and
the user needs well. My type, I'd surmise, is few and far between.
Security experts have obvious reasons for being conservative, and I get
that. Nevertheless, there are a lot of users who would
Eleanor Saitta:
On 2012.08.06 17.51, Jacob Appelbaum wrote:
Jillian C. York:
It's difficult. I'm not a technologist, but I understand the issues and
the user needs well. My type, I'd surmise, is few and far between.
Security experts have obvious reasons for being conservative, and I get
Eleanor Saitta:
On 2012.08.06 18.40, Jacob Appelbaum wrote:
Eleanor Saitta:
It is true that you have to trust the server operator in both cases.
However, having a server configuration which does not completely
compromise user privacy (vs. the operator) by default, like Facebook
does
Nadim Kobeissi:
OKAY!
I just came back from a long, incredibly intense dinner with Jacob, Ian
Goldberg and a few other people. Believe it or not, we have actually
managed to agree on a conversation model that both answers the concerns of
people like Jacob while remaining easy to use and
Ali-Reza Anghaie:
On Tue, Aug 7, 2012 at 7:19 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
Ali-Reza Anghaie:
I don't think it's they don't get it - once explained to even the most
jaded they accept the expertise - it's that in the time period with
immediate windows of opportunity present
Collin Anderson:
Do activists seriously diverge from general browser usage
statistics?
Oh hey -- at last, quantifiable question that would lend itself to a solid
research paper. Let's gather aggregate analytics data from activist sites
and compare to the norm. I think I can help on this...
Eric S Johnson:
Hi Phillipp,
Eric, that's interesting, could you elaborate on that?
According to my own experience, deep packet inspection in China is still used
I'm not saying China doesn't do DPI. I'm just saying that, from my own
experience living in China for the past
Eric King:
Hi all,
I thought this list would be interested to know that the British Government
has decided to place FinFisher under UK export controls. There are a ton of
questions that remain to be answered, and it's only part of the bigger goal
to control the export of surveillance
Greg Norcie:
Any book written by non-experts about something as complicated as crypto
will have imperfections.
But sometimes security researchers become paralyzed with the need for
something to be perfect. You need to look at it from a public health
perspective.
Also - sometimes people
Maxim Kammerer:
On Wed, Oct 3, 2012 at 2:41 PM, D J Capelis djcape...@cs.ucsc.edu wrote:
I like the part where you say the problem is easy and then point to a
solution with issues that make it anything but easy, tenable or workable.
Why? The solution (if you refer to cables in Liberté) is
Bernard Tyers - ei8fdb:
On 8 Oct 2012, at 23:46, Jacob Appelbaum wrote:
Asher Wolf:
The argument everyone is politely avoiding - while pondering the
numerous ways CryptoParty will expose already compromised
individuals - is whether the masses SHOULD use crypto.
I'm not ignoring
Asher Wolf:
On 9/10/12 10:36 PM, Jacob Appelbaum wrote:
I did not work on the technical aspects of the book. I cannot. I do not
have the right skill set.
This attitude, I think, is a key issue this community and many others
face. You cannot? Or you will not?
I believe that you
Nick Daly:
On Tue, Oct 9, 2012 at 7:24 AM, Jacob Appelbaum ja...@appelbaum.net wrote:
Maxim Kammerer:
Even the CryptoHeaven solution that I criticized above is good,
discarding minor issues that can be easily fixed, and discarding
what's apparently a security-usability tradeoff decision
Maxim Kammerer:
On Tue, Oct 9, 2012 at 9:03 PM, Lindsay Beck lb...@ndi.org wrote:
Disclosure: TAILS relies on BIOS for operability, and thus can have
challenges functioning on newer computers that utilize UEFI without legacy
support for BIOS.
For anyone interested: Liberté Linux already has
Eric S Johnson:
The vast majority of netizens in cybercensored countries who use a
VPN (or other form of proxy) are doing so in order to access
otherwise-blocked content, without any particular expectation of (or
need for) security. So, any VPN will do (and OkayFreedom’s as good as
any
Collin Anderson:
Eric,
I think it is necessary to push back on the following statement as
extensively as possible.
But I’ve never heard of a case in which a user has been punished merely
for cybercircumventing. I’d love to hear of such a situation.
As Amin hints, there are strongly
Steve Weis:
I attended the beginning of this event and was taken aback by some bad
advice given by Jonathan Hutcheson. Starting around 17:50, he talks about
how password managers can supposedly protect you from keyloggers and
malware:
http://www.youtube.com/watch?v=cLp2pl3BVhg#t=17m50s
Nadim Kobeissi:
Nice analysis.
These are just data points that clearly have no meaning. None at all.
Why, if only a bug would tell me that it was exploitable, I still
wouldn't believe it! Why are you convinced?!
Pursuant to this, I think downgrading this project from
OkayFreedom to MehFreedom
StealthMonger:
Dmytri Kleiner d...@telekommunisten.net writes:
So you believe that we should provide nothing as a society ...
I certainly don't.
You are free to delegate your authority to your comrades in matters
such as your own health care or the education of your own children.
Just
StealthMonger:
Dmytri Kleiner d...@telekommunisten.net writes:
We can not eliminate the State-based tax system by evading it, only
by replacing the socially necessary functions it performs with
actually-existing non-state forms, an unwillingness to understand
and come to terms with this is
Marcin de Kaminski:
Also, since it was discussed on this list: what is the status of Pidgin OTR?
Didn't it have some sec flaws?
It is maintained software. I'm one of the maintainers these days.
As far as I know Pidgin-OTR doesn't have any outstanding issues. Pidgin
itself on Windows is
Uncle Zzzen:
One thing that baffles me is where's the sig or hash at
http://www.cypherpunks.ca/otr/ (which is not SSL).
I see sigs for lib, proxy, etc. but nothing for the primary download.
Unless there's something I fail to understans, it's pretty spooky.
The signature is referenced as
Hi,
I wonder - has anyone been scanning (for) X.25 pads in Syria?
Leased lines such as the one in Alexandria stayed up in Egypt during the
killswitch flipping; the same was true for X.25.
I guess neither of those will rely on IP networks and thus BGP route
withdraw won't impact them very much,
Hi,
fr...@journalistsecurity.net:
But if
you're getting information security advice from a Forbes blog, that
will be the least of your worries.
Where would you suggest we get information security advice from?
This is an interesting question and I admit, I feel like it leaves a bad
ring in
Danny O'Brien:
On Wed, Dec 19, 2012 at 05:26:05AM +, Jacob Appelbaum wrote:
Hi,
fr...@journalistsecurity.net:
But if
you're getting information security advice from a Forbes blog, that
will be the least of your worries.
Where would you suggest we get information security advice from
Hi,
In light of the recent thread on journalism, I wanted to share this link
about Skype:
https://en.greatfire.org/blog/2012/dec/china-listening-skype-microsoft-assumes-you-approve
With 250 million monthly connected users, Skype is one of the most
popular services for making phone calls as
to choose between it and Skype, I guess I'd not have a lot of trouble
making the choice of using Jitsi.
All the best,
Jake
B
On Dec 21, 2012 6:07 AM, Jacob Appelbaum ja...@appelbaum.net wrote:
Hi,
In light of the recent thread on journalism, I wanted to share this link
about Skype
John Adams:
Why don't you just get around the problem entirely and use Dropbox's
storage for encrypted disk images?
If you have data sufficiently encrypted, it doesn't matter how it's stored.
I generally agree that the data should be encrypted, though I think it
should also be authenticated
1 - 100 of 130 matches
Mail list logo