On Mon, Feb 02, 2004 at 05:23:02PM -0800, Bill Stewart wrote: > Five or ten years ago, when the Feds were still pretending to be in > control of crypto, crypto enthusiasts were still a threat - these days you > can pick up VPN boxes at the grocery store, and if they still care about > us, they're more likely to be interested in content and the identities of > active posters than in the identity of lurkers. They can observe a lot
I presume tracking down people who're actually concerned about security and take some troubles to conceal their identity would be a good bootcamp for beginner TLAings. Iterated tiger teams interactions will inbreed, so they need a source of novelty. But tracking down competent h4x0rs will be no doubt far more challenging. > just by looking, or they can announce a sale on tinfoil hats and see who > responds, or ask a Stupid Newbie Question and see who flames them, or > forge a message about Guns from a Usual Suspect and see who claims that > theirs is bigger, or post about something tangential like how to stop spam > (which has pretty much replaced libertarianism and censorship as the > all-consuming discussion topic on the net.) What's the point of busting a wannabee? Just to earn some tinfoil stars, to make your organizational unit look good? Doesn't compute. No one got bitchslapped but the AP fellow. > Viruses and Web Bugs are less likely to be useful for detecting > Cypherpunks (or Mac users, or Linux users) than for detecting the general > public - to some extent we may be smarter about that, or at least > grumpier about HTML mail, plus some of the cpunks nodes filter out that > sort of thing. But perhaps they're exploiting that stack overflow bug in > PGP 2.6.2 instead. If you have advanced remote-diagnostic and remote-exploit capabilities, you never let your hand show on an insignficant target. Even if you camouflage as a h4x0r, penetrating a well-secured box is bound to raise some eyebrows (you don't see a packet logger in passive mode). No doubt such capabilities are reserved for cyberwar and industrial espionage. P.S. Sorry about the MIME sig screwup. I forgot. -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net
