Re: packet traffic analysis

[Travis H.]

> Modes that are based on a small window of previous plaintext, such as
> OFB, would be vulnerable too.

My mistake, OFB does not have this property.  I thought there was a
common mode with this property, but it appears that I am mistaken.

If it makes you feel any better, you can consider the PRNG the
encryption of constant text, perhaps using the real datastream as some
kind of IV.  The content of the chaff is not relevant; ideally you
would use a high-bandwidth HWRNG such as Quantis.
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B

Re: packet traffic analysis

[Travis H.]

> I very much doubt it.  Where did that factor of "half" come frome.

During lulls, you are constantly sending chaff packets.  On average,
you're halfway through transmitting a chaff packet when you want to
send a real one.  The system has to wait for it to finish before
sending another.  QED.

> Ah, but if you generate unequal-length packets then they are
> vulnerable to length-analysis, which is a form of traffic analysis.

I'm talking about a stream, with packets embedded in it.  For
circuit-switched circuits, this is no problem.  For a packet-switched
network, you must packetize the stream, which is unrelated to the
packets embedded in the stream.

This is somewhat inefficent, which is why I suggested that it is more
applicable ot something like PPP, SSH, or OpenVPN links, which are
already virtual circuits.  This is a fair criticism, but just think of
the number of such circuit/packet conversions when someone uses a TCP
virtual circuit over packet-based IP over an analog POTS link, which
is itself a virtual circuit that is packetized and sent over a circuit
(long-haul wirepair or fiber) in the telco network.

If you explain to me how an eavesdropper can tell where plaintext
packet begins or ends, then I'll agree with you that it is indeed
vulnerable to length analysis.

> A better solution would be to leave the encryption on and use constants
> (not PRNG output) for the chaff, as previously discussed.

That might or might not be a problem.  With ECB, it's vulnerable to
analysis (chaff is constant, so encryption of it is constant).  With
some modes, the amount you can transmit is limited (e.g. CTR mode). 
Modes that are based on a small window of previous plaintext, such as
OFB, would be vulnerable too.  It could very well be that it's a bad
idea to send a lot of constant plaintext under other modes, as well. 
For example, if most of the data is constant, then you have a close
approximation of known-plaintext.

> The notion of synchronized PRNGs is IMHO crazy -- complicated as well as
> utterly unnecessary.

It's not necessary to run a PRNG on the receiver.  You just have to be
able to tell when you're looking at random data, or an encrypted
version of an escape sequence and a valid packet, which can be
recognized, as per your point 4a.  If you find that it's not a
legitimate packet, you treat it as PRNG data, and start looking for
the encrypted escape sequence.  However, with a 32-bit escape
sequence, the chances of getting such a false positive are low.

I personally think sending encrypted versions of constant data under
the same key you use for real data is not crazy, but somewhat
imprudent.  Do you know what the unicity distance is?  Have you read
of attacks that require a large amount of ciphertext encrypted under
the same key?
--
http://www.lightconsulting.com/~travis/  -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B

Re: On the orthogonality of anonymity to current market demand

[James A. Donald]

James A. Donald writes:
> > Further, genuinely secure systems are now becoming available, notably
> > Symbian.

Chris Palmer <[EMAIL PROTECTED]>
> What does it mean for Symbian to be genuinely secure? How was this
> determined and achieved?

There is no official definition of "genuinely secure", and it is my 
judgment that Symbian is unlikely to suffer the worm, virus and 
trojan problems to the extent that has plagued other systems.

Re: On the orthogonality of anonymity to current market demand

[Chris Palmer]

James A. Donald writes:

> Further, genuinely secure systems are now becoming available, notably
> Symbian.

What does it mean for Symbian to be genuinely secure? How was this
determined and achieved?


-- 
http://www.eff.org/about/staff/#chris_palmer



signature.asc
Description: Digital signature

Re: Multiple passports?

[Chris Clymer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Peter Gutmann wrote:
> Gregory Hicks <[EMAIL PROTECTED]> writes:
> 
> 
>>As for applying for one now, I think the deadline for the non-RFID passwords
>>is about 3 days away (31 Oct 2005), but I could be wrong. (In other words, if
>>your application is not in processing by 31 Oct, then you get the new,
>>improved, RFID passport.)
> 
> 
> Ahh, but if you get one of the first passports issued then there are likely to
> still be some teething problems present, leading to sporadic failures of the
> first batch of RFID devices.  I have a funny feeling that this is going to
> happen to my new passport when it arrives.
> 
> Peter.
> 
> 
I don't have a good feeling about this at all.  My passport is actually
invalid as a form of ID for anyone who checks closely(the BMV did!)
because the gov't printed the wrong birthdate on mine!

I went to Germany and back just after the embassy attacks in
africa(things were on high alert briefly then) with no questions on it.
 Try to renew my lost drivers license with it and suddenly its a damn
problem.

As far as I can tell, they used the month of issue as the birth month as
well.  A small mistake...but obviously an important one.  What ways do
you suppose there will be for them to screw up these RFID tags?  These
days ones libel to get branded a terrorist with the wrong info...
- --
  Chris Clymer - [EMAIL PROTECTED]
PGP: E546 19B6 D1EC 47A7 CAA0 8623 C807 398C CD27 15B8

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.7 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDZnnuyAc5jM0nFbgRAvBaAKDFUH2QFmKJqIk7WYkw5esWUy/MsACgwWvH
iHYKEguTdSdU0wRTIeI4lZg=
=UyJk
-END PGP SIGNATURE-
begin:vcard
fn:Chris Clymer
n:Clymer;Chris
org:Youngstown Linux User Group
adr:;;252 Colonial Drive;Canfield;Ohio;44406;United States of America
email;internet:[EMAIL PROTECTED]
title:Founder
tel;cell:330.507.3651
x-mozilla-html:FALSE
url:http://www.chrisclymer.com
version:2.1
end:vcard

Re: On the orthogonality of anonymity to current market demand

[R.A. Hettinga]

At 10:22 AM -0500 10/31/05, [EMAIL PROTECTED] wrote:
>and doesn't history show that big corporations are only interested in
>revenue

One should hope so.

;-)

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: On the orthogonality of anonymity to current market demand

[johns]

hi

( 05.10.26 09:17 -0700 ) James A. Donald:
> While many people are rightly concerned that DRM will
> ultimately mean that the big corporation, and thus the
> state, has root access to their computers and the owner
> does not, it also means that trojans, viruses, and
> malware does not.

do you really think this is true?

doesn't microsoft windows prove that remote control of computers only
leads to compromise? [especially in our heavily networked world]

and doesn't history show that big corporations are only interested in
revenue- so that if they get revenue by forcing you to pay them fees for
'upkeep' of your digital credentials to keep your computer working they
are going to do that.

the problems 'solved' by DRM can also be solved by moving to an
operating system where you have control of it, instead of an operating
system filled with hooks so other people can control your computer.

and that operating system is freely available ...

-- 
\js oblique strategy: don't be frightened of cliches

Study and Results of (H.)-(G.)-(H.)

[Elizabeth Wright [Cypherpunks]]

Thanks for Enquiring about our recent (H.)uman-(G.)rowth-(H.)ormone Study.

Dr. Wright and Hormone Specialist Elizabeth Hall have finally
completed their 2 year study on the (H.)-(G.)-(H.) product at the Life 
Tran-sitions Institution.

These are summary results (20 male, 20 female patients) 

%IMPROVEMENT:

Frequency of Nighttime Urination...57%
Hot Flashes58%
Menstrual Cycle Regulation.59%
Memory.84%
Energy Level...84%
Skin & Hair Care Texture...71%
Wrinkle Disappearance..61%
New (H.)air38%
Body (F.)-at Loss..72%
Muscle Strength ...88%
Muscle Size ...81%
Healing of Other Injuries .61%
Resistance to Common Illness ..73%



To learn more about this product:
http://hghhonest.net



If you no longer want to receive information from our staff 
then visit http://hghhonest.net

AW: [EMAIL PROTECTED]: Skype security evaluation]

[Kuehn, Ulrich]

> -Ursprüngliche Nachricht-
> Von: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] Im Auftrag von cyphrpunk
> Gesendet: Freitag, 28. Oktober 2005 06:07
> An: [EMAIL PROTECTED]; cryptography@metzdowd.com
> Betreff: Re: [EMAIL PROTECTED]: Skype security evaluation]
> 
> Wasn't there a rumor last year that Skype didn't do any 
> encryption padding, it just did a straight exponentiation of 
> the plaintext?
>
> Would that be safe, if as the report suggests, the data being 
> encrypted is 128 random bits (and assuming the encryption 
> exponent is considerably bigger than 3)? Seems like it's 
> probably OK. A bit risky perhaps to ride bareback like that 
> but I don't see anything inherently fatal.
> 
There are results available on this issue: First, a paper by 
Boneh, Joux, and Nguyen "Why Textbook ElGamal and RSA Encryption 
are Insecure", showing that you can essentially half the number 
of bits in the message, i.e. in this case the symmetric key 
transmitted. 

Second, it turns out that the tricky part is the implementation 
of the decryption side, where the straight-forward way -- ignoring 
the padding with 0s "They are zeroes, aren't they?" -- gives you a 
system that might be attacked in a chosen plaintext scenario very 
efficiently, obtaining the symmetric key. See my paper "Side-Channel 
Attacks on Textbook RSA and ElGamal Encryption" at PKC2003 for 
details.

Hope this answers your question.

Ulrich

Passport Hell (was [Clips] Re: [duodenalswitch] Re: Konstantin)

[R.A. Hettinga]

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Mon, 31 Oct 2005 09:55:05 -0500
 To: "Philodox Clips List" <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] Re: [duodenalswitch] Re: Konstantin
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]


 --- begin forwarded text


  Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
  To: [EMAIL PROTECTED]
  From: [EMAIL PROTECTED]
  Sender: [EMAIL PROTECTED]
  Mailing-List: list [EMAIL PROTECTED]; contact
 [EMAIL PROTECTED]
  Delivered-To: mailing list [EMAIL PROTECTED]
  Date: Mon, 31 Oct 2005 09:11:08 EST
  Subject: Re: [duodenalswitch] Re: Konstantin
  Reply-To: [EMAIL PROTECTED]


  it was time to renew my passport again (2nd renewal ,,not first)  ..cause I
  want to go to Curitiba, Brasil in June to have my hernia repair and  get some
  PS with Dr. C for loose skin and muscles...  (a face lift would be  nice
  hmmm)
So I applied  like everyone else does submit old passport with
  application, ... I get a  letter back from the Department of Homeland
Security
  that says  I am refused  because there is not enough info to prove my
  identity
Thats all  the proof normally required.
 They  tell me with any further application to submit four
  documents all created b4  1985. (b4 1985???  jessh!)
  So I do... my Birth  Certificate ...my daughters B-certificate (cause
  my name is on it), my first  marriage certificate, my first divorce papers
  and an original payroll register  from the company I worked for in 1984 (with
  all my vitals on it).
  They then turned me down  again saying its just not enough proof
  () And they were the ones who  requested them.
   They have now  asked me for ... all my medical records from before
  1995, my second marriage  certificate, all my school transcripts from 1959
 till
  high school graduation,  and a voter registration certificate from 1994.
I also asked  congressman Tom Lantos to intervene on my behalf and
  he tried..and they told him  (nicely) to mind his own business
   I think I am  to be trapped within this gilded cage forever
  I was to be sent by my  corporation to China to represent them there (in
  January)... but apparently not  now and it also looks like I will have
 to save
  up alot of money to have my  PS done here in the states so I guess the
  Face lift is out I wonder if  Dr. C does house calls?
   Sad, frustrated and Depressed

 Konstantin

  If you  don't mind me asking, why are they rejecting your renewal?  I
  have a  friend who is an immigration attorney and I know he will ask
  when I bring  it up to him.  You can email me privately if you prefer.

  Jennifer

  --- In [EMAIL PROTECTED], [EMAIL PROTECTED]  wrote:
  >
  >
  > I would love to learn the  Rapier
  >  and archery...
  > But right now I would settle  for the Department of homeland
  Security to stop
  > rejecting my  Passport renewal forms and let me travel  (sigh)
  > Any one know a  good reverse immigration attorney?
  >
  > Blessed  be
  >  Konstantin






  [Non-text portions of this message have been removed]




  Yahoo! Groups Links

  <*> To visit your group on the web, go to:
  http://groups.yahoo.com/group/duodenalswitch/

  <*> To unsubscribe from this group, send an email to:
  [EMAIL PROTECTED]

  <*> Your use of Yahoo! Groups is subject to:
  http://docs.yahoo.com/info/terms/


 --- end forwarded text


 --
 -
 R. A. Hettinga 
 The Internet Bearer Underwriting Corporation 
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 ___
 Clips mailing list
 [EMAIL PROTECTED]
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

RE: [EMAIL PROTECTED]: Skype security evaluation]

[Whyte, William]

A similar approach enabled Bleichenbacher's SSL attack on 
RSA with PKCS#1 padding. This sounds very dangerous to me.

William 

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of cyphrpunk
> Sent: Friday, October 28, 2005 5:07 AM
> To: [EMAIL PROTECTED]; cryptography@metzdowd.com
> Subject: Re: [EMAIL PROTECTED]: Skype security evaluation]
> 
> Wasn't there a rumor last year that Skype didn't do any encryption
> padding, it just did a straight exponentiation of the plaintext?
> 
> Would that be safe, if as the report suggests, the data being
> encrypted is 128 random bits (and assuming the encryption exponent is
> considerably bigger than 3)? Seems like it's probably OK. A bit risky
> perhaps to ride bareback like that but I don't see anything inherently
> fatal.
> 
> CP
> 
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to 
> [EMAIL PROTECTED]
> 
> 

Re: packet traffic analysis

[John Denker]

In the context of:

>>If your plaintext consists primarily of small packets, you should set the MTU
>>of the transporter to be small.   This will cause fragmentation of the
>>large packets, which is the price you have to pay.  Conversely, if your
>>plaintext consists primarily of large packets, you should make the MTU large.
>>This means that a lot of bandwidth will be wasted on padding if/when there
>>are small packets (e.g. keystrokes, TCP acks, and voice cells) but that's
>>the price you have to pay to thwart traffic analysis.

Travis H. wrote:


I'm not so sure.  If we're talking about thwarting traffic on the link
level (real circuit) or on the virtual-circuit level, then you're
adding, on average, a half-packet latency whenever you want to send a
real packet. 


I very much doubt it.  Where did that factor of "half" come frome.


I don't see any reason why it's necessary to pay these costs if you
abandon the idea of generating only equal-length packets 


Ah, but if you generate unequal-length packets then they are
vulnerable to length-analysis, which is a form of traffic analysis.
I've seen analysis systems that do exactly this.  So the question is,
are you trying to thwart traffic analysis, or not?

I should point out that encrypting PRNG output may be pointless, 


*is* pointless, as previously discussed.


and
perhaps one optimization is to stop encrypting when switching on the
chaff. 


A better solution would be to leave the encryption on and use constants
(not PRNG output) for the chaff, as previously discussed.


Some minor details
involving resynchronizing when the PRNG happens to


The notion of synchronized PRNGs is IMHO crazy -- complicated as well as
utterly unnecessary.

[Clips] How Tools of War On Terror Ensnare Wanted Citizens

[R.A. Hettinga]

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Mon, 31 Oct 2005 07:35:05 -0500
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] How Tools of War On Terror Ensnare Wanted Citizens
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 

 The Wall Street Journal

  October 31, 2005
  PAGE ONE

 New Dragnet
  How Tools of War
  On Terror Ensnare
  Wanted Citizens
 Border, Immigration Agencies
  Tap Into FBI Database;
  Questions About Privacy
 Mr. Samori's Speeding Ticket
 By BARRY NEWMAN
 Staff Reporter of THE WALL STREET JOURNAL
 October 31, 2005; Page A1

 Driving in from Mexico last March, Jaime Correa was stopped by federal
 inspectors at a border post near San Diego. They fed the 21-year-old U.S.
 citizen's name into a computer with a fast link to the federal government's
 huge database of criminal files. Readout: Wanted in Los Angeles for
 attempted murder.

 Another citizen, Issah Samori, walked into a federal office in Chicago the
 previous year. He is 60, a cabbie, and was there to help his wife get a
 green card. An immigration clerk fed his name into the same computer.
 Readout: Wanted in Indiana for speeding.

 The border guards handed Mr. Correa over to the San Diego police, who
 locked him up. The Chicago police came to collect Mr. Samori. He spent the
 night on a concrete slab in a precinct cell.

 Detentions of American citizens by immigration authorities for offenses
 large and small are becoming routine -- and have begun to stir a debate
 over the appropriate use of the latest technologies in the war on terror.
 Since the attacks of Sept. 11, 2001, immigration computers have been hooked
 up to the expanding database of criminal records and terrorist watch lists
 maintained by the Federal Bureau of Investigation. The computers are now in
 use at all airports, most border crossings, and even in domestic
 immigration offices, where clerks decide on applications for permanent
 residence and citizenship.

 The screenings are mainly meant to trap foreigners, and especially foreign
 terrorists, but they have also proved to be a tool in the hunt for American
 citizens wanted by the police. In 2003, U.S. Customs and Border Protection
 says that it alone caught 4,555 Americans this way. In 2004, the number
 rose to 6,189.

 Some law enforcers applaud that tally. Citizens with nothing to hide, they
 argue, shouldn't care if their names are put through a criminal search, and
 criminals should have no "expectation of privacy." The arrests have brought
 in some serious offenders, like Mr. Correa, a Los Angeles gang member, who
 was accused of a drive-by shooting. He was convicted this month of assault
 with a firearm, and sentenced to eight years in prison. There have been
 others like him: citizens wanted for armed robbery, murder and sex crimes.

 But some legal scholars and defenders of privacy worry that easy access to
 criminal databases is giving rise to indiscriminate detentions of citizens
 for minor offenses, and to a "mission creep" that is blurring the line
 between immigration control and crime control. Routine encounters like Mr.
 Samori's, some say, shouldn't give civil servants a "free shot" to fish for
 records unrelated to the administrative purpose at hand.

 It isn't as if those the computer snags are being "pulled over for a broken
 tail-light," says former Atlanta policeman Mark Harrold, who teaches law at
 the University of Mississippi. Rather, as he sees it, they are being caught
 as they engage in civil pursuits "like going in for a marriage license."

 Born in Ghana, Mr. Samori has lived for 35 years in a brick house on
 Chicago's South Side. When he and his new Ghanaian wife, Hilda, sat down in
 an immigration clerk's cubicle in mid-2004, Mr. Samori knew that as a
 citizen he had a right to sponsor her for permanent residence. The two came
 ready to show that their marriage was genuine. But the clerk just stared at
 his computer.

 "He said we can't do the interview," Mr. Samori recalls. "I asked why. He
 said, because we have an arrest warrant on you. I told him, whatever it is,
 I'm ready to face it."

 The clerk reached for his phone. Two officers appeared. Hilda Samori cried
 as her husband was led out. He spent three nights in jail on his way to
 Indiana court, where his reckless-driving charge, a misdemeanor, was
 eventually set aside. Mrs. Samori had to wait a year and a half for her
 green-card application to be reopened.

 Immigration service officials say reporting wanted citizens has become
 standard procedure. "If you have unfinished business with the police, it's
 best to take care of that before you come in asking for a service or a
 benefit," says Christopher Bentley, a spokesman for U.S. Citizenship and
 Immigration Services, the border-protection agency's domestic sister. Apart
 from confirming a citizen sponsor's identi

[Clips] The myth of "suitcase nukes."

[R.A. Hettinga]

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Mon, 31 Oct 2005 07:24:09 -0500
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] The myth of "suitcase nukes."
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 



 OpinionJournal
 WSJ Online


 AT WAR

 Baggage Claim
 The myth of "suitcase nukes."

 BY RICHARD MINITER
 Monday, October 31, 2005 12:01 a.m. EST

 "It is the duty of Muslims to prepare as much force as possible to
 terrorize the enemies of God."

 --Osama bin Laden, May 1998

  "Bin Laden's final act could be a nuclear attack on America."

 --Graham Allison, Washington Post

  "One hundred suitcase-size nuclear bombs were lost by Russia."

 --Gerald Celente, "professional futurist," Boston Globe


  Like everyone else rushing off the Washington subway one rush-hour
 morning, Ibrahim carried a small leather briefcase. No one paid him or his
 case much mind, except for the intern in the new Brooks Brothers suit who
 pushed past him on the escalator and banged his shin. "What do you have in
 there? Rocks?"

  Ibrahim's training had taught him to ignore all provocations. You will
 see, he thought.

  The escalator carried him up and out into the strong September sunlight.
 It was, as countless commentators would later say, a perfect day. As he
 walked from the Capitol South metro stop, he saw the Republican National
 Committee headquarters to his right. Two congressional office buildings
 loomed in front of him. Between the five-story structures, the U.S. Capitol
 dome winked in the sun. It was walled off in a mini-Green Zone of jersey
 barriers and armed police. He wouldn't trouble them. He was close enough.

  He put the heavy case down on the sidewalk and pressed a sequence of
 buttons on what looked like standard attaché-case locks. It would be just a
 matter of seconds. When he thought he had waited long enough, he shouted in
 Arabic: "God is great!" He was too soon. Some passersby stared at him.
 Two-tenths of a second later, a nuclear explosion erased the entire scene.
 Birds were incinerated midflight. Nearly 100,000 people--lawmakers, judges,
 tourists--became superheated dust. Only raindrop-sized dollops of
 metal--their dental fillings--remained as proof of their existence. In
 tenths of a second--less time than the blink of a human eye--the 10-kiloton
 blast wave pushed down the Capitol (toppling the Indian statute known as
 "Freedom" at the dome's top), punched through the pillars of the U.S.
 Supreme Court, smashed down the three palatial Library of Congress
 buildings, and flattened the House and Senate office buildings.

  The blast wave raced outward, decapitating the Washington Monument,
 incinerating the Smithsonian and its treasures, and reducing to rubble the
 White House and every office tower north to Dupont Circle and south to the
 Anacostia River. The secondary, or overpressure, wave jumped over the
 Potomac, spreading unstoppable fires to the Pentagon and Arlington, Va.
 Planes bound for Reagan and Dulles airports tumbled from the sky.

  Tens of thousands were killed instantly. By nightfall, another 250,000
 people were dying in overcrowded hospitals and impromptu emergency rooms
 set up in high school gymnasiums. Radiation poisoning would kill tens of
 thousands more in the decades to come. America's political, diplomatic and
 military leadership was simply wiped away. As the highest-ranking survivor,
 the agriculture secretary took charge. He moved the capital to Cheyenne,
 Wyo.

  That is the nightmare--or one version, anyway--of the nuclear suitcase. In
 the aftermath of the September 11 attacks, this nuclear nightmare did not
 seem so fanciful.

  A month after September 11, senior Bush administration officials were told
 that an al Qaeda terrorist cell had control of a 10-kiloton atomic bomb
 from Russia and was plotting to detonate it in New York City. CIA director
 George Tenet told President Bush that the source, code-named "Dragonfire,"
 had said the nuclear device was already on American soil. After anxious
 weeks of investigation, including surreptitious tests for radioactive
 material in New York and other major cities, Dragonfire's report was found
 to be false. New York's mayor and police chief would not learn of the
 threat for another year.

  The specter of the nuclear suitcase bomb is particularly potent because it
 fuses two kinds of terror: the horrible images of Hiroshima and the suicide
 bomber, the unseen shark amid the swimmers. The fear of a suitcase nuke,
 like the bomb itself, packs a powerful punch in a small package. It also
 has a sense of inevitability. A December 2001 article in the Boston Globe
 speculated that terrorists would explode suitcase nukes in Chicago, Sydney
 and Jerusalem . . . in 2004.

  Every version of the nuclear suitcase bomb scare relies on one or more
 strands of evidence, two from diff

[Clips] Security 2.0: FBI Tries Again To Upgrade Technology

[R.A. Hettinga]

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Mon, 31 Oct 2005 07:29:37 -0500
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] Security 2.0: FBI Tries Again To Upgrade Technology
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 

 The Wall Street Journal

  October 31, 2005

 Security 2.0:
  FBI Tries Again
  To Upgrade Technology
 By ANNE MARIE SQUEO
 Staff Reporter of THE WALL STREET JOURNAL
 October 31, 2005; Page B1

 As the fifth chief information officer in as many years at the Federal
 Bureau of Investigation, Zalmai Azmi faces a mystery: How to create a
 high-tech system for wide sharing of information inside the agency, yet at
 the same time stop the next Robert Hanssen.

 Mr. Hanssen is the rogue FBI agent who was sentenced to life in prison for
 selling secret information to the Russians. His mug shot -- with the words
 "spy, traitor, deceiver" slashed across it -- is plastered on the walls of
 a room at FBI headquarters where two dozen analysts try to track security
 breaches.

 Mr. Hanssen's arrest in February 2001, and his ability to use the agency's
 archaic system to gather the information he sold, led FBI officials to want
 to "secure everything" in their effort to modernize the bureau, Mr. Azmi
 says. But then, investigations after the Sept. 11 terrorist attacks showed
 that FBI agents had information about suspected terrorists that hadn't been
 shared with other law-enforcement agencies. So then "we said, 'Let's share
 everything,'" Mr. Azmi says.

 Since then, the FBI spent heavily to upgrade its case-management system,
 from one that resembled early versions of personal computers -- green type
 on a black computer screen, requiring a return to the main menu for each
 task -- to a system called Virtual Case File, which was supposed to use
 high-speed Internet connections and simple point-and-click features to sort
 and analyze data quickly.

 But after four years and $170 million, the dueling missions tanked the
 project. FBI Director Robert Mueller in April pulled the plug on the much
 ballyhooed technology amid mounting criticism from Congress and feedback
 from within the bureau that the new system wasn't a useful upgrade of the
 old, rudimentary system. As a result, the FBI continues to use older
 computer systems and paper documents remain the official record of the FBI
 for the foreseeable future.

 Highlighting the agency's problems is the recent indictment of an FBI
 analyst, Leandro Aragoncillo, who is accused of passing secret information
 to individuals in the Philippines. After getting a tip that Mr. Aragoncillo
 was seeking to talk to someone he shouldn't have needed to contact, the FBI
 used its computer-alert system to see what information the analyst had
 accessed since his hiring in 2004, a person familiar with the probe said.
 The system didn't pick up Mr. Aragoncillo's use of the FBI case-management
 system as unusual because he didn't seek "top secret" information and
 because he had security clearances to access the information involved, this
 person said.

 The situation underscores the difficulties in giving analysts and FBI
 agents access to a broad spectrum of information, as required by the 9/11
 Commission, while trying to ensure rogue employees aren't abusing the
 system. It's up to Mr. Azmi to do all this -- without repeating the
 mistakes of Virtual Case File.

 Much is at stake: FBI agents and analysts are frustrated by the lack of
 technology -- the FBI finished connecting its agents to the Internet only
 last year -- and Mr. Mueller's legacy depends on the success of this
 effort. The FBI director rarely appears at congressional hearings or news
 conferences without his chief information officer close by these days.

 An Afghan immigrant, the 43-year-old Mr. Azmi fled his native country in
 the early 1980s after the Soviet invasion. After a brief stint as a car
 mechanic in the U.S., he enlisted in the Marines in 1984 and spent seven
 years mainly overseas. A facility for languages -- he speaks five -- helped
 him win an assignment in the Marines working with radio communications and
 emerging computer technologies.

 When he returned to the U.S., he joined the U.S. Patent and Trademark
 Office as a project manager developing software and hardware solutions for
 patent examiners. He attended college and graduate school at night,
 obtaining a bachelor's degree in information systems from American
 University and a master's degree in the same field from George Washington
 University, both in Washington, D.C. Afterward, he got a job at the Justice
 Department in which he helped upgrade technology for U.S. attorneys across
 the country.

 That is where he was working when terrorists attacked Sept. 11, 2001. On
 Sept. 12, armed with two vans of equipment, Mr. Azmi and a team of
 engineers traveled from Washingt

[Clips] Christopher Hitchens: What Goes Around Comes Around

[R.A. Hettinga]

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Mon, 31 Oct 2005 06:48:56 -0500
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] Christopher Hitchens: What Goes Around Comes Around
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 

 The Wall Street Journal

  ?   October 31, 2005
  COMMENTARY

 What Goes Around Comes Around
 By CHRISTOPHER HITCHENS
 October 31, 2005; Page A16

 The Republicans who drafted and proposed the Intelligence Identities
 Protection Act in the early days of the Reagan administration, in a vain
 attempt to end the career of CIA defector Philip Agee, could not have known
 that their hasty legislation would one day paralyze the workings of a
 conservative wartime administration. Nor could the eager internationalist
 Wilsonians who rammed through the 1917 Espionage Act -- the most repressive
 legislation since the Alien and Sedition laws -- have expected it to be
 used against government officials making the case for an overseas military
 intervention.

 But then, who would have thought that liberals and civil libertarians --
 the New York Times called for the repeal of the IIPA as soon as it was
 passed, or else for it to be struck down by the courts -- would find these
 same catch-all statutes coming in handy for the embarrassment of Team Bush?
 The outrage of the left at any infringement of CIA prerogatives is only the
 least of the ironies in the indictment of Lewis Libby for discussing
 matters the disclosure of which, in and of itself, appears to have violated
 no known law.

 To judge by his verbose and self-regarding performance, containing as it
 did the most prolix and least relevant baseball analogy ever offered to a
 non-Chicago audience, Patrick Fitzgerald is not a man with whom the ironic
 weighs heavily. Nor does he seem discountenanced by his failure to find any
 breach in the IIPA or even the more broadly drawn Espionage Act. Mr. Libby
 stands accused of misstating his conversations with almost every journalist
 in Washington except for the only one -- Robert Novak -- who actually
 published the totemic name of Valerie Plame. "We have not made any
 allegation that Mr. Libby knowingly and intentionally outed a covert
 agent," Mr. Fitzgerald contentedly confirmed.

 If -- and one has to say "if" -- the transmission of any classified
 information is a crime, then as Mr. Fitzgerald also confirmed, one would be
 in the deep waters of the Espionage Act, which is "a very difficult statute
 to interpret." Actually, it is a very easy act to interpret. It declares
 that even something very well-known is secret if the state defines it as
 secret: the same principle as the dreaded British Official Secrets Act. As
 to the critical question of whether Mr. Plame had any cover to blow, Mr.
 Fitzgerald was equally insouciant: "I am not speaking to whether or not
 Valerie Wilson was covert."

 In the absence of any such assertion or allegation, one must be forgiven
 for wondering what any of this gigantic fuss can possibly be about. I know
 some apparently sensible people who are prepared to believe, still, that a
 Machiavellian cabal in the White House wanted to punish Joseph Wilson by
 exposing his wife to embarrassment and even to danger. So strong is this
 belief that it envisages Karl Rove (say) deciding to accomplish the foul
 deed by tipping off Robert Novak, one of the most anti-Iraq-war and pro-CIA
 journalists in the capital, as if he were precisely the pliant tool one
 would select for the dastardly work. And then, presumably to thicken the
 plot, Mr. Novak calls the CIA to confirm, as it readily did, that Ms. Plame
 was in the agency's employ.

 Meanwhile, and just to make things more amusing, George Tenet, in his
 capacity as Director of Central Intelligence, tells Dick Cheney that he
 employs Mr. Wilson's wife as an analyst of the weird and wonderful world of
 WMD. So jealously guarded is its own exclusive right to "out" her, however,
 that no sooner does anyone else mention her name than the CIA refers the
 Wilson/Plame disclosure to the Department of Justice.

 Mr. Fitzgerald, therefore, seems to have decided to act "as if." He
 conducts himself as if Ms. Plame's identity was not widely known, as if she
 were working under "non official cover" (NOC), as if national security had
 been compromised, and as if one or even two catch-all laws had been broken.
 By this merely hypothetical standard, he has performed exceedingly well,
 even if rather long-windedly, before pulling up his essentially empty net.

 However, what if one proposes an alternative "what if" narrative? What if
 Mr. Wilson spoke falsely when he asserted that his wife, who was not in
 fact under "non-official cover," had nothing to do with his visit to Niger?
 What if he was wrong in stating that Iraqi envoys had never even expressed
 an interest in Niger's only

Please confirm your request to join hersey-serbest

[Yahoo! Groups]

Hello cypherpunks@minder.net,

We have received your request to join the hersey-serbest 
group hosted by Yahoo! Groups, a free, easy-to-use community service.

This request will expire in 7 days.

TO BECOME A MEMBER OF THE GROUP: 

1) Go to the Yahoo! Groups site by clicking on this link:
   
http://groups.yahoo.com/i?i=4VElF71LeNJ5njsXdcV8fVL0qjE&e=cypherpunks%40minder%2Enet
 

  (If clicking doesn't work, "Cut" and "Paste" the line above into your 
   Web browser's address bar.)

-OR-

2) REPLY to this email by clicking "Reply" and then "Send"
   in your email program

If you did not request, or do not want, a membership in the
hersey-serbest group, please accept our apologies
and ignore this message.

Regards,

Yahoo! Groups Customer Care

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/