Re: [cryptography] Google backdoor confirmation
* Jacob Appelbaum schrieb am 2013-06-08 um 09:20 Uhr: I've heard that email service in Germany requires very strict interception and so-called lawful access requirements on all internet services after a certain number of users. I believe the number is 10,000 or so. The number comes from the »Telekommunikations-Überwachungsverordnung« (telecommunication surveillance act). The §3 section 2 of URL:http://www.gesetze-im-internet.de/tk_v_2005/__3.html says that if you have not more than 1 users then you don't have to install special hard- or software. From my knowledge there are several limits. If a provider has less than 1000 customers there is no need fpr special surveillance equipment. So if at some point the police comes with a court order he has to activate surveillance somehow. If a provider has between 1000 and 1 customers he has to have technical equipment and processes for doing surveillance. If a court order arrives he must activate surveillance within a working day. Larger providers need to have a SINA-Box (URL:https://de.wikipedia.org/wiki/Sichere_Inter-Netzwerk_Architektur, german Wikipedia, URLhttps://www.bsi.bund.de/DE/Themen/weitereThemen/SINA/Systembeschreibung/sysbeschreibung.html, german description) installed in his network. This is a VPN Box between the provider and the LEA. -- Jens Kubieziel http://www.kubieziel.de Spielen ist Experimentieren mit dem Zufall. Novalis signature.asc Description: Digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Cypherpunks mailing list
* Adam Back schrieb am 2013-03-25 um 09:25 Uhr: Maybe someone with a more neutral domain could try it - or a cypherpunks.* domain if they have a listserv handy. Our local hackerspace uses a rather neutral address: URL:https://list.lstsrv.org/ We could also host the Cypherpunks list, if you like. However here is no Majordomo running (and probably never will be). As far as I see it the list doesn't use the distributed feature, so switching to Mailman should not be a hard problem. If you like a more on topic domain I could setup a mailing list at anonymitaet-im-inter.net. ;) This is german for »anonymity on the internet«. The site hosts at the moment only a Mixmaster node. -- Jens Kubieziel http://www.kubieziel.de Wo die Zivilcourage keine Heimat hat, reicht die Freiheit nicht weit. Willy Brandt signature.asc Description: Digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Generating passphrases from fingerprints
Hi, recently I had a discussion about biometric data. The following problem occured: Assume someone wants to register at a website. He swipes his finger over his fingerprint reader. The reader generates strong passphrase from the fingerprint and other data (hostname of the targeted site, user name etc.) and creates a strong password. This will be the users login password. Everytime the user wants to log in again he swipes his finger over the reader, password is generated again and sent to the site. We were not sure if it possible to generate the same passphrase again and again. Does anyone know if such systems exist? Will generating the passphrase work? I'd glad to hear some opinions about this. -- Jens Kubieziel http://www.kubieziel.de FdI#157: eMail I don't have an email address. I reached an age where my main purpose is not to receive messages. (Umberto Eco) signature.asc Description: Digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography