Re: US Seeks Bobby Fischer Extradition

2004-07-17 Thread Major Variola (ret)
At 10:30 AM 7/16/04 -0700, Eric Cordian wrote:
>So it should be interesting to see how this case unfolds, in a country
where Martha
>Stewart can go to prison for lying, but Colin Powell can't.

Colin was/is played the fool.  He was a killer, wanted to be a diplomat.

They had to let him; but he's so out of the Real Loop is comedic.

thanks for the news re BF.

Supposedly my ancestors go back to Abraham, but you've largely
convinced me to get over the default amerikan zionism.  The germans
should have given
up a slice of the coast of the Med., price of war, a lot nicer than some

desert, fuck the books.   Really the UK's fault, but the progression is
Romans, Brits, then US.

But empire == death,  song here,
how many whatevers, fuck it, if it moves, bomb it, if you're not
with us you're up the chimneys.





Re: USA PATRIOT Act Survives Amendment Attempt

2004-07-17 Thread Major Variola (ret)
At 03:34 PM 7/16/04 -0400, [EMAIL PROTECTED] wrote:
>> > I posted a few months back offering an alternative to religion in
>> > recruitment: the terminally ill.
>>
>> That's not good for this purpose; their lifetime is too short.
>
>Do you have evidence to support this (e.g., average survivial times of
the TI from their first learning about their condition)?

When I find out that I have 6 months left, I will take up motorcycle
riding,
which my parents prohibited, probably resulting in my respiring
currently.

A lone sleeper cell for the Constitution would not be so far from this.

Should they draft my son, I might have to practice a bit of chemistry
(or get a friggin scope and zero it) just then, he being at times a
reason
for my living.  Many slaves died trying to escape, I suspect.

However, I have no terminal illness, so its all moot, take note,
Herrs Spooks.

Have a nice day.









Re: "Terror in the Skies, Again?"

2004-07-17 Thread Tyler Durden
Sounds to me like Al-Qaeda is just getting the most mileage they can out of 
their little PR Event a couple of years ago. They don't even need to blow up 
anything to get the most bang for their buck.

Hell, in this story the biggest threat was the incompetence of the airline.
-TD


From: "Major Variola (ret)" <[EMAIL PROTECTED]>
To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Re: "Terror in the Skies, Again?"
Date: Fri, 16 Jul 2004 17:36:21 -0700
At 02:19 PM 7/16/04 -0500, Riad S. Wahby wrote:
>I don't quite know what to make of this.  Is it just paranoid rambling?
>
>http://www.womenswallstreet.com/WWS/article_landing.aspx?titleid=1&articleid=711
>
What I experienced during that
>flight has caused me to question whether the United States of America
>can realistically uphold the civil liberties of every individual, even
>non-citizens, and protect its citizens from terrorist threats.
>
Ask the American citizens interned in California during WWII..


_
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/



FIPS chassis/linux security engineer?

2004-07-17 Thread Eric Murray


Does anyone know of a manufacturer of FIPS 140 certified or
certifiable 1u/2u rack mount chassis?

For a seperate project, does anyone know of a small linux-ready/able
box with ethernet?
Gumstix looks cool but I need hardwire networking.


Last, I'm looking for a Linux expert security engineer in the SF
bay area.  (I'm managing a security group at a startup that has
been shipping products to paying customers for a few years.  No its
not lne.com, this just address I use to post).

This person will need to know linux/unix OS security/hardening _in
depth_ and also have an understanding of crypto APIs (writing them not
using them) plus significant industry experience.  Sorry, no relocation
assistance.


Eric



Re: vacuum-safe laptops ?

2004-07-17 Thread Peter Gutmann
Thomas Shaddack <[EMAIL PROTECTED]> writes:

>There are many various embedded computers available on the market, eg. the
>one from . (Question for the crowd: anybody knows
>other comparable or better Linux-ready affordable embedded computer
>solutions?)

When I investigated this a while back, gumstix were about the best deal.  They
also have pretty good support, it's a small company and the techies directly
answer queries on mailing lists.

Peter.



Re: vacuum-safe laptops ?

2004-07-17 Thread Tyler Durden
Sorry to need educating once again, but I had assumed can-shaped capacitors 
were gone from laptops in lieu of surface mount. Anyone know? (I don't own a 
laptop.)
-TD


From: "Major Variola (ret)" <[EMAIL PROTECTED]>
To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Re: vacuum-safe laptops ?
Date: Fri, 16 Jul 2004 17:27:56 -0700
At 06:35 AM 7/16/04 -0400, An Metet wrote:
>Does anyone *know* (first or second hand, I can speculate myself) which
laptops, if any, can safely go to zero air pressure (dropping from 1 atm
to 0 in, say, 1 minute.)
Sorry so late ---but your can-shaped capacitors might not handle the
rapid depressurization
so well.
MV

_
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/



Re: vacuum-safe laptops ?

2004-07-17 Thread Major Variola (ret)
At 06:35 AM 7/16/04 -0400, An Metet wrote:
>Does anyone *know* (first or second hand, I can speculate myself) which
laptops, if any, can safely go to zero air pressure (dropping from 1 atm
to 0 in, say, 1 minute.)

Sorry so late ---but your can-shaped capacitors might not handle the
rapid depressurization
so well.

MV




Re: FIPS chassis/linux security engineer?

2004-07-17 Thread Thomas Shaddack

On Sat, 17 Jul 2004, Eric Murray wrote:

> For a seperate project, does anyone know of a small linux-ready/able
> box with ethernet?
> Gumstix looks cool but I need hardwire networking.

Soekris, .
PXA255, 

Are there more, and/or better?



Re: vacuum-safe laptops ?

2004-07-17 Thread Thomas Shaddack
On Fri, 16 Jul 2004, Major Variola (ret) wrote:

> >Does anyone *know* (first or second hand, I can speculate myself) which
> laptops, if any, can safely go to zero air pressure (dropping from 1 atm
> to 0 in, say, 1 minute.)
> 
> Sorry so late ---but your can-shaped capacitors might not handle the
> rapid depressurization so well.

Perhaps it's time to challenge the introductory assumption. Why a laptop? 
There are many various embedded computers available on the market, eg. the 
one from . (Question for the crowd: anybody knows 
other comparable or better Linux-ready affordable embedded computer 
solutions?) You may like to take such module and seal it in resin in order 
to shield it from the pressure changes (question for the crowd: would it 
really work?). Use memory card instead of hard drive; you don't want 
moving parts that depend on air density. The smaller size and lower power 
consumption than a laptop has makes many issues, from cooling to powering, 
much easier; vacuum-proofing and testing of the assembly is potentially 
simplified as well.

I'd also be cautious about the fluorescent tubes for the displays, the 
glass won't necessarily have to withstand the rapid change in air 
pressure. The LCDs themselves consist from two layers of glass with a 
electricalyl-sensitive light-polarizing liquid between them, make sure it 
won't have tendency to boil or vaporize in vacuum.

Optionally, for unmanned operation, do without the display completely. For 
manned operation, use something like the head-worn see-through 
 display, located in the operator's 
pressure suit, and connect it to the computer by a suitable wired or 
wireless connection.

If the system has to go beyond the reach of the atmosphere, you would like 
to use some sort of radiation shielding, or use a redundant assembly with 
several computers working in parallel, compensating lower reliability 
(silicon-on-insulator chips are difficult to find in off-the-shelf 
setting) with redundancy. You may also prefer to keep critical systems 
working on lower frequencies, with older-design parts, using bipolar 
transistors instead of CMOS (which tends to trap charged particles in the 
insulator layers of the gates, which shifts the gate threshold voltage), 
and chips with larger structures (so the ionization traces of particles 
won't affect the chips that much). Protect the content of the memories - 
large arrays of rad-sensitive elements - with ECC codes. GaAs is also more 
radiation resistant material than silicon. Again, combine rad-hard design 
with redundancy for best results.

Cooling is a royal bitch. You can't use anything but radiation cooling. I 
think satellites use a neat trick with pipes containing a wick soaked in a 
suitable liquid, eg. some freon. The liquid is vaporizing on the hot end 
of the pipe, condensing on the cold end, and soaking back to the hot end 
by capillary forces; this is used to bring the heat from the power parts 
and the sun-facing side of the satellite to the dark side of the 
satellite, from where it radiates to space. (Question for the crowd: Can 
thermal imaging be used for scanning the sky for low-orbit satellites? 
Other question for the crowd: How suitable would be this wick-in-a-tube 
approach for "ground-level" computers, could it increase the efficiency of 
heat transfer from the CPU chips to the wings of the heatsinks? Eg. for 
the purpose of having the computer sealed in an RF-shielded enclosure, 
with the heatsinks being part of the case, which could eliminate the 
cooling air inlets?)



Re: vacuum-safe laptops ?

2004-07-17 Thread Major Variola (ret)
At 04:03 AM 7/17/04 +0200, Thomas Shaddack wrote:
>On Fri, 16 Jul 2004, Major Variola (ret) wrote:

>> Sorry so late ---but your can-shaped capacitors might not handle the
>> rapid depressurization so well.
>
>Perhaps it's time to challenge the introductory assumption. Why a
laptop?
>There are many various embedded computers available on the market, eg.
the
>one from .

Um, even the small form factor PC on a board the size of your palm
may still rely on caps in the power supply that don't handle 760 to 0
mm Hg/min so readily.  Otherwise, there are many small PCs on a card if
you
look into the embedded marketplace.  Complete with solid state disks,
etc.
COTS.

Power dissipation is not a problem if you use a CPU like Via's and
have a nice radiative heatsink.  Or dick with Peltier-effect junctions
at the expense of watts.

ARM's edge is low power, but you may not want to run Linux or BSD or a
RTOS,
perhaps anon actually wants to run M$ in a low pressure environ.
Perhaps that's why he's anonymous :-)

My guess is regular ole airplane takeoff, but its not quite 0 torr
at 35Kfeet, and I *think* the cargo part is pressurized, lest
Fido suffocate.

And while a SAM would be a great science fair
project, you don't go above that limit.  Perhaps anon will
be a space tourist, wanting to take notes, on something heavier
than a PDA+keyboard.

I once TA'd at a UC, one advanced ugrad had a project for an atmospheric

science prof building a board for the nose of a spyplane, to sample
the air.  (For ozone, not nucleotides.  No, really.)
He was interested in vibration problems; I told him to take
his proto board on an offroad trip in his car to shake out the moths.

Am not sure that epoxy cover makes a difference, the board manuf.
go to lengths to avoid air pockets under traces, the ICs themselves
fairly (albeit not guaranteed) encapsulated in an epoxy mix.

We-all being scientists, I'd suggest looking up with the vacuum
hobbyists do with fridge pumps, etc, and doing a bit of testing.
I've even seen using a CRT as a vacuum source, break the glass
neck and shazaam, a few litres of hard vacuum.


Got Kalman filtering?





Secure telephones

2004-07-17 Thread Thomas Shaddack

Pondering construction of a secure telephone. (Or at least a cellphone in 
general. The user interfaces and features available on virtually all the 
mass-market phones suck, to put it very very mildly, not even mentioning 
that there's no access to their firmware (so no chance of audit), poor or 
no support for SSL (while running HTTP through the operator's proxy), and 
typically no possibility to run more than one Java applet (or other 
program) at the same time. A combination of a GSM/GPRS module with a 
suitable embedded Linux-running computer could be the right solution.)


The easiest way is probably a hybrid of telephone/modem, doing normal 
calls in "analog" voice mode and secure calls in digital modem-to-modem 
connection. The digital layer may be done best over IP protocol, assigning 
IP addresses to the phones and making them talk over TCP and UDP over the 
direct dialup. (We cannot reliably use GPRS, as the quality of service is 
not assured, so we have to use direct dialup. But we can implement "real" 
IP later, when the available technology reaches that stage.)

Once we have the phones talking over IP with each other, we can proceed 
with the handshake. I'd suggest using OpenSSL for this purpose, as it 
offers all we need for certificates and secure transfer of the key. Then 
use UDP for the voice itself, using eg. stripped-down SpeakFreely as the 
engine. So during the call, two connections will be open over the IP 
channel: the command one (SSL-wrapped TCP, for key and protocol handshake, 
ensuring the identity of the caller, etc.), and the data one (a 
bidirectional UDP stream). As the command connection should be silent for 
most of the time, a 14k4 modem should offer us enough bandwidth for 9k6 
GSM codec, even with the UDP/IP overhead.

The problem is with the calls themselves, determining if they have to be 
connected as secure or as insecure.

For landlines, it's easy; we can hold the line open while switching the 
modem between voice and data modes, even if we'd have to do it the 
"hardcore" way with a relay and a 600-ohm resistor connected to the phone 
line during modem hangup. We then can freely alternate between voice and 
data, starting in voice and getting the telephones negotiate over "analog 
sound" using some sequences of beeps, like during the time of acoustically 
coupled modems. We need just few 100s bps to tell each other that we both 
support secure call, and that we want to switch to it.

However, the cellphones pose a much worse problem. The voice/data call 
type is determined at the connection time, and as far as I know, can't be 
changed on-fly. So we would have to have the desired call mode specified 
in the phone's addressbook (with eventual secure mode advertising through 
the mentioned beep sequence when in insecure mode, and eventual automatic 
or manual redial in secure mode). Does anybody here know if there is a 
workaround available for this? How does the Siemens crypto-phone 
 solve this?

It is possible to place data calls from a GSM phone. But it is possible to 
RECEIVE the data calls on it? Can I connect a cellphone to a laptop and 
have a dial-in server?


A workaround here could be exploiting the always-on properties of GPRS (if 
the Enfora modules offer GPRS simultaneously with GSM calls, it could 
provide a lot fo advantages), and use eg. Jabber as a messaging platform 
(overcoming the difficulties with secure SMS messaging), and optionally 
also for secure call negotiation, serving here as a control connection.


A nice feature could be a phone-located voicemail (won't cover the 
situations when the phone is outside of the network reach, but could be 
handy for the situations where the phone is just told to not ring). The 
advantages would be the possibility of the voice being transported in 
secure mode, and the possibility of encrypting the messages in storage. 

Another feature, that could make the device rather attractive in some 
demographics, is the possibility of having the phonebook stored encrypted 
on the handset, inaccessible without a PIN, or not located there at all, 
stored remotely. Yet another advantage, useful for closed groups, is the 
possibility of using Jabber UIDs dynamically mapped to phone numbers, 
allowing the users to swap the handsets, bringing a bit of deniability 
into the location tracking.


The modularity of the design should allow low degree of lock-in to the 
vendors and networks; other modules than Enfora can be used for different 
standards, Enfora produces tri-band (and even quad-band, adding 850 MHz to 
the mix) ones for both US and EU/AU/NZ markets, the control computer 
should be exchangeable for any other kind, with just minor tweaks in the 
software itself. Openness of the design should allow the implementation of 
other emerging secure comm standards, including but not limited to Skype.
Various message-anonymizing tricks could be also done, using 
mixmaster-style forward

Re: vacuum-safe laptops ?

2004-07-17 Thread J.A. Terranson

On Fri, 16 Jul 2004, Major Variola (ret) wrote:

> At 06:35 AM 7/16/04 -0400, An Metet wrote:
> >Does anyone *know* (first or second hand, I can speculate myself) which
> laptops, if any, can safely go to zero air pressure (dropping from 1 atm
> to 0 in, say, 1 minute.)



I got it!  I got it!!!  You're building an ICBM?

-- 
Yours,

J.A. Terranson
[EMAIL PROTECTED]
0xBD4A95BF

  "...justice is a duty towards those whom you love and those whom you do
  not.  And people's rights will not be harmed if the opponent speaks out
  about them."  Osama Bin Laden
- - -

  "There aught to be limits to freedom!"George Bush
- - -

Which one scares you more?



Re: "Terror in the Skies, Again?"

2004-07-17 Thread Major Variola (ret)
At 02:19 PM 7/16/04 -0500, Riad S. Wahby wrote:
>I don't quite know what to make of this.  Is it just paranoid rambling?

>
>http://www.womenswallstreet.com/WWS/article_landing.aspx?titleid=1&articleid=711

>

What I experienced during that
>flight has caused me to question whether the United States of America
>can realistically uphold the civil liberties of every individual, even
>non-citizens, and protect its citizens from terrorist threats.
>

Ask the American citizens interned in California during WWII..