Re: [liberationtech] Frei PiratenPartei
On Thu, May 16, 2013 at 10:18:09PM +, andreas.ba...@nachtpult.de wrote: I am a Member of the Piraten in Germany. Let me answer with a question. Do you really think a party like that has a chance in the USA? Failure is default if you never try. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Microsoft Accesses Skype Chats
On Tue, May 14, 2013 at 09:14:19PM +0530, Pranesh Prakash wrote: Heise Security is reporting that Microsoft accesses links sent over Skype chat.[1] Everyone who thinks that's the *only* thing that Microsoft is quietly doing behind everyone's back, raise your hand. And incidentally, the proffered rationale for this doesn't fly, given that (a) they're only sending HEAD: actually scanning destination URLs for malware et.al. would require fetching the whole page and (b) they're only retrieving HTTPS URLs (per Heise) which is not what someone actually looking for malware would do. Moreover (c) even if they classified a URL as malicious, let's say https://example.net/blah, the recipient of said URL is likely to access it via a data path outside their control, thus -- unless they blocked it *inside* Skype -- they have no way to prevent access to it and delivery of whatever malware payload awaits. Source code is truth; all the rest is smoke and mirrors, hype and PR. If Microsoft had the *slightest* interest in telling y'all the truth, then they would have answered the group letter earlier this spring with code, not with glib prose crafted by a committee of talented spokesliars. ---rsk p.s. Heise's discovery is an existence proof that it's possible to intercept the contents. Therefore we must presume that other entities besides Microsoft may have this capability -- doubly so given that some of those entities have not only the resources, but the motivation. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Frei PiratenPartei
We are unipolar: We have the best government that money can buy. Mark Twain On 05/16/2013 10:33 PM, Andrés Leopoldo Pacheco Sanfuentes wrote: This whole list, and many others, and we even have at least a martyr in Aaron Swartz, are for the tenets of the Swedish Pirate Party. So! What do we do? Sit on our BUTS, and not do something else in the political arena? Are we bipolar (either Republican or Democrat), or multipolar, as in diversity? That's the question :D Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Thu, May 16, 2013 at 9:28 PM, Andrés Leopoldo Pacheco Sanfuentes alps6...@gmail.com wrote: Correction: 34 people now! :D XD LMFAO Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Thu, May 16, 2013 at 9:25 PM, Andrés Leopoldo Pacheco Sanfuentes alps6...@gmail.com wrote: OK, that shows 33 people subscribed to the Pirate Party email list in Texas, where I live! :D (there are 38 people in the US congressional delegation of Texas..) Let's try a different angle! Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Thu, May 16, 2013 at 8:50 PM, Scott Elcomb pse...@gmail.com wrote: On Thu, May 16, 2013 at 6:11 PM, Andrés Leopoldo Pacheco Sanfuentes alps6...@gmail.com wrote: Is there something like this in the US? http://www.piratenpartei.de/ It's been awhile since last I looked in on the US Pirates - I should've before posting my earlier response. Anyway, I'm happy to see that it's growing; you can find them here: http://www.uspirates.org/ Best -- Scott Elcomb @psema4 on Twitter / Identi.ca / Github more Atomic OS: Self Contained Microsystems http://code.google.com/p/atomos/ Member of the Pirate Party of Canada http://www.pirateparty.ca/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- === R. R. Brooks Associate Professor Holcombe Department of Electrical and Computer Engineering Clemson University 313-C Riggs Hall PO Box 340915 Clemson, SC 29634-0915 USA Tel. 864-656-0920 Fax. 864-656-5910 email: r...@acm.org web: http://www.clemson.edu/~rrb -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Microsoft Accesses Skype Chats
On 05/17/2013 07:31 AM, Rich Kulawiec wrote: On Tue, May 14, 2013 at 09:14:19PM +0530, Pranesh Prakash wrote: Heise Security is reporting that Microsoft accesses links sent over Skype chat.[1] Everyone who thinks that's the *only* thing that Microsoft is quietly doing behind everyone's back, raise your hand. And incidentally, the proffered rationale for this doesn't fly, given that (a) they're only sending HEAD: actually scanning destination URLs for malware et.al. would require fetching the whole page and (b) they're only retrieving HTTPS URLs (per Heise) which is not what someone actually looking for malware would do. Let me address (b) first - I want to clarify that there is HEAD scanning on HTTP URLs, *not just HTTPS*. This comes from the same IP, with a 2-3 hour delay from posting in skype to seeing in the logs: 65.52.100.214 - - [15/May/2013:09:16:33 -0700] HEAD /skype.html HTTP/1.1 200 320 - - I'm doing some follow-up tests to see if it follows redirects, links posted without http:// or https:// , links without www.* and so on. This could inform the utility of (a) (I'm arguing as a devil's advocate here). Given that MS might have an existing catalog of malware sites and/or a separate method for finding new ones; this HEAD scanning may be looking for new, unknown redirects to known malware sites. (However, this wouldn't find in-page redirects or javascript redirects/additions, and a number of other popular malware/adspam distribution tools). Moreover (c) even if they classified a URL as malicious, let's say https://example.net/blah, the recipient of said URL is likely to access it via a data path outside their control, thus -- unless they blocked it *inside* Skype -- they have no way to prevent access to it and delivery of whatever malware payload awaits. Skype does detect and activate links based on some regex-like system, so it's remotely possible that this same process could have an overridden link to a pass-through warning page/etc. Also could be worth testing... Source code is truth; all the rest is smoke and mirrors, hype and PR. If Microsoft had the *slightest* interest in telling y'all the truth, then they would have answered the group letter earlier this spring with code, not with glib prose crafted by a committee of talented spokesliars. ---rsk p.s. Heise's discovery is an existence proof that it's possible to intercept the contents. Therefore we must presume that other entities besides Microsoft may have this capability -- doubly so given that some of those entities have not only the resources, but the motivation. It's also possible that the skype client is reporting these urls separately from the content of a chat as part of its link-verification and activation. As you say, without the source, it's not really knowable. More interesting, the IP is listed by ARIN as being from Redmond, which means that at the very least, the URLs pass through the US and could be subject to warrants, NSLs, and so forth; which is somewhat at odds with the Skype-data-is-in-Luxembourg text from http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/ : What is Microsoft and Skype’s position on CALEA? The U.S. law, Communications Assistance for Law Enforcement Act, does not apply to any of Microsoft’s services, including Skype, as Microsoft is not a telecommunications carrier. Skype is an independent division headquartered and operating under Luxembourg law. J -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Drone Warfare and Research Awareness Rally! 5/21 in White Plaza @ 12 PM!
From: Joshua Schott jdsch...@stanford.edu Join ten Stanford student organizations for a rally in White Plaza on Tuesday May 21st from 12 PM - 1 PM to raise awareness about the increasing use of drone warfare throughout the Middle East, South Asia, Central Asia, and Africa and the research being done at Stanford contributing to the development of drones. The use of drones has inflicted severe hardship on the subjected civilian populations of these regions particularly in Pakistan, Afghanistan and Yemen. The use of drones has killed many civilians (only 2% of drone victims are high level militant targets), inflicted direct property damage, economic hardship, mental health problems, inhibited education opportunities, impacted burial traditions and willingness to attend funerals, harmed community trust, and impacted many other economic, social and cultural activities. We cannot be silent on this issue. Join us. [image: Inline image 1] For more information on drone warfare: http://www.livingunderdrones.org/ http://www.thebureauinvestigates.com/category/projects/drone-data/ http://www.thebureauinvestigates.com/2012/12/04/revealed-us-and-britain-launched-1200- drone-strikes-in-recent-wars/ http://www.propublica.org/article/everything-we-know-so-far-about-drone -strikes http://www.wired.com/dangerroom/2013/04/armed-drones-afghanistan/ http://adamhudson.org/2012/11/12/obamas-first-term-record-of-militarism/ http://adamhudson.org/2012/07/23/u-s-expands-its-shadow-wars-in-africa/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] New Yorker debut's Aaron Swartz's 'Strongbox.'
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/16/2013 01:37 PM, Griffin Boyce wrote: Kevin Poulsen k...@hacknet.com wrote: Shava Nerad shav...@gmail.com wrote: Nadim Kobeissi na...@nadim.cc wrote: Jacob Appelbaum ja...@appelbaum.net wrote: Sarah Lai Stirland: My god, literally *everyone* lurks on libtech. currently sitting with six people who *all* lurk here, Hee hee hee. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ That which doesn not kill us makes us stranger. --Trevor Goodchild -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGWZ6oACgkQO9j/K4B7F8HRxwCfS0D/Aj81FvcgUWjBSfv0GX37 +fIAn0vUv82ksAkLHYS/DIBTM8JfTKbR =hOCv -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] New Yorker debut's Aaron Swartz's 'Strongbox.'
Without taking sides on Strongbox, I made an easy interactive tutorial on how to easily access it from a mobile so that journalists can take a peek for themselves: https://guardianproject.info/2013/05/16/strongbox/ -- @mbelinsky | markbelinsky.com | phone: +1-347-466-9327 | skype: markontheline On Fri, May 17, 2013 at 1:23 PM, The Doctor dr...@virtadpt.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/16/2013 01:37 PM, Griffin Boyce wrote: Kevin Poulsen k...@hacknet.com wrote: Shava Nerad shav...@gmail.com wrote: Nadim Kobeissi na...@nadim.cc wrote: Jacob Appelbaum ja...@appelbaum.net wrote: Sarah Lai Stirland: My god, literally *everyone* lurks on libtech. currently sitting with six people who *all* lurk here, Hee hee hee. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ That which doesn not kill us makes us stranger. --Trevor Goodchild -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGWZ6oACgkQO9j/K4B7F8HRxwCfS0D/Aj81FvcgUWjBSfv0GX37 +fIAn0vUv82ksAkLHYS/DIBTM8JfTKbR =hOCv -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] New Yorker debut's Aaron Swartz's 'Strongbox.'
That's awesome! But you write that the dot-onion can only be reached from mobile Android devices. What about this? https://itunes.apple.com/us/app/onion-browser/id519296448?mt=8 On Fri, May 17, 2013 at 10:36 AM, Mark Belinsky mark.belin...@gmail.com wrote: Without taking sides on Strongbox, I made an easy interactive tutorial on how to easily access it from a mobile so that journalists can take a peek for themselves: https://guardianproject.info/2013/05/16/strongbox/ -- @mbelinsky | markbelinsky.com | phone: +1-347-466-9327 | skype: markontheline On Fri, May 17, 2013 at 1:23 PM, The Doctor dr...@virtadpt.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/16/2013 01:37 PM, Griffin Boyce wrote: Kevin Poulsen k...@hacknet.com wrote: Shava Nerad shav...@gmail.com wrote: Nadim Kobeissi na...@nadim.cc wrote: Jacob Appelbaum ja...@appelbaum.net wrote: Sarah Lai Stirland: My god, literally *everyone* lurks on libtech. currently sitting with six people who *all* lurk here, Hee hee hee. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ That which doesn not kill us makes us stranger. --Trevor Goodchild -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGWZ6oACgkQO9j/K4B7F8HRxwCfS0D/Aj81FvcgUWjBSfv0GX37 +fIAn0vUv82ksAkLHYS/DIBTM8JfTKbR =hOCv -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] New Yorker debut's Aaron Swartz's 'Strongbox.'
Kevin Poulsen k...@hacknet.com wrote: That's awesome! But you write that the dot-onion can only be reached from mobile Android devices. What about this? https://itunes.apple.com/us/app/onion-browser/id519296448?mt=8 An Apple app is not the best option. You could set up your own customized tor2web service and serve the onion that way. It seems more practical long-term, since it can't be blocked by Apple or abused by a developer. best, Griffin -- Technical Program Associate, Open Technology Institute #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech