Re: [liberationtech] Why can’t email be secure? - Silent Circle Blog
On Sun, Aug 25, 2013 at 11:59 AM, katana kat...@riseup.net wrote: ... as Ladar replied in http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service to Amy's question 'Do you think people should use email?': 'Yeah, I think it’s a great way to communicate ... And I think email still has a very important role to play in communication between people.' ACK. it is a question of private vs. public communication. email is and will continue to be useful for public communication. this gmail account indexes 190+ lists, 10,000 news alerts from scores of filters (everything from TS//SI//NF to Flame OR Gauss OR Duqu OR Stuxnet to Goldreich–Goldwasser–Halevi), a total of 643,132 pieces of communication. i can search through all of it in seconds and apply new filters to existing content just as easily as new, and keep an offline backup just in case. but there is zero i would consider private; for that use a medium of communication that is not a usability failure, that is not a metadata leakage nightmare, that is not an operational security mine field. let email _for private communication_ die already, please! -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Why_can't_email_be_secure
On Sun, Aug 25, 2013 at 12:26 PM, Ali-Reza Anghaie a...@packetknife.com wrote: ... And herein lies the problem - Silent Circle isn't talking to us - they are talking to the other 99.99% of email users in the world. and to StealthMonger's point about latest generation mix networks for best privacy, why not instead focus on building low latency protocols that are resistant to traffic analysis and confirmation? make them datagram based; utilize user space stacks and latest research. solving the low latency datagram anonymity problem enables existing usable private communication with the additional benefit of endpoint and peer anonymity. i believe this possible to make useful, even if never infallible. certainly more possible than the odds of making truly scalable, available, and _usable_ mix mailer networks and clients for the masses. most important: make this low latency infrastructure usable and cross platform, so the implementations are easily adopted... like Napster and BitTorrent back in the day. ;) -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Update - Parabon - Locksmith
After a bit of further digging, Locksmith is a program to decrypt SSL. SSL LOCKSMITH http://www.scribd.com/doc/162984271/SSL-Locksmith How LOCKSMITH SSL MITM Admin in house attack actually works: (Encrypted PDF) http://ad-misc.s3.amazonaws.com/aduc12_cyber-security_08_product-unveiling-ssl-locksmith.pdf Everything i found from google is now mirrored here. https://mega.co.nz/#F!Q5JzjIxR!K7hSNiZctgQJbFV8aV8Kpg -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Update - Parabon - Locksmith
aduchesne writes: After a bit of further digging, Locksmith is a program to decrypt SSL. SSL LOCKSMITH http://www.scribd.com/doc/162984271/SSL-Locksmith How LOCKSMITH SSL MITM Admin in house attack actually works: (Encrypted PDF) http://ad-misc.s3.amazonaws.com/aduc12_cyber-security_08_product-unveiling-ssl-locksmith.pdf According to these slides the target needs to install the MITM certificate authority in their browser (see page 14). This is exactly the same design as _many_ intercepting proxy firewalls. -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] FW: Re : URGENT: Request for endorsing a civil society statement on democratising Internet governance as input to UN Working Group
An approach (from Indian civil society with fairly broad CS backing) on responding to the current crisis in Internet governance (post-Snowden. M Forwarded conversation Subject: URGENT: Request for endorsing a civil society statement on democratising Internet governance as input to UN Working Group From: Parminder parminder...@itforchange.net Date: Thu, Aug 22, 2013 at 5:28 PM To: gurst...@gmail.com Urgent ! IT for Change needs your endorsement to push progressive civil society views into the UN Working Group that will make recommendations for democratising global governance of the Internet. Please circulate widely! Note that the last date to send your endorsement is 29th August Dear Michael Gurstein, Greetings from IT for Change! You had participated in a campaign for 'democratising the global governance of the Internet http://www.itforchange.net/civil_society_statement_on_democratic_internet ' in May 2012. Among other things, the joint letter signed by more than 60 organizations and many more individuals asked for setting up a UN Working Group towards this objective. Such a Working Group was set up and has now asked for public inputs to formulate its recommendations. In our joint letter, we had proposed some outlines for reforming the current global governance architecture of the Internet. Time has come now to make more clear and specific recommendations of the actual institutional mechanism that we need. With most governments more worried about their narrow geopolitical interests and relationships with individual countries, it falls upon the civil society to be bold and forward looking and put precise proposals on the table that can then be taken forward by state actors. In a post-Snowden world, there is deep discomfort among almost all countries, other than the US, with the manner in which the global Internet is run and is evolving. The need for some global norms, principles, rules, and necessary governance mechanisms for the global Internet is being felt now as never before. The Internet can no longer remain anchored to the political and business interests of one country, or to serving global capital, as it is at present. As a global commons, it is our collective democratic right and responsibility to participate in the governance of the Internet, so that it can become a vehicle for greater prosperity, equity and social justice for all. We seek your support to join us in proposing the enclosed document as an input to the Working Group on Enhanced Cooperation. The Working Group has sought public inputs through a questionnaire which can be seen at http://unctad.org/en/Pages/CSTD.aspx . The most important question is at number 8, which seeks input with regard to precise mechanism(s) that are required. Our response will mostly address this all-important question. (You are also encouraged to, separately, give a fuller response to the questionnaire on your behalf or on behalf of your organization.) We will also like to give wide media publicity to this civil society statement . We will be glad if you can send your response to us before the 29th of August. We are of course happy to respond to any clarification or additional information that you may want to seek in the above regard. Please also circulate this to others who you think may want to participate in this initiative. The global Internet governance space seems to be dominated by those who push for neoliberal models of governance. We must therefore have as many voices heard as possible. (The statement is also cut pasted below this email) With best regard, Parminder Parminder Jeet Singh _ Executive Director IT for Change In special consultative status with the United Nations ECOSOC www.ITforChange.net http://www.itforchange.net/ T: 00-91-80-26654134 | T: 00-91-80-26536890 | Fax: 00-91-80-41461055 A civil society input to the UN Working Group looking at institutional mechanisms for global governance of the Internet (Please reply to itfc mailto:man...@itforchange.net @itforchange.net mailto:man...@itforchange.net before 29th Aug if you will like to endorse this statement) Why global governance of the Internet? Internet governance is seen largely in terms of national sovereignty and security or as pertaining to free speech and privacy. We are of the view that there exist many other equally important issues for global Internet governance that arise from the whole gamut of rights and aspirations of people - social, economic, cultural, political and developmental. The relationship of the global Internet to cultural diversity is one example. The Internet increasingly determines not only the global flows of information but also of cultures, and their commodification. No social process is exempt from the influence of the Internet - from education to health and governance. Social systems at national and local levels are being transformed under the influence of the global Internet.
Re: [liberationtech] Update - Parabon
Indeed sir. These are the PDF's i found with google. The commercial product. Keep in mind the Frontier server version i found is 7.0, with the SKD. They sell 6.0 on their website. Mind you, i didnt hack anything. This was found using a search engine. I was just thinking people smarter than me might want to take a look at it. Because i can guess and check for 2 years and figure it out. People who are smarter than I am can figure it out a lot quicker. Just sayin, it might be worth a look. ~A - Seth Schoen writes: According to these slides the target needs to install the MITM certificate authority in their browser (see page 14). This is exactly the same design as _many_ intercepting proxy firewalls. -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.