> http://www.newscientist.com/news/print.jsp?id=ns3567
It's nice to see that the US military realizes the terrible possibilities
from tracking the movements of ordinary people (who happen to be soldiers
or with soldiers).
When will they get on the bandwagon demanding that person-tracking
phon
> I'm amazed at their claims of radio interception.
1. "Look for plaintext." This was rule #1 stated by Robert Morris
Sr. in his lecture to the annual Crypto conference after retiring as
NSA's chief scientist. You'd be amazed how much of it is floating
around out there, even in military commun
Delta Air Lines is the guinea pig for the CAPPS-2 intrusive database
search on every passenger. They'll be doing this in three cities,
starting THIS MONTH.
First, if you were thinking of flying, be sure not to fly on Delta.
See http://boycottdelta.org.
Second, if you're stuck on Delta, or want t
JI questioned:
> Why is this even newsworthy? It's the NSA's responsibility to provide
> sigint and comint. Furthermore, if the delegates are not US citizens,
> and at least one end of the communication is outside the US, they are
> not even breaking any laws in doing so.
If the US found a simil
AP reported on Feb 7 that NASA is looking for a secret device that
encrypts communication between the shuttle and ground controllers.
If someone else finds it they could "study the technology", says the
AP. Sounds like fun for cypherpunks. Anybody seen it on eBay? :-)
Alternatively, c'punks co
From: "Bennett Haselton" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 20, 2003 6:26 AM
Subject: volunteers to help work on anti-censorship technology
[You are receiving this after signing up for membership in Peacefire at
http://www.peacefire.org/join/. To unsubscribe yoursel
> >I was thinking along the same lines. This seems to be a market
> opportunity
> >for an Internet provider that keeps no IP address<->identity records for
> >more than a few minutes or hours.
>
> That would be a wise move. That would continue for about three weeks, and
> then we'd see a bill
> How does this latest development change the picture? If there is no
> Hollings bill, does this mean that Trusted Computing will be voluntary,
> as its proponents have always claimed? And if we no longer have such
> a threat of a mandated Trusted Computing technology, how bad is it for
> the sys
r interest in these issues. Oh yes,
you'll have to show ID to get into the Federal Building. That's
unconstitutional too, but not the subject of this particular case.
You can read all the case documents at:
http://cryptome.org/freetotravel.htm
Thank you.
John Gilmore
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
> The truly amazing thing about this case is that the
> "crime" would not have occured if the studios had used
> decently-strong crypto. It's ironic that in an age when
> for cryptographers enjoy a historically-unprecedented
> lopsided advantage over cryptanalysts, the industry
> adopted a system
ure
to act as government spies. Make your security work end-to-end.
Got STARTTLS?
Got IPSEC?
Got SSH?
Use it or lose it.
John Gilmore
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
> I was browsing some of my old mail when I came across this. What's the
> status of Gilmore's case?
The regulations I'm challenging purport to require air and train
travelers to show a "government issued ID". Every traveler has been
subjected to these "requirements", but it turns out that they
http://intelligence.senate.gov/0210hrg/021017/hayden.pdf
Hayden's testimony deserves to go into the cryptome archives, and
should be read by everyone on this list.
He spends ten pages explaining how NSA worked on terrorism pre- and
post-9/11, and then tells Congress that they can best help him by
-force attack on the GSM cellphone encryption algorithm. That's
in use in hundreds of millions of devices worldwide, protecting (or
failing to protect) the privacy of billions of phone calls a day.
John Gilmore
-
[Paul has been tracking Dutch government requirements that ISPs
implement covert wiretaps against their customers -- and the technical
standards of the equipment that does it -- for a few years.
See www.opentap.org. --gnu]
From: Paul Wouters <[EMAIL PROTECTED]>
Update tapping in the Netherla
> It reminds me of an even better way for a word processor company to make
> money: just scramble all your documents, then demand ONE MILLION DOLLARS
> for the keys to decrypt them. The money must be sent to a numbered
> Swiss account, and the software checks with a server to find out when
> the
> I asked Eric Murray, who knows something about TCPA, what he thought
> of some of the more ridiculous claims in Ross Anderson's FAQ (like the
> SNRL), and he didn't respond. I believe it is because he is unwilling
> to publicly take a position in opposition to such a famous and respected
> figu
[CSE = Canada's NSA. Supposedly "legal" under Patriot Act? --gnu]
http://cryptome.org/
Canadians Listen in on NSA's Behalf
A high-level U.S. intelligence source has revealed exclusively to
Intelligence Online that some of the communications surveillance
evidence used by the U.S. government t
A small PS to my last message.
In 1978 I was lent an Apple II running the ABBS software (Apple
Bulletin Board System), and it ran in a corner of my bedroom for some
years as the PCnet ABBS in San Francisco. This was a machine with an
8-bit 1 MHz processor, 48K of RAM, and a custom floppy that he
> I would like to learn about *code* review practices in whatever
> is considered a 'sophisticated' software company.
When I was working at Cygnus, I was FSF's official maintainer of GDB.
Whenever I cut a GDB release, I would diff it against the previous
release, and read the diff by eye. I enco
>From the privacy-invasions-don't-protect-our-security department...
Date: Thu, 24 Jan 2002 12:28:08 -0800
From: Poli Sci Advisers <[EMAIL PROTECTED]>
Subject: Lecture: INTELLIGENCE FAILURES THAT LED TO THE SEPTEMBER 11TH ATTACKS
The Goldman School of Public Policy is pleased to announce the fol
These days, PGP is effectively useless for interoperable email. If
you have not prearranged with the recipient, you can't exchange
encrypted mail. And even if you have, one or the other of you will
probably have to change your software, which will produce other ripple
effects if you are trying t
> Or is there something we should be doing to get RedHat, and Debian, and
> other US-based distributions to include it?
Absolutely. It's already pretty secure. We should just make it
trivial to install, automatic, transparent, self-configuring,
painless to administer, and free of serious bugs.
John Young, why are your web servers running virus-prone operating systems?
Haven't you installed the Linux security patches on 'em and turned
off all nonessential services?
I thought ISPs were supposed to be bit-pipes. End-to-end unrestricted
connectivity is the basic feature of the Internet.
http://www.sunspot.net/news/custom/guns/bal-wiretap03.story?coll=bal-home-headlines
Md. police seek law for easier wiretaps
Use of technology by criminals outruns current authority
By Sarah Koenig
Sun Staff
Originally publi
-1571-Britain-Obit-Marks..html
John Gilmore
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Niels & Peter, congratulations on finding no secret messages. This is
why computers are getting faster -- so we can spend more and more time
searching out the lack of any information being communicated.
An obvious step is to extend your detector to handle other formats
besides JPEG. That would
> Perhaps more on target, possession of those passwords does *not*, as
> far as I can tell, change the FBI's legal ability to, for example, read
> someone's email. They'd still need a court order...
Steve, the FBI doesn't care about what the law says. Their big
concern is what they can get aw
charged by John Asscroft with "aiding
terrorists by eroding our national unity and diminishing our
resolve".)
> IMHO: If Freeswan had never been created, an alternate, more mature
> implementation would already exist in the mainline Linux kernel.
Make my day.
John Gilmore
PS:
y
"[EMAIL PROTECTED]". Cypherpunks-announce is no longer in
existence.
There remains a single encryption-related mailing list on toad.com,
"coderpunks" which is for people who write code.
John Gilmore
---
> Second, the court ruled that the preliminary injunction which the lower
> court had issued was an unconstitutional prior restraint on speech, but
> went out of its way not to answer whether damages and/or a permanent
> injunction after trial would suffer the same fate.
Actually, the fact tha
ter to all go home and hide under the covers?
That would make us feel much safer. Just like children, which is the
way our government is treating us.
I will not participate in activities that require me to "identify myself"
to the governmen
> Any ipsec system takes care of the eavesdropping problem; the harder
> part is deciding how to do authorization. If you're trying to keep
> the system open for public use, but also keep your intranet private,
> you've got a more complex problem.
The Linux FreeS/WAN ipsec implementation has bee
The real-RNG in the Intel chip generates something like 75 kbits/sec
of processed random bits. These are merely wasted if nobody reads them
before it generates 75kbits more in the next second.
I suggest that if application programs don't read all of these bits
out of /dev/intel-rng (or whatever
izens of saner countries, to do the work of making strong
encryption, for many years. We had a brief respite, which we will
eventually resume for good. In the meantime, please let me apologize
for my countrymen and for my government, for asking you to shoulder
most of the burden again. Thank you
> Much of the hysteria regarding the DMCA's supposed ability to quash free
> speech by cryptographic researchers is being whipped up by opponents
> to the DMCA who are misrepresenting the DMCA in a calculated fashion in
> order to promote opposition.
The anonymous poster's legal analysis was not
36 matches
Mail list logo
