[Lucrative-L] updated lucrative source now in CVS
--- begin forwarded text Status: U From: Patrick [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Lucrative-L] updated lucrative source now in CVS Date: Tue, 12 Aug 2003 13:20:50 -0600 Sender: [EMAIL PROTECTED] I imported Lucrative source into SourceForge CVS so anyone who wishes can get the latest and greatest Lucrative. There are numerous improvements in design and efficiency over v7, more features, and so on. https://sourceforge.net/projects/lucrative There are several tools at SF for lodging bug reports, feature requests, and so on. Please feel free, even encouraged, to make use of them. And I invite participation by developers to contribute to the source. I don't have any specific tasks that I need help on at the moment, but I will use the SF tools to make notes. Also, people uncomfortable or unable to contribute to the source should feel free to contribute anything else they desire: pretty graphics, interface mockups, diagrams, charts, requirements or specifications, documents of all sorts, complaints. One point I would like advice on is whether to extend the FIBI (format for the interchange of bearer instruments) protocol to allow exchange of Chaumian cash as well as Wagnerian. Patrick The Lucrative Project: http://lucrative.thirdhost.com . To subscribe or unsubscribe from this discussion list, write to [EMAIL PROTECTED] with just the word unsubscribe in the message body (or, of course, subscribe) --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
SCO to argue General Public Licence invalid (fwd)
I like the ed's comments at the end. http://www.theinquirer.net/?article=11031 -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
ATMs moving to triple DES.
http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf Finally, five full years after DES was definitively proved to be vulnerable to brute force attack, the major ATM networks are moving to 3DES. Peter Trei
Re: How can you tell if your alarm company's...
The alarm and security specialists we've talked to claim the greatest threat to systems are authorized users: the property owners, their children, employees, servants, nearly all of whom fail to arm and disarm the system properly not matter how carefully instructed. A false alarm is feared by these users more than an attacker, for they are more often traumatized by an errant signal, and the outpouring of security personnel and police, than by an actual attacker. (Like the US security and law enforcement systems.) The security responders are so pissed, or so condescending, that the users are in a state of panic about the systems going off falsely. Answer to that is to leave the system off. And claim they forgot to arm it. Thus, self-censorship to keep the cops from attacking. Then there are panic room backups which freak the users due to its capability of killing them with false threats like the gentleman, Safra, was killed on the Mediterranean coast when he believed he was under attack as responders tried to rescue him. Responders are a genuine threat when they think you are an AIDS carrier. It's worth keeping in mind, that protective and security systems can do you great harm, like friendly fire and security agencies of all kinds -- banks, doctors, accountants, in-house guards, most trusted associates. Gun owners, and nations, being killed by their own weapons is a kissing cousin threat. Technology is a gun most often in the hands of those will to fire first then question who's there. WMDs are the biggest threat to the US and ilk, those owned by the panic-room trapped users. North Korea, say, or the Joint Chiefs, aided and abetted by the low-credibility spooks. Back to failure of home security systems: its the back-up batteries that don't get replaced, rather the monthly bill for service is neglected by wayward servants while the owner is vacationing on a yacht being tracked by IRS.
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
Well, if you can't win on the truth, win on the procedures. At least Dr. Mercuri is in fine company there, ranging all the way back to Socrates and Galileo. Little consolation, I know, as our democracy gets replaced by a kleptocracy, but what can you do? Maybe she should set up stealdemocracy.com, a new voting machine company. Sell machines that explicitly let you steal elections. Get some press. Adam On Wed, Aug 06, 2003 at 11:08:38AM -0400, R. A. Hettinga wrote: | Notice they did this to Chaum, too... | | Cheers, | RAH | | --- begin forwarded text | | | Status: U | To: johnmac's living room [EMAIL PROTECTED] | Cc: Dave Farber [EMAIL PROTECTED] | From: John F. McMullen [EMAIL PROTECTED] | Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] | Delivered-To: mailing list [EMAIL PROTECTED] | Date: Mon, 4 Aug 2003 23:31:49 -0400 (EDT) | Subject: [johnmacsgroup] Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections | Conference | | Computer Voting Expert Ousted From Elections Conference | | Lynn Landes | freelance journalist | www.EcoTalk.org | | Denver CO Aug 1 - Dr. Rebecca Mercuri, a leading expert in voting machine | security, had her conference credentials revoked by the president of the | International Association of Clerks, Records, Election Officials, and | Treasurers (IACREOT), Marianne Rickenbach. The annual IACREOT Conference | and Trade Show, which showcases election systems to elections officials, | is being held at the Adam's Mark Hotel in Denver all this week. | | Mercuri believes that her credentials were revoked because of her position | in favor of voter-verified paper ballots for computerized election | systems. I guess in a very troubling way it makes sense that an | organization like IACREOT, that supports paperless computerized voting | systems, which are secret by their very design, would not want computer | experts who disagree with that position at their meetings. | | Dr. Mercuri said that her credentials were approved for the first three | days of the conference. She attended meetings of other groups and visited | the exhibitors hall. But it was only on Thursday as she sat down to attend | her first meeting at the IACREOT that President Marianne Rickenbach took | Mercuri out of the room and told her that her credentials were being | revoked. Rickenbach said that Mercuri had not filled out the forms | correctly. Mercuri protested, but was refused reinstatement. | | David Chaum, the inventor of eCash and a member of Mercuri's | 'voter-verified paper ballot' group, had his credentials revoked on the | first day of the conference. On the second day his credentials were | partially restored. Chaum was allowed to visit the exhibitors hall, but | not attend the IACREOT meetings. | | Rickenbach was unavailable for comment as of this report. Mercuri can be | reached at the Adam's Mark Hotel through Saturday. | | --- | | | When you come to the fork in the road, take it - L.P. Berra | Always make new mistakes -- Esther Dyson | Be precise in the use of words and expect precision from others - |Pierre Abelard | Any sufficiently advanced technology is indistinguishable from magic |-- Arthur C. Clarke | Bobby Layne never lost a game. Time just ran out. -- Doak Walker | | John F. McMullen | [EMAIL PROTECTED] ICQ: 4368412 Fax: (603) 288-8440 [EMAIL PROTECTED] | http://www.westnet.com/~observer | NOYFB,P | | | | | | | Yahoo! Groups Sponsor -~-- | Buy Ink Cartridges or Refill Kits for Your HP, Epson, Canon or Lexmark | Printer at Myinks.com. Free s/h on orders $50 or more to the US Canada. http://www.c1tracking.com/l.asp?cid=5511 | http://us.click.yahoo.com/sO0ANB/LIdGAA/ySSFAA/XgSolB/TM | -~- | | To unsubscribe from this group, send an email to: | [EMAIL PROTECTED] | | | | Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ | | --- end forwarded text | | | -- | - | R. A. Hettinga mailto: [EMAIL PROTECTED] | The Internet Bearer Underwriting Corporation http://www.ibuc.com/ | 44 Farquhar Street, Boston, MA 02131 USA | ... however it may deserve respect for its usefulness and antiquity, | [predicting the end of the world] has not been found agreeable to | experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Idea: Homemade Passive Radar System (GNU/Radar)
As an active twist, we can also use a separate unit, Illuminating Transceiver (IT), periodically broadcasting a pulse of known characteristics, easy to recognize by the LPs when it bounces from an aerial target. This unit has to be cheap and expendable - it's easy to locate and to destroy by a HARM missile. As a bonus, forcing the adversary to waste a $250,000+ AGM-88 missile on a sub-$100 transmitter may be quite demoralizing. There can be a whole hierarchy of ITs; when one of them Microwave oven. This has been done in recent years in various theatres. Even other sources can serve as involuntary ITs. The landscape is littered with cellular base stations and civilian TV and radio transmitters. Just pick the suitable frequency and listen on. There is enough wideband power in the ether above inhabited areas to make passive detection from reflected EM possible in theory (without any EM emanating from the target.) The space is illuminated, but the eyes are not good enough, yet. Signal levels are extremely low, but it's likely that a flying jet reflects back enough from hundreds of cellphone/celltower transmissions to be few dB above the background noise. However, without knowing where to look the receiver cannot use typical narrow beam high-gain antennas. What is needed is an array, like an insect's eye, and that will be a sizeable contraption - passive, but not small. In other words, the size of a passive eye is proportional to the wavelength. To get human eye resolution in 10cm band the size gets to 2km across. Big eye. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: What if all things computable are computable in polynomial time?
At 03:50 PM 08/06/2003 -0700, Major Variola (ret) wrote: Yes, but the cryptanalysis of symmetric ciphers involves exponentially-expanding back trees. That is the whole point of avalanche. If, somehow, for any NP algorithm there were an equivalent P algorithm, then the block-cipher backtracking would be solvable in poly time. You could find the plaintext ASCII needle in the haystack of possibilities in poly time, no? No. NP is the set of problems which can be solved in poly time on a non-deterministic Turing machine, i.e. which can be solved in poly time if the magic oracle correctly tells them a poly number of answer bits. Not all exponential problems fit this model.
Re: President Terminator
At 12:13 PM -0400 8/9/03, Sunder wrote: As Reagan prooved, Or George Washington... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: [eff-austin] Antispam Bills: Worse Than Spam?
* Sunder [EMAIL PROTECTED] [2003-08-04 17:00]: Yes, this is the problem I'm trying to address. Normally when Alice tries to transmit information to Bob, if Mallory decides to sabotage the communication, this is a denial of service attack, forbidden by criminal law. Why is it forbidden by law? I can think of hundreds of reasons DoS attacks are illegal. Now I'm not sure if it's illegal everywhere; I'm only familar with the way it's written in the California Penal code, which is where Mallory is located in this case. But to answer your question, just look at all the damage that's caused by DoS attacks. Look at the Slammer worm. It would be a seriously neglectful to allow such damaging attacks on people and businesses. Bob signed a contract with Mallory waiving certain rights in exchange for the service provided by Mallory. Mallory provided full disclosure of it's rights to Bob along with Bob's responsabilities, etc. Bob chose to accept those terms, how is this illegal again? First of all, Bob was coerced into this contract because Bob had no idea that the fine print said there may be cases where he doesn't get the service he thinks he's paying for. Specifically, Mallory didn't tell Bob that she would be filtering his mail for him, and certainly didn't tell Bob that she would take the liberty of blocking some non-spam mail as well. Such a contract is quite questionable, and I'd like to see it put before a court for fair analysis. If the service Mallory provides Bob is inadequate, that's between Mallory and Bob, not between Alice and Bob. Alice and Mallory have no contract what-so-ever. It's upto you, Alice, to convince Bob of this fact. If you can't, that's Bob's choice, not yours. And you have no business to interfere between Bob and Mallory. The problem with this argument is that Mallory is not just denying service to Bob, but Alice as well. Furthermore, Alice may not even have the option of explaining the service problem to Bob, because Mallory is preventing Alice from talking to Bob. Mallory is everyone's business, because a malicious attack on the Internet affects everyone. The fact that Bob is paying Mallory money doesn't make it okay- in fact, it worsens the problem, because the perpetrator is being compensated by her own victims. However, if the communication passes through Mallory's back yard, we can let the attack happen because it's on Mallory's property. Wrong. Bob agreed to those terms of service, it's not a denial of service, it's part of Bob's agreement with Mallory. Such a contract is predatory, and has no business in this country. It prays on ignorant users, and provides a false representation for what the user is signing up for. FYI- you can't put anything you want in fine print, and expect it to be legally enforceable. Even if two parties agree that an illegal activity is okay, this does not legalize the activity. At the same time, if I sabotage the city water line that passes through my property, I can be held accountable. And rightly so. No. Either you have agreed to live in said house by purchasing it, and have therefore become a citizen of said city, and by such actions agreed to abide by it's laws, or pre-existing laws allowed the city to run such water services through your propery. This too is by contract. This is just what I said. You're making my point here. Absolutely, I cannot sabotage the city water line that goes through my property. Where, Ms. Alice, is your contract with Mallory again? No contract necessary; criminal law is enforceable w/out a contract. Even more so, actually, because there is no chance of a contract removing the effect of Alice's claim. AOL isn't even a human, so to put the private property rights of AOL above the well-being of any human is a silly mistake. So, in that case if you need a red stapler, you should be able to break into AOL's offices and steal one? Since fucking when? Certainly not- there is no superceding free speech right or anything of the kind that would entail stealing a stapler. Blocking email, OTOH, violates multiple rights: free speech, right to assemble and petition the government, freedom of enterprise.. it could even run into public safety issues. So this stapler analogy doesn't really work here. In my particular case, AOL is blocking me from talking to friends and family. That's the choice of your friends and family, not yours. Take it up with them, not AOL. While I have gotten all but one friend and all family members to drop their AOL/Earthlink services, this still remains an issue for users whome I don't know personally. and AOL is vandalizing my property by destroying these packets. No, dumbass, you placed those packets on said network repeatedly after you have discovered that they will be dropped in the bit bucket, that's too bad for you. You've vandalized your own packets. I didn't do this, I created
Re: The Declan McCullagh Fatwa.
At 06:17 PM 08/07/2003 -0500, Jim Choate wrote: Fascism should more appropriately be called corporatism because it is a merger of state and corporate power. -- Benito Mussolini What a person to agree with...the epitome of God $$$ Fascism. Them trains, they do run on time. Or is that 'spam'... The general comment I've heard about Italian Fascism's effectiveness was that they never did actually get the trains to run on time - it was just political promises, any more than the Elder Bush's No New Taxes meant that the US actually wouldn't have any new taxes.
Re: What if all things computable are computable in polynomial time
At 01:28 PM 8/6/03 -0400, Billy wrote: At 01:18 AM 8/6/03 -0700, Eric Cordian wrote: What if all things computable are computable in polynomial time? You mean polynomials like O(n^10^10^10) ? subset{P} != easy There could still be some protection with some crypto schemes, in such a world, BUT the adversary is assumed to be much better funded, and poly work gives the adversary's algorithmicists (who can be rented cheaply when young) hope that much faster algorithms can be found, if not published :-) You really want the assurance of exponential work to break it, not just big constants. The problem is that, for public key crypto, we want functions which are easy one way (if you know the secret) and exponentionally tough in the length of the public key the other. If there is a quick (*non-expon*.) solution to your trap-door function then the adversary can reasonably do the extra work and your scheme is toast. For symmetric crypto, the same applies. You can always make *your* key longer, but the leverage you get --the extra work the adversary must do-- is much less if you can't demand exponential work by them (because as was suggested, presumably tongue-in-cheek, by EC, there might not be any exponential work problems) --- The tragedy of Galois is that he could have contributed so much more to mathematics if he'd only spent more time on his marksmanship.
Cypherpunks procmail filter
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2003-08-10 21:37]: # mailing lists: # filter all cypherpunks mail into its own cypherspool folder, discarding # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. # /dev/null is unix for the trash can. :0 * [EMAIL PROTECTED] { :0: * (^From:[EMAIL PROTECTED]|\ ^From:[EMAIL PROTECTED]|\ ^From:[EMAIL PROTECTED]|\ ^From:[EMAIL PROTECTED]|\ ^From:[EMAIL PROTECTED]) /dev/null :0: cypherspool } I thought I'd post an alternative procmail script for anyone interested: [EMAIL PROTECTED](lne.com|ssz.com) # X-Loop mailing lists # :0 : *$ ^X-Loop:.*$XLOOP_ML * ^X-Loop:.*\/[a-z0-9.-]+@ * MATCH ?? ()\/[EMAIL PROTECTED] mailing_lists/$MATCH The idea is to generalize the recipe so if you're on other mailing lists that use the X-Loop header, you can just add them to the XLOOP variable. And I guess if you still want to filter out sociopaths, this would be that version of it: [EMAIL PROTECTED](lne.com|ssz.com) SPC=[ ] FROM_=(From${SPC}|(Old-|X-)?(Resent-)?\ (From|Reply-To|Sender):)(.*\)? SOCIOPATHS=(\ [EMAIL PROTECTED]|\ [EMAIL PROTECTED]|\ [EMAIL PROTECTED]|\ [EMAIL PROTECTED]|\ [EMAIL PROTECTED]) #SOCIO_PATH=/dev/null SOCIO_PATH=sociopaths # X-Loop mailing lists # :0 *$ ^X-Loop:.*$XLOOP_ML * ^X-Loop:.*\/[a-z0-9.-]+@ * MATCH ?? ()\/[EMAIL PROTECTED] { :0: *$ ^${FROM_}$SOCIOPATHS SOCIO_PATH :0: mailing_lists/$MATCH }
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer...
Some effort should be made to communicate the danger of e-ballots to the various grassroots, political organizations interested in voting issues. We really have to get a wider audience made aware of the tremendous danger. And somebody should work on producing an alternative hybrid voting machine that is hard copy paper verifiable. I think we have to give these local governments a viable alternative, a machine that can't be used for Machiavellian machinations. Regards, Matt Gaylor-
Re: They never learn: Omniva Policy Systems
seems horribly limiting. What of those using Entourage, or Mail, or any of the dozens of platforms and news readers in existence. The site mentions that they are now Blackberry-compliant. Well, does this mean employees of the companies using Omniva Policy Manager cannot read their mail on their Palms, or their laptops running other mail programs, and so on? My experience with ordinary Joe Six Suits users is that they are progressively dumber and understand less and less tools they use to powerpoint on. The gap between reality and their understanding of computers is widening. Computers have finally adapted to idiots. At this point snake oils as the mentioned one is perfectly fundable and marketable. There is a significant user base that it will work for. Remember all discussions about single DES being good enough only for braindead ? Well, now they are past that. Layer 7 interface obstacles are now good enough. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Fw: Re: Secure IDE?
- cut here - From: Ralf-P. Weinmann [EMAIL PROTECTED] On Wed, Jul 30, 2003 at 04:20:37PM -0400, Trei, Peter wrote: ABIT has come out with a new motherboard, the IC7-MAX3 featuring something called 'Secure IDE', which seems to involve HW crypto in the onboard IDE controller: From the marketing fluff at http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251 For MAX3, the ABIT Engineers listened to users who were asking for information security. SecureIDE connects to your IDE hard disk and has a special decoder; without a special key, your hard disk cannot be opened by anyone. Thus hackers and would be information thieves cannot access your hard disk, even if they remove it from your PC. Protect your privacy and keep anyone from snooping into your information. Lock down your hard disk, not with a password, but with encryption. A password can be cracked by software in a few hours. ABIT's SecureIDE will keep government supercomputers busy for weeks and will keep the RIAA away from your Kazaa files. No, I have no idea what this actually means either. I'm trying to find out. Peter Trei Yeah, that announcement just ran over the slashdot ticker. Someone posted the following insightful link subsequently: ftp://ftp.abit.com.tw/pub/download/fae/secureide_eng_v100.pdf Looks like that sucker only does key-truncated version of DES called DES-40. Right... did they say weeks? I'd say minutes, unless ABIT means [insert some impoverished 3rd world country] government supercomputers. It's snakeoil, move on, nothing to see here. Cheers, Ralf -- Ralf-P. Weinmann [EMAIL PROTECTED] PGP fingerprint: 2048/46C772078ACB58DEF6EBF8030CBF1724 - cut here - | | ( | )c'ya. o ( | ) \|/ Sharkey\___/ \|/ `-^-' `-^-' | | bomb cia nsa cocaine terrorist drug kill president nuclear -- Hi Echelon! :) PGP 2.6.3i 7CAD47C9: AF D0 62 B3 94 6C 2791 9C CD 87 1D 21 B0 5B 59 -- Arachne V1.70;rev.3, NON-COMMERCIAL copy, http://arachne.cz/
Re: How can you tell if your alarm company's...
From what I've heard (not confirmed) most of this stuff is either simple sensors (continuity test) or it talks over a variant of rs422 - unencrypted for things like keypads. Not good, especially if these are accessible on the outside. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Sat, 9 Aug 2003, Neil Johnson wrote: I have always wondered how the arm/disarm keypad works in most alarm systems. I would hope it would send a reasonably secure code to the controller to disable the alarm system, but I fear that it just a nothing more than a fancy remote relay and can be easily bypassed.
Re: politically corrent terms of color
On Wed, Aug 06, 2003 at 01:58:01PM -0700, Bill Stewart wrote: Of color isn't just blacks - it's also Mexicans and other non-whities. I think some of the whiny liberal politicians I've heard use it have been African-Americans of color (as opposed to white immigrants from South Africa or Rhodesia.) As a white man, I find the implication that I'm lacking some color based on my race to be offensive. I often hear of color used (Pacifica radio is quite guilty) as a term of exclusion and division, implying that white people are soulless: they can't jump, can't dance, can't fuck, and can't understand social justice. Frankly, as a racist term.
Re: Slow but interesting sender-hiding covert channel program
On Tue, 2003-08-05 at 03:07, Bill Stewart wrote: Rob Lemos reports on the following presentation at Blackhat by Mark Loveless of Bindview; I've got some comments. - PROGRAM WOULD HIDE NET COMMUNICATIONS CNET reports about a program called NCovert, which uses spoofing techniques to hide the source of communications and the data that travels over the network. The technique makes it almost impossible to track where the original message came from, because the data holds only the addresses of the recipient and the third-party server. http://news.com.com/2100-1002-5058535.html The technique works by hiding four bytes of data in the TCP header's ISN field, bouncing packets off one or more innocent third-party machines, setting your destination IP address to the third-party and forging your recipient's IP as the source, so the recipient appears connection accepts or rejects from real, fake, or random locations, and the real message is hidden in the header fields. The connection type can be something credible like email or http. Of course, there _are_ ISPs that do spoof-proofing, so if your ISP does this, you won't be able to forge the recipient's address on your outgoing packets usefully. Spoof-proofing usually limits you to addresses in the subnet used by your internet connection - if you've got a /24, you can impersonate one of 254 locations near yours, but if anybody's seriously trying to track you, you're busted. There's also the problem that, unless it's sending call setups that the recipient is rejecting, there'll be a lot of half-open TCP connections on the recipients, which is a DOS problem. It's cute, though. Well, I was going for cute. Actually, this is simply an expanded version of covert_tcp. The main things I do differently is make sure the file size is loaded into the IP ID field in the first packet, and am using ISNs. This limits your file size to 64K, and sticks out like a sore thumb if your sender's OS doesn't do random IP IDs. If the sender sets the source port to a closed port on the target system, the target system will receive an unsolicited SYN-ACK and (assuming RFC compliance) should send a RST to the system bouncing off of. This assumes firewalls and other network devices are not doing other things. Also, Bindview's security tools site does have an interesting spoofing-detection program that works by looking at TTL values for packets you receive that are suspected of being spoofed - it traces a connection to/from the purported source IP address and sees whether the time-to-live field on the suspicious packet is close enough to one from the real route to be believable or declares it to be bogus if it's too far off. It would help if you can specify the TTL for ncovert just to avoid this type of detection. Yes, I wrote the despoof tool as well, so I was aware of that possibility. Quite frankly I was truly going for the idea of covert communications, to kind of get some of the Black Hat crowd thinking about it. I'm already started on the next version, which should include a checksum signature scheme that allows for better tracking of packets (so the speed can be improved), forging multiple sources and using multiple bounce locations, and randomized timing of the sending of packets -- all ideas brought up during the QA as well as over beers afterward. The tool can be retrieved from http://www.nmrc.org/~thegnome/ncovert-1.1.tgz for those interested. Bitches, complaints, but especially patches that address said bitches and complaints are welcome. -SN
Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
Notice they did this to Chaum, too... Cheers, RAH --- begin forwarded text Status: U To: johnmac's living room [EMAIL PROTECTED] Cc: Dave Farber [EMAIL PROTECTED] From: John F. McMullen [EMAIL PROTECTED] Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] Date: Mon, 4 Aug 2003 23:31:49 -0400 (EDT) Subject: [johnmacsgroup] Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference Computer Voting Expert Ousted From Elections Conference Lynn Landes freelance journalist www.EcoTalk.org Denver CO Aug 1 - Dr. Rebecca Mercuri, a leading expert in voting machine security, had her conference credentials revoked by the president of the International Association of Clerks, Records, Election Officials, and Treasurers (IACREOT), Marianne Rickenbach. The annual IACREOT Conference and Trade Show, which showcases election systems to elections officials, is being held at the Adam's Mark Hotel in Denver all this week. Mercuri believes that her credentials were revoked because of her position in favor of voter-verified paper ballots for computerized election systems. I guess in a very troubling way it makes sense that an organization like IACREOT, that supports paperless computerized voting systems, which are secret by their very design, would not want computer experts who disagree with that position at their meetings. Dr. Mercuri said that her credentials were approved for the first three days of the conference. She attended meetings of other groups and visited the exhibitors hall. But it was only on Thursday as she sat down to attend her first meeting at the IACREOT that President Marianne Rickenbach took Mercuri out of the room and told her that her credentials were being revoked. Rickenbach said that Mercuri had not filled out the forms correctly. Mercuri protested, but was refused reinstatement. David Chaum, the inventor of eCash and a member of Mercuri's 'voter-verified paper ballot' group, had his credentials revoked on the first day of the conference. On the second day his credentials were partially restored. Chaum was allowed to visit the exhibitors hall, but not attend the IACREOT meetings. Rickenbach was unavailable for comment as of this report. Mercuri can be reached at the Adam's Mark Hotel through Saturday. --- When you come to the fork in the road, take it - L.P. Berra Always make new mistakes -- Esther Dyson Be precise in the use of words and expect precision from others - Pierre Abelard Any sufficiently advanced technology is indistinguishable from magic -- Arthur C. Clarke Bobby Layne never lost a game. Time just ran out. -- Doak Walker John F. McMullen [EMAIL PROTECTED] ICQ: 4368412 Fax: (603) 288-8440 [EMAIL PROTECTED] http://www.westnet.com/~observer NOYFB,P Yahoo! Groups Sponsor -~-- Buy Ink Cartridges or Refill Kits for Your HP, Epson, Canon or Lexmark Printer at Myinks.com. Free s/h on orders $50 or more to the US Canada. http://www.c1tracking.com/l.asp?cid=5511 http://us.click.yahoo.com/sO0ANB/LIdGAA/ySSFAA/XgSolB/TM -~- To unsubscribe from this group, send an email to: [EMAIL PROTECTED] Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: [eff-austin] Antispam Bills: Worse Than Spam?
At 23:03 +0200 5/8/03, Thomas Shaddack wrote: Sometimes you don't have an effective choice. According to a friend, there are still areas (especially rural) in the US where AOL is the virtually only game in town. but AOL being the only access provider in town just means that you buy a TCP/IP feed off of them, ie use them as your PPP connection. You then run your mail off a.n.other service provider. AOL has great connectivity worldwide - all the people I know that use AOL just use it for IP not mail... f
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer...
In a message dated 8/6/2003 12:51:29 PM Eastern Daylight Time, [EMAIL PROTECTED] writes: Having Mercuri and Chaum ejected is the best thing that could have happened. Absolutely correct..You should try to think up ways to get them to be even more hostile to them. Regards, Matt-
Re: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses
Steve Furlong [EMAIL PROTECTED] wrote: Backblast. A suicide shooter could do it, but it would be non-trivial to pop out, shoot, survive it, and keep your van's paint good enough to avoid notice. This is why soft launch systems were created. http://web.jfet.org/video/JavelLiveFireVsT72.avi Javelin is also surface-to-air capable. See http://www.geocities.com/morteza69ca/canadarmy/javelin.html -- Riad Wahby [EMAIL PROTECTED] MIT VI-2 M.Eng
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
On Wed, Aug 06, 2003 at 01:49:26PM -0700, Steve Schear wrote: | At 11:54 2003-08-06 -0400, Adam Shostack wrote: | Well, if you can't win on the truth, win on the procedures. | | At least Dr. Mercuri is in fine company there, ranging all the way | back to Socrates and Galileo. Little consolation, I know, as our | democracy gets replaced by a kleptocracy, but what can you do? | | Maybe she should set up stealdemocracy.com, a new voting machine | company. Sell machines that explicitly let you steal elections. Get | some press. | | A better solution, already available to voters, is to request an absentee | voter form. If a substantial number of voters asked to vote this way it | would overwhelm the voting machinery and completely negate any cost savings | expected from the distrusted automated systems. Huh? Voters don't control the security of the voting system any more than we control the security of the credit rating/id theft system. And similarly, your choice to not play doesn't protect you. Tim's idea of using the voting system's security to accelerate the de-legitimization of the system is a fine one, although it has the risk that the statists will get awfully violent as we try to ignore them out of existance. I don't see how an absentee ballot is going to make anything any better. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
Here's another one. On Wed, Aug 06, 2003 at 12:20:30PM -0700, Steve Schear wrote: At 09:46 2003-08-06 -0700, Tim May wrote: I was intensely opposed to the gibberish about how the Republicans stole the Florida vote, for multiple reasons. First, the Dems wanted to change the rules after the outcome went against them...they wanted hanging chads counted in their favor (ultimately, of course, this wouldn't have even swayed the outcome, as careful studies by newspapers showed). Second, they wanted the Elections Commission to somehow adjust the outcome based on exit interviews with little old Jewish ladies who claimed they wanted to vote for Algore but who actually voted for Pat Buchanan or Jeffery Dahmer or whomever it was that was opposite Chad Gore on the ballot (note that Democrats designed the ballot). Third, they wanted only precincts known to be leaning toward Chad Gore recounted from scratch. (I would have _opposed_ a statewide recount on general common sense and legal grounds, too, but for sure I was aghast at the proposal to only recount selected precincts: We'll keep recounting until the outcome fluctuates in our favor!) This was certainly a farce, but the decision by the SC to intervene was worse. The matter should have been thrown into the House of Representative where the Constitution has provisions for its resolution (or lack thereof). steve Remember, democracy never lasts long. It soon wastes, exhausts and murders itself. There never was a democracy yet that did not commit suicide. John Adams -- Harmon Seaver CyberShamanix http://www.cybershamanix.com
Re: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses
On Thursday, August 7, 2003, at 07:15 PM, Steve Furlong wrote: On Thursday 07 August 2003 20:52, Tim May wrote: Any van with a moonroof could trivially be set up to allow a pop shot Backblast. A suicide shooter could do it, but it would be non-trivial to pop out, shoot, survive it, and keep your van's paint good enough to avoid notice. Whatever. A trivial concern, evidence shows. Hell, they blow themselves up just to kill a Jew or three. --Tim May
RE: [eff-austin] Antispam Bills: Worse Than Spam?
Nice! I've been thinking I should move there for a while. I also heard that by 2006 London and all the major cities will have seemless wifi coverage. The reason Europe is on the ball with this is the EU We're on the way. We already have seemless camera surveillance coverage. -- Vincent Penquerc'h
Re: politically corrent terms of color
At 01:59 PM 08/06/2003 -0400, Tyler Durden wrote: Tim May wrote... Where did this of color nonsense get started? Like a lot of PC terms...from guilt-ridden white liberals. Black folks never use this term, as far as I've ever heard. Likewise with physically challenged. My black karate Sensei used to periodically laugh at the shame and embarassment associated with any speech coloration...to the point where some people won't even mention skin color when describing another person. Of color isn't just blacks - it's also Mexicans and other non-whities. I think some of the whiny liberal politicians I've heard use it have been African-Americans of color (as opposed to white immigrants from South Africa or Rhodesia.)
Re: In the matter of Mr. Fuq
At 06:34 AM 08/06/2003 -0400, Roy M. Silvernail wrote: It would seem that Mencken [1] was correct, as well as Costello [2]. [1] http://www.bartleby.com/59/3/nooneeverwen.html [2] http://www.brainyquote.com/quotes/quotes/e/q108965.html Yup. Mr. Fuq is arguing at least two things: - If Bob sends a message to Alice that Alice thinks is Spam, Alice has a right to sue Bob for spamming. - If Bob sends a message to Alice the Bob thinks is legitimate, and Alice's ISP doesn't think so and discards it, this is a criminal denial of service activity. Now, every spammer out there says that his or her mail is legitimate, so if Alice hires her ISP to detect and discard obvious spam for her, she's obviously hiring them to conduct a criminal act so she's Guilty Guilty Guilty! She can still sue Bob, but only from jail. So remember, never Fuq with a troll. Now, there are other people, such as the EFF, who will discuss the problems with ISPs that are too enthusiastic about dropping or rejecting mail, or (much worse from an internet engineering business) silently drop the mail without providing a proper reject message, which is a badly broken evil nasty thing to do. Dropping mail noisily is not so bad - market solutions let customers tell their ISPs to be more or less aggressive, but people who send mail at least know it's been rejected. Things like rejecting mail from Linux users who are rude enough to actually run Sendmail themselves instead of being dumb consumers also bug them.
Re: What if all things computable are computable in polynomial time?
What if all things computable are computable in polynomial time? Lots of problems are only computable in exponential time, or at least superpolynomial time. The closest we'd get to your suggestion is that P might equal NP, or (for crypto) factoring might be in P. Sufficiently large polynomials are easier in theory than in practice - Karmarkar's polynomial solution to Linear Programming was something like N**12 or L*N**6 where L was a very large number. We would have to go back to paper and OTP, but we would also get to enjoy the excellent graphics, AI, number theory, etc, that we would win. We wouldn't have to go back to OTP, just symmetric-key keyservers which people used before public-key became well-known. While the public-key algorithms are based on math problems like factoring or discrete log, most of the symmetric-key algorithms are based on intractable ugliness, and on doing enough analysis to find out which kinds of ugliness and bit-twiddling are really intractable and which can be cracked. If the polynomial computability comes from quantum computers, some of the symmetric stuff seems to reduce from 2**N time to 2**(N/2) time, so we might need to upgrade from 3DES to 5DES or 7DES, but it's not big deal.
Re: Controlled nymity
On Tuesday, August 12, 2003, at 09:12 AM, James A. Donald wrote: -- What we want of a payment system, is that Alice can prove she paid Bob, even if Bob wants to deny it, but no one else can prove that Alice paid Bob unless Alice takes special action to make it provable. (This provides permits recipient anonymity in that Bob can be an alternate identity of Dave, and no one can prove that money paid to Bob actually winds up with Dave. They can, however prove they paid Bob.) If Alice pays Bob in unblinded tokens, this does not help, for Bob can pass the unblinded tokens to yet another identity of his, Fred. One solution is for the bank to maintain an email linked account for Bob, into which Alice pays. This sounds ominous, for the next step might be to link the account to true names, can anyone see any other problems with it. First, the issue of double-spending. As any digital instrument is replicable, Alice's proof that she transferred a digital instrument to Bob can NEVER by itself mean that Bob eventually got some other form of money. This is why online clearing is so advantageous. Second, the problem of Alice trying to prove (to whom, by the way?) that she paid Bob is a can of worms. If Alice is trying to prove to some third party then perhaps she should use that third party as an escrow service...they know _they_ got paid, because they cashed the instrument, and now they can pay Bob. Third, meatspace identity is only one of many enforcement mechanisms which can be tried. Not a good avenue, in my view. --Tim May, Citizen-unit of of the once free United States The tree of liberty must be refreshed from time to time with the blood of patriots tyrants. --Thomas Jefferson, 1787
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
At 1:56 PM -0400 8/6/03, R. A. Hettinga wrote: cannot prevent -3 negative miscount can prevent of course. Maybe I should apply for a job as a school superintendent... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: The Register - NSA proposes backdoor detection center (fwd)
At 06:36 AM 8/11/03 -0500, Jim Choate wrote: http://www.theregister.co.uk/content/55/32265.html Wolf also said that untrustworthy hardware poses a similar threat. Most microelectronics fabrication in the USA is rapidly moving offshore, said Wolf. NSA is working on a Trusted Microelectronics Capability to ensure that state-of-the-art hardware devices will always be available for our most critical systems. Only way they can do that is to build it themselves, from HDL to GDSII and make their own masks. You can't prove a function doesn't exist in some box otherwise, if you don't know the trigger. Kinda like a PRNG and its key.
Re: Year in Jail for Web Links
On Tuesday, August 5, 2003, at 05:31 PM, Duncan Frissell wrote: On Tue, 5 Aug 2003, Eric Cordian wrote: An anarchist has been sentenced to a year in jail for having links to explosives information on his Web site. AmeriKKKa is further fucking the First Amendment by restricting whom he may associate with in the future, and what views he may espouse. You can't protect people from cowardice. Jim Bell plead the first time. Michael Milkin plead. Bill Gates plead. Various Arabs plead recently. If you plead you can't be acquitted unless you can convince a judge to let you withdraw your plea tough. Courage. Prosecutors and cops are allowed to lie to you about their intent. Know the law. http://technoptimist.blogspot.com/ 2003_08_03_technoptimist_archive.html#106012921668886203 Sadly, pleading is often the only viable choice. When the cops are liars, when the judges are ignoring the Constitution, when the appeals courts are too busy to hear appeals for many years (unless the appeal is an emergency appeal to halt the recall of Gray Davis, that is), and when sentencing guidelines are fully out of whack with economics and even with that nebulous concept of justice, pleading is often the best of a bad deal. This is all possible because the plea bargaining system has gotten out of control. The accused face a plea deal of M months and N dollars if they plead, or 10M months and 20N dollars if they go to trial and lose, which is pretty likely when cops lie, when judges ignore the Constitution, and when juries are made up of people who are uncontroversial enough so as to have no opinions to disqualify them. (I was last picked for a jury 30 years ago this summer, back when I registered as a Republican. In the 30 years since, when I have been registered as a Libertarian, I have never been selected for a jury. Meanwhile, some of my know-nothing neighbors tell me about serving every few years on juries.) In a couple of criminal cases I have first-hand knowledge of, the plea deals were made so persuasive and the sentencing guidelines so harsh (had it gone to trial and the accused found guilty) that to not plea would have been irresponsible. You may not like this, and you may have cheered on the fights by the noble fighters who decided not to plea, but the system is stacked in favor of pleas. This is our injustice system. --Tim May, Corralitos, California Quote of the Month: It is said that there are no atheists in foxholes; perhaps there are no true libertarians in times of terrorist attacks. --Cathy Young, Reason Magazine, both enemies of liberty.
Friendly little bears
This is again inconsistent with the picture of friendly little bears all cooperating. Just for the record, the *only* time bears cooperate is when, say, the salmon are running, there's too much for any one bear to eat, every bear has his own turf on the side of the river, and the power hierarchy is *completely* sorted out. The rest of the time they fight each other and kill, and sometimes eat, each other's offspring. Heck, even when they're on the side of the river and bored, they kill each other's offspring just for sport. We did the same thing with trade-route intersections, even when we were trading raw rocks for finished hand-axes millions of years ago. Sedentary food-gathering and year-long storage, and then agriculture, made those intersections into cities. Food is an attractive nuisance. Even with carnivores (eagles do the same kinds of things on a running salmon stream) population concentrations create property, and then culture, for lack of better words. Brains just make the same fight more complicated, is all... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: politically corrent terms of color
Or you can flip that arguement on its head and say it's the politially correct hidden racist honkey's way of saying non-white in the usual nasty way, opressing the brothers. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Wed, 6 Aug 2003, Billy Goto wrote: As a white man, I find the implication that I'm lacking some color based on my race to be offensive. I often hear of color used (Pacifica radio is quite guilty) as a term of exclusion and division, implying that white people are soulless: they can't jump, can't dance, can't fuck, and can't understand social justice. Frankly, as a racist term.
So, if Arnold wins can he claim Total Recall ;-)
A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship. --Alexander Fraser Tyler
Re: Q on associative binary operation
Actually, strike that... The last row can only be (d,c,c,d). I had an off-by-one in the check_assoc subroutine. It should be: sub check_assoc { my $op = shift; for(my $i=0;$i4;$i++){ for(my $j=0;$j4;$j++){ for(my $k=0;$k4;$k++){ if( $op-[ $op-[$i][$j]] [ $k] != $op-[ $i ] [ $op-[$j][$k] ] ) { return 0; } } } } return 1; } On Tue, Aug 12, 2003 at 03:04:41PM -0400, BillyGOTO wrote: For my ally is Perl, and a powerful ally it is. On Tue, Aug 12, 2003 at 02:06:43AM -0700, Sarad AV wrote: hi, how do we complete this table Table shown may be completed to define 'associative' binary operation * on S={a,b,c,d}. Assume this is possible and compute the missing entries *|a|b|c|d - a|a|b|c|d - b|b|a|c|d - c|c|d|c|d - d| | | | Lucky you! There are only 256 possibilities. There are four solutions: The last row can be any of: d c c a d c c b d c c c d c c d ... #!/usr/bin/perl -w use strict; my $optbl = [ [0,1,2,3], [1,0,2,3], [2,3,2,3], ]; for(my $i=0; $i0x100; $i++){ $optbl-[3] = [ ($i0)0x3, ($i2)0x3, ($i4)0x3, ($i6)0x3, ]; if(check_assoc($optbl)){ for(join(',',@{$optbl-[3]})){ tr/0123/abcd/; print $_\n; } } } sub check_assoc { my $op = shift; for(my $i=0;$i3;$i++){ for(my $j=0;$j3;$j++){ for(my $k=0;$k3;$k++){ if( $op-[ $op-[$i][$j]] [ $k] != $op-[ $i ] [ $op-[$j][$k] ] ) { return 0; } } } } return 1; }
Distributed Denial of Existence, the makings of an AP opportunity?
One of the most frequent sights on kuro5hin is that of one user or group of users complaining, often loudly and viciously, about another. One need not look very hard in order to find scores upon scores of users who absolutely loathe each other. Thanks to this pre-existing community of people who hate each other passionately, I believe that we stand on a potentially lucrative and far-reaching social experiment: the Distributed Denial of Existence. http://www.kuro5hin.org/story/2003/7/31/16429/1028 A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear
Re: What if all things computable are computable in polynomial time?
At 03:50 PM 8/6/03 -0700, Major Variola (ret) wrote: At 02:16 PM 8/6/03 -0700, Bill Stewart wrote: .. While the public-key algorithms are based on math problems like factoring or discrete log, most of the symmetric-key algorithms are based on intractable ugliness, and on doing enough analysis to find out which kinds of ugliness and bit-twiddling are really intractable and which can be cracked. Yes, but the cryptanalysis of symmetric ciphers involves exponentially-expanding back trees. That is the whole point of avalanche. If, somehow, for any NP algorithm there were an equivalent P algorithm, then the block-cipher backtracking would be solvable in poly time. You could find the plaintext ASCII needle in the haystack of possibilities in poly time, no? There's no reason to think those backtrees wouldn't get too hard to follow even without superpolynomial problems to solve. After all, finding a collision in SHA-512 is O(1), as is brute-forcing a 256-bit AES key. There's just a really big constant term. Honestly, I think for real-world cryptography, we need about an N^3 advantage or so between defenders and attackers--the defenders do 2^{25} work, and the attackers have to do 2^{75}, say, to break it. Merkle's puzzles and all the related schemes give you N^2, and that's not *quite* enough to be useful. .. --John Kelsey, [EMAIL PROTECTED] PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
Re: R.I.P. (was: Re: A 'Funky A.T.M.' Lets You Pay for Purchases Made Online)
On Fri, Jul 25, 2003 at 08:40:33AM -0700, Steve Schear wrote: time for such pipe dreams. Now that many are un- or under-employed there still doesn't seem to be any activity by those active on this list in this critical infrastructure area. All the recent work that is being done (e.g., Orlin Grabbe's ALTA/DMT http://orlingrabbe.com/redirect.htm, Patrick McCuller's Lucrative http://lucrative.thirdhost.com, YodelBank http://yodelbank.com/, InvisibelNet http://invisiblenet.net) has been undertaken by real cypherpunks, a few monitor this list but rarely if ever That's a useful roundup, thanks. I think the cypherpunk goal of anonymity is still alive and well -- it's just that the folks involved in efforts like Freenet don't necessary consider themselves cypherpunks or subscribe to this list. Defcon featured a good number of anon projects; most dealing with publishing/web browsing/email than anon digital cash, unfortunately (though the interest is there). -Declan
Controlled nymity
-- What we want of a payment system, is that Alice can prove she paid Bob, even if Bob wants to deny it, but no one else can prove that Alice paid Bob unless Alice takes special action to make it provable. (This provides permits recipient anonymity in that Bob can be an alternate identity of Dave, and no one can prove that money paid to Bob actually winds up with Dave. They can, however prove they paid Bob.) If Alice pays Bob in unblinded tokens, this does not help, for Bob can pass the unblinded tokens to yet another identity of his, Fred. One solution is for the bank to maintain an email linked account for Bob, into which Alice pays. This sounds ominous, for the next step might be to link the account to true names, can anyone see any other problems with it. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG a4EU+fvvOcH0Sv52K2EKbF8yLcgewuumffss+deq 4NXChKCIzq02Njnl6SIFC224NDGKfgySzihcR3gfI
Re: IRS loses a big one?
The New York Times reports on this case today: http://www.nytimes.com/2003/08/12/business/12TAX.html
Austin Cypherpunks Monthly Meet, Aug. 12.
Time:Aug. 12, 2003 Second Tuesday of each month 7:00 - 9:00 pm (or later) Location:Central Market HEB Cafe 38th and N. Lamar Weather permitting we meet in the un-covered tables. If it's inclimate but not overly cold we meet in the outside covered section. Otherwise look for us inside the building proper. Identification: Look for the group with the Applied Cryptography book. It will have a red cover and is about 2 in. thick. Contact Info:http://einstein.ssz.com/cdr/index.html#austincpunks -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
Slow but interesting sender-hiding covert channel program
Rob Lemos reports on the following presentation at Blackhat by Mark Loveless of Bindview; I've got some comments. - PROGRAM WOULD HIDE NET COMMUNICATIONS CNET reports about a program called NCovert, which uses spoofing techniques to hide the source of communications and the data that travels over the network. The technique makes it almost impossible to track where the original message came from, because the data holds only the addresses of the recipient and the third-party server. http://news.com.com/2100-1002-5058535.html The technique works by hiding four bytes of data in the TCP header's ISN field, bouncing packets off one or more innocent third-party machines, setting your destination IP address to the third-party and forging your recipient's IP as the source, so the recipient appears connection accepts or rejects from real, fake, or random locations, and the real message is hidden in the header fields. The connection type can be something credible like email or http. Of course, there _are_ ISPs that do spoof-proofing, so if your ISP does this, you won't be able to forge the recipient's address on your outgoing packets usefully. Spoof-proofing usually limits you to addresses in the subnet used by your internet connection - if you've got a /24, you can impersonate one of 254 locations near yours, but if anybody's seriously trying to track you, you're busted. There's also the problem that, unless it's sending call setups that the recipient is rejecting, there'll be a lot of half-open TCP connections on the recipients, which is a DOS problem. It's cute, though. Also, Bindview's security tools site does have an interesting spoofing-detection program that works by looking at TTL values for packets you receive that are suspected of being spoofed - it traces a connection to/from the purported source IP address and sees whether the time-to-live field on the suspicious packet is close enough to one from the real route to be believable or declares it to be bogus if it's too far off.
Trouble at HavenCo?
http://rss.com.com/2100-1028_35059676.html?type=ptpart=rsstag=feedsubj=ne ws Has 'haven' for questionable sites sunk? By Declan McCullagh Staff Writer, CNET News.com August 4, 2003, 1:38 PM PT LAS VEGAS--A widely publicized project to transform a platform in the English Channel into a safe haven for controversial Web businesses has failed due to political, technical and management problems, one of the company's founders said. Ryan Lackey, former chief technology officer of HavenCo, said on Sunday afternoon that he left the project because his business partners had become nervous about hosting objectionable material and were leading the company toward financial ruin, with only about six customers remaining.
Ashcroft snuffs free speech, film at 11
Film Wholesaler Charged With Obscenity The U.S. Justice Department said that its 10-count indictment against Extreme Associates and its owners is part of a renewed enforcement of federal obscenity laws. Federal prosecutors said today they have charged a North Hollywood wholesaler of adult films with violating federal obscenity laws as the government steps up a campaign against the major distributors of adult entertainment. http://www.latimes.com/news/local/la-080703obscene_lat,1,708205.story?coll=la-headlines-california Of course there are limits in regards to freedom of speech. They are as follows: Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances. Everything else is, of course, allowed. -Sunder
Terminating Arnold's Presidency
At 07:42 PM 8/8/03 -0700, Eric Cordian wrote: In response to a question about whether she would favor a Constitutional amendment defining marriage as between a man and a woman, Maybe they'll screw up the specs (by omitting quantity) and make polyamory protected.. Watch for this President Arnold movement to gather steam. Clinton wants to interpret the only 2 terms amendment as consecutive terms. Sometimes you just have to thank the less-exercised Amerndments..
Re: Others speak out in support of PAM
At 01:57 PM 08/05/2003 -0700, Steve Schear wrote: Terror `market' was a creative idea killed by know-nothings By Pat Buchanan http://www.bayarea.com/mld/mercurynews/news/opinion/6460808.htm Nobody knows know-nothings like Pat Buchanan. But as occasionally happens, I have to say that he's written a really excellent article, knowing how to talk to a layperson about something that's obscure and technical (and probably not something he personally understands technically, but he's got the policy issues down pretty solidly.) He explains why it's important, and why it would have been a good thing to do, and some interesting speculation and facts about the Pearl Harbor attack I hadn't known, which he ties into the PAM issue well. Read it - it's good stuff. Then, of course, he reminds us that in spite of being intelligent, he's still good old offensive Pat Buchanan, by talking about how John Poindexter was first in his class at Annapolis and is being hounded out of Congress (without mentioning that Poindexter is also a convicted liar who's got no business in America's government though perhaps he ought to be out of jail by now), but even in doing that, he gets in a few well-deserved jabs at Congress.
In the matter of Mr. Fuq
When I suggested a few weeks ago that someone would eventually argue for a constitutionally guaranteed right to be heard, members of the list both reminded me (quite correctly) that no such right does or can exist, and opined that because of the obvious fallacy of the claim, no one would make that argument. It would seem that Mencken [1] was correct, as well as Costello [2]. [1] http://www.bartleby.com/59/3/nooneeverwen.html [2] http://www.brainyquote.com/quotes/quotes/e/q108965.html
America died in 1861. Another political entity stole its domain name.
On Saturday, August 9, 2003, at 11:41 PM, Thomas Shaddack wrote: How can I tell if my alarm has been down for a period of time, assuming I don't believe the records of the alarm company in such cases? There is a plethora of various devices suitable for an alarm system, both off-the-shelf and homemadeable. You can cheaply roll out a camera system with a cheap PC with Linux and a TV-input card with a 4051 analog-multiplexer-based ... By the way, Americans and those in the American Empire (Iraq, Britain, Kuwait, Italy, Spain, Czech Republic, Liberia, Transylvania, etc.) should be very careful about discussing alarm techniques. In this post-Bill of Rights era, such talk can get you a year in a federal penitentiary, or if one is a Little Brother in one of the Affiliated Nations, an indefinite stay in our newest concentration camp, Camp X-Ray. Just as it is illegal to fortify doors against midnight raids (the African Central Republic of the District of Columbia has laws outlawing the hardening of doors...I'm not kidding), helping perps deploy alarm systems which make sneak and peak and pre-dawn SWAT raids harder is criminal conspiracy. Americans need to watch what they say. Talk about drugs, face a bust under paraphernalia and proselytizing laws. Talk about explosives, get a year in the pen. Talk about medicine, have the AMA goons call in the cops. Talk about the law, have lawyers claim that only Bar Association members may give legal advice. Talk about Hollywood, have Jack Valenti file charges. I hear it's still legal to give an opinion about The Brady Bunch, though Valenti says that loophole will soon be closed by Congress. America died in 1861. Another political entity stole its domain name. --Tim May
Re: How can you tell if your alarm company's...
On Sat, Aug 09, 2003 at 08:52:32AM -0400, Roy M. Silvernail wrote: On Saturday 09 August 2003 02:01, John Kozubik wrote: On Fri, 8 Aug 2003, Tyler Durden wrote: ...in cahoots with the authorities? Most intelligent and savvy people I know roll their own Tivo (PVR, etc.) - I think the answer to your question is that it would be reasonable (and trivial) to roll your own alarm system. But it's not trivial to roll your own 24/7 monitoring company with the ability to call in the cops. If the monitoring company is compromised, you're \033653337357 anyway, but without them, all you have is one of those car alarms that everyone ignores. But how important is that anyway? Most any half competent burglar knows enough to cut the phone wire before the BE, so they don't get called. That means that, yes, if some dimwit middleschool kid is doing the job, the cops get called, otherwise no. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com
Re: They never learn: Omniva Policy Systems
On Tuesday, August 5, 2003, at 01:00 PM, Bill Stewart wrote: At 11:30 AM 08/05/2003 -0700, Tim May wrote: I ran across a reference to this company, which says it has raised $20 M in VC financing and which claims it has a system which implements the digital equivalent of disappearing ink. (Perhaps distilled from snake oil?) The URL is still called disappearing.com, but the company is now called Omniva Policy Systems. A URL is: http://www.disappearing.com/ I guarantee that anything a human eye can read can be captured for later use, whether by bypassing the probably-weak program, by using other tools to read the mail spool, by capturing the screen buffer, or, if worst comes to worst, simply photographing the screen with an inexpensive digital camera and then either using the captured image as is or by running it through an OCR. It's nice to see that they're still around, unlike so many dot.bombs. Why is it nice? The founder came and talked to Cypherpunks just after their PR launch (IIRC, Bill Scannell was involved in getting them into US today.) No comment. He started off by being very clear about what problems they were and weren't trying to solve. They were trying to solve the problem of making messages expire when all the parties involved are cooperating. He viewed the problem of preventing non-cooperating parties from saving copies to be unsolvable snake oil and he wasn't trying to solve it. This may or may not have been what Jeff believed, or wanted to believe, or told you was the case, but I don't buy that this is their business model.. Their Web site is filled with stuff about how Save menus are subverted, so as to, they claim, make it impossible for copies to be saved, blah blah. This hardly fits with your view of a bunch of benign little bears all sitting around cooperating. Further, the site natters about how Omnivora will support government requirements about unauthorized persons seeing mail (how? how will even their crude expiry approach stop unauthorized viewings of mail?). This is again inconsistent with the picture of friendly little bears all cooperating. Friendly little bears don't need to have their Save As buttons elided (not that this will stop screen grabs and photos, as I mentioned). Nor would friendly little cooperating bears show their messages to unauthorized viewers, now would they? (Speculatively, I would not be even slightly surprised if Omnivora is doing more than just nominally erasing some messages. To wit, storing copies for later examination by Authorities with Ministerial Warrants. As Jeff Ubois no longer seems to be attached to Omnivora, perhaps his vision was rejected.) In your other message, you mentioned that several Extropians were doing really squishy stuff, and mentioned that Jeff Ubois's resume also appeared to be. Something called Ryze and something else called Minciu Sodas. Minciu Sodas is an open laboratoryfor serving and organizing independent thinkers. We bring togetherour individual projects around shared endeavors. We remake our lives and our world by caring about thinking. Minciu Sodas helpsyour enterprise work openly to integrate constructive people around your purposes. Plus several other advisory panels and boards of, as you put it, squishy topics. But not as bad as the squishiness poor Max has gotten himself into, granted. There's a whole subculture of bottom feeders who think high tech needs some new version of Werner Erhard (originally born Nathan Goldfarb, or somesuch...there was a Jew with major self-doubt).
Re: Q on associative binary operation
For my ally is Perl, and a powerful ally it is. On Tue, Aug 12, 2003 at 02:06:43AM -0700, Sarad AV wrote: hi, how do we complete this table Table shown may be completed to define 'associative' binary operation * on S={a,b,c,d}. Assume this is possible and compute the missing entries *|a|b|c|d - a|a|b|c|d - b|b|a|c|d - c|c|d|c|d - d| | | | Lucky you! There are only 256 possibilities. There are four solutions: The last row can be any of: d c c a d c c b d c c c d c c d .. #!/usr/bin/perl -w use strict; my $optbl = [ [0,1,2,3], [1,0,2,3], [2,3,2,3], ]; for(my $i=0; $i0x100; $i++){ $optbl-[3] = [ ($i0)0x3, ($i2)0x3, ($i4)0x3, ($i6)0x3, ]; if(check_assoc($optbl)){ for(join(',',@{$optbl-[3]})){ tr/0123/abcd/; print $_\n; } } } sub check_assoc { my $op = shift; for(my $i=0;$i3;$i++){ for(my $j=0;$j3;$j++){ for(my $k=0;$k3;$k++){ if( $op-[ $op-[$i][$j]] [ $k] != $op-[ $i ] [ $op-[$j][$k] ] ) { return 0; } } } } return 1; }
Re: How can you tell if your alarm company's...
Spooks Physical IDS: If you are specifying a roll your own security system, you probably want to make a distinction between building an alarm company and a physical intrusion detection and logging system. With the former you're hoping to keep your items; with the latter you're trying to keep your infosec pristine, and the State Burglars will not take anything. That would look bad for the Alarm Company they work for (that you pay to keep your items). Car Alarms: If you have neighbors who can see your house, your homebrew security system can use either strobes to annoy or fake-flame-lighting to alarm them. Anon CopCalls: You could make an anon 911 call using an old unused cellphone ---the base stations will take a 911 without subscribing. You could use a dish to hit a distant cell. Though these are jammable. Best solution is personal IDS that stays quiet. Of course if you do log an intrusion you have to sanitize or leave the space. Keep the housecat away from the battery-powered ultrasound that cuts power to the red computer. --- Talk softly and carry a big lawyer. ---Hunter S Roosevelt
Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses
Reports today that commercial aviation is in dire danger of being grounded as freedom fighters deploy even a small fraction of the (estimated) 750,000 shoulder-fired missiles to down commercial airliners. (Having sat on Pacific Coast Highway below the takeoff path of LAX jumbo jets, I can attest to the fact that they are literally just a few hundred feet above. Any van with a moonroof could trivially be set up to allow a pop shot at one of these 747s or 767s, leaving every couple of minutes.) The U.S. and U.S.S.R. were handing these SFMs to any freedom fighter group that would temporarily swear allegiance to the CIA or KGB. Now the chickens are coming home to roost. I stopped flying in 2000. --Tim May That the said Constitution shall never be construed to authorize Congress to infringe the just liberty of the press or the rights of conscience; or to prevent the people of the United States who are peaceable citizens from keeping their own arms. --Samuel Adams
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
On Wednesday, August 6, 2003, at 08:54 AM, Adam Shostack wrote: Well, if you can't win on the truth, win on the procedures. At least Dr. Mercuri is in fine company there, ranging all the way back to Socrates and Galileo. Little consolation, I know, as our democracy gets replaced by a kleptocracy, but what can you do? Maybe she should set up stealdemocracy.com, a new voting machine company. Sell machines that explicitly let you steal elections. Get some press. It's a meme we might want to spread: They stole the election. (They) I was intensely opposed to the gibberish about how the Republicans stole the Florida vote, for multiple reasons. First, the Dems wanted to change the rules after the outcome went against them...they wanted hanging chads counted in their favor (ultimately, of course, this wouldn't have even swayed the outcome, as careful studies by newspapers showed). Second, they wanted the Elections Commission to somehow adjust the outcome based on exit interviews with little old Jewish ladies who claimed they wanted to vote for Algore but who actually voted for Pat Buchanan or Jeffery Dahmer or whomever it was that was opposite Chad Gore on the ballot (note that Democrats designed the ballot). Third, they wanted only precincts known to be leaning toward Chad Gore recounted from scratch. (I would have _opposed_ a statewide recount on general common sense and legal grounds, too, but for sure I was aghast at the proposal to only recount selected precincts: We'll keep recounting until the outcome fluctuates in our favor!) But I now see that spreading fear, uncertainty, and doubt about the outcome of elections serves to undermine confidence in government and make more people skeptical of the whole process. The meme that is commonly heard today is Bush and the Supreme Court stole the election. This is good. Shenanigans like the above story, with respected experts like Mercuri and Chaum excluded from a conference after they duly registered, will be good fodder for conspiracy stories about the 2004 election. (Actually, the recall vote on the governor of California is coming up on October 7th. Election officials are already claiming the ballots can't be ready in time, the machines will have to be brought out of mothballs and somehow made to work, and so on. I see many opportunities for spreading FUD about whatever outcome happens. Having Mercuri and Chaum ejected is the best thing that could have happened. --Tim May
Re: IRS loses a big one?
Nah, just a small loss. It's good to beat them, but hard to repeat, and they're playing a numbers game. There are good points and less good points to jury trials. One of the good parts is that a jury can acquit you for any reason that they want to, if you can convince them to. On the other hand, jury verdicts don't set precedents the way judge verdicts can, and jury verdicts of Not Guilty can't be appealed, so there's no way to get them escalated to a wider area, unlike a judge's declaration that a law is unconstitutional, which applies to whatever territory that judge has jurisdiction over (whether that's a city or a Federal District or whatever), though they're useful precedent. That doesn't mean that winning with a jury isn't a Good Thing :-) But in particular, even a fully-informed jury that's judging the law is normally just judging how and whether the law applies to a particular case, and most jury decisions are really about the facts of the case or at most how the law applies to those facts. This jury decided that the IRS had failed to prove that Kuglin violated any laws about what papers she had to file or how she had filed any that she did file. That doesn't mean that she doesn't owe any taxes, or that the IRS can't find a way to get money from her, such as garnishing her wages in the future, or even that any papers she did file were correct - only that the IRS had failed to prove they were punishably wrong. (It doesn't even necessarily mean that the way she handled her papers *wasn't* punishably wrong - only that the IRS didn't give a sufficiently convincing argument that the laws their lawyer likes to quote apply to the actions she took or didn't take in the way that the lawyer contends that they apply.) In particular, based on the two newspaper articles, it sounds like the IRS mouthpiece was saying that Kuglin could and should have had a conversation with them in which they'd have explained to her exactly where it says she had to file things their way, and that she'd failed to do so and was therefore a Bad Person who deserved to be Punished, when in fact she'd sent them several letters which they'd failed to respond to so it's their problem that the conversation didn't go the way they wanted it to. But hey, must've been some clerk's fault, sorry about the mistake. The IRS did lose, which it doesn't like to do, and it may have to find some way to salvage this case or try to bury it, and probably a few more people will be inspired to try to do what Kuglin did, and 10% of them might do it competently, some percentage of them will do it incompetently and get Punished and possibly made examples of, and most will get lost in the noise. Me? I'm not protesting taxes, I'm protesting MS Windows, but I gave up on getting the disk with my TurboTax on it to boot again and scragged the data onto floppies using a rescue disk so we can reinstall onto another system and finish my taxes before the August 15th extension deadline :-) (I'm also protesting the Wintel PC Architecture - I can't get the box to boot from CDROM reliably enough to reinstall Windows or run Knoppix, even after replacing the CDROM drive, and it doesn't like to see the new hard disk drive as a slave when I've got another hard disk as master. And this year's [expletive deleted] Turbotax DRM probably won't let me rerun the return without paying them a second time because the keying info is stashed in the Registry, which isn't accessible from a DOS rescue floppy...) Bill At 07:49 AM 08/12/2003 -0700, Steve Schear wrote: [Not surprisingly there appears to be no major U.S. media coverage] IRS vs. KUGLIN By Carl F. Worden Forget the war in Iraq, Afghanistan and our excellent adventure in Liberia. Forget about Kobe, Arnold, Arriana, Scott and Laci. The biggest news of the entire week is that on August 8, 2003, the IRS was unable to convince a jury in Memphis, Tennessee that the Federal Tax Code requires the citizens to pay individual income taxes. I kid you not... http://www.sierratimes.com/03/08/10/ar_IRS_vs._KUGLIN.htm also http://www.newsmax.com/insidecover.shtml A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear
Re: SCO to argue General Public Licence invalid (fwd)
This is wonderful moronic lawyer behavior. Perhaps if you work at SCO, you have to eat out of lead bowls and drink hot coffee from unglazed lead coffee mugs? Either that or this is some weird, but less potential version of Steve Job's reality distortion field gone bad - the way milk left outside the fridge does. Yes, Federal law allows you the EXTRA right to make one backup copy as per fair use. However, the GPL is not a copyright, it's a license agreement that gives the user extra rights, by virtue of the author's good will. So the author maintains his copyright, but allows the user to do the copying and distributing - the end user is almost acting as the copyright holder's agent. If the court rules that the GPL is invalid (i.e. clueless jury or judge) then all shrink wrap licenses are null and void also, and I don't think Billy Gates would like that very much, so in an odd turn of events, he'll be on the side of GPL come time for appeals! Wouldn't that be sweet irony? Indeed. Like the article says: D'oh! No wonder SCO's SCummy executives dumped their stock I would have expected them to claim that the Caldera employee who let Unix(tm) source out the door did so illegally, and therefore the GPL can't apply to that source, and that they still own rights to it, but it's doubtful they could prove such a thing. I believe the right and proper course of action is to give SCO a taste of their own shit, and have every linux user and every linux company file an INDIVIDUAL court case against SCO and NOT turn it into a class action suit (if it were possible). That would stretch SCO's lawyers very think to the point where they couldn't show up in court to defend themselves, and thus automatically loose. * * But(!) I don't play a lawyer on TV, and I'm a very bad actor, so consult a real lawyer, or a real actor, blah, blah, blah. I think Stan Kelly-Bootle's Devil's DP Dictonary needs the word Darl added to it, with the definition of: litigious asshole, who ironically couldn't find his own asshole if it were on his forehead and he looked straight on into a mirror during broad daylight. But, that would be demeaning to assholes. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Thu, 14 Aug 2003, Jim Choate wrote: I like the ed's comments at the end. http://www.theinquirer.net/?article=11031
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
At 05:48 PM 8/6/03 -0400, Adam Shostack wrote: Huh? Voters don't control the security of the voting system any more than we control the security of the credit rating/id theft system. The only way to show vote fraud would be to get enough voters to document that the State lied. That would depend on getting enough voters to document their votes such that the non-participants' share in the survey is insignificant to the outcome, as is other noise. Documenting might involve cameras. But cameras might be disallowed because admitting them admits a vote buying attack, since votes can then be demonstrated to the payer, much like paper receipts. The current system works, to the extent it does, because of the adversarial and open nature of the supervisory parties. Paper, absentee ballots could be xeroxed as proof. All fakable of course. Absentee ballots increase participation, and leave a better paper trail than computers, if anyone trustable cares to look. ... One question in voting threat analysis is how many conspirators are involved. Electronics lets you decrease that number.
Idea: Homemade Passive Radar System (GNU/Radar)
The current developments in international politics, mainly the advent of rogue states attacking sovereign countries from air, causes a necessity of proliferation of cheap air defense solutions. Key part of air defense is the awareness, usually maintained by a network of ground radar stations. In the end of 50's, Czech Republic developed a passive radar system called PRP-1/Kopac (Korelacni Patrac, Correlation Seeker), which was later replaced by more advanced system Ramona and even more advanced Tamara. Then the Revolution came, bringing the inevitable international pressures that led to the bankrupcy of the Tamara developer company, following false indictments of its top managements which lead to revocation of the company's arms sale licence. Shortly after this, articles in the world press appeared about groundbreaking passive radar system being developed by - guess who? Lockheed. (After 15 years of research, good part of which consisted from reverse-engineering of seized shipment of I am not sure if Ramonas or Tamaras.) See also http://www.techtydenik.cz/tt1998/tt10/panoram5.htm The system allows locating and identification of aerial, ground, and (when installed on the shore) sea-based EM sources. The passive radar system consists from four main parts. Three are wideband receivers, listening for any characteristical transmitting activity. They talk to the fourth one, where a correlator is located - an electronic system calculating the position of the signal sources from the differences of times when the listening posts received their signals. The civilian sector electronics is developing fast; component prices fall down, computing power goes up, anybody can buy a machine that just few decades ago would make everyone in Pentagon salivating. Naturally, this opens interesting possibilities. The threat rogue states with overwhelming air force pose to other countries makes it a necessity to develop a cheap, open passive radar system, effectively bringing a key part of air defense down to easy affordability on a municipiality level. Let's call it GNU/Radar. We need the four stations: three listening ones, and the correlating one. The correlating station (CS) may be built as a MOSIX or Beowulf cluster. Its job is to handle signals from LPs, identifying the targets, and tracking their position. The listening posts (LPs) need a receiver - a suitably wideband one, a digitizer (a fast ADC card), optionally a DSP board to take some calculations off the shoulders of the CPU, a source of precise timebase for synchronizations (may be a GPS, which also provides information about the location of the listening post which is what the CS needs to know, or may be a receiver of a time synchronization signal broadcasted from somewhere if we want a backup for case of GPS being shut down. The receiver may be possibly adapted from the GNU/Radio project. The timing pulses can be also delivered optically, eg. by a modification in the Ronja unit mentioned later. The LPs crunch the received signals, isolate the interesting-looking ones, mark the precise moments of their reception, and send their arrival times and key characteristics to CS. The transmission channel may be anything with sufficient bandwidth - from an Internet leased line to Ronja-based 10Mbps optical links in case of direct visibility between LPs and CS. As an active twist, we can also use a separate unit, Illuminating Transceiver (IT), periodically broadcasting a pulse of known characteristics, easy to recognize by the LPs when it bounces from an aerial target. This unit has to be cheap and expendable - it's easy to locate and to destroy by a HARM missile. As a bonus, forcing the adversary to waste a $250,000+ AGM-88 missile on a sub-$100 transmitter may be quite demoralizing. There can be a whole hierarchy of ITs; when one of them transmits, the other ones sleep - when the transmitting one is destroyed, one of the sleeping units wakes up and continues in illuminating the airspace. This is within reach of capabilities of a simple microcontroller. Even other sources can serve as involuntary ITs. The landscape is littered with cellular base stations and civilian TV and radio transmitters. Just pick the suitable frequency and listen on. Remember that Kopac was built about 50 years ago, on vacuum tubes. It should be far from impossible to replicate it with contemporary COTS electronics. Using lower frequencies than the gigahertz band usual for modern military radars reduces accuracy, but also dramatically reduces the effectivity of aircraft stealth features. There are already prototype results in this field: http://www.wired.com/news/print/0,1294,16762,00.html Some other sources: http://ronja.twibright.com/ http://slashdot.org/articles/01/06/11/1617239.shtml Opinions, comments, ideas?
RE: What happened to the Cryptography list...?
For what it's worth, I had the same experience and would like to know what happened to the wasabisystems list... Anyone out there know? -Original Message- From: R. A. Hettinga [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 05, 2003 2:01 PM To: [EMAIL PROTECTED] Subject: What happened to the Cryptography list...? --- begin forwarded text Status: U From: [EMAIL PROTECTED] Date: Tue, 5 Aug 2003 02:02:04 -0700 (PDT) To: [EMAIL PROTECTED] Subject: What happened to the Cryptography list...? Cc: [EMAIL PROTECTED] Kind sir: As the subject says... All of a sudden mail just stopped. Figuring that I had, somehow, become unsubscribed from the list, I tried to re-subscribe. This resulted in an Unknown list message from [EMAIL PROTECTED] Any ideas? could assist please? I know that you are not the list owner, but you, at one time, seemed to be active on the list. Regards, Gregory Hicks --- end forwarded text
Re: ATMs moving to triple DES.
At 12:56 PM 8/13/03 -0400, Trei, Peter wrote: http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf Finally, five full years after DES was definitively proved to be vulnerable to brute force attack, the major ATM networks are moving to 3DES. And you can still use 2-key 3DES...
Re: ATMs moving to triple DES.
At 10:42 AM 08/13/2003 -0700, Major Variola (ret) wrote: At 12:56 PM 8/13/03 -0400, Trei, Peter wrote: http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf Finally, five full years after DES was definitively proved to be vulnerable to brute force attack, the major ATM networks are moving to 3DES. I'm shocked that they didn't do so years ago - I thought they'd at least done the authentication parts. And you can still use 2-key 3DES... That's ok - 2-key 3DES still has 112 bits of key strength, which is 2**56 times harder than cracking single-DES. 3-Key 3DES looks like it should be harder, but it's still only 112 bits because of meet-in-the-middle attacks using 2**56 words of memory.
Re: Antispam Bills: Worse Than Spam?
At 04:45 PM 08/02/2003 -0700, [EMAIL PROTECTED] wrote: We definately need a law making it illegal for an ISP to block non-spam email. I cannot email a friend who uses AOL, and wants to receive my email, because AOL blocks it. Fearghas pointed out the obvious workaround for this, which is that if you don't like AOL's policies on incoming or outgoing email, or your cable modem provider's policies* (which in the US are pretty much guaranteed to be lame), or the cheapest DSL provider around, but you want to keep them because they're cheap or have other features you like, then fine, just use them for Internet packet forwarding, and find yourself an email provider with policies you like. You don't need to find all of them - you only need one. There are about 10,000 ISPs in the US, last time I looked, plus hundreds to thousands of hosting and colo providers who will sell you at least a virtual host, plus myriads of customers of hosting providers who have the resources to run an email business, plus hundreds of thousands of unemployed former dot-commers who'd probably be interested in starting a business if they can't find themselves an employer, and at least 50% of them have the capital required to start a small email provider business, and at least 10% of them have enough capital to start a medium business, big enough to get going if they can find customers. That means that if just 0.01% of those people or businesses agree with you about how the email business really should be run, then there are probably a dozen or so that claim to be just what you want, and at least half a dozen that are actually competent. If just 1% of them agree with you, then there are thousands of them. Go use Google and go find them, or post a message in the appropriate newsgroups asking for them. If you *can't* fund a dozen providers like that, much less a thousand, then obviously the collective wisdom Internet community doesn't agree with your ideas well enough to justify making a law against how the other 99% or 99.99% of email providers run their businesses. Furthermore, if you think you're RIGHT, not just about how you want _some_ ISP to run a service so you can get what you want for your email, but COSMICALLY, STALLMANESQUELY RIGHT about how every ISP should be run, then don't try to convince some technically clueless Congresscritter, get off your ass and go convince people. By the time you've convinced 20% of the customers that that's what ISPs should do, and convinced 20% of the ISPs, everybody else will get the clue. And if you want to get rich while doing so, as opposed to merely popular like Stallman (:-), one of the best ways to do it is to set up a business and show the other ISPs what a REAL mail server looks like while millions of customers show up at your doorstep (hmmm, that's back to the get off your ass bit again), or more realistically, dozens show up which gets you enough user feedback to tweak the service and advertising to attract hundreds of users, which brings in enough cash flow to advertise to get thousands, at which point you've had trouble scaling and have redesigned to something actually scalable, which is a bit tough at $5/month * 1000 users, and then the world beats a path to your door because somebody's finally heard of you.
Re: The real ordeals of U.S. soldiers in Iraq
On Tuesday 12 August 2003 13:07, Steve Schear wrote: Through email and chat rooms a picture is emerging of day-to-day gripes, coupled with ferocious criticism of the way the war has been handled. They paint a vivid picture of US army life that is a world away from the sanitized official version. Just bear in mind that it's the grunt's time-honored right to gripe. Gripe about the food, about the weather, about the sergeants, about the officers, about the weapons, about the mission, about anything under the sun. Doesn't mean anything of itself. That said, they have more reason than usual to gripe. Not the overseas posting in a beastly climate, nor even the mission. It's the jerking around. You'll be coming home next month. Make that the month after. Probably be a year, all told. If the pols and the brass had said up front that the troops would be there a year, there'd have been plenty of bitching by both soldiers and civilians but the overall effect would have been less than what's happening now. Army manning a year or two hence ought to be interesting. -- Steve FurlongComputer Condottiere Have GNU, Will Travel If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all! -- Rep. Henry Waxman
Re: In the matter of Mr. Fuq
* Bill Stewart [EMAIL PROTECTED] [2003-08-06 21:24]: Yup. Mr. Fuq is arguing at least two things: - If Bob sends a message to Alice that Alice thinks is Spam, You're close.. If Bob sends a message that meets the (yet to be created) legal criteria for spam AND Alice thinks it is spam... Alice has a right to sue Bob for spamming. I'm not saying she has this right, I'm saying she *should*. - If Bob sends a message to Alice the Bob thinks is legitimate, and Alice's ISP doesn't think so and discards it, this is a criminal denial of service activity. Correct. However, the intent of denial of service laws is arguable and not concrete, so I would add a clause to the law which specifically includes denial of service on the part of the carrier to remove any doubt. This needs to happen because ISPs are not being held accountable for their denial of service actions. Now, every spammer out there says that his or her mail is legitimate, so if Alice hires her ISP to detect and discard obvious spam for her, she's obviously hiring them to conduct a criminal act so she's Guilty Guilty Guilty! The problem with this argument is that Alice unwittingly hires her ISP not knowing that her ISP will deny service. Because she is not fully informed, she cannot be held accountable. Example- You hire a professional moving crew to move a warehouse full of cocain, but you don't disclose to them the contents of the crates. It would be unreasonable to press charges against the moving company who didn't know what they were moving. Also, this argument you make is somewhat of a straw man, because I really wouldn't have a problem with an ISP discarding obvious spam. The reason I would be okay with that is that when I email a friend with a personal message, the ISP would have a difficult time showing that such an email is obvious spam. You have to take a step back and look at the EFF's philosophy, which I hold in high esteem. That is, spam blocking is okay if and only if legitimate mail is not denied. Now, there are other people, such as the EFF, who will discuss the problems with ISPs that are too enthusiastic about dropping or rejecting mail, or (much worse from an internet engineering business) silently drop the mail without providing a proper reject message, which is a badly broken evil nasty thing to do. First of all, my philosophy is completely aligned with that of the EFF. The only difference from your post would be the presence of a proper reject message. The EFF does not agree with blocking legitimate email EVEN WITH A PROPER REJECT MESSAGE, nor do I. Now I would argue that without a proper reject message damages are substantially higher, and so the ISPs liability should also be higher, but reject message or not, blocking legit email is a problem. Dropping mail noisily is not so bad - market solutions let customers tell their ISPs to be more or less aggressive, but people who send mail at least know it's been rejected. Market solutions are failing in this case, and that is the very problem we're discussing. These ISPs don't empower the user with the spam blocking control. What's worse than that- they don't tell the user what they are doing, and the user is not fully informed of the consequences. Even worse, when my mother did become fully informed, she told Earthlink to stop blocking my email, and they refused. I can understand being attached to this 'free market' concept, it's American to be that way. But to embrace it as a perfect self-regulating model is giving it far too much credit. There are imperfections, some of which are gross imperfections, and there needs to be government influence in these areas. Things like rejecting mail from Linux users who are rude enough to actually run Sendmail themselves instead of being dumb consumers also bug them. You're confused about who's bugging who. It starts with the spammers. The spammers bug the ISPs, and their customers, who in turn bug their ISP. Then the ISP responds by implementing a poor spam blocking scheme because it's cheap and the best thing for profits. This bugs the civil libertarian Linux/sendmail users, because now their mail is bouncing. At this point, the linux/sendmail users are at the receiving end. The ISP is not bugged by this group because it's a small group and so their profit driven approach says that these users can be ignored. So the best way to fix this in a free market is to create a new right that gives users who are unreasonably denied service a right to claim $500 per denial (unreasonable in this case means blocking of obvious non-spam). Then it's still a free market, and ISPs are still free to block whatever they want, but it will get too expensive for them if they don't adopt smarter filters. However, that would be their choice, and it wouldn't matter to me which they choose, because even if they block my email, I would be compensated sufficiently enough to justify the
Re: Idea: Homemade Passive Radar System (GNU/Radar)
At 05:04 PM 8/11/03 +0200, Thomas Shaddack wrote: This unit has to be cheap and expendable - it's easy to locate and to destroy by a HARM missile. As a bonus, forcing the adversary to waste a $250,000+ AGM-88 missile on a sub-$100 transmitter may be quite demoralizing. Microwave ovens were used in the Yugo war for this. The invading air power can't ignore the ISM band because then you could use it for real missile trackers. Someone who can do vacuum and welding work could change the output freq of an oven magnetron, by changing the shorting-strap connections.
Re: Someone at the Pentagon read Shockwave Rider over the weekend
At 12:21 2003-07-29 -0700, Tim May wrote: The problem is not with the idea of using markets and bets and Bayesian logic to help do price discovery on things like when the Athlon-64 will actually reach consumers, or when the new King of Jordan will be whacked, and so on. The problem is, rather, with _government_ establishing a monopoly on such things while putting suckers like Jim Bell in jail basically for espousing such ideas. And, as I noted, there are significant problems with government employees in a betting pool (gee, aren't even office baseball pools technically illegal? Haven't they prosecuted some people for this? Yep, they have) where they also have control over the outcome. Jim Bell used this as a payoff mechanism for assassinations (Alice bets $1000 that Paul Wolfowitz will be murdered with his family on August 10, 2003)...the same logic applies to the government's dead pool. The ideal securities market is one which does a good job of allocating capital in the economy. This function is enabled by market efficiency, the situation where the market price of each security accurately reflects the risk and return in its future. The primary function of regulation and policy is to foster market efficiency, hence we must evaluate the impact of insider trading upon market efficiency. Insider trading is often equated with market manipulation, yet the two phenomena are completely different. Manipulation is intrinsically about making market prices move away from their fair values; manipulators reduce market efficiency. Insider trading brings prices closer to their fair values; insiders enhance market efficiency. In traditional markets, insider trading appears unfair, especially to speculators outside a company who face difficult competition in the form of inside traders. Individual speculators and fund managers alike face inferior returns when markets are more efficient owing to the actions of inside traders. This does not, in itself, imply that insider trading is harmful. Insider trading clearly hurts individual and institutional speculators, but the interests of the economy and the interests of these professional traders are not congruent. Indeed, inside traders competing with professional traders is not unlike foreign goods competing on the domestic market -- the economy at large benefits even though one class of economic agents suffers. steve A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship. --Alexander Fraser Tyler
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer...
On Wed, 6 Aug 2003 [EMAIL PROTECTED] wrote: And somebody should work on producing an alternative hybrid voting machine that is hard copy paper verifiable. I think we have to give these local governments a viable alternative, a machine that can't be used for Machiavellian machinations. I think it's called an OCR reader. Not only is the audit trail created as part of voting, but it's easy to do an audit/recount - ideally different software than used for the initial count.
Re: What happened to the Cryptography list...?
* Rayburn, Russell E. [EMAIL PROTECTED] [2003-08-05 19:07]: For what it's worth, I had the same experience and would like to know what happened to the wasabisystems list... Anyone out there know? No clue.. the last messages I have go to July 16th.
Re: Year in Jail for Web Links
Sherman Austin was arrested in New York but not charged and held in prison there to await an indictment in California. New York said it had no legitimate charges to make against him and merely did a favor for California to nab Sherman during a street demonstration -- the only arrest of the day. Grounds for arrest were faults in Sherman's jalopy he'd driven to NY for the demo. Ordered transferred to California while an attorney tried to arrange his release to a family member, he was shuttled around federal prisons for more days, his family and attorney not sure where he was. He was finally released when a judge determined he was being unfairly punished by prison procedure. He was released at the Oklahoma City federal transfer station, to find his way home on his own, the family had not been told he was being released. Not long after his return to California, the prosecutor announced there would be no prosecution. (During this time some of us mirrored the bomb making material Sherman had on his RaisetheFist.com site -- the forbidden material is still up, see below.) After some weeks the prosecutor reinstated the indictment and initiated plea negotiations. Sherman rejected the initial comparatively mild plea offer. More time passed with not much happening. Then the feds went on the attack again and issued harsher plea demands and threats. This new attack led Sherman's attorney to recommend a bargain. Sherman considered fighting but he was advised what he legal fee would be and the maximum penalty if he lost. He agreed to a four month sentence. The judge upped that to a year. Sherman was eighteen when this shit began. Sherman Austin case files: http://cryptome.org/usa-v-rtf-swa.htm http://cryptome.org/usa-v-sma-aca.htm http://cryptome.org/usa-v-sma-dht.htm http://cryptome.org/usa-v-sma-dkt.htm http://cryptome.org/usa-v-sma-x1a.htm What the FBI Doesn't Want You to See at RaisetheFist.com http://www-2.cs.cmu.edu/~dst/raisethefist/ The free speech contents of Raisethefist.com: http://cryptome.org/raisethefist.zip
Re: They never learn: Omniva Policy Systems
Typo correction: (IIRC, Bill Scannell was involved in getting them into US today.) That's USA Today of course...
What if all things computable are computable in polynomial time?
At 01:18 AM 8/6/03 -0700, Eric Cordian wrote: An anonymous sender writes: Rely on math, not humans. What if all things computable are computable in polynomial time? RSA, Inc. stock would go down. We would have to go back to paper and OTP, but we would also get to enjoy the excellent graphics, AI, number theory, etc, that we would win.
Re: What happened to the Cryptography list...?
On Wednesday, August 6, 2003, at 11:05 AM, Adam Back wrote: The problems with closed lists relying on a single human for forwarding and filtering... Couldn't he just let people post in his absence? It kind of detracts from a list if it disappears for weeks at a time on a regular basis. Also there are delays, and then there's Perry decisions that a discussion is no longer worth persuing when contributors are still interested to discuss. Adam I enjoyed interacting with Perry about 10-11 years ago, mostly on the Extropians list. Perry was a major political ranter (even if it is not true that he coined the phrase Utopia is not an option). (Extropians was a privately-owned list, and what eventually drove me away was the silliness involving trials for those accused of insulting others, or violating some rules, or disrespecting the Official Beliefs. I attribute this silliness not to malice by the Extropian Maximum Leaders, but by the very nature of private lists and the almost unavoidable tendency to try to perfect lists by tweaking what people can and can't say.) I despise people's private fiefdoms, whether Dave Farber's Interesting People list or Lewis McCarthy's Coderpunks list or any of Bob Hettinga's various BearerBunks and Phisodex lists. And Perrypunks, with its quixotic policy about politics (politics banned, except when Perry wanted to rant), was just another private fiefdom. I don't dispute their property right to do with their machines as they wish, absent contracts, but being in their fiefdoms chafes very quickly. The distributed CP list may end up being the last list left standing, at least in this niche. Part of the reason Usenet continues to thrive, despite its flaws. --Tim May That the said Constitution shall never be construed to authorize Congress to infringe the just liberty of the press or the rights of conscience; or to prevent the people of the United States who are peaceable citizens from keeping their own arms. --Samuel Adams
Blackout in NYC
Quiet here in New York City, thousands walking in the streets, auto traffic is pleasantly minimal along upper Broadway. Traffic lights inoperative, as well as computers except for laptops such as this. Telephones working. Portable radio says the outage is due to northeast electrical grid failing. Not terrorist related, it is termed a natural outage due to overload. One report said the cascading outage began at a sub-station in NYC, another says it started in Canada. Mayor Bloomberg says that power is now starting to come back, a bit at a time as the individual elements of the grid are restored,
Fw: Re: Secure IDE?
- cut here - From: Ralf-P. Weinmann [EMAIL PROTECTED] On Wed, Jul 30, 2003 at 04:20:37PM -0400, Trei, Peter wrote: ABIT has come out with a new motherboard, the IC7-MAX3 featuring something called 'Secure IDE', which seems to involve HW crypto in the onboard IDE controller: From the marketing fluff at http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251 For MAX3, the ABIT Engineers listened to users who were asking for information security. SecureIDE connects to your IDE hard disk and has a special decoder; without a special key, your hard disk cannot be opened by anyone. Thus hackers and would be information thieves cannot access your hard disk, even if they remove it from your PC. Protect your privacy and keep anyone from snooping into your information. Lock down your hard disk, not with a password, but with encryption. A password can be cracked by software in a few hours. ABIT's SecureIDE will keep government supercomputers busy for weeks and will keep the RIAA away from your Kazaa files. No, I have no idea what this actually means either. I'm trying to find out. Peter Trei 40-bit DES in ECB mode sounds even more great. It's them Enovatech guys again. See here: http://archives.abditum.com/cypherpunks/C-punks20030519/0079.html Cheers, Ralf -- Ralf-P. Weinmann [EMAIL PROTECTED] PGP fingerprint: 2048/46C772078ACB58DEF6EBF8030CBF1724 - cut here - | | ( | )c'ya. o ( | ) \|/ Sharkey\___/ \|/ `-^-' `-^-' | | bomb cia nsa cocaine terrorist drug kill president nuclear -- Hi Echelon! :) PGP 2.6.3i 7CAD47C9: AF D0 62 B3 94 6C 2791 9C CD 87 1D 21 B0 5B 59 -- Arachne V1.70;rev.3, NON-COMMERCIAL copy, http://arachne.cz/
Re: Trouble at HavenCo?
Has 'haven' for questionable sites sunk? By Declan McCullagh Staff Writer, CNET News.com August 4, 2003, 1:38 PM PT LAS VEGAS--A widely publicized project to transform a platform in the English Channel into a safe haven for controversial Web businesses has failed due to political, technical and management problems, one of the company's founders said. Rely on math, not humans.
Re: Teen arrested at Logan for alleged sarcasm in his bag
At 04:24 PM 08/05/2003 -0700, Eric Cordian wrote: Perhaps John Gilmore, in his copious free time, could place these one by one in his gym bag, and report back on the results. :) Aside from John's Suspected Terrorist pin, I think he's been one of the people who carries around a nice metal engraved copy of the Bill of Rights in his hand luggage.
Re: Year in Jail for Web Links
On Tue, 5 Aug 2003, Eric Cordian wrote: An anarchist has been sentenced to a year in jail for having links to explosives information on his Web site. AmeriKKKa is further fucking the First Amendment by restricting whom he may associate with in the future, and what views he may espouse. You can't protect people from cowardice. Jim Bell plead the first time. Michael Milkin plead. Bill Gates plead. Various Arabs plead recently. If you plead you can't be acquitted unless you can convince a judge to let you withdraw your plea tough. Courage. Prosecutors and cops are allowed to lie to you about their intent. Know the law. http://technoptimist.blogspot.com/2003_08_03_technoptimist_archive.html#106012921668886203 DCF
Year in Jail for Web Links
An anarchist has been sentenced to a year in jail for having links to explosives information on his Web site. AmeriKKKa is further fucking the First Amendment by restricting whom he may associate with in the future, and what views he may espouse. As is usual in most criminal cases today, the defendent was forced to plea bargain to avoid the threat of worse charges if he went to trial. http://www.cnn.com/2003/TECH/internet/08/05/anarchist.prison.ap/index.html - LOS ANGELES, California (AP) -- A federal judge sentenced a man to a year in prison Monday for creating an anarchist Web site with links to sites on how to build bombs. U.S. District Judge Stephen Wilson sentenced Sherman Austin to more than the prosecutor had recommended under a plea bargain. Austin, 20, pleaded guilty in February to distributing information related to explosives. .. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division Do What Thou Wilt Shall Be The Whole Of The Law
Re: How can you tell if your alarm company's...
On Fri, 8 Aug 2003, Tyler Durden wrote: ...in cahoots with the authorities? Most intelligent and savvy people I know roll their own Tivo (PVR, etc.) - I think the answer to your question is that it would be reasonable (and trivial) to roll your own alarm system. - John Kozubik [EMAIL PROTECTED] - http://www.kozubik.com
Re: Year in Jail for Web Links
At 06:17 PM 08/05/2003 -0700, Eric Cordian wrote: The problem here is that if you have a family and assets and responsibility and something resembling a future, you cannot afford to be the 1 in 100 who refuses to plea bargain, It's a rigged game, and the 20 years extra for terrorism raises the stakes substantially from the usual 1 year if you plead, or 3-4 years if you fight and lose deal. (In my case, the plea bargain was We'll drop the obviously bogus charge if you stipulate that you don't have grounds to sue us, and given how the judge treated the other cops in his court, chickening out and taking it was probably the correct decision.) It's one of those Prisoner's Dillema-ish situations. The demonstration to the Sheeple that one cannot break the system No, it's *not* Prisoner's Dilemma. The cops almost never have anything to lose by accepting a shorter sentence, except in highly publicized politically important cases, or by losing an occasional case, and their costs for going to trial are low enough that, while they save money by pleading out most cases, it's basically a minimal cost compared to the accused's costs. (The Prison Guards Union makes a bit less money on it, but it leaves them room to keep some drug user in jail a bit longer, and in any case it's not enough money to turn the game into the classic Prisoner's Dilemma.) Sometimes there's a case like OJ which creates really bad publicity for them if they lose, and sometimes they've got a Johnny Walker Lindh who could give them serious constitutional problems if they have a trial, but all of those are pretty rare, though they _are_ Prisoner's Dilemma cases. Most people they try are either guilty of something, and the real issue is exactly how many counts of what they're guilty of and how much they ought to be punished. Most of the rest of them are the wrong person accused by mistake, in which case if they lose they can be really sorry and announce how glad they are that their mistake was noticed, or they're some quality-of-life crime where dragging the accused through the process and keeping him in jail for a few nights or a few months keeps the sheeple in line even if they lose. (That's especially appropriate for most political-protest cases - you block traffic for the afternoon, they beat you and throw you in jail for the weekend, and maybe keep you in a couple extra days.)
How can you tell if your alarm company's...
..in cahoots with the authorities? In other words, lets say I leave my house for an extended period of time, and they tell the Alarm Monitoring company to shut down for a while so they can protect our freedoms. (I assume this is the way they would go about installing various things in one's house while away...wrong?) How can I tell if my alarm has been down for a period of time, assuming I don't believe the records of the alarm company in such cases? -TD _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
Re: Teen arrested at Logan for alleged sarcasm in his bag
Sunder posts: http://www.boston.com/dailyglobe2/214/metro/ Teen_arrested_at_Logan_for_alleged_bomb_threat_in_his_bag+.shtml According to the police report, the note, which was placed on top of clothes in a black gym bag read: ''[Expletive] you. Stay the [expletive] out of my bag you [expletive] sucker. Have you found a [expletive] bomb yet? No, just clothes. Am I right? Yea, so [expletive] you.'' Not every sentence containing the word bomb is a bomb threat. Apparently this concept is lost upon the cretins guarding our airports. While this kid is probably screwed for using the B-word, one wonders what the boundary is that one has to cross with a note in ones luggage to get arrested. For instance, which of these sentences, written on a note in ones luggage, would get one arrested and/or booted off a flight. Don't wrinkle my clothes, you minimum wage douchebag Bush lied to start a war R.I.P. First Amendment There is only one God, and Mohammad is his Prophet Hang Israeli War Criminal Ariel Sharon The 9/11 Martyrs are in Paradise Proud NAMBLA Member since 1979 John Walsh is an expert on everything, except watching his kid at the mall Death to AmeriKKKa Free Jim Bell What the world really needs is a fifty dollar weapon that sinks aircraft carriers Founding Member, Aryan Nations Support Strong Crypto Perhaps John Gilmore, in his copious free time, could place these one by one in his gym bag, and report back on the results. :) -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division Do What Thou Wilt Shall Be The Whole Of The Law
Re: [eff-austin] Antispam Bills: Worse Than Spam?
On Tue, Aug 05, 2003 at 07:06:46PM -0700, [EMAIL PROTECTED] wrote: The state must protect my freedom of speech. So when I make a claim against AOL for conducting a DoS attack against me, the state must rule in my favor, or else they are failing to protect my free speech rights. OK, for anyone who wasn't sure, it's time to stop feeding the trolls. pgp0.pgp Description: PGP signature
Re: How can you tell if your alarm company's...
Add your own 2nd alarm system. You can even use the sensors of your existing one to interface with a computer (just the sensors, mind you, not the actual controllers.) Got a DSL line? Got a modem? Got a cell phone? Got a pager? Got network capable cameras? Got access to another computer outside your house that can also watch when your DSL line is down and notify you? Got a small computer you could hide somewhere non obvious? Like inside a wall? Maybe a still useable old laptop with a broken screen that you could pick up off ebay for cheap? Got an imagination and some wiring/programming skills? --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Fri, 8 Aug 2003, Tyler Durden wrote: ...in cahoots with the authorities? In other words, lets say I leave my house for an extended period of time, and they tell the Alarm Monitoring company to shut down for a while so they can protect our freedoms. (I assume this is the way they would go about installing various things in one's house while away...wrong?) How can I tell if my alarm has been down for a period of time, assuming I don't believe the records of the alarm company in such cases?
Q on associative binary operation
hi, how do we complete this table Table shown may be completed to define 'associative' binary operation * on S={a,b,c,d}. Assume this is possible and compute the missing entries *|a|b|c|d - a|a|b|c|d - b|b|a|c|d - c|c|d|c|d - d| | | | Its clear for commutativity but I am a trifle confused on how we do it for associativity. Thank you. Regards Sarath. __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com