Re: On the orthogonality of anonymity to current market demand

[R.A. Hettinga]

At 10:22 AM -0500 10/31/05, [EMAIL PROTECTED] wrote:
>and doesn't history show that big corporations are only interested in
>revenue

One should hope so.

;-)

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Blood, Bullets, Bombs and Bandwidth

[R.A. Hettinga]

At 11:59 PM + 10/30/05, Justin wrote:
>Tyler likes the high-speed lifestyle so much that he ditched it and
>moved to London?

He and Jayme are back in Kurdistan, now. Don't know for how long, though.
He's teaching a new class of engineers, including crypto and security
stuff. Watched their jaws drop when he 'em how to break WEP, that kind of
thing.

They handed him his Browning at the airfield when he landed. :-)

Of course, they're touchy-feely liberals through-and-through, but here's
hoping they've learned a little about anarchocapitalism having watched it
firsthand, albeit temporarily.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Any comments on BlueGem's LocalSSL?

[R.A. Hettinga]

At 7:51 PM -0400 10/28/05, R.A. Hettinga wrote:
>OTOH, if markets overtake the DRM issue,
^" moot", was what I meant to say...

Anyway, you get the idea.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Any comments on BlueGem's LocalSSL?

[R.A. Hettinga]

At 11:10 AM -0700 10/28/05, James A. Donald wrote:
>I am a reluctant convert to DRM.  At least with DRM, we
>face a smaller number of threats.

I have had it explained to me, many times more than I want to remember,
:-), that strong crypto is strong crypto.

It's not that I'm unconvinceable, but I'm still unconvinced, on the balance.

OTOH, if markets overtake the DRM issue, as most cypherpunks I've talked to
think, then we still have lots of leftover installed crypto to play around
with.

Cheers,
RAH
Who still thinks that digital proctology is not the same thing as financial
cryptography.
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [PracticalSecurity] Anonymity - great technology but hardly used

[R.A. Hettinga]

At 8:41 PM -0700 10/27/05, cyphrpunk wrote:
>Where else are you going to talk about
>this shit?

Talk about it here, of course.

Just don't expect anyone to listen to you when you play list-mommie.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Any comments on BlueGem's LocalSSL?

[R.A. Hettinga]

At 9:11 PM +1300 10/28/05, Peter Gutmann wrote:
>The West Coast Labs tests report that they successfully evade all known
>sniffers, which doesn't actually mean much since all it proves is that
>LocalSSL is sufficiently 0-day that none of the sniffers target it yet.  The
>use of SSL to get the keystrokes from the driver to the target app seems
>somewhat silly, if sniffers don't know about LocalSSL then there's no need to
>encrypt the data, and once they do know about it then the encryption won't
>help, they'll just dive in before the encryption happens.

Absent any real data, crypto-dogma :-) says that you need
hardware-encryption, physical sources of randomness, and all sorts of other
stuff to really solve this problem.

On the other hand, such hardware solutions usually come hand-in-hand with
the whole hierarchical is-a-person "PKI" book-entry-to-the-display
I-gotcher-"digital-rights"-right-here-buddy mess, ala Palladium, etc.

Like SSL, then -- and barring the usual genius out there who flips the
whole tortoise over to kill it, which is what you're really asking here --
this thing might work good enough to keep Microsoft/Verisign/et al. in
business a few more years.

To the rubes and newbs, it's like Microsoft adopting TLS, or Intel doing
their current crypto/DRM stuff, which, given the amount iPod/iTunes writes
to their bottom line now, is apparently why Apple really switched from PPC
to Intel now instead of later. You know they're going to do evil, but at
least the *other* malware goes away.

So, sure. SSL to the keys. That way Lotus *still* won't run, and business
gets  done in Redmond a little while longer.

Cheers,
RAH
Somewhere, Dr. Franklin is laughing, of course...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [PracticalSecurity] Anonymity - great technology but hardly used

[R.A. Hettinga]

At 12:23 PM -0700 10/27/05, Major Variola (ret) wrote:
>Why don't you send her comma-delimited text, Excel can import it?

But, but...

You can't put Visual *BASIC* in comma delimited text...

;-)

Cheers,
RAH
Yet another virus vector. Bah! :-)
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [PracticalSecurity] Anonymity - great technology but hardly used

[R.A. Hettinga]

At 8:18 PM -0700 10/27/05, cyphrpunk wrote:
>Keep the focus on anonymity. That's what the cypherpunks list is
>about.

Please.

The cypherpunks list is about anything we want it to be. At this stage in
the lifecycle (post-nuclear-armageddon-weeds-in-the-rubble), it's more
about the crazy bastards who are still here than it is about just about
anything else.

Cheers,
RAH
Who thinks anything Microsoft makes these days is, by definition, a
security risk.
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: Re: [p2p-hackers] P2P Authentication]

[R.A. Hettinga]

At 9:27 PM -0700 10/27/05, cyphrpunk wrote:
>Every key has passed
>through dozens of hands before you get to see it. What are the odds
>that nobody's fucked with it in all that time? You're going to put
>that thing in your mouth? I don't think so.

So, as Carl Ellison says, get it from the source. Self-signing is fine, in
that case. "Certificates", CRLs, etc., become more and more meaningless as
the network becomes more geodesic.

>Using certificates in a P2P network is like using a condom. It's just
>common sense. Practice safe cex!

Feh. You sound like one of those newbs who used to leave the plastic wrap
on his 3.5" floppy so he wouldn't get viruses...

Cheers,
RAH
What part of "non-hierarchical" and "P2P" do you not understand?

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

On the orthogonality of anonymity to current market demand

[R.A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-

At 3:57 PM -0400 10/24/05, John Kelsey wrote:
>More to the point, an irreversible payment system raises big practical
>problems in a world full of very hard-to-secure PCs running the
>relevant software.  One exploitable software bug, properly used, can
>steal an enormous amount of money in an irreversible way.  And if your
>goal is to sow chaos, you don't even need to put most of the stolen
>money in your own account--just randomly move it around in
>irreversible, untraceable ways, making sure that your accounts are
>among the ones that benefit from the random generosity of the attack.
>The payment system operators will surely be sued for this, because
>they're the only ones who will be reachable.  They will go broke, and
>the users will be out their money, and nobody will be silly enough to
>make their mistake again.

Though I agree with the notion that anonymity is orthogonal to market
demand at the moment, I think you lost me at the word "account", above.
:-).


That is to say, your analysis conflicts with the whole trend towards T-0
trading, execution, clearing and settlement in the capital markets, and,
frankly, with all payment in general as it gets increasingly granular and
automated in nature. The faster you can trade or transact business with the
surety that the asset in question is now irrevocably yours, the more trades
and transactions you can do, which benefits not only the individual trader
but markets as a whole.

The whole foundation of modern finance, and several -- almost posthumous,
so pervasive was the homeopathic socialism that we now call Keynesianism --
Nobel prizes in economics are based on that premise, and it has been proven
empirically now for many decades: The entire history of the currency
futures markets would be a good example, though now that I think of it, any
derivative market, since the time of Thales himself, would prove the point.


However "anonymous" irrevocability might offend one's senses and cause one
to imagine the imminent heat-death of the financial universe (see Gibbon,
below... :-)), I think that technology will instead step up to the
challenge and become more secure as a result. And, since internet bearer
transactions are, by their very design, more secure on public networks than
book-entry transactions are in encrypted tunnels on private networks, they
could even be said to be secure *in spite* of the fact that they're
anonymous; that -- as it ever was in cryptography -- business can be
transacted between two parties even though they don't know, or trust, each
other.


For instance, another "problem" with internet bearer transactions, besides
their prima facie "anonymity" (they're only prima facie because, while the
protocols don't *require* is-a-person and-then-you-go-to-jail identity,
traffic analysis is still quite trivial for the time being, onion routers
notwithstanding) is that the client is responsible not only for most of the
computation, but also for the storage of notes or coins, instead of a
central database in a clearinghouse or bank somewhere "storing" various
offsetting book-entries in, as you noted above, "accounts". :-).

Of course, simply backing up one's data off-site, much easier with internet
bearer certificates than with whole databases, solves this problem, and, as
we all know here, the safest way to do *that* is to use some kind of m-of-n
hash,  stored, someday, for even smaller bits of cash :-), in many places
on the net at once. Obviously, we don't need small cash to store big
assets, any more than we need big servers to distribute big files in
BitTorrent, but it will only accelerate, if not complete, the process, when
we get there.


As I have said, too many times :-), about these things, transaction cost is
always going to be the critical factor in any change from book-entries to
chaumian-esque internet bearer transactions. And I believe that,
hand-in-hand with increased security, reduced transaction cost is more a
function of the collapsing cost and the ubiquity of distributed processing
power and network access than anything else.

So, anonymity is, in fact, orthogonal to market demand, primarily because
it's an *effect*, and not a cause, of that demand. As we all do now with
the current proctological state of book-entry finance, the anonymity of a
proposed internet bearer transaction infrastructure will just be a "cost"
that the market would have to bear. :-).

To channel Schopenhauer a bit, like the emergence of industrialism and the
abolition of slavery was before it, once anonymity becomes a "feature" of
our transaction infrastructure, people will eventually declare it to be not
only self-evident all along, but a moral *prerequisite* of any transaction
as well.

To put it another way, it's a pity for acrophobics that the fastest way to
get anywhere these days is to fly, but it is still a physical fact,
nonetheless.


Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.0.2 (Buil

Blood, Bullets, Bombs and Bandwidth

[R.A. Hettinga]

--- begin forwarded text


 Date: Sat, 22 Oct 2005 01:50:38 -0400
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: Blood, Bullets, Bombs and Bandwidth

 The long version of the Wired Story on Ryan Lackey, including lots more
 about Tyler Wagner, who I've been reading about almost since he got there
 after the liberation :-) in 2003...

 Just bumped into the bit below, having abandoned Tyler and Jayme's LJs
 after they split, and finding the link after they went back recently.

 Meanwhile, the author bought the wrong vowel, apparently. ;-).

 Cheers,
 RAH
 --

 <http://www.rezendi.com/travels/.html>

 Blood, Bullets, Bombs, and Bandwidth:
 a tale of two California cipherpunks who went to Baghdad to seek their
 fortune, and bring the Internet to Iraq.

 Ryan Lackey wears body armor to business meetings. He flies armed
 helicopters to client sites. He has a cash flow problem: he is paid in
 hundred-dollar bills, sometimes shrink-wrapped bricks of them, and flowing
 this money into a bank is difficult. He even calls some of his company's
 transactions "drug deals" - but what Lackey sells is Internet access. From
 his trailer on Logistics Staging Area Anaconda, a colossal US Army base
 fifty miles north of Baghdad, Lackey runs Blue Iraq, surely the most
 surreal ISP on the planet. He is 26 years old.

 Getting to Anaconda is no joke. Incoming airplanes make a 'tactical
 descent' landing, better known to military cognoscenti as the 'death
 spiral'; a nose-down plummet, followed by a viciously tight 360-degree
 turn, then another stomach-wrenching dive. The plane is dragged back to
 level only just in time to land, and brakes so hard that anything not
 strapped down goes flying forward. Welcome to "Mortaritaville" - the
 airbase's mordant nickname, thanks to the insurgent mortars that hit the
 base daily.

 From above, the base looks like a child's sandbox full of thousands of
 military toys. Dozens of helicopters litter the runways: Apaches,
 Blackhawks, Chinooks. F-16 fighters and C-17 cargo planes perch in huge
 igloo-like hangars built by Saddam. The roads are full of Humvees and
 armored personnel carriers. Rows of gunboats rest inexplicably on arid
 desert. A specific Act of Congress is required to build a permanent
 building on any US military base, so Anaconda is full of tents the size of
 football fields, temporary only in name, that look like giant caterpillars.
 Its 25,000 inhabitants, soldiers and civilian contractors like Ryan, are
 housed in tent cities and huge fields of trailers.

 Ryan came to Iraq in July 2004 to work for ServiceSat International, hired
 sight unseen by their CTO Tyler Wagner. Three months later, Ryan quit and
 founded Blue Iraq. He left few friends behind. "I think if Ryan had
 stayed," Tyler says drily, "the staff would have sold him to the
 insurgents."

 - - -

 Iraq is new to the Internet. Thanks to sanctions and Saddam, ordinary
 citizens had no access until 1999. Prewar, there were a mere 1.1 million
 telephone lines in this nation of 26 million people, and fewer than 75 Net
 cafés, connecting via a censored satellite connection. Then the American
 invasion knocked nearly half of Baghdad's landlines out of service, and the
 local exchanges that survived could not connect to one another.

 After the invasion, an army of contractors flooded into Baghdad. Billions
 of reconstruction dollars were being handed out in cash, and everybody -
 local Internet cafés, Halliburton, Ahmed Chalabi, the US military itself -
 wanted Internet access. With the landline service destroyed by war, and
 sabotage a continuing problem, satellite access was the only realistic
 option. Among the companies vying to provide this access in early 2003,
 scant months after the invasion, was ServiceSat International. SSI, a
 startup founded by Kurdish expats, needed an American CTO: partly to import
 America's culture of technical excellence, partly to help deal with Western
 clients and authorities. They called Tyler Wagner. He was 25 years old.

 - - -

 San Francisco, aka Baghdad-by-the-Bay, July 2003. Tyler Wagner is a typical
 counterculture California techie: a Cal Poly CS graduate, part of the
 California punk scene, working for Greenpeace as a network engineer. Then
 an old friend in London recommends him to SSI. They call him. They need a
 capable Westerner willing to move to Iraq. Is he interested?

 When he hangs up the phone, Tyler is shaking with excitement. The risks of
 relocating to a war zone are obvious. But it is a lucrative senior
 management position, offered to a man only two years out of university.
 "Life doesn't often offer you a hand up like that," he reminisces two years
 later, "and when it does, you can't afford to turn it down." One big
 complication: Tyler's gi

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

[R.A. Hettinga]

At 11:17 AM -0700 10/21/05, someone who can't afford a vowel, Alex, ;-)
expressed his anal glands thusly in my general direction:

>You're such an asshole.

My, my. Tetchy, this morning, oh vowelless one...

At 11:17 AM -0700 10/21/05, cyphrpunk wrote:
>This is what you characterized as a "unitary global claim". Aside from
>the fact that "unitary" is meaningless in this context, his claim was
>far from "global".

That's "One size fits all", for those of you in Rio Linda. A little bit of
an Irwin Corey joke for the apparently humor-impaired. Be careful now, I'll
start on the Norm Crosby stuff soon, and you might get an aneurysm, or
something.

>While Daniel Nagy has been a model of politeness and modesty in his
>claims here, you have reverted to your usual role as an arrogant
>bully.

Moi?

I kick sand in your face on a beach somewhere I don't remember about?

Seriously, I tell him who did an exchange protocol, Silvio Micali, and that
they're a dime a dozen, second only to Mo' An' Better Auction Protocols,
and he wants me to go out on google, same as *he* can do, and do his work
for him.

Feh.

At 11:17 AM -0700 10/21/05, cyphrpunk wrote:
>I would encourage Daniel not to waste any more time interacting with Hettinga.

Indeed. Especially when he makes with the wet-fish slapping-sounds you do
when actual words are supposed to come out of your mouth. Okay, maybe it's
another orifice. At any rate, you are lacking some, shall we say, ability
to express yourself, on the subject. Be careful, though. Burroughs has this
great cautionary tale about teaching your asshole to talk, speaking of the,
heh, devil...

Cheers,
RAH
Who'll start in on insulting his mother soon, unless Mr. "cyphrpunk" has
taken that Charles Atlas course he send out for. Hint: Be grateful you
don't have any nipple-hair to get caught in the NEW IMPROVED Charles Atlas
Chest Expander's springs. Hurts like hell, I hear, and deadlifts work
*much* better...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: The price of failure

[R.A. Hettinga]

At 6:22 PM -0700 10/20/05, Steve Schear wrote:
>Quick, before they change it: search Google using the term "failure"

Yawn. That, or something like it, has been there for years, Steve...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

[R.A. Hettinga]

At 12:32 AM +0200 10/21/05, Daniel A. Nagy wrote:
>Could you give us a reference to this one, please?

Google is your friend, dude.

Before making unitary global claims like you just did, you might consider
consulting the literature. It's out there.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

[R.A. Hettinga]

At 2:36 AM +0200 10/21/05, Daniel A. Nagy wrote:
>With all due respect, this was unnecessarily rude, unfair and unwarranted.

This is the *cypherpunks* list, guy... :-)

>Silvio Micali is a very prolific author and he published more than one paper
>on more than one exchange protocol

And I just got through saying that there are *lots* of exchange protocols.

You're the guy who said he couldn't figure out how to do a receipts. I toss
one, out of probably hundreds out there in the last 30 years, off the top
of my head, and *you* go all canonical on me here.

Again. Repeat. Google is your friend.

Thank you for playing.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

[R.A. Hettinga]

At 10:23 PM +0200 10/20/05, Daniel A. Nagy wrote:
>The referred 1988
>paper proposes an off-line system

Please. You can just as easily do an on-line system, and still have blind
signatures, including m=m=2 shared secret signature hiding to prevent
double spending.

In fact, the *only* viable way to do blind signatures with any security is
to have an *on-line* system, with redemption and reissue of certificates on
every step, and the underwriter not honoring any double spent transaction.

So, you still get the benefits of non-repudiation, you get functional
anonymity (because audit trails become a completely superfluous cost -- all
you need to keep is a single-field database of spent notes against a
possible second spend, deletable on an agreed-upon date), and (I claim :-))
you get the resulting transaction cost benefit versus book-entry
transactions as well.


Sigh. I really wish people would actually read what people have written
about these things for the last, what, 20 years now...

BTW, you can exchange cash for goods, or other chaumian bearer certificates
-- or receipts, for that matter, with a simple exchange protocol. Micali
did one for email ten years ago, for instance.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: cypherpunks@minder.net closing on 11/1

[R.A. Hettinga]

At 2:08 PM +0200 10/14/05, Eugen Leitl wrote:
>I'm suggesting [EMAIL PROTECTED] as an alternative node
>to subscribe to.

Amen. No problems here, either, pretty much since the node went up.

In case his load goes up now, :-), is anyone else running his node-ware on
another machine to keep him from being queen for a day?

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Venona not all decrypted?

[R.A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-

I just heard that the Venona intercepts haven't all been decrypted, and
that the reason for that was there "wasn't enough budget to do so".

Is that "not enough budget" to apply the one-time pads they already have,
or is that the once-and-futile exercise of "decrypting" ciphertext with no
one-time pad to go with it?

Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.0.2 (Build 2425)

iQEVAwUBQ0GSo8UCGwxmWcHhAQEPmQf9H03En5RvvUKqjtjHGvhSnUvPx5sUk2OV
FCqYs/3hLv2NxWeK63/zxwOv2cyQ4H0XRCi3+rV1NCcScecLSYYudQ+64ZqMFXju
ywPzSVUcZwPFYeYiz2ddpUTdadWCLexeKvhjN2hlFs4jUbEsguzjbOHC22yWUo2k
IeC5+E4TM2sKEz22KKpPtGPFuZENoTgHGoRvQRgFRaR6wTjeOgs0dIBNOXf7VXVQ
hrzCBmompgO25qRKDKETF28b2vtaVNeUeMUyPKAwyd0ivqqg4DX2YAqanOdmyOfe
JzsbFW6I43jxvT+jcxOI3AlOu+KujXSUAu1OxXUTVfXvRsjF7oDTWw==
=1U1P
-END PGP SIGNATURE-

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: [IP] Wireless access for all? Google plan would offer free Internet throughout SF]

[R.A. Hettinga]

At 2:58 PM +0200 10/1/05, Eugen Leitl wrote:
>But will they block Tor?

>Google plan would offer free Internet throughout SF

More to the point, is it finally time to short Google?

;-)

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: [IP] Request: Check your cell phone to see if it's always transmitting your location [priv]]

[R.A. Hettinga]

At 9:43 PM -0400 9/28/05, sunder wrote:
>Gee, I wonder why anyone would design a cell phone or pager to be able
>to stay on after its battery is pulled out.

To protect whatever's in the then-volatile memory?

cf Pournelle on conspiracy and stupidity...

>Are we just too paranoid?

See below.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"When I was your age we didn't have Tim May! We had to be paranoid
on our own! And we were grateful!" --Alan Olsen

Re: [EMAIL PROTECTED]: Re: Wikipedia & Tor]

[R.A. Hettinga]

At 8:37 PM -0400 9/27/05, lists wrote:
> Building a TOR nymspace would be much more
>interesting and distributed.

Since the first time I met Dingledine, he was talking pseudonymity,
bigtime. I was curious when he went to play with onion routers, but maybe
I'm not so surprised anymore...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: Wikipedia & Tor]

[R.A. Hettinga]

Speaking of "pseudonymity"...

At 12:53 PM -0400 9/27/05, Somebody wrote:
>
>Argh! Not this again!

Yes, again, and I'll keep repeating it until you get it. :-).

>No, "anonymity" is "don't know who sent it".

For some definitions of "who". To paraphrase a famous sink-washing
president, it depends on "who" you mean by "who". :-)

>Examples are anonymizing
>remailers which give all incoming users the same outgoing name, or the
>Anonymous Coward comments in /. (Disregard for now details such as the
>/. admins being able to link an AC comment to an IP address.)

Fine. Ignore the output thereof as noise, it's probably safe to do so.
Though concordance programs are your friends. Behavior is biometric, after
all. The words you use give you away, and can be filtered accordingly. Ask
someone named Detweiller about that. Or, for that matter, Kaczynski. Or
your trading patterns in market. Just like your "fist", in telegraphy.


>"Perfect pseudonymity" is "can't tie it to meatspace".

See "who", above. Since we haven't quite gotten AI down just yet, that's
good enough for me, though I expect, like Genghis, and not True Names,
we'll figure out that "intelligence" is an emergent property of *active*
physical manifestation, and not a giant pile of data.

> Different
>communications from the same sender can be tied to each other.
>Examples include most of the free email services, and digitally
>signing a message sent through an anonymizer.

Yup. That's what I mean by reputation, if I take your meaning right.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: [IP] OT: Canada: Sweeping new surveillance bill to criminalize investigative journalism]

[R.A. Hettinga]

At 8:46 PM +0200 9/21/05, Eugen Leitl wrote:
>Why Brin is full of it, and reverse panopticon is a fantasy.

Obviously Brin is full of it -- from my own personal experience, even, :-)
-- but one should remember that law, much less legislation, is always a
lagging indicator.

Physics causes finance, which causes philosophy, and all that.

Even Stalin couldn't make Lysenkoism science.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: [IP] Request: Check your cell phone to see if it's always transmitting your location [priv]]

[R.A. Hettinga]

At 2:59 PM +0200 9/22/05, Eugen Leitl wrote:
>For my Treo phone, I found the location option under "Phone
>Preferences" in
>the Options menu of the main phone screen.

Bada-bing!

Fixed *that*.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: The ghost of Cypherpunks

[R.A. Hettinga]

At 9:46 AM -0700 9/19/05, James A. Donald wrote:
>like Ben and Jerry's rainforest crunch, where by buying
>overpriced and extra fattening icecream, you were
>supposedly saving the rainforest and preserving
>indigenous cultures .

Politics is marketing by other means...

;-)

Cheers,
RAH
Or is it the other way around...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Fwd: Re: MIT talk: Special-Purpose Hardware for Integer Factoring

[R.A. Hettinga]

At 2:29 PM -0400 9/19/05, Steve Furlong wrote:
>What does George Bushitler stand to gain from this machine?

There you go again...

Cheers,
RAH
I feel *gd*...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: The ghost of Cypherpunks

[R.A. Hettinga]

At 2:03 PM -0400 9/17/05, Damian Gerow wrote:
>You're damn right it's political.

Especially if you're a Marxist, or some, shall we say "homeopathic" variant
thereof: after all, "the personal is political", right?

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: The ghost of Cypherpunks

[R.A. Hettinga]

At 2:31 PM +0100 9/19/05, ken wrote:
>Assuming that you mean feminism is a variant of Marxism, what
>exactly do you mean by Marxism?

Exactly what you do.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Fwd: Re: MIT talk: Special-Purpose Hardware for Integer Factoring

[R.A. Hettinga]

At 11:34 AM -0700 9/16/05, Bill Stewart wrote:
>>So, I saw this here at Farquhar Street at 14:55EST, jumped in the shower,
>>thus missing the train 13:20 train at Rozzy Square :-), instead took the
 ^
>>bus, and then the T, and got to MIT's New Funny-Looking Building about
>>16:40 or so, and saw the last few slides, asking the first, and only,
>>question, because the grad-students shot out of there at relativistic
>>velocity, probably so they wouldn't miss their dinner, or something...

Time travel aside (okay, innumeracy aside, some state-school philosophy
majors can't count, either...), if I'm a reporter, this is "new
journalism", since most of the missive is about *wonderful* *ME*...

:-)

Cheers,
RAH
Who reminds people that sentences that begin "The upshot, to me,", et. al.,
are usually committing the informal fallacy of relativism anyway...But
enough about me, what do *you* think about me...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: The ghost of Cypherpunks

[R.A. Hettinga]

At 9:43 AM +0100 9/15/05, ken wrote:
>Do you really think that politics only exists where there is a
>state?

Agreed, on this one.

In 10th century Iceland, an ostensible anarcho-capitalist society with
exactly *one* "public" employee(1) *everybody* was a lawyer -- and murder
was a tort. See David Friedman's "The Machinery of Freedom", and any good
Icelandic saga, my favorite being "Njall's Saga", for details

Cheers,
RAH
Who especially liked Friedman's "penny game", for a good example of how
government works.


(1) A guy whose job it was to recite one quarter of the agreed-upon laws
once a year at a summer solstice fair called the Allthing, and if a law
wasn't recited after four years, it was considered rescinded.
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The cost of online anonymity

[R.A. Hettinga]

--- begin forwarded text


 Date: Sun, 11 Sep 2005 17:02:13 -0400
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: The cost of online anonymity

 <http://news.bbc.co.uk/1/low/programmes/click_online/4227578.stm>

 The BBC

 Friday, 9 September 2005, 18:03 GMT 19:03 UK

 The cost of online anonymity
 By Dan Simmons
  Reporter, BBC Click Online

 In the second report looking at privacy and the internet, Dan Simmons
 examines whether it is possible to be totally anonymous and asks if this is
 really a desirable thing.
  In London's Speaker's Corner, the right to freedom of expressions has been
 practised by anyone who cares to turn up for centuries.

  But in countries where free speech is not protected by the authorities,
 hiding your true identity is becoming big business.

  Just as remailers act as a go-between for e-mail, so there are services
 through which you can surf the web anonymously.

  After 10 years in the business, Anonymizer has two million active users.
 The US government pays it to promote the service in China and Iran in order
 to help promote free speech.

  But these programs are becoming popular in the West too.

  The software encrypts all your requests for webpages. Anonymizer's servers
 then automatically gather the content on your behalf and send it back to
 you.

  No humans are involved and the company does not keep records of who
 requests what.

  However, there is some censorship. Anonymizer does not support anonymous
 uploading to the web, and it blocks access to material that would be
 illegal under US law.

 No to censorship

  For the last five years, Ian Clarke has been working on a project to offer
 complete anonymity.

  Founder and co-ordinator of Freenet, Ian Clarke says: "Our goal was to
 provide a system whereby people could share information over the internet
 without revealing their identity and without permitting any form of
 government censorship."

  The system is called the Free Network Project, or Freenet. A Chinese
 version has been set up to help dissidents speak out there.

  "We believe that the benefits of Freenet, for example for dissidents in
 countries such as China, Saudi Arabia, Iran, far outweigh the dangers of
 paedophilia or terrorist information being distributed over the system"
 Ian Clarke, Freenet

 Challenges of anonymous surfing
  Freenet encourages anonymous uploading of any material.  Some users of the
 English version believe it is so secure they have used it to confess to
 crimes they have committed, or to their interest in paedophilia.

  Each user's computer becomes a node in a decentralised file-storing
 network. As such they give up a small portion of their hard disk to help
 the system hold all the information and as with anonymous surfing,
 everything is encrypted, with a military grade 128-bit algorithm.

  The storage is dynamic, with files automatically moved between computers
 on the network or duplicated. This adds to the difficulty of determining
 who might be storing what.

  Even if a user's computer is seized, it can be impossible for experts to
 determine what the owner was doing on Freenet.

  But such strenuous efforts to protect identity have two side effects.

  Firstly, pages can take 10 minutes or more to download, even on a 2Mbbps
 broadband connection.

  Secondly, the information is so well encrypted it is not searchable at the
 moment. Forget Google, your only option is to scroll through the indexes
 provided.

  It is hoped usability of the service will improve when it is re-launched
 later this year.

 Ethical issues

  But those are the least of our problems, according to some experts, who
 think Freenet is a dangerous free-for-all.

  Digital evidence expert at the London School of Economics, Peter Sommer
 says: "A few years ago I was very much in favour of libertarian computing.

  "What changed my mind was the experience of acting in the English courts
 as a computer expert and examining large numbers of computers from really
 nasty people, who were using precisely the same sort of technology in order
 to conceal their activities.

  "I think that creates an ethical dilemma for everyone who wants to
 participate in Freenet.

  "You are giving over part of your computer, it will be in encrypted form,
 you will not know what you are carrying, but some of it is going to be
 seriously unpleasant.  Are you happy with that?"

  What worries many, is that Freenet is a lawless area.

  It can be used for many good things, like giving the oppressed a voice,
 but users can also preach race-hatred or share child pornography with
 complete impunity.

  Peter Sommer says: "Ian [Clarke] is placing a powerful tool in the hands
 of other people. He's like an armaments manufacturer.

  "Guns can be used for all sorts of good purposes but you know perfe

RE: [EMAIL PROTECTED]: [IP] Internet phone wiretapping ("Psst! The FBI is Having

[R.A. Hettinga]

At 10:16 PM -0400 9/7/05, Ulex Europae wrote:
>Okay, I've been in a hole in the ground for a few years. What happened
>to Tim May?

See below.

Cheers,
RAH
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"When I was your age we didn't have Tim May! We had to be paranoid
on our own! And we were grateful!" --Alan Olsen

[Ryan Lackey in Iraq] Wiring the War Zone

[R.A. Hettinga]

--- begin forwarded text


 Date: Wed, 24 Aug 2005 11:31:24 -0400
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Ryan Lackey in Iraq] Wiring the War Zone

 <http://www.wired.com/wired/archive/13.09/posts.html?pg=2>

 Wired
 Issue 13.09 - September 2005

 Wired 13.09: POSTS

 Wiring the War Zone



 It's a typical morning at Camp Anaconda, the giant US military base 50
 miles north of Baghdad - light breeze, temperatures heading to 100 degrees,
 scattered mortar fire. Ryan Lackey is getting ready for today's assignment:
 installing a pair of satellite Internet connections at Camp Warhorse about
 30 miles away.

 Lackey, 26, is founder and CTO of Blue Iraq, a war zone startup that has
 operated out of Anaconda since December. It's a bootstrap operation - three
 employees, tent accommodations, Army chow - that has been profitable from
 its first day. "The military's a great market," he says. "They have lots of
 money, and they know what they want." His customers are mostly base
 commanders and DOD contractors, plus the occasional group of soldiers who
 chip in to get Internet access.

 Lackey dons body armor and a Kevlar helmet and heads out to the flight
 line. A pair of Blackhawk helicopters is making a run to Camp Warhorse this
 morning, and Lackey is hitching a ride. He packs his equipment and tools
 into one helicopter and climbs into the other. Inside, everything is
 painted black. Door gunners sit behind machine guns mounted on flexible
 arms. The crew chief distributes earplugs, the passengers strap themselves
 in, the rotors start to turn, and the ground falls away. But not too far.
 Blackhawks fly just 100 feet above the ground, at 200 mph. It's a smooth,
 exhilarating ride, landscape zooming past like a dream of flying. As
 wartime commutes go, it can't be beat.

 Lackey has been taking risks since he dropped out of MIT at 19 to work at a
 startup on the Caribbean island of Anguilla. Two years later he moved to
 Sealand, a North Sea oil rig, where he cofounded a data storage outpost
 that claims sovereignty and is theoretically beyond the reach of any
 nation's laws. (It was the subject of a Wired cover story in July 2000.) He
 is happy to cash in on what he calls risk arbitrage. "There's sort of a
 dark calculus when people are afraid," he says. "Prices for everything go
 up. And if you understand the risk better than they do, you can price that
 into everything."

 The Blackhawk touches down at Camp Warhorse, a 1,000-soldier forward
 operating base near the insurgent stronghold of Baqouba. In a freak
 accident at the helipad, the rotor wash hurls one of the boxed satellite
 dishes into Lackey's chest like a massive Frisbee. His armor saves him from
 anything worse than bruises.

 The first of two installations takes a few hours. Lackey sets up a
 4-foot-diameter dish on the ground outside the base HQ, then assembles the
 metal support arms that hold the satellite electronics at the focus of the
 dish's parabolic arc. He has to be careful: After five minutes in the
 midday Iraqi sun, metal can sear an ungloved hand. Cables run from the dish
 to a modem indoors that in turn connects to a local area network. Ryan
 hooks his laptop up to the modem and adjusts the dish's elevation and
 azimuth until his software confirms the system is locked on to the correct
 satellite. Just like that: the Internet. The iDirect system is robust
 enough for Iraq's extreme heat, dust, and wind, and even handles
 voice-over-IP calls.

 The second install takes longer. Anti-radar camouflage netting overhead
 interferes with the signal. By the time he's done, Lackey has missed his
 helicopter lift home. He winds up stranded at Warhorse for two days before
 catching a ride back to Anaconda on an armored convoy. This means spending
 an hour in the back of a truck traveling through some of the most active
 insurgent territory in Iraq.

 Back in Anaconda, he has to deal with Blue Iraq's literal cash flow
 problem. The military pays in greenbacks, meaning he routinely has to fly
 on a cargo plane to deposit thick wads of currency at his bank in Dubai.

 That's the cost of doing business here. And business is expanding: He
 foresees cell service, ATM networks, and expansion into Afghanistan, and,
 he says with a bleak grin, "any other markets the US military opens up for
 us."

 --
 -
 R. A. Hettinga 
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

--- end forwarded text


-- 
-
R. A. Hettinga

New Drugs

[R.A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-

At 1:39 PM -0400 8/23/05, Trei, Peter wrote:

>"I [want] a new drug..."

I would request the irony-impaired actually look up the lyrics of this paen
to endogenous ero-endorphins, written by a drug-hating San Francisco
"acid-kindergarten" refugee.

In the meantime, I'm all for the legalization of meth -- as long as I get
to sharpen my Recon Tonto and personally slit the bag of any of the bastids
as they  cross my windowsill looking for something to steal.


Kinda like opening the borders without killing the welfare state first.
Okay, maybe our porous borders *will* kill the welfare state, of course,
Reagan used unrestrained soviet-killing budget deficits to "kill" the
welfare state en passant. He didn't? I mean, Clinton *did* say "...big
government is over.", right? Right???  This thing on?


Cheers,
RAH
The only to "legalize" anything is when progress makes the law superfluous.

-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.0.2 (Build 2425)

iQEVAwUBQwtypsUCGwxmWcHhAQHpDgf/T5q80m2rgc57388eGuvdIq1YttZDMww2
NannlO3JhKbTXQNKuoArDV66GPhg9nST3KYWLXI/MyrJllgtNioudkxF/pTU
B3ussJXFfHbo3Ya1wgM9P1srQlK6smmamv3oHXY92kqeM5JBWfwG7gybMaC+IKKb
nk0YgblOoW2bsXfONjdISXti0ENvkFIMrLxajoWVXSAp1exDOCJPqLSxbKnX2DNd
ftBNYO8h9tt/qr6KRhBZsY449Vs1g1CMVigdVy6h7y9WBlhRWCMjJF/pfnJWbQJm
a4f9H/XjNntHVr+Z0UZnthj0Va2RKKm99CKTFS+7fypDlEfslq/W3A==
=vsGf
-END PGP SIGNATURE-

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

[Clips] Finger points to British intelligence as al-Qaeda websites are wiped out

[R.A. Hettinga]

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Sat, 30 Jul 2005 23:01:38 -0400
 To: Philodox Clips List <[EMAIL PROTECTED]>
 From: "R.A. Hettinga" <[EMAIL PROTECTED]>
 Subject: [Clips] Finger points to British intelligence as al-Qaeda websites
  are wiped out
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 <http://www.timesonline.co.uk/printFriendly/0,,1-523-1715166-523,00.html>

 The Times of London

 July 31, 2005

 Finger points to British intelligence as al-Qaeda websites are wiped out
 Over the past fortnight Israeli intelligence agents have noticed something
 distinctly odd happening on the internet. One by one, Al-Qaeda's affiliated
 websites have vanished until only a handful remain, write Uzi Mahnaimi and
 Alex Pell.

 Someone has cut the line of communication between the spiritual leaders of
 international terrorism and their supporters. Since 9/11 the websites have
 been the main links to disseminate propaganda and information.

 The Israelis detect the hand of British intelligence, determined to torpedo
 the websites after the London attacks of July 7.

 The web has become the new battleground of terrorism, permitting a freedom
 of communication denied to such organisations as the IRA a couple of
 decades ago.

 One global jihad site terminated recently was an inflammatory Pakistani
 site, www.mojihedun.com, in which a section entitled How to Strike a
 European City gave full technical instructions. Tens of similar sites, some
 offering detailed information on how to build and use biological weapons,
 have also been shut down. However, Islamic sites believed to be "moderate",
 remain.

 One belongs to the London-based Syrian cleric Abu Basir al-Tartusi, whose
 www.abubaseer.bizland.com remained operative after he condemned the London
 bombings.

 However, the scales remain weighted in favour of global jihad, the first
 virtual terror organisation. For all the vaunted spying advances such as
 tracking mobile phones and isolating key phrases in telephone
 conversations, experts believe current technologies actually play into the
 hands of those who would harm us.

 "Modern technology puts most of the advantages in the hands of the
 terrorists. That is the bottom line," says Professor Michael Clarke, of
 King's College London, who is director of the International Policy
 Institute.

 Government-sponsored monitoring systems, such as Echelon, can track vast
 amounts of data but have so far proved of minimal benefit in preventing, or
 even warning, of attacks. And such systems are vulnerable to manipulation:
 low-ranking volunteers in terrorist organisations can create background
 chatter that ties up resources and maintains a threshold of anxiety. There
 are many tricks of the trade that give terrorists secure digital
 communication and leave no trace on the host computer.

 Ironically, the most readily available sources of accurate online
 information on bomb-making are the websites of the radical American
 militia. "I have not seen any Al-Qaeda manuals that look like genuine
 terrorist training," claims Clarke.

 However, the sobering message of many security experts is that the
 terrorists are unlikely ever to lose a war waged with technology.

 --
 -
 R. A. Hettinga 
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 ___
 Clips mailing list
 [EMAIL PROTECTED]
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"When the hares made speeches in the assembly and demanded that all should
have equality, the lions replied, "Where are your claws and teeth?"  --
attributed to Antisthenes in Aristotle, 'Politics', 3.7.2

Re: [Clips] "Clippre": Police ask for tough new powers

[R.A. Hettinga]

At 10:31 PM -0700 7/22/05, Sarad AV wrote:
>The root cause of terrorism in many
>cases is that - you screw them and they screw you.
>That too has to stop.

The root "cause" of any war is that somebody didn't finish screwing
somebody. :-).

Finish what you start.

Cheers,
RAH
Who's feeling particularly Jacksonian, this morning...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Len Adleman (of R,S, and A): Universities need a little Limbaugh

[R.A. Hettinga]

A little  humor this morning...

He's right, but it's still funny.

Expect Dr. Adleman to be asked to turn in his Liberal Secret Decoder Ring
forthwith...

Cheers,
RAH
---





Los Angeles Daily News


Universities need a little Limbaugh
By Leonard M. Adleman

Saturday, May 14, 2005 - Pomp and circumstance. Black-robed students
receiving diplomas as proud parents look on. Distinguished members of
society receiving honorary degrees and offering sage advice to ''America's
future.''

 It is commencement time again at the nation's universities.

 This year I nominated Rush Limbaugh for an honorary doctorate at the
University of Southern California, where I am a professor. Why Limbaugh _ a
man with whom I disagree at least as much as I agree? Here are some of the
reasons I gave in my letter of nomination:

 ''Rush Limbaugh has engendered epochal changes in politics and the media.
He has accomplished this in the noblest of ways, through speech and the
power of his ideas. Mr. Limbaugh began his career as a radio talk-show host
in Sacramento in 1984. He espoused ideas that were conservative and in
clear opposition to the dominant ideas of the time. Perhaps because of the
persuasiveness of Mr. Limbaugh's ideas or because they resonated with the
unspoken beliefs of a number of Americans, his audience grew. Today, he has
the largest audience of any talk show host (said to be in excess of 20
million people per week) and his ideas reverberate throughout our society.

 ''Mr. Limbaugh is a three-time recipient of the National Association of
Broadcasters' Marconi Radio Award for Syndicated Radio Personality of the
Year. In 1993, he was inducted into the National Association of
Broadcasters' Broadcasting Hall of Fame.

 ''In 1994, an American electorate, transformed by ideas that Mr. Limbaugh
championed, gave control of Congress to the Republicans for the first time
in 40 years. That year, Republican congressmen held a ceremony for Mr.
Limbaugh and declared him an 'honorary member of Congress.' The recent
re-election of President Bush suggests that this transformation continues.
One of Mr. Limbaugh's major themes through the years has been liberal bias
in the 'mainstream' media. His focus on this theme has made him the target
of incessant condemnation. Nonetheless, he has persevered and it now
appears that his view is prevailing. As the recent debacle at CBS shows,
the media is in the process of major change. Ideally, the American people
will profit from a reconstituted media that will act more perfectly as a
marketplace for ideas.''

 But there is a bigger reason why I support giving him an honorary degree:
Because I value intellectual diversity.

 Regrettably, the university declined to offer Limbaugh a degree. As best I
can determine, no university has honored him in this way. On the other
hand, such presumably liberal media luminaries as Dan Rather, Chris
Matthews, Judy Woodruff, Bill Moyers, Terry Gross, Paul Krugman and Peter
Arnett have received many honorary degrees from the nation's universities.

 Now before you label me as a right-wing ideologue, let me present my
credentials as a centrist. Limbaugh has well-known positions on the
following issues: abortion, capital punishment, affirmative action, prayer
in school, gun control, the Iraq war. I disagree with him on half of these.

 But intellectual diversity has all but vanished from America's campuses.
We are failing in our duty to provide our students with a broad spectrum of
ideas from which to choose. Honoring Limbaugh, or someone like him, would
help to make the academy more intellectually diverse.

 The great liberal ideas that swept through our universities when I was a
student at Berkeley in the 1960s have long ago been digested and largely
embraced in academia. Liberalism has triumphed. But a troubling legacy of
that triumph is a nation whose professorate is almost entirely liberal.

 In the 29 years I have been a professor, I do not recall encountering a
single colleague who expressed conservative ideas. The left-wing
accusations of Ward Churchill (Honorary Doctor of Humane Letters, Alfred
University, 1992) are not the problem _ the problem is the scarcity of
professors who are inclined to rebut them. It is time for the nation's
universities to address this disturbing situation.

 So I hereby extend my nomination of Limbaugh to all universities. It would
be a refreshing demonstration of renewed commitment to intellectual
diversity if next spring we hear Dr. Limbaugh's words as our graduates ''go
forth.''

Professor Leonard M. Adleman is the Henry Salvatori Professor of Computer
Science at the University of Southern California.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of th

Stolen Credit Card Numbers and Companies with a Clue (was Re: TidBITS#772/28-Mar-05)

[R.A. Hettinga]

At 5:48 PM -0800 3/28/05, TidBITS Editors wrote:
>Stolen Credit Card Numbers and Companies with a Clue
>
>  by Adam C. Engst <[EMAIL PROTECTED]>
>
>  Credit card number theft is one of those events that seems
>  to happen only to other people... until it hits you. That
>  just happened to me, and the repercussions proved a bit more
>  instructive and far-reaching that I would have initially
>  anticipated.
>
>
>**Awkward Dating** -- The first hint that something was wrong
>  came when Tonya was reviewing the charges on the MasterCard we
>  use solely for business purchases. There was a $19.95 charge to
>  something related to Yahoo, but it wasn't possible to tell exactly
>  what service from the limited information on the credit card
>  statement. Tonya knew she hadn't ordered anything online that
>  could have generated such a charge, and when she asked me, I
>  couldn't remember anything either. To verify that I wasn't simply
>  losing my memory, I searched all my received email around the
>  date in question, and even went so far as to search my OmniWeb
>  history for Yahoo URLs around the date.
>
>  The situation was becoming more curious, so Tonya called the
>  phone number on the credit card statement, and waited on hold
>  for a while. As she waited, she realized that what she had
>  called was Yahoo Personals - Yahoo's online dating service.
>  She immediately yelled for me to get on the phone, figuring
>  that the whole situation was just going to generate snickers
>  for the customer service people if they heard a wife calling
>  to find out about a dating service charge on her husband's credit
>  card. I was good and refrained from making jokes about how I
>  didn't even get any dates from Yahoo Personals once the customer
>  service people came on the line.
>
>
>
>  It took a little back and forth with Yahoo's customer service
>  people, since we weren't willing to give them much more personal
>  information, some of which they claimed they needed to look up the
>  account that had made the charges. Eventually we got them to tell
>  us that the Yahoo Personals account did indeed have the same user
>  name as my My Yahoo account (I immediately changed that account's
>  password, just for good measure), but that the birth date listed
>  with the Yahoo Personals account did not match either of our birth
>  dates. That was sufficient for them to cancel the account and
>  refund our money.
>
>
>**Cleaning Up from Cancellation** -- The Yahoo Personals customer
>  service rep recommended that we cancel the credit card used, which
>  we were already planning as the next call. Our credit card issuer
>  was totally on top of it, cancelling the card and issuing us
>  another one before we'd even had a chance to explain the full
>  situation. Tonya keeps records of merchants that are automatically
>  withdrawing from that credit card, so next she reset all of those
>  accounts. The morning was shot, but it seemed that we were out
>  of the woods. Unfortunately, it wasn't to be.
>
>  A few days later, Tristan and I were out driving when I remembered
>  that our other car likely had a flat tire due to a slow leak I'd
>  been monitoring. That normally wouldn't have been an issue, but
>  Tonya had an appointment before we would be home, and I wanted
>  to alert her to blow up the tire and to remember her cell phone
>  in case she needed me to come change the tire while she was out.
>  In New York State, it's illegal to drive while talking on a cell
>  phone unless you're using a hands-free system, so I pressed the
>  speed-dial number for home and handed Tristan the phone so he
>  could give her the message. A few seconds later he gave me back
>  the phone, saying "It's being weird." I pulled over and listened,
>  and indeed, I'd somehow ended up with Verizon Wireless customer
>  service. I hung up and tried again, and got them again. This time
>  I waited until I could talk to a person, who promptly informed me
>  that they had disabled our service because the monthly bill had
>  been rejected by our credit card - apparently one auto-withdrawal
>  had slipped past Tonya's record keeping. Luckily, I was able to
>  use another phone later to walk Tonya through inflating the tire,
>  but the credit card fraud was increasing in annoyance.
>
>  The next week Tonya managed to get the account reinstated, and
>  protested sufficiently vehemently when Verizon Wireless tried
>  to charge a $15 fee for doing so that they waived the charge.
>  She pointed out that it would have been trivial for them to notify
>  us via voicemail or text messaging that our auto-withdrawal had
>  failed, but needless to say, the customer service drone couldn't
>  do anything but forward the feedback (if even that).
>
>  That wasn't the end of the bother, though the next one was purely
>  my fault. I'd set up a Google AdWords account for Take Control
>  that al

Warm Party for a Code Group

[R.A. Hettinga]

> At 9:01 PM +0100 3/4/05, Anonymous wrote:
>>What does this have to do with cypherpunks?

>"Narcs and feds will not be allowed at the meeting. Fuck them dead."

Cheers,
RAH

--




Wired News


Warm Party for a Code Group 
By Danit Lidor?

Story location: http://www.wired.com/news/culture/0,1284,55114,00.html

02:00 AM Sep. 13, 2002 PT

The cypherpunks are throwing a PGP (pretty good party) this weekend.


 The venerable online community is celebrating its 10th anniversary which,
in the ephemeral world of the Internet, is remarkable.

 No wonder. In 1992, the cypherpunks emerged from a small group of people
who, because of their interest in cryptography and encryption, recognized
that the free-flowing format of the burgeoning Web culture must provide for
anonymous interactions.

 Not surprisingly, they soon came under the uncomfortable scrutiny of the
formidable National Security Agency.

 The situation escalated in early 1993, after a computer programmer named
Phil Zimmermann (a patron saint of the community) -- alarmed that the
patents for public key encryption were sold to a company called RSA --
wrote an open-source, free program called PGP (Pretty Good Privacy).

 The resulting debacle, in which Zimmermann was threatened with criminal
prosecution for exporting weapons (encryption technology is termed a weapon
by the U.S. government), brought the public's right to privacy to the
forefront of the now-commonplace tug-of-war between those who favor "crypto
anarchy" and those who don't.

 Through the active work of many civil libertarians, including the
cypherpunks, pressure was brought to bear upon the government to re-think
its position. The charges against Zimmermann were dropped.

 It was a triumph. The geeks fought the law, and the geeks won.

 "The cypherpunks' paranoia about information exploitation is becoming
mainstream," Peter Wayner, author of Translucent Databases, wrote in an
e-mail interview. "Everyone is learning that the cypherpunks' insistence on
limiting the proliferation of information is a good thing."

 The cypherpunks' e-mail list forms the nucleus of the community, which has
grown to include people of many agendas and interests. No longer the
exclusive domain of crypto geeks, cypherpunks are "doctors, lawyers,
mathematicians, felons, druggies, anti-druggies, anarchists, libertarians,
right-wing fanatics, left-wing fanatics, teachers, housewives,
househusbands, students, cops and criminals," cypherpunk J.A. Terranson
wrote in a posting.

 Cypherpunk Optimizzin Al-gorithym wrote in typically obscure cypherpunk
fashion, "We're all just voices in Tim May's head."

 May, one of the original cypherpunks, continues to be an active figurehead
of the cypherpunks and has often bridged the chasm between its historically
secretive culture and its forays into the public sphere.

In 10 years, the list has become an amalgamation of a political watchdog
site, a social club and a repository of technical cryptographic discussion.

 "(It's) where people from all different backgrounds and views can hear
from one another," mathematician Nina Fefferman said. "We math people are
frequently shocked and confused by what the politicians do with regard to
legislating crypto-related issues. Conversely, the policy and society
people are frequently interested in issues that have to do with the use and
regulation of cryptographic standards and research."

 "The atmosphere isn't as electric because the scene has grown so big,"
Wayner said. "It's not just a few guys talking about the importance of some
mathematical equations. It's like debating the importance of indoor
plumbing now. No one disputes it, they just want to argue about copper
versus PVC."

 Wayner, Zimmermann, as well as May, John Gilmore and Eric Hughes (the
original founders of the list), however, have emerged from their cypherpunk
association as key public privacy figures: vocal and passionate defenders
of civil liberties on the Web.

 It's hard to imagine the secretive and fractious cryptocrusaders
assembling for a physical meeting. Even May, the party's host, isn't sure
who or how many cypherpunks to expect to his soiree at a hideaway in the
Santa Cruz (California) mountains.

 But he's adamant about who won't be coming. Never one to mince words, he
wrote, "Narcs and feds will not be allowed at the meeting. Fuck them dead."


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Federal Judge Orders 'Enemy Combatant' Jose Padilla Charged Or Released

[R.A. Hettinga]

Yahoo!

Federal Judge Orders 'Enemy Combatant' Jose Padilla Charged Or Released


Mon Feb 28, 6:08 PM ET


 A federal judge in Spartanburg has ordered that an American citizen held
as an enemy combatant in a Navy brig in Charleston should be released.

  


 U.S. District Judge Henry F. Floyd ruled Monday that the president of the
United States does not have the authority to order Jose Padilla to be held.

 "If the law in its current state is found by the president to be
insufficient to protect this country from terrorist plots, such as the one
alleged here, then the president should prevail upon Congress to remedy the
problem," he wrote.

 In the ruling, Floyd said that three court cases that the government used
to make its claim did not sufficiently apply to Padilla's case.

 Floyd wrote that, in essence, "the detention of a United States citizen by
the military is disallowed without explicit Congressional authorization."

 Floyd wrote that because the government had not provided any proof that
the president has the power to hold Padilla, he must reject the
government's claim of authority.

 "To do otherwise would not only offend the rule of law and violate this
countrys constitutional tradition, but it would also be a betrayal of this
nations commitment to the separation of powers that safeguards our
democratic values and individual liberties," he wrote.

 "For the court to find for [the U.S. government] would also be to engage
in judicial activism. This court sits to interpret the law as it is and not
as the court might wish it to be. Pursuant to its interpretation, the court
finds that the President has no power, neither express nor implied, neither
constitutional nor statutory, to hold [Padilla] as an enemy combatant,"
Floyd wrote.

 As a result, Floyd ordered that Padilla be charged with a crime or
released within 45 days.

 The government is expected to appeal the decision.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

I.R.S. Accuses Man of Hiding $450 Million

[R.A. Hettinga]

The New York Times
March 1, 2005

I.R.S. Accuses Man of Hiding $450 Million
 By DAVID CAY JOHNSTON


ASHINGTON, Feb. 28 - A prominent telecommunications entrepreneur who once
tried to mount a rescue of a Russian space station has been arrested and
charged with evading taxes by hiding at least $450 million of income
through offshore corporations.

According to a 12-count indictment released on Monday that federal
prosecutors called the largest criminal case of individual tax evasion, the
entrepreneur, Walter Anderson, 51, did not pay over $210 million in federal
and local income taxes he owed for the years 1995 through 1999 alone.

"Mr. Anderson ran the table when it came to violating the tax laws," Mark
W. Everson, the Internal Revenue Service commissioner, told a news
conference Monday. "Because of his dishonest dealings, Mr. Anderson's
lavish lifestyle was subsidized by honest, hard-working Americans."

In 1998 Mr. Anderson, who lives in Washington, reported a total income of
$67,939 and paid a tax of just $494. Mr. Everson said Mr. Anderson actually
made at least $126 million that year that he never reported. From 1987
through 1993, officials said, Mr. Anderson failed to file a tax return.

Mr. Anderson is the chief executive of Orbital Recovery, a company trying
to extend the life of telecommunications satellites. He was arrested
Saturday at Dulles Airport outside Washington as he stepped off a plane
from London, according to Kenneth L. Wainstein, the United States attorney
for the District of Columbia.

In court on Monday, Mr. Anderson pleaded not guilty to the charges. His
lawyer, John Moustakas, told Magistrate Judge Alan Kay that the
government's case was based on "innuendo and rumor."

 If convicted, Mr. Anderson faces as much as 24 years in prison.

Judge Kay ordered Mr. Anderson held without bail until a bond hearing on
Thursday. Susan Menzer, a prosecutor in the case, called Mr. Anderson "a
flight risk" who "can't be trusted."

"He hasn't been listening to judges for years," she added.

 Since a search warrant was executed in 2002, Mr. Anderson has moved
artwork and cash to Switzerland to defeat both tax collectors and creditors
who have civil court orders, the Justice Department said in court papers.

Mr. Moustakas did not return a phone call seeking comment.

Mr. Anderson has long attracted a certain level of public attention,
especially when he tried to arrange a rescue of the Mir space station five
years ago. He frequently flew in a private jet and made deals involving
millions of dollars. At conferences on space travel he often spoke of his
hatred of government.

But he came under scrutiny, law enforcement officials suggested, only
because of a tip from a disgruntled business associate.

 Mr. Anderson, according to the indictment, formed an offshore corporation,
Gold and Appeal Transfer, in the British Virgin Islands in 1992 to hide his
profits from deals involving a telecommunications company he started in the
1980's.

Over the next three years, the indictment charged, Mr. Anderson set up a
network of offshore corporations, including one in Panama under the alias
Mark Roth, that were used to hide his ownership of three telecommunications
companies and allow him to earn hundreds of millions of dollars without
paying taxes.

 While Mr. Anderson at times insisted publicly that he was worth no more
than $4 million, he serves as a senior business adviser to Constellation
Services International, a fledgling satellite rescue company that disclosed
his ownership of several companies, including Gold and Appeal. Its Web site
said Gold and Appeal was worth at least $100 million and described Mr.
Anderson as selling the Esprit Telecom Group in 1998 for $900 million.

 In extensive filings with the I.R.S. and the Securities and Exchange
Commission, the indictment charged, Mr. Anderson claimed that he was merely
an employee of Gold and Appeal, the offshore bank that the indictment says
was central to his tax-evasion effort.

 "The I.R.S. holds all Americans, even the very wealthy, to the same
standard," Mr. Everson said. "This indictment sends a strong signal that we
will not tolerate abuse of the tax laws."

But later, questioned by reporters, Mr. Everson noted that the I.R.S. law
enforcement staff has been cut by at least a quarter in recent years. Mr.
Wainstein, the United States attorney, said one of his prosecutors had
spent a year developing the case.

Prosecutors noted that it was difficult to catch determined tax cheats but
said that some countries known as tax havens had been cooperating with
American investigators more often since the 9/11 terrorist attacks. The
government has stepped up investigations but managed to recommend only
1,400 tax prosecutions out of the 130 million tax returns filed annually.

For budgetary reasons, the I.R.S. relies almost entirely on data reported
to it on computer files, not

Fred Durst Says Sex Video Was Stolen From His Computer

[R.A. Hettinga]

Like most real hacks and cracks, it was an, um, inside job...

Cheers,
RAH
---



mtv.com - News -


Fred Durst Says Sex Video Was Stolen From His Computer
 02.25.2005 9:52 PM EST

Contrary to rumors, nookie clip was not hacked from a Sidekick.

Fred Durst
 Photo: MTV News
SANTA MONICA, California - Just days after Paris Hilton's T-Mobile Sidekick
was hacked, spreading her topless photographs across the Internet, a sex
tape featuring Fred Durst hit the Web along with reports that it was the
work of the

 Fred Durst on how the video was stolen
 same hacker.

 Though the explicit clip features the words "T-Mobile Terrorist" on it,
the Limp Bizkit singer said the footage was definitely not stolen from his
PDA.

 "If you look on Paris' thing, I don't use T-Mobile," Durst said with a
laugh on Friday (February 25), referring to the list of Hilton's phone
numbers that also leaked and included his contact information (see "Paris
Hilton Apologizes For Crank Calls, Fergie Wants Revenge"). "No, no, [my
listing in her Sidekick] is just old, years old. Somebody that was
repairing my computer was smart enough to go through anything he could [and
found the movie]. What can I say? I'm not proud of it.

 "Everyone, probably everyone in this building, has done something similar
to what I did, and nobody cares about it," he added during a break from
recording the next Limp Bizkit album in Interscope Records' studio. "But if
you're high-profile, or on someone's radar ... then it matters. What
happens to me happens to me, and I have to live with it and go on."

 Durst said he's been contacted by at least one company seeking his
cooperation in selling the video.

 "When those things happen to people, there are companies that approach
you, say, 'Hey, man, you wanna make some money off this? People are gonna
see it anyway,' " Durst explained. "I said, 'Absolutely not, I don't wanna
make any money of this. This is ridiculous.' So when you see [celebrity sex
tapes] out there with big company names on them, you can know people gave
them permission to release it."

 David Hans Schmidt, a Phoenix-based publicist who once represented Tonya
Harding and who has represented celebrities in the selling of nude photos
in the past, tells a different story. He said the thieves contacted him in
September and he's been negotiating with them and Durst's agents ever since.

 "I was close to turning something illegal into something legal and then
these hackers reneged and went out and put the tape on World Wide Web along
with my home telephone number," Schmidt said. "Now we're gonna get 'em.
Government agencies are meeting with me this weekend."

 Schmidt refused to elaborate about the deal because he worried it might
hinder the investigation.

 Durst said he hopes people learn a lesson from what happened to him and Paris.

 "If you wanna know how not secure you are, just take a look around," he
said. "Nothing's secure. Nothing's safe. It's just helping us get better,
causing awareness for homeland security. ... I don't hate technology, I
don't hate hackers, because that's just what comes with it, without those
hackers we wouldn't solve the problems we need to solve, especially
security."

 Limp Bizkit are nearly finished with their fifth studio album, which will
mark the return of original guitarist Wes Borland (see "Wes Borland Back
With Limp Bizkit").

 - Corey Moss


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Italian GSM provider warns: too many wiretaps

[R.A. Hettinga]

 Now, boys and girls, try not to laugh *too* hard, and be sure
you swallow your Wheaties before you read this... 

Cheers,
RAH
---



| EDRI
EDRI-gram » EDRI-gram - Number 3.4, 24 February 2005

Italian GSM provider warns: too many wiretaps
24 February, 2005
 »
Privacy | Wiretapping


The Italian mobile operator TIM, one of the largest mobile phone companies
in Italy has issued a unique warning that the number of wiretaps has
reached the limit. In a fax sent to all Italian public prosecutors they say
that they have already over-stretched their capacity from 5.000 to 7.000
simultaneously intercepted mobile phones. New requests now have to be
processed on a 'first come first serve' basis, they write.

 Even more unique in the current secretive environment of law enforcement,
the Italian Minister of Justice Roberto Castelli (right-wing Lega Nord) has
provided the newspaper Repubblica with statistics about the number of
wiretaps and costs. The number of wiretaps has doubled every two years, he
said, from 32.000 intercepts in 2001, to 45.000 in 2002, to 77.000 in 2003.
He estimates the number of wiretaps in 2004 to be 100.000, costing the
Justice department aprox 300.00 million euro in cost reimbursements. In
2003 the department of Justice spent 225 million euro on the intercepts, in
2002 230 million and in 2001 165 million.

 Castelli admitted the number of police intercepts in Italy was very high.
Currently Italy has aprox 58 million inhabitants. With 100.000 intercepts
in 2004, Italy orders 172 judicial intercepts per 100.000 inhabitants.
There is no information about wiretaps ordered by secret services in any
country.

 Castelli referred to the report of the German Max Planck Institute which
already concluded Italy was the wiretapping champion of the (western) world
with 76 intercepts per 100.000 inhabitants (44.000 wiretaps in 1996). The
number two on the European wiretapping list in 1996, the Netherlands,
refuses to provide any recent statistics. According to unofficial estimates
the Netherlands intercepted 12.000 phones (fixed and mobile) in 2004. If
those numbers are correct, the Netherlands have 75 intercepts per 100.000
inhabitants. In the United States, the most recent public statistics date
from 2002. They mention 1.273 court ordered intercepts on a population of
aprox 293 million, totalling 0,43 intercepts per 100.000 inhabitants. The
UK Communication Commissioner mentions a total of 1.983 warrants for
intercepts in 2003 on a population of 59,5 million, totalling 3,3
intercepts per 100.000 inhabitants.

 One possible explanation for the explosion of the number of wiretaps in
Italy is their short duration. An order is valid for 15 days and can only
be extended with a new motivation from a magistrate. Only for
investigations into organised crime an intercept can last 40 days. In many
other countries, intercepts have a duration of 1 to 3 months.

 Vodafone and Wind, two other major mobile phone companies, are also
reaching their maximum wiretapping capacity, reports Repubblica. While
Castelli used the occasion to warn against overuse of wiretapping in
investigations, the Italian magistracy doesn't seem to agree. Edmondo Bruto
Liberati, President the National Association of Magistrates (association of
both judges and public prosecutors) stressed that wiretapping is much
cheaper than individual covert surveillance. He complained about the vast
under-financing the judicial apparatus is currently suffering from.

 This public debate between the Minister and the magistracy points at a
more fundamental division in Italian politics. By stressing the immense
costs of wiretapping the Minister of Justice adds weight to his attempt to
shift the costs to the Ministry of Internal Affairs. Generally the Minister
pictures an image of a foolish magistracy that abundantly spends public
money. This comes as no surprise to many Italians, given the tense
relationship between Berlusconi and the magistracy.

 MP Giovanni Russo Spena (left wing opposition, Rifondazione Comunista) has
demanded an explanation from the government about the massive use of
wiretapping in investigations and wishes to be informed how citizens are
protected against this potential and actual invasion of their privacy
rights.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

China walks out of wireless LAN security talks

[R.A. Hettinga]

Time to put on the tinfoil hats and impute conspiracy to what is more
probably, as Pournelle once observed, incompetence...

Cheers,
RAH
---

 
China walks out of wireless LAN security talks

Patrick Mannion
 Feb 24, 2005 (12:26 PM)


MANHASSET, N.Y. - China walked out of a wireless standards meeting this
week, accusing the International Organization for Standardization of
favoring the IEEE's 802.11i ANSI-certified wireless LAN security scheme
over its own controverisal proposal, EE Times has learned.

 The gambit came after China's Wireless Authentication and Privacy
Infrastructure (WAPI) security scheme was withdrawn and placed on a slower
track by the ISO. This week's meeting in Sulzbach, Germany, included the
ISO/IEC JTC1 SC6 WG1 working group created to resolve the dispute.

 China initially agreed last year to refrain from making its WAPI security
scheme mandatory for wireless LAN equipment in China. It then approached
ISO with a fast-track submission in an effort to make WAPI an international
security standard. The 802.11i proposal is also on the fast-track for ISO
approval, possibly by April. Until this week, the ISO group was focused on
whether or not both 802.11i and WAPI should be cemented as enhanced - but
optional - security standards.

 However, sources said tempers flared when China's original fast-track
submission, designated 1N7506 of China National Standard GB15629.11 (WAPI),
was withdrawn from consideration. It was replaced by a revised submission,
designated 6N12687, that removed the China proposal from the organization's
fast-track approval process.

 The withdrawal was based on a procedural issue, according to a source, and
the clock for approval was reset indefinitely to a later submission. The
result is a delay in moving the WAPI proposal through ISO.

 Sources said China walked out specifially over disputes centering on which
members have authority to seek a withdrawal and the timing of the request.
Chinese delegates also accused ISO of favoring the IEEE 802.11i proposal.

 It remains unclear for now whether the dispute will affect the current
suspension of China's original law requiring mandatory implementation of
WAPI. The IEEE is currently drafting a formal response, but declined to
comment.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

I'll show you mine if you show me, er, mine

[R.A. Hettinga]

The Register


 Biting the hand that feeds IT

The Register » Security » Identity »

 Original URL: http://www.theregister.co.uk/2005/02/21/crypto_wireless/

I'll show you mine if you show me, er, mine
By Lucy Sherriff (lucy.sherriff at theregister.co.uk)
Published Monday 21st February 2005 17:11 GMT

Security researchers have developed a new cryptographic technique they say
will prevent so-called stealth attacks against networks.

A stealth attack is one where the attacker acts remotely, is very hard to
trace, and where the victim may not even know he was attacked. The
researchers say this kind of attack is particularly easy to mount against a
wireless network.

The so-called "delayed password disclosure" protocol was developed by
Jakobsson and Steve Myers of Indiana University. The protocol allows two
devices or network nodes to identify themselves to each other without ever
divulging passwords.

The protocol could help secure wireless networks against fraud and identity
theft, and protect sensitive user data. The technique will be particularly
useful in ad-hoc networks, where two or more devices or network nodes need
to verify each others' identity simultaneously.

Briefly, it works like this: point A transmits an encrypted message to
point B. Point B can decrypt this, if it knows the password. The decrypted
text is then sent back to point A, which can verify the decryption, and
confirm that point B really does know point A's password. Point A then
sends the password to point B to confirm that it really is point A, and
knows its own password.

The researchers say that this will prevent consumers connecting to fake
wireless hubs at airports, or in coffee shops. It could also be used to
notify a user about phishing attacks, scam emails that try to trick a user
into handing over their account details and passwords to faked sites,
provide authentication between two wireless devices, and make it more
difficult for criminals to launder money through large numbers of online
bank accounts.

Jakobsson is hoping to have beta code available for Windows and Mac by the
spring, and code for common mobile phone platforms later in 2005.

More info available here (http://www.stealth-attacks.info). ®

Related stories

Hotspot paranoia: try to stay calm
(http://www.theregister.co.uk/2005/01/24/wi_fi_hotspot_security/)
Crypto researchers break SHA-1
(http://www.theregister.co.uk/2005/02/17/sha1_hashing_broken/)
Cyberpunk authors get the girls
(http://www.theregister.co.uk/2005/02/17/cyberpunk/)

© Copyright 2005

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Code name "Killer Rabbit": New Sub Can Tap Undersea Cables

[R.A. Hettinga]

WCBS 880 | wcbs880.com

Experts: New Sub Can Tap Undersea Cables
*   USS Jimmy Carter Will Be Based In Washington State
Feb 18, 2005 4:55 pm US/Eastern

 The USS Jimmy Carter, set to join the nation's submarine fleet on
Saturday, will have some special capabilities, intelligence experts say: It
will be able to tap undersea cables and eavesdrop on the communications
passing through them.

The Navy does not acknowledge the $3.2 billion submarine, the third and
last of the Seawolf class of attack subs, has this capability.

"That's going to be classified in nature," said Kevin Sykes, a Navy
spokesman. "You're not going to get anybody to talk to you about that."

But intelligence community watchdogs have little doubt: The previous
submarine that performed the mission, the USS Parche, was retired last
fall. That would only happen if a new one was on the way.

Like the Parche, the Carter was extensively modified from its basic design,
given a $923 million hull extension that allows it to house technicians and
gear to perform the cable-tapping and other secret missions, experts say.
The Carter's hull, at 453 feet, is 100 feet longer than the other two subs
in the Seawolf class.

"The submarine is basically going to have as its major function
intelligence gathering," said James Bamford, author of two books on the
National Security Agency.

Navy public information touts some of the Carter's special abilities: In
the extended hull section, the boat can provide berths for up to 50 special
operations troops, like Navy SEALs. It has an "ocean interface" that serves
as a sort of hangar bay for smaller vehicles and drones to launch and
return. It has the usual complement of torpedo tubes and Tomahawk cruise
missiles, and it will also serve as a platform for researching new
technologies useful on submarines.

The Carter, like other submarines, will also have the ability to eavesdrop
on communications-what the military calls signals intelligence-passed
through the airwaves, experts say. But its ability to tap undersea
fiber-optic cables may be unique in the fleet.

Communications worldwide are increasingly transmitted solely through
fiber-optic lines, rather than through satellites and radios.

"The capacity of fiber optics is so much greater than other communications
media or technologies, and it's also immune to the stick-up-an-attenna type
of eavesdropping," said Jeffrey Richelson, an expert on intelligence
technologies.

To listen to fiber-optic transmissions, intelligence operatives must
physically place a tap somewhere along the route. If the stations that
receive and transmit the communications along the lines are on foreign soil
or otherwise inaccessible, tapping the line is the only way to eavesdrop on
it.

The intelligence experts admit there is much that is open to speculation,
such as how the information recorded at a fiber-optic tap would get to
analysts at the National Security Agency for review.

During the 1970s, a U.S. submarine placed a tap on an undersea cable along
the Soviet Pacific coast, and subs had to return every few months to pick
up the tapes. The mission was ultimately betrayed by a spy, and the
recording device is now at the KGB museum in Moscow.

If U.S. subs still must return every so often to collect the
communications, the taps won't provide speedy warnings, particularly
against imminent terrorist attacks.

"It does continue to be something of a puzzle as to how they get this stuff
back to home base," said John Pike, a military expert at GlobalSecurity.org.

Some experts suggest the taps may somehow transmit their information, using
an antenna or buoy-but those modifications are easier to discover and
disable than a tap attached to the cable on the ocean floor.

"Unless they have some new method of relaying the information, it doesn't
serve much use in terms of warning," Bamford said. He contended tapping
undersea communications cables violates a number of international
conventions the United States is party to.

Such communications could still be useful, although the task of sorting and
analyzing so many communications for ones relevant to U.S. national
security interests is so daunting that only computers can do it.

The nuclear-powered sub will be commissioned in a ceremony at 11 a.m.
Saturday at the submarine base at New London, Conn. The ceremony marks the
vessel's formal entry into the fleet. The former president, himself a
submariner during his time in the Navy, will attend.

After some sea trials, the ship will move to its home port in Bangor, Wash.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall 

Re: SHA1 broken?

[R.A. Hettinga]

--- begin forwarded text


Date: Wed, 16 Feb 2005 11:13:23 -0500 (EST)
From: Atom Smasher <[EMAIL PROTECTED]>
OpenPGP: id=0xB88D52E4D9F57808; algo=1 (RSA); size=4096;
url=http://atom.smasher.org/pgp.txt
To: [EMAIL PROTECTED]
Subject: Re: SHA1 broken?
Sender: [EMAIL PROTECTED]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Wed, 16 Feb 2005, David Shaw wrote:

> In terms of GnuPG: it's up to you whether you want to switch hashes or
> not.  GnuPG supports all of the SHA-2 hashes, so they are at least
> available.  Be careful you don't run up against compatibility problems:
> PGP doesn't support 384 or 512, and only recently started supporting
> 256.  GnuPG before 1.2.2 (2003-05-01), doesn't have any of the new
> hashes.  Finally, if you have a DSA signing key (most people do) you are
> required to use either SHA-1 or RIPEMD/160.  RSA signing keys can use
> any hash.


there's more to it than that. openPGP specifies SHA-1 (and nothing else)
as the hash used to generate key fingerprints, and is what key IDs are
derived from.

a real threat if this can be extended into a practical attack is
substituting a key with a *different* key having the same ID and
fingerprint. it would be difficult for average users (and impossible for
the current openPGP infrastructure) to tell bob's key from mallory's key
that claims to be bob's.

it can also be used (if the attack becomes practical) to forge key
signatures. mallory can create a bogus key and "sign" it with anyone's
real key. this would turn the web of trust into dust.

the openPGP spec seemed to have assumed that SHA-1 just wouldn't fail.
ever. this was the same mistake made in the original version of pgp that
relied on md5. the spec needs to allow a choice of hash algorithms for
fingerprints and key IDs, or else we'll play this game every time someone
breaks a strong hash algorithm.


- --
 ...atom

  _
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -

"Any sufficiently advanced technology
 is indistinguishable from magic."
-- Arthur C. Clarke

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJCE3EoAAoJEAx/d+cTpVcinwsIAKnjw1AqwY0guPtdxMagoZC2
Rv7mCZt3QnpH4uEaWNLh5R3VImVwOBevW9VdYm+UdMwdmodD79Bc0MyPOaHDuUiP
okmo0PigWIht2vGWK7F6xLtUwLUlGyuAWO5w8g/hNCt0ftdb1jUam0wQtqnTTarM
B1kyTWU0sHsjyloSh0umQ8kC0nt9nNhLIasp84oIo+D3b0r6yKIWjMS7dHr1hIbx
2gXBdVw01HJng/BtF/THfZwAD2IE+OLNPg4Q6v6QnVf3BGBBPSiiD2mXrizuknA8
RevXGYgBc4plOWOlDmx2ydbRqFHe5obGMGFCk4muFh8veFhPbFxCKvfBwsawi+U=
=f0+g
-END PGP SIGNATURE-

___
Gnupg-users mailing list
[EMAIL PROTECTED]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: How to Stop Junk E-Mail: Charge for the Stamp

[R.A. Hettinga]

At 8:12 PM -0500 2/16/05, Barry Shein wrote:
>And how do you fund all this, make it attain an economic life of its
>own?

I can send you a business plan, if you like. Post-Clinton-Bubble talent's
still cheap, I bet...

;-)

Still estivating, here, in Roslindale,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: What is a cypherpunk?

[R.A. Hettinga]

At 9:40 PM + 2/15/05, Justin wrote:
>I think it's fair to say that governments initially formed to protect
>property rights (although we have no historical record of such a
>government because it must have been before recorded history began).

BZZZT. Wrong answer. Governments first steal property, then control it.
Property is created when someone applies thought to matter and gets
something new. It is theirs until they exchange it for something that
someone else has, or discard it. But property is created by *individuals*,
not some collective fraud and extortion racket called a "government".


Governments are "founded" when someone creates a monopoly on force.
Actually, people use force against each other, and, in agrarian societies
at least, the natural tend in force 'markets' is towards monopoly.

We tend to get bigger governments (like political economist Mancur Olsen
says, "bandits who don't move") when people become sedentary and there's
more property to steal, and that hunter-gatherers are more anarchistic,
egalitarian, than "civilized" people. But that's more a function of the
resources a given group controls. The San bushmen, for instance, are much
more egalitarian than the Mongols, for instance, because the San have fewer
material goods to control than the Mongols did, especially after the
Mongols perfected warfare enough to control cities -- which, I suppose,
proves my point.

Property is like rights. We create it inherently, because we're human, it
is not bestowed upon us by someone else. Particularly if that property is
stolen from someone else at tax-time.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Digital Water Marks Thieves

[R.A. Hettinga]

Until, of course, people figure out that taggants on everything do nothing
but confuse evidence and custody, not help it.

Go ask the guys in the firearms labs about *that* one.

Cheers,
RAH
---



Wired News


Digital Water Marks Thieves 
By Robert Andrews?

Story location: http://www.wired.com/news/technology/0,1282,66595,00.html

02:00 AM Feb. 15, 2005 PT

CARDIFF, Wales -- Crooked criminal hearts may have fluttered and skipped a
beat Monday when some of Britain's most notorious thieves opened a
valentine from an unwelcome secret admirer -- one of London's top female
police chiefs.

 But the greeting -- in which Chief Superintendent Vicki Marr wrote
"thinking of you and what you do" -- was not so much an amorous expression
to the underworld as part of a sting designed to catch hard-core burglars
using new chemical microdot crime-fighting technology.


 SmartWater is a clear liquid containing microscopic particles encoded with
a unique forensic signature that, when found coated on stolen property,
provides a precise trace back to the owner and, when detected on a suspect,
can conclusively implicate a felon.

 Likened to giving household items and vehicles a DNA of their own, the
fluid is credited with helping cut burglary in Britain to a 10-year low,
with some cities reporting drops of up to 85 percent.

 A decade in the making, SmartWater is the name for a suite of forensic
coding products. The first, Instant, is a property-marking fluid that, when
brushed on items like office equipment or motorcycles, tags them with
millions of tiny fragments, each etched with a unique SIN (SmartWater
identification number) that is registered with the owner's details on a
national police database and is invisible until illuminated by police
officers using ultraviolet light.

 A second product, the Tracer, achieves a similar goal by varying the blend
of chemical agents used in the liquid to produce one of a claimed 10
billion one-off binary sequences, encoded in fluid combinations themselves.

 SmartWater CEO Phil Cleary, a retired senior detective, hit upon the idea
after watching burglars he had apprehended walk free from court due to lack
of evidence.

 "It was born out of my frustration at arresting villains you knew full
well had stolen property, but not being able to prove it," he said.

 "Just catching someone with hot goods, or a police officer's gut belief a
suspect is guilty, are not enough to secure a conviction -- so we turned to
science."

 Cleary is reluctant to discuss "trade secret" details of a product he has
patented, but he concedes that, together with chemist brother Mike, he has
developed "a mathematical model that allows us to generate millions of
chemical signatures" -- an identifier he boasts is "better than DNA."

 But more than property can get tagged. In spray form, the fluid marks
intruders with a similarly unique code that, when viewed under UV in a
police cell, makes a red-faced burglar glow with fluorescent green and
yellow blotches. The resemblance to Swamp Thing and the forensic signature
found on his body are telltale signs the suspect has been up to no good at
a coded property.

 "It's practically impossible for a criminal to remove; it stays on skin
and clothing for months," Cleary added. "If a villain had stolen a watch,
they might try to scrape off the fluid -- but they would have to remove
every last speck, which is unlikely.

 "Sometimes burglars who know they are tagged with the liquid scrub
themselves so hard behind the ears to get it off, police arresting them end
up having to take them into hospital for skin complaints. But we don't have
much sympathy for them."

 Law enforcers are confident SmartWater can help improve Britain's mixed
fortunes on combating burglary. Nationwide, instances of the crime have
fallen by 42 percent since 1997, but the proportion of those resulting in
convictions has also halved, from 27 percent to just 13 percent. So, while
SmartWater is available commercially with a monthly subscription, many
police forces are issuing free kits to vulnerable households in crime hot
spots, hoping it can help put away more perps.

 The microdot tech could prove invaluable in a courtroom, but it is also an
effective deterrent. Most burglaries happen because criminals know there is
little chance of being arrested during a break-in, according to U.K.
government data (.pdf). But posters and stickers displayed in
SmartWater-coded cities and homes warn off would-be crooks.

 Word on the criminal grapevine, say police, is that anyone stealing from a
coded home is likely to leave the crime scene having pilfered an indelible
binary sequence that will lead only to jail time; it's not worth the risk.

 Marr sent her valentine -- reading "roses are red, violets are blue, when
SmartWater's activated, it's over for you" -- to known criminals in
Croydon, London, reinforcing the message in what Cleary said amounts to
"psychol

Don't Trust Your Eyes or URLs (was Re: TidBITS#766/14-Feb-05)

[R.A. Hettinga]

At 6:21 PM -0800 2/14/05, TidBITS Editors wrote:
>Don't Trust Your Eyes or URLs
>-
>  by Glenn Fleishman <[EMAIL PROTECTED]>
>
>  The clever folks at the Shmoo Group, a bunch of interesting
>  security folks who punch holes in assumptions about what's
>  secure on the Internet, have discovered a simple way to fool
>  most browsers into believing that they've connected to a secure
>  Web site when they've been spoofed into connecting to a rogue
>  location with a different name. It's ironic, but Internet Explorer
>  is entirely exempt from this spoof. Opera, Safari and KHTML-based
>  browsers, and all Mozilla and Firefox browsers suffer from this
>  weakness on all platforms.
>
>
>
>
>  In brief, the Shmoos found that a poorly implemented method
>  of allowing international language encoding within domain names,
>  called International Domain Name (IDN) support, allows a malicious
>  party to display what appears to be one domain name in the
>  Location field of a browser while connecting you to another.
>  Phishing scams have just become more difficult to identify.
>
>  This exploit is made possible by a system called "punycode,"
>  which has been widely adopted according to the Shmoo Group.
>  Domain names that use characters outside of unaccented Western
>  alphabet letters via Unicode/UTF-8 are converted into a string
>  of Roman letters (see Matt Neuburg's "Two Bytes of the Cherry:
>  Unicode and Mac OS X" for more information on Unicode). This
>  conversion isn't a problem, per se: it means that domain names
>  outside of the English character set can be used freely without
>  confusing browsers and can be registered using simple English
>  characters for backwards compatibility within the domain naming
>  infrastructure.
>
>
>
>  The flaw is twofold: first, affected browsers display whatever the
>  encoded version of the character is, which might look identical to
>  another language's character. For instance, the Shmoos use the
>  Russian lower-case letter A, which is encoded as "&1072;" in UTF-8
>  using decimal (base 10) notation, and displays in browsers that
>  support IDN as a lower-case A indistinguishable from a Roman
>  lowercase A.
>
>
>
>  The second problem leads from the first: it's possible
>  to have a legitimate SSL (Secure Sockets Layer) digital
>  certificate for the punycode-based domain name. Thus, in
>  an example that the Schmoos posted for a while (now replaced),
>  you see "https://www.paypal.com/"; in your browser URL field,
>  and the SSL signals are all there - you get no warnings, the
>  lock icon is present, and Firefox's Security tab in the Page
>  Info window says the Web site's identity is verified.
>
>  Click View in that same tab in Firefox, and you'll see
>  the full punycode name of the Web site, however, which is
>  "www.xn--pypal-4ve.com". Copy the URL from the Location
>  field and paste it into Terminal, and you'll see the encoded
>  version in standard UTF-8 format, too, which looks like
>  "www.p&1072;ypal.com".
>
>  I don't know that there's an easy solution to this problem.
>  It's the result of choice by the developers of the various
>  browsers to display precisely what a Unicode character looks
>  like, which is reasonable enough. But at the same time they
>  use a kludgy, opaque hack in the background to map that Unicode
>  character to an English character to provide full backwards
>  compatibility with what was once a U.S.-centric domain naming
>  system, one that retains substantial vestiges of that history.
>
>  If you're a Firefox user, I recommend obtaining and installing
>  a utility called SpoofStick, which alerts you to what is being
>  called "homograph" spoofing; that is, the character or glyph looks
>  like another, unrelated glyph. If you visit the Shmoo site with
>  SpoofStick installed, you get a big lovely warning.
>
>
>
>  Trust has gone out the window when you follow links in email or
>  on Web sites. There's no longer a way to be sure that the domain
>  name you're visiting is the one you think you are unless you check
>  the URL out in Terminal or have SpoofStick installed.
>
>  Realistically, the upshot of this situation is that you must be
>  even more careful about following links you receive in email to
>  sites that ask for sensitive information. A message that purports
>  to be from PayPal customer service, for instance, may look right
>  and even use URLs that appear to connect to PayPal's site, but
>  could in fact be taking you to another site designed to capture
>  your username and password. The likelihood of falling victim to
>  a spoofed URL on the Web itself is less likely, assuming you start
>  from a site that's a relatively trusted source. When in doubt,
>  fall back on common sense and check

TSA's Secure Flight (was Re: CRYPTO-GRAM, February 15, 2005)

[R.A. Hettinga]

At 6:23 AM -0600 2/15/05, Bruce Schneier wrote:
>TSA's Secure Flight
>
>
>
>As I wrote last month, I am participating in a working group to study
>the security and privacy of Secure Flight, the U.S. government's
>program to match airline passengers with a terrorist watch list. In the
>end, I signed the NDA allowing me access to SSI (Sensitive Security
>Information) documents, but managed to avoid filling out the paperwork
>for a SECRET security clearance.
>
>Last month the group had its second meeting.
>
>At this point, I have four general conclusions. One, assuming that we
>need to implement a program of matching airline passengers with names
>on terrorism watch lists, Secure Flight is a major improvement -- in
>almost every way -- over what is currently in place. (And by this I
>mean the matching program, not any potential uses of commercial or
>other third-party data.)
>
>Two, the security system surrounding Secure Flight is riddled with
>security holes. There are security problems with false IDs, ID
>verification, the ability to fly on someone else's ticket, airline
>procedures, etc.  There are so many ways for a terrorist to get around
>the system that it doesn't provide much security.
>
>Three, the urge to use this system for other things will be
>irresistible. It's just too easy to say: "As long as you've got this
>system that watches out for terrorists, how about also looking for this
>list of drug dealers...and by the way, we've got the Super Bowl to
>worry about too." Once Secure Flight gets built, all it'll take is a
>new law and we'll have a nationwide security checkpoint system.
>
>And four, a program of matching airline passengers with names on
>terrorism watch lists is not making us appreciably safer, and is a
>lousy way to spend our security dollars.
>
>Unfortunately, Congress has mandated that Secure Flight be implemented,
>so it is unlikely that the program will be killed. And analyzing the
>effectiveness of the program in general, potential mission creep, and
>whether the general idea is a worthwhile one, is beyond the scope of
>the working group. In other words, my first conclusion is basically all
>that they're interested in hearing.
>
>But that means I can write about everything else.
>
>To speak to my fourth conclusion: Imagine for a minute that Secure
>Flight is perfect. That is, we can ensure that no one can fly under a
>false identity, that the watch lists have perfect identity information,
>and that Secure Flight can perfectly determine if a passenger is on the
>watch list: no false positives and no false negatives. Even if we could
>do all that, Secure Flight wouldn't be worth it.
>
>Secure Flight is a passive system. It waits for the bad guys to buy an
>airplane ticket and try to board. If the bad guys don't fly, it's a
>waste of money. If the bad guys try to blow up shopping malls instead
>of airplanes, it's a waste of money.
>
>If I had some millions of dollars to spend on terrorism security, and I
>had a watch list of potential terrorists, I would spend that money
>investigating those people. I would try to determine whether or not
>they were a terrorism threat before they got to the airport, or even if
>they had no intention of visiting an airport. I would try to prevent
>their plot regardless of whether it involved airplanes. I would clear
>the innocent people, and I would go after the guilty. I wouldn't build
>a complex computerized infrastructure and wait until one of them
>happened to wander into an airport. It just doesn't make security sense.
>
>That's my usual metric when I think about a terrorism security measure:
>Would it be more effective than taking that money and funding
>intelligence, investigation, or emergency response -- things that
>protect us regardless of what the terrorists are planning next. Money
>spent on security measures that only work against a particular
>terrorist tactic, forgetting that terrorists are adaptable, is largely
>wasted.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

How to Stop Junk E-Mail: Charge for the Stamp

[R.A. Hettinga]

Actually, it's not just "sender pays", it's "a whitlist for my friends, all
other others pay cash", but "sender pays" will do for a start. :-)

Cheers,
RAH
---




The New York Times

February 13, 2005
DIGITAL DOMAIN

How to Stop Junk E-Mail: Charge for the Stamp
 By RANDALL STROSS


OMPARE our e-mail system today with the British General Post Office in
1839, and ours wins. Compare it with the British postal system in 1840,
however, and ours loses.

 In that year, the British introduced the Penny Black, the first postage
stamp. It simplified postage - yes, to a penny - and shifted the cost from
the recipient to the sender, who had to prepay. We look back with wonder
that it could have ever been otherwise. Recipient pays? Why should the
person who had not initiated the transaction be forced to pay for a message
with unseen contents? What a perverse system.

Today, however, we meekly assume that the recipient of e-mail must bear the
costs. It is nominally free, of course, but it arrives in polluted form.
Cleaning out the stuff once it reaches our in-box, or our Internet service
provider's, is irritating beyond words, costly even without per-message
postage. This muck - Hotmail alone catches about 3.2 billion unsolicited
messages a day - is a bane of modern life.

Even the best filters address the problem too late, after this sludge has
been discharged without cost to the polluter. In my case, desperation has
driven me to send all my messages sequentially through three separate
filter systems. Then I must remember to check the three junk folders to see
what failed to get through that should have. Recipient pays.

Do not despair. We can now glimpse what had once seemed unattainable:
stopping the flow at its very source. The most promising news is that
companies like  Yahoo,  EarthLink, America Online,  Comcast and  Verizon
have overcome the fear that they would prompt antitrust sanctions if they
joined forces to reclaim the control they have lost to spammers.

 They belong to an organization called the Messaging Anti-Abuse Working
Group, formed only last year. It shares antispam techniques and lobbies
other e-mail providers to adopt policies that protect the commons. Civic
responsibility entails not merely screening incoming mail to protect one's
own customers but also screening outgoing mail that could become someone
else's problem.

Carl Hutzler, AOL's director of antispam operations, has been an especially
energetic campaigner, urging all network operators to "cut off the
spammer's oxygen supply," as he told an industry gathering last fall. And
those operators who do not "get smart soon and control the sources of spam
on their networks," he said, will find that they "will not have
connectivity" to his provider and others who are filtering outgoing e-mail.

 He did not spell out the implications for customers, but he doesn't need
to: we can select a service provider from the group with a spam-free zone,
or one that has failed to do the necessary self-policing required for
joining the gated community and is banished to the wilds of anything-goes.

One measure backed by advocates like Mr. Hutzler is already having a
positive impact: "Port 25 blocking," which prevents an individual PC from
running its own mail server and blasting out e-mail on its own. With the
block in place, all outgoing e-mail must go through the service provider's
mail server, where high-volume batches of identical mail can be detected
easily and cut off.

 Internet service providers are also starting to stamp outgoing messages
with a digital signature of the customer's domain name, using strong
cryptography so the signature cannot be altered or counterfeited. This is
accomplished with software called DomainKeys, originally developed by
Yahoo. It is now offered in open-source form and was recently adopted by
EarthLink and some other major services. A digital signature is what we
will want to see on all incoming e-mail.

 If your Internet service provider is not on the working group's roster,
you can insist that it take the oath of good citizenship. This month,  MCI
found itself criticized because a Web site that sells Send-Safe software
gets Internet services from a company that's an MCI division customer.
Send-Safe is spamware that offers bulk e-mail capability, claiming "real
anonymity"; it hijacks other machines that have been infected with a
complementary virus. Anyone can try it out for $50 and spray 400,000
messages. MCI, for its part, argues that it has an exemplary record in
shutting down spammers, but that the sale of bulk e-mail software is not,
ipso facto, illegal.

Unfortunately, there has been no good news on the legal front. When the
first batch of antispam bills was introduced in Congress in 1999, one could
have reasonably expected that legislators were ready to stamp out
unsolicited e-mail, just as they had banned unsolicited

Break-In At SAIC Risks ID Theft

[R.A. Hettinga]

The Washington Post

washingtonpost.com
Break-In At SAIC Risks ID Theft
Computers Held Personal Data on Employee-Owners

 By Griff Witte
 Washington Post Staff Writer
 Saturday, February 12, 2005; Page E01

 Some of the nation's most influential former military and intelligence
officials have been informed in recent days that they are at risk of
identity theft after a break-in at a major government contractor netted
computers containing the Social Security numbers and other personal
information about tens of thousands of past and present company employees.

 The contractor, employee-owned Science Applications International Corp. of
San Diego, handles sensitive government contracts, including many in
information security. It has a reputation for hiring Washington's most
powerful figures when they leave the government, and its payroll has been
studded with former secretaries of defense, CIA directors and White House
counterterrorism advisers.

Those former officials -- along with the rest of a 45,000-person workforce
in which a significant percentage of employees hold government security
clearances -- were informed last week that their private information may
have been breached and they need to take steps to protect themselves from
fraud.

 David Kay, who was chief weapons inspector in Iraq after nearly a decade
as an executive at SAIC, said he has devoted more than a dozen hours to
shutting down accounts and safeguarding his finances. He said the
successful theft of personal data, by thieves who smashed windows to gain
access, does not speak well of a company that is devoted to keeping the
government's secrets secure.

"I just find it unexplainable how anyone could be so casual with such vital
information. It's not like we're just now learning that identity theft is a
problem," said Kay, who lives in Northern Virginia.

 About 16,000 SAIC employees work in the Washington area.

Bobby Ray Inman, former deputy director of the CIA and a former director at
SAIC, agreed. "It's worrisome," said Inman, who also received notification
of the theft last week. "If the security is sloppy, it raises questions."

Ben Haddad, an SAIC spokesman, said yesterday that the Jan. 25 theft, which
the company announced last week, occurred in an administrative building
where no sensitive contracting work is performed. Haddad said the company
does not know whether the thieves targeted specific computers containing
employee information or if they were simply after hardware to sell for
cash. In either case, the company is taking no chances.

 "We're taking this extremely seriously," Haddad said. "It's certainly not
something that would reflect well on any company, let alone a company
that's involved in information security. But what can I say? We're doing
everything we can to get to the bottom of it."

Gary Hassen of the San Diego Police Department said there are, at the
moment, "no leads."

 Haddad said surveillance cameras are in the building where the theft took
place, but he did not know whether they caught the perpetrators on tape. He
also did not know whether the information that was on the pilfered
computers had been encrypted.

 The stolen information included names, Social Security numbers, addresses,
telephone numbers and records of financial transactions. It was stored in a
database of past and present SAIC stockholders. SAIC is one of the nation's
largest employee-owned companies, with workers each receiving the option to
buy SAIC stock through an internal brokerage division known as Bull Inc.

 Haddad said the company has been trying through letters and e-mails to get
in touch with everyone who has held company stock within the past decade,
though he acknowledged that hasn't been easy since many have since left the
company.

 He said the company would take steps to ensure stockholder information is
better protected in the future, but he declined to be specific.

 The theft comes at a time when the company, which depends on the federal
government for more than 80 percent of its $7 billion annual revenue, is
already under scrutiny for its handling of several contracts.

 Last week on Capitol Hill, FBI Director Robert S. Mueller III testified
that the company had botched an attempt to build software for the bureau's
new Virtual Case File system. The $170 million upgrade was supposed to
allow agents to sift through different cases electronically, but the FBI
has said the new system is so outdated that it will probably be scrapped.

 In San Antonio, SAIC is fighting the government over charges that the
company padded its cost estimates on a $24 million Air Force contract. The
case prompted the Air Force to issue an unusual alert to its contracting
officials late last year, warning them that "the Department of Justice
believes that SAIC is continuing to submit defective cost or pricing data
in support of its pricing proposals."

 SAIC has defended its

Re: What is a cypherpunk?

[R.A. Hettinga]

At 9:44 PM -0800 2/10/05, James A. Donald wrote:
>The state was created to attack private property rights - to
>steal stuff.

"A prince is a bandit who doesn't move." -- Mancur Olsen


Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"Camels, fleas, and princes exist everywhere."  -- Persian proverb

Re: What is a cypherpunk?

[R.A. Hettinga]

At 10:55 PM -0800 2/9/05, Major Variola (ret) wrote:
>A cypherpunk is one who is amused at the phrase "illicit
>Iraqi passports".

:-).

I prefer to call them "fungible identification", myself...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

GNFC launches Indian Digital Certification services

[R.A. Hettinga]

Gujarat Narmada Valley Fertilizer Company???

;-)

Cheers,
RAH
---





deepikaglobal.com - Business News Detail

Thursday, February 10, 2005  


 
Good Evening to you



Business News



GNFC launches nationwide Digital Certification services
Mumbai, Feb 9 (UNI) Gujarat Narmada Valley Fertilizer Company (GNFC)
promoted (n)Code Solutions today launched its nationwide services for
providing ''Digital certificates to individuals and organisations aimed at
boosting efforts for implementation of e-governance and e-commerce in the
country''.

Digital certificates can be explained as digital passports that help in
authentication of the bearer on the net, while maintaining privacy and
integrity of the net-based transactions. It is accorded the same value as
paper-based signatures of the physical world by the Indian IT Act 2000 and
each of these transactions help bring trust in the Internet-based
transactions.

Launching the services, Nasscom President Kiran Karnik said, ''The presence
of a large number of credible public sector organisation in this domain
will futher boost the efforts for implementation of e-governance in the
country.'' He said that the safety and security of net-based transactions
would enable to usher in higher levels of exellence at lower costs.

Having carved an enviable reputation for itself in managing large and
complex projects successfully, Mr Karnik said ''GNFC will duplicate its
success in this IT venture as well.'' A K Luke, Managing Director of GNFC
and another state-PSU Gujarat State Fertiliser Corporation, on this
occasion, said ''The (n)Code Solutions infrastructure, set up for the
purpose is at par with the best in the world.'' He said the GNFC was
committed to diversifications in the emerging fields of IT like e-security.
(n)Code Solutions has put in motion a nation-wide machinery to support
different market segments like banking and financial institutions, public
and private sector enterprises besides State and Central Government
organisations, he added.

He said the IT company of GNFC had simultaneously released a suite of
applications like (n)Procure, (n)Sign, (n)Form and (n)Pay that make use of
digital signatures to ensure safety and security in the virtual world in
various ways.

Mr Luke said these applications will address a wide spectrum of needs of
the internet-dependent business world, ranging from online procurement to
signing and sending web forms and enabling online payments to securing web
servers or VPN devices.

GNFC is a Rs 1800 crore fertiliser and chemicals company of the Gujarat
Government.


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Desire safety on Net? (n) code has the solution

[R.A. Hettinga]

I'm starting get the hang of this. I mean, fertilizer...crypto,
crypto...fertilizer: They're both *munitions*, right?

Right?

:-)

Cheers,
RAH




Express India 

Desire safety on Net? (n) code has the solution

Express News Service

Ahmedabad, February 9:  ADDRESSING a wide spectrum of needs of the
Net-dependent business world ranging from online buying to signing and
sending web forms, (n) code solutions, promoted by IT branch of the Gujarat
Narmada Valley Fertilizer Company Limited, has launched its nationwide
services at NASSCOM, India Leadership Forum 2005.

 (n) code solutions has been recently licensed by the IT ministry as
certifying authority for providing digital signature certificates to
individuals and organisations.

Digital certificates can be explained as digital passports, which help in
authentication of the bearer on the Internet. This also helps maintain,
privacy and integrity of Net-based transactions. Digital signatures are
accorded the same value as paper-based signatures of the physical world by
the Indian IT Act 2000. Each of these functions help bring trust in
Net-based transactions.

 (n) code has simultaneously released a suite of applications like, (n)
procure, (n) sign, (n) form and (n) pay to make use of digital signatures
to ensure safety and security in the virtual world in various ways. (n)
code has also put in motion, nationwide machinery to support different
market segments like banking and financial institutions, public and private
sector enterprises and state and central government organisation.


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Interview with Ward Churchill

[R.A. Hettinga]

>I want the state gone: transform the situation to U.S. out of North
>America. U.S. off the planet. Out of existence altogether.


Cheers,
RAH
---

  

 
Satya April 04
 
Dismantling the Politics of Comfort
The Satya Interview with Ward Churchill


Photo © AK Press

Ward Churchill is perhaps one of the most provocative thinkers around. A
Creek and enrolled Keetoowah Band Cherokee, Churchill is a longtime Native
rights activist. He has been heavily involved in the American Indian
Movement and the Leonard Peltier Defense Committee. He is Professor of
Ethnic Studies at the University of Colorado and has served as a delegate
to the UN Working Group on Indigenous Populations.

 One of Churchill's areas of expertise is the history of the U.S.
government's genocide of Native Americans-the chronic violation of treaties
and systematic extermination of North American indigenous populations. His
many books include A Little Matter of Genocide: Holocaust and Denial in the
Americas: 1492 to Present (1998) and The COINTELPRO Papers: Documents from
the FBI's Secret Wars Against Dissent in the U.S. (2nd edition, 2002). His
new book, On the Justice of Roosting Chickens: Reflections on the
Consequences of U.S. Imperial Arrogance and Criminality, was just published
by AK Press (www.akpress.org).

 As a member of a people who have been on the receiving end of violence,
Churchill has a rather distinct perspective of the U.S. and the
effectiveness of political dissent and social change. Ward Churchill
recently shared some of his views with Catherine Clyne.

 This issue of Satya is trying to push the debate about whether or not
violence is an appropriate means for a desired end. With animal activists,
there's a growing gap between people who feel it's not and others who feel
that, for example, breaking into laboratories to liberate animals or
burning down property is an effective way to stop abuse.
 Well, that's an absurd framing in my view. Defining violence in terms of
property-that basically nullifies the whole notion that life is sacred.
People who want to elevate property to the same level of importance as life
are so absurd as to be self-nullifying.

Some people feel that those who abuse animals or people negate their right
to consideration and open themselves up to physical violence. What's your
response to this?
 The individuals who are perpetrators in one way or another, the "little
Eichmanns"* in the background-the technocrats, bureaucrats, technicians-who
make the matrix of atrocity that we are opposing possible are used to
operating with impunity. If you're designing thermonuclear weapons, you're
subject to neutralization, in the same sense that somebody who is engaged
in homicide would be, in terms of their capacity to perpetrate that
offense. One or two steps removed should not have the effect of immunizing.
Otherwise, only those who are in the frontline-usually the most expendable
in the systemic sense-are subject to intervention. None of the
decision-makers, the people who make it possible, would be subject to
intervention that would prevent their action in any way at all.

That brings me to one question, which is, in general, people like to think
they're pretty decent. They don't like to think of themselves as violent or
complying with a system that is oppressive...
 Heinrich Himmler viewed himself in exactly that way. He was a family man,
he had high moral values, he'd met his responsibilities, blah, blah, blah-a
good and decent man in his own mind.

 Do you think that applies to most American people?
 In the sense that it applied to most Germans [during the Third Reich].

 Your recent works detail the documentable history of the consequences of
U.S. imperialism. After reading On the Justice of Roosting Chickens and
listening to your two CDs, what do you want your audience to walk away with?
 A fundamental understanding of the nature of their obligation to intervene
to bring the kind of atrocities that I've described to a halt by whatever
means are necessary.

 The predominating absurdity in American oppositional circles for the past
30 years is the notion that if one intervenes to halt a rape or a murder in
progress, if you actually use physical force as necessary to prevent that
act, somehow or other you've become morally the same as the perpetrator.

What do you think those oppositional circles need to do to really effect
change?
 Stop being preoccupied with the sanctity of their own personal security,
on the one hand, and start figuring out what would be necessary. That might
require experimentation with tactics and techniques. Not how, like an
alchemist, you repeat the performance often enough to make yourself feel
good in the face of an undisturbed continuation of the horror you're
opposing. If your candlelit vigil doesn't bring the process you're opposing
to a halt, what do you do next, presuming you actually desired to have an
effect.

 Let's just presume

Sex offender list used to find dates, police say

[R.A. Hettinga]

 
  www.sfgate.com  Return to regular view
SANTA CLARA COUNTY
 Sex offender list used to find dates, police say
 Convict on Megan's Law roster charged with misdemeanor
 - Ryan Kim, Chronicle Staff Writer
 Friday, February 4, 2005


While fearful parents were searching the Megan's Law sex offender database
for local molesters, police said Glen Westberg, a registered sex offender
himself, was perusing the internet listing for a very different reason: a
date.

 In what is considered to the first case of its kind in California,
Westberg, 35, of Cupertino was charged Thursday with one misdemeanor count
of illegally accessing the database as a registered sex offender.

 Authorities said Westberg used the newly released on-line database of
registered sex offenders to find potential dates, sending explicit letters
to a handful of offenders in hopes of wooing them for sex.

 Westberg, a twice convicted child molester, was booked into Santa Clara
County Jail on Thursday and faces up to six months in jail and a $1,000
fine, if found guilty.

 "I never would have thought someone would have used this for dating or for
soliciting people," said Santa Clara County prosecutor Steve Fein.

 Bill Ahern, commander of San Mateo County's Sexual Assault Felony
Enforcement task force, said police first learned of Westberg's activities
after a San Mateo County registered sex offender reported receiving a
solicitation on Jan. 14. The letter, one of about five Westberg allegedly
sent out to local sex offenders, explained that Westberg had found the man
on the Megan's Law database and was interested in a date. Ahern said
Westberg had provided an explicit physical description of himself and
directed the man to look him up on the database. He wrote that if the man
was not interested in sex, they could still pursue friendship, said Ahern.

 "The (recipient of the letter) was quite alarmed by it and didn't know
what to think about of the letter," Ahern said. "He didn't know if someone
was trying to get him into trouble."

 Ahern, posing as the man who received the letter, contacted Westberg and
had him meet him at Redwood City Starbucks cafe on Jan. 27. There,
investigators confronted Westberg, who admitted he had used the database
and had sent similar letters to four other Bay Area registered offenders.

 The Megan's Law database, released to the public on Dec. 15, contains the
names and, in many cases addresses and pictures, for 63,000 sex offenders
required by law to register with their local law enforcement agency.
Registered offenders are not allowed to access the site, in part to prevent
them from conspiring with other convicts.

 Westberg earned his way on to the list following two convictions for child
molestation in San Mateo County in 1992 and 1998, Ahern said. Prior to the
release of the list, some law enforcement officials worried that someone
might use the list to take the law into their own hands, said Ahern.

 "Everyone was afraid of vigilantes, but we haven't had that," he said.
"Here, you have an offender trying to abuse other offenders, which is kind
of a strange twist."


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

ACLU (Road) Pizza

[R.A. Hettinga]

Wherein the ACLU pitches us with the flash-pizza from hell:





I suppose I might actually give a damn about the above scenario if a
*business* was able to obtain all that information from other *businesses*
on an open market, from information *I* gave to those businesses in the
first place, up to, and including, an insurance company -- though I doubt
that we'd have "health" insurance, except that for catastrophic events, if
such "insurance" weren't deductible from a confiscatory business tax
return. I suppose we should be grateful that we don't have "food
insurance", like they used to have in, say, the Soviet Union.



As I've said many times before, modern financial cryptography was invented
by leftist professors to "free" us from evil capitalists. In splendid
irony, it was immediately seized upon and evangelized by
anarcho-capitalists, to free us from that very model of a modern
slave-master: the state.


Of course, the market will determine, as always, whether we'll be free or
slaves, and if so, to the state, to "capitalists", or whomever.


Fortunately, the trend of history, almost since the forcible capture of
sedentary proto-agrarian society by "princes" 12,000 years ago, has been
one of increasing liberty from such "bandits who don't move". One can hope,
and maybe soon, that strong financial cryptography will free all of us,
once and for all, from the tyranny of such monopolistic force "markets",
and trade *will* finally be free, once and for all.

When it does happen, it won't be lawyers who do it though. Especially
"public interest" lawyers like the ACLU. It will be the engineers who will
use the weapon of the cryptographer's mathematics to save us from the
state-constructed tyranny of the lawyer's words.

Cheers,
RAH



-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

mmm, petits filous (was Re: NTK now, 2005-02-04)

[R.A. Hettinga]

At 5:45 PM + 2/4/05, Dave Green wrote:
> mmm, petits filous
>
> Everyone else likes to worry about Google's gathering
> conflict of interests, but Verisign's S.P.E.C.T.R.E.-level
> skills still take some beating. This week, orbiting crypto
> analysts Ian Grigg and Adam Shostock belatedly pointed out
> to ICANN that perhaps Verisign couldn't trusted with
> .net. Why? Well, Verisign these days offers both top level
> domains and SSL certificate authentication. They also, with
> their NetDiscovery service - sell ISPs a complete service for
> complying with law enforcement surveillance orders. So, if an
> American court demands an ISP wiretap its customers, and the
> ISP turns that order over to Verisign to do the dirty: well,
> Verisign can now fake any domain you want, and issue any
> temporary fake certificate, allowing even SSLed
> communications to be monitored. What's even more fun is that
> they are - at least in the US - now moving into providing
> infrastructure for mobile telephony. Yes, NOT EVEN YOUR
> RINGTONES ARE SAFE.
> http://forum.icann.org/lists/net-rfp-verisign/msg8.html
>- you know, this is probably a little late
> http://iang.org/ssl/
> - but then, this is the year of the snail
> http://www.thefeature.com/article?articleid=101334&ref=5459267
>  - stupid network vs stupider company

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Dell to Add Security Chip to PCs

[R.A. Hettinga]

The Wall Street Journal

  February 1, 2005 11:04 a.m. EST

Dell to Add Security Chip to PCs

By GARY MCWILLIAMS
Staff Reporter of THE WALL STREET JOURNAL
February 1, 2005 11:04 a.m.


HOUSTON -- Dell Inc. today is expected to add its support to an industry
effort to beef up desktop and notebook PC security by installing a
dedicated chip that adds security and privacy-specific features, according
to people familiar with its plans.

Dell will disclose plans to add the security features known as the Trusted
Computing Module on all its personal computers. Its support comes in the
wake of similar endorsements by PC industry giants Advanced Micro Devices
Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines
Corp. The technology has been promoted by an industry organization called
the Trusted Computing Group.

The company is also expected to unveil new network PCs.


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Researchers Combat Terrorists by Rooting Out Hidden Messages

[R.A. Hettinga]

Newswise

Source: University of Delaware 
  
Released: Tue 01-Feb-2005, 13:10 ET 

Researchers Combat Terrorists by Rooting Out Hidden Messages

Libraries
Science News
 
Keywords
STEGANOGRAPHY, STEGANALYSIS, HIDDEN MESSAGES, DIGITAL IMAGES, CRYPTOGRAPHY,
TERRORISM

 Contact Information
Available for logged-in reporters only

Description
Researchers at the University of Delaware are working to combat terrorism
by developing techniques to detect the use of steganography, which
encompasses various methods of hiding messages in apparently ordinary
digital images and videos.



 Newswise - A University of Delaware research team has received National
Science Foundation funding to combat terrorism by developing techniques to
detect the use of steganography, which encompasses various methods of
hiding messages in apparently ordinary digital images and videos.

It is feared electronic steganography can be used by terrorist
organizations to pass along orders or other vital information
surreptitiously through images posted on the Internet or sent via e-mail.

The grant for more than $167,000 was awarded to Charles Boncelet, UD
professor of electrical and computer engineering, to conduct research in
the relatively new field of steganalysis. Boncelet will work on the project
with Lisa Marvel, a UD graduate now employed by the U.S. Army Research
Laboratory, and with several graduate students.

 Boncelet said steganography is Greek for covered writing, and is a means
by which a person can hide the very fact that they are communicating. In
that, it differs from the better-known practice of cryptography, Greek for
secret writing, in which a message is purposely garbled and can be
understood only by those who have the key to decipher it.

 The two forms of communication are not mutually exclusive, Boncelet said,
and can be combined. A person can encrypt a message and then hide the fact
that they are sending it.

Boncelet previously worked in steganography for the U.S. Army and through
this project will begin working in steganalysis, or the development of
methods by which to seek out steganography.

"The work we are doing is in multimedia, with a focus on digital images,"
Boncelet said. "You can take an image on your web site and use
steganographic techniques to hide a message in the image. The image looks
completely ordinary but if you know the key, you can extract the secret
message."

"The object of the research," Boncelet said, "is to try to figure out how
to find steganography in the images."

The problem is that steganalysis is very difficult because the messages are
hidden by design. However, Boncelet said, "when you hide a message in a
digital image, you change the image a little bit. If you change the image
too much, it gives it away."

The way to determine any changes to an image, given that the steganalyst
does not have the benefit of the original for purposes of comparison, is to
use algorithms and very fast computers to look for unusual features in the
image.

Boncelet said he believes the research will lead to a novel class of
electronic steganography searchers based on image representations that
depend on a quality factor, with the long-term goal being automated
scanners that can rapidly find likely candidates amongst large numbers of
images and videos.

 "Assuming the technique we develop is successful, we hope to branch out to
video and audio," Boncelet said, "but right now the focus is on digital
images."

In addition to the research, the project will provide training in
steganalysis and intelligence techniques to the students involved.

Boncelet said steganography "is a very big fear for governments," adding
that the security agencies that deal with the technique "worry about
terrorists passing messages, or traitors leaking out information from
secure sites."

After the terrorist attacks of Sept. 11, 2001, there was widespread
speculation in the public press that terrorists had used steganography on
the Internet to communicate plans. Although those reports were never
confirmed, the possibility remains a grave concern.

One of the earliest examples of steganography comes from ancient history,
Boncelet said, explaining that a Greek city was surrounded by enemy
soldiers and the leader wanted to get a message to his allies to send
troops. He selected a slave and shaved his head, tattooing the plea for
help on his scalp, then allowed the slave's hair to grow back over the
message. The slave was sent out of the city walls, was captured and
released by the enemy troops, and arrived safely with the message.

In World War II, Boncelet said, American soldiers used steganography to
provide information on their whereabouts to relatives back home by putting
a pinprick on a map. Army censors were forced to pepper letters with
hundreds of pinpricks to offset the practice. German spies used
steganography in microdots, tiny images of typed pages that could be pasted
over p

Gripes About Airport Security Grow Louder

[R.A. Hettinga]

The Wall Street Journal

  January 25, 2005

 THE MIDDLE SEAT
 By SCOTT MCCARTNEY



Gripes About Airport Security Grow Louder
More Travelers Are Stopped
 For 'Secondary' Checks;
 A Missed Flight to Atlanta
January 25, 2005

The frequency of secondary security screening at airports has increased,
and complaints are soaring.

Roughly one in every seven passengers is now tagged for "secondary
screening" -- a special search in which an airport screener runs a
metal-detecting wand around a traveler's body, then pats down the passenger
and searches through bags -- according to the Transportation Security
Administration.

Currently, 10% to 15% of passengers are picked randomly before boarding
passes are issued, the TSA says. An additional number -- the TSA won't say
how many -- are selected by the government's generic profiling system,
where buying a one-way ticket, paying cash or other factors can earn you
extra screening. And more travelers are picked by TSA screeners who spot
suspicious bulges or shapes under clothing.

"It's fair to say the frequency of secondary screening has gone up," says
TSA spokeswoman Amy von Walter. "Screeners have greater discretion."

That may explain why passenger complaints about screening have roughly
doubled every month since August. According to numbers compiled by the TSA
and reported to the Department of Transportation, 83 travelers complained
about screening in August, then 150 in September and 385 in October. By
November, the last month reported, complaints had skyrocketed to 652.

To be sure, increased use of pat-down procedures in late September after
terrorists smuggled bombs aboard two planes in Russia undoubtedly boosted
those numbers, though many of those complaints were categorized as
"courtesy" issues, not "screening," in the data TSA reports to the DOT.
There were 115 courtesy complaints filed with the DOT in September, then
690 in October. By November, the number of courtesy complaints receded to
218.

Yet the increased traveler anger at secondary screening hasn't receded.
Road warriors complain bitterly about the arbitrary nature of the screening
-- many get singled out for one leg of a trip, but not another.

For Douglas Downing, a secondary-screening problem resulted in a canceled
trip. Mr. Downing was flying from Seattle to Atlanta last fall. He went
through security routinely and sat at the gate an hour ahead of his
flight's departure. As he boarded, a Delta Air Lines employee noticed that
his boarding pass, marked with , hadn't been cleared by the TSA. He was
sent back to the security checkpoint.

By the time he got screened and returned to the gate, the flight had
departed. Delta offered a later flight, but his schedule was so tight he
had to cancel the trip. Delta did refund the ticket, even though the
airline said it was the TSA's mistake not to catch the screening code. TSA
officials blamed Delta.

TSA screeners often blame airlines, according to frequent travelers. Ask a
screener why you got picked for screening, and they often say the airline
does the selection and questions should be directed to the airline.

But airlines say they shouldn't be blamed, since they are only running the
TSA's programs, and the TSA's Ms. von Walter concurs. "I wouldn't go so far
as to say we're blaming them," she said. "Perhaps some screeners are
misinformed in those cases."

She also says the TSA isn't sure why screening complaints have risen so
sharply since August, although the agency says it may be the result of
greater TSA advertising of its "contact center" (e-mail
[EMAIL PROTECTED] or call 1-866-289-9673).

If you do get picked, here is how it happened.

The TSA requires airlines to pick 10% to 15% of travelers at random.
Airlines can "de-select" a passenger picked at random, such as a child,
officials say.

In addition, the government's current passenger-profiling system, called
Computer Assisted Passenger Prescreening System, or CAPPS, picks out
passengers. The system, which resides in or communicates with each
airline's reservation computers, gives you a score based largely on how you
bought your ticket. Airline officials say the TSA has changed the different
weightings given various factors, and certain markets may have higher
programmed rates for selectees.

Passenger lists also are checked against the TSA's list of suspicious
names, which has included rather common names and even names of U.S.
senators.

Interestingly, airline gate agents who see suspicious-looking passengers
can no longer flag them for security. Some ticket-counter agents did flag
several hijackers for extra security on Sept. 11, 2001, and were praised
for their work in the 9/11 Commission's final report. At the time, all that
meant was the airline took precautions with the hijackers' checked luggage.
But because of racial-discrimination concerns, airline officials aren't
allowed to single out passengers for scruti

Blinky's Pitch-Man Speaks: Terror's Server

[R.A. Hettinga]

At 3:14 PM -0400 10/3/04, R. A. Hettinga wrote:
>In arbitrary order (in other words, *I* chose it. :-)), and with
>apologies to Toru Iwatani, by way of Michael Thomasson at
>, here
>it is:
>
>
>A Proposed Nomenclature for the Four Horseman of The Infocalypse
>
>   Horseman Color  Character   Nickname
>
>1  TerrorismRedShadow  "Blinky"
>2  NarcoticsPink   Speedy  "Pinky"
>3  Money Laundering Aqua   Bashful "Inky"
>4  Paedophilia  Yellow Pokey   "Clyde"
>
>It is acceptable to refer to a horseman by any of the above, i.e.,
>"Horseman No. 1", "The Red Horseman", "Shadow", or "Blinky".
>
>Apparently there was a, um, pre-deceased, dark-blue ghost, used in
>Japanese tournament play, named "Kinky", I leave that particular
>horseman for quibblers.

---




Technology Review


Terror's Server
By David Talbot Febuary 2005

 NOTEBOOK


Richard A. Clarke spent 11 years in senior policymaking positions at the
White House, advising presidents on matters of counterterrorism and cyber
security.

  When the Sept. 11 attacks took place he was the counterterrorism adviser
to the National Security Council.  He now heads Good Harbor Consulting.
Clarke recently spoke with Technology Review Chief Correspondent David
Talbot about terrorist exploitation of the Internet.

 

 

David Talbot: How is the use of the Internet by terrorist groups changing?

 

Richard Clarke: It's important for publicity and propaganda purposes.  It
is one of their best vehicles for that.  It may be useful for
communications, but I think they are increasingly relying on (human)
couriers.  There is some potential that they are using the Internet to
engage in cyber-crime as a funding source.

  

DT: Is it getting any easier to track down the location or identity of a
terrorist communication?

 

RC: You can assume all kinds of one-time identities on the Internet.  The
risk of course, is that a smart computer forensics team can trace back, if
not to a particular house, certainly to a particular city where the
communication might have come from.   They've tried to get around that in
the past by using cyber-cafes.  But if they are effectively masking their
IDs and locations by going through multiple hops and spoofing IP (internet
protocol) addresses, it's more difficult.


Related Stories:




Two hundred two people died in the Bali, Indonesia, disco bombing of
October 12, 2002, when a suicide bomber blew himself up on a tourist-bar
dance floor, and then, moments later, a second bomber detonated an
explosives-filled Mitsubishi van parked outside. Now, the mastermind of the
attacks-Imam Samudra, a 35-year-old Islamist militant with links to
al--Qaeda-has written a jailhouse memoir that offers a primer on the more
sophisticated crime of online credit card fraud, which it promotes as a way
for Muslim radicals to fund their activities.



Law enforcement authorities say evidence collected from Samudra's laptop
computer shows he tried to finance the Bali bombing by committing acts of
fraud over the Internet. And his new writings suggest that online
fraud-which in 2003 cost credit card companies and banks $1.2 billion in
the United States alone-might become a key weapon in terrorist arsenals, if
it's not already. "We know that terrorist groups throughout the world have
financed themselves through crime," says Richard Clarke, the former U.S.
counterterrorism czar for President Bush and President Clinton. "There is
beginning to be a reason to conclude that one of the ways they are
financing themselves is through cyber-crime."

 Online fraud would thereby join the other major ways in which terrorist
groups exploit the Internet. The September 11 plotters are known to have
used the In-ternet for international communications and information
gathering. Hundreds of jihadist websites are used for propaganda and
fund-raising purposes and are as -easily accessible as the mainstream
websites of major news organizations. And in 2004, the Web was awash with
raw video of hostage beheadings perpetrated by -followers of Abu Musab
al-Zarqawi, the Jordanian-born terror leader operating in Iraq. This was no
fringe phenomenon. Tens of millions of people downloaded the video files, a
kind of vast medieval spectacle enabled by numberless Web hosting companies
and Internet service providers, or ISPs. "I don't know where the line is.
But certainly, we have passed it in the abuse of the Internet," says
Gabriel Weimann, a professor of communications at the University of Haifa,
who tracks use of the Internet by terrorist groups.

Meeting these myriad challenges will require new technology and, some say,
stronger self-regulation by the online industry, if only to ward off the
more onerous changes or restrictions that might someday be mandated by
legal authorities or 

Walter B. Wriston: A Remembrance

[R.A. Hettinga]

Wriston was in cryptography in WWII, and was also on of the Neal
Stephenson's "informants" on finance when he was researching Cryptonomicon.
If you ever read his stuff during the dot-com years, he sounded pure
financial cypherpunk.

Cheers,
RAH




Forbes



Obituary
Walter B. Wriston: A Remembrance
Steve Forbes,   01.21.05, 6:59 PM ET


Walter Wriston Add To Tracker

 

 
Walt Wriston, former Chairman and CEO of Citicorp/Citibank, was also a
founding director of Forbes.com and served until last year. Our revenues
would never have equaled what Citicorp took in every few minutes, but to
Walt, that did not matter at all.

He was, at heart, an innovator, an entrepreneur, an original thinker and a
man who delighted in getting things done. He quickly grasped the promise of
the Internet and never lost faith in its possibilities in the aftermath of
the high-tech bubble. The fact that there would be setbacks and excesses in
the field were to him part of the normal course of events in a free market.
They never made him lose sight of how powerful an instrument the Internet
is. He understood, as few others did, how fundamentally vital is the spread
of information.

The willingness to pioneer by pursuing and investing in new technologies
and going into areas where others wouldn't tread -- or had tread and
faltered -- was how this man truly revolutionized American and global
banking. The word "revolution" has been grossly over-used, but what Wriston
did for finance was just that -- a revolution.

Until the 1960s, banking was a backwater. A handful of hours each day was
more than sufficient to handle one's responsibilities. Commercial bankers
were risk-averse. They were stodgy. They didn't want to be bothered with
consumers -- that was for savings banks, not commercial banks. The
government told banks what interest rates they were allowed to pay on
deposits.

Before Walt was through, he almost single-handedly turned banking from the
equivalent of a small, sleepy town into a hyper-energetic, New York-like
metropolis.

Under his leadership, Citibank pioneered automatic-teller machines. It
pursued the credit card business in a way that no other bank was doing at
the time. He constantly battered government regulations. He expanded
internationally at a dizzying pace. Old constraints on banks were consigned
to the dustbin of history. Walt made what is now called Citigroup the
world's leading financial institution. Because he was not risk-averse, he
made his share of mistakes. But these were minute compared to his
monumental achievements.

Walt was a delight to be around. He believed passionately in free markets.
His insights were almost always original and profound. Our board meetings
were always productive and stimulating. Walt was both an intellectual and a
restless doer.

My only regret is that he was never given the reins to run our Treasury
Department or the Federal Reserve. Now that would have been a sight to
behold!

In the end, however, Walt Wriston achieved far, far more than have those
who have held these kinds of public sector posts.

We have lost a truly remarkable man.




-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

"Microstate": A Mouse Roars

[R.A. Hettinga]

The Wall Street Journal

  January 19, 2005

 COMMENTARY


A Mouse Roars

By VLADIMIR KAVARIC
January 19, 2005


PODGORICA, Serbia and Montenegro -- Since the publication in 1776 of "An
Inquiry Into the Nature and Causes of the Wealth of the Nations" by Adam
Smith, the impact of free-market activity and international trade on
economic development is well-known. The experience of recent decades shows
that the most successful countries with the highest growth rates are those
that have implemented pro-market policies and allow freedom in economic
affairs. That's why a transition economy like Montenegro sees its best
chance in openness, private initiative, international competition, and
economic freedom.

Montenegro, the smallest state of the former Yugoslavia with little more
than 600,000 inhabitants, presents its economic development concept with
the slogan "Montenegro -- Microstate." Microstate in this case has nothing
to do with the size of the population or the country. Rather, the
Montenegrin Microstate concept, developed by Professor Veselin Vukotic,
assumes a minimal role for the state in the economy, low taxes, simple
business regulations, a stable institutional framework, and the protection
of property rights.

The first steps on this road have already been taken. Montenegro adopted
the euro as the country's legal tender and thereby minimized the inflation
taxation of its citizens. Without that step, the central bank in
Montenegro, a transitional economy with weak institutions, would have been
under constant pressure to print money.

The adoption of the new tax law will introduce one of the lowest corporate
tax rates in Europe: a mere 9%. Capital-exchange restrictions have been
eliminated and the repatriation of profits made by foreign investors in
Montenegro is free. Interest rates are market determined and more than 99%
of the prices are freely set. Treating foreign investors just like domestic
ones, enjoying the same rights and legal protections, is intrinsic to
Montenegro's privatization, investment and business regulations. In order
to encourage new business development, the required starting capital for a
limited liability company has been reduced to ¤1. The aluminum industry,
which accounts for 60% of total exports, is in the process of being
privatized. The tender for Telekom Crna Gore, the national fixed-line
operator, is also already underway. Tourism is another area where
Montenegro has enormous potential to expand. A majority of hotels are still
state-owned but those are now all up for sale while the country is open for
new investments. According to the World Tourism Organization, Montenegro's
tourism industry will be one of the fastest growing in the world.

The biggest obstacles to economic freedom at the moment are high government
expenditures and the large number of administrative barriers. A reform of
the judicial system would also significantly improve the business ambience.
These barriers are, for the most part, part of the old socialist legacy.

As anywhere else in the world, the most vigorous objections to the
implementation of economic freedom in Montenegro come from rent-seeking
groups, monopolists, and people that benefit from state redistribution.

But Montenegro also has to overcome a barrier that is peculiar to its
political situation. As one of the basic preconditions for signing the
Association and Stabilization Agreement with the EU, Brussels insisted on
the "harmonization" of economic systems between Serbia and Montenegro.
Given the fact that Montenegro wants to develop an open and
service-oriented economy while Serbia wants to protect its agriculture and
inherited heavy industries, the harmonization of these systems is more than
just problematic. The most illustrative example is the harmonization of
custom rates. Through this process, Montenegro was forced to increase its
custom rates from an average 2.8% to 6%. Montenegro even had to increase
custom rates for those products that it doesn't produce itself, such as
sugar and textiles.

There are, however, new encouraging developments in this area. At a recent
conference in Maastricht, the EU proposed a more flexible approach to the
accession process of Serbia and Montenegro, the so-called "dual track"
path. This dual track process demonstrates that the EU recognizes that the
economic realities of Serbia and Montenegro are quite different and that
they need to be taken into account.

Accepting and acknowledging the economic realities of Serbia and Montenegro
would present a new era in interstate relationships in the Balkans.
Montenegro would be given the opportunity to take full responsibility for
its economic policy. At the same time, the international community would
gain stable relations in the region based on respecting mutual interests.
An open economy in Montenegro would add to the competitive landscape of the
region. More competition (and n

Re: Type III Anonymous Message from Antani anonymous remailer

[R.A. Hettinga]

At 9:06 PM +0100 1/18/05, [EMAIL PROTECTED] wrote:
>Where are the remailer mail2news gateways still operating?
>If there are any anymore...

This is great. I've been watching, via bittorrent, Lucy Lawless' "Warrior
Women" series. The last episode is about Lozen, the Apache medicine-woman
who was sister of Antonio, one of the last chiefs of the Chiricahaua band,
who raided up and down the Black Range in Southeast New Mexico (Hillsboro,
a town in the front range of which, was where my father retired and died,
which was why I was interested in the episode; I remember reading "Black
Range Tales", and other western memoirs of the time, when I was a kid).

She died in Alabama (by way of Florida and Oklahoma) of tuberculosis, 20
years after being captured in New Mexico.

There's an echo in here.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Spotting Trouble Identifying Faltering and Failing States (1997)

[R.A. Hettinga]

At 4:34 PM -0500 1/17/05, R.A. Hettinga wrote:
>Tommy had only a small sip of the Kool-Aide, and
>apparently,
^h ^^saw the colors...

> but tried to cut it with a whole *vat* full of tanker-piss...

I hate it when that happens...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Internet noise threatens emergency radio

[R.A. Hettinga]

Wherein we all might tempest-up in spite of ourselves?

Cheers,
RAH
---



New Scientist

 Internet noise threatens emergency radio
 10:31 14 January 2005
 Exclusive from New Scientist Print Edition
 Barry Fox

Enlarge image
Short-wave interference

After the tsunami hit Sri Lanka on 26 December, Victor Goonetilleke, head
of the island's amateur radio society, delivered a short-wave radio set and
two 12-volt car batteries to the prime minister's emergency headquarters in
Colombo. At the same time, three of his friends drove through the
devastation to Hambantota, on the hard-hit south-east coast, where they set
up another battery-powered short-wave radio.

 For two days, while the military struggled to restore electricity supplies
and phone lines, the prime minister was able to use the short-wave link to
talk to staff on the ground.

 Short-wave signals from Sri Lanka, the Andaman Islands and mainland India
also helped to spread news of the disaster around the world. The same
happened after the 9/11 attacks and last year's hurricanes in the
Caribbean. When phones and mains electricity are down, making the internet
unusable, short-wave radio enthusiasts are able to maintain emergency
communications.

But not, perhaps, for much longer. Plans to deliver broadband internet
signals to homes and businesses down mains electricity cables, rather than
telephone lines, could cause interference that will drown out the faint
signals from distant short-wave transmitters.

 Unshielded cables

Power companies in the US and Europe are pressing ahead with the
technology, with the aim of setting up in competition to existing
phone-based services. The downside is that the packets of internet data
pulsing down unshielded mains cables makes the cables behave like aerials
that send short-wave interference beaming out over a wide area.

 Unless interference of this kind is tightly controlled, it could spell the
end for emergency short-wave communications. "A few extra decibels of
interference from future networks and I would not have been able to hear
the news from amateurs in Sri Lanka, India and the Andaman Islands," says
Hilary Claytonsmith of the International Amateur Radio Union's UKbranch.

 The threat began when the US government gave the go-ahead to broadband
over power line (BPL) technology in October. And the European Commission
(EC) is close to approving its own version, called power-line
communications (PLC). The names are different but the technology is the
same: broadband data is sent into people's homes as a high-frequency signal
piggybacked on the 50 or 60-hertz mains supply.

 Unhappy coincidence

Because the mains is a noisy environment with ever-changing patterns of
interference from sockets, switches, control circuits and electric motors
in appliances, the power-line data must be spread over many high-frequency
carrier signals if it is to be delivered at the 5 to 10 megabits per second
that these services are aiming for.

 The carrier frequencies used range up to 30 megahertz - which by unhappy
coincidence is the radio band that travels best around the world. It is
used for amateur radio, short-wave broadcasting (such as the BBC World
Service and Deutsche Welle) and includes several dedicated emergency
frequencies (see graphic). Because these frequencies bounce off the
ionosphere, they carry long distances, which makes them ideal for
long-range intercontinental broadcasting.

When the US Federal Communications Commission (FCC) gave the go-ahead to
BPL, it ruled that at frequencies up to 80 megahertz service providers must
use filters on their household equipment. These could be set by a service
engineer to chop out any internet transmission frequencies shown to be
causing interference to any short-wave radio receivers nearby. The EC and
the European Committee for Electrotechnical Standardisation (CENELEC) are
trying to set similar filtering rules.

Deciding on importance

But radio amateurs fear that the rules will allow the filtering to be
lifted if it is having a serious effect on internet access speeds. The EC
says it wants firm rules that balance "technical, social and economic"
factors against the "importance" of services which suffer interference. But
who is to decide what is more important, and on what grounds, the radio
amateurs ask.

 Michael Copps, the one FCC commissioner who opposed BPL, believes the
organisation has made a rod for its own back. It is going to have to "work
hard to monitor, investigate and take quick action" over any power-line
internet interference to radio amateurs and others, he says.

Some technical fixes may be in the works though. The BBC, for instance, is
developing a PLC modem that makes use of the fact that the short-wave
frequencies for broadcast radio change throughout the day, as ionospheric
conditions dictate. The BBC modem detects which frequency bands are 

Re: Spotting Trouble Identifying Faltering and Failing States (1997)

[R.A. Hettinga]

At 12:02 PM -0800 1/17/05, James A. Donald wrote:
>After the unpleasant experience of nation bulding in Iraq, I
>hope that for the next round, he will stick to nation
>destruction.

Amen.

All we really needed was a quick fly-by and reformat, and let Allah sort
'em out, on a grand tour of the um, holy land. Next stop Syria, Iran, etc.
Oh, well. Dance with the statist girl who brung ya, and all that.

Rummy saw the wisdom of 's plan, but couldn't quite sell it to the
Generals-that-be. Tommy had only a small sip of the Kool-Aide, and
apparently, but tried to cut it with a whole *vat* full of tanker-piss...


Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: panix.com hijacked

[R.A. Hettinga]

--- begin forwarded text


Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Date: Sun, 16 Jan 2005 01:32:46 -0500
From: Henry Yen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: Mark Jeftovic <[EMAIL PROTECTED]>
Subject: Re: panix.com hijacked
Mail-Followup-To: [EMAIL PROTECTED], Mark Jeftovic <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]


On Sat, Jan 15, 2005 at 10:50:49AM -0500, Perry E. Metzger wrote:
> Panix is highly screwed by this -- their users are all off the air,
> and they can't really wait for an appeals process to complete in order
> to get everything back together again.

from panix shell hosts motd:

. panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005

Re: panix.com hijacked

[R.A. Hettinga]

--- begin forwarded text


Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Date: Sun, 16 Jan 2005 07:08:24 + (GMT)
From: "Christopher L. Morrow" <[EMAIL PROTECTED]>
Subject: Re: panix.com hijacked
To: [EMAIL PROTECTED]
Cc: Henry Yen <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Mark Jeftovic <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]




On Sun, 16 Jan 2005 [EMAIL PROTECTED] wrote:

> On Sun, 16 Jan 2005 01:32:46 EST, Henry Yen said:
>
> > from panix shell hosts motd:
> >
> > . panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005
>
> So let's see.. the users will see this when they log into shell.panix.net
> (since shell.panix.com is borked).. Somehow, that doesn't seem to help much..
>

and the hijackers could be, potentially, running a box pretending to be
shell.panix.com, gathering userids and passwds :(

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Carnivore No More

[R.A. Hettinga]

At 12:31 AM +0100 1/16/05, Eugen Leitl wrote:
>it is believed that unspecified
>   commercial surveillance tools are employed now.

It was always AGGroup's Skyline package to begin with.

The FBI is like NASA. They never build anything, and take all the credit.

Cheers,
RAH
--
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Police Worried About New Vest-Penetrating Gun

[R.A. Hettinga]

wnbc.com

Police Worried About New Vest-Penetrating Gun


NEW YORK -- There is a nationwide alert to members of law enforcement
regarding a new kind of handgun which can render a bulletproof vest
useless, as first reported by NewsChannel 4's Scott Weinberger.

New Gun Frightens Police
Scott Weinberger

 The most shocking fact may be that the gun -- known as the "five-seven" --
is being marketed to the public, and it's completely legal

It was a very difficult decision for members of law enforcement to go
public about the new weapon, but officers fear that once word of the weapon
begins to circulate in the wrong circles, they will be in great danger.
They agreed to speak to NewsChannel 4, hoping the public will understand
what they call the most devastating weapon they face.

The weapon is light, easily concealable and can fire 20 rounds in seconds
without reloading.

"This would be devastating," said Chief Robert Troy, of the Jersey City
Police Department.

Troy said he learned about the high-powered pistol from a bulletin issued
by Florida Department of Law Enforcement to all of its agents. Troy
believes faced with this new weapon, his officers would be at a total
disadvantage.

"Dealing with a gun like this -- it's a whole new ballgame," Troy said.

Troy is not the only member of law enforcement to voice concern. As
NewsChannel 4 began to contact several more departments in the Tri-State
Area, it turned out that officers in Trumball, Conn., had seized one of
these handguns during a recent arrest.

"Certainly, handguns are a danger to any police officer on any day, but one
that specifically advertised by the company to be capable of defeating a
ballistic vest is certainly the utmost concern to us," said Glenn Byrnes,
of the Trumball Police Department.

However, the company said that bullet is not sold to the public. Instead,
gun buyers can purchase what the company calls a training or civilian
bullet -- the type loaded into the gun confiscated by Trumball police.

At a distance of 21 feet, Trumball police Sgt. Lenny Scinto fired the
five-seven with the ammo sold legally to the public into a standard police
vest. All three penetrated the vest.

The bullets even went through the back panel of the vest, penetrating both
layers.

In a similar test, an officer fired a .45-caliber round into the same vest.
While the shot clearly knocked it down, it didn't penetrate the vest, and
an officer would likely have survived the assault.

"The velocity of this round makes it a more penetrating round -- that's
what had me concerned," Scinto said.

FN Herstal told NewsChannel 4 that they dispute the test, stating, "Most
law enforcement agencies don't have the ability to properly test a
ballistic vest."

When NewsChannel 4 asked how this could have happened, the spokesperson
said: "We [the company] are not experts in ballistic armor."

Back in Trumball, Scinto said his officers would have to rethink how to
protect the public and protect themselves.

"This is going to add a whole new dimension to training and tactics. With
the penetration of these rounds, you're going to have to find something
considerably heavier than we normally use for cover and concealment to stop
this round," Scinto said.

In Jersey City, Troy said he will appeal to lawmakers, hoping they will
step in before any of his officers are confronted with the five-seven.

"This does not belong in the civilian population. The only thing that comes
out of this is profits for the company and dead police officers," Troy
said. "I would like the federal government to ban these rounds to the
civilian public."

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Brin needs killing, XIIV

[R.A. Hettinga]

At 10:05 AM +0100 1/14/05, Eugen Leitl wrote:
>Brin needs killing, XIIV

er, "Eleventy Four"? "Fifteen the hard way"?

;-)

Cheers,
RAH
Who was backhanded once for calling Brin a statist in public...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Blue Iraq: Local Experts in Global Communications

[R.A. Hettinga]

I expect a few cypherpunks will know the founder of blueiraq...

Cheers,
RAH
(who wonders who's running rediraq.com... ;-))
--


Blue Iraq

Local Experts in Global Communications
about Blue Iraq | Products and Services | Technology and Networks | Iraq
FAQ |  Support | Contact Us

Iraq FAQ

 FAQs

 

Technology and Internet in Iraq:
 Frequently Asked Questions

We have found that there are a few common questions about Internet access
and general IT in Iraq. By answering these questions here, we can try to
improve understanding inside and outside Iraq of the unique environment
which exists here.
 What kind of Internet connection does Iraq have?
Iraq does not have "one main Internet connection". As of 2003, Iraq has had
no landline or microwave relay connections to the outside world. All
international communications, and most domestic communications, have been
via satellite. Domestic wireline or wireless networks rely on satellite
access for international connectivity. Many businesses use small satellite
terminals (VSATs) to communicate directly with the outside world.
 Who uses Internet service in Iraq?
The US Department of Defense, DoD and Redevelopment Contractors, Western
expatriates, and the Iraqi Government are major users of Internet and
international communications services in Iraq. Additionally, many NGOs,
universities, and Iraqi businesses are establishing internet connectivity.
One of the major purchasers of Internet service in the domestic Iraqi
market is for small, entrepreneurial Internet Cafes.
Why is service in Iraq more expensive than in other parts of the world?
Satellite capacity is usually more expensive than terrestrial connectivity,
due to the high costs of satellites and limited RF capacity available on a
given transponder. However, satellites also have very high reliability, and
are the only practical means of deploying communications rapidly over a
large territory without building extensive (and vulnerable) fixed
infrastructure. Modern shared IP-optimized Ku-band VSAT systems can be very
affordably priced compared to older satellite communications systems.

 Communications companies operating in Iraq also face higher operating
costs than similar communications companies operating elsewhere in the
world, due to security concerns and lack of infrastructure.
 Can I use Voice over IP (VoIP) over satellite?
Generally VoIP will require special settings to work reliably over
satellite. We currently only support our iDirect network and dedicated
satellite capacity for VoIP applications, and all supported VoIP
communications must go through our VoIP gateway to ensure traffic
prioritization and quality of service.
Your competitors offer some systems which are cheaper, and can use Iraqis
to do the installation. Why should I use Blue Iraq?
Our prices are actually lower than most other satellite systems, based on
service capacity and performance -- unlike a lot of companies, we specify
our systems based on observed performance in Iraq, not a fanciful design
specification.

 Due to the security situation, it is very difficult for Iraqis to get onto
US bases to do installations. We do use trained Iraqis for off-base
installs in some cases. However, in many cases, we have found that having
US engineers do the world results in the most effective solution with the
highest overall quality. An inexpensive system which does not work reliably
is no bargain.
Why should I purchase a system from an Iraq-focused network operating
company, vs. one of the satellite owners or major networks?
One word: presence. Blue Iraq has trained personnel on the ground in Iraq
who are familiar with the environment. Many other vendors have never set
foot in Iraq, and rely on local contract installation companies to do
installations. Non-Iraq based companies also do not have personnel in Iraq
do provide after-sale support if anything goes wrong. In a place like Iraq,
many things can go wrong.
Isn't it too dangerous to operate a business in Iraq? The news shows
bombings and kidnappings every day?
Iraq can be a very dangerous place. However, we take all reasonable
precautions to minimize this risk. Our personnel travel with appropriate
levels of security, and will refuse to go to sites which are not adequately
secured. We primarily operate in conjunction with the US military, and rely
on US military helicopter transport between secure bases. All personnel
have appropriate protective gear and training.
Why does the military use commercial internet services? Doesn't it have
enough satellite capacity of its own?
The US military makes extensive use of commercial products and systems for
a wide variey of non-tactical purposes, as commercial systems often provide
the cheapest, best, and most cost-effective solution to a given problem.
Commercial satellite networks are extensively used for Morale, Welfare, and
Recreation (MWR) purposes, administrative and support systems, and more.
Do you do busi

RE: Police seek missing trucker, nickels

[R.A. Hettinga]

At 3:05 PM -0800 1/9/05, Bill Stewart wrote:
>Micropayments, of course :-)

*Bearer* micropayments...

:-)

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Police seek missing trucker, nickels

[R.A. Hettinga]

At 5:10 PM -0500 1/9/05, Pete Capelli wrote:
>Millions of micropayments lost?

Billions. Billions.

:-).

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

[osint] All Charges Are Dismissed in Spy Case Tied to FBI

[R.A. Hettinga]

A little spy-porn...

Cheers,
RAH

--- begin forwarded text


To: "Bruce Tefft" <[EMAIL PROTECTED]>
Thread-Index: AcT0t++lIBQbqlCJT0mOlbNcWsJnqgACh7RA
From: "Bruce Tefft" <[EMAIL PROTECTED]>
Mailing-List: list osint@yahoogroups.com; contact [EMAIL PROTECTED]
Delivered-To: mailing list osint@yahoogroups.com
Date: Fri, 7 Jan 2005 09:06:41 -0500
Subject: [osint] All Charges Are Dismissed in Spy Case Tied to FBI
Reply-To: osint@yahoogroups.com



All Charges Are Dismissed in Spy Case Tied to FBI


By JOHN M. BRODER and NICK MADIGAN
New York Times

January 07, 2005






LLOS ANGELES, Jan. 6 - A federal judge on Thursday dismissed all charges
against a Chinese-American woman accused of using a long-running sexual
relationship with a senior F.B.I. agent here to obtain national security
documents.

The woman, Katrina Leung, a wealthy socialite from San Marino, a suburb of
Los Angeles, had faced five criminal counts of unauthorized possession and
copying of classified materials. The prosecutors said she removed the files
from the briefcase of James J. Smith, a senior F.B.I. agent with whom Ms.
Leung had an affair for 20 years.

The prosecutors said they stopped short of charging her with espionage
because they could not prove that she had passed the documents to China.

But on Thursday, Judge Florence-Marie Cooper of Federal District Court
dismissed the charges because of what she called prosecutorial misconduct.
Judge Cooper agreed with Ms. Leung's lawyers that a plea agreement that
prosecutors reached with Mr. Smith last spring unfairly prevented Ms.
Leung's lawyers from having access to Mr. Smith, a critical witness.

Mr. Smith pleaded guilty to lying to his superiors about the affair. Four
other felony charges were dropped, letting him avoid prison time. In
exchange, he promised to cooperate in prosecuting Ms. Leung. But the terms
of the deal barred contact with the defense team.

She had faced 14 years in prison if convicted.

The couple were arrested in April 2003, a time of heightened sensitivity
about security because of the Sept. 11, 2001, attacks and years of
accusations, some unproven, of Chinese espionage in the United States.

"Katrina Leung's nightmare is over," the defense lawyers, Janet I. Levine
and John D. Vandevelde, said in a statement. "Today, United States District
Judge Florence-Marie Cooper granted our motion to dismiss all charges
against Katrina because the prosecutors engaged in misconduct, gagging the
chief witness against her and then trying to cover it up. You can't do that
in America."

The United States attorney in the case, Debra W. Yang, said she disagreed
with the decision and was considering an appeal. Ms. Yang denied any
misconduct on the part of her office and said the accord with Mr. Smith did
not prohibit him from talking to Ms. Leung or her lawyers.

"I stand behind the work of the prosecutors of this case, and I know that
they have conducted themselves ethically," she said.

Mr. Smith recruited Ms. Leung as an informer in the early 80's. For 20
years, she was paid $1.7 million to provide information on China. For almost
all that time, she and Mr. Smith had an affair.

The authorities had at first said Mr. Smith had let her gain access to
secret material that she passed to the Chinese. Justice Department officials
said they believed that Ms. Leung was a double agent when the F.B.I. was
paying her.

The initial grand jury indictment against Ms. Leung charged her with
stealing sensitive national security documents from her lover, but stopped
short of charging that she actually engaged in espionage by passing secrets
to China. The authorities said that although they believed they had ample
evidence that Ms. Leung had unauthorized access to security material, it
would be harder for them to track contacts in China. The difficulty of
introducing classified evidence in open court could also complicate the
case, officials acknowledged.

Judge Cooper admonished the government not only for denying Ms. Leung access
to Mr. Smith, but also for trying to conceal the terms of the deal.

"In this case," the judge wrote, "the government decided to make sure that
Leung and her lawyers would not have access to Smith. When confronted with
what they had done, they engaged in a pattern of stone-walling entirely
unbecoming to a prosecuting agency."

Ms. Leung was a prominent businesswoman and political fund-raiser among
Chinese-Americans in Southern California. The authorities said they believed
that Ms. Leung would "surreptitiously" take secret documents from Mr.
Smith's briefcase on his many visits to her.

She was indicted a day after Mr. Smith was indicted on six counts of wire
fraud and gross negligence for what the authorities said was letting Ms.
Leung take the papers and for lying to his supervisor about their affair and
her reliability.



[Non-text portions of this message have been removed]



 Yahoo! Groups Sponsor ~-->
Give underprivileged 

Ready, Aim, ID Check: In Wrong Hands, Gun Won't Fire

[R.A. Hettinga]

Ah... Book-entry to the trigger.

The ganglia, as the man said, twitch.

Whole new meaning to digital "rights" management.

Cheers,
RAH
---



The New York Times

January 6, 2005
WHAT'S NEXT

Ready, Aim, ID Check: In Wrong Hands, Gun Won't Fire
 By ANNE EISENBERG


HE computer circuits that control hand-held music players, cellphones and
organizers may soon be in a new location: inside electronically controlled
guns.

Researchers at the New Jersey Institute of Technology in Newark are
building a handgun designed to fire only when its circuitry and software
recognize the grip of an authorized shooter.

 Sensors in the handle measure the pressure the hand exerts as it squeezes
the trigger. Then algorithms check the shooter's grip with stored,
authorized patterns to give the go-ahead.

"We can build a brain inside the gun," said Timothy N. Chang, a professor
of electrical engineering at the New Jersey Institute of Technology who
devised the hardware for the grip-recognition system. "The technology is
becoming so cheap that we can have not just a computer in every home, but a
computer in every gun."

The main function of the system is to distinguish a legitimate shooter
from, for example, a child who comes upon a handgun in a drawer.
Electronics within the gun could one day include Global Positioning System
receivers, accelerometers and other devices that could record the time and
direction of gunfire and help reconstruct events in a crime investigation.

For a decade, researchers at many labs have been working on so-called smart
or personalized handguns designed to prevent accidents. These use
fingerprint scanners to recognize authorized shooters, or require the
shooter to wear a small token on the hand that wirelessly transmits an
unlocking code to the weapon.

At the New Jersey Institute of Technology, Michael L. Recce, an associate
professor in the department of information systems, decided instead to
concentrate on the shooter's characteristic grip. Dr. Recce created the
software that does the pattern recognition for the gun.

 Typically, it takes one-tenth of a second to pull a trigger, Dr. Recce
said. While that is a short period, it is long enough for a computer to
match the patterns and process the authorization.

 To bring Dr. Recce's recognition software to life, Dr. Chang created
several generations of circuits using off-the-shelf electronic components.
He equipped the grips of real and fake handguns with sensors that could
generate a charge proportional to the pressure put on them.

 The pressure on the grip and trigger are read during the beginning of the
trigger pull. The signals are sent to an analog-to-digital converter so
that they can be handled by the digital signal processor. Patterns of
different users can be stored, and the gun programmed to allow one or more
shooters.

 At first the group worked mainly with a simulated shooting range designed
for police training. "You can't have guns in a university lab," Dr. Recce
said.

The computer analysis of hand-pressure patterns showed that one person's
grip could be distinguished from another's. "A person grasps a tennis
racket or a pen or golf club in an individual, consistent way," he said.
"That's what we're counting on."

During the past year, the team has moved from simulators to tests with live
ammunition and real semiautomatic handguns fitted with pressure sensors in
the grip. For five months, five officers from the institute's campus police
force have been trying out the weaponry at a Bayonne firing range. "We've
been going once a month since June," said Mark J. Cyr, a sergeant in the
campus police. "I use a regular 9-millimeter Beretta weapon that fires like
any other weapon; it doesn't feel any different."

For now, a computer cord tethers the gun to a laptop that houses the
circuitry and pattern-recognition software. In the next three months,
though, Dr. Chang said, the circuits would move from the laptop into the
magazine of the gun. "All the digital signal processing will be built right
in," he said.

Michael Tocci, a captain in the Bayonne Police Department, recently saw a
demonstration of the technology. One shooter was authorized, Captain Tocci
said. When this person pulled the trigger, a green light flashed. "But when
other officers picked up the gun to fire, the computer flashed red to
register that they weren't authorized," he said.

 The system had a 90 percent recognition rate, said Donald H. Sebastian,
senior vice president for research and development at the institute.
"That's better fidelity than we expected with 16 sensors in the grip," Dr.
Sebastian said. "But we'll be adding more sensors, and that rate will
improve."

Dr. Chang said the grip for the wireless system would have 32 pressure
sensors. "Now, in the worst case, the system fails in one out of 10 cases,"

California Bans a Large-Caliber Gun, and the Battle Is On

[R.A. Hettinga]

The New York Times

January 4, 2005

California Bans a Large-Caliber Gun, and the Battle Is On
 By CAROLYN MARSHALL


AN FRANCISCO, Jan. 3 - California has become the first state to ban a
powerful .50-caliber long-range rifle that gun control advocates portray as
a military firearm that could easily fall into the hands of terrorists bent
on assassination or shooting down an airplane.

Under the ban, which was signed into law by Gov. Arnold Schwarzenegger in
September and took effect on Jan. 1, it is now illegal to manufacture,
sell, distribute or import a weapon known as the .50-caliber BMG, or
Browning machine gun rifle, a single-shot weapon widely used not only by
law enforcement officers and the military but, more recently, by civilian
sport shooters as well.

 The new law limits possession to those who already own the rifle; they
have until April 30, 2006, to register it or face a misdemeanor charge.

 Gun rights advocates fear that the California legislation will prompt
other states to follow - similar efforts have been undertaken in New York,
Connecticut, Illinois, Massachusetts and Virginia, but have failed - and
enthusiasts are already devising ways to alter the gun and so circumvent
the law without breaking it.

 Another result of the law is that in the weeks before it took effect,
people rushing to buy the limited supplies of .50 BMG's descended on gun
shops throughout California. Now that it is in force, some of the gun's
out-of-state makers and distributors have threatened not to sell any of
their firearms or services here.

"We all think it's the first step toward banning sniper rifles," said
Michael Fournier, owner of the Gun Exchange, a shop in San Jose. "They keep
chipping away a little at a time. Eventually they'll try to get them all."

A lawyer for the California Rifle and Pistol Association, a lobby that
fought the legislation, said that for the first time gun control advocates
had managed "to demonize" a firearm that gun proponents and lawmaker allies
say has never been used to commit a crime in the United States.

The lawyer, Chuck Michel, said the .50 BMG, which weighs 30 pounds and can
cost $2,000 to $8,000, was typically bought by collectors, shooting range
enthusiasts and skilled competitors.

"Criminals don't carry around very pricey, very heavy rifles," Mr. Michel
said. "They want handguns they can conceal."

The .50 BMG rifle, patented in 1987 by Barrett Firearms Manufacturing of
Murfreesboro, Tenn., was designed as a sniper weapon for law enforcement
and the military; it was widely used by American troops during the Persian
Gulf war of 1991.

Manufacturers say the rifle is accurate at a range of up to 2,000 yards,
more than a mile. It fires bullets five and a half inches long described as
powerful enough to rip through armor, much less the thin aluminum skin that
covers commercial airliners.

 "They can pierce the skin of an aircraft," said Daniel R. Vice, a lawyer
with the Brady Campaign to Prevent Gun Violence, a central supporter of the
law. "It could be used to shoot down an airplane. And we certainly don't
want to wait until a terrorist buys one before we ban it."

The legislation's author, Assemblyman Paul Koretz, a Democrat from West
Hollywood, concedes that street criminals would most likely view the .50
BMG as too much gun for the typical robbery or drive-by shooting. Rather,
the law is intended to help keep the weapon out of the hands of
"terrorists, general nut cases and survivalists," Mr. Koretz said, citing
government reports suggesting that it had been used in assassinations
overseas and that at least 25 had been bought by Osama bin Laden.

Mr. Michel, the lawyer for the gun rights group, said that adopting the ban
in the name of fighting terrorism was without merit.

"The terrorist can get a nuclear dirty bomb or a shoulder-mounted rocket
launcher," he said. "The .50-caliber is just a peashooter in comparison."

But while there is no conclusive evidence that the .50 BMG rifle has ever
been used in the United States to commit a felony, it has nonetheless been
seized from American criminals' arsenals. A 1999 briefing paper from the
General Accounting Office, predecessor of the Government Accountability
Office, Congress's investigative arm, said, "We have established a nexus to
terrorist groups, outlaw motorcycle gangs, international drug cartels,
domestic drug dealers, religious cults, militia groups, potential assassins
and violent criminals."

A side effect of the new law is the ill will it has instilled toward Mr.
Schwarzenegger among gun rights advocates. Many of them supported him for
governor, and maintain that his signing the legislation was an act of
betrayal.

 "You know what we call him?" said Jerry Sloan, assistant manager of
Precision Arms, a shop in Escondido. "Benedict Arnold."

Terri Carbaugh, a spokeswoman for the governor, said Mr. Schwarzenegger, a
Republican

Re: Talking Back to Power: China's 'Haves' Stir the 'Have Nots' to Violence

[R.A. Hettinga]

At 9:37 AM -0600 1/1/05, Neil Johnson wrote:
>I'm not really RAH, but I play him on cypherpunks ;-)

Except that he doesn't post cryptosocialist luddite leveller blather,
except in jest, and at least he puts angle brackets around his links so
they don't break, viz,

>http://www.nytimes.com/2004/12/31/international/asia/31china.html?
>ex=1105532792&ei=1&en=61c003ece2c2eadb

:-)

Cheers,
RAH
---


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

RE: RAH's postings.

[R.A. Hettinga]

At 10:14 AM -0500 12/22/04, Trei, Peter wrote:
>His response boils
>down to 'fuck you'.


"*You* may say that. *I* couldn't *possibly* comment."
 -- Francis Urquhart, (the original FU), in Michael Dobbs 'House of Cards'

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"I guess it's disingenuous to argue with someone who spews truth from every
orifice."  --Aaron Evans

Re: RAH's postings.

[R.A. Hettinga]

At 11:47 PM +0100 12/21/04, Anonymous wrote:
>RAH, if you want to anonymize a quoted email, it helps if you remove the
>In-Reply-To: and References: headers.

Doh.

Not the first time that's happened, either.

*Gotta* remember that cut and paste thing...



Yours in header suppression,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: RAH's postings.

[R.A. Hettinga]

At 10:23 AM -0500 12/21/04, Somebody wrote:
>What the hell does an article about gypsy
>mechanics have to do with cypherpunks?

I plead anarchic markets, m'lord. Emerging phenomena, and all that, in
spite all regulation to the contrary.

Which was why I sent the traffic thing as well. No laws (or regulation) is
better rules, in many interesting cases.

> It may
>be interesting to you, but it's off-topic,

You may say that, I couldn't possibly comment.

> and
>voluminous.

That's what your 'd' key is for.

If that's not good enough, perhaps an addition to your kill-file is in
order. Or you need assistance in creating a filter for your mailer?

Cheers,
RAH


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Paging Black Unicorn (was RE: Costs of Money Laundering Enforcement)

[R.A. Hettinga]

Contact him directly, please...

Cheers,
RAH


--- begin forwarded text


From: "Astengo, F. (Fabrizio)" <[EMAIL PROTECTED]>
To: "'R.A. Hettinga'" <[EMAIL PROTECTED]>
Subject: RE: Costs of Money Laundering Enforcement
Date: Mon, 20 Dec 2004 15:15:42 +0200

Hi Robert,

Have the link here, but after further reading of the section, it would seem
that it was not really your article, just a quote of it. I simply read the
top section and assumed it was yourself replying to the comments, but after
further analysis it would seem not.

Heres the link anyways:

<http://www.arraydev.com/commerce/JIBC/9703-12.htm>http://www.arraydev.com/commerce/JIBC/9703-12.htm

Im still trying to source this doc, and quote from that page:
"
From: Black Unicorn <[EMAIL PROTECTED]>
To: Multiple recipients of <[EMAIL PROTECTED]>

On Fri, 13 Jun 1997 [EMAIL PROTECTED] wrote:
"

(This is of course the section I missed :-) )

If you are aware, would I contact Black Unicorn or MFarncombe in this
regard? Im still not too clear who is replying to whom on the article.

Thanking you
Fabrizio Astengo



-Original Message-
From: R.A. Hettinga [<mailto:[EMAIL PROTECTED]>mailto:[EMAIL PROTECTED]
Sent: 20 December 2004 14:54
To: Astengo, F. (Fabrizio)
Subject: Re: Costs of Money Laundering Enforcement


At 10:56 AM +0200 12/20/04, Astengo, F. (Fabrizio) wrote:
>Was reading an article on the web where you made reference to:

Send me the link, it might help.

Cheers,
RAH
--
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation
<<http://www.ibuc.com/>http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'


Nedbank Limited Reg No 1951/09/06
Directors: WAM Clewlow (Chairman)  Prof MM Katz (Vice-chairman)  ML Ndlovu
(Vice-chairman)  TH Nyasulu (Vice-chairman)  TA Boardman (Chief Executive) 
CJW Ball  MWT Brown  RG Cottrell  BE Davison  N Dennis+  Prof B Figaji  MJ
Levett  JB Magwaza  ME Mkwanazi  PF Nhleko  JVF Roberts+ 
CML Savage  JH Sutcliffe+  (+British) Company Secretary: GS Nienaber
01.07.2004

This email and any accompanying attachments may contain confidential and
proprietary information.  This information is private and protected by law
and, accordingly, if you are not the intended recipient, you are requested
to delete this entire communication immediately and are notified that any
disclosure, copying or distribution of or taking any action based on this
information is prohibited.

Emails cannot be guaranteed to be secure or free of errors or viruses.  The
sender does not accept any liability or responsibility for any
interception, corruption, destruction, loss, late arrival or incompleteness
of or tampering or interference with any of the information contained in
this email or for its incorrect delivery or non-delivery for whatsoever
reason or for its effect on any electronic device of the recipient.

If verification of this email or any attachment is required, please request
a hard-copy version.

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Paging Black Unicorn, Part 2: Money Laundering in the Geodesic Economy

[R.A. Hettinga]

Here's the article in question...

Cheers,
RAH
---


JIBC

Hettinga's Best of the Month

Money Laundering in the Geodesic Economy
 From Robert Hettinga
 Email:[EMAIL PROTECTED]
 URL: http://www.shipwright.com
 Robert Hettinga is a financial cryptography strategy and policy consultant
in Boston. He is founder of the First International Conference on Financial
Cryptography (FC97), the International Financial Cryptography Association,
the Digital Commerce Society of Boston, and the e$ and e$pam mail lists. He
is also financial cryptography editor of JIBC.
From: Black Unicorn <[EMAIL PROTECTED]>
To: Multiple recipients of <[EMAIL PROTECTED]>

On Fri, 13 Jun 1997 [EMAIL PROTECTED] wrote:

>   Hi all,
>
>   I suspect that one of the principal things that the Feds are
>   worried about is the potential for money-laundering.


 This is a loaded statement. Money laundering is only a concern in so far
as it means government control over the economy is diminished. (And to the
extent that it allows one to seize the funds a their title converts the to
United States at the instant of commission).

 Money laundering is a "tack on" offense. (Much like, say, mail fraud). The
number of original cases which derive from actual money laundering
investigation is vanishingly small. Instead it is usually added on to an
indictment when the defendant is or has been under investigation for
something else.

 Because money laundering statutes are generally phrased something like
"knowingly concealing the proceeds of a criminal act," usually you find the
criminal act first and then look to see if attempts were made to conceal
the funds. Professional money launderers are rarely caught.
>   At the moment, conversion of money from illegal sources  (drug
>   sales, extortion by terrorists, major theft etc) into the legal
>   economy (equities, bonds, property  etc) is difficult because
>   any financial institution is obliged, in most parts of the
>   world, to obtain proof of identity of its  clients and toreport
>   suspicions of wrongdoing.


 I disagree rather strongly. Currently the favorate method is to hand the
cash, in bulk, to the professional money launderer who, on the spot, cuts a
clean bank check (perhaps from a reputable import/export or realestate
company) for the cash amount minus fee (5-20% usually). The launderer takes
all the risk in the process, including smuggling the funds out, hashing
them through iterations and (usually) returning them right back into the
United States as legitimate overseas investment. It's like the separation
of capital and management skill. The money launderer is free to concentrate
100% of his time to managing his extensive laundering empire, the hundreds
or thousands of shells and webs of accounts and maintains the liquidity to
drop 5 million on the notice of a phone call.
>   Hence, I suspect, the $750 limit.
>   The reason for this check is that it is otherwise very easy to
>   shuffle funds back and forth between financial instruments to
>   confuse the  trail and defeat the cops.


 The $750 limit is going to do about nothing for the problem of money money
laundering. It will inconvenience the casual launderer, and that is about
all. What it will do is put a significant cost on the head of the consumer.
A CTR costs a bank between $5 and $15 to file today (according to the ABA).
$17 if you listen to the Report of the Financial Action Task Force on Money
Laundering.

 In 1993 the 368 largest banks (assets over $1 billion) filed 4.5 million
CTRs. The cost was estimated at $72 million dollars. (John Byrne, General
Counsel, American Bankers Association). 10,765,000 CTRs were filed in 1994.
About .5% are marked "suspicious."

 Now the $750 limit? The number of reports to be filed is staggering and
.5% is beyond government to police properly without 5,000 new hires. No,
clearly the $750 limit is not to catch money launderers, but to create and
perpetuate detailed transactions record keeping.

 FinCEN is much more useful to link transactions to defendents in non-money
laundering cases. "What do you mean you weren't in California in May? Our
records show you accepted two wire transfers there on the 15th and the
16th."

 And consider this. If I build a machine which has a 95% accuracy rate in
detecting money laundering, that is to say that it will identify a given
transaction as money laundering or legitimate with 95% accuracy, I still
have a serious problem. Given 10,000 transactions, with .2% (20)
representing money laundering we find the following figures: 19 (95% of 20)
money laundering transactions will be flagged as illegal 1 (5% of 20)
laundering transaction will be incorrectly flagged as legal. 500 (5% of
10,000) legitimate transactions will be incorrectly flagged as illegal.

 For every one money laundering transaction flagged there will be 26
legitimate transactions flagged and only about 3.6% of all the flagged
transactions will actual

Coffee, Tea, or Should We Feel Your Pregnant Wife's Breasts Before Throwing You in a Cell at the Airport and Then Lying About Why We Put You There?

[R.A. Hettinga]

 LewRockwell.com

Coffee, Tea, or Should We Feel Your Pregnant Wife's Breasts Before Throwing
You in a Cell at the Airport and Then Lying About Why We Put You There?

by  Nicholas Monahan

?  ??  ??  ??  

This morning I'll be escorting my wife to the hospital, where the doctors
will perform a caesarean section to remove our first child. She didn't want
to do it this way - neither of us did - but sometimes the Fates decide
otherwise. The Fates or, in our case, government employees.

 On the morning of October 26th Mary and I entered Portland International
Airport, en route to the Las Vegas wedding of one of my best friends.
Although we live in Los Angeles, we'd been in Oregon working on a film, and
up to that point had had nothing but praise to shower on the city of
Portland, a refreshing change of pace from our own suffocating metropolis.

 At the security checkpoint I was led aside for the "inspection" that's all
the rage at airports these days. My shoes were removed. I was told to take
off my sweater, then to fold over the waistband of my pants. My baseball
hat, hastily jammed on my head at 5 AM, was removed and assiduously
examined ("Anything could be in here, sir," I was told, after I asked what
I could hide in a baseball hat. Yeah. Anything.) Soon I was standing on one
foot, my arms stretched out, the other leg sticking out in front of me àla
a DUI test. I began to get pissed off, as most normal people would. My
anger increased when I realized that the newly knighted federal employees
weren't just examining me, but my 71Ž2 months pregnant wife as well. I'd
originally thought that I'd simply been randomly selected for the more
excessive than normal search. You know, Number 50 or whatever. Apparently
not though - it was both of us. These are your new threats, America:
pregnant accountants and their sleepy husbands flying to weddings.

After some more grumbling on my part they eventually finished with me and I
went to retrieve our luggage from the x-ray machine. Upon returning I found
my wife sitting in a chair, crying. Mary rarely cries, and certainly not in
public. When I asked her what was the matter, she tried to quell her tears
and sobbed, "I'm sorry...it's...they touched my breasts...and..." That's
all I heard. I marched up to the woman who'd been examining her and
shouted, "What did you do to her?" Later I found out that in addition to
touching her swollen breasts - to protect the American citizenry - the
employee had asked that she lift up her shirt. Not behind a screen, not off
to the side - no, right there, directly in front of the hundred or so
passengers standing in line. And for you women who've been pregnant and
worn maternity pants, you know how ridiculous those things look. "I felt
like a clown," my wife told me later. "On display for all these people,
with the cotton panel on my pants and my stomach sticking out. When I sat
down I just lost my composure and began to cry. That's when you walked up."

Of course when I say she "told me later," it's because she wasn't able to
tell me at the time, because as soon as I demanded to know what the federal
employee had done to make her cry, I was swarmed by Portland police
officers. Instantly. Three of them, cinching my arms, locking me in
handcuffs, and telling me I was under arrest. Now my wife really began to
cry. As they led me away and she ran alongside, I implored her to calm
down, to think of the baby, promising her that everything would turn out
all right. She faded into the distance and I was shoved into an elevator, a
cop holding each arm. After making me face the corner, the head honcho told
that I was under arrest and that I wouldn't be flying that day - that I was
in fact a "menace."

It took me a while to regain my composure. I felt like I was one of those
guys in The Gulag Archipelago who, because the proceedings all seem so
unreal, doesn't fully realize that he is in fact being arrested in a public
place in front of crowds of people for...for what? I didn't know what the
crime was. Didn't matter. Once upstairs, the officers made me remove my
shoes and my hat and tossed me into a cell. Yes, your airports have prison
cells, just like your amusement parks, train stations, universities, and
national forests. Let freedom reign.

 After a short time I received a visit from the arresting officer. "Mr.
Monahan," he started, "Are you on drugs?"

Was this even real? "No, I'm not on drugs."

"Should you be?"

"What do you mean?"

"Should you be on any type of medication?"

"No."

"Then why'd you react that way back there?"

You see the thinking? You see what passes for reasoning among your domestic
shock troops these days? Only "whackos" get angry over seeing the woman
they've been with for ten years in tears because someone has touched her
breasts. That kind of reaction - love, protection - it's mind-boggling!
"Mr. Monahan, are you on drugs?" His snide words rang inside my head. This
is 

To the Computer, You're Still Beautiful

[R.A. Hettinga]

The New York Times

December 12, 2004

To the Computer, You're Still Beautiful
 By MATTHEW L. WALD


UNATTRACTIVE passport photos, once merely traditional, may become
mandatory. The reason is that computers do not like smiles.

A United Nations agency that sets standards for passports wants all
countries to switch to a document that includes a "biometric feature," a
digital representation of the bearer's face recorded on an embedded
computer chip. In airports and at border crossings, a machine will read the
chip to see if the information there matches the bearer's face. But the
machine can be flummoxed by smiles, which introduce teeth, wrinkles, seams
and other distortions.

The State Department issued instructions that passport photos "should be
neutral (non-smiling) with both eyes open, and mouth closed." In a grudging
sop to the irrepressible, a "smile with closed jaw is allowed, but is not
preferred."

A State Department spokeswoman pointed to another page of the Web site
where "neutral" had been changed to "natural." But it, too, said that the
mouth should be closed. Canada and Britain have issued similar instructions.

In the end, some critics say, the joke may be on the government, because
the face recognition system may deal poorly with aging, and a passport is
good for 10 years.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Kazaa can't bar child pornographers, court told

[R.A. Hettinga]

Quadrafecta!!!

Horse Number Four, Paedophilia, or "Pokey", to his friends...

Only took 36 hours, true to his namesake... Or something.

Cheers,
RAH
---



The Register


 Biting the hand that feeds IT

The Register » Internet and Law » Digital Rights/Digital Wrongs »

 Original URL: http://www.theregister.co.uk/2004/12/10/kazaa_p2p_trial/

Kazaa can't bar child pornographers, court told
By Tim Richardson (tim.richardson at theregister.co.uk)
Published Friday 10th December 2004 17:16 GMT

Sharman Networks - the company behind peer-to-peer file sharing outfit
Kazaa - has denied it is able to block users who use the service to share
child pornography.

Sharman Networks is currently in the Australian Federal Court in Sydney
facing allegations that it created the world's largest music piracy network
and knew that its software was being used to distribute music illegally.

Earlier in the trial, Tony Bannon, QC - representing dozens of music
companies including Universal, EMI, Warner and Sony BMG - dismissed Sharman
Networks' claim that the company had no control over how its software was
used.

Quoting the company's policy on child pornography, he said: "If at any time
Kazaa finds that you are using Kazaa to collect or distribute child
pornography or other obscene material, [Sharman] reserves the right to
permanently bar you and your computers from accessing Kazaa and other Kazaa
services."

The argument went on, that if Kazaa could bar traders in illegal child porn
images, then it could block users who illegally distribute music.

However, Philip Morle, Sharman Network's chief technology officer, told the
court yesterday that he did not think the company could bar people who used
its P2P software to distribute child pornography. He went on to say that he
didn't know how people could be blocked; nor was he aware of Kazaa's policy
on child pornography, reported ZD Net Australia.

The trial continues. ®

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: punkly current events

[R.A. Hettinga]

At 6:33 PM -0800 12/9/04, Major Variola (ret) wrote:
>If the Klan doesn't have
>a right to wear pillowcases what makes you think mixmaster will
>survive?

"Which was me point", mutters Killick, under his breath...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: tangled context probe

[R.A. Hettinga]

At 10:56 AM -0500 12/10/04, Roy M. Silvernail wrote:
>But I'm about 2 posts away from ensconcing RW"B"E in my procmail
>file

What's taking you so long?

:-)

Cheers,
RAH
cf: various imprecations against feeding trolls &cet...
-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Timing Paranoia

[R.A. Hettinga]

At 10:16 PM -0500 12/9/04, Roy M. Silvernail wrote:
>Imagine using observed timing to conclude that your agent provocateur
>operates from geostationary orbit.

..And here I thought VALIS was all in his head...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: SEC Probes Firms That Gather Data on Who Owns What Shares

[R.A. Hettinga]

At 6:43 PM -0800 12/9/04, Major Variola (ret) wrote:
>Just for the newbies, these are all bearer instruments, in RAHspeak.

Now, *that* I wasn't paying attention to, having just seen the "omigawd,
more financial proctology" aspects at the beginning of the article.

Thank you.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Horseman #3, "Inky": Money Laundering in America

[R.A. Hettinga]

MND COMMENTARY
- Jim Kouri - MensNewsDaily.com

Money Laundering in America


 December 7, 2004
 by Jim Kouri


 Federal law enforcement officials estimate that between $100 billion and
$300 billion is laundered in this country each year. While illegal drug
trafficking accounts for much of the funds being laundered, other criminal
activities, including terrorism and tax evasion, also account for an
extensive amount. In the past two decades, federal law enforcement efforts
to combat money laundering have focused on requiring financial institutions
to report currency transactions that exceed $10,000.

 Beginning in 1988, these reports have been supplemented by reports of
suspicious transactions. Many of the transactions reported as suspicious
involve individuals who appear to be attempting to avoid the $10,000
reporting requirement. However, any activity that deviates from the norm
for a particular account can be considered suspicious. The Right to
Financial Privacy Act, enacted in 1978, raised questions as to whether
financial institutions were authorized to report suspicious transactions.
To address these concerns, legislation has been enacted to provide
protection against civil liability for institutions reporting suspicious
transactions. Banks and other financial institutions report tens of
thousands of suspicious transactions each year. The reports have led to the
initiation of major investigations into various types of criminal activity.

 However, because there is no overall control or coordination of the
reports, there is no way of ensuring that the information is being used to
its full potential. Financial institutions report suspicious transactions
on a variety of different forms that provide different types of information
and that are filed with different law enforcement and regulatory agencies.
The form that is filed most frequently is filed with the Internal Revenue
Service (IRS) and kept on a centralized database. However, the form does
not contain any information describing the suspicious activity that would
allow law enforcement agencies to evaluate the usefulness of the
information on the basis of the form alone.

 Moreover, some institutions have been filing these forms erroneously. IRS
and other federal and state law enforcement agencies use the database on a
reactive basis; that is, to provide additional information on an
investigation that has already been initiated. Other forms used to report
suspicious transactions do describe the activity so that the information
can be evaluated. However, these forms are filed with six different federal
financial regulatory agencies. Because the forms are not maintained on a
centralized database, they are not used on a reactive basis. Financial
institutions filing this form are required to send a copy of it to the
nearest district office of IRS' Criminal Investigation Division.

 However, IRS has not developed any guidance or directives as to how the
information is to be managed as an intelligence resource. Use of the
reports to initiate investigations varies among the 35 district offices.
The Government Accounting Office identified 15 states that receive copies
of suspicious transaction reports filed on one or both of these two-forms.
Nine of these states told GAO that they use the information to initiate
criminal investigations. The Department of the Treasury, the financial
regulatory agencies, and IRS have recently agreed to substantial changes
regarding how suspicious transactions are to be reported and how the
information is to be used. These proposals, which were made with input from
the financial community, have the potential for significantly improving the
contribution that suspicious transaction reports make to law enforcement at
both the federal and state levels.

 The IRS does not have agencywide policies or procedures for managing
suspicious transaction reports. Consequently, the extent to which special
agents in the 35 CID district offices solicit, process, and evaluate the
reports is up to the discretion of the district CID chief and varies
significantly among districts. The percentage of investigations initiated
on the basis of suspicious transaction reports also varies significantly
among districts.

 >From October 1990 to June 1994 CID initiated 21,507 investigations
nationwide. About 4 percent of the cases were initiated as a result of a
suspicious transaction report. Among the district offices, however, the
percentage varied from 0 to over 18 percent. GAO believes that the varying
rates are an indication that use of the reports may not be emphasized to
the same extent among the districts.

 Sources: US Department of Justice, US Department of the Treasury and
National Security Institute

 Jim Kouri


 DISCUSS THIS ARTICLE IN THE FORUM!

Jim Kouri, CPP is currently fifth vice-president of the National
Association of Chiefs of Police. He's former chief at a New York

Horseman number 4: 'Paedophiles Pose Greatest Threat Facing Internet'

[R.A. Hettinga]

Okay, so it's a trifecta, today...

:-)

Cheers,
RAH
---


print
  

Wed 8 Dec 2004

4:51pm (UK)
'Paedophiles Pose Greatest Threat Facing Internet'

By David Barrett, PA Home Affairs Correspondent


 Online paedophiles are the greatest threat facing the internet, government
research said today.

 A variety of internet child porn issues dominated a "top 10" of criminal
threats posed by new technology, a Home Office report revealed.

 The survey of 53 internet and technology experts saw seven different child
porn concerns ranked in the 10 most serious "netcrime" threats, with
grooming and possible stalking of children ranked as the top fear.

 In second place was the growing use of the internet for espionage by
corporate spies.

 Out of a total of 101 crime issues in the league table compiled by the
survey, 12 related to child porn.

 The top 10 rankings were:-

 1. Increased online grooming and possible stalking using the internet.

 2. Espionage by corporate spies.

 3. Increased access to paedophile content sold by organised criminals
through various online platforms.

 4. Use of online storage for paedophile images to bypass seizure of home
computers.

 5. Use of secure "peer to peer" technology for all types of paedophile
activity.

 6. Use of encryption for secure access to paedophile networks.

 7. Theft of personal digital assistants or mobile phones containing
personal information to commit fraud on the internet.

 8. Growing access to "real-time" child abuse on the web.

 9. Use of "peer to peer" technology for pirate activity.

 10. Grooming of children for abuse using advanced mobile phone technology.

 The study, entitled "The Future of Netcrime Now", said police were already
working to combat internet child porn and the issue's high media profile
may have contributed to its prominent place in the poll.

 "The Government, law enforcement and industry needs to 'gear up' their
capability to continuously look forward, attempting to identify new forms
of criminal technology misuse as soon as they emerge, or even before they
are seized upon by the criminal community," it concluded.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Blinky Rides Again: RCMP suspect al-Qaida messages

[R.A. Hettinga]

Lions and Tigers and Steganography, Nell...

For those of you without a program, here is the new, official, Horsemen of
the Infocalypse Scorecard:

At 3:14 PM -0400 10/3/04, R. A. Hettinga wrote:
>   Horseman Color  Character   Nickname
>
>1  TerrorismRedShadow  "Blinky"
>2  NarcoticsPink   Speedy  "Pinky"
>3  Money Laundering Aqua   Bashful "Inky"
>4  Paedophilia  Yellow Pokey   "Clyde"

Cheers,
RAH
---


 December 8, 2004

 RCMP suspect al-Qaida messages
By JIM BRONSKILL

 OTTAWA (CP) - The RCMP has warned its investigators to be on the lookout
for cleverly disguised messages embedded by al-Qaida in digital files
police seize from terror suspects.

 An internal report obtained by The Canadian Press gives credence to the
long-rumoured possibility Osama bin Laden's terrorist network and other
extremist groups are using a technique known as steganography to hide the
existence of sensitive communications.

 Steganography, from the Greek word stegos, meaning covered, and graphie,
or writing, involves concealing a secret message or image within an
apparently innocuous one.

 For instance, a seemingly innocent digital photo of a dog could be
doctored to contain a picture of an explosive device or hidden wording.

 "Investigators in the course of their work on terrorist organizations and
their members, including al-Qaida and affiliated groups, need to consider
the possible use of steganography and seek to identify when steganography
is known or suspected of being used," the report says.

 It recommends investigators consult the RCMP's technological crime program
for assistance, including "comprehensive forensic examinations" of seized
digital media.

 A heavily edited copy of the January 2004 report, Computer-assisted and
Digital Steganography: Use by Al-Qaida and Affiliated Terrorist
Organizations, was recently obtained from the Mounties under the Access to
Information Act.

 Among the material stripped from the document is information on how best
to detect, extract and view surreptitious messages.

 Steganography dates to before 400 B.C. The ancient Greeks hid messages in
wax tablets, while invisible inks have long been used to convey secrets.

 Simple computer-assisted steganography helps apply such traditional
methods in an electronic environment, the report notes. The messages may
also be scrambled using cryptography to prevent them falling into the wrong
hands.

 The RCMP seems especially concerned, however, about digital steganography
- the use of special computer programs to embed messages.

 "There now exist nearly 200 software packages which perform digital
steganography," the report says.

 A limited number of publicly available software tools are designed to
detect the use of steganography, but the "success rate of these tools is
questionable," the RCMP adds.

 Some only detect the use of specific software, while others are useful for
scouring only certain types of files in which the secret message may be
hidden.

 There have been numerous media reports in recent years that terrorist
groups, including al-Qaida, were using steganographic techniques.

 The phenomenon is "deeply troubling," said David Harris, a former Canadian
Security Intelligence Service officer now with Ottawa-based Insignis
Strategic Research.

 He suggested any delay in detecting disguised messages could be disastrous.

 "We're talking very often about time-sensitive issues: where is the bomb?
Who's operating in connection with whom?" he said.

 "On that kind of basis, this is really, really disturbing as a development."

 Harris also questioned whether western security agencies have sufficient
personnel and resources to uncover the messages.



-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: "Word" Of the Subgenius...

[R.A. Hettinga]

At 10:38 AM -0500 12/8/04, Steve Furlong wrote:
>anarchist

Bzzt wrong answer.

Must filter that *in*, thankewverramuch...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'