Re: AOL Help : About AOL® PassCode
On Tue, Jan 04, 2005 at 08:44:11PM +, Ian G wrote: | R.A. Hettinga wrote: | | http://help.channels.aol.com/article.adp?catId=6sCId=415sSCId=4090articleId=217623 | Have questions? Search AOL Help articles and tutorials: | . | If you no longer want to use AOL PassCode, you must release your screen | name from your AOL PassCode so that you will no longer need to enter a | six-digit code when you sign on to any AOL service. | | To release your screen name from your AOL PassCode | 1. Sign on to the AOL service with the screen name you want to | release from your AOL PassCode. | | | OK. So all I have to do is craft a good reason to | get people to reset their PassCode, craft it into | a phishing mail and send it out? Nope! All you have to do is exploit your attack and steal money in realtime. A securid has no way to authenticate its server, and what's really needed to stop phishing is server auth. Adam
Re: Blinky Rides Again: RCMP suspect al-Qaida messages
On Sat, Dec 11, 2004 at 10:24:09PM +0100, Florian Weimer wrote: | * R. A. Hettinga quotes a news article: | | There have been numerous media reports in recent years that terrorist | groups, including al-Qaida, were using steganographic techniques. | | As far as I know, these news stories can be tracked back to a | particular USA Today story. There's also been a bunch of stories how | a covert channel in TCP could be used by terrorists to hide their | communication. There's very good evidence that Al Qaida does *not* use strong crypto. I blogged on this at http://www.emergentchaos.com/archives/000561.html is was the first time I'd given such a talk since 9/11. It wasn't useful after we'd made the decision to stop hemorrhaging money by shutting down the Freedom Network. (That was May or June of 2001.) So I did a fair bit of reading about Al Qaeda's use of crypto. One of the more interesting techniques I found was the 'draft message' method. (http://www.jihadwatch.org/archives/002871.php) It seems consistent that Al Qaeda prefers being 'fish in the sea' to standing out by use of crypto. Also, given the depth and breadth of conspiracies they believe in, it seems that they might see all us cryptographers as a massive deception technique to get them to use bad crypto. (And hey, they're almost right! We love that they use bad crypto.) There's other evidence for this. In particular, the laptops captured have been exploited very quickly, in one case by a Wall St Journal reporter. So rumors of steganography or advanced crypto techniques have a burden of proof on them. And see the link there to Ian Grigg's http://www.financialcryptography.com/mt/archives/000246.html
Re: Academics locked out by tight visa controls
On Mon, Sep 20, 2004 at 10:03:57AM -0400, John Kelsey wrote: | Academics locked out by tight visa controls | U.S. SECURITY BLOCKS FREE EXCHANGE OF IDEAS | By Bruce Schneier | | I guess I've been surprised this issue hasn't seen a lot more | discussion. It takes nothing more than to look at the names of the | people doing PhDs and postdocs in any technical field to figure out | that a lot of them are at least of Chinese, Indian, Arab, Iranian, | Russian, etc., ancestry. And only a little more time to find out that | a lot of them are not citizens, and have a lot of hassles with respect | to living and working here. What do you suppose happens to the US | lead in high-tech, when we *stop* drawing in some large fraction of | the smartest, hardest-working thousandth of a percent of mankind? Those people don't get a vote. The politicians in question will be dead and gone before the slope of the curve changes anything. Why *would* we discuss it? Adam the cynic.
Re: Textual analysis
On Sun, Dec 14, 2003 at 10:36:02AM -0500, John Kelsey wrote: | Textual analysis correctly identified the author of _Primary Colors_, | though that was from a pretty small field of people with the right level of | inside knowledge. Does anyone know whether there have been real randomized | trials of any of the textual analysis software or techniques? E.g., is Not as far as I know, and I spent a bit of time reading through both Author Unknown, by Don Foster (who named Klien) and Analyzing for Authorship, by Jill Farringdon. Foster is an English professor, and reads the work under analysis, and then works by the potential authors. His technique would be described as intuitive, but the human brain has large power to make linkages. Analysing for Authorship, from the University of Wales press. Analyzing for Authorship really didn't strike me as better. It uses a technique called CUSUM, but the methodology and graphs (as I recall) vary from text to text, and neither I, nor Alice, who read the book for ZKS, wondering if we could build this stuff into a product, was very impressed by it. | It's not obvious to me how you'd change your writing style to defeat these | textual analysis schemes--would it really be as simple as changing the | average length of sentences and getting rid of the big words, or would | there still be ways to determine your identity from that text? I'm | thinking especially of long discussions of technical topics--if I wrote a | five page essay on what to look at when trying to cryptanalyze a new block | cipher, I think it would be hard to keep readers who knew me from having a | pretty good guess about the author, even if I tried changing terms, being | more mathematical and less conversational, etc. (Though this is more of a | problem with humans familiar with my writing style, rather than with | automated analysis.) So, the question boils down to economics. There's how much you need to communicate, how much someone is willing to spend to tag you, and how good their proof needs to be. I suspect that for most purposes, proof does not need to be very strong in relation to your need to communicate. That is, if Tricky Dick thinks you're Deep Throat, or Saddam thinks you're the guy who betrayed him, etc. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Freedomphone
http://www.wired.com/news/technology/0,1282,61289,00.html?tw=wn_tophead_7 We allow everyone to check the security for themselves, because we're the only ones who publish the source code, said Rop Gonggrijp at Amsterdam-based NAH6. Gonggrijp, who helped develop the software, owns a stake in Germany's GSMK. Alas, the phones are 3500 Euro a pair. At that price it is targeting executives, lawyers and bankers who regularly swap market sensitive information on mergers and lawsuits, and for whom privacy is worth paying for. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
FBI, Lackawanna, and lack of informers
http://www.nytimes.com/2003/10/12/nyregion/12LACK.html?hp=pagewanted=printposition= A very long article on the FBI and the 6 fellows in upstate NY who travelled the world to hang out with religious nutballs. One of the most interesting things about the case is that the FBI did not catch these folks; they were turned in by someone having second thoughts. That fellow, who then turned informer, is in jail anyway. Bad informer management, but no one asked me. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Mexifornia Driver's License
On Mon, Sep 15, 2003 at 04:07:02PM -0700, Bill Stewart wrote: | Tim May wrote: | http://vikingphoenix.com/immigration/davis_sign_illegal.htm | | Does anybody remember 10+ years ago when a Driver's License | wasn't quite a National ID Card or a Citizenship Credential Yeah. The real problem with all these other uses is that they create a negative feedback loop: the more useful the card is, the more people are motivated to get involved in fradulent issue, and the more rationalizations there are for DMV employees to engage in it. So we spend more and more to secure the cards, and the only people who win are the hologram manufacturers. Unfortunately, the people actually relying on the cards don't realize this as fast as the users of the system. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Your papers please [what color is John Gilmore?]
First answer: He's in red, no green, argggh! Second answer: We've changed the name of the program to ITAR so his lawsuit goes back to square 1! That's the plan! Third answer: CAPPS was just a clever distraction, the real program remains classified. Please step over here. Adam On Tue, Sep 09, 2003 at 02:27:23PM -0700, Bill Stewart wrote: | What color is John? He's Tie-Dyed, of course... | | You were expecting a single category they knew what to do with? | | Major Variola (ret.) wrote: | Most people will be coded green and sail through. But up to 8 | percent of passengers who board the nation's 26,000 daily flights will | be coded yellow and will undergo additional screening at the | checkpoint, according to people familiar with the program. An estimated | 1 to 2 percent will be labeled red and will be prohibited from | boarding. These passengers also will face police questioning and may be | arrested. | | http://www.washingtonpost.com/ac2/wp-dyn/A45434-2003Sep8?language=printer -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Anyone Remember Zero Knowledge Systems?
On Wed, Sep 10, 2003 at 11:32:29AM -0400, R. A. Hettinga wrote: | http://www.cryptonomicon.net/modules.php?name=Newsfile=printsid=455 | | Cryptonomicon.Net - | | Anyone Remember Zero Knowledge Systems? | Date: Wednesday, September 10 @ 11:15:00 EDT | Topic: Commercial Operations / Services | Unfortunately, they never quite made a compelling enough argument | for mass adoption of their system and eventually morphed the company | into a manufacturer or more conventional privacy tools. Freedom still | exists as a product, thought it is aimed at web users, only runs on | Windows clients, and routes requests through proxy servers owned by | Zero Knowledge Systems. Freedom Websecure is a different protocol set from Freedom.net. Websecure runs on linux, see http://websecure4linux.sourceforge.net/ The Freedom.net code is available for non-commercial use, see http://slashdot.org/articles/02/02/16/0320238.shtml?tid=158 or the shmoo group cvs server, http://cvs.shmoo.com/view/projects/freedom-server/ The problem with running Napster over Freedom was bandwidth costs. Users may be more willing to pay today, given the clear risk of paying $10,000 or more in fines. I'm sure that ZKS would be happy to sell someone a commercial use license. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: JAP back doored
On Tue, Sep 02, 2003 at 12:47:34PM -0700, Steve Schear wrote: | http://www.heise.de/newsticker/data/jk-02.09.03-005/ | | German police have searched and seized the rooms (dorm?) of one of the JAP | developers. They were on the look for data that was logged throughout the | period when JAP had to log specific traffic. The JAP-people say that the | seizure was not conform with German law. They suggest that the police was | afraid that they wouldn't gain the right to use this data before a normal | court. So they stole it to make things clear. And since the JAP team did | cooperate with them the previous time they now have the logs to get seized. | | I'll bet the logs weren't encrypted. Fools. That's the cool bit about playing by the law; they can ignore it, ruin people's lives, and then get a month off with pay while their actions are investigated. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Is it time to kill the JAP backdoor cretins and their families?
On Mon, Aug 25, 2003 at 08:27:20PM -0700, Len Sassaman wrote: | However, even when setting aside the issue that our understanding of the | math involved may be flawed, JAP quickly becomes less appealing choice | once the other factors are considered. | | University / government funded research relies on grants for its | existence. This makes the operators beholden to the source of grant funds. | It also eliminates an economic incentive to put users first. | | Private companies offering privacy/anonymity services are faced with a | direct correlation between revenue and delivery of such services. Should a | company like Anonymizer violate its stated privacy policy and misrepresent | its level of security, as JAP did, the results would be devastating to the | viability of the company. The JAP group, on the other hand, is facing | nothing more than a little bad PR and the loss of some users. (Many of | those 30,000 probably are unaware of the silent compromise of JAP | security). Much as we'd like reputational issues to rule, I think your final parenthetical is important. I would be willing to bet that Lance *could* take FBI money to rat out users without it reaching the userbase. I'd also be willing to bet that Lance *wouldn't,* but that bet would obviously be smaller. So, to the question of, is a private company better than a research lab? Probably. But could a privacte company comprimise its users without imploding? Probably. The right system is probably something like Tarzan, running low-latency traffic inside the file trading cloud. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: domestic terrorism, fat lazy amerikans ducks
John, you write like a Republican speechwriter on a bad trip. On Tue, Aug 26, 2003 at 12:45:55PM -0700, John Young wrote: | Nonshit, Robert, Ray's an organ-eating anarchist not a | vapid tea-sip socialist. A while back Ray yanked a | capitalist apologist's lawyer's cold dead dried nut heart | from behind a Kevlar diamond-studded vest and lipped | and tongued it like a lady's freeze-dried private then | swallowed it whole, burping at the lawyer never missing a | syllable in a diatribe against outlaws, yodeling in Harvard | Law speak that cyber jesse james are the worst evil in | the marketplace for riggers of such places.
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
Well, if you can't win on the truth, win on the procedures. At least Dr. Mercuri is in fine company there, ranging all the way back to Socrates and Galileo. Little consolation, I know, as our democracy gets replaced by a kleptocracy, but what can you do? Maybe she should set up stealdemocracy.com, a new voting machine company. Sell machines that explicitly let you steal elections. Get some press. Adam On Wed, Aug 06, 2003 at 11:08:38AM -0400, R. A. Hettinga wrote: | Notice they did this to Chaum, too... | | Cheers, | RAH | | --- begin forwarded text | | | Status: U | To: johnmac's living room [EMAIL PROTECTED] | Cc: Dave Farber [EMAIL PROTECTED] | From: John F. McMullen [EMAIL PROTECTED] | Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED] | Delivered-To: mailing list [EMAIL PROTECTED] | Date: Mon, 4 Aug 2003 23:31:49 -0400 (EDT) | Subject: [johnmacsgroup] Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections | Conference | | Computer Voting Expert Ousted From Elections Conference | | Lynn Landes | freelance journalist | www.EcoTalk.org | | Denver CO Aug 1 - Dr. Rebecca Mercuri, a leading expert in voting machine | security, had her conference credentials revoked by the president of the | International Association of Clerks, Records, Election Officials, and | Treasurers (IACREOT), Marianne Rickenbach. The annual IACREOT Conference | and Trade Show, which showcases election systems to elections officials, | is being held at the Adam's Mark Hotel in Denver all this week. | | Mercuri believes that her credentials were revoked because of her position | in favor of voter-verified paper ballots for computerized election | systems. I guess in a very troubling way it makes sense that an | organization like IACREOT, that supports paperless computerized voting | systems, which are secret by their very design, would not want computer | experts who disagree with that position at their meetings. | | Dr. Mercuri said that her credentials were approved for the first three | days of the conference. She attended meetings of other groups and visited | the exhibitors hall. But it was only on Thursday as she sat down to attend | her first meeting at the IACREOT that President Marianne Rickenbach took | Mercuri out of the room and told her that her credentials were being | revoked. Rickenbach said that Mercuri had not filled out the forms | correctly. Mercuri protested, but was refused reinstatement. | | David Chaum, the inventor of eCash and a member of Mercuri's | 'voter-verified paper ballot' group, had his credentials revoked on the | first day of the conference. On the second day his credentials were | partially restored. Chaum was allowed to visit the exhibitors hall, but | not attend the IACREOT meetings. | | Rickenbach was unavailable for comment as of this report. Mercuri can be | reached at the Adam's Mark Hotel through Saturday. | | --- | | | When you come to the fork in the road, take it - L.P. Berra | Always make new mistakes -- Esther Dyson | Be precise in the use of words and expect precision from others - |Pierre Abelard | Any sufficiently advanced technology is indistinguishable from magic |-- Arthur C. Clarke | Bobby Layne never lost a game. Time just ran out. -- Doak Walker | | John F. McMullen | [EMAIL PROTECTED] ICQ: 4368412 Fax: (603) 288-8440 [EMAIL PROTECTED] | http://www.westnet.com/~observer | NOYFB,P | | | | | | | Yahoo! Groups Sponsor -~-- | Buy Ink Cartridges or Refill Kits for Your HP, Epson, Canon or Lexmark | Printer at Myinks.com. Free s/h on orders $50 or more to the US Canada. http://www.c1tracking.com/l.asp?cid=5511 | http://us.click.yahoo.com/sO0ANB/LIdGAA/ySSFAA/XgSolB/TM | -~- | | To unsubscribe from this group, send an email to: | [EMAIL PROTECTED] | | | | Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ | | --- end forwarded text | | | -- | - | R. A. Hettinga mailto: [EMAIL PROTECTED] | The Internet Bearer Underwriting Corporation http://www.ibuc.com/ | 44 Farquhar Street, Boston, MA 02131 USA | ... however it may deserve respect for its usefulness and antiquity, | [predicting the end of the world] has not been found agreeable to | experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference
On Wed, Aug 06, 2003 at 01:49:26PM -0700, Steve Schear wrote: | At 11:54 2003-08-06 -0400, Adam Shostack wrote: | Well, if you can't win on the truth, win on the procedures. | | At least Dr. Mercuri is in fine company there, ranging all the way | back to Socrates and Galileo. Little consolation, I know, as our | democracy gets replaced by a kleptocracy, but what can you do? | | Maybe she should set up stealdemocracy.com, a new voting machine | company. Sell machines that explicitly let you steal elections. Get | some press. | | A better solution, already available to voters, is to request an absentee | voter form. If a substantial number of voters asked to vote this way it | would overwhelm the voting machinery and completely negate any cost savings | expected from the distrusted automated systems. Huh? Voters don't control the security of the voting system any more than we control the security of the credit rating/id theft system. And similarly, your choice to not play doesn't protect you. Tim's idea of using the voting system's security to accelerate the de-legitimization of the system is a fine one, although it has the risk that the statists will get awfully violent as we try to ignore them out of existance. I don't see how an absentee ballot is going to make anything any better. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: What shall we do with a bad government...
On Thu, Mar 20, 2003 at 10:57:12PM -0500, Tim Meehan wrote: | an okay economy but too many yuppies and climbers (and crappy pot). | Montreal is the best, but you're better off if you speak Freedom -- | and like hash. The local pharma retail business seems to be quite flexible in supplying regulars with whatever they demand. The trouble with being anonymous is that you're indistinguishable from a cop. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Fatherland Security measures more important than Bennetton tags!
On Sat, Mar 15, 2003 at 08:47:15PM +, Michael Shields wrote: | In article [EMAIL PROTECTED], | Adam Shostack [EMAIL PROTECTED] wrote: | (New York just | announced the abolition of tokens, making all subway travel | linkable.) | | The last time I was in New York, you could buy a Metrocard for cash. | As far as I know, there are no plans to change this. Sure. But I said linkable, not traceable. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Identification of users of payphones
On Fri, Mar 14, 2003 at 05:36:28PM +0100, Thomas Shaddack wrote: | Couple months ago, our local Telecom decided to switch over from | easy-to-emulate EPROM-based dumb smartcards (described at | http://www.phrack.com/show.php?p=48a=10 ) to Eurochip ones. Today seemed | a good day to learn more about them, so I sniffed around a bit (eg, | http://gsho.thur.de/phonecard/advanced_e.htm ) and stumbled over some data | that could have unpleasant implications. | | | In Europe, chip cards for paying in payphones are common. However, the | cards have serial numbers, usually assigned sequentially during the | manufacture. | | It is possible to keep track of the serial numbers vs shipments. The | phones may record (or even online-report (eg, for fraud prevention)) the | serial numbers of the cards used. Then it could be possible to list all | calls done from the same card, possibly indirectly identify the person who | made that call from a public payphone by matching their calling patterns. | It could be also possible to identify where and approximately when the | card was bought, putting more constraints to its owner's possible identity. | | I can't assess the real proportions of this threat, but it is another | thing to be aware of. Its possible, but expensive; this was done in the Tim MViegh trial; they linked all his calls, and then traced it to him. With computers, this gets easier and cheaper. Social network analysis is an obvious outgrowth of the traffic analysis NSA has been doing for 60 years. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Brinwear at Benetton.
On Fri, Mar 14, 2003 at 01:22:44PM -0500, Trei, Peter wrote: | You're not thinking this through. As the item goes through the door (in | either direction) the check is made Is this individual tag on this store's | 'unsold inventory' list?. If so, raise the alarm. The tags are not fungible; | they each have a unique number. When you purchase an item, it's tag | number is transfered from the 'unsold inventory' list to the 'Mike Rosing' | list, or, if no link to a name can be found, 'John Doe #2345'. | | As you walk up to the counter, the tag in your jockey shorts is read, | and you are greeted by name, even if you've never been in that store | before. People will find this spooky, and it will stop, but how much you've spent over the last year will still be whispered into the sales clerk's ear bug, along with advice the woman in the green jacket 12 feet from you spends an average of $1,000 per visit, go fawn on her. And remind her that the jacket is nearly a year old. Very last season. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Brinwear at Benetton.
On Thu, Mar 13, 2003 at 11:57:27AM -0500, Tyler Durden wrote: | If I build the mugger's little | helper, a PDA attachement that scans for real prada bags, then perhaps | the RFID tag will be removed at the counter after the first lawsuit. | | Nice! Possibly, it might not even be necessary for the Little Helper to | read the tag, only detect its presence. Counterfeit bags probably won't | have the tag, and if they do (and the copies are good enough), the mugger | won't care. We designed the Pickpocket's pal to detect large amounts of currency this way. It just helps you size up your victim, or at least size up their wad of cash. (There were some complications, because the tags do try not to chat at the same time, but hey, how well designed do you think a 10c item is?) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Stupid security measures, a contest
Human rights watchdog Privacy International has launched a quest to find the World's Most Stupid Security Measure. http://www.theregister.co.uk/content/55/29279.html -- It is seldom that liberty of any kind is lost all at once. -Hume
P4 Docs?
WASHINGTON, Jan. 2 ? A 19-year-old University of Chicago student was arrested in Los Angeles today and charged with stealing trade secrets from DirecTV, the nation's leading satellite television provider http://www.nytimes.com/2003/01/03/technology/03PIRA.html According to prosecutors, Mr. Serebryany sent hundreds of digital documents to three satellite pirate Web sites in September and October. For my archive of cryptographic information , I'd like to get copies of these docs. Anyone been able to find them? Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)
On Tue, Dec 31, 2002 at 09:49:28AM -0800, Kevin Elliott wrote: | At 12:12 -0500 on 12/31/02, Adam Shostack wrote: | Rummaging through my wallet...a grocery card in the name of Hughes, a | credit card with the name Shostack, and an expired membership card in | the name Doe. | | Interesting point on grocery cards... Why do they have your name at | all? Every grocery card I've ever gotten they've said here's your | card and application, please fill out the application and mail it | in. I say thank you ma'am, walk out the door and toss the | application in the trash. Not exactly strong (or any) name | linkage... Pollution. Cards without names can be purged, cards with names confuse them. Is that the same Mr. Hughes with Richard Nixon's SSN who seems to shop vegitarian in San Jose, but buys pork in large quantities in Oakland? And look, Mr. Clinton here lives at the same address... Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)
On Tue, Dec 31, 2002 at 01:21:52AM -0800, Bill Stewart wrote: | At 03:57 PM 12/19/2002 -0500, Adam Shostack wrote: | On Mon, Dec 16, 2002 at 04:56:12PM -0500, John Kelsey wrote: | | I think this would help, but I also think technology is driving a lot of | | this. You don't have to give a lot more information to stores today than | | you did twenty years ago for them to be much more able to track what you | | buy and when you buy it and how you pay, just because the available | | information technology is so much better. Surveilance cameras, DNA | | testing, identification by iris codes, electronic payment mechanisms that | | are much more convenient than cash most of the time, all these contribute | | to the loss of privacy in ways that are only partly subject to any kind | of | | government action (or inaction) or law. | | But you *do* have to provide a lot more information to your bank | than you used to, and to your mailbox company, and to the government-run | post-offices that can bully private mailbox companies around, | and to hotels, and to driver-safety-and-car-taxation enforcers, | and to airlines, because governments either require them to collect more, | or encourage them to collect more data, and to collect it in forms that | are easier to correlate than they have been in the past, What's information, Mr. Smith? If I walk in and say my name's John Doe, here's my cash, and there isn't any government ID, who can question me? | Yep. A lot of it, however, freeloads on the government certification | of identity. Without the legal threats, it would be much harder to | assemble the data. (Other things, like credit, also become much | harder. That may become less of an issue as id theft makes credit | visibly a two-edged sword. | | While some of it is freeloading on the identity certification, | much of it is done because it's so cheap to do so they might as well, | and it's cheap because of the government regulations | as well as because computation keeps getting radically cheaper. The cheap to do is freeloading. If you take all the government issued ID out of your wallet, how much of what's left has the same name on it? Rummaging through my wallet...a grocery card in the name of Hughes, a credit card with the name Shostack, and an expired membership card in the name Doe. If I pull out all three, the cost of doing it shoots way up, and I pay in cash. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Dossiers and Customer Courtesy Cards
On Tue, Dec 31, 2002 at 11:02:48AM -0800, Tim May wrote: | On Tuesday, December 31, 2002, at 09:49 AM, Kevin Elliott wrote: | | At 12:12 -0500 on 12/31/02, Adam Shostack wrote: | Rummaging through my wallet...a grocery card in the name of Hughes, a | credit card with the name Shostack, and an expired membership card in | the name Doe. | | Interesting point on grocery cards... Why do they have your name at | all? Every grocery card I've ever gotten they've said here's your | card and application, please fill out the application and mail it in. | I say thank you ma'am, walk out the door and toss the application | in the trash. Not exactly strong (or any) name linkage... | | * No store I have used has ever _checked_ that a name is valid...they | don't even care when my credit card or check says Timothy C. May but | my Customer Courtesy Card says J. Random Cypher, or Eric Hughes, or | Vlad the Impaler...or is just unattached to any name. And as you say below, checking that a name is valid is hard, except when you can free-load off the effort of the state to issue identities. Grocery stores don't bother, which was my point to Bill. Free-loading off the identity infrastructure of the state is a huge problem. Fair and Issac, Experian and the rest are parasites whose gossip/cross-referencing/credit scoring/libel is only possible because of the state's investment in identity cards. That problem is getting worse because none of that information is private, and many credentials, like drivers licenses, are very valuable in relation to how hard they are to get. And so identity theft, inability to get a mortgage, etc, will have to be balanced against al that cool credit that's made possible by the tracking system. In the end, it won't be worthwhile to many people to be finger and iris printed as part of their daily lives. Or maybe it will. Note that I'm not saying that they're easy to get: Thats irrelevant. Such things are more valuable to get then they are difficult, and will remain that way. Drivers licenses, trusted traveller cards, etc, will always be worth getting if you're a fraudster. Adam | * All in all, not a very interesting example of ID and tracking. Things | will get much more interesting, and worrisome, if there is ever a | national ID system (in the U.S.) and some kind of legislated | requirement (albeit unconstitutional!) that citizen-units must ID | themselves with valid ID for all purchases, or at least of certain | classes of purchases (beyond guns, for example). -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Constant Encrypted Stream
On Thu, Dec 19, 2002 at 10:10:25PM -0600, [EMAIL PROTECTED] wrote: | Nothing serious, just throwing a quick thought out... | | It has been mentioned that you should always use crypto. If you wait until | you actually have something private to send, then an adversary will know | exactly which message is important. Encrypting everything gives equal | suspicion to each message and nobody has the resources to attack all of your | mail. | | So, I was thinking that rather than just encrypt each message, why not just | keep a constant encrypted stream open? So, even when you are asleep, | computers at each node are bombarding each other with encrypted junk | files. Your noise to signal ratio would be phenomenal. | | The main problem to solve as I see it would be for legitimate recipients to | be able to determine when a message is real and not trash, without letting | an adversary know. And then there's economics. Someone has to pay for that noise to signal ratio. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: How robust is SpeakFreely?
On Sat, Dec 21, 2002 at 07:40:34PM +0100, Thomas Shaddack wrote: | | http://www.speakfreely.org/ is a nice, open-source cross-platfor VoIP | software. Supports encryption by DES, Blowfish, and IDEA. | | Had anyone knowledgeable ever looked at its code? How secure this | implementation is? Is better to use Blowfish or IDEA? Where are the | potential holes there? Use Blowfish, you avoid worrying about if you have to worry about patent issues. There are probably buffer overflows, and other problems with the code. But its probably no worse than other VOIP code, and is clearly more secure than code which doesn't encrypt. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: BigBrotherWare
On Thu, Dec 19, 2002 at 10:54:57AM -0800, Tim May wrote: | (Much has been made of how the Microsoft- and Intel-backed security | regimes will be opt in or voluntary. This seems dubious. It is | precisely the non-volunteers who these companies, and Hollywood, and | the Nation States, will be most concerned about. So I would expect this | opt in approach to not be the full picture.) Aww, c'mon, Tim! It'll be as voluntary as Clipper was! Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)
On Mon, Dec 16, 2002 at 04:56:12PM -0500, John Kelsey wrote: | At 12:53 PM 12/15/02 -0500, Adam Shostack wrote: | ... | I think that a law which re-affirmed the rights to be anonymous, to | call yourself what you will, to be left alone, to not carry or show ID | would transform the debate about privacy into terms in which the issue | could be solved. (At least as it affects private companies.) | Companies would be able to do what they want with your data as long as | you had a meaningful and non-coercive choice about handing it over. | | I think this would help, but I also think technology is driving a lot of | this. You don't have to give a lot more information to stores today than | you did twenty years ago for them to be much more able to track what you | buy and when you buy it and how you pay, just because the available | information technology is so much better. Surveilance cameras, DNA | testing, identification by iris codes, electronic payment mechanisms that | are much more convenient than cash most of the time, all these contribute | to the loss of privacy in ways that are only partly subject to any kind of | government action (or inaction) or law. | | The records are being created and kept by both government and private | entities. The question is whether to try to regulate their use (with huge | potential free-speech issues, and the possibility of companies being able | to, say, silence criticism of their products or services) or leave them | alone (with the certainty that databases will grow and continue to be | linked, creating pretty comprehensive profiles of almost everyone's | reading, musical, spending, and travel patterns, and with anyone who takes | serious measures to avoid being profiled having obvious gaps in their | profiles to indicate their wish for privacy in some area). Yep. A lot of it, however, freeloads on the government certification of identity. Without the legal threats, it would be much harder to assemble the data. (Other things, like credit, also become much harder. That may become less of an issue as id theft makes credit visibly a two-edged sword. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: [IP] Limits Sought on Wireless Internet Access (fwd)
On Tue, Dec 17, 2002 at 05:12:35PM -0800, Lucky Green wrote: | In other words, the new WaveLAN cards are shipping with a remote | off-switch held by minor government officials. Let's recap the | initiatives currently underway by both governments and major software | vendors: | | Remote disabling of your OS. | Remote disabling of your applications. | Remote disabling of your network connectivity. | Remote invalidation, if not downright alteration, of your digital | documents. | | I wonder what they'll announce next. Local disabling of your cynicism, in room 101. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Suspending the Constitution
On Wed, Dec 18, 2002 at 03:17:21PM -0800, Petro wrote: | On Sat, Dec 14, 2002 at 03:18:09PM -0800, Mike Rosing wrote: | On Sat, 14 Dec 2002, Tim May wrote: | Lincoln's notion that the Constitution is suspendable during a war, or | other emergency conditions, was disgraceful. Nothing in the | Constitution says that it is suspended when a President declares it to | be suspended. | Power is what power does. He got away with it, that's all that counts. | | Then the consitution is meaningless babble. The Volkh conspiracy blog had this Learned Hand quote recently: I often wonder whether we do not rest our hopes too much upon constitutions, upon laws and upon courts. These are false hopes; believe me, these are false hopes. Liberty lies in the hearts of men and women; when it dies there, no constitution, no law, no court can even do much to help it. While it lies there it needs no constitution, no law, no court to save it. The entirety is at http://www.criminaljustice.org/public.nsf/\ENews/2002e67?opendocument. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Short story?
On Mon, Dec 16, 2002 at 03:03:29PM -0800, Petro wrote: | Permanently behind on my email: | | On Sat, Nov 23, 2002 at 03:22:41PM -0500, Adam Shostack wrote: | I'm trying to remember details (author, title) of a short story that I | read once. Its main feature, or the one that's standing out in my | mind, is the obsessive hacker who studies a target to figure out his | password, at which he only has one guess. The zinger is that the very | security concious target has selected that password as a booby trap, | and there's a second password which our hacker doesn't have. | Does this ring a bell for anyone? | | Yes--except that the password wasn't a booby trap, what the user did | was to aways enter a wrong password first, then the right password. | | In the story the password guesser was an adult in (IIRC) a 5 year | olds body, and his partner in this crime had his brain burned out by | certain Organized Crime individuals who were not happy with the | passports the password theft made possible. | | It was either in an anthology of William Gibsons work, or in an | anthology of cyberpunk stuff from the 80s or early 90s. | | Sorry I can't remember any more. Dogwalker, Orson Scott Card. But thanks! Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)
On Sun, Dec 15, 2002 at 12:22:30PM -0500, Declan McCullagh wrote: | EPIC is in favor of using technologies to limit the information that | people disclose. It is in favor of limiting law enforcement [...] | But EPIC sharply diverges with some cypherpunks over the question of | what regulations should be imposed on private entities. It supports -- | may even be the most vocal supporter -- of laws telling you, in Tim's | words, you must forget someone's previous commercial interactions with | you past a certain date. It supports broad and intrusive regulations | aimed at companies' data collection and use practices. It would like | to establish a European-style (not exactly the same, perhaps, but | close) data protection regime in the U.S., despite all the free | speech problems we've seen with it in Europe: I think the issue of data protection vs privacy goes deeper than free speech. It falls back to Americans being willing to express their distrust than most Europeans. American privacy law derives from the 1st and 4th amendments: Congress shall make no law, be secure in their persons and papers... However, there is no modern American privacy law which talks about anonymity, the right to be left alone, or information self-determination (ironically, a German phrase.) Its all based on the assumption that privacy law is about fair information sharing, rather than American-style suspicion of information sharing. I think that a law which re-affirmed the rights to be anonymous, to call yourself what you will, to be left alone, to not carry or show ID would transform the debate about privacy into terms in which the issue could be solved. (At least as it affects private companies.) Companies would be able to do what they want with your data as long as you had a meaningful and non-coercive choice about handing it over. As you point out, this won't solve the issue of coercive government programs which require ID, or the creeping uses of that data as authorized by law. But the fundamental, underlying issue is that data protection law is un-American, and all the new that claim to protect privacy (GLB, HIPAA, DMCA) are really data protection laws. They contain an assumption that some level of data sharing is fair and necessary. Those levels are determined by back-room deal making between interest groups, and the public is rarely represented. (There's a lot of standard analysis of regulatory capture, public policy making a la Mancur Olsen, etc that applies here.) This causes everyone a lot more pain than is really needed. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Gilmore's response
On Fri, Dec 13, 2002 at 02:47:37PM -0800, Steve Schear wrote: | Dare you to do this with your Groucho glasses on :-) | | Oh, you saw me at RSA, eh? (Last year I guess it was, the RSA's staff | allowed me to be photo ID'd wearing them as long as I promised to wear them | on the show floor, which I did). I think I still have them. I'd be up for | it. In one of their books, Penn and Teller suggest gluing a small bit of red foam to an ID over your nose. Then as you hand over the ID, slip a clown nose on, and continue as if nothing had happened. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Fri, Dec 13, 2002 at 08:17:27AM -0800, Mike Rosing wrote: | All represive regiemes are short lived in a historical context. | Living thru them is hell. This one has already begun a rather | interesting hypocrisy - they say they support gun ownership, but | they have no problem with letting the courts say the opposite. | So far they are picking their targets small enough that the masses | aren't actually worried that they will be next. But to take total | control, they will have to scare the masses in a more effective way. | And it's unlikely that they will be able to scare them into | giving up weapons. And that's the point of an armed citizenry, | to overthrow represive regiems. | | When we can't vote, we can fight. So far the number of horror | stories is small. But when everyone has a personal friend or | relative that's been shot, abused, tortured or even just roughed | up - then they'll know they might be next. And they might vote to change | things. So from a purely machivellian perspective, the faster | they become more repressive and the more people they harm, | the faster things will change. | | We just have a few years of hell to go thru, that's all. Your comments remind me greatly of the Gulag Archipeligo, especially the bits about those crushed early after the revolution. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Gilmore's response
On Fri, Dec 13, 2002 at 10:15:22AM -0800, Steve Schear wrote: | At 12:43 PM 12/13/2002 -0500, you wrote: | Gilmore's legal response to secret laws, etc. | | http://cryptome.org/gilmore-v-usa-god.htm | | I have a possible trip coming up soon. I intend to have my tickets | purchased by a third party and fly under an assumed name (maybe Tyler | Durden ;-) I will carry no ID on my person. Perhaps there is now a need to | have large numbers of refusnik travelers assume the same nom de avion | identity. Sort of like the Killroy in WW II. Let us know how it goes. Duncan would doubtless argue that there are already large numbers of travellers using assumed names, including migrant mexican workers, US government employees, terrorists, actors and actresses, etc. The immigration laws have done a good job of making it easy to get quality secondary id. The response of the apparatchiks is to increase the penalties until we're all cowed, like they did in the old war on drugs. Adam PS: Current news in Canada includes the gun registry having undergone a 12x cost overrun, and its not clear what will happen to it. A large reason for the overruns have been people making mistakes in filling out the complex forms, and thus slowing down implementation. http://cbc.ca/stories/2002/12/12/guns011212 I think its time for me to go get a gun permit, and help the proces along. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Gilmore's response
On Fri, Dec 13, 2002 at 10:54:06AM -0800, Marshall Clow wrote: | At 1:38 PM -0500 12/13/02, Adam Shostack wrote: | PS: Current news in Canada includes the gun registry having undergone | a 12x cost overrun, and its not clear what will happen to it. A large | reason for the overruns have been people making mistakes in filling | out the complex forms, and thus slowing down implementation. | http://cbc.ca/stories/2002/12/12/guns011212 | | I think its time for me to go get a gun permit, and help the proces | along. | | Adam - | | The article that you linked to claims that the projected cost of the | gun registry was $2 million, and the actual cost was (so far) $680 million. | | That's a bit more than 12x :-) Yeah, that was a marketing claim as they put the program forward, as I recall. The original budgeted number was 85 million, and current projections are that it will cost upwards of a billion to complete. Of course, I could be totally off. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Torture done correctly is a terminal process
On Wed, Nov 20, 2002 at 04:30:42PM -0800, Tim May wrote: | On Wednesday, November 20, 2002, at 12:49 PM, dmolnar wrote: | | On Wed, 20 Nov 2002, Tyler Durden wrote: | | to have a big jpg of a hand with middle finger extended...) More than | this, | they will have unknowingly destroyed the real data. (Perhaps a 3rd | key is | needed that DOESN'T destroy the original data, just 'hides' it a la | Rubberhose.) | | The question I've seen asked about this is then -- how do you get them | to | stop beating you? If they know you might have some number of duress | keys, | one of which might undetectably hide the data, what stops them from | beating you until | | 1) you give them a key that shows them what they want to see | 2) you die | | Maybe this isn't that different from the ordinary unencrypted case, | where | if they don't find it on your HD they can accuse you of burying disks | in | the backyard or something. Or is the goal protecting the data and not | protecting your life? | | From my reading of tradecraft, as practiced by SAVAK, MOSSAD, GRU, | etc., there is rarely anything to be gained by letting the target of | torture survive. If he or she survives, she screams to the newspapers, | 60 Minutes, etc. There's also rarely anything to be gained from torture, as people will invent all sorts of crap to get out from physical pain. | The United States draws heavily on Israel for torture methods, as their | methods come from some of the best torturers the world has ever seen, | their teachers at Auschwitz and Berlin Central. The Russians, Americans and I believe others have moved from physical to psychological methods which have proven to work better than actual physical pain. I recall reading a story on Abdul Murad, the Al Qaeda member arrested in 1995 in the Philipines, where the way they finally got him to talk ws threatening him with being turned over to the Israelis. http://www.opinionjournal.com/editorial/feature.html?id=95001363 The Russians reputedly used sensory deprivation as a means of convincing western spies to talk. 24 to 48 hours in a tank broke nearly anyone. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: (Being able to) sell votes
On Mon, Nov 18, 2002 at 07:02:40AM -0800, Mike Rosing wrote: | On Mon, 18 Nov 2002, Tyler Durden wrote: | | Me, I don't like the idea of people actualy selling votes, but I think I | like the idea of people BEING ABLE to sell their votes. | | But then votes are property, and property can be transfered, so | you could sell your vote from your will, and dead voters could | be very powerful :-) If I were Bill Gates, I'd like the idea too. Ross Perot demonstrated that you can buy your way into an election now. Maybe we should just admit that that's the case. Could it be worse than the unofficially sold elections and gerrymandered districts we have now? Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Workshop on HCI and Security at CHI2003
I think that the intersection of usability and security is of tremendous import, and wanted to share an under-advertised sort of workshop announcement: http://www.acm.org/sigchi/ The conference home page is http://www.chi2003.org/ The workshop page is http://www.iit.nrc.ca/~patricka/CHI_2003/HCISEC/workshop.html I thought that the workshop info would be accessible from the conference site, but that appears not to be the case (at least not yet). Feel free to forward the URL to anyone else you think might be interested. Since it's at CHI, I expect we'll get plenty of people from that community, but we also really want attendees from the security community as well. - Chris
Re: Workshop on HCI and Security at CHI2003
Since posting, I got a better web page: http://www.iit.nrc.ca/~patricka/CHI2003/HCISEC/index.html Adam On Mon, Nov 11, 2002 at 09:54:51AM -0500, Adam Shostack wrote: | I think that the intersection of usability and security is of | tremendous import, and wanted to share an under-advertised sort of | workshop announcement: | | http://www.acm.org/sigchi/ | | The conference home page is | | http://www.chi2003.org/ | | The workshop page is | | http://www.iit.nrc.ca/~patricka/CHI_2003/HCISEC/workshop.html | | I thought that the workshop info would be accessible from the | conference site, but that appears not to be the case (at least not | yet). | | Feel free to forward the URL to anyone else you think might be | interested. Since it's at CHI, I expect we'll get plenty of people | from that community, but we also really want attendees from the | security community as well. | | - Chris | | - | The Cryptography Mailing List | Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Photos in transport plane of prisoners: Time for eJazeera?
On Sat, Nov 09, 2002 at 08:10:22PM -0800, Mike Rosing wrote: | As long as there are people in the military who are willing and able to | inform us on what they are *really* doing, we actually can feel pretty | comfortable with their missions. It's gonna take a full polilce state | to prevent the dissemination of this kind of info. A full police state can't prevent anything, it can just make some things less common. For example, samizdat in the USSR still got copied and passed around. Drug use is a problem in US prisons. Etc. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: What email encryption is actually in use?
On Sun, Nov 03, 2002 at 11:23:36AM -0800, Tim May wrote: | I think most users, even casual ones, would accept this advice: | | Look, encrypted text is just a rearrangement of text. Compose your | message in whatever editor or word processor you want, apply the | encryption directly to that text, then paste in or otherwise send that | new text out. Expecting encryption to be closely tied in to to | ever-changing mailers, word processors, news readers, and multiple | iterations of OSes, is just too big a chore for developers to keep up | with. Most users think text comes in colors, and don't understand why documents produced by MS Word are different from text. This is inevitable as we shift towards a world of ubiquitous computing: The average user understands less and less. To put it another way, if most users could accept that advice, most of my business email would be encrypted after someone sent me an NDA. The person cares about confidentiality, but doesn't know how to achieve it, and doesn't understand why its not in their mailer. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Integrated crypto sounds useful, but it's fragile and ultimately a lose
On Sun, Nov 03, 2002 at 12:41:11PM -0800, Tim May wrote: | To expand on this point a bit, I suspect one of the main reasons people | who once used PGP stop using it, either privately or at corporations | (as we have heard folks here testify about), is because something | changes and things break. | | They upgrade their OS, they get a new release of a mailer, and things | break. And they don't have the time, energy, or inclination to track | down all of the little gotchas that may have cause things to break. I | know this happened to me several times over the years with various | versions of PGP, Eudora, and Mac OS 7, 8, and 9. These breaks have three causes: 1) changes in the PGP 'api,' 2) changes in the OS causing PGP to break, 3) changes in PGP causing it to not interoperate. My experience (mostly on unix) says that 1 and 3 are responsble for far more problems than 2. That is to say, PGP beaks because it isn't stable, not because the OS or apps aren't stable. PGP API changes used to be explainable by the need to do something else not previously thought of. Now it seems to be fashionable to make changes in minor versions (gpg 1.06 to 1.07 for example, changed a bunch of things, rather than holding them back to 1.2) PGP developers need to recognize this and make their APIs stable. Changes in PGP are of two forms: First is message encoding (PGP/Mime, x-application-pgp, what have you. Those seem to be fewer in number, although I still don't know if mutt's default encoding is right or not. The second was the penchant of PGP to add new algorithms for first patent and then speed reasons. Patent reasons are understandable, but the speed of PGP was never enough reason to add CAST and make it a default. So, almost all of these reasons are things that fall under the control of people doing development, who need to understand that their choices (new algorithms, new APIs, new message formats) are making it too much of a bother to get even half-decent message privacy. They don't have a lot to do with the mailers, newsreaders, or OS changes that are outside developers control. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Confiscation of Anti-War Video
On Wed, Oct 30, 2002 at 10:32:17AM -0500, Sunder wrote: | It's interesting to see how much stuff that was in the interest of | national security being declassified and available after 50 years. Lots | of cool stuff on the history channel lately. I wonder what evil will | surface fifty years from now on the history channel about the | present? (Assuming that we don't actually turn into a dictatorship of | course... grand assumption that.) You mean remain? There are multiple American citizens being held on nothing more than the order of the President. There are restrictions on free speech, free assembly, etc, etc. | It is seldom that liberty of any kind is lost all at once. | -Hume | | Except in the case of national security and terrorist acts? Hmmm, we used | to have the four horsemen of the apocalypse. I guess the horseman of | terror has become the meta-horseman. I stand by Hume. Such losses are indeed seldom. Little insidious losses are far more common. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Confiscation of Anti-War Video
On Mon, Oct 28, 2002 at 04:13:31PM -0500, Trei, Peter wrote: | Actually, the DoT has already ruled positively that one fuel cell from | Polyfuel | can be carried on board. They appear to have a cartridge for the methanol, | similar to a ink cartridge. It's a pity it's methanol - I want to be able to | tell | the stewardess Bring me a double Absolut! My laptop is running low! | Even if this company turns vaporware, others won't. The rules, Mr. Trei, are what we say the rules are. Now you will be taking hold of your ankles without further delay! (Changing the rules on a regular basis has some security value, as it makes it likely that plans will be ruined. But it has the cost that passengers can't plan..) But as anyone who has ever tried flying without ID knows, the rules are not rules, employees are not trained on them, and a little social engineering went a long way. PS: http://www.apfa.org/public/articles/News-Events/STUPID_RULES.HTML Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: internet radio - broadcast without incurring royalty fees
On Fri, Oct 25, 2002 at 02:37:32AM +0100, Adam Back wrote: | Seems to me this would pass current IP laws because it is like a radio | station which broadcast the name of a song and the user is expected to | insert the CD in his player and play along to keep up with the | commentary, only automated and with open APIs for the load and play | this CD track instructions so people can hook it up to whatever is | convenient to them. Sounds like it will sound like contributory infringement and 100k in legal costs to RIAA. Happy fun court is not amused. But I am. -- It is seldom that liberty of any kind is lost all at once. -Hume
QuizID
http://news.bbc.co.uk/2/hi/technology/2334491.stm and www.quizid.com A credit-card sized device, which could potentially be issued to thousands of citizens, is being heralded as a major breakthrough in the search for establishing secure identification on the internet. ... Users are issued with a card and a personal code, based on a set of colour keys on the card. Each time they wish to conduct a secure transaction, they punch in the colour code and a random number is generated. The card works in conjunction with the Quizid vault - a large collection of computers that can process 600 authentications per second. The system cost millions of pounds to develop. (Oooh! six hundred! Impressive! :) I don't see anything on their site about the technology, but I do question if 4 colored buttons, with a probable pin length of 4-6, is worth 10-70 pounds per year..For that price you can get securid cards, which aren't nearly as pretty, but that's nothing Ideo couldn't fix in a week. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: QuizID?
On Thu, Oct 17, 2002 at 02:39:55PM -0400, Rich Salz wrote: | Marc Branchaud wrote: | Any thoughts on this device? At first glance, it doesn't seem | particularly impressive... | | http://www.quizid.com/ | | Looks like hardware S/Key, doesn't it? | | If I could fool the user into entering a quizcode, then it seems like I | could get the device and the admin database out of sync and lock the | user out of the system. Aww, Rich, that trick never works! More seriously, most of the vendors will search forwards and back through the expected codes to make the attack less likely to work. (If authentication is centralized, searching backwards may not be a security risk.) I think the most interesting part of this is the unit looks cool, and its spun slightly differently than other tokens have been. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Recent arrests..
Prosecutors also argued that one of the suspects, Shafal Mosed, was suspicious because he had 11 credit cards in different names and two social security cards in different names in his wallet when arrested. His attorney, Patrick Brown, said Mosed merely had his own social security card, his brother's social security card and the credit cards of his wife, his brother and his mother. So what's sinister about that? Brown said. http://www.newsday.com/news/nationworld/nation/wire/sns-ap-attacks-suspects1004oct04,0,3820804.story?coll=sns-ap-nation-headlines -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: What email encryption is actually in use?
On Wed, Oct 02, 2002 at 09:12:47PM +0100, Ben Laurie wrote: | Adam Shostack wrote: | On Wed, Oct 02, 2002 at 04:54:54PM +0100, Ben Laurie wrote: | | Lucky Green wrote: | | I also agree that current MTAs' implementations of STARTTLS are only a | | first step. At least in postfix, the only MTA with which I am | | sufficiently familiar to form an opinion, it appears impossible to | | require that certs presented by trusted parties match a particular hash | | while certs presented by untrusted MTAs can present any certificate they | | desire to achieve EDH-level security. | | | | This is probably a stupid question, but... why would you want to do this? | | So that your regular correspondants are authenticated, while anyone | else is opportunisticly encrypted. | | ??? How does checking their MTA's cert authenticate them? What's wrong | with PGP sigs? Consistency with last time. Whats wrong with PGP sigs is that going on 9 full years after I generated my first pgp key, my mom still can't use the stuff. Sure, you and I can use PGP, but by and large, people don't bother. So lets look at a technology that's getting accepted, and improve it slowly. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: What email encryption is actually in use?
On Wed, Oct 02, 2002 at 04:54:54PM +0100, Ben Laurie wrote: | Lucky Green wrote: | I also agree that current MTAs' implementations of STARTTLS are only a | first step. At least in postfix, the only MTA with which I am | sufficiently familiar to form an opinion, it appears impossible to | require that certs presented by trusted parties match a particular hash | while certs presented by untrusted MTAs can present any certificate they | desire to achieve EDH-level security. | | This is probably a stupid question, but... why would you want to do this? So that your regular correspondants are authenticated, while anyone else is opportunisticly encrypted. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Real-world steganography
On Mon, Sep 30, 2002 at 07:31:19PM -0700, Paul Krumviede wrote: | --On Tuesday, 01 October, 2002 13:54 +1200 Peter Gutmann | [EMAIL PROTECTED] wrote: | | I recently came across a real-world use of steganography which hides extra | data in the LSB of CD audio tracks to allow (according to the vendor) the | equivalent of 20-bit samples instead of 16-bit and assorted other | features. According to the vendors, HDCD has been used in the recording | of more than 5,000 CD titles, which include more than 250 Billboard Top | 200 recordings and more than 175 GRAMMY nominations, so it's already | fairly widely deployed. ... | i've seen comments in reviews of professional CD mastering | gear that there are other, seemingly preferred, technologies, | although i've never found details of them. The two that spring to mind are HDCD and XRCD. I'd never dug into how they're recorded, being much more interested in playing with things closer to the output stage, like speaker resonance control and electrical hum elimination... Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Random Privacy
On Sat, Sep 21, 2002 at 10:29:16AM -0700, Tim May wrote: | On Saturday, September 21, 2002, at 09:29 AM, Tim May wrote: | | Not a new idea. Ted Nelson (IIRC) wrote about using coin flips to | randomize AIDS poll questions. (Have you engaged in unprotected sex? | Flip a coin and XOR it with your actual answer.) I remember talking to | Eric Hughes, Phil Salin, and others around 1990-91 about this. | | (However, IBM is probably busily copyrighting their new invention, | just as Intel copyright their recent invention of the anonymous | remailer.) | | I meant patented in both cases. | | Part of the continuing idiocy of our patent system, when obvious prior | art going back more than a decade counts for nothing in the blizzard of | patents. Worse, patent attorneys tell me that pointing out prior art while a patent is being 'prosecuted' tends to weaken your case against it later if the patent examiner doesn't reject the thing whole cloth, because now the prior art has been considered. The one obvious part of the answer is to raise the cost of getting patents such that its worth the time of regular filers to consider if they want the patent, and such that patent examiners are paid well enough that they don't all leave in 3 years. (I say regular filers because there may be a good argument that small inventors should not be shut out of the system. Of course, they already are, because its close to impossible, even for an experienced practitioner to avoid any mistakes these days, which is why you often see half a dozen closely related patents on the same invention.) For example, IBM is granted something on the order of 1000 patents per year. The cost to them? A few million dollars. If the cost on the 50th patent was a million bucks, then perhaps they'd abuse the system less. I don't think Edison ever got 50 patents in a year, and lord knows he was more inventive than all of IBM. :) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Random Privacy
On Sat, Sep 21, 2002 at 11:08:54AM -0400, Greg Vassie wrote: | Interesting little article from | http://pass.maths.org.uk/issue21/news/random_privacy/index.html: | | Excerpt: | Right now, the rate of falsification on Web surveys is extremely high, | says Dr Ann Coavoukian, the commissioner of information and privacy in | Ontario, U.S.A. People are lying and vendors don't know what is false [or | what is] accurate, so the information is useless. | | As a resident of Ontario, Canada, I'm quite surprised to learn that | Ontario has been annexed by the United States. Randomized geography. :) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Random Privacy
On Sat, Sep 21, 2002 at 01:15:18PM -0700, AARG!Anonymous wrote: | Greg Broiles wrote about randomizing survey answers: | | That doesn't sound like a solution to me - they haven't provided anything | to motivate people to answer honestly, nor do they address the basic | problem, which is relying on the good will and good behavior of the | marketers - if a website visitor is unwilling to trust a privacy policy | which says We'll never use this data to annoy or harm you, they're | likely to be unimpressed with a privacy policy which says We'll use | fancy math tricks to hide the information you give us from ourselves. | | That's not going to change unless they move the randomizing behavior | off of the marketer's machine and onto the visitor's machine, | allowing the visitor to observe and verify the correct operation of | the privacy technology .. which is about as likely as a real audit of | security-sensitive source code, where that likelihood is tiny now and | shrinking rapidly the closer we get to the TCPA/Palladium nirvana. | | | On the contrary, TCPA/Palladium can solve exactly this problem. It allows | the marketers to *prove* that they are running a software package that | will randomize the data before storing it. And because Palladium works | in opposition to their (narrowly defined) interests, they can't defraud | the user by claiming to randomize the data while actually storing it | for marketing purposes. No, it allows security geeks to talk about proof. My mom stil won't get it. Pd doesn't allow you to prove that there's no sniffer doing other things with the data, that nothing is logged at the wrong time, etc If you really want to randomize the data, do it close to me. Or better yet, run some software from Credentica and accept a proof of whatever data is in question. But the reality is that people hand over most of their data now. So why would I invest in this expensive technology? (Mike Freedman, Joan Feigenbaum, Tomas Sander and I did a paper which touches on the power imbalance between the companies that offer DRM technology and their customers...same analysis applies here... http://www.homeport.org/~adam/privacyeng-wspdrm01.pdf ) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Mitigating Dangers of Compromised Anonymity
On Sat, Aug 31, 2002 at 12:12:16AM -0700, Meyer Wolfsheim wrote: | On Fri, 30 Aug 2002, Adam Shostack wrote: | | I'd like to suggest that while this may be fun, usability and getting | millions of users to see that remailers are useful to them is a more | useful goal. | | I agree, although I fail to see how working on this would interfere with | that goal in any way. Scarce resources (programmer time) go to this, not that. Given the small pool of people writing code, I'd like to try to convince them to write code that I think is more useful. I'd write it myself, but that just makes work for someone who says My god, I need to re-write this! ;) | The anonymity set provided by the current extant systems is too small | to protect anyone against anyone who is willing to kill or disappear | people as part of their attacks against the remailers. | | I find this disbelievable. I suspect there are many groups which do not | have the capability of defeating the remailer system who would still like | to see it eliminated. Willingness to kill or disappear people isn't | necessarily tied to technical capability, though I agree that entities | which can defeat the remailer network without disappearing anyone are | unlikely to pose a threat to the remops. If our goal is to make remailers | harder to defeat, however, beforehand might be the right time to address | the problem of missing remailer operators. Sorry, I think you missed my point a little. Let me explain, then I'll respond to what you said. If Charlie is willing to kill someone to achieve his goals, then he is pretty dedicated. He may be able to trade that willingness to commit violence for technical help, etc. I agree that there are groups who might not be able to defeat the remailer system who'd like it to go away, but its not clear to me how many of them would go to the extent of kidnapping or killing a remailer operator to achieve the goal of getting rid of the remailer system. | (Incidently, I could see this having uses outside the remailer operator | world.) So? | Oh, yeah, and incidentally, if you build this system, the attacker can | simply add a bit of rubber hosing to their remop elimination program. | | To pry the signing key out of the victim? That's a personal how much | torture can I take question for the victim to ask himself. He knows he'll | be permanently disappeared after coughing up the private key. | | In many cases also it might be far harder to rubber-hose someone than | simply cause an accident. True, but how many groups are willing to go that far? Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Backround checks are more important than education...
http://news.bbc.co.uk/2/hi/uk_news/education/2229196.stm Thousands of teachers will not be able to take classes at the start of the new term because character checks on them will not have been completed, the government has admitted. [...] Leicestershire was one of the first areas of the country to be affected by the vetting backlog as pupils returned to school last Thursday, with schools being told to turn away teachers who had not yet been checked. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: employment market for applied cryptographers?
On Sun, Aug 18, 2002 at 01:46:09AM -0400, dmolnar wrote: | | | On Sat, 17 Aug 2002, John Kelsey wrote: | | Also, designing new crypto protocols, or analyzing old ones used in odd | ways, is mostly useful for companies that are offering some new service on | the net, or doing some wildly new thing. Many of the obvious new things | | I agree with this as far as crypto protocols go. But one thing to keep | in mind is that almost all protocols impact security, whether their | dsigners realize it or not. Especially protocols for file transfer, print | spooling, or reservation of resources. most of these are designed without | people identifying them as crypto protocols. | | Another thing that makes it worse -- composition of protocols. You can do | an authentication protocol and prove you're you. Then what? Does that | confer security properties upon following protocols, and if so what? Why does the CEO care? Is it economic to answer these questions? Do these questions terminate or go on forever? Do good security experts ever say its secure? Or do we keep finding new and better holes that require more engineering work to fix? As Eric used to say, all security is economics. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: employment market for applied cryptographers?
Hey, this is off-topic for DRM-punks! ;) more seriously: I think the fundamental issue is that crypto doesn't really solve many business problems, and it may solve fewer security problems. See Bellovin's work on how many vulnerabilities would be blocked by strong crypto. The buying public can't distinguish between well implemented and poorly implemented crypto; the snake oil faq has helped a lot, but now you need to distinguiish between well and poorly coded AES. Is there a business case for doing so, or should you just ship crap? AdamS On Fri, Aug 16, 2002 at 02:23:05AM +0100, Adam Back wrote: | On the employment situation... it seems that a lot of applied | cryptographers are currently unemployed (Tim Dierks, Joseph, a few | ex-colleagues, and friends who asked if I had any leads, the spate of | recent security consultant .sigs, plus I heard that a straw poll of | attenders at the codecon conference earlier this year showed close to | 50% out of work). | | Are there any more definitive security industry stats? Are applied | crypto people suffering higher rates of unemployment than general | application programmers? (From my statistically too small sample of | acquaintances it might appear so.) | | If this is so, why is it? | | - you might think the physical security push following the world | political instability worries following Sep 11th would be accompanied | by a corresponding information security push -- jittery companies | improving their disaster recovery and to a lesser extent info sec | plans. | | - governments are still harping on the info-war hype, national | information infrastructure protection, and the US Information Security | Czar Clarke making grandiose pronouncements about how industry ought | to do various things (that the USG spent the last 10 years doing it's | best to frustrate industry from doing with it's dumb export laws) | | - even Microsoft has decided to make a play of cleaning up it's | security act (you'd wonder if this was in fact a cover for Palladium | which I think is likely a big play for them in terms of future control | points and (anti-)competitive strategy -- as well as obviously a play | for the home entertainment system space with DRM) | | However these reasons are perhaps more than cancelled by: | | - dot-com bubble (though I saw some news reports earlier that though | there is lots of churn in programmers in general, that long term | unemployment rates were not that elevated in general) | | - perhaps security infrastructure and software upgrades are the first | things to be canned when cash runs short? | | - software security related contract employees laid off ahead of | full-timers? Certainly contracting seems to be flat in general, and | especially in crypto software contracts look few and far between. At | least in the UK some security people are employed in that way (not | familiar with north america). | | - PKI seems to have fizzled compared to earlier exaggerated | expectations, presumably lots of applied crypto jobs went at PKI | companies downsizing. (If you ask me over use of ASN.1 and adoption | of broken over complex and ill-defined ITU standards X.500, X.509 | delayed deployment schedules by order of magnitude over what was | strictly necessary and contributed to interoperability problems and I | think significantly to the flop of PKI -- if it's that hard because of | the broken tech, people will just do something else.) | | - custom crypto and security related software development is perhaps | weighted towards dot-coms that just crashed. | | - big one probably: lack of measurability of security -- developers | with no to limited crypto know-how are probably doing (and bodging) | most of the crypto development that gets done in general, certainly | contributing to the crappy state of crypto in software. So probably | failure to realise this issue or perhaps just not caring, or lack of | financial incentives to care on the part of software developers. | Microsoft is really good at this one. The number of times they | re-used RC4 keys in different protocols is amazing! | | | Other explanations? Statistics? Sample-of-one stories? | | Adam | -- | yes, still employed in sofware security industry; and in addition have | been doing crypto consulting since 97 (http://www.cypherspace.net/) if | you have any interesting applied crypto projects; reference | commissions paid. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Signing as one member of a set of keys
Of course, the paranoid amonsgt us now believe that Mr. Back wrote the code, and is engaging in a little misdirection below. Thanks for making the analysis easy! ;) On Fri, Aug 09, 2002 at 08:11:15PM +0100, Adam Back wrote: | Very nice. | | Nice plausible set of candidate authors also: | | pub 1022/5AC7B865 1992/12/01 [EMAIL PROTECTED] | pub 1024/2B48F6F5 1996/04/10 Ian Goldberg [EMAIL PROTECTED] | pub 1024/97558A1D 1994/01/10 Pr0duct Cypher alt.security.pgp | pub 1024/2719AF35 1995/05/13 Ben Laurie [EMAIL PROTECTED] | pub 1024/58214C37 1992/09/08 Hal Finney [EMAIL PROTECTED] | pub 1024/C8002BD1 1997/03/04 Eric Young [EMAIL PROTECTED] | pub 1024/FBBB8AB1 1994/05/07 Colin Plumb [EMAIL PROTECTED] | | Wonder if we can figure out who is most likely author based on coding | style from such a small set. | | It has (8 char) TABs but other wise BSD indentation style (BSD | normally 4 spaces). Also someone who likes triply indirected pointers | ***blah in there. Has local variables inside even *if code blocks* | eg, inside main() (most people avoid that, preferring to declare | variables at the top of a function, and historically I think some | older gcc / gdb couldn't debug those variables if I recall). Very | funky use of goto in getpgppkt, hmmm. Somewhat concise coding and | variable names. | | Off the cuff guess based on coding without looking at samples of code | to remind, probably Colin or Ian. | | Of course (Lance Cottrell/Ian Goldberg/Pr0duct Cypher/Ben Laurie/Hal | Finney/Eric Young/Colin Plumb) possibly deviated or mimicked one of | their coding styles. Kind of interesting to see a true nym in there | also. | | Also the Cc -- Coderpunks lives? I think the Cc coderpunks might be a | clue also, I think some of these people would know it died. I think | that points more at Colin. | | Other potential avenue might be implementation mistake leading to | failure of the scheme to robustly make undecidable which of the set is | the true author, given alpha code. | | Adam | | On Fri, Aug 09, 2002 at 03:52:56AM +, Anonymous User wrote: | This program can be used by anonymous contributors to release partial | information about their identity - they can show that they are someone | from a list of PGP key holders, without revealing which member of the | list they are. Maybe it can help in the recent controvery over the | identity of anonymous posters. It's a fairly low-level program that | should be wrapped in a nicer UI. I'll send a couple of perl scripts | later that make it easier to use. | -- It is seldom that liberty of any kind is lost all at once. -Hume
Call for Papers, WORKSHOP ON PRIVACY ENHANCING TECHNOLOGIES 2003
Please re-distribute as appropriate... - Forwarded message from Roger Dingledine [EMAIL PROTECTED] - CALL FOR PAPERS WORKSHOP ON PRIVACY ENHANCING TECHNOLOGIES 2003 Mar 26-28 2003 Dresden, Germany Hotel Elbflorenz Dresden http://www.petworkshop.org/ Privacy and anonymity are increasingly important in the online world. Corporations and governments are starting to realize their power to track users and their behavior, and restrict the ability to publish or retrieve documents. Approaches to protecting individuals, groups, and even companies and governments from such profiling and censorship have included decentralization, encryption, and distributed trust. Building on the success of the first anonymity and unobservability workshop (held in Berkeley in July 2000) and the second workshop (held in San Francisco in April 2002), this third workshop addresses the design and realization of such privacy and anti-censorship services for the Internet and other communication networks. These workshops bring together anonymity and privacy experts from around the world to discuss recent advances and new perspectives. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of privacy technologies, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present their perspectives on technological issues. As in past years, we will publish proceedings after the workshop. Suggested topics include but are not restricted to: * Efficient (technically or economically) realization of privacy services * Techniques for censorship resistance * Anonymous communication systems (theory or practice) * Anonymous publishing systems (theory or practice) * Attacks on anonymity systems (eg traffic analysis) * New concepts in anonymity systems * Protocols that preserve anonymity/privacy * Models for anonymity and unobservability * Models for threats to privacy * Novel relations of payment mechanisms and anonymity * Privacy-preserving/protecting access control * Privacy-enhanced data authentication/certification * Profiling, data mining, and data protection technologies * Reliability, robustness, and attack resistance in privacy systems * Providing/funding privacy infrastructures (eg volunteer vs business) * Pseudonyms, identity, linkability, and trust * Privacy, anonymity, and peer-to-peer * Usability issues and user interfaces for PETs * Policy, law, and human rights -- anonymous systems in practice * Incentive-compatible solutions to privacy protection * Economics of privacy systems * Fielded systems and techniques for enhancing privacy in existing systems IMPORTANT DATES Submission deadline December 2, 2002 Acceptance notification February 7, 2003 Camera-ready copy for preproceedings March 7, 2003 Camera-ready copy for proceedings April 28, 2003 CHAIRS Roger Dingledine, The Free Haven Project, USA Andreas Pfitzmann, Dresden University of Technology, Germany PROGRAM COMMITTEE Alessandro Acquisti, SIMS, UC Berkeley, USA Stefan Brands, Credentica, Canada Jean Camp, Kennedy School, Harvard University, USA David Chaum, USA Richard Clayton, University of Cambridge, England Lorrie Cranor, ATT Labs - Research, USA Roger Dingledine, The Free Haven Project, USA (program chair) Hannes Federrath, Freie Universitaet Berlin, Germany Ian Goldberg, Zero Knowledge Systems, Canada Marit Hansen, Independent Centre for Privacy Protection Schleswig-Holstein, Germany Markus Jakobsson, RSA Laboratories, USA Brian Levine, University of Massachusetts at Amherst, USA David Martin, University of Massachusetts at Lowell, USA Andreas Pfitzmann, Dresden University of Technology, Germany Matthias Schunter, IBM Zurich Research Lab, Switzerland Andrei Serjantov, University of Cambridge, England Adam Shostack, Zero Knowledge Systems, Canada Paul Syverson, Naval Research Lab, USA PAPER SUBMISSIONS Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Papers should be at most 15 pages excluding the bibliography and well-marked appendices (using 11-point font and reasonable margins), and at most 20 pages total. Committee members are not required to read the appendices and the paper should be intelligible without them. The paper should start with the title, names of authors and an abstract. The introduction should give some background and summarize the contributions of the paper at a level appropriate for a non-specialist reader. During the workshop
Re: Tax consequences of becoming a US citizen
On Tue, Jul 09, 2002 at 07:22:30PM -0700, Tim May wrote: | On Tuesday, July 9, 2002, at 06:30 PM, Anonymous wrote: | | On 9 Jul 2002 at 14:02, Tim May wrote: | Unless one's stay is a short one (see below), income or other | money earned while in the U.S. (and maybe earned outside the | U.S. if the IRS can make a nexus case) is taxable. | | The question really is: Suppose one becomes a US citizen, and | then resides outside the US. Then is money on earned on assets | outside the US taxable by US authorities. | | Yes, but under expat tax rates. Cf. the IRS site, tax regs, etc. for | details. It seems that it may be similar to that for Green Card holders as well: http://www.techvisas.com/taxation.htm Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: privacy digital rights management
On Wed, Jun 26, 2002 at 09:51:58AM -0400, Donald Eastlake 3rd wrote: | Privacy, according to the usual definitions, involve controlling the | spread of information by persons autorized to have it. Contrast with | secrecy which primarily has to do with stopping the spread of | information through the actions of those not authorized to have it. It sounds to me like you mean data protection, not privacy. By data protection, I mean the ability of the state to tell you not to use information about certain people in certain ways. See, for example, the EU Data Protection Directive. I find its really useful to not use the word privacy in debates about privacy; it simply means too many things to too many people. Bob Blakely once defined privacy as The ability to lie about yourself and get away with it which is an interesting definition. Other good ones include untracability, the inability to trace from a message to a person; unlinkability, the inability to link two instances of theres a person here to the same person; and unobservability, which is the ability to not be observed doing something (think curtains, my current favorite privacy technology.) | We have thousands of years of experience with military crypto, where | the parties at both ends of the conversation are highly motivated to | restrict the flow of private information. The current state of this | technology is very robust. | | That's secrecy technology, not privacy technology. I'm not getting into this one. :) -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Ross's TCPA paper
On Mon, Jun 24, 2002 at 08:15:29AM -0400, R. A. Hettinga wrote: Status: U Date: Sun, 23 Jun 2002 12:53:42 -0700 From: Paul Harrison [EMAIL PROTECTED] Subject: Re: Ross's TCPA paper To: R. A. Hettinga [EMAIL PROTECTED] The important question is not whether trusted platforms are a good idea, but who will own them. Purchasing a TCP without the keys to the TPM is like buying property without doing a title search. Of course it is possible to _rent_ property from a title holder, and in some cases this is desirable. I would think a TCP _with_ ownership of the TPM would be every paranoid cypherpunk's wet dream. A box which would tell you if it had been tampered with either in hardware or software? Great. Someone else's TCP is more like a rental car: you want the rental company to be completely responsible for the safety of the vehicle. This is the economic achilles heal of using TCPA for DRM. Who is going to take financial responsibility for the proper operation of the platform? It can work for a set top box, but it won't fly for a general purpose computer. In general, I'm very fond of this sort of ownership analysis. If I have a TCPA box running my software, and thinking that its mine, how do I know there isn't one more layer? Leave it off, and my analysis is simpler. I suspect that verifying ownership of the TPM will be like verifying ownership of property in modern Russia: There may be a title that looks clean. But what does the mafia think? What about the security services? There may even be someone with a pre-Bolshevik title floating around. Or a forgery. Hard to tell. It's annoying to have one's transaction costs pushed up that high. I can get very high quality baseline software today. What I need for my cypherpunk wet dreams is ecash, and a nice anonymizing network. What I also need is that the general purpose computing environment stay free of control points, in Lessig sense. Adam
Palm security
I find myself storing a pile of vaugely sensitive information on my palm. Where do I find the competent analysis of this? Ideally, I'd like to be able to protect things that I move into a sensitive area (passwords), and maybe select items in other places that I want to encrypt. I don't really want to have to enter a password each time I look at my schedule and todo lists. Someone suggested YAPS (http://www.palmblvd.com/software/pc/Yaps-2000-11-7-palm-pc.html) are there others I should look at? Adam -- -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Government subsidies: our last, best hope for Cryptanarchy?
Hey, most of your points about crypto going under the hood are well taken. I wanted to echo Peter Gutmann's comments about PGP, and add that I see PGP as a protocol, and most of the protocols I use daily (TCP, IP, UDP, DNS, HTTP, SMTP) have not changed in the last 10 years and I don't need to upgrade my software to deal with them. Looking at PGP as a protocol gives you a different perspective. (I also see .doc, .xls and .ppt as protocols, and bad ones) Adam On Fri, May 24, 2002 at 01:44:53AM -0700, Lucky Green wrote: | You may be asking yourself: where, oh where, has all the crypto gone? | Where are the BlackNet's? Where is the untraceable Ecash? Where is the | Cryptanarchy that we've been waiting for? For that matter...where is the | crypto? | | The staunchest Cypherpunk will by now have noticed that PGP/GPG usage | even amongst list members, once the bellwether indicator of Cypherpunks | crypto adoption success, is in decline. | | NAI has pulled PGP off the shelves. Conspiracy theories as to what may | have been driving this business decision abound. The fact of the matter | is that the usage of PGP by businesses, the sole significant source of | NAI PGP revenue, had long passed its peek. How many business do you know | that rolled out PGP in the last year? How many do you know that quietly | stopped using PGP after formally adopting its use with big fanfare a few | years ago? The facts are that there are more of the latter than of the | former. Did NAI receive The Briefing? I don't know. Nor does it really | matter. There wasn't enough money to be made with PGP. | | A well-respected Cypherpunk recently expressed hope that if NAI's PGP | were to disappear for good, perhaps compatibility problems amongst | versions of PGP would diminish. A plausible sounding theory, if one were | to assume that the compatibility problems amongst versions of PGP are | between versions produced by different vendors. Presumably, the theory | would go, with only one major supplier left standing, that being GPG | (yes, I am aware there are others), interop problems with other vendors' | implementations would pretty much disappear by definition. | | However, a closer inspection of the PGP interoperability problems, which | have been at one of the issues coming up in just about every single | discussion I've had with anybody about PGP over the last year, shows | that the interop problems are not between current versions by multiple | vendors, but between versions, in some cases by the same vendor, that | were released over time. The current version of NAI-PGP will | interoperate just fine with the current version of GPG. | | So why is PGP interoperability such a frequently raised issue? And why | does the importance of this topic seem to diminish the further away you | stray from Cypherpunks into the realms of the casual PGP users? The | answer to the second question is straight-forward. Even the most casual | user of software tends to be familiar with and acceptant of the need for | occasional software upgrades. It appears that those that are | experiencing interop problems are those that are insisting on using up | to 5-year old versions of PGP. It is true and should come as no surprise | that those 5-year old versions do indeed have interop problems with | newer versions of PGP. | | Some may say: I shouldn't need to keep on upgrading my software to be | able to send encrypted email. Does anybody seriously believe that those | that insist on using 5-year old versions of PGP have not upgraded their | operating systems in those 5 years? Indeed, upgraded more their | operating systems more than once? Or does anybody seriously believe that | those that insist on using old versions of PGP still run the exact same | version of their MUA and text editor as they did 5 years ago? Of course | they don't. If they did, their boxes would long have become unusable due | to the warez traffic taking place on the machines as a result of the | countless remote exploits discovered over these last 5 years. | | The reluctance to upgrade to a newer version of PGP does not appear to | be driven by a refusal or inability to upgrade software in general. This | reluctance to upgrade appears PGP specific. Why this is the case I do | not know. (And don't greatly care. I am running the latest version of | NAI PGP and I can make my copy talk to any version of PGP 2.x or | higher). | | Now perhaps there may be the rare case of a PGP user that is still | running PGP 2.x on the same DOS box, using the same mailer and the same | text editor as they did 5 years ago. I don't know of any such users, but | that doesn't mean no such users exists within the vastness of the | Internet. What I do know is that those that I am aware of that are | complaining about PGP version interoperability problems do not fall into | the rare category of users who have not upgraded any software at all for | the last 5 years. | | Since the existence of multiple PGP
Re: NAI pulls out the DMCA stick
On Thu, May 23, 2002 at 12:24:00AM -0700, Lucky Green wrote: | Adam wrote: | Which is too bad. If NAI-PGP went away completely, then | compatability problems would be reduced. I also expect that | the German goverment group currently funding GPG would be | more willing to fund UI work for windows. | | Tell me about it. PGP, GPG, and all its variants need to die before | S/MIME will be able to break into the Open Source community, thus | removing the last, but persistent, block to an instant increase in | number of potential users of secure email by several orders of | magnitude. Are you claiming that S/mime no longer has the enourmous compatability problems it used to have? Is there any Open source implementation of the protocol? Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Bad guys vs. Good guys
On Sat, May 11, 2002 at 08:23:39PM -0400, Declan McCullagh wrote: | On Tue, Apr 30, 2002 at 09:20:32PM -0400, Steve Furlong wrote: | And most of the sheeple _like_ it. They'd rather be safe than free. For | every complaint I've heard about having to reassure the bank that the | card wasn't stolen, I've heard a couple dozen praises for the wonderful | safe system that takes care of its members. | | I'm a bit late here, but let me rise to the defense of profiling of this | sort. The reason we have interest rates on credit cards which are not | far higher than they are now and have ready availability of credit in the | first place (not to mention credit cards being accepted nearly everywhere) | is anti-fraud measures like automated profiling. In other words, it's | something that benefits the consumer by keeping costs down. | This analysis, of course, ignores that some of the push toward record | keeping on the part of businesses comes not just from market pressure, | but political pressure. USA PATRIOT expands dramatically police access | to credit card databases. And if Visa/MC/AMEX don't comply, perhaps | the tax code might be adjusted in a certain harmful way, or perhaps | they'll be accused of harboring terrorists, or perhaps the feds will | stop using their cards for purchases... You're also ignoring that the record keeping is dependant on government issued identifiers, which make cross correlation of records possible, and the failure of the government to protect those identifiers. Thats exactly the same underlying enabling technology that's led to identity theft. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Bad guys vs. Good guys
On Sun, May 12, 2002 at 10:18:41AM -0400, Sandy Harris wrote: | Morlock Elloi wrote: | | Mental constructs like this one, complicated schemes that require knowledge of | modular aritmetic to understand, is why this will not happen. | | Whatever aspires to replace paper cash for purposes where paper cash is a must | (in real life, conferences don't count) has to be as simple to understand, | verify and manipulate as paper cash itself. | | Flipping bits in the gates or on the wire is not that - unless Joe the Hitman | or Gordon the Dealer or Jeff the Cleaner can well understand it and in addition | to that have implementor's balls within reach if something goes wrong. | | Why do you imagine that? | | Those guys don't understand the technologies behind paper money -- engraving, | paper making, holography, ... -- or behind bank accounts and ATM machines, | and they likely don't have credible threats against the mint or the banks. | | There is a chicken-and-egg problem. Joe, Gord and Jeff will happily use | any system that is widespread enough to be credible, but how does some | system get there? That probably requires that early adopters understand | things and believe they have recourse against botching implementers. It also requires that the early adopters can convince merchants and banks to jump into a system from which they get none of the benefits which motivate Alice and Bob and me to adopt ecash. I want ecash for privacy; why do the merchant and bank want it? That financial instruments are an N2 party problem, unlike, say fax machines or email, make it that much harder. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: attack on rfc3211 mode (Re: disk encryption modes)
On Sat, May 11, 2002 at 04:01:11AM +1200, Peter Gutmann wrote: | General rant: It's amazing that there doesn't seem to be any published research | on such a fundamental crypto mechanism, with the result that everyone has to | invent their own way of doing it, usually badly. We don't even have a decent | threat model for this, my attempt at one for password-based key wrap may or | may not be appropriate (well, I hope it's more or less right), but it's going | to be rather different than for a situation where you have an ephemeral | symmetric key rather than a fixed, high-value key wrapping another key. The | same problem exists for things like PRFs, we now have PKCS #5v2, but before | that everyone had to invent their own PRF for lack of anything useful, with | the result that every single protocol which needs a PRF has its own, | incompatible, often little-analysed one. | | More specific rant: Looking at the security standards and protocols deployed in | the last decade or so, you'd be forgiven for thinking that the only crypto | research done in the last 10 years (beyond basic crypto algorithms) was | STS/SPEKE and HMAC. There seems to be this vast gulf between what crypto | researchers are working on and what practitioners actually need, so while | conferences are full of papers on group key management and anonymous voting | schemes and whatnot, people working on real-world implementations have to | home-brew their own mechanisms because there's nothing else available. The | RFC 3211 wrap is actually parameterised so you can slip in something better | when it becomes available, but I can't see that ever happening because | researchers are too busy cranking out yet another secure multiparty | distributed computation paper that nobody except other researchers will ever | read. | | (Did I miss offending anyone? :-). The voting folks? ;) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: overcoming ecash deployment problems (Re: all about transferable off-line ecash)
On Thu, Apr 11, 2002 at 02:37:50PM +0100, Adam Back wrote: | - deployment / chicken and egg problem (merchants want lots of users | before they're interested users want wide merchant acceptance before | their interested) I think its worse than that. The normal technology adoption curve is that you have people (visionaries or early adopters who are willing to use expensive technology with a high learning curve to get something that they want. When they get a sufficient critical mass, you move to the early mass market. However, with ecash you have the problem that you need to convince not only the users who care about their privacy, but also the merchants to accept it, and the banks to issue it. Consider for a moment if the telcos had to agree to support fax machines; or perhaps if they had to agree to support DSL. (oh wait, they do.) Thus, ecash deployment is a 3 party problem, where most new technologies that succeed are not. I'm honestly not sure if the patents make a big difference in our ability to deploy, given that they're a small speed bump on the way to this brick wall. Sure, its easy, and even fun, to rail on about them, because maybe if we rail at the patent owners long enough, they can be changed, whereas the economic realities are not so subject to persuasion. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Detectable cash notes a fantasy
On Wed, Apr 10, 2002 at 02:22:04PM -0400, Trei, Peter wrote: | If a stack of bills containing these transponders are supposed to be | read from afar, way beyond what a valid bill detector is likely to be | engineered to do, I'd like to see the physics worked out. | | Detection range turns out to be function of antenna size - the reader's | antenna, not the one on the transponder. So if you have a big (eg, | doorframe size) antenna, you can do a lot better than the 'valid bill | detector' on the countertop. There's actually a privacy win here for | the passive tags - the returned signal strength falls with the fourth | power of the distance. Interesting. What does that work out to for, say, a 2 meter antenna? (I'm not sure if this actually works out to a security win. It may be that I can use this fast fall-off to ensure that I'm picking the right pocket..) Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Detectable cash notes a fantasy
On Wed, Apr 10, 2002 at 10:59:32AM -0700, Tim May wrote: | On Wednesday, April 10, 2002, at 09:27 AM, Trei, Peter wrote: | For paper money failure rates will probably be high anyway. | So, if in fact we _are_ talking about each $20 bill having such a | transponder, then why are our arguments about how easy it will be to | shield against remote probing not valid? Put the money in a foil packet, | or fold it over, or carry it in a stack, or in a standard metal | briefcase, and I _guarantee_ that detecting it from afar will be | extremely difficult. | | If a stack of bills containing these transponders are supposed to be | read from afar, way beyond what a valid bill detector is likely to be | engineered to do, I'd like to see the physics worked out. | | (A stack of bills, or cards, will have extremely poor radiation patterns | from any but the top or bottom bill, and probably their patterns won't | be good either.) Does it matter? Intuitively, you broadcast a radio signal, and pick up from that where the largest clusters of bills are. Repeat several times if needed. You don't care about signal accuracy, just magnitude. You then decide if the people with wads of cash look like an easy mugging target. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
