Re: AOL Help : About AOL® PassCode

On Tue, Jan 04, 2005 at 08:44:11PM +, Ian G wrote: | R.A. Hettinga wrote: | | > | >Have questions? Search AOL Help articles and tutorials: | >. | >If you no longer want to use AOL PassCode, you must rel

Re: Blinky Rides Again: RCMP suspect al-Qaida messages

On Sat, Dec 11, 2004 at 10:24:09PM +0100, Florian Weimer wrote: | * R. A. Hettinga quotes a news article: | | > There have been numerous media reports in recent years that terrorist | > groups, including al-Qaida, were using steganographic techniques. | | As far as I know, these news stories can

Re: Academics locked out by tight visa controls

On Mon, Sep 20, 2004 at 10:03:57AM -0400, John Kelsey wrote: | >Academics locked out by tight visa controls | >U.S. SECURITY BLOCKS FREE EXCHANGE OF IDEAS | >By Bruce Schneier | | I guess I've been surprised this issue hasn't seen a lot more | discussion. It takes nothing more than to look at th

Re: Textual analysis

On Sun, Dec 14, 2003 at 10:36:02AM -0500, John Kelsey wrote: | Textual analysis correctly identified the author of _Primary Colors_, | though that was from a pretty small field of people with the right level of | inside knowledge. Does anyone know whether there have been real randomized | trial

Freedomphone

http://www.wired.com/news/technology/0,1282,61289,00.html?tw=wn_tophead_7 > "We allow everyone to check the security for themselves, because > we're the only ones who publish the source code," said Rop Gonggrijp > at Amsterdam-based NAH6. Gonggrijp, who helped develop the software, > owns a stake

Re: Mexifornia Driver's License

On Mon, Sep 15, 2003 at 04:07:02PM -0700, Bill Stewart wrote: | Tim May wrote: | > http://vikingphoenix.com/immigration/davis_sign_illegal.htm | | Does anybody remember 10+ years ago when a "Driver's License" | wasn't quite a National ID Card or a Citizenship Credential Yeah. The real problem wi

Re: Your papers please [what color is John Gilmore?]

First answer: He's in red, no green, argggh! Second answer: We've changed the name of the program to ITAR so his lawsuit goes back to square 1! That's the plan! Third answer: CAPPS was just a clever distraction, the real program remains classified. Please step over here. Adam On Tue, Sep 09,

Re: JAP back doored

On Tue, Sep 02, 2003 at 12:47:34PM -0700, Steve Schear wrote: | http://www.heise.de/newsticker/data/jk-02.09.03-005/ | | German police have searched and seized the rooms (dorm?) of one of the JAP | developers. They were on the look for data that was logged throughout the | period when JAP had t

Heathrow employees leap out of kettle

http://silicon.com/news/164-51/1/5237.html?rolling=1 > Staff were angered by the roll out of swipe cards which effectively > enable bosses to monitor their comings and goings and effectively > re-introduced the practice of clocking-on and clocking-off. [...] > Around 100,000 travellers and hol

Re: [Brinworld] Car's data recorder convicts driver

On Wed, Jun 18, 2003 at 09:11:58AM -0700, Tim May wrote: | On Wednesday, June 18, 2003, at 05:17 AM, Adam Shostack wrote: | > | >I wasn't arguing, I was quipping. | > | >I find the many meanings of the word privacy to be fascinating. So | >when someone commented that the ca

Re: [Brinworld] Car's data recorder convicts driver

On Tue, Jun 17, 2003 at 09:30:35PM -0700, Tim May wrote: | On Tuesday, June 17, 2003, at 03:48 PM, Thomas Shaddack wrote: | > | >>Adam | >> | >>PS: Bob Blakely once defined privacy as the right to lie and get away | >>with it, which fits into some of what many people mean by privacy. | > | >Anothe

Re: [Brinworld] Car's data recorder convicts driver

On Wed, Jun 18, 2003 at 12:58:56AM -0400, John Kelsey wrote: | At 06:29 AM 6/17/03 +0159, Anonymous wrote: | >Adam Shostack wrote: | > | >> PS: Bob Blakely once defined privacy as the right to lie and get away | >> with it, which fits into some of what many people mean by

Diners club switches to passwords

I just called Diner's Club, and was suprised to be asked for a password to (replace? supplement?) my mother's maiden name. Is this something that Citibank in general is doing? How long before this becomes a standard of due care? Also, I'm curious what the forgot-my-password recovery mechanisms w

Re: An attack on paypal --> secure UI for browsers

GWB 2003-01-28 speech. \/|\/ | /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ | + v + : The look on Sadam's face - priceless! | [EMAIL PROTECTED] http://www.sunder.net | | On Sat, 14 Jun 2003, Adam Shostack wrote: | | > Sure. And I'm

Re: Microsoft, TCPA, your wallet and the real ending of the story.

On Sat, Jun 14, 2003 at 03:17:22PM -0400, Sunder wrote: | Indeed. | | If it's coming from Redmond, and as usual if it smells of evil, there is | an utterly simple solution in dealing with it: don't buy it. Don't buy | Microsoft software, don't buy motherboards that include TCPA capabilities.

Re: An attack on paypal --> secure UI for browsers

On Sat, Jun 14, 2003 at 03:30:47PM -0400, Sunder wrote: | Um, how's that agin? How does Ballmer and Gates force you, Adam Shostack | to run Microsoft Office? Did they put a gun to your head? Did they | manage to twist Congress's arms to put a gun to your head? | | Compatibility you

Re: An attack on paypal --> secure UI for browsers

On Sat, Jun 14, 2003 at 11:20:16AM -, a Microsoft employee wrote: | Adam Shostack writes: | | > Actually, most of the features of Nogsuccob are features that I | > want, like integrity protected, authenticated boot. The problem, | > bundled with those features, is the ability of t

Re: An attack on paypal --> secure UI for browsers

On Fri, Jun 13, 2003 at 11:04:42PM +0200, Thomas Shaddack wrote: | > The problem (among others) is that this allows a virus to steal the | > client cert. If it is protected by a password, the malware must hang | > around long enough for the user to unlock the cert (perhaps because the | > malware

Re: The Streisand imagecriminal lives 2-3 parcels away from me

On Tue, Jun 03, 2003 at 11:00:07AM -0400, Sunder wrote: | That's all nice and good, but why should it be on cypherpunks? Where's | the relevance to this list? Why is Ken, or his addres or helipad an | interest to the cypherpunks? Why is PG&E's monopolistic's actions against | him relevant to the

Re: What shall we do with a bad government...

On Thu, Mar 20, 2003 at 10:57:12PM -0500, Tim Meehan wrote: | an okay economy but too many yuppies and climbers (and crappy pot). | Montreal is the best, but you're better off if you speak Freedom -- | and like hash. The local pharma retail business seems to be quite flexible in supplying regula

Re: Fatherland Security measures more important than Bennetton tags!

On Sat, Mar 15, 2003 at 08:47:15PM +, Michael Shields wrote: | In article <[EMAIL PROTECTED]>, | Adam Shostack <[EMAIL PROTECTED]> wrote: | > (New York just | > announced the abolition of tokens, making all subway travel | > linkable.) | | The last time I was in New

Re: Identification of users of payphones

On Fri, Mar 14, 2003 at 05:36:28PM +0100, Thomas Shaddack wrote: | Couple months ago, our local Telecom decided to switch over from | easy-to-emulate EPROM-based "dumb smartcards" (described at | http://www.phrack.com/show.php?p=48&a=10 ) to Eurochip ones. Today seemed | a good day to learn more ab

Re: Brinwear at Benetton.

On Thu, Mar 13, 2003 at 11:57:27AM -0500, Tyler Durden wrote: | "If I build the mugger's little | helper, a PDA attachement that scans for real prada bags, then perhaps | the RFID tag will be removed at the counter after the first lawsuit." | | Nice! Possibly, it might not even be necessary for th

Re: Brinwear at Benetton.

On Thu, Mar 13, 2003 at 08:24:35AM -0800, Mike Rosing wrote: | On Thu, 13 Mar 2003, Adam Shostack wrote: | | > On Thu, Mar 13, 2003 at 10:22:14AM -0500, Trei, Peter wrote: | > The other motivator is liability. If I build the mugger's little | > helper, a PDA attachement that scans

Re: Brinwear at Benetton.

On Thu, Mar 13, 2003 at 10:22:14AM -0500, Trei, Peter wrote: | Some research is being done in RSA Labs to produce more | privacy-enhanced protocols for RFIDs, but it's a long way from | publication, and its unclear what would motivate a tag manufacturer | to include them. The biggest motivators I

Re: Blacknet Delta CAPPS II Boycott?

I think the thing to do is to get RTmark or the YESmen or some other organization that's used to be sued involved. On Mon, Mar 10, 2003 at 09:52:04AM -0500, Tyler Durden wrote: | Just wondering... | | Would there be an easy "blacknet" way to offer those t-shirts that would be | un-shutdownable

Stupid security measures, a contest

"Human rights watchdog Privacy International has launched a quest to find the World's Most Stupid Security Measure. " http://www.theregister.co.uk/content/55/29279.html -- "It is seldom that liberty of any kind is lost all at once." -Hume

P4 Docs?

> WASHINGTON, Jan. 2 ? A 19-year-old University of Chicago student was > arrested in Los Angeles today and charged with stealing trade > secrets from DirecTV, the nation's leading satellite television > provider http://www.nytimes.com/2003/01/03/technology/03PIRA.html > According to prosecuto

[dave@farber.net: [IP] Do unto others ..]

- Forwarded message from Dave Farber <[EMAIL PROTECTED]> - Date: Tue, 31 Dec 2002 13:31:07 -0500 Subject: [IP] Do unto others .. From: Dave Farber <[EMAIL PROTECTED]> To: ip <[EMAIL PROTECTED]> X-Spam-Status: No, hits=-0.5 required=5.0 tests=TO_LOCALPART_EQ_REAL,AWL version=2.20 --

Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)

On Tue, Dec 31, 2002 at 09:49:28AM -0800, Kevin Elliott wrote: | At 12:12 -0500 on 12/31/02, Adam Shostack wrote: | >Rummaging through my wallet...a grocery card in the name of Hughes, a | >credit card with the name Shostack, and an expired membership card in | >the name Doe. | | In

Re: Dossiers and Customer Courtesy Cards

On Tue, Dec 31, 2002 at 11:02:48AM -0800, Tim May wrote: | On Tuesday, December 31, 2002, at 09:49 AM, Kevin Elliott wrote: | | >At 12:12 -0500 on 12/31/02, Adam Shostack wrote: | >>Rummaging through my wallet...a grocery card in the name of Hughes, a | >>credit card with th

Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)

On Tue, Dec 31, 2002 at 01:21:52AM -0800, Bill Stewart wrote: | At 03:57 PM 12/19/2002 -0500, Adam Shostack wrote: | >On Mon, Dec 16, 2002 at 04:56:12PM -0500, John Kelsey wrote: | >| I think this would help, but I also think technology is driving a lot of | >| this. You don't have

Re: How robust is SpeakFreely?

On Sat, Dec 21, 2002 at 07:40:34PM +0100, Thomas Shaddack wrote: | | http://www.speakfreely.org/ is a nice, open-source cross-platfor VoIP | software. Supports encryption by DES, Blowfish, and IDEA. | | Had anyone knowledgeable ever looked at its code? How secure this | implementation is? Is bett

Re: Constant Encrypted Stream

On Thu, Dec 19, 2002 at 10:10:25PM -0600, [EMAIL PROTECTED] wrote: | Nothing serious, just throwing a quick thought out... | | It has been mentioned that you should always use crypto. If you wait until | you actually have something private to send, then an adversary will know | exactly which messa

Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)

On Mon, Dec 16, 2002 at 04:56:12PM -0500, John Kelsey wrote: | At 12:53 PM 12/15/02 -0500, Adam Shostack wrote: | ... | >I think that a law which re-affirmed the rights to be anonymous, to | >call yourself what you will, to be left alone, to not carry or show ID | >would transform the deb

Re: Suspending the Constitution

On Wed, Dec 18, 2002 at 03:17:21PM -0800, Petro wrote: | On Sat, Dec 14, 2002 at 03:18:09PM -0800, Mike Rosing wrote: | > On Sat, 14 Dec 2002, Tim May wrote: | > > Lincoln's notion that the Constitution is suspendable during a war, or | > > other emergency conditions, was disgraceful. Nothing in th

Re: Short story?

On Mon, Dec 16, 2002 at 03:03:29PM -0800, Petro wrote: | Permanently behind on my email: | | On Sat, Nov 23, 2002 at 03:22:41PM -0500, Adam Shostack wrote: | > I'm trying to remember details (author, title) of a short story that I | > read once. Its main feature, or the one that

Re: Gilmore's response

On Fri, Dec 13, 2002 at 02:47:37PM -0800, Steve Schear wrote: | >Dare you to do this with your Groucho glasses on :-) | | Oh, you saw me at RSA, eh? (Last year I guess it was, the RSA's staff | allowed me to be photo ID'd wearing them as long as I promised to wear them | on the show floor, whic

Re: Gilmore's response

On Fri, Dec 13, 2002 at 10:54:06AM -0800, Marshall Clow wrote: | At 1:38 PM -0500 12/13/02, Adam Shostack wrote: | >PS: Current news in Canada includes the gun registry having undergone | >a 12x cost overrun, and its not clear what will happen to it. A large | >reason for the overruns

Re: Gilmore's response

On Fri, Dec 13, 2002 at 10:15:22AM -0800, Steve Schear wrote: | At 12:43 PM 12/13/2002 -0500, you wrote: | >Gilmore's legal response to secret laws, etc. | > | >http://cryptome.org/gilmore-v-usa-god.htm | | I have a possible trip coming up soon. I intend to have my tickets | purchased by a third

Short story?

I'm trying to remember details (author, title) of a short story that I read once. Its main feature, or the one that's standing out in my mind, is the obsessive hacker who studies a target to figure out his password, at which he only has one guess. The zinger is that the very security concious tar

Re: Q: opportunistic email encryption

On Fri, Nov 22, 2002 at 09:23:57PM +0100, Eugen Leitl wrote: | Question: if you control the traffic layer you can easily disrupt | opportunistic encryption (STARTTLS & Co) by killing public key exchange, | or even do a MITM. | | Is there any infrastructure in MTAs for public key caching, and admin

Re: Torture done correctly is a terminal process

On Wed, Nov 20, 2002 at 04:30:42PM -0800, Tim May wrote: | On Wednesday, November 20, 2002, at 12:49 PM, dmolnar wrote: | | >On Wed, 20 Nov 2002, Tyler Durden wrote: | > | >>to have a big jpg of a hand with middle finger extended...) More than | >>this, | >>they will have unknowingly destroyed t

Re: (Being able to) sell votes

On Mon, Nov 18, 2002 at 07:02:40AM -0800, Mike Rosing wrote: | On Mon, 18 Nov 2002, Tyler Durden wrote: | | > Me, I don't like the idea of people actualy selling votes, but I think I | > like the idea of people BEING ABLE to sell their votes. | | But then votes are property, and property can be t

Re: Workshop on HCI and Security at CHI2003

Since posting, I got a better web page: http://www.iit.nrc.ca/~patricka/CHI2003/HCISEC/index.html Adam On Mon, Nov 11, 2002 at 09:54:51AM -0500, Adam Shostack wrote: | I think that the intersection of usability and security is of | tremendous import, and wanted to share an under-advertised sort

Workshop on HCI and Security at CHI2003

I think that the intersection of usability and security is of tremendous import, and wanted to share an under-advertised sort of workshop announcement: http://www.acm.org/sigchi/ The conference home page is http://www.chi2003.org/ The workshop page is http://www.iit.nrc.ca/~patricka/CHI_2003/H

Re: Photos in transport plane of prisoners: Time for eJazeera?

On Sat, Nov 09, 2002 at 08:10:22PM -0800, Mike Rosing wrote: | As long as there are people in the military who are willing and able to | inform us on what they are *really* doing, we actually can feel pretty | comfortable with their missions. It's gonna take a full polilce state | to prevent the d

Re: What email encryption is actually in use?

On Sun, Nov 03, 2002 at 11:23:36AM -0800, Tim May wrote: | I think most users, even casual ones, would accept this advice: | | "Look, encrypted text is just a rearrangement of text. Compose your | message in whatever editor or word processor you want, apply the | encryption directly to that text

Re: Integrated crypto sounds useful, but it's fragile and ultimately a lose

On Sun, Nov 03, 2002 at 12:41:11PM -0800, Tim May wrote: | To expand on this point a bit, I suspect one of the main reasons people | who once used PGP stop using it, either privately or at corporations | (as we have heard folks here testify about), is because something | changes and things "brea

Re: What email encryption is actually in use?

An interesting tidbit in the September Information Security Bulletin is the claim from MessageLabs that only .005% of the mail they saw in 2002 is encrypted, up from .003% in 2000. (MessageLabs is an outsourcing email anti-virus company.) At this thrilling rate of growth, it will be on the order

Re: Confiscation of Anti-War Video

On Tue, Oct 29, 2002 at 07:13:52PM -0500, John Kelsey wrote: | Your list left out the obvious technique, which I think is more-or-less | used by El Al: Screen your passengers really well, probably using secret | databases, various kinds of racial profiling, etc. Routinely turn | passengers away,

Re: A non-political issue

On Wed, Oct 30, 2002 at 01:34:12AM +0100, Anonymous via the Cypherpunks Tonga Remailer wrote: | (possible duplicate message) | | What technology is available to create a 2048-bit RSA key pair so that: | | 1 - the randomness comes from quantum noise | | 2 - no one knows the secret part, | | 3 -

Re: Confiscation of Anti-War Video

On Mon, Oct 28, 2002 at 04:13:31PM -0500, Trei, Peter wrote: | Actually, the DoT has already ruled positively that one fuel cell from | Polyfuel | can be carried on board. They appear to have a cartridge for the methanol, | similar to a ink cartridge. It's a pity it's methanol - I want to be able t

Re: internet radio - broadcast without incurring royalty fees

On Fri, Oct 25, 2002 at 02:37:32AM +0100, Adam Back wrote: | Seems to me this would pass current IP laws because it is like a radio | station which broadcast the name of a song and the user is expected to | insert the CD in his player and play along to keep up with the | commentary, only automated

Re: QuizID?

On Thu, Oct 17, 2002 at 02:39:55PM -0400, Rich Salz wrote: | Marc Branchaud wrote: | >Any thoughts on this device? At first glance, it doesn't seem | >particularly impressive... | > | >http://www.quizid.com/ | | Looks like hardware S/Key, doesn't it? | | If I could fool the user into entering a

QuizID

http://news.bbc.co.uk/2/hi/technology/2334491.stm and www.quizid.com > A credit-card sized device, which could potentially be issued to > thousands of citizens, is being heralded as a major breakthrough in > the search for establishing secure identification on the internet. ... > Users are is

Proofs of security

Has anyone done any research into how much better new cryptosystems with proofs of security do, as opposed to their unproven cousins? It seems that having a proof of security doesn't actually improve the odds that a system will survive attacks. But thats my intuition, not a proven fact. ;) Has

Recent arrests..

> Prosecutors also argued that one of the suspects, Shafal Mosed, was > suspicious because he had 11 credit cards in different names and two > social security cards in different names in his wallet when > arrested. > > His attorney, Patrick Brown, said Mosed merely had his own social > security ca

Re: What email encryption is actually in use?

On Wed, Oct 02, 2002 at 09:12:47PM +0100, Ben Laurie wrote: | Adam Shostack wrote: | >On Wed, Oct 02, 2002 at 04:54:54PM +0100, Ben Laurie wrote: | >| Lucky Green wrote: | >| >I also agree that current MTAs' implementations of STARTTLS are only a | >| >first step. At lea

Re: What email encryption is actually in use?

On Wed, Oct 02, 2002 at 04:54:54PM +0100, Ben Laurie wrote: | Lucky Green wrote: | >I also agree that current MTAs' implementations of STARTTLS are only a | >first step. At least in postfix, the only MTA with which I am | >sufficiently familiar to form an opinion, it appears impossible to | >requi

Re: Real-world steganography

On Mon, Sep 30, 2002 at 07:31:19PM -0700, Paul Krumviede wrote: | --On Tuesday, 01 October, 2002 13:54 +1200 Peter Gutmann | <[EMAIL PROTECTED]> wrote: | | >I recently came across a real-world use of steganography which hides extra | >data in the LSB of CD audio tracks to allow (according to the

Anyone can get a clearance these days...

"The US Government has mistakenly given secret documents to the only man charged so far in connection with the 11 September attacks, Zacarias Moussaoui." http://news.bbc.co.uk/2/hi/americas/2284325.stm -- "It is seldom that liberty of any kind is lost all at once."

Re: Random Privacy

On Sun, Sep 22, 2002 at 10:25:32PM -0400, Sam Ritchie wrote: | On 9/21/02 11:08 AM, "Greg Vassie" <[EMAIL PROTECTED]> wrote: | | >> Interesting little article from | >> http://pass.maths.org.uk/issue21/news/random_privacy/index.html: | >> | >> Excerpt: | >> "Right now, the rate of falsification

Re: Random Privacy

On Sat, Sep 21, 2002 at 01:15:18PM -0700, AARG!Anonymous wrote: | Greg Broiles wrote about randomizing survey answers: | | > That doesn't sound like a solution to me - they haven't provided anything | > to motivate people to answer honestly, nor do they address the basic | > problem, which is rel

Re: Random Privacy

On Sat, Sep 21, 2002 at 11:08:54AM -0400, Greg Vassie wrote: | > Interesting little article from | > http://pass.maths.org.uk/issue21/news/random_privacy/index.html: | > | > Excerpt: | > "Right now, the rate of falsification on Web surveys is extremely high," | > says Dr Ann Coavoukian, the commi

Postal privacy

> Some efforts focus on reducing the volume of anonymous mail, which > now constitutes about 17 percent of the daily flow of some 680 > million items. > For example, the Postal Service plans eventually to change most > stamps from uniform bits of sticky paper to personalized, encrypted > records

Backround checks are more important than education...

http://news.bbc.co.uk/2/hi/uk_news/education/2229196.stm > Thousands of teachers will not be able to take classes at the start > of the new term because character checks on them will not have been > completed, the government has admitted. [...] > Leicestershire was one of the first areas of the c

Re: Mitigating Dangers of Compromised Anonymity

On Sat, Aug 31, 2002 at 12:12:16AM -0700, Meyer Wolfsheim wrote: | On Fri, 30 Aug 2002, Adam Shostack wrote: | | > I'd like to suggest that while this may be fun, usability and getting | > millions of users to see that remailers are useful to them is a more | > useful goal

Re: employment market for applied cryptographers?

Hey, this is off-topic for DRM-punks! ;) more seriously: I think the fundamental issue is that crypto doesn't really solve many business problems, and it may solve fewer security problems. See Bellovin's work on how many vulnerabilities would be blocked by strong crypto. The buying public can't

Call for Papers, WORKSHOP ON PRIVACY ENHANCING TECHNOLOGIES 2003

bsson, RSA Laboratories, USA Brian Levine, University of Massachusetts at Amherst, USA David Martin, University of Massachusetts at Lowell, USA Andreas Pfitzmann, Dresden University of Technology, Germany Matthias Schunter, IBM Zurich Research Lab, Switzerland Andrei Serjantov, University of Cambridge, En

Re: IP: SSL Certificate "Monopoly" Bears Financial Fruit

On Fri, Jul 12, 2002 at 11:18:12AM -0400, Trei, Peter wrote: | > I'd rather not state the exact figures. A search of SEC filings may or | > may not turn up further details. | > | > > And who actually owns these numerous trusted roots? | > | > I am not sure I understand the question. | > | > --

Re: Tax consequences of becoming a US citizen

On Tue, Jul 09, 2002 at 07:22:30PM -0700, Tim May wrote: | On Tuesday, July 9, 2002, at 06:30 PM, Anonymous wrote: | | > On 9 Jul 2002 at 14:02, Tim May wrote: | >> Unless one's stay is a short one (see below), income or other | >> money earned while in the U.S. (and maybe earned outside the | >

Re: privacy <> digital rights management

On Wed, Jun 26, 2002 at 09:51:58AM -0400, Donald Eastlake 3rd wrote: | "Privacy", according to the usual definitions, involve controlling the | spread of information by persons autorized to have it. Contrast with | secrecy which primarily has to do with stopping the spread of | information through

Re: Ross's TCPA paper

On Mon, Jun 24, 2002 at 08:15:29AM -0400, R. A. Hettinga wrote: > Status: U > Date: Sun, 23 Jun 2002 12:53:42 -0700 > From: Paul Harrison <[EMAIL PROTECTED]> > Subject: Re: Ross's TCPA paper > To: "R. A. Hettinga" <[EMAIL PROTECTED]> > The > important question is not whether trusted platforms ar

Top 10 police database abuses (pointer)

http://www.techtv.com/cybercrime/privacy/story/0,23008,3387549,00.html > Law enforcement officers are supposed to protect and serve, but some > corrupt cops misuse police databases to get dates and more Tuesday, > 6/11 at 9 p.m. Eastern on 'CyberCrime.' > Your address, telephone number, Social S

[jdrury@witsusa.com: Part-time Weekend opportunities at Ft. Meade, Maryland for CLEARED professional]

For all our lurkers, agents provocateur, prosecutors and fellow travellers looking to take in a few extra bucks. Those outside said category should perhaps worry that the government agency charged with infosec has to contract out like this... Adam - Forwarded message from Jennifer Drury <[

Palm security

I find myself storing a pile of vaugely sensitive information on my palm. Where do I find the competent analysis of this? Ideally, I'd like to be able to protect things that I move into a "sensitive" area (passwords), and maybe select items in other places that I want to encrypt. I don't reall

Re: Government subsidies: our last, best hope for Cryptanarchy?

Hey, most of your points about crypto going under the hood are well taken. I wanted to echo Peter Gutmann's comments about PGP, and add that I see PGP as a protocol, and most of the protocols I use daily (TCP, IP, UDP, DNS, HTTP, SMTP) have not changed in the last 10 years and I don't need to upg

Re: why OpenPGP is preferable to S/MIME (Re: NAI pulls out the DMCA stick)

On Thu, May 23, 2002 at 07:10:01PM +0100, Adam Back wrote: | Certificate authorities also can forge certificates and issue | certificates in fake names if asked by government agencies. S/MIME is | too much under central control by design to be a sensible choice for | general individual use. So w

Re: NAI pulls out the DMCA stick

On Thu, May 23, 2002 at 12:24:00AM -0700, Lucky Green wrote: | Adam wrote: | > Which is too bad. If NAI-PGP went away completely, then | > compatability problems would be reduced. I also expect that | > the German goverment group currently funding GPG would be | > more willing to fund UI work

Re: NAI pulls out the DMCA stick

On Wed, May 22, 2002 at 01:00:54AM -0700, Lucky Green wrote: | Most likely, this Peter Beruk is new at his job, has not yet figured out | that C-level management at NAI wants copies of PGP floating about the | Net, but needs to of course protect their trademarks and copyrights by | dutifully send

Re: Bad guys vs. Good guys

On Sun, May 12, 2002 at 10:18:41AM -0400, Sandy Harris wrote: | Morlock Elloi wrote: | | > Mental constructs like this one, complicated schemes that require knowledge of | > modular aritmetic to understand, is why this will not happen. | > | > Whatever aspires to replace paper cash for purposes

Re: Bad guys vs. Good guys

On Sat, May 11, 2002 at 08:23:39PM -0400, Declan McCullagh wrote: | On Tue, Apr 30, 2002 at 09:20:32PM -0400, Steve Furlong wrote: | > And most of the sheeple _like_ it. They'd rather be safe than free. For | > every complaint I've heard about having to reassure the bank that the | > card wasn't s

Re: attack on rfc3211 mode (Re: disk encryption modes)

On Sat, May 11, 2002 at 04:01:11AM +1200, Peter Gutmann wrote: | General rant: It's amazing that there doesn't seem to be any published research | on such a fundamental crypto mechanism, with the result that everyone has to | invent their own way of doing it, usually badly. We don't even have

Re: overcoming ecash deployment problems (Re: all about transferable off-line ecash)

On Thu, Apr 11, 2002 at 02:37:50PM +0100, Adam Back wrote: | - deployment / chicken and egg problem (merchants want lots of users | before they're interested users want wide merchant acceptance before | their interested) I think its worse than that. The normal technology adoption curve is that y

Re: Detectable cash notes a fantasy

On Wed, Apr 10, 2002 at 02:22:04PM -0400, Trei, Peter wrote: | > If a stack of bills containing these transponders are supposed to be | > read from afar, way beyond what a "valid bill detector" is likely to be | > engineered to do, I'd like to see the physics worked out. | > | Detection range

Re: Detectable cash notes a fantasy

On Wed, Apr 10, 2002 at 10:59:32AM -0700, Tim May wrote: | On Wednesday, April 10, 2002, at 09:27 AM, Trei, Peter wrote: | >> For paper money failure rates will probably be high anyway. | So, if in fact we _are_ talking about each $20 bill having such a | transponder, then why are our arguments

Re: List analysis.

On Wed, Mar 20, 2002 at 03:18:39PM -0500, dmolnar wrote: | On Wed, 20 Mar 2002, Trei, Peter wrote: | | Hey look, it's been a while, but I don't remember anyone saying much about | CodeCon from last month. It happened. It was cypherpunkly. People wrote | code. I can get the MP3s over Bram Cohen's

Mr Anan, is your bodyguard just happy to see us?

http://www.washtimes.com/world/20020221-14729320.htm -- "It is seldom that liberty of any kind is lost all at once." -Hume

Privacy Enhancing Technologies 2002

Privacy Enhancing Technologies 2002 April 14-15, 2002 San Francisco, CA Call for Participation Registration for Privacy Enhancing Technologies 2002 is now open. Details and online registration can be found at http://www.pet2002.org/ along with the program and hotel information. Privacy and ano

Re: Pentagon Readies Efforts to Sway Sentiment Abroad (fwd)

On Wed, Feb 20, 2002 at 09:45:02PM -0800, Steve Schear wrote: | At 12:06 AM 2/20/2002 -0500, Faustine wrote: | >The new RAND works are creating the vocabulary we use to think of | >these things just as surely as the old RAND works did: "In Athena's | >Camp", "Strategic Appraisal," "Strategic Infor

Re: DC to get spycams --"no choice but to accept it"

On Wed, Feb 13, 2002 at 05:10:12PM +, Jim Dixon wrote: | On Wed, 13 Feb 2002, Eric Murray wrote: | | > > > He said city officials had studied the British surveillance system, | > > > which has more than 2 million cameras throughout the country, and | > > > were "intrigued by that model." | >

Re: DC to get spycams --"no choice but to accept it"

Jeffery Rosen had an excellent bit in the NYTimes http://www.nytimes.com/2001/10/07/magazine/07SURVEILLANCE.html?pagewanted=print on 'that model.' "Last year, Britain's violent crime rates actually increased by 4.3 percent, even though the cameras continued to proliferate. But

Poindexter redux

http://www.nytimes.com/2002/02/13/politics/13DARP.html Chief Takes Over New Agency to Thwart Attacks on U.S. By JOHN MARKOFF > John M. Poindexter, the retired Navy admiral who was President > Ronald Reagan's national security adviser, has returned to the > Pentagon to direct a new agency that i

Re: registering Cypherpunks movement ...

On Mon, Jan 14, 2002 at 01:56:27PM -0800, Bill Stewart wrote: | We don't have any officers - so the report becomes the null set. | And some of us belong to religions that forbid making oaths, | while the oaths you'd get from other non-officers are more like |" I'm not filling out this form" I

Re: "Swiss bank in a box"

On Sat, Dec 22, 2001 at 01:12:02PM -0800, Tim May wrote: | On Saturday, December 22, 2001, at 11:29 AM, Adam Shostack wrote: | | > On Fri, Dec 21, 2001 at 01:21:27PM -0800, Len Sassaman wrote: | > | | > | In conclusion, I leave you with a question: if remailer users are | > reduce

Re: More on remailers.

On Fri, Dec 21, 2001 at 01:21:27PM -0800, Len Sassaman wrote: | | In conclusion, I leave you with a question: if remailer users are reduced | to a small number of high-paying remailer customers for whom anonymity is | not a game, but a matter of life or death, could a mix-net be made to | provide

Re: Moving beyond "Reputation"--the Market View of Reality

On Sun, Dec 02, 2001 at 07:54:43PM -0500, R. A. Hettinga wrote: | > | Just to sort of thrash things a bit, in a capital markets | > | transaction, an exchange isn't such a hard thing to do, in the | > | sense that a secondary bearer-form asset transaction (primary is | > | like an IPO, or, for ca

Re: Further thoughts on Reputation Capital systems and implementation

ou must change them very often. | [EMAIL PROTECTED] http://www.sunder.net | | On Sat, 1 Dec 2001, Adam Shostack wrote: | | > On Fri, Nov 30, 2001 at 05:00:33PM -0500, Sunder wrote: | > | | > | Say Tim has a repcap of 600, say Declan has 500, and Sandy has 400. Then | > | I a

Re: Further thoughts on Reputation Capital systems and implementation

site, and you must change them very often. | [EMAIL PROTECTED] http://www.sunder.net | | On Sat, 1 Dec 2001, Adam Shostack wrote: | | > On Fri, Nov 30, 2001 at 05:00:33PM -0500, Sunder wrote: | > | | > | Say Tim has a repcap of 600, say Declan has 500, and Sandy has 400. Then

  1   2   >