Re: Financial identity is *dangerous*? (was re: Fake companies, real money)

Roy M. Silvernail wrote: I'd thought it was so Microsoft could offer an emulation-based migration path to all the apps that would be broken by Longhorn. MS has since backed off on the new filesystem proposal that would have been the biggest source of breakage (if rumors of a single-rooted, more *n

Re: Financial identity is *dangerous*? (was re: Fake companies, real money)

[EMAIL PROTECTED] wrote: This is what I love about the Internet -- ask a question and get silence but make a false claim and you get all the advice you can possibly eat. Yup. give wrong advice, and you look like a fool. correct someone else's wrong advice, and you make them look foolish (unless

Re: Printers betray document secrets

Ian Grigg wrote: It's actually quite an amusing problem. When put in those terms, it might be cheaper and more secure to go find some druggie down back of central station, and pay them a tenner to write out the ransom demand. Or buy a newspaper and start cutting and pasting the letters... or sligh

Re: Financial identity is *dangerous*? (was re: Fake companies, real money)

Roy M. Silvernail wrote: I was thinking more of the rumor that Longhorn's filesystem would start at '/', removing the 'X:' and the concept of separate drives (like unix has done for decades :) ). When I first saw this discussed, the consensus was that it would break any application that expected t

Re: Optical Tempest FAQ

recovering data from one of those at a distance using a good telescope may be possible and most people don't think of the gentle flicker of the LED as carrying actual information that could be intercepted. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass 02493

Re: Using Virus/Worm comments to implicate others

Tim May wrote: > Reading about the Romanian student arrested today for allegedly > releasing one of the "Blaster" variants, I was struck by how easy it > would be to "bring a shitstorm down" on someone by inserting comments > into the virus code. oh joy - yet another way to joe-job someone.

Re: Getting certificates.

> Outlook and outlook express support digital signing and > encryption -- but one must first get a certificate. > > Now what I want is a certificate that merely asserts that the > holder of the certificate can receive email at such and such an > address, and that only one such certificate has been

Re: Small taste of things to come if the war on Iraq happens.

pop' stores in a community. It would seem there are better targets to attack >as the evil tools of oppression. > > j > > > > > ____ > Sent via the WebMail system at 1st.net -- Dave Emery N1PRE,

Re: Sovereignty issues and Palladium/TCPA

I have seen this *five* times already - is there some sort of wierd mailing loop in action? I am fairly certain I haven't sent it five times spread out over two days

A talk on Intellectual Property and National Defense

systems in which case DRM will most likely be broken endlessly. Comments? Dave Ps please excuse the inability to hear the questions from the floor, I recorded it will a small digital recorder on the podium. -- Forwarded Message From: Dave Farber <[EMAIL PROTECTED]> Date: Wed, 29 Jan 2

Re: Tiny whiskers make huge memory storage

So how real is the threat - what does it cost to have it done and how expensive is the gear ? Who actually has working setups in use ? And how many layers down can they really read ? And with what BER ? -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP

Re: What was really on that Shuttle?

tity MIGHT have grabbed your keys or crypto chips, you have to take precautions (changing keys and so forth) which cost lots of money so trying to find the crypto box and the chips and keys makes a lot of sense as it save considerable effort and expense later on. -- Dave Emery N1PRE,

Re: Putting the "NSA Data Overwrite Standard" Legend to Death... (fwd)

Jim Choate wrote: > On Sat, 8 Feb 2003, Sunder wrote: >> In real life this will not work as most Windoze hard disk encryption >> schemes can't encrypt the OS disk - and this is where the temp/cache >> stuff goes. Not always - certainly, windows cache goes to a partition that must be available at wi

Re: Putting the "NSA Data Overwrite Standard" Legend to Death... (fwd)

Jim Choate wrote: > Yes, it can mount the partition. That isn't the problem. The problem > is that for lilo to do this it has to have access to the key in > plaintext. That makes the entire exercise moot. not if you have to type it every time. if you take that as criteria, then *all* encryption is

[doug@joss.com: Re: [coldwarcomms] Digest Number 1106]

ear. The loop also incorporates an NSA facility that does something (can't imagine what ;-) on the fiber. Doug Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ - End forwarded message - -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, We

An interesting discovery (if true) in the UK...

s by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. === TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

Re: NAI pulls out the DMCA stick

> 1. How do you create a X.509 signing hierarchy? by issuing other people's keys with a subordinate CA certificate.?

Re: Slashdot | EU to Require Opt-In for Commercial Email (fwd)

> http://yro.slashdot.org/yro/02/05/30/1640210.shtml?tid=111 It was a combo bill - the Spammers have to restrict themselves to Opt-In, but the Governments get to demand ISPs keep records of who does what where on demand. Of course, none of this has legal force until ratified in the countries own l

Re: FC: Hollywood wants to plug "analog hole," regulate A-D

t raw public votes will control over Hollywood money. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18

TCPA/MS

Phil Youngblood posted the following to the securecomp server - thought it might interest people here, given the recent discussion of M$'s DRM stuff... -- This from the Eula for the latest Windows Media Player patch. * Digital Rights Management (Sec

Another restriction on technology - cell and cordless scanning now a felony

(which of course most scanner list intercepts are). Thus the legal climate has fundamentally changed, and one can assume that since the Bush administration has been pushing for the passage of this bill that they perhaps intend to start prosecuting at least some category of radio u

Re: They will damn well try to legislate DRM]

s full of PCs. And yet it could result in a world in which it was illegal to offer software or hardware to the general public that was not DRM'd or allow the general public complete access to their networked machines even for personal use only. -- Dave Emery N1PRE, [EMAIL PR

Online TV Deals 312

Internet Exclusive -- TV Deals Fantastic Prices Click any Product for Details AMAZING PROFITS BY JOHN BECK AVACOR HAIR CARE SYSTEM BALANCE BRACELET BLAST OFF THE P

Re: Tunneling through hostile proxy

Ben Laurie wrote: || Errr - its tricky anyway, coz the cert has to match the final || destination, and, by definition almost, that can't be the proxy. provided you can impose a CA cert onto the user browser (not hard in a corporate environment) it isn't as if signing a certificate "on the fly" is

DMCA charges used against DSS pirates ...

Property program. "There is definitely a strong possibility of others getting charged in the future," a spokesman for Yang told internetnews.com. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18

Re: Using time-domain reflectometry to detect tamper attempts on telecom cables

hs old would be very much less interesting in most cases than near real time intercepts - particularly of targets like terrorists. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18

Re: What email encryption is actually in use?

James A. Donald wrote: >> And PGP tells me "signature not checked, key does not meet > validity threshold" what version are you on? ckt never does that - it checks it, and marks the sig status as good or bad - but obviously marks the key status as invalid (due to lack of signing) on anyone I don't

Re: Did you *really* zeroize that key?

Kevin Elliott wrote: > The point is though, that according to C99 today > > volatile int myflag; > myflag=0; > if (myflag!=0) { do stuff } ; > > does _exactly_ what you want, per the spec. The only compilers that > don't work this way are by definition out of spec, so adding new > stuff isn't goin

Re: Did you *really* zeroize that key?

David Honig wrote: > I was thinking more in terms of arrays > > memset( arr, 0, sizeof(arr)) // zero > unsigned int v=1; > for (int i=0; i< arr_size; i++) v += arr[i]; // check > if ( v>0 && v<2 ) // test > sanity(); > else > insanity(); > > But I suppose that if compilers can be arbitrarily 'cleve

Re: Did you *really* zeroize that key?

Bill Frantz wrote: > There is a common example of this corner case where the memory is > paged. The page containing the key is swapped out, then it is read > back in and the key is overwritten, and then the page is deallocated. > Many OSs will not zero the disk copy of the key. Given the nature of

Re: [eros-arch] Did you *really* zeroize that key?

Jeroen C. van Gelderen wrote: >> The last, I think, is the right answer. On the whole, when my laptop >> is stolen I don't want anybody to get *anything* useful off of that >> drive. If they can't get anything useful, then in particular they >> cannot get my crypto keys and I'm done. > Law enforcem

Re: disappearing Kavkaz sites?

I have noticed this too. Other similar sites such as "qoqaz.net", "azzam.com", "azzam.co.uk", etc, are often down or have disappeared completely. Some of these sites were well organized, very informative and updated frequently. David Mirza Ahmad Symantec 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB

Re: News: House votes life sentences for hackers (fwd)

those the government doesn't approve of... they certainly won't increase communications privacy or security and may in fact decrease it if they allow the draconian penalties to be used as an excuse for not spending the money to implement secure and effective encryption of anything sensit

Re: News: House votes life sentences for hackers (fwd)

ds of hams for use on ham bands (and more such ham projects appear every day). -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18

Re: News: House votes life sentences for hackers (fwd)

On Fri, Nov 15, 2002 at 10:20:42PM -0800, Steve Schear wrote: > At 11:59 PM 11/15/2002 -0500, Dave Emery wrote: > >And I am on record as advising some of the folks doing gnu-radio > >that in my personal opinion it was rather unlikely that a user > >programmable open

Re: Spending a billion dollars an hour produces a hell of a light show

[EMAIL PROTECTED] wrote: > Once the war is over senior people in the U.S. administration better > have proof acceptable to the international community in open forums if > they do not wish to share a similar fate as their Iraqi counterparts. I think the US believe that, with the USSR gone, they are

Re: pgp in internet cafe (webpgp)

Morlock Elloi wrote: > Ever tried to install a ssh client on a random internet cafe computer Yup. 1. download putty 2. run putty 3. run batchfile that changes password to next oneshot 4. do whatever is needed 5. exit putty :)

Re: FC: An analysis of Michigan and Colorado "mini-DMCA" bills

nitor public safety communications (expressly permitted under federal law) might fall under this rubric too, as the public safety agencies may not have give express consent. Under the Mass. bill this would criminalize mere possession of such radio equipment. -- Dave Emery N1PRE, [

Re: Missile -launchers in iraq

Neil Johnson wrote: > - Most important, using Biological or Chemical Weapons is a two-edged > sword. They could do just as much damage to their own troops as to > the US and UK troops if they make a mistake. Might be interesting to see what would happen if iran felt threatened by bush's aggressive

Public hearing on Super DMCA in Boston

goals are... -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass 02493 PGP fingerprint 1024D/8074C7AB 094B E58B 4F74 00C2 D8A6 B987 FB7D F8BA 8074 C7AB

Re: SIGINT planes vs. radioisotope mapping

pper T1 lines. Knowing who calls or emails who makes it possible to find the needles which you want to monitor in the vast haystacks. Thus there is a much greater probability that records of your calls and IP traffic addresses are looked at for patterns and association with known bad guys tha

Re: News: House votes life sentences for hackers (fwd)

On Wed, Nov 20, 2002 at 12:40:26AM -0500, Declan McCullagh wrote: > On Fri, Nov 15, 2002 at 10:48:37PM -0500, Dave Emery wrote: > > I might hasten to add that as I am sure Declan knows, this > > addition to the Homeland Defense Act also includes the CSEA provisions >

Re: Worm Klez.E immunity

rab terrorists to me.... -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18

Re: CNN.com - WiFi activists on free Web crusade - Nov. 29, 2002 (fwd)

Eugen Leitl wrote: > On Sat, 30 Nov 2002, Dave Howe wrote: > I believe I mentioned geographic routing (which is actually > switching, and not routing) so your packets get delivered, as the > crow flies. The question of name services. How often do you actually > use a domain name

Re: If this be terrorism make the most of it!

me exact results. Thus it seems that at least around the wealthy Boston suburbs they have already made it impossible to make a long distance coin call, and one presumes this is for obvious reasons... We are closer to the police state that everyone fears than we know.... --

Re: New Scientist - Virtual world to run on real cash... (fwd)

Jim Choate wrote: > http://www.newscientist.com/news/news.jsp?id=ns3180 yeah. downloaded that (its about 300MB!) and after going though the setup it doesn't like my video card *sigh* At first look though, it would appear the system is set up for a decent proportion of the money to flow in the

Re: Libel lunacy -all laws apply fnord everywhere

Jim Choate wrote: > On Wed, 11 Dec 2002, Steve Schear wrote: >> From the article: >> "The court dismissed suggestions the Internet was different from >> other broadcasters, who could decide how far their signal was to be >> transmitted." >> This is totally bogus thinking. The Internet is not broad

Re: Has RSADSI Lost their mind?

t funny it's so sad: I've been telling RSA for about two years that they'd be wise to adopt a new kind of public/business stance, rather than continually pissing all of us off, leaving themselves come October with nothing but a hollow legacy and a lot of people who simply won't do business with them on basic principle, but apparently none of them listen very well. More the fools them. dave _ "You can lead a horticulture, but you can't make her think." --John Del Torto

Re: Has RSADSI Lost their mind?

the "PGP website." Ba-dum-dum, plink! OK, so this doesn't really matter _now_, and maybe you had to be there back in the day to really appreciate the humor of this, but after 4+ years of trying to get N$I to make the PGP option work, _I_ found this kinda funny myself... dave PS: <http://www.opensrs.org> ...'nuff said. ___ "And now: we'll be back after a few subliminal messages from our sponsors."

020309 Cypherpunks Meeting REMINDER

San Francisco Bay Area Cypherpunks Physical Meetings Tomorrow's Meeting: Sat 2002-03-09 Stanford / Tressider Info: Next Meeting: Sat 2002-04-13 Berkeley / (TBA) Info: (~1 week prior)

[MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [Starting the 2nd decade with new challenges & opportunities! -ddt] December 2002 Cypherpunks Physical Meeting Announcement General Info: DATE: Saturday 14 December 2002 TIME: 12:00 - 5:00 PM (Pacific Time) PLACE: Electronic Frontier Foundation

<    1   2