Slashdot Mirror

I agree that information has to get out there,

This is something that everybody needs to read right now: http://cryptome.org/dont-panic.htm

Somebody should give this guy a medal !

From a retired military weapons, munitions, and training expert : The truth about Bio/Terror/Chem Weapons.

A high-profile effort dubbed the Secure Digital Music Initiative (SDMI), intended to be a private sector version of the kind of technology effort Hollings' plan outlines, collapsed largely because of disagreements between technology and content companies.

That's why the SSSCA will make non-DRM controlled hardware illegal.

Eventually, after enough hacking of the systems, PCs will be required to be tamper-proof, DRM enabled, no end-user access to raw bit streams, etc. The SSSCA could pass, and the certified systems required by the act could include such requirements.

And the DRM system will likely prevent playing of unauthenticated content. Ostensibly to stop people from making analog recordings of music with a microphone, but it would also make independant music production impossible. The legally mandated system could require that in order for a piece of music to play, it would need to be signed with a valid key - and only the RIAA could license such keys. Onle would then need an RIAA license to make music.

Asbestos junk science

Basically, the fire was way too hot for asbestos to handle, even if it had been used. Nice try.

Could the appropriate code be included in the Kernal (in order to make it legal) but made an option like everything else in the kernal, so I can compile a new one sans all the copy control nonesense?

No. The SSSCA specifically prohibits circumventing copy controls, much like the DMCA.

Cryptome.org has the full text of the bill here. Check it out.

-jhp (Remember, kids: practice safe crypto)

How is the validation of an individual's identity ensuring his sanity on a flight? If I carry this card, and prove that I am indeed the holder of the thumb and body which the card indicates, what is stopping me from running into the cabin of the plane with a fork, and declaring the plane in the name of Homer Simpson? Nothing.

Stop trying to fill your pockets, Larry, at the expense of the very same freedoms which made you rich.

We have Microsoft trying to pull everyone's personal credit information into Passport and .NET, so they can control where you go, when, and how you get there, and we have Oracle, trying to capture and store and "manage" your very identity. I don't think so.

We also have the DMCA, the SSSCA, backdoored "encryption" (anything with more than one keyholder is not encryption), the RIAA, MPAA, gps tracking devices in rental cars, cameras at every intersection, Dmitry Sklyarov vs. US/Adobe, and traffic tickets being sent in the mail for infractions you were never stopped for.

How is this giving me liberty again?

What people in our government fail to see is that the collection of these events, coupled with those who are trying to restrict stem cell research, our encryption, our liberties, and now, in a very delicate potential time of war, issuing lethal foreign policies. People are leaving this country, and taking off for other places where the opportunities may not be as vast, but the freedoms certainly are.

I'm very close to taking off as well, before the borders are closed, and I have to show my passport, fingerprint, and biometric validation, along with government approval to leave this country, and I'm taking all of my loved ones with me.

Here is a copy of the Anti-Terrorism Act of 2001 second draft.

As well as the "Mobilization Against Terrorism Act".

All I can say is, be careful what you wish for and what saying "Oh whats a little ID card."

It won't stop there.

This sort of offensive, confusing and strange-sounding to non-tech laypeople and those outside the military, will clearly rely heavily on security technology -- surveillance, wire-taps, electronic ID's from cards to voice and fingerprint scanning, biological warfare and defense, e-mail encryption and interception, satellite photographs, the digital tracing of money,

Second, we will not be attacking ("offensive"), we will be defending ourselves against terrorism - in a way that European countries already have for years.

Third, before asking for new toys, how about those in charge of this defense started by using the info they already had? See

Ramzi Yusef, architect of first World Trade Center bombing, carried plans for airliner suicide crashes

U.S. officials said the destruction of the World Trade Center and the Pentagon bear the imprint of Yusef, the 41-year-old Pakistani who was convicted for the 1993 attack on the World Trade Center. Yusef was arrested and found with plans for a coordinated series of hijackings and suicide crashes of several U.S. commercial airliners.

The plan was never carried out, the officials said, because of the limitations of the poorly-trained squad.

Jeff, the terrorist who revealed the kamikaze plan to the Fbi (fish translation)

The truth that is emerging in these hours in New York, and that nobody as yet wants to say aloud, is bitter as a poison: the Fbi could have known if it had only believed what it already knew.(...)

The plan to train pilots, too slow in Africa, continued more rapidly in America. In the "memo" of the long depositions of Jeff to Attorney Mary Jo White, one can read: "The training of the men infiltrated in the United States through Canada involved training to the individual conflict in the paramilitary fields in Afghanistan, intelligence and techniques of flight in the United States. For instance Iab Ali, a.k.a. Nawawi, the right arm of Osama. He lived in Orlando, Florida. He was trained until the diploma in the school of flight of Norman, Oklahoma".

(According to La Repubblica, this "memo" dates from October 20, 2000. They don't say how they got it -- I couldn't find the complete text online, but another part is in "Jeff"'s guilty plea in "USA v. Ali Mohamed", dated the same day.)

Ramzi Yusef, architect of first World Trade Center bombing, carried plans for airliner suicide crashes

U.S. officials said the destruction of the World Trade Center and the Pentagon bear the imprint of Yusef, the 41-year-old Pakistani who was convicted for the 1993 attack on the World Trade Center. Yusef was arrested and found with plans for a coordinated series of hijackings and suicide crashes of several U.S. commercial airliners.

The plan was never carried out, the officials said, because of the limitations of the poorly-trained squad.

Jeff, the terrorist who revealed the kamikaze plan to the Fbi (fish translation)

The truth that is emerging in these hours in New York, and that nobody as yet wants to say aloud, is bitter as a poison: the Fbi could have known if it had only believed to those that it already knew.(...)

The plan to train pilots, too slow in Africa, continued more rapidly in America. In the "memo" of the long depositions of Jeff to Attorney Mary Jo White, one can read: "The training of the men infiltrated in the United States through Canada involved training to the individual conflict in the paramilitary fields in Afghanistan, intelligence and techniques of flight in the United States. For instance Iab Ali, a.k.a. Nawawi, the right arm of Osama. He lived in Orlando, Florida. He was trained until the diploma in the school of flight of Norman, Oklahoma".

According to La Repubblica, this "memo" dates from October 20, 2000. They don't say how they got it -- I couldn't find the complete text online, but another part is in "Jeff"'s guilty plea in "USA v. Ali Mohamed", dated the same day.

I don't think the strength of the towers was a problem. Engineers have stated that they believe the WTC handled the impacts very well. However, the fire supression system and the materials used to build the central core of the building could not handle a fire caused by the thousands of gallons of jet fuel. I think slashdot already had a link to the cryptome article about it.

I'd like to take issue with this statement, as this phenomena is largely due to design quirks that were a part of a questionable plan to increase floor space in the building. See more information on it in this discussion that was held over at Cryptome.org.

Make that really huge American companies.
Anyone who messes with them is obviously some sort of evil, communist, hippie anarchist hacker bent on economic terrorism! And I bet they drown puppies and stomp on flowers, too! But don't worry, your friends at AOL/Time Warner/Microsoft/AT&T/Sprint/Verizon/Hewlett Packard Bell will save you!

Cryptome is run by a New York architect, John Young. He has posted interesting comments on the contraversy surrounding the original buildings. They're a good read.

Cryptome is run by a New York architect, John Young. He has posted interesting comments on the contraversy surrounding the original buildings. They're a good read.

This isn't about backbone.

Anti-trust laws don't work. Look at M$. Look at the modern Petrol industry. We tried breaking up the mega-monopoly Standard Oil in the early 20th century, and look where we are now: Exxon-Mobil et. al. AOL-Time-Warner and consolidation aren't the problem: people willing to turn over control of their lives to a company and pay for the privilege of doing so is the real issue. Perhaps private interests encouraging this kind of neo-slavery (serfdom?) should be discouraged from it, but we certainly won't affect positive change from your implied (correct me if I'm wrong) Neanderthal approach of nuking every increasingly complex corporation just because they have a shitload of capital and appear to be "buying up the world" (tell me you'd act differently if you were on the board of, say, AOL).

You speak as if the state-capitalist system in the UK were better. Obviously, any system run by the same government that so deftly handled foot and mouth is superior to what we have over in Unistat.

I assure you, there is nothing daring about this. The people who control these companies are working hand-in-hand with legislators to make this consolidation smooth for all the controlling parties. The real dare is to their client base: to stand up and learn how to use products that cede control to the end user and not to the originating corporation.

Cheers,
Rene

For posterity's sake, Kozinski's letter also has a home here.

Cryptome has a posting showing the porn mpg download logs from a court computer. Its a letter from the court's administrative offices to one of the chief judges, giving the IP (and who's assigned to it) of the downloader.

The downloads were at lunchtime, but jeeze, there are a lot of downloads. It looks like it was some sort of sharing software involved, by the looks of the filenames and the IP numbers.

The letter is from the adminstrative offices of the court to a chief judge, indicating the IP and registered owner of that IP. The log was captured as part of their "security intrusion detection" system because of the large volume of traffic. Sounds a little funny-- the volume of traffic is going the wrong way to be a massive data leak. I wonder how the judges like this "security" precaution being used to spy on them.

The administrative office goes on to complain about sexually-oriented websites are likely to contain "computer viruses, trojan horses, and other harmful products". First off, the administrator didn't notice that these weren't websites, and second, all the files were videos. A decent security system would have blocked .vbs and maybe other executables, but since mpgs don't (yet) contain virses and trojans horses, they *ARE* safe to download.

Sure, I'd be weirded out if someone was doing their thing to porn in the office next door, but it doesn't take a porn download to enable that sort of behavior. Besides, by the quantity of the downloads, it doesn't look like there was much time to view them.

Cryptome has a posting showing the porn mpg download logs from a court computer. Its a letter from the court's administrative offices to one of the chief judges, giving the IP (and who's assigned to it) of the downloader.

The downloads were at lunchtime, but jeeze, there are a lot of downloads. It looks like it was some sort of sharing software involved, by the looks of the filenames and the IP numbers.

The letter is from the adminstrative offices of the court to a chief judge, indicating the IP and registered owner of that IP. The log was captured as part of their "security intrusion detection" system because of the large volume of traffic. Sounds a little funny-- the volume of traffic is going the wrong way to be a massive data leak. I wonder how the judges like this "security" precaution being used to spy on them.

The administrative office goes on to complain about sexually-oriented websites are likely to contain "computer viruses, trojan horses, and other harmful products". First off, the administrator didn't notice that these weren't websites, and second, all the files were videos. A decent security system would have blocked .vbs and maybe other executables, but since mpgs don't (yet) contain virses and trojans horses, they *ARE* safe to download.

Sure, I'd be weirded out if someone was doing their thing to porn in the office next door, but it doesn't take a porn download to enable that sort of behavior. Besides, by the quantity of the downloads, it doesn't look like there was much time to view them.

Politics aside:

A description of a fatal weakness in HDCP's was published by Scott A. Crosby a few days after the specs was published, and was independently discovered by many others. Crosby's attack appears to have the capabilities claimed by Ferguson and has negligible computational cost (inversion of a 40x40 matrix). It requires the built-in keys of any 40 HDCP devices, but this is presumably easy to achieve in the presence of software-based HDCP implementations).

Thus the new feature of Ferguson's attack is probably a way to extract the keys without actually hacking any device, but rather by talking to intact devices via the normal protocol. While this is interesting, HDCP should already be considered broken in light of known attacks.

Scott A. Crosby wrote this short paper over on cryptome.org, which seems to cover an attack that is very much like the one in the post. Especially the number of devices required in the post (50) matches the number of keysets required by the attack described on cryptome.org (40-50). Coincidence?

here.

er, so anyway, the point is (and i think this was on /. at some point) you can check this url - scroll down a bit to get to the meat of the crack - for more information on audio watermarking and its effectivity:
http://cryptome.org/sdmi-attack.htm

anyway, selling media online has always been something churning around in the back of my mind and every time i come up with some sort of idea that may or may not work i, i can pretty much figure out a way to crack it.

my conclusion is that there is no way you can encrypt this data in an uncrackable way due to the fact that at some point you have to send audio data to the sound card - and if anyone intercepts that stream or |'s it to another dev then all your effort is wasted.

surely a viable solution would be to use hardware-based decryption using PKI. like lets say my sound card had a mobile (cell phone) like SIM card slot in it. so i buy this sound card, register with some MSP (music service provider) who supple me with a SIM card that i slot into my sound card. then i can download encrypted media (like NOT destiny's child, please!) and, tada, a workable solution.

the first thought that has always come into my mind here is *ping* HARDWARE DONGELS. nooooo. what a success that was! but i feel this is slightly different. its not like you are having software that probes for the existance of something which can be decompiled and cracked.

i've got a number of other great ideas on this that i've been formulating for over 3 years now, if anyone out there is interested in getting together to maybe push something like this forward (i have a lot of ideas with regards to ownership of content and so on as well - basically giving you the same "freedom" of ownership that you have with physical media), give me a shout on michael_jw_bartlett at hotmail dot com.

of course you can always buy gold audio jacks, plug it into you sound card's output and plug the input into your cd writer... ;)

Yes you can translate but it's like dewatermarking a copyrighted music file, it sounds and looks like shit.

Actually, de-watermarking copyrighted files has been demonstrated to work with no discernable degradation in audio quality. There may have even been a general mathematical proof presented that any watermark which does not leave a discernable trace in the watermarked file can be removed without leaving a discernable trace ... I don't recall for certain if a general proof was submitted, but I do know that a paper was to be presented at a technical forum some months ago demonstrating that all of the major watermarking approaches being considered by the RIAA could be removed with no discernable degradation in the music.

The paper in question is available on the internet, although it was never formally presented at the conference due to legal threats under the DMCA from the commercial entities promoting the watermarking technology, who obviously had a vested interest in keeping this information quiet and promoting the mistaken notion that watermarking can be an effective deterrent to copyright violation (and perhaps even fair use).

It is interesting that the industry which relies most heavily on copyright, the computer software industry, learned more than a decade ago that copy protection schemes, along with watermarking schemes, were unworkable and ultimately a waste in resources and dumped the entire approach altogether. This lesson, which demonstrated itself in no uncertain terms in the large profits of software houses despite their lack of copy protection and the ease with which their copyrights can be (and likely are) violated, has apparently been lost on the entertainment industry, due perhaps in no small part to organizations like the SDMI group who prey upon the entertainment industry's niavite with respect to copy protection and watermarking for their own purposes.

I suspect ultimately the Copyright Cartels (MPAA, RIAA, etc.) will find they have been taken to cleaners far more by their own "copy protection" vendors, who have sold them a bill of goods even the DMCA's most draconian provisions can't compensate for, than by their customers' fair use practices and even outright copyright violations. Seeing this lightbulb go on in a Hollywood Mogul's eye would be an event worth paying admission to see.

Robert Morris, Jr., the worm crippled hundreds of thousands of computers connected to the Internet. It just so happened that young Mr. Morris's dad was the Chief Scientist at NSA.

People like Jack Valenti have demonstrated they have no understanding of current technology, that they are inefficient and stupid (see his alt2600 deposition - it would be laugable if it weren't so sad). I mean this is a guy who needs more cars and houses at his disposal than whole towns in order to live "comfortably" and he is a small fry compared to others. In other industries (like coal mining, steel production) this state of affairs leads either to the end of whole industries (with mass layoffs) or to a huge reduction in output. But the backers of DMCA want to change the legal system to support their entirely unnecessary industry (Courtney Love's description of which is not flattering) and seem to believe their companies deserve to be protected. They are using their influence to achieve these ends.

I suppose it isn't surprising though - I mean in the US the oil industry names tankers after members of cabinet (a cabinet that is rabidly pro-oil and with zero support for alternative energies) and the government proposes changes to tax laws that will likely save just Bush and his cabinet over a billion dollars. Wealth and power is what it's all about. The wealthy need their power to feel safe about all the money they have and are naturally more greedy (since they have more stuff) - I don't blame them. It's when their greed results in anti-democratic law-making that impedes innovation that it needs to be pointed out and resisted.

The NSA must have been advising the consultants who wrote the report: the screen shot censorship blotches are a part of the screenshot bitmaps instead of being applied over the bitmaps via the PDF, like that spy informant report leaked on cryptome some months ago...

--

-E

The ETSI standards maturing now (see Opentap) in Europe provide LEA's with encrypted (and signed) information, so the LEA's are pretty sure about the authenticity of the material. The defense could in theory see when information was ommited, since the data sent to the LEA includes a serial number per packet, but the ISP's box has no digital signature of its own, so the LEA can just "create" any information it would want. The ISP isn't allowed to keep copies (or even buffer) the data sent to LEA's.

We'll just have to trust them.

Some more of my comments can be found on Cryptome. I'll be talking about the tapping laws at Hal2001, august 10-12, in the Netherlands.

Should have double checked... Lesson to be learned: NEVER POST WITHOUT having your coffee.
http://cryptome.org/echelon-ep.htm#10 Ref: 10.7

The coding starts with a continuously generated string of random numbers, say from a satellite put up to broadcast them or from some other source. The numbers can be coming by at an enormous speed - 10 million million per second, for example.

The sender of a message and its recipient agree to start plucking a sequence of numbers from that string. They may agree, for example, to send a message, encoded with any of today's publicly available encryption systems saying "start" and giving instructions on capturing certain of the random numbers. As they capture the numbers, the sender uses them to encode a message, and the recipient uses the numbers to decode it.

An eavesdropper can know the mathematical formula used to encode and decode, but without knowing the exact sequence of random numbers that were used in the formula to send a particular message, the eavesdropper cannot decode the message. And the only way to have that sequence is to just happen to be storing numbers from the unending stream at exactly the right moment.

Stick to facts, I can dish em out to point out why I think the way I do. Wow what how ironic this happens when the United States is hoping that the European Cybercrime Treaty is being finalized. An incidence like this would surely make politicians think twice about taking away a certain amount of rights from the people in order to maintain National Security wouldn't they?

Hell this could be what is meant by "justifying world government." See if the treaty goes through it would mean the United States LEA's would not have to depend on the liberties given to the people here, they could simply have their German counterparts subpoena things they've been denied in American courts. What power they'd have.

Look I'm in no way flaming you so don't take it that way, there's always two sides to every single issue. One thing that's certain is China's networking infrastructure is harsh on rules, and laws, so it'd mean harsh punishment for someone even trying to do things, and their up shit's creek so I personally feel they'd be reluctant to pull this off. Now on a technical level if the system was compromised do you know how easy it is to manipulate log records? Hell I could make you think Elvis or Tupac compromised that host. So for someone to say the Chinese did this, I could always come back and say oh yea, well someone using Nemesis, or HailStorm replayed a session to impose a Chinese did this.

I wonder how close to a target some of these software can actually get. I know with just about all (if not all) GPS devices, the government in the United States does not allow them to have pinpoint accuracy out of fear it would compromise military positions.

For those who don't want to download something like this may I suggest Cartome, which is Cryptome's companion that deals with mapping. They have a slew of links about products, free online services, etc.

"In addition, any disclosure of information gained from participating in the Public Challenge would be outside the scope of activities permitted by the Agreement and could subject you and your research team to actions under the Digital Millennium Copyright Act ("DCMA")."

Exactly! And that is why you will simply not be able to do many legal things in the future, if the industry goes the RIAA/MPAA/SDMI/... way. Look: You are legally permitted to make VCR copies as many as you want. But - without extra effort - you cannot. Why? Because of Macrovision. You can legally buy a DVD, and legally buy a DVD Player, and the player will refuse to play your DVD, because it thinks that you might be in the wrong country. My MD player refuses to copy my own recordings digitally, because by allowing digital copies there is the slight possiblity of maybe me committing a sinister crime (i.e. distributing copyrighted music)!

You would be perfectly legal if you could copy your CDs in the future, only you cannot. That is what "they" want, and if the industry complies, in 5 years CDs will be obsolete. What can be done with stupid laws (DMCA) will be done that way, and where they cannot castrate your basic human rights (freedom of speech for example) the industry will simply take away the technical means for exercising them, and sue every company who doesn't comply.

Look at this article for details about what's wrong with copy protection.

Remember: CDs are just about the only digital Hi-Fi media left that do not have some form of copy protection! They must be destroyed, because every CD owner is a potential criminal!

"Our goal is to enable consumers to legally download and record music to CD in a consumer-friendly manner while fairly compensating copyright owners and creators," Duea said, noting that he hopes to see deployment by year's end.

By that time, it is estimated that up to 5 billion blank CDs will have been shipped in the year in support of an estimated installed base of 100 million CD recorders in personal computers.

• Roxio: "Let's sucker the RIAA into falling for our Overkillware program and make millions if they think people will stop what they think is illegal ripping off of artists."

Company: Airbus
Agency: NSA
Date: 1994
What: Information on an order for aircraft concluded between Airbus and the Saudi Arabian national airline
How: Interception of faxes and telephone calls
between the negotiating parties
Action: Forwarding of information to Airbus's American competitors, Boeing and McDonnell-Douglas
Result: The Americans won the contract (US$ 6 bn)
Source: "Antennen gedreht", Wirtschaftswoche Nr.46

The Futility of Digital Copy Prevention
Bruce Schneier

Music, videos, books on the Internet! Freely available to anyone without paying! The entertainment industry sees services like Napster as the death of its business, and it's using every technical and legal means possible to prevail against them. They want to implement widespread copy prevention of digital files, so that people can view or listen to content on their computer but can't copy or distribute it.

Abstractly, it is an impossible task. All entertainment media on the Internet (like everything else on the Internet) is just bits: ones and zeros. Bits are inherently copyable, easily and repeatedly. If you have a digital file -- text, music, video, or whatever -- you can make as many copies of that file as you want, do whatever you want with the copies. This is a natural law of the digital world, and makes copying on the Internet different from copying Rolex watches or Louis Vuitton luggage.

What the entertainment industry is trying to do is to use technology to contradict that natural law. They want a practical way to make copying hard enough to save their existing business. But they are doomed to fail.

Complete Article

Well I have my own Cisco based [1 2 3] information which sums up networking to a tee. Security Focus, Packet Storm, SpyKing, and Cryptome all cover the other areas for information when I need it. Is it me or in the past 2 years did everyone jump on the "Hacker" bandwagon writing books on information that's already a point and click away? Not taking anything away from the book, but Information Security Management Handbook 2001, Cisco's Routing TCP/IP, and other security books in my library have done me justice. Makes I guess a nice intro for newer users, but personally I don't like books with "Hacker" in them, they tend to be geared for those with little clues, and who are often too lazy or dumb to find information and study it on their own.

• Biryukov and Shamir cryptanalysis of A5/1 GSM privacy algorithm
• Discussion on cracking A5/1
• Cryptome's copy of the A5 algorithm (PS format)

You say:
[...] but really it is just a branch of the modern military, and a legitimate form of defense.

The report says: ( section 13.2 )
What is important is that its purpose is to intercept private and commercial communications, and not military communications.

You say:
At the end of the day, Echelon is controlled by our democratic governments, and the information it reveals is used responsibly.

The report says: ( also section 13.2 )
As the protection of EU citizens depends on the legal situations in the individual Member States, which vary widely, and since in some cases parliamentary control bodies do not even exist, the degree of protection can hardly be said to be adequate.

I also wonder whether you have a brain in your head.

You say:
It provided much defense against the nazi threat in WWII.

Yes, and if the Romans hadn't beat off the Carthaginians, we'd all be speaking Carthaginian-derived languages today. And if the Anglo-Saxons, of which you are so proud ( and yes I am one too ), hadn't killed the Britons and stolen their lands, we'd all be speaking some variation of Welsh. And if the Anglo-Saxons hadn't had their butts kicked by William the Conqueror, we'd all be speaking something much more like Dutch. And if the Austrians hadn't beaten off the Turks, we'd all be speaking Turkish.

My point is: beating down an invader or an oppressor in the past hardly gives you moral justification for being an invader and an oppressor today. Just because Echelon-like systems were used to defeat the Nazis and provide valuable information on the Soviets doesn't mean that its OK to be using it to spy on private people and businesses today.

You say:
[...] our democratic Anglo Saxon realms [...] we should be strong, proud and altruistic [...] in its defense of the Anglo Saxon worldview [...]

Whoa, hold on there bucko!
Take off the white hood and put down the burning cross. Maybe its just me, but you sure do make yourself sound awfully racist talking like this.

Sure, the Echelon nations were settled/conquered/plundered largely by people of the British Iles, and they compose the dominant populations. But don't forget that within the UK, USA, Australia, NZ, Canada, there are many many non Anglo-Saxon people who are perfectly good citizens and share the same "values" you speak of. If you try to exclude them from being worthy of the same rights as others, you automatically invalidate your claims to any kind of democratic righteousnous. Also there are many Anglo-Saxons among us ( myself included ) who feel that this kind of espionage and surveillance of people and businesses, whatever their nationality is wrong and immoral. Evidently this "strong, proud and altruistic" nature you seem so misty-eyed about is not a genetic trait of Anglo-Saxon stock.

You seem very certain that the activities of the Intelligence agencies are scrutinized very thoroughly by the democratic bodies governing those nations. I think you need something of an education in the realities of the intelligence world. The truth is that most intelligence agencies operate with very little accountability to the public or to democratically elected officials. They operate this way by design as well as by convention.

As for the case of the UK, they are a member in some respects of the European Union and European community, and are moving towards more integration with Europe - and not with the "Anglo Saxon realms". As members of the European Union they would be in violation of treaties and human rights conventions to conduct or allow surveillance of European citizens. All this is outline in the report under discussion here - if you had bothered to read it.

In conclusion I've got to say that anyone who values democracy as you seem to should not subscribe to the hypocrisy of accepting any "undemocratic knife" to be used against anybody anywhere! This is contrary to the whole spirit and beliefs of this "Anglo Saxon worldview" and form the basis and constitution of all these "Anglo Saxon realms". To quote from one of the most eloquent "Anglo-Saxons" on this subject:
"He who sacrifices freedom for security will neither have nor deserve either"
-- Thomas Jefferson ( also Ben. Franklin said something very similar )

You say:
[...] but really it is just a branch of the modern military, and a legitimate form of defense.

The report says: ( section 13.2 )
What is important is that its purpose is to intercept private and commercial communications, and not military communications.

You say:
At the end of the day, Echelon is controlled by our democratic governments, and the information it reveals is used responsibly.

The report says: ( also section 13.2 )
As the protection of EU citizens depends on the legal situations in the individual Member States, which vary widely, and since in some cases parliamentary control bodies do not even exist, the degree of protection can hardly be said to be adequate.

I also wonder whether you have a brain in your head.

You say:
It provided much defense against the nazi threat in WWII.

Yes, and if the Romans hadn't beat off the Carthaginians, we'd all be speaking Carthaginian-derived languages today. And if the Anglo-Saxons, of which you are so proud ( and yes I am one too ), hadn't killed the Britons and stolen their lands, we'd all be speaking some variation of Welsh. And if the Anglo-Saxons hadn't had their butts kicked by William the Conqueror, we'd all be speaking something much more like Dutch. And if the Austrians hadn't beaten off the Turks, we'd all be speaking Turkish.

My point is: beating down an invader or an oppressor in the past hardly gives you moral justification for being an invader and an oppressor today. Just because Echelon-like systems were used to defeat the Nazis and provide valuable information on the Soviets doesn't mean that its OK to be using it to spy on private people and businesses today.

You say:
[...] our democratic Anglo Saxon realms [...] we should be strong, proud and altruistic [...] in its defense of the Anglo Saxon worldview [...]

Whoa, hold on there bucko!
Take off the white hood and put down the burning cross. Maybe its just me, but you sure do make yourself sound awfully racist talking like this.

Sure, the Echelon nations were settled/conquered/plundered largely by people of the British Iles, and they compose the dominant populations. But don't forget that within the UK, USA, Australia, NZ, Canada, there are many many non Anglo-Saxon people who are perfectly good citizens and share the same "values" you speak of. If you try to exclude them from being worthy of the same rights as others, you automatically invalidate your claims to any kind of democratic righteousnous. Also there are many Anglo-Saxons among us ( myself included ) who feel that this kind of espionage and surveillance of people and businesses, whatever their nationality is wrong and immoral. Evidently this "strong, proud and altruistic" nature you seem so misty-eyed about is not a genetic trait of Anglo-Saxon stock.

You seem very certain that the activities of the Intelligence agencies are scrutinized very thoroughly by the democratic bodies governing those nations. I think you need something of an education in the realities of the intelligence world. The truth is that most intelligence agencies operate with very little accountability to the public or to democratically elected officials. They operate this way by design as well as by convention.

As for the case of the UK, they are a member in some respects of the European Union and European community, and are moving towards more integration with Europe - and not with the "Anglo Saxon realms". As members of the European Union they would be in violation of treaties and human rights conventions to conduct or allow surveillance of European citizens. All this is outline in the report under discussion here - if you had bothered to read it.

In conclusion I've got to say that anyone who values democracy as you seem to should not subscribe to the hypocrisy of accepting any "undemocratic knife" to be used against anybody anywhere! This is contrary to the whole spirit and beliefs of this "Anglo Saxon worldview" and form the basis and constitution of all these "Anglo Saxon realms". To quote from one of the most eloquent "Anglo-Saxons" on this subject:
"He who sacrifices freedom for security will neither have nor deserve either"
-- Thomas Jefferson ( also Ben. Franklin said something very similar )

http://www.theregister.co.uk/content/5/19003.html
The Council of the European Union, which represents the 15 member governments, will discuss implementing a policy originally designed with the FBI six years ago. It calls for the retention of "every phone call, every mobile phone call, every fax, every e-mail, every website's contents, all internet usage, from anywhere, by everyone, to be recorded, archived and be accessible for at least seven years," notes the journal.

Privacy is dead. We are watched by 1.5m closed-circuit television cameras, more per head of population than any country on Earth. Our government, police and intelligence services have more legal powers to poke around in our private lives than those of communist China. And thanks to new technologies from mobile phones to the internet, they can use those powers to find out where we are, whom we talk or send e-mails to, and what websites we click on. According to most experts in the field, a police state with powers of control and surveillance beyond the wildest dreams of Hitler or Stalin could now be established in Britain within 24 hours. And guess what: MI5 probably read this article before you did. It was delivered by e-mail, a hopelessly insecure system. It is full of the sort of security-sensitive words the spooks look out for, and, as I shall explain, I seem to be an MI5
target.

But the weirdest thing of all is that we really don't care. To take an example that may sound trivial but isn't, the Television Licensing Authority is currently running an advertising campaign boasting of its ability to invade our privacy. Hoardings show a local street sign with the caption that declares, four people in this street don't have a TV licence and the TLA knows who they are.

This is probably in the same vein as the leaked document "NCIS submission on communication data retention law". they proposed much the same thing, allegedle to confirm alibis and track known criminals. It's on Cryptome

It was mentioned on Slashdot, but it was a while ago.

It wasn't clear in the document whether or not it was the content of the communication or the record of the communication. The cost of storing the data (UK only) was estimated at nine million pounds per year, based on the current running costs of the National DNA Database. Initial costs would probably be higher.

This is probably in the same vein as the leaked document "NCIS submission on communication data retention law". they proposed much the same thing, allegedle to confirm alibis and track known criminals. It's on Cryptome

It was mentioned on Slashdot, but it was a while ago.

It wasn't clear in the document whether or not it was the content of the communication or the record of the communication. The cost of storing the data (UK only) was estimated at nine million pounds per year, based on the current running costs of the National DNA Database. Initial costs would probably be higher.

The best warning ever, must be this:

Don't use nuclear weapons to troubleshoot faults.

It comes from SAFETY RULES FOR US STRATEGIC BOMBERS
--
echo '[q]sa[ln0=aln80~Psnlbx]16isb15CB32EF3AF9C0E5D7272 C3AF4F2snlbxq'|dc

Spaf has previously spoken out in favor of 2600 in their appeal vs. the MPAA in the DeCSS case through his involvment in an amicus breif. You can read the brief here and the /. discussion here.

In any event, Spaf's proximity to the event (only an hour and a half from Purdue to BSU) would probably make him more likely to agree to participate, as you're not likely to pull any other experts from a great distance to give a short talk unless you're spotting their airfare.

Maybe you're a civil libertarian, and maybe you're not. Maybe you worry about how the United States exercises its vast investigative and prosecutorial powers, and maybe you don't.

But if you counsel U.S. corporations on computer-related issues, you should be concerned about a new proposed treaty known as the "Convention on Cybercrime." The Council of Europe, a 43-nation public body created to promote democracy and the rule of law, is nominally drafting the treaty. Curiously, however, the primary architect is the United States Department of Justice.

The Department of Justice and Federal Bureau of Investigation are using a foreign forum to create an international law-enforcement regime that favors the interests of the feds over those of ordinary citizens and businesses. Their goal is to make it easier to get evidence from abroad and to extradite and prosecute foreign nationals for certain kinds of crimes.

Maybe you trust the law-enforcement chiefs in D.C. to do the right thing. But here's the catch. The same new powers given to the United States will also handed over to Bulgaria, Romania, Azerbaijan, and other Council of Europe nations that-although officially democratic now-don't have a strong traditions of checks and balances on police power.

Do you want investigators rummaging around your clients' computer systems on warrants issued by former Soviet bloc nations?

(read full article here)

I wonder how many people visit the site using proxies, and if IP addresses are going to be used, I hope Indy Media know how circumstantial thay shit is. I wonder if it can be fought with in court with a demonstration of Packet Replays and Packet Injections, to show how just how shitty using IP addresses as identification can be.

And people think I'm paranoid about using daisy chaining proxies along with Safeweb

Well for those here who need it (I doubt there's many) here are my privacy links.