Slashdot Mirror

PROTIP: The two girls who originally sued have withdrawn their claims a looong time ago, and admitted that it was all just some jealousy/rivalry thing between the two, that they got very much pushed into by the cops.

So much about that "rape" claim, that some retards here, who apparently live behind the moon, or work for the government, still parrot around. (See below.)

Is it possible that this is faked?

Yeah, along with anything else on Wikileaks, because they are submitted by anonymous people. Things have to be verified.

Is it possible that people have paid campaigns dedicated to move people's opinion one way?

Very. http://cryptome.org/2012/07/gent-forum-spies.htm

But if Wikileaks has no credibility, why does the UK want extradition on him so badly, to Sweden, enough to storm an embassy?

lulz, now we gonna get spammed by the hosts file conspiracy theory guy that links to http://cryptome.org/2012/07/censored-slashdot-post.htm

You mentioned this:

http://cryptome.org/2012/07/censored-slashdot-post.htm

The general COINTELPRO / disinformation / "infowar" methods are detailed here:
http://cryptome.org/2012/07/gent-forum-spies.htm

 
Well, as a long time visitor to Slashdot I can tell you that yes, Slashdot _does_ carry out censorship, but on the point that you posted, there have been a lot of activities from "AC", and they have spammed many Slashdot threads with this "cointelpro" message
 
I do not need any tinfoil hat to discern what is truth and what is not
 

Maybe it is. But I think that it reflects much more negatively on the public than wikileaks if so. I know cryptome is no honey-pot. What should alarm us more than honey-pots is our collective ineffectualness in processing the information from such sources. It's almost like all the data in the world, exquisitely tailored to our liking, would have no effect either. It seems to me like world-leaders are treating the world along with humanity as a game, and like intoxicated children we play.

I used to think the same thing but I don't think so anymore. Julian Assange is someone they probably attempted to recruit and it looks like he decided to flee instead. Any time the police want to talk to you prior to charging you it's because they want to offer you a offer you can't refuse.

Maybe it is. But I think that it reflects much more negatively on the public than wikileaks if so. I know cryptome is no honey-pot. What should alarm us more than honey-pots is our collective ineffectualness in processing the information from such sources. It's almost like all the data in the world, exquisitely tailored to our liking, would have no effect either. It seems to me like world-leaders are treating the world along with humanity as a game, and like intoxicated children we play.

Because wikileaks is bullshit: http://cryptome.org/0002/wikileaks-unlike.htm I don't need to say more. John Young has more credibility than Assange or his wikileak group will ever have.

Read The Gentleperson's Guide to Forum Spies and learn about the many techniques used. You just named several of them. Some of the messages posted above, which you mentioned, probably ARE astroturf. There's been rather a LOT of astroturf on Slashdot lately. The funny thing is, once the readership is EDUCATED about the methods used to manipulate them, those methods no longer work. So educate yourselves, learn how to identify and counter astroturfing, and it won't work as well. Information will set you free.

It's really not very hard to draw attention from people who will censor you or otherwise block your message. Try to distribute information that is inimical to the operations of COINTELPRO spies attempting to manipulate the internet, and you can experience this for yourself. For one example of such forbidden content, read and then try to distribute The Gentleperson's Guide to Forum Spies, which describes in detail the methods used by spies to manipulate internet forums. Slashdot is one forum that is so manipulated, but there are many others. Read that document, then make a concerted effort to get it in front of many eyeballs, and see what happens. After your attempts to communicate are suppressed you will have a much better understanding of "some global conspiracy to DDoS my website to silence me". After such an experience you will be much less prone to doubt others who claim to experience the same thing.

This author now has so much experience in this area that I can generally tell in advance which material will, and will not, be suppressed, and can often correctly guess which method(s) will be used.

The US had 2 options, set a weak gov standard and get lol at when its is broken and noted to be weak from day one (DES).
This breaks the trust feeling with generation of young US crypto experts who so want to feel the US gov is not allowing weak crypto for good intentions.
Self-regulation allows the US gov to sit down and have a nice chat to .com commerce interests and ensure when you buy anything "Middle East" related they can database you without too much effort.
Self regulation also protects eg CIA front companies http://cryptome.org/2012/08/cia-proprietaries-1975.pdf
"IRS personnel would be notified that thev had begun to audit an Agency proprietary, and the audit would be discontinued "
If the CIA wants to fund freedom fighters (now the "good guys") in Syria - nice to have quality encryption options that dont seem out of place.
What two big brand names are doing with such weak security seems very strange. What two big US brand names where asked to do for US national security seems ....

* Hardware Backdooring Is Practical

- The News (HTML):
http://news.techworld.com/security/3372954/

- The Paper (PDF):
http://www.toucan-system.com/research/blackhat2012_brossard_hardware_backdooring.pdf

From Cryptome: http://cryptome.org/

21 July 2012

Censored Slashdot Post

http://pastebin.com/awkG002M

Censored slashdot post

By: a guest on Jul 21st, 2012

Hi fellow slashdot readers-

Many slashdot readers have complained over the past few years that the Slashdot
moderation system is broken. Now I think I know why. I've been a Slashdot
participant since the 1990s, and used to have a low-numbered account. I don't
like censorship. A lot. I was surprised and offended when I discovered active
censorship happening right on slashdot. Read on for details.

A few days ago I tried to post an interesting story to Slashdot called
"The Gentleperson's
Guide To Forum Spies". The article was written by an ex-COINTELPRO spy,
and describes in explicit detail how agents control and manipulate Internet
forums. So, I tried to post this story and discovered that each time I posted
it some Slashdot editor would quickly (within 3 minutes) delete the story
before it came to the atention of other editors or readers. Someone on the
Slashdot editorial board does NOT want Slashdot readership to learn the
techniques used to control an internet forum. Note that these techniques
only work so long as the readership remains IGNORANT of how they work. A
little forensic investigation by someone with DB access will even show
which editor(s) repeatedly deleted this story on 18 July 2012. Honest
editors are smart enough to figure out what to about COINTELPRO infiltrator
editors. Given that I have a natural dislike of censorship, I'm trying a
different tactic to expose my fellow Slashdot readers to this censored content.

Here's a challenge to my fellow geeks: Try to post the above story,

I'd like to see some accountability put into THAT on this site: Since anyone with modpoints can do unjustifiable downmoderations, and there's NO WAY to know who did it!

(Yes, and WE ALL KNOW that "hit & run" bad unjustified downmodding that's totally unjustified does go on here like mad)...

So, that said?

Well - I'd like to see names attached to those that downmod a post, just so they can be DIRECTLY CHALLENGED as to why they did so (on valid technical grounds mostly), if not humiliated publicly for doing completely unjustified & unwarranted down moderations.

* It's a HUGE problem here... it really is, & I am NOT the only person who feels that way. In fact, this fellow did a post about it in the SUBMISSIONS section & I watched it get DELETED A DOZEN TIMES (Why's that /. moderators/owners? Hmmm??)

See here -> http://cryptome.org/2012/07/gent-forum-spies.htm , because there and the page prior to it, outline the nefarious methods used to do bogus downmods &/or worse (ganging up on others via many "fake" accounts etc.).

APK

P.S.=> I know the moderation system here is BROKEN because of that, & so do many others - see link above@

(Since just like the HBGary scandal? Trolls setup MULTIPLE "Sock-Puppet" accounts to do so, collecting up modpoints from many of their alternate registered 'luser' accounts to unjustly attack those they do not like or have trashed them, & it's a form of VERY childish immature and effete "woman-like" so-called retribution...)... apk

If you take a quick look at The Gentleperson's Guide To Forum Spies you can observe that Technique #1, Forum Sliding, was just used on the Slashdot front page to obscure this NSA-related discussion thread. Note how lots and lots of semi-bogus new stories quickly appeared, causing this [mildly objectionable] story to slide off the front page.

What you describe is a standard COINTELPRO technique used to stifle dissent. See "The Gentleperson's Guide To Forum Spies", which our very own Slashdot editors have seen fit to repeatedly censor when I tried to post it. If you doubt that, Slashdot readers, try to post that story yourself to slashdot or another favorite online forum, and see what happens..

What you describe is a standard COINTELPRO technique used to stifle dissent. See "The Gentleperson's Guide To Forum Spies", which our very own Slashdot editors have seen fit to repeatedly censor when I tried to post it. If you doubt that, Slashdot readers, try to post that story yourself to slashdot or another favorite online forum, and see what happens..

Talking of hiding stuff, anyone read this:

http://cryptome.org/2012/07/censored-slashdot-post.htm

Yes. Everybody should read it.

Whoever called it, "Bland" is either stupid or an agent. This is the age of surveillance and population control, and all of it starts with ideas.

We know for a fact that there are rooms full of full-time employees working to sculpt public perception via astroturfing and fake accounts. If there aren't a few agents working Slashdot after all these years, then they're too stupid to breathe.

Talking of hiding stuff, anyone read this:

http://cryptome.org/2012/07/censored-slashdot-post.htm

Hopefully this strip is not made in China I'm crossing my fingers

According to the link from cryptome than an AC has provided further down here, the hardware is indeed mostly made in China. What makes this US made to the satisfaction of the government is that the software that makes this thing what it is, is made in the US, replacing all the original code.

This document goes on at length about how that can be. As an EE, not a lawyer, I found the information that the "brain" is a SheevaPlug to be more interesting.

PDF- http://cryptome.org/2012/07/cbp072312.pdf

Just testing this out...Test #4 (parent post/catchy title)
http://cryptome.org/2012/07/censored-slashdot-post.htm [cryptome.org]

" How did they ever manage to run with so little?"

Just testing this out...Test #3 (responding to +5 post/no title mod)
http://cryptome.org/2012/07/censored-slashdot-post.htm [cryptome.org]

"Android is the OS, not Linux. Linux is just the current kernel, and has absolutely no bearing on Android as a platform."

Just testing this out... Test #2 (hiding in a negatively modded post/no title mod)
http://cryptome.org/2012/07/censored-slashdot-post.htm [cryptome.org]

"I've plotted a graph of all the ox bow lake formations found using Google Maps, and guess what? Not one formed before 1993. What happened in 1993? That's right, CO2 levels hit 350ppm. Coincidence? I think not. We need to save our ox bows, donate today."

Just testing this out... (Ack! Periods!)
http://cryptome.org/2012/07/censored-slashdot-post.htm

The Gentleman's Guide To Forum Spies
http://cryptome.org/2012/07/gent-forum-spies.htm

The Gentleman's Guide To Forum Spies
http://cryptome.org/2012/07/gent-forum-spies.htm

The Gentleman's Guide To Forum Spies
http://cryptome.org/2012/07/gent-forum-spies.htm

The Gentleman's Guide To Forum Spies (spooks, feds, etc.)
http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

I had just recently read this. Interesting.

http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

Sections Overview:

1. COINTELPRO Techniques for dilution, misdirection and control of a internet forum
2. Twenty-Five Rules of Disinformation
3. Eight Traits of the Disinformationalist
4. How to Spot a Spy (Cointelpro Agent)
5. Seventeen Techniques for Truth Suppression

http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

Sections Overview:

1. COINTELPRO Techniques for dilution, misdirection and control of a internet forum
2. Twenty-Five Rules of Disinformation
3. Eight Traits of the Disinformationalist
4. How to Spot a Spy (Cointelpro Agent)
5. Seventeen Techniques for Truth Suppression

http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

Sections Overview:

1. COINTELPRO Techniques for dilution, misdirection and control of a internet forum
2. Twenty-Five Rules of Disinformation
3. Eight Traits of the Disinformationalist
4. How to Spot a Spy (Cointelpro Agent)
5. Seventeen Techniques for Truth Suppression

http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

Sections Overview:

1. COINTELPRO Techniques for dilution, misdirection and control of a internet forum
2. Twenty-Five Rules of Disinformation
3. Eight Traits of the Disinformationalist
4. How to Spot a Spy (Cointelpro Agent)
5. Seventeen Techniques for Truth Suppression

http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

Sections Overview:

1. COINTELPRO Techniques for dilution, misdirection and control of a internet forum
2. Twenty-Five Rules of Disinformation
3. Eight Traits of the Disinformationalist
4. How to Spot a Spy (Cointelpro Agent)
5. Seventeen Techniques for Truth Suppression

The Gentleman's Guide To Forum Spies (spooks, feds, etc.)
http://cryptome.org/2012/07/gent-forum-spies.htm
http://pastebin.com/irj4Fyd5

John the Ripper now able to crack office files and use GPUs

4 July 2012, 12:38

http://h-online.com/-1631901

"Version 1.7.9-jumbo-6 of the John the Ripper password cracker sees significant format support enhancements. The open source tool is now able to crack password-protected office documents (Office 2007/2010 and OpenDocument) and Firefox, Thunderbird and SeaMonkey master passwords, as well as WPA-PSK keys and Mac OS X keychains. It can also request to use GPUs via CUDA and OpenCL. The suffix "jumbo" appears to be intended literally â" more than 40,000 lines of code have been added in the six months since the previous release.

Developer Solar Designer told The H's associates at heise Security that, in developing GPU support, the focus has been on modern functions which can be slow to calculate, such as WPA-PSK and Unix password hashes. For some functions, such as Ubuntu's standard hash function (sha512crypt) and the time-consuming bcrypt, there were, according to the developers, no crackers with GPU support until now, "because others were unhappy about releasing a tool with 'non-impressive' speed numbers, even if this is desirable in practice".

In the case of sha512crypt, this means that the GPU on a GeForce GTX 570 graphics card can generate around 11,000 hashes per second â" still more than five times faster than on a computer with eight CPU cores. By comparison, for SHA1 hashes, with GPU support this figure would normally be in the millions. For bcrypt, a graphics card just beats an eight-core system by a hair's breadth â" in both cases the maximum figure is around 5,000 hashes. The inability of GPUs to realise speed gains with bcrypt is due to the algorithm's design, which is very memory intensive. According to Solar Designer, the developers were primarily concerned with finding out just how slow the bcrypt implementation would be."

- http://www.openwall.com/lists/john-users/2012/06/29/1
- http://www.openwall.com/john/
- http://en.wikipedia.org/wiki/OpenDocument
- http://en.wikipedia.org/wiki/Bcrypt
- http://www.reddit.com/r/netsec/comments/vsygc/john_the_ripper_179jumbo6_adds_gpu_support/
- http://www.h-online.com/news/item/Cracking-DES-faster-with-John-the-Ripper-1273585.html
* http://www.h-online.com/security/news/item/John-the-Ripper-now-able-to-crack-office-files-and-use-GPUs-1631901.html

crve@h-online.com
Copyright © 2012 Heise Media UK Ltd.

###
Sensitive Information Security Sources and Breaches

Unauthorized disclosures of secrets are essential for democracy.

In response to Wikileaks background inquiries Cryptome offers that there are hundreds of online and offline sources of sensitive information security breaches which preceded Wikileaks beginning about 120 years ago. This outline traces the conflict between technological capabilities for sensitive information breaches and control by law enforcement when technical countermeasures are insufficient -- a few examples among many others worldwide:

http://cryptome.org/0002/siss.htm
####
Feds Look to Fight Leaks With âFog of Disinformationâ(TM)

http://cryptogon.com/?p=30257

July 4th, 2012

Via: Danger Room:

http://www.wired.com/dangerroom/2012/07/fog-computing/all/

John the Ripper now able to crack office files and use GPUs

4 July 2012, 12:38

http://h-online.com/-1631901

"Version 1.7.9-jumbo-6 of the John the Ripper password cracker sees significant format support enhancements. The open source tool is now able to crack password-protected office documents (Office 2007/2010 and OpenDocument) and Firefox, Thunderbird and SeaMonkey master passwords, as well as WPA-PSK keys and Mac OS X keychains. It can also request to use GPUs via CUDA and OpenCL. The suffix "jumbo" appears to be intended literally â" more than 40,000 lines of code have been added in the six months since the previous release.

Developer Solar Designer told The H's associates at heise Security that, in developing GPU support, the focus has been on modern functions which can be slow to calculate, such as WPA-PSK and Unix password hashes. For some functions, such as Ubuntu's standard hash function (sha512crypt) and the time-consuming bcrypt, there were, according to the developers, no crackers with GPU support until now, "because others were unhappy about releasing a tool with 'non-impressive' speed numbers, even if this is desirable in practice".

In the case of sha512crypt, this means that the GPU on a GeForce GTX 570 graphics card can generate around 11,000 hashes per second â" still more than five times faster than on a computer with eight CPU cores. By comparison, for SHA1 hashes, with GPU support this figure would normally be in the millions. For bcrypt, a graphics card just beats an eight-core system by a hair's breadth â" in both cases the maximum figure is around 5,000 hashes. The inability of GPUs to realise speed gains with bcrypt is due to the algorithm's design, which is very memory intensive. According to Solar Designer, the developers were primarily concerned with finding out just how slow the bcrypt implementation would be."

- http://www.openwall.com/lists/john-users/2012/06/29/1
- http://www.openwall.com/john/
- http://en.wikipedia.org/wiki/OpenDocument
- http://en.wikipedia.org/wiki/Bcrypt
- http://www.reddit.com/r/netsec/comments/vsygc/john_the_ripper_179jumbo6_adds_gpu_support/
- http://www.h-online.com/news/item/Cracking-DES-faster-with-John-the-Ripper-1273585.html
* http://www.h-online.com/security/news/item/John-the-Ripper-now-able-to-crack-office-files-and-use-GPUs-1631901.html

crve@h-online.com
Copyright © 2012 Heise Media UK Ltd.

####
Sensitive Information Security Sources and Breaches

Unauthorized disclosures of secrets are essential for democracy.

In response to Wikileaks background inquiries Cryptome offers that there are hundreds of online and offline sources of sensitive information security breaches which preceded Wikileaks beginning about 120 years ago. This outline traces the conflict between technological capabilities for sensitive information breaches and control by law enforcement when technical countermeasures are insufficient -- a few examples among many others worldwide:

http://cryptome.org/0002/siss.htm
####
Feds Look to Fight Leaks With âFog of Disinformationâ(TM)

http://cryptogon.com/?p=30257

July 4th, 2012

Via: Danger Room:

http://www.wired.com/dangerroom/2012/07/fog-computing/all

http://en.wikipedia.org/wiki/2DEG
http://en.wikipedia.org/wiki/AUSCANNZUKUS
Yours? http://cryptome.org/2012/03/qc-footprint.htm

Mine: :-) http://dougengelbart.org/colloquium/forum/discussion/0126.html
"Note, I'm not saying machine evolution won't have a human component -- in that sense, a corporation or any bureaucracy is already a separate machine intelligence, just not a very smart or resilient one. This sense of the corporation comes out of Langdon Winner's book "Autonomous Technology: Technics out of control as a theme in political thought". .. You may have a tough time believing this, but Winner makes a convincing case. He suggests that all successful organizations "reverse-adapt" their goals and their environment to ensure their continued survival. ... These corporate machine intelligences are already driving for better machine intelligences -- faster, more efficient, cheaper, and more resilient."

Please don't get too lost in the tree-like details (correct or not) of organizations implementing ever newer versions of AIs in various forms. The key point is that we've had "AIs" in the corporate sense as bureaucracies for thousands of years going back to ancient Egypt or earlier (maybe quadrillions of years if we live in a simulation). That is the "forest".

I do think we have more options though than the ones I outline there (including collections of "people" working together with advanced tools). See for example also Manuel De Landa on "Meshworks, Hierarchies, and Interfaces".

See also, another of my essays from a decade ago:
http://www.pdfernhout.net/on-funding-digital-public-works.html#what_have_funding_policies_in_automotive_intelligence_wrought
"Consider again the self-driving cars mentioned earlier which now cruise some streets in small numbers. The software "intelligence" doing the driving was primarily developed by public money given to universities, which generally own the copyrights and patents as the contractors. Obviously there are related scientific publications, but in practice these fail to do justice to the complexity of such systems. The truest physical representation of the knowledge learned by such work is the codebase plus email discussions of it (plus what developers carry in their heads).
    We are about to see the emergence of companies licensing that publicly funded software and selling modified versions of such software as proprietary products. There will eventually be hundreds or thousands of paid automotive software engineers working on such software no matter how it is funded, because there will be great value in having such self-driving vehicles given the result of America's horrendous urban planning policies leaving the car as generally the most efficient means of transport in the suburb. The question is, will the results of the work be open for inspection and contribution by the public? Essentially, will those engineers and their employers be "owners" of the software, or will they instead be "stewards" of a larger free and open community development process? "

I'm just a random Tor exit node, up one day, down the next, replaced by another random exit node.

Use the Tor Browser Bundle:
- https://www.torproject.org/

Read the Tor OPSEC article:
- http://cryptome.org/0005/tor-opsec.htm
- https://www.schneier.com/blog/archives/2012/01/tor_opsec.html

"HUGE Security Resource" - enjoy a smart selection of Security
Blogs and other security related information
- http://pastebin.com/Cm2ZHuz3

This new era lets anyone, anywhere, pick off any target.

And that right there is the problem.
In the past, when war was purely about bombs and boots on the ground, you could rely on your physical defenses and alliances to protect you from retaliation.
The USA and Germany don't have to worry about Jihadist drones dropping bombs on New York or Dusseldorf,

But they certainly have to worry about malicious hackers with a grudge.
Today, the internet is such a soft target that it's tragic.

The developed world may be starting a war where they can't project numerical or tactical superiority.
LulzSec and Anonymous show that you don't need the resources of the NSA to go after big targets.
http://cryptome.org/2012/06/lulzsec-sneak-preview.htm

Yahoo to Log "Source Port" with IP Address/Time

        - https://plus.google.com/112961607570158342254/posts/dfDBtCcXNmH

        via http://cryptome.org/ @ O f f s i t e :

        2012-00344 Yahoo to Log "Source Port" with IP Address/Time June 2, 2012

        ===
        FBI: New Internet addresses could hinder police investigations

        "As the Internet prepares to celebrate World IPv6 Day next week, law enforcement is worried the transition could hinder legitimate investigations. Some tech companies agree it's a concern."

        by Declan McCullagh

        May 31, 2012 11:58 PM PDT

        - http://news.cnet.com/8301-1009_3-57445157-83/fbi-new-internet-addresses-could-hinder-police-investigations/

> You seem to mostly know what you are talking about, but this is just FUD. Tor works and is open-source. That e-mail references the source to a modified version of TorButton that apparently had a trojan that ran anon's LOIC DDOS tool. It has nothing to do with the security of Tor or TorButton.

Thanks, that answers some of my questions.

I really don't feel safe using Tor, in part because it was invented by the Naval Research Laboratory and one of its creators has clarified USG interest in the project, so I'll just leave it at this, which is a paper presented on some of its weaknesses. Perhaps some of these weaknesses have been resolved by now; perhaps not.

I don't claim to be an expert, I just think that anyone who really believes that Tor is secure might want to consider whether they have underestimated the capabilities of the government. The USG is really amazing when it wants to be.

http://cryptome.org/ has posted this:

FBI Backdoor: Templar NVIDIA GPU Factoring Suite March 29, 2012
http://cryptome.org/2012/03/Templar.zip

Other sites and twitter tweets have picked up the story and linked to the zip archive.

But, what is inside?

No one seems to know or wants to blog/tweet/talk about it on discussion forums, searching the web only reveals links to cryptome's url for the zip archive.

I'm not downloading the zip, but I'd like to know what is inside. Is this a separate program offered by NVidia, a hardware or firmware exploit?

What?

Please begin posting to blogs and discussion forums indexed by Google and other search engines, what this mystery zip archive contains!

Is anybody reading this?

http://cryptome.org/ has posted this:

FBI Backdoor: Templar NVIDIA GPU Factoring Suite March 29, 2012
http://cryptome.org/2012/03/Templar.zip

Other sites and twitter tweets have picked up the story and linked to the zip archive.

But, what is inside?

No one seems to know or wants to blog/tweet/talk about it on discussion forums, searching the web only reveals links to cryptome's url for the zip archive.

I'm not downloading the zip, but I'd like to know what is inside. Is this a separate program offered by NVidia, a hardware or firmware exploit?

What?

Please begin posting to blogs and discussion forums indexed by Google and other search engines, what this mystery zip archive contains!

Is anybody reading this?

http://cryptome.org/ has posted this:

FBI Backdoor: Templar NVIDIA GPU Factoring Suite March 29, 2012
http://cryptome.org/2012/03/Templar.zip

Other sites and twitter tweets have picked up the story and linked to the zip archive.

But, what is inside?

No one seems to know or wants to blog/tweet/talk about it on discussion forums, searching the web only reveals links to cryptome's url for the zip archive.

I'm not downloading the zip, but I'd like to know what is inside. Is this a separate program offered by NVidia, a hardware or firmware exploit?

What?

Please begin posting to blogs and discussion forums indexed by Google and other search engines, what this mystery zip archive contains!

Is anybody reading this?

http://cryptome.org/ has posted this:

FBI Backdoor: Templar NVIDIA GPU Factoring Suite March 29, 2012
http://cryptome.org/2012/03/Templar.zip

Other sites and twitter tweets have picked up the story and linked to the zip archive.

But, what is inside?

No one seems to know or wants to blog/tweet/talk about it on discussion forums, searching the web only reveals links to cryptome's url for the zip archive.

I'm not downloading the zip, but I'd like to know what is inside. Is this a separate program offered by NVidia, a hardware or firmware exploit?

What?

Please begin posting to blogs and discussion forums indexed by Google and other search engines, what this mystery zip archive contains!

Is anybody reading this?

there's a lot to be said about running The Tor Browser Bundle in an encrypted container (TrueCrypt) on a LiveCD, with the hard drive UNPLUGGED and UNUSED!

(just take the hard drives out and never use them again, USB thumb drives are cheap and can be encrypted with TrueCrypt, too, as an encrypted containter, partition, or the whole drive itself, just never use a proprietary OS like Windows or Mac OS X)

As a primer, read:

#Tor OPSEC - Operational Security - Great Resource of Information!

http://cryptome.org/0005/tor-opsec.htm

And:

#Lest We Remember: Cold Boot Attacks on Encryption Keys

https://citp.princeton.edu/research/memory/

If the keys (TC passwords) are in my head, complex enough, and never written down...

With the amount of RAM present in new computers, I see no logical reason to use a hard drive again when Linux LiveCDs, encryption, and thumb drives are on the cheap or free.

No unsafe hardware sex, either, this means no plugging your Tor/Truecrypt thumb drive into another system, any system, except for your Tor/Truecrypt system.

Run audits on your system, verify LiveCDs, make sure your router isn't backdoored like many or maybe all of the Cisco routers. Keep up to date if you use open source firmware for your routers. Consider replacing proprietary routers with an older PC as a router with an open source OS like OpenBSD or a prerolled firewall distro.

Test your connection with remote nmap, dabble with Snort, Tripwire and other monitoring tools.

Don't use external hard drives.

RAM is your friend, always.

there's a lot to be said about running The Tor Browser Bundle in an encrypted container (TrueCrypt) on a LiveCD, with the hard drive UNPLUGGED and UNUSED!

(just take the hard drives out and never use them again, USB thumb drives are cheap and can be encrypted with TrueCrypt, too, as an encrypted containter, partition, or the whole drive itself, just never use a proprietary OS like Windows or Mac OS X)

As a primer, read:

#Tor OPSEC - Operational Security - Great Resource of Information!

http://cryptome.org/0005/tor-opsec.htm

And:

#Lest We Remember: Cold Boot Attacks on Encryption Keys

https://citp.princeton.edu/research/memory/

If the keys (TC passwords) are in my head, complex enough, and never written down...

With the amount of RAM present in new computers, I see no logical reason to use a hard drive again when Linux LiveCDs, encryption, and thumb drives are on the cheap or free.

No unsafe hardware sex, either, this means no plugging your Tor/Truecrypt thumb drive into another system, any system, except for your Tor/Truecrypt system.

Run audits on your system, verify LiveCDs, make sure your router isn't backdoored like many or maybe all of the Cisco routers. Keep up to date if you use open source firmware for your routers. Consider replacing proprietary routers with an older PC as a router with an open source OS like OpenBSD or a prerolled firewall distro.

Test your connection with remote nmap, dabble with Snort, Tripwire and other monitoring tools.

Don't use external hard drives.

RAM is your friend, always.

there's a lot to be said about running The Tor Browser Bundle in an encrypted container (TrueCrypt) on a LiveCD, with the hard drive UNPLUGGED and UNUSED!

(just take the hard drives out and never use them again, USB thumb drives are cheap and can be encrypted with TrueCrypt, too, as an encrypted containter, partition, or the whole drive itself, just never use a proprietary OS like Windows or Mac OS X)

As a primer, read:

#Tor OPSEC - Operational Security - Great Resource of Information!

http://cryptome.org/0005/tor-opsec.htm

And:

#Lest We Remember: Cold Boot Attacks on Encryption Keys

https://citp.princeton.edu/research/memory/

If the keys (TC passwords) are in my head, complex enough, and never written down...

With the amount of RAM present in new computers, I see no logical reason to use a hard drive again when Linux LiveCDs, encryption, and thumb drives are on the cheap or free.

No unsafe hardware sex, either, this means no plugging your Tor/Truecrypt thumb drive into another system, any system, except for your Tor/Truecrypt system.

Run audits on your system, verify LiveCDs, make sure your router isn't backdoored like many or maybe all of the Cisco routers. Keep up to date if you use open source firmware for your routers. Consider replacing proprietary routers with an older PC as a router with an open source OS like OpenBSD or a prerolled firewall distro.

Test your connection with remote nmap, dabble with Snort, Tripwire and other monitoring tools.

Don't use external hard drives.

RAM is your friend, always.

there's a lot to be said about running The Tor Browser Bundle in an encrypted container (TrueCrypt) on a LiveCD, with the hard drive UNPLUGGED and UNUSED!

(just take the hard drives out and never use them again, USB thumb drives are cheap and can be encrypted with TrueCrypt, too, as an encrypted containter, partition, or the whole drive itself, just never use a proprietary OS like Windows or Mac OS X)

As a primer, read:

#Tor OPSEC - Operational Security - Great Resource of Information!

http://cryptome.org/0005/tor-opsec.htm

And:

#Lest We Remember: Cold Boot Attacks on Encryption Keys

https://citp.princeton.edu/research/memory/

If the keys (TC passwords) are in my head, complex enough, and never written down...

With the amount of RAM present in new computers, I see no logical reason to use a hard drive again when Linux LiveCDs, encryption, and thumb drives are on the cheap or free.

No unsafe hardware sex, either, this means no plugging your Tor/Truecrypt thumb drive into another system, any system, except for your Tor/Truecrypt system.

Run audits on your system, verify LiveCDs, make sure your router isn't backdoored like many or maybe all of the Cisco routers. Keep up to date if you use open source firmware for your routers. Consider replacing proprietary routers with an older PC as a router with an open source OS like OpenBSD or a prerolled firewall distro.

Test your connection with remote nmap, dabble with Snort, Tripwire and other monitoring tools.

Don't use external hard drives.

RAM is your friend, always.

The Tor Browser Bundle is easy as pie to download, install, and execute. Avoid sites requiring registration unless you can do so using fake accounts in Tor with fake info. Try TORMAIL.net or SAFE-MAIL.net for some good free e-mail services which work well under Tor.

Read this as a primer or refresher before you begin:

Tor Operations Security
- http://cryptome.org/0005/tor-opsec.htm

Please disregard references to Scroogle, which is dead, at least for now.