Slashdot Mirror
"Dark Alleys" on the Internet
nokilli writes "Sounding the alarmist tone many of us became used to in the early days of the web, The New York Times has a story that talks about "national security" concerns over the myriad ways in which two people (i.e., terrorists) can communicate using the Internet today [NYT=Kneel before Zod]. They're talking about monitoring chat rooms, email servers, etc. I'd like to see how they plan on monitoring my mage as it talks to your cleric in some obscure, nearly impossible to reach (unless you're level 50) corner of our favorite MUD."
After that, we should destroy cell phones, especially the ones that have 'no contract' that can be picked up at a local drugstore, used for a week and then be tossed away.
Our Modern world has just made it to easy for those 'evil ones' to communicate about destroying us. We should foil all their plots by going back to pre-80's technology levels. That will show them!
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
...when you've got private garden paths? :) I use OpenVPN to build my own private network between friends and family. It's getting easier to do, it's encrypted, and it's sweet as hell once you have it up and running. Just imagine having a virtual network cable between your house and your friends and families homes and you've got the idea. It works on *nix, Windows and Mac OS X. Give it a try.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
encrypted spam? There is frequently junk in spam that looks like noise, but encrypted data also can look like noise. If you send out a million spams and just make sure that a couple of them go to the people you want to get the message...well, there ya go.
Reject Fear - Embrace Hope
Even simpler, go to a random internet caffe every day, use a random chat cleint on a random server using passphrase convenied in advance. Why make it complicated when you only need good legs or a good trnasportation system in a good metropole to avoid wiretapping ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
>It's called sniffing.
That's far too complex.
Buy game. Create female character. Ask Mage, "Hi, I'm new, can I tag along with you for a while?"
This is the digital version of the 'Russian Hooker' gambit, except, sadly, with geeks no real sex needs to be exchanged for information.
Patrick McGoohan, star of the 1960's TV series Secret Agent Man (AKA Danger Man) later went on to write, direct, and star in a show called The Prisoner, which basically amounts to a paranoid Orwellian nightmare mixed with the whimsical trappings of Alice in Wonderland.
In one episode, titled Hammer into Anvil, the protagonist, Number Six, who is constantly being spied upon by the sinister forces who control his mysterious prison (called only "The Village), decides to turn the tables on the chief warden (called "Number Two"). He begins to send secret, encoded messages to nonexistant entities, indicating that he is not really a prisoner, but a mole sent to determine the strength of Village security and staff.
Eventually, he drives the current "Number Two" to a nervous breakdown. It's one of the best episodes.
It seemed somehow relevant.
Happiness is relative, Based upon the way we live.
If the point is that it's an unknown location for unknown leads, it simply means discovery of the lead won't show up through normal snooping, if this lead doesn't post anywhere known or otherwise communicate with a known lead. It seems far more likely this type of person will be picked up by making mundane and unimportant contact with a known lead, rather than being picked up because of any message content.
I'd be much more worried about people posing as old college friends, sending grainy "family" pictures back and forth with encrypted messages hidden within. There'd be no reason to suspect any of them until somebody made a wrong move by contacting a known suspect. That plan would probably raise fewer flags just tracing through packets than would somebody who constantly sends encrypted messages on odd ports. Who looks like the normal user?
If not now, when?
If I recall correctly, during cold war USA used cherokee language as encryption and soviets never managed to broke that.
You can still do the same thing with different languages and dialects:
Männähän huomen ottahan päiviltä se puskalan yrjänä.
That's plan written in finnish dialect, two or more people discussing about killing george bush tomorrow.
Even native finn would have to read that twice to understand what it says.
If you only studied the language, the true meaning wouldn't open by reading the sentence alone,
you'd have to have lot of knowledge about the culture too to understand that sentence.
Some say that rauma-dialect sounds more like french than finnish if you hear it spoken, but that doesn't really apply for written language I guess.
With obscure language and obscure enough place, you don't need encryption to transfer confidential messages.
There are no atheists when recovering from tape backup.
I already replied, or I would give you an insightful for that.
You can chalk up more victims to Sept 11th - thousands killed in the WTC, tens of thousands killed in Afganistan and Iraq, and millions accross the world living in fear and oppression.
This sort of thing should be a wakeup call to the masses.
Despite my best attempts, my girlfriend still worries when I get a on train every morning for London. She doesn't worry I'll be run over by a black cab, or raise my blood pressure in a stressful job. Instead, she worries that terrorist will blow up my train, my office, or even 'the whole of London'. The Culture of Fear has her trapped.
"Those who cast the votes decide nothing; those who count the votes decide everything." (attrib. Joseph Stalin)
Your possible responses to this new "information age" are:
1) Live in fear and dread over the power this medium gives to "bad people"
2) Try to pass laws and cripple communication so people can't use the technology effectively
3) LEARN THE F**KING TECHNOLOGY and USE IT WISELY YOURSELF and REACH OUT AND LISTEN AND LEARN FROM OTHER PEOPLE
The internet has revealed what is wrong with our society. We are all a bunch of exclusionist, ignorant assholes who don't want to listen or learn from each other. We love companies and governments and power and status. IDENTITY: the things that seperate us, rather then the things that bring us together. We fear change because we don't see that we change every day and that we are changers rather then any fixed identity. We stop ourselves from feeling powerful by focusing all our resources on the negatives of the new technology vs the benifits.
The MPAA and RIAA are just going to make it harder for the govornment to find suspicious encrypted material with new improvemnets and developmnets in the p2p world regarding encrypted ,hash IDs and proxy chaining filesharing clients and protocols .
The NSA will be flodded with encrypted data on a daily basis once these clients go mainstream and everyone trying to avoid a lawsuit will be using them so it will be like finding a needle in a haystack .
Well, I'm a server programmer for a very large, very well-known massivly multiplayer on-line game. We're in the process now of developing the next generation of servers for this game, targeted to be released at the end of next year.
Our legal department has informed me that I am required by the provisions of the USA PATRIOT act to provide a back-door that will allow law enforcement to enter and view any conversation taking place in any of the servers, including private conversations, without being observed. I must also provide a way for the chat, including private chat, to be logged, and we must keep those logs for at least 6 months.
Since chat through our servers cannot be encrypted, there is no 128 bit option.
Big brother is watching you, friends.
There's stories all over the net about left-leaning activists, like Quaker peace activists, that have been targeted by Homeland Security as "potential threats" to the country, and are being forced to go through strip searches every time they attempt to fly.
Thank you.
Very good description of S.O.P. for "USA" govt.
What kind of MMOG does NOT already have this functionality?
The logging alone is guaranteed to happen, but not because of Big Brother, rather because of in-game issues that can be isolated and stamped out by chat logs.
Think harrassment issues. This already happens in the oldest games (even saves color if my memory serves me correctly), such as Ultima Online! So if you really work on a MMOG, then you are definitely behind the curve in development.
Encrypted (or stegged) spam has already been done, and discovered. If you'd see this BlackHat talk, you'd know.
4 -s peakers.html#kret
Nobody's Anonymous--Tracking Spam and Covert Channels
Curtis Kret, Researcher, Secure Science Corporation
http://www.blackhat.com/html/bh-usa-04/bh-usa-0
If you had my real name, you'd use an alias too.
Yes but it is very simple to get a pad.
send all your "agents" out with thumb drives of innocent family photos and other files. now all these files can easily be used as pads espically if they were simply doubled with a common pad of random noise.
Example? sure.
take desired message, xor it into photo 001.jpg, now Xor that result into noise.jpg
if the message is smaller than 001.jpg then the noise.jpg will easily hide that fact as well as beef up 001.jpg's randomness.
send that message as a package of photos to home base in a Zip file to make it look harmless.
home base knows that your first communications uses 001.jpg and noise.jpg
you can easily make this go even further by using 001.jpg and 002.jpg and noise.jpg in that order thus adding in more "randomness" that will make extraction even more difficult.
one time pad's, today in the digital world, are easier and safer to use as ANYTHING can be used as a one time pad.
an mp3 of anytihng is a great PAD. espically if your secret message has an offset before and after it of random garbage that looks like text in correct groupings.
I could in 5 minutes create a message that the best crypto experts on ths planet could never EVER decode by using one time pad's and other old techniques.
Here is something that I was taught a good number of years ago, and I have yet to find very many instances where it is not true. When you interview someone, the clothes they wear on that first meeting will be the best clothes they will ever wear in their career with you. It will never get better. So if you think they are on shaky ground in the interview with that, then you better toss the candidate. What does that have to do with this issue? The same thing applies to a news article. The news agency is always going to use up their best 'clothing' for the main article. There isn't going to be a lot more behind it for more articles. If there was more or better facts to see, they would have used them. An employee is not going to wear better clothes after they are hired. A journalist is not going to present better facts after the first article.
To state that there must be more that we don't know is only admitting that it looks outwardly wrong UNLESS there is more to it. I agree wholeheartedly. I am going to make the assumption that there IS NOT any more to it, because there generally isn't. In fact generally speaking, what you read is usually more than what the truth really represents. Someone has already 'fluffed' things to make them more enticing. So I think this IS a big red flag that we have to face in the US. We cannot speak out unless it is in line with the administrations belief system. What is that belief system? We can only draw lines where we see things like this take place. We now know that helping someone the administration doesn't like, build a web page is an arrestable offense, and a bad offense at that.
I'm going to second that and add a "Your legal department must suck" to the end. I, too, work on developing a new mmog and we are under no obligation to make any changes due to the whims of law enforcement.
If anything, I would just as soon snubb law enforcement for the shoddy help they gave us a few years back when our servers were broken into, and some code stolen. We got the basic response of "If you find out who did it, let us know." Bah.
However, as much as I would like to tell the FBI to stuff it when they come and ask for information, depending on what they ask for, we'd probably give in to their requests. There was one instance where a detective from (if I remember correctly) the Boston police deptartment requested information about IP addresses, in an investigation relating to credit card fraud within our game. We complied with his request. The investigation was later dropped because the fraud was commited overseas.
Anyway, my point is that there is no requirement to give law enforcement any type of back door access to our games' servers. If they want information about the communication taking place within our game, they can get a subpoena like any other piece of confidential information.
I welcome our new 99% overlords.
You're missing my point.
If the FEAR of being punished prevents people from speaking, then freedom of speech has essentially been revoked.
There are already people who are afraid not only of speaking, but of listening as well. The culture of fear that's being encouraged is as damaging to the overall political process.
You don't need to monitor everyone and throw them in jail if you can convince them that they will be.
Even if there's no real danger of arrest, and YOU know that and act accordingly, doesn't remove the fact that other Americans are keeping silent out of fear.
You can take the narrow view of "They're cowards, and can be left out anyway," but there's a very real danger.
If most people expect to be arrested for political dissent, then there will be little to no real resistance when it really does start to happen.
It's the frog in water analogy. Put a frog in lukewarm water and slowly turn up the heat until it boils. If you go slowly enough, the frog will end up dead.
The fear of punishment for dissent is the leading edge of this process. It's whittling away at the people who might have stood up to oppression.
"Live Free or Die." Don't like it? Then keep out of the USA