Slashdot Mirror
Feds Seek Prison For Man Who Taught How To Beat a Polygraph
George Maschke writes "In a case with serious First Amendment implications, McClatchy reports that federal prosecutors are seeking a prison sentence for Chad Dixon of Indiana, who committed the crime of teaching people how to pass or beat a lie detector test. Some of his students passed polygraphs and went on to be hired by federal agencies. A pleading filed by prosecutors all but admits that polygraph tests can be beaten. The feds have also raided and seized business records from Doug Williams, who has taught many more people how to pass or beat a polygraph over the past 30 years. Williams has not been criminally charged. I'm a co-founder of AntiPolygraph.org (we suggest using Tor to access the site) a non-profit, public interest website dedicated to exposing and ending waste, fraud, and abuse associated with the use of lie detectors. We offer a free e-book, The Lie Behind the Lie Detector (1 mb PDF) that explains how to pass a polygraph (whether or not one is telling the truth). We make this information available not to help liars beat the system, but to provide truthful people with a means of protecting themselves against the high risk of a false positive outcome. As McClatchy reported last week, I received suspicious e-mails earlier this year that seemed like an attempted entrapment. Rather than trying to criminalize teaching people how to pass a polygraph, isn't it time our government re-evaluated its reliance on the pseudoscience of polygraphy?"
That's like going to jail for teaching people where to hit their head to pass a phrenology test...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The purpose of the First Amendment is to give people the freedom to say as many things as they want as long as nobody listens.
i wonder if they will polygraph him?
Nope. This is a follow-up to the previous one (now they want to imprison him).
No sig today...
If it is illegal to teach people to avoid a polygraph, what about teaching other skills that can evade police detection. Is teaching encryption illegal? Is discussing mobile phone tracking illegal? Costuming and disguise?
I think that it only makes sense to criminalize aiding a SPECIFIC crime, not providing tools that could be used to commit a crime
This is really surprising and depressing to me. I don't even see the crime. Since when is it generally illegal to lie, or to lie well? What's next - imprison people who teach martial arts? Or shooting? Or driving (think getaway cars)? Or better, people who teach writing (which can be used for teaching nearly anything)! Down with knowledge! Bring back trial by fire!
Stephan
No, it's not a re-post. Last week, Slashdot featured an earlier story by McClatchy about the same criminal investigation. On Friday, 30 August, McClatchy published a follow-up article with details on the case of Chad Dixon, the only person to have thus far been criminally charged in an investigation that the government is calling "Operation Lie Busters."
George W. Maschke
AntiPolygraph.org
... that there's no such thing as a working lie detector.
Surely you're not trying to tell us that there's some government somewhere that believes otherwise and actually uses the things??
All lies!
"Polygraph tests are 20th-century witchcraft." --Senator Sam Ervin
"Love is a familiar; Love is a devil: there is no evil angel but Love." --William Shakespeare ('Love's Labors Lost')
Is this the same guy that was on /. a few weeks ago because he taught undercover agents who *told* him they were planning to commit a crime with the information he gave them? A /. lawyer indicated that helping someone who told you they were going to commit a crime, is a crime. That makes sense to me. If I'm driving my taxi and some pleasant old lady gets in and asks to be driven to the bank so she can rob it, I'm going to get out of the car and call the police, not drive her to the bank. Does that count as a car analogy?
refactor the law, its bloated, confusing and unmaintainable.
Coming soon in a related story a man has been charged for telling people not to look up at security cameras.
Undetectable Steganography? Yep, there's an app fo
http://www.csicop.org/si/show/polygraphs_and_the_national_labs_dangerous_ruse_undermines_national_securit/
...richie - It is a good day to code.
Is there any reason to believe that Tor is weakened by PRISM?
Good question - what good is Tor?
Well, one interesting thing we learned lately is that some element of what can only be US law enforcement felt the need to exploit a Firefox bug in order to deanonymize some Tor users. Given that we know (thanks to Reuters) that the NSA works with other LE agencies, it therefore stands to reason that they are at this time NOT capable of entirely deanonymizing Tor via network traffic analysis, either because they don't have a global view of traffic, or their tools aren't capable of it, or the problem is a lot harder than it sounds (it's all encrypted so you have to rely on correlation attacks).
So for now at least it's the best that is available.
What is the point?
Number 1 is fear. Stopping people form putting anti-polygraph information out on the street because of the risk of being detained or harassed by the government.
Number 2 is also fear. Polygraphs aren't a lie detector, they are a psychological operation against the person taking the test, if you know the test is bullshit it's magic fails to work as good.
Study the history on the FBI with polygraphs, they worship them.
Polygraphs are one reason I left classified work for greener pastures. I believe they are nearly worthless, used just as much to harass as anything else.
In my last classified job, my employer hired a new security officer. After several months on the job she was sent for her polygraph. She returned the same day, the test unadministered because she had a heart problem. The problem was manageable, but it made it impossible for an "accurate" test. Despite this she remained in her job. With access to far more material than myself and others--sensitive material covering many programs--she was excused. Obviously the intelligence community doesn't believe in polygraphs either. I'm glad to be out of that world.
"Love is a familiar; Love is a devil: there is no evil angel but Love." --William Shakespeare ('Love's Labors Lost')
As has been discussed earlier, a polygraph test is a tool in the same toolkit as the War o(n|f) Terror and the TSA security theatre. Its effectiveness comes from nothing but the intimidation factor - if the belief that your lies will be "scientifically" detected persists, you can get the victim to blurt out all his secrets by simply telling them that you "know" they're lying. They will feel like they've lost even the privacy of their own thoughts, and with that predicament it can seem pretty futile to resist giving in.
That psychological end state is pretty much what torturing during interrogations used to accomplish, until they realized that people will say anything they think their captors want to hear. With this technique that issue is solved, since the victim believes their captors will know whether he's telling the truth.
Obviously, this means that the actual effectiveness of lie detectors must be made, and kept, a widely-believed "fact", and people who express doubts (or provide proof) must be discredited. After all, they were trying to cheat the Establishment, so they must be evil, immoral, scheming criminals who just lie for personal gain.
[SHOW SOME LENIENCY TOWARDS
1 Survive
2 Procreate
3 Invaders must die
4 Profit
5 Don't do anything those with more power than you disapprove of
"Kill 'em all and let Root sort 'em out"
That's what this really is.
Before the Internet, information was whatever was decided the they'd would give to the public to appease us. It was all carefully planned, controlled and manipulated to advance their agenda. Now, we're able to seek out and share information for ourselves at speeds never before possible.
The will of the people is quite demonstrably dissemination. It's not that they ever gave two shits about the will of the public, but they're no longer able to manipulate the flow of information to make it look like they do.
The scientific community needs to rally to his cause. Polygraphs are junk science and haven't been admissible to a court of law in many years. Teaching someone how to beat a Polygraph is no more morally wrong than teaching someone how to beat any other form of junk science. Science should be revered for what it is, and attempts to pass junk off should be demonized. What's next, jailing someone for teaching you how to fool an Astrologist?
I have no problem with the government conducting proper background checks (ala Snowden etc), but relying on junk science like the polygraph hasn't helped them on actual real spies like Ames etc..
I don't remember which program PRISM is, specifically, but Tor is very weak against an attacker that can watch all network traffic over time. Or even very much of the traffic. This is what the specialists call a "global passive attack", and it's very hard to beat.
Think of the whole Tor network as a single entity, ignoring what goes on inside. Imagine you can watch its inputs and outputs. If every time Jane Smith connects to Tor, an outgoing connection is made to Joe Jones, then it becomes pretty obvious who Jane talks to. The network could make it a little harder by mixing up the order of Jane's traffic with other people's traffic, but to get any real gain out of that the relays to wait so long and mix so much traffic that the network is unusable for Jane. Even then, the gain is basically only linear in the amount of delay the network adds.
It only gets worse if you can watch the traffic between individual Tor relays (which you can in reality). And it gets even worse if you can mess with the traffic in any way. Just by using the network yourself, for example, you can load up the path you think Jane is using and look at the results, or you can even play games to cause Jane to use a path you can observe.
You don't need to be completely global to do any of this stuff, especially because Jane chooses new paths from time to time. If she uses the network very much, she's eventually going to choose a path you can observe. And generally you only have to see the input and output points to do timing correlation; the middle isn't so important.
The only countermeasure to a lot of this is to send dummy traffic all the time. But for real resistance over the long term, the traffic has to never vary, which means that the amount of dummy data you need to send goes as the square of the number of possible real sources/destinations (times the maximum bandwidth of any connection). If you send less dummy data than that, you'll end up having to adjust what you send in response to the real traffic. If the enemy can watch you for long enough, they can use statistics to figure out which traffic is real. You might get away with doing something once, but not with doing it very many times.
AND if the attacker actually puts up her own Tor node, she can mostly detect dummy data.
To break Tor they need to monitor all traffic in and out. Basic traffic analysis will then tell you who is sending to who. As the output of Tor is unencrypted it is therefore easy to know what you are sending to who. But doing this requires intercepting ALL traffic in and out, not just some of it that happens to pass through a given compromised node. There are a lot of nodes.
... or because they don't think those targets have enough value to make it worth bringing what they can do with traffic analysis out in open court. They give some things to LE. That doesn't mean they give LE everything they have.
But it's true that Tor is the best available for a lot of applications. And I do personally doubt that the NSA can reliably deanonymize Tor for low volumes of non-repeating traffic. I wouldn't bet on it, though. And I wouldn't bet on it lasting if it's true today.
Nobody believes that polygraphs actually work reliably. They are used because people aren't positive they don't work. So if you're doing something shady, and you have to get a poly,and you hear that they work only 30% of the time, that's still a higher percentage of potentially getting caught than if they don't poly.
Basically it's a way to remove some fraction of the bad actors from the pool (the ones who are afraid). You, of course, also lose some fraction of the good actors (due to false positives), but in the security business, you'd rather have false positives than false negatives, because the consequence of a loss is high, while the consequences of not having a particular person working is low.
For the vast majority of work involving poly exams, there are lots and lots of people available who are competent and skilled at the work. Losing 10% of them, or even 20-30% of them, to false positives on the test is not a problem.
And the pathological bad actor who can pass the poly will still get through. But hey, this is /., we all know about security in depth, right? You don't depend on just the poly as your sole evaluation method. The fact that your $50k/yr employee is spending $10k a week at the local strip club would raise suspicions, for instance. The fact that his grandfather was named Lenin T. Marx is another clue.
In summary, nobody cares that the poly is inaccurate. It's a tool, just like the car salesman leaving you in the office while he leaves to "take this to my manager"
Translation: please don't arrest us for exercising our First Amendment rights.
One sure fire way to fail a federal polygraph is to admit up front that you've researched polygraphy, you know that it has no scientific basis, and that it's vulnerable to simple countermeasures that you have read about and understood (but promise not to use them). When the "test" is done, you'll be accused of deception, attempted countermeasures, or both.
George W. Maschke
AntiPolygraph.org
Would find the defendant not guilty (despite the guilty plea), and jail the prosecutor for contempt.
Help stamp out iliturcy.
"Number 2 is also fear. Polygraphs aren't a lie detector, they are a psychological operation against the person taking the test, if you know the test is bullshit it's magic fails to work as good."
It' the Homeopathy of the Homeland Security.
How about we charge the federal prosecutors with intent to deceive.
The Good Guys/Gals don't have any better way of finding out who the bad guys/gals are?
Ya, right.
Well, one interesting thing we learned lately is that some element of what can only be US law enforcement felt the need to exploit a Firefox bug in order to deanonymize some Tor users.
Given that Tor was created by the ONI and is largely funded by the DOD this is all pretty strange.
Watch this Heartland Institute video
Penn and Teller did this on TV... So, we also need to lock them up as well as their entire TV show staff and everyone who distributed the show (including truck drivers of the DVD). Then we need to confiscate all copies of the show and destroy them.
I believe they have conspiracy laws on the books in regards to aiding applicants to certain federal jobs CHEAT the process; which includes helping people cheat the FBI entrance exam or gaming the polygraph or other aspects of the process. Probably fits under the rather broad laws on fraud as well (which still haven't been applied to the credit agencies that caused the depression.)
Democracy Now! - uncensored, anti-establishment news
They must be insane. Am I being punked? I am, aren't I?
The test has been establish as something of an illusion for some time....nothing more than a sleight of hand, a parlor trick, which fails as often as it succeeds.
I am John Hurt.
Seriously, the writing has been on the wall for a long time. I have told everyone who will listen over the years that America is systematically removing our rights..
The fact is, most people just do not care. They have an iPhone and the rest is icing on the iCake.
You hear it all the time from the young crowd. I don't care, I have nothing to hide.
Not to mentions the "they hate our freedom" morons who say, if you don't like, leave.
Well, I did leave. 6 years ago to a country that is, ironically much more free than America. Germany. Sure, it is hard to have a gun. But, on the other hand, the murder rate is really low and it doesn't have more than 6% of the population in jail.
Of course, I still have hope for America. It just gets lower as time passes. Hey, when the revolution starts, I will be on the first boat over. (Dear NSA, I don't mean that at all, I am on your side, you are best!)
It's the one-way mirror in the room where the test is being administered.
I've been through a polygraph for something *very* serious. Some of our crypto just went "*poof*", and everyone was quite concerned. Understandably, so, too! Crypto is *not* supposed to just go "*poof*".
We were all asked if we wanted to take a polygraph, and I gladly volunteered, since it really did just vanish. (We later determined that the tape in question had been included in the daily destruction by mistake.) But even volunteering for it, a polygraph is a scary thing if you know nothing about it.
So I did my research. And yes, those websites were all visited and read, in detail. During the test, I tried some of the techniques that were taught, and sure enough, they work! You can make that machine sing "Bad Romance" as good as Lady Gaga. I thought it was kinda fun, actually?
But see, the machine was just to butter you up. If you were up to no good, the machine would make you nervous, even if you DO know how to manipulate it. And in the end, it doesn't matter.
There's a one-way mirror, and behind that mirror is a team of 3-4 people who are all very good at reading human beings. And they have thermographic cameras that measure your facial temperature to help them in reading those who are good at controlling their body language.
At the end of the day, a polygraph is just a tool that makes someone's job that much easier. It's just one tool in a chest of many, because no single tool alone is enough to get to the truth of the matter.
My own investigation was with NIS, who are very good at what they do, and very professional. They were after the truth, not a conviction. So I have no complaints about how *I* was treated. But if someone is looking for a victim, then having this information just might save your life.
[End Of Line]
I wish more people understood how deep this rabbit hole goes. They can see the entire net. If you use public infrastructure, they can see it.
Good-bye
What Reuters revealed is that their involvement doesn't come out in open court, because the police make up some alternative explanation of how they got the evidence. So they wouldn't have to reveal anything.
Also, the hack was somewhat sophisticated. If not the NSA then who?
He's not going to jail for teaching people how to beat polygraph; he's going to jail for conspiring to defraud. There are any number of entirely legal actions you can take that become illegal when you use them to commit crimes. Want to do sleight of hand? Lovely. Want to use sleight of hand to defraud someone? A crime. And yes, teaching someone sleight of hand for the _specific purpose of defrauding people_ becomes conspiracy to commit fraud.
or rather, Government Agents are stupid!!!
They use these "tests" against scientists and engineers, who are educated and trained to learn HOW TO LEARN, and who have a general curiosity about the world and everything in it (including polygraph "tests"). These scientists and engineers know that the polygraph is junk science.
How stupid can you get?
The current US Government is among the most corrupt governments throughout all history. They are possibly the very most corrupt, excepting only those that follow them.
My psychology professor taught us all how to beat lie detectors, are they going to arrest him too? Sheesh, I'll just tell you what he told us:
1) The polygraph measures a stress response in your body. And the idea is, you are more stressed when you tell a lie.
2) But, everyone is different, so in order to tell what is stressful for you, they need to determine a baseline. So during the polygraph they will ask you some really easy questions, like what is your name.
3) For some physiological reason, if you curl your toes it produces a measurable stress response.
4) So whenever they ask an easy question, curl your toes. They won't be able to get an accurate baseline reading.
No guarantees on whether that will work. He mentioned that a good polygraph operator will be able to tell that you are messing with him, even if he can't tell which answers were lies.
Lie detectors have the inherent problem in that they can be duped by one who has been schooled to do so. But there is one science that is 100% accurate and relies solely on something that the subject cannot hide: Their skull! Using the science of Phrenology, a trained scientist, a scientist, mind you, not simply some quack wearing a tie, can measure the subject's skull in detail and provide a 100% accurate assessment of the subject's reliability, honesty, intelligence, and propensity to commit crimes or to engage in perverse behaviours, as well as many more important traits that one must consider when entrusting an employee or government official charged with protecting our families and making our nation safe!
Be safe! Rely on Phrenology!
The actual point of science is to properly point out both false positives and false negatives of any test so we can get to actual truth if possible by another method.
To be banned or imprisoned for pointing out the failure of science is deeply troubling for a country founded on liberty & freedom.
So, they did two things: in phase one, they identified the guy running Freedom Hosting. In phase two, they identified the people connecting to it.
We don't really know how they did phase one. Speculation is that they hacked in over the Tor channel, using a software exploit against the Web server. If you have a giant database of exploits and a nice framework for using them, that's not really much harder than traffic analysis, even if you do have the data to do traffic analysis too. And, if you're going to do the hack ANYWAY to cover up your ability to do traffic analysis, you might as well just start with the hack.
Also, if it was the NSA who did it, maybe they did it that way so they wouldn't have to explain traffic analysis to certain investigators in the FBI. Or maybe they just did the hack because it was easier. None of those means the NSA couldn't have done it with traffic analysis if the hack hadn't been available.
Or maybe they really did identify Freedom Hosting using traffic analysis, and then use a hack as a cover story.
Or maybe the NSA wasn't in on this one and the FBI just did its own hacking.
For phase two, if you want to get ALL the users, quickly, the hack is really probably better than the traffic analysis. But again they could be using it as a cover story, or they could have done it for the same sorts of reasons they might have done it in phase one.
Anybody with enough money to hire a sophisticated hacker? We're talking about basic exploitation, not Stuxnet.
In phase one, if Freedom Hosting was taken using, say, an SQL injection vulnerability in some Web forum software or something, that's not very hard. You don't have to be the NSA to do that. Freelancers do that.
And didn't they start phase two after they'd physically grabbed the Freedom Hosting servers? That means their phase one exploit didn't even have to give total control; it just had to be enough to give them an IP address for Freedom Hosting so they could go grab it by force.
Once you have control of Freedom Hosting, then it's not very hard to plant a browser exploit on it to collect the users for phase two. As I recall, it wasn't even some kind of uber-magical zero-day multi-browser exploit; I seem to remember it being relatively mundane.
I'm pretty sure I could personally have done all the necessary hacking, for both phases, and I'm not an exploitation specialist. Surely the FBI can hire one or two people that good.
What Reuters revealed is that their involvement doesn't come out in open court, because the police make up some alternative explanation of how they got the evidence.
i.e. the government is willing to lie in open court to prosecute a case they would otherwise be unable to bring.
Not withstanding the obvious " witch trial " jokes that should follow here, TFA states charges of ... “obstruction of an agency proceeding” charge, ... and ... a [wire fraud] “scheme” that helped applicants get jobs by making “false and fraudulent statements.” Dixon could have faced up to five years in prison for the obstruction charge and up to 20 years for the wire fraud charge.
If prosecutors can make these charges stand with a jury, I have 99 Senators ( NJ is short 1) I a couple of hundred others who are obstructing agency proceedings through "sequester", and have used various wires, internet, television and other media to perpetrate “scheme[s]” that helped applicants get jobs by making “false and fraudulent statements.”
I find this funny, since polygraph test results aren't even admissible in court in many states In fact, the U.S. supreme court itself has discouraged the admission of polygraph "evidence" in court cases. I would think that fact by itself would put a big hole in the feds ability to prosecute this guy.
I'm waiting for the day when truth content can be determined by a quick remote neural scan, integrated into a variety of appliances. This is one of the premises of the anime Psycho-Pass. It would also cut down on gun crime, since guns, like in the show, would only fire when pointed at one who has committed a crime, or is psychologically on the verge of committing one.
Hyperbole: I use it liberally!
I dunno about this. I read part of the indictment, He isn't being prosecuted for disseminating information, which would be problematical. He's being charged with knowingly assisting people in providing false information to the authorities, approx. hard to see how this is an example of an overreaching Federal govt since there are tons of things you could do to be charged with that crime, if it is indeed a crime.
First , is it a crime to attempt to device a lie detector test and if not, to otherwise provide false information to the govt. during screening for employment or as a parolee? Anyone know the answer to either of those questions?
Secondly, if either of the above are true, can tax attorneys (or anyone else) lawfully guide their clients in how to unlawfully avoid taxes ?
I understand that merely giving information to someone on how they might commit a crime should not itself be a crime. That's going too far and criminalizing speech and knowledge. If we let that be the standard then there's nothing the government can't criminalize.
OTOH is that all this guy was doing? Isn't he directly implicated here? Didn't he lay out the plans for how the casino security works to people he knew were thieves? Is he not a knowing part of the heist?
I am up in the air I guess. I can see both sides. Clearly, this guy has a resentment of the government (not a crime, thank you) and a willingness to see its necessary functions impeded. But that's not a crime either.
Huh. I am stumped. I see a lot of flamey posts and arguments but not much light.
I think it hinges on what the implications are for 1st amendment rights. He wasn't a govt. ermployee. He wasn't violating an oath overseen by law. Sure, he's filth, but it's not about him, it's about all of us and what we might be charged with by some future DA with a reputation to make for himself.
I see he plead guilty. That could just mean the prosecutors brought so much pressure in the form of other charges (over charging) that he decided to cut a deal (they are asking for the least amount of time).
Just... dunno. Hung jury.
not quite...it was a sting operation the FBI set up...they posed as people who were guilty admittedly who were looking for 'help passing' the polygraph.
see, there is no way to teach someone to 'pass' the polygraph because it's impossible to pass OR fail an innacurate, non-scientific test.
essentially this guy has a polygraph, and hooks you up to it and lets you see it work...
they can teach you to control your reactions and how to notice 'control questions' but that still isn't 'passing' or 'failing' as everything is still up to *the interpretation of the polygrapher*
polygraph results are never shown, because they are useless data and showing it in court would expose that
polygrapher interpretation is the last element in the equation...and that takes something that *was* pseudoscience at best and puts it entirely in the fiction section...
if It was my daughter...and they caught a guy who they think raped her, and he was dumb enough to get tricked by the polygraph to admit his guilt...i'd say give it to him...
I say the polygraph should be used in extreme interrogation situations only...situations where investigators have a good reason to believe the suspect is dumb enough to get fooled by the polygraph
they are out there but not many...
Thank you Dave Raggett
not to mention HTTPS breaks this tatic completely, or anything with end to end encryption...so even if for some odd reason they are able to compromise a good portion of enter and exit nodes to make the study they still will only get BS because the internet is rapidly heading towards https and encryption standards. Only real idiots would be caught using this and frankly, i dont concern myself with stupid people.
The man isn't being prosecuted for teaching somebody to beat the lie detector test. The man is being prosecuted for ENCOURAGING a person to lie to the person giving the government job lie detector test.
Lying in an application for employment with the government is a crime. Encouraging that lying makes the person doing the encouraging an accomplice.
If you want to stay on the right side of the law, teach people the theory and practice of beating the lie detector test, but throw them right out of your office the very second they start to talk about any particular lie detector test. NO EXCEPTIONS.
Learn from the hydroponic gardening stores!
My high school friend Ricky Ames never thought much of polygraph tests. In 1986 and '91, he passed two of them while spying for the Russians.
I once learned to self-regulate my brain waves (EEG), or at least to produce alpha waves at will. The autonomic nervous system responses measured in polygraph tests (chiefly GSR, pulse rate and breathing rhythm) would be easier to self-regulate than brainwaves. Try it at home.
Instead of 10 years of yoga (see, for example, Delmonte, M. M. (1984). Electrocortical activity and related phenomena associated with meditation practice: A literature review. International Journal of Neuroscience, 24, pp. 217-231), instead search on "GSR biofeedback and relaxation" and check out the GSR2 Biofeedback Relaxation System for $70 on Amazon.
Think of something you forgot to do, get a genuine pang of guilt, and watch the response. Now you know where you don't want your mind to go. If you can't convince yourself in your heart that you are a good little girl/boy (good that you forgot), and you can't zen out on pleasant scenes, then do mental arithmetic.
A lot of people in physiology have measured all these responses. I have no experience with polygraph testing per se. As the CIA found out with Ricky Ames, the tests are hard to do well. Still, I bet that if I had all the time in the world -- and some experience as an actor and toastmaster -- I could surprise and trick out most test evaders. But, in routine use with routine false positives, where's any justice for the victims of fallible technology and foolish policy?
Many are destined 2reason wrongly; others, not 2reason at all; and others, to persecute those who do reason. Voltaire
As long as a no dead salmon ever asks for a government job.
http://www.wired.com/wiredscience/2009/09/fmrisalmon/
Nearly as much pseudoscience as a poliygraph.
Watch this Heartland Institute video
Because all of he spooks from the alphabet soup of TLAs use them for 'security clearance.' And the fact they are using pseudoscience which probably keeps out more 'good guys' than 'bad guys' is obviously this guy's fault.
This is my signature. There are many like it, but this one is mine.
Number 3, an almost fanatical devotion to the pope.
One who can read, one who can count, one to keep an eye on the two intellectuals.
With people like this in power, the US's scientific and engineering dominance will remain unstoppable!
http://rocknerd.co.uk
Please tell me that the government isn't actually calling this "Operation Lie Busters"
This is my signature. There are many like it, but this one is mine.
Or government agencies could just operate large parts of Tor themselves.
http://michaelsmith.id.au
Too bad that FMRI isn't that accurate either:
"In 2007 on episode 93 of the TV program Mythbusters, the three members of the build team attempted to fool a non-automated fMRI test done by Cephos Corporation. Although two of the members were unsuccessful at fooling Cephos, the third member was able to successfully fool Steve Laken of Cephos, according to this member by keeping his mind in constant activity. The one out of three failure rate suggested that fMRI-based lie detection required further development"
- Raynet --> .
Do you trust the CAs to not give keys to the NSA?
"When information is power, privacy is freedom" - Jah-Wren Ryel
“Properly understood, his crimes encompass inviting total strangers into a scheme to defraud and obstruct, and joining in their criminal enterprises,” prosecutors wrote. “Dixon adopted a mercenary-like attitude towards the nation’s border security and the security of the nation’s secrets. He also acted with callous disregard for the most vulnerable in society – our children. . . . Dixon’s misconduct was purposeful, dangerous and it requires punishment.”
Apparently if you tell someone who claims their brother or cousin is a drug dealer, to tell their potential LEO boss that you don't know what your brother does, is a crime against children!
I trust that the CAs are not going to be able to securely give away all there keys to the government so they can do such a attack
Actually, the reasoning that leads to fear, which the FBI would like the general public to accept, is probably:
1) FBI prosecutes person for teaching how to beat a lie detector
2) Therefore the technique to beat the lie detector must work
3) Therefore the lie detector must work
Sure most people on Slashdot wouldn't fall for that. But spend 6 hours at your local supermarket and try to find 1 person who wouldn't be swallowed by this.
Tor was well commented on in the late 2000. The mentioned "global passive attack" was well understood. The use of academics using many exit nodes was also noted.
The ability of code to track people during the past years was also in the press.
Domestic spying is now "Benign Information Gathering"
The mentioned govs dont really have global reach into US telcos by default.
Domestic spying is now "Benign Information Gathering"
For dragnets, TOR is fairly useful as a measure to avoid being caught up in one. For high-profile, targeted attacks, you won't stand a chance. They can probably install some equipment right outside of your living space that will route all of your TOR traffic through fake nodes.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
I'm not a cryptographer, nor have I worked on TOR, so take the below with a grain of salt. I've only read the documentation and some of the discussions on TOR's weaknesses that brighter individuals than I have proposed and speculated upon.
The actual timing attack is not quite that simple, but I'm pretty certain you've got the jist of the matter. It works best if your traffic is consistent and does not vary (i.e., your traffic is mostly going to only a few destinations). As an attacker, you have a list of TOR relay nodes, and a list of TOR exit nodes. All you have to do is observe traffic out of a computer into a relay node, and follow it from there. A highly saturated relay node might be able to provide some level of safety through obscurity, but if the connection is routed over one that's used occasionally or rarely, then it's a matter of time before you can trace the connection to the endpoint. Because your traffic is consistent, the confidence level will rise over time. Now, put up some compromised relay nodes, and maybe some compromised exit nodes, and wait.
In fact, I wouldn't be surprised if that's how they brought down Freedom Hosting. Hidden services will take longer (7 hops instead of 4) to trace, but that hardly matters. When 95% of your server's traffic is coming from known TOR relays and only 5% is coming from normal IPs, then you know it's probably running a hidden service.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
The point can be understood from the UK and UK perspective.
When the UK faced a huge flow of information to the Soviet Union the US liked to show its ability to protect its interests.
One method was the lie detector test used by the ~CIA from 1948 onwards.
By 1951 all US crypto experts faced the polygraph exam.
The sale, education, maintenance and use became part of US culture. The UK feared losing very skilled individuals over one test. The UK was very aware of the fact any Soviet agent who could pass falsely would be confirmed as safe year after year.
In the early/mid 1980's the UK found the machines to be useless. 200 MI5 staff where tested, 37% failed - the press got the results.
The UK did an amazing and very smart thing - they understood the inaccurate side of the testing, how it would result in good staff losses and very bad staff moving further up the ranks. The UK did not really 'tell' the US about the tests and did not go on with more polygraph work in the late 1980's.
The NSA was hoping anxiety would trip many people up with basic mind tricks, pre and post test questions and ever more tests.
ie 'scare the hell out of people"
Domestic spying is now "Benign Information Gathering"
Polygraphs are in the same category as the desklamp in your face during an interrogation, or for that matter, the rubber hose. They all simply stress you out hoping you will crack under pressure. And some people do, so they keep using it.
They cannot (yet) sniff all traffic at all entry and exit points. Tor also seriously distorts timing information and packet-sizes are not the same.
The other ting is that correlating traffic, while possible, is something that needs a competent human in the loop.
But rest assured, if the US population continues to sit on its collective ass in the face of this clear and present danger of a surveillance state being established (and a totalitarian state right on its heels, no doubt), eventually they will be able to monitor all domestic traffic in the US.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
No. Breaking Tor needs a bit more. Also, as long as they require actual evidence (i.e. the US is not yet a totalitarian state), timing correlations between packets are very weak.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
how flagrantly does a lawsuit have to violate every principle of law before it's immediately ejected from consideration? how is this even being considered in the legal system?
this is CLEARLY first ammendment. so what the hell are they pressing charges with?
Read the actual pleading...this is comedy gold:
"POSITION OF THE UNITED STATES
WITH RESPECT TO SENTENCING
The United States of America, by and through undersigned counsel, in accord with Title
18, United States Code, Section 3553(a) and the United States Sentencing Commission,
Guidelines Manual ("Guidelines") ' 6A1.2 (Nov. 2008), respectfully submits this Position of the
United States With Respect to Sentencing of defendant Chad Dixon ("Dixon" or "defendant").
Defendant Chad Dixon is before the Court for sentencing, having admitted to a career of
criminal deceit. In exchange for $1,000 per day and more, Dixon trained individuals to "beat"
polygraph examinations in order to conceal material lies. Dixon trained seven applicants for
federal law enforcement positions on how to use polygraph countermeasures to defeat
employment polygraph tests, knowing that in some cases they intended to conceal criminal
activity that would disqualify them for the job. If potentially compromising federal law
enforcement officers were not enough, Dixon trained convicted sex offenders how to beat
polygraph examinations they were required to take as a condition of probation for crimes
including indecent sexual contact with minors, transportation of child pornography, and sexual
abuse of minors. Brazenly, Dixon trained members of the intelligence community, who took
polygraph tests while seeking to obtain or retain security clearances, without regard for the threats
his actions and those persons potentially posed to national security. Between 70 and 100
individuals across the United States, who discovered Dixon through his sophisticated Internet site,
received Dixon's one-on-one, confidential, and customized polygraph countermeasures training in
order to conceal lies during polygraph examinations."
Read it closely. By sustaining (whatever the proper legal term is) this pleading, the prosecutors are getting the courts to do a 2 for 1 for them: 1.) they get a 'bad guy' off the streets (responsible for helping child pornographers, etc. potentially cover up their crimes), and 2.) (this is where is gets really, really good...and you need to think like a DA to get this one past the judges) it establishes, as a court precedent, that purposefully evading a polygraph test (however 'purposefully' is defined) is illegal; what more, IT ESTABLISHES AS A COURT PRECEDENT THAT THE FUCKING POLYGRAPH TEST, A PIECE OF SHIT TEST RIDDLED WITH FALSE POSITIVES AND FALSE NEGATIVES, AND AS RELIABLE AS A GODDAMN HOROSCOPE, AS A VALID TEST FOR DETERMINING SOMEONE'S GUILT! ACCEPTING THIS TRAVESTY, THIS INJUSTICE, THIS VERBAL REFUSE IS TANTAMOUNT TO ACCEPTING A BLOODY PSYCHIC'S TESTIMONY IN COURT!
I am John Hurt.
Actually phlogiston is a really good theory to bring up to describe how science works, especially in terms of chemistry and metallurgy. The oxidation of iron is where phlogiston falls over and such experiments were one of the indicators that oxygen exists and that there is more than one kind of gas.
So it's a theory, which was then tested at length and found to be empirically correct most of the time, but then a condition where it failed inspired an improved theory.
So think about that the next time you want to make fun of phlogiston - you and I have probably only heard of it because it's a damn good example of scientific progress at work so it keeps getting repeated to show how far we've gone. Put up an idea, test it to destruction, and when it fails, adopt a new one almost immediately when that provides a better explanation. That's not pseudoscience - it's the real thing at work - and we only make fun of it today because it seems so damn obvious to us that oxygen exists.
If one of their, say, law students, attended the school specifically to learn how to break the law and get away with it?
Since the article is about entrapment that is one example of how "actual evidence" can be manufactured if the suspect is shown to be interested in a crime that never happens. Think of the monitoring as looking for suckers that can be dragged in and used to increase the arrest and conviction figures. It may not reduce the amount of actual crime but it supplies results that can be used to argue for a larger budget.
For some reason that is utterly beyond me people are paying to use "web accelerators" that carry https traffic and users are feeding them the certs these devices require to see all that traffic as if it was in the clear. People are buying perfect man in the middle attack devices in the name of convenience and rendering https almost entirely pointless. It would be an ideal NSA plot if they had their shit together enough to do such a thing, and it's possible that they have managed to compromise some of these devices or that some foreign agency will do it if it hasn't been done already. Perhaps organised crime will get there first.
They probably have global reach into the enormous outsourced mess that is the US intelligence community for the price of hookers and drugs.
Or increasing the numbers of nodes in the country the Nsa cannot tap.
I get it.. going to the site is sort of like the incident in the story, just talking about polygraphs. But there's no need to pretend that people will get arrested for visiting a website about polygraphs (some other sites, like porn, may be different).
This is dangerously wrong. I am going to correct it for the archives, in case somebody acts on it.
It doesn't matter what the content is, only that something was communicated. Crypto isn't magic.
The point of anonymity systems is to avoid being an interesting enough target that you get other kinds of attention. Tor fails in that if the enemy has a wide enough view of the network and some kind of interest in detecting some particular activity.
If you routinely connect to Jim-Bob's Bait and Terror shop, you are going to become a person of interest. And if you also connect to Aunt Sue's Needlepoint and Terror Shop, and Chef Ernesto's Cooking and Terror shop, what's the common element? Once you're a person of enough interest, they will find a way to find out whatever they want about you, up to and including physically breaking into your house, assuming they can't hack your computer. So your goal is to prevent them from getting that much specific interest in you.
For that matter, if during your many connections your traffic pattern looks like you downloaded a file exactly the size of "Bombing with Night Crawlers", they may in fact know exactly what you did. Especially when that night crawler bomb goes off in your town.
And you don't need ALL the traffic, by the way. You just need enough that the signal starts to rise out of the noise.
Instead of putting this dude in prison, they should learn from him to improve their lie detection technologies.
Why not? If they have the keys and a capture of your traffic, they can decrypt it afterwards, meaning there's no need to do a MITM that might set off some defenses in your browser.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Well, there is that. As it seems a lot of US "law enforcement" does not care about fighting crime at all, but about keeping resources flowing their way and prisons being full, entirely plausible. I guess some of these activities are to counter that crime is actually falling. Cannot have a reduction in police spending while building a nice little police state, now can we?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Not quite. Per the article he:
advised one undercover agent posing as the brother of a violent Mexican drug trafficker to withhold details during a polygraph for a Customs and Border Protection job, prosecutors said.
Which is a crime. He is free to say what he wants but not free from the consequences; which is why I find the whole First Amendment arguement nothing but the defense's attempt to spin in their client's favor.
The usefulness of polygraphs is irrelevant to wether or not he committed a crime.
He "advised" them. So now merely giving your opinion about something dodgy is itself a crime. Welcome to post-9/11 America! Look, the point is not so much that he didn't do something technically illegal - hell, as we know, most people commit 3 federal felonies a day. The problem is that they're prosecuting him as if he were an evil crime lord, when all he did was give an opinion to a potential criminal on how to beat a scientifically debunked pseudo-technology. Not only was he not contemplating committing a crime, the guy he "advised" wasn't either, he was a fake, a government agent. That's pretty removed from any actual crime, and in fact no actual crime ever occurred, but they're going after him like he's Al Capone.
I guarantee you, if you yourself were to have a long conversation with a trained undercover agent, that agent could eventual steer the conversation so that somewhere along the way you would say something just as "criminal" as what the guy in the article is accused of. A passing remark, a random thought, whatever... Technically, it would be illegal, at least under their interpretation of the law. And that's the real problem, we should not be criminalizing conversation. There are all kinds of ways that people enable other people to potentially break the law all the time, think about it... Radar detectors, herbal urinalysis cleansers, hell, what about that video on YouTube that advises everyone to never talk to the police? Should the lawyer who made that video be arrested? What about a driver who flashes his lights to warn those going the other way about a speed trap? I believe the Supreme Court actually said that one was legal, but it sure seems like there's not much distance between that and what the defendant in this case did.
Look, I'm not saying the guy in TFA isn't guilty, that would be kinda difficult since guilty is how he plead (although many innocent people accept plea agreements, but that's a whole separate rant). But the manner in which they went after him, and the demand for jail time, is very telling. It's symptomatic of the depths to which America has fallen to, one more step along the way to a true police state. At some point we have to step back and really look at what we have become. Torture, "rendition", corporate gag orders, forfeiture laws, every citizen under surveillance all the time, and whistle-blowers are traitors. It all adds up to a damn ugly picture. This is not what the USA is supposed to look like, and once upon a time it didn't. Believe it or not, at one time we truly were seen as that proverbial "shining beacon of freedom" to the rest of the world. Once upon a time. What the fuck happened???
This is curious. For some reason, I was under the impression that lie detector results are not permissible as testimony in court cases precisely because of their unreliability. So why is this a big deal?
I dont think you understand how tor works, so maybe you should do a little more research.
I've been following this stuff since the 1990s, thanks. Let's just say that I have strong enough credentials on Tor and related systems that detailing them would out me.
If you want to see exactly how irrelevant encryption is to deanonymization by a global adversary, start around the year 2001 or 2002 in this bibliography:
http://freehaven.net/anonbib/#2001
Once again, layering TLS over Tor will not do a damned thing to protect you from widespread traffic analysis. It protect the content of your communication, but it will do no more than bare Tor to protect the fact of the communication itself. Even the content protection is very limited; the attacker can make a lot of very firm inferences, especially if she can learn the content of the same Web site you're hitting.
And, as far as we can tell, yes, there are approximately global adversaries out there.
It was about time somebody stood up for their rights.
I'ts not fair that people getting away with beating the crap out of the poor polygraphs !!!
-- 29A the number of the Beast
The feds sure are finding every reason but almost bankrupting the global economy to put people in prison nowadays.
2. A cursory look at the complaint reveals that the cause of action isn't, as implied, a general act of teaching individuals how to fool polygraphs. The allegation is that the teaching was performed in specific cases related to conspiring to suborn perjury or to fraudulently obtain security clearance. These are more specific charges and have less to do with the involvement of a polygraph than the the act of assisting an individual in committing a crime.
3. This case appears to be little more than a filed complaint. Anybody can file charges for anything, but there's no analysis here re:whether the charges are frivolous, likely to be dismissed, or have a good chance of reaching trial. That's the context one needs to understand what is really going on here. Instead, we get an advertisement that fluffs up the facts.
Slashdot: Clear Channel talk radio for geeks!! Now complete with its own version of Glenn Beck "ageless male" & "You don't have to run from the IRS!" advertisers.