Oops. I got mixed up there - I changed my mind half way through, but the reason for step one is so that the server can add your public key to your post before signing it. However, I realized that this is tantamount to authorization by mail address;), so just forget step 1.
1) When subscribing to the list, you're required to submit your public key as well as your mail address.
2) When posting to the list, you encrypt your mail with your private key.
3) Upon receiving your message, the list server signs it using the server's private key and resends it to everyone on the list.
4) When you receive a message, you confirm its validity using the server's public key (so that you know it was indeed sent to you by the real list server) and then decrypt it as per usual by looking up the sender's public key.
The last step is the one that causes the most trouble, but if everyone on the list has their public key registered with the usual public-key servers, it's no worse than if you were using direct person-to-person mail rather than a mailing list.
Any holes in this? Or a more efficient way to do it?
1) Add encryption into sendmail's transmission of mail.
The latest release of the free version of sendmail (8.11.0) includes some encryption features (specifically, STARTTLS. TLS is Transport Layer Security, and provides encrypted communications server-to-server). See sendmail.org for more info.
One of the things about New Zealand that lends itself to this sort of official snooping is the small number of providers. There's maybe three nationwide providers, and not that many smaller ones, so the government has only a few points to cover in order to read 90%+ of email. Added to that is the limited number of overseas links, and you have a situation ripe for official suppression.
I'm old (by/. standards, anyway), married, not particularly idealistic and I have a child. I still think you're taking out of your ass.
I'm half-convinced you're a troll, but I'll give you the benefit of the doubt. Quite frankly, it's you who needs to wake up and look around at the real world. The government does not always act in the best interests of the people - indeed, in some cases it actively works against their interests. BTW, your comment about how McCarthyism was justified because the US was in a period of instability and didn't need people stirring things up could be taken to mean that you would have preferred the government to arrest all those who supported Martin Luther King and imprison them in the name of "stability". I hope you're not that stupid.
Basically, what you're saying is that it's OK for the government to conduct surveillance on the citizens and arrest, torture or kill certain elements of the populace in order to preserve stability for the majority. You mentioned that no-one is more qualified than the government to decide who is or is not a criminal; if that's the case, why do most democracies insist on strict division between the legislative and judiciary arms of the the government? It's to protect the people from the whims of a particular government by placing a (theoretically unbiased) court system between the government and the people to act as a brake on short-term decisions regarding who is and is not a criminal.
Fuck off. I've seen three movies in a theater in the last four years (and one of them was from Hong Kong, not Hollywood), I haven't rented a video for three years, the Patriot won't be coming out where I live for another three months (and it'll probably tank anyway, 'cause not everyone wants to see American revisionist propaganda), and I'd say you're the one without perspective if you think that Hollywood is the be all and end all of entertainment.
I have a theory about three-period syndrome - it's similar to tag questions in conversation (tag expressions are things like "...don't you think so?", "...aren't they?", etc.). Their role is to soften the impact of a particular statement. In normal speech, tag questions are used more often by women than men, and it's generally accepted that this is a sign of social pressure on women to make less direct statements. I think a similar pressure applies in on-line conversation; if you make statements that are too explicit (no, I don't mean sexually explicit) or direct, you'll get flamed for it. For example, if I say something like "QuakeIII sucks!", somebody's likely to flame me to a black crisp - but if say something like "QuakeIII leaves a lot to be desired...", there is a definite mitigation of emphasis (above and beyond what could be expected from the different expressions used.) The three periods indicate that the reader should "fill in the gaps" themselves, something which generally causes readers to interpret the statement in a way that tends towards their own way of thinking, which makes the statement seem less agreeable to almost everybody.
Well, if you want to call the sort of crap that Hollywood and the networks are pushing these days "art", that's your prerogative, but don't expect everyone else to appreciate your taste.
Due to the overwhelming response, we regret we can not process your order at the moment. The placed orders exceed our stock by far and further production will take about 10 weeks.
We are very sorry, but we had to cancel your order, as we can not be sure you would like to buy our product under these conditions.
If you still would like to order SETI Accelerator please place your order again and we will be glad to deliver your order as soon as possible.
We do apologize for any inconvenience.
kind regards
Andrej Schachnazarow KrasnoConv Solutions
Looks to me like they're just cancelling all the orders and letting those people who really want to throw their money away a second chance;)
Since the top-of-the-range Alpha CPU is running at 750MHz, I'd really like to see what kind of time they got on an 8-CPU box using those - say, 45 minutes per unit?
I believe they made a mistake in the spelling of SAMOWAR (since it's a Ukrainian company, they proably used the nearest equivalent, not realizing that the W should be transcribed into a V). There is, in fact, a NATO codename Samovar - it stands for "SAM Obstruction in Velocity, Angle and Range" - an electronic warfare weapons pod.
The only thing I don't like about Lyx is their use of the XForms widgets. Before people jump all over me for trying to fix something that already works, let me say that this is a real problem for those trying to i18nize Lyx - the XForms library has no real way of allowing things such as two-byte languages, etc., to be used, so everything has to be a nasty hack. WOuld the Lyx team consider doing a port of Lyx to GTK+ (or even KDE)?
Brilliant! And how long would it take for someone to produce a hacked CRC program that returns the correct CRC whether you have a hacked game executable or not?
One thing that would be helped greatly by a GPL release of StarOffice is i18n. For example, currently, there is exactly one applicatione suite suitable for use in Japanese (Applixware), and quite frankly, it sucks. It doesn't suck in any major way; it just has amny small to medium niggles that make using it about as pleasant as picking your nose with a corkscrew - it'll get the job done, but it's not what I'd call fun. In particular, I'd like to see the GTK port mentioned above. GStarOffice make a great addition to Gnome.
Hmmm... I hadn't thought about that. For a short file, it shouldn't make any difference (since the first 12(?) blocks on an ext2 FS are accessed directly through the inode, which should be the same even if open(2) is carried out with the O_TRUNC flag. I don't know wenough about the kernel's inner workings (especially how it caches these sort of operations before writing them out to physical media) to make any definite statements, but it would certainly seem like there's a race condition between the time the file's truncated and the random data is written out (unless these two operations are actually carried out atomically, which I think is unlikely). In normal use, it probably doesn't matter too much, but we're talking about normal use by extreme paranoiacs, so it's obviously not good enough. To do thus properly, you'd have to go digging into the kernel and alter the unlinking operation to all the random overwriting before it actually unlinks the file. Bummer.
while true; do dd if=/dev/urandom of=/my/secret/file bs=`ls -l/my/secret/file|awk '{print $5}'` count=1;done
That should do it. Be careful, though, 'cause it could take a while to go through each repetition. Fiddle with your mouse and hit some random keys to help it along. It also might chew up a fair amount of CPU or I/O on slower machines.
I hate to tell you, but a shredder is NOT a secure way of disposing of sensitive material. Any intelligence organization or forensics unit worhth their salt can piece documents (and probably even floppy disks) back together. If you have physical material that needs to be destroyed, get something like this . (Search for "dust" or "disintegrator" after opening the page.)
If you have reason to be that paranoid, don't just encrypt each file as you use them - encrypt the whole partition. Do the same thing with your swap file/partition as well (OpenBSD now has that capability). Use long, random passwords and store them in a single file that's encrypted up the wazoo (this should only be done if you're confident of the strength of your encryption - but if you're not, what's the point?)
Slashdot Mirror
Oops. I got mixed up there - I changed my mind half way through, but the reason for step one is so that the server can add your public key to your post before signing it. However, I realized that this is tantamount to authorization by mail address ;), so just forget step 1.
How about something like this?
1) When subscribing to the list, you're required to submit your public key as well as your mail address.
2) When posting to the list, you encrypt your mail with your private key.
3) Upon receiving your message, the list server signs it using the server's private key and resends it to everyone on the list.
4) When you receive a message, you confirm its validity using the server's public key (so that you know it was indeed sent to you by the real list server) and then decrypt it as per usual by looking up the sender's public key.
The last step is the one that causes the most trouble, but if everyone on the list has their public key registered with the usual public-key servers, it's no worse than if you were using direct person-to-person mail rather than a mailing list.
Any holes in this? Or a more efficient way to do it?
1) Add encryption into sendmail's transmission of mail.
The latest release of the free version of sendmail (8.11.0) includes some encryption features (specifically, STARTTLS. TLS is Transport Layer Security, and provides encrypted communications server-to-server). See sendmail.org for more info.
One of the things about New Zealand that lends itself to this sort of official snooping is the small number of providers. There's maybe three nationwide providers, and not that many smaller ones, so the government has only a few points to cover in order to read 90%+ of email. Added to that is the limited number of overseas links, and you have a situation ripe for official suppression.
I'm old (by /. standards, anyway), married, not particularly idealistic and I have a child. I still think you're taking out of your ass.
I'm half-convinced you're a troll, but I'll give you the benefit of the doubt. Quite frankly, it's you who needs to wake up and look around at the real world. The government does not always act in the best interests of the people - indeed, in some cases it actively works against their interests.
BTW, your comment about how McCarthyism was justified because the US was in a period of instability and didn't need people stirring things up could be taken to mean that you would have preferred the government to arrest all those who supported Martin Luther King and imprison them in the name of "stability". I hope you're not that stupid.
Basically, what you're saying is that it's OK for the government to conduct surveillance on the citizens and arrest, torture or kill certain elements of the populace in order to preserve stability for the majority. You mentioned that no-one is more qualified than the government to decide who is or is not a criminal; if that's the case, why do most democracies insist on strict division between the legislative and judiciary arms of the the government? It's to protect the people from the whims of a particular government by placing a (theoretically unbiased) court system between the government and the people to act as a brake on short-term decisions regarding who is and is not a criminal.
Fuck off. I've seen three movies in a theater in the last four years (and one of them was from Hong Kong, not Hollywood), I haven't rented a video for three years, the Patriot won't be coming out where I live for another three months (and it'll probably tank anyway, 'cause not everyone wants to see American revisionist propaganda), and I'd say you're the one without perspective if you think that Hollywood is the be all and end all of entertainment.
I have a theory about three-period syndrome - it's similar to tag questions in conversation (tag expressions are things like "...don't you think so?", "...aren't they?", etc.). Their role is to soften the impact of a particular statement.
;)
In normal speech, tag questions are used more often by women than men, and it's generally accepted that this is a sign of social pressure on women to make less direct statements. I think a similar pressure applies in on-line conversation; if you make statements that are too explicit (no, I don't mean sexually explicit) or direct, you'll get flamed for it. For example, if I say something like "QuakeIII sucks!", somebody's likely to flame me to a black crisp - but if say something like "QuakeIII leaves a lot to be desired...", there is a definite mitigation of emphasis (above and beyond what could be expected from the different expressions used.) The three periods indicate that the reader should "fill in the gaps" themselves, something which generally causes readers to interpret the statement in a way that tends towards their own way of thinking, which makes the statement seem less agreeable to almost everybody.
Of course, that's only my opinion...
Well, if you want to call the sort of crap that Hollywood and the networks are pushing these days "art", that's your prerogative, but don't expect everyone else to appreciate your taste.
Well, it looks like we'll never know:
;)
Dear Customer,
thank you for your order of SETI accelerator.
Due to the overwhelming response, we regret we can not process your order at the moment. The placed orders exceed our stock by far and further production will take about 10 weeks.
We are very sorry, but we had to cancel your order, as we can not be sure you would like to buy our product under these conditions.
If you still would like to order SETI Accelerator please place your order again and we will be glad to deliver your order as soon as possible.
We do apologize for any inconvenience.
kind regards
Andrej Schachnazarow
KrasnoConv Solutions
Looks to me like they're just cancelling all the orders and letting those people who really want to throw their money away a second chance
Since the top-of-the-range Alpha CPU is running at 750MHz, I'd really like to see what kind of time they got on an 8-CPU box using those - say, 45 minutes per unit?
I believe they made a mistake in the spelling of SAMOWAR (since it's a Ukrainian company, they proably used the nearest equivalent, not realizing that the W should be transcribed into a V).
There is, in fact, a NATO codename Samovar - it stands for "SAM Obstruction in Velocity, Angle and Range" - an electronic warfare weapons pod.
The only thing I don't like about Lyx is their use of the XForms widgets. Before people jump all over me for trying to fix something that already works, let me say that this is a real problem for those trying to i18nize Lyx - the XForms library has no real way of allowing things such as two-byte languages, etc., to be used, so everything has to be a nasty hack.
WOuld the Lyx team consider doing a port of Lyx to GTK+ (or even KDE)?
Hmmm... from /proc/cpuinfo:
fdiv_bug
hlt_bug
sep_bug
f00f_bug
coma_bug
"long, strong track record", huh?
Does anyone have a link for an HTML version of that? I don't have PowerPoint...
Opens mouth, sticks foot in...
An inch is the outer part of a man's thumb, 25.4 millimeter to be exact.
;)
Actually, no - it's 2.54 millimeters, to be exact
You're either mistaken or a troll; if it's the former, then you're probably thinking of the SE/30, not the Plus.
Brilliant! And how long would it take for someone to produce a hacked CRC program that returns the correct CRC whether you have a hacked game executable or not?
One thing that would be helped greatly by a GPL release of StarOffice is i18n. For example, currently, there is exactly one applicatione suite suitable for use in Japanese (Applixware), and quite frankly, it sucks. It doesn't suck in any major way; it just has amny small to medium niggles that make using it about as pleasant as picking your nose with a corkscrew - it'll get the job done, but it's not what I'd call fun.
In particular, I'd like to see the GTK port mentioned above. GStarOffice make a great addition to Gnome.
Personally, I read the rumour sites for laughs, rather than actual information ;)
As far as I can tell, all the prostitutes and drug dealers have already moved to cell phones anyway, so it won't make much difference ;)
Hmmm... I hadn't thought about that. For a short file, it shouldn't make any difference (since the first 12(?) blocks on an ext2 FS are accessed directly through the inode, which should be the same even if open(2) is carried out with the O_TRUNC flag. I don't know wenough about the kernel's inner workings (especially how it caches these sort of operations before writing them out to physical media) to make any definite statements, but it would certainly seem like there's a race condition between the time the file's truncated and the random data is written out (unless these two operations are actually carried out atomically, which I think is unlikely). In normal use, it probably doesn't matter too much, but we're talking about normal use by extreme paranoiacs, so it's obviously not good enough.
To do thus properly, you'd have to go digging into the kernel and alter the unlinking operation to all the random overwriting before it actually unlinks the file. Bummer.
Yeah. Try this instead:
/my/secret/file|awk '{print $5}'` count=1;done
while true; do dd if=/dev/urandom of=/my/secret/file bs=`ls -l
That should do it. Be careful, though, 'cause it could take a while to go through each repetition. Fiddle with your mouse and hit some random keys to help it along. It also might chew up a fair amount of CPU or I/O on slower machines.
I hate to tell you, but a shredder is NOT a secure way of disposing of sensitive material. Any intelligence organization or forensics unit worhth their salt can piece documents (and probably even floppy disks) back together. If you have physical material that needs to be destroyed, get something like this . (Search for "dust" or "disintegrator" after opening the page.)
If you have reason to be that paranoid, don't just encrypt each file as you use them - encrypt the whole partition. Do the same thing with your swap file/partition as well (OpenBSD now has that capability). Use long, random passwords and store them in a single file that's encrypted up the wazoo (this should only be done if you're confident of the strength of your encryption - but if you're not, what's the point?)