As a correction, my laptop's wall brick was forming a fun circuit between my arms, the laptop, and the tables. Similar things could be happening with these new brushed metal dell laptops. But I'm no expert.
This is a wild guess, but I've had to re-aim my air purifiers around my house to get around my metal tables zapping me. Indeed it would also zap me through my completely plastic laptop (Dell Inspiron 600m) since my table was sending a nice amount of juice through it every time my air purifier rotated its direction.
So peeps, move your air purifiers.. If they use a powered metal filter you are going to have problems with electrostatic discharge.
I'd love to say "Terrorists, you should do this instead..." but I don't want feds knocking on my door. I don't support terrorism, however I do support raising public awareness of digital security and mentioning whats working for us is also fighting against us.
Through P2P VPN networks, TOR networks, anonymous relays and botnets you can become mostly untraceable. The layered encryption of TOR would make decoding any digital string a nightmare - including getting a FOIA request out to every ISP that could have possibly routed traffic between TOR peers. Hosting your own TOR network is pretty dang easy as well. It's also not likely somebody will connect to a privately hosted TOR network, or even know where to look.
I personally host my own TOR network and channel IRC and IM sessions from my workplace through my home connection. You can do a heck of a lot more than that including host your own personal underground Internet. The same goes with Hamachi, however you are not nearly as anonymous.
Anybody that wants to stay hidden can easily hop on existing TOR networks and advertise their IRC server to any number of recipients. It's my impression that if you are computer smart enough to use Skype, you are smart enough to use IRC sessions under TOR, or even talk through SSH sessions on *nix machines. The possibilities to protect your transmissions are endless. The verification methods between yourself and others can be quite secure if you understand how it works.
By the way, you can tunnel just about anything through anything else.. most people disagree since there is no QOS and it's highly latent and inefficient. Remind yourself not to disagree or ignore silly methods of doing things just because you wouldn't want to do things that way. Its very likely that any terrorist/criminal activity over the Internet that uses encryption doesn't care about their voice quality as much as they care about getting information securely transited between them.
To the PD, source tapping is necessary if you want to prove you are doing all you can. I feel as though it is a highly futile effort. Technology doesn't need to change in order to evade source tapping, only the method of communication. Increase undercover efforts since that seems the best source tap in your arsenal, one it easily adjusts with the criminal activity.
I had 3 machines set up to sync to one repository, the repository was on a slower connection at my house. The syncs were done every 10 minutes or so.
I had to use a remote server command via the unison command line which established a lock file on the server side. I had the same script locally to establish a lock file locally to keep other unison processes for this sync profile away until I was done transferring data.
The reason I did this is because unison fails to lock its files correctly and allows multiple syncs at a time. My machine at work would upload a 50 meg file which one of my home machines would in turn delete since the server had no idea it exists until the trasnfer is complete. And so on.. and one large ISP bill later (10GB home DSL quota) - I made it do locking using the following:
The command I ran on the local machine was the local lock script, and I referenced the remote lock script:
I use Unison as well. However most version control software will work just fine as well, like subversion, mercurial, and git. The only reason I use Unison more often than using version control is file permissions.
Unison requires some fancy locking if you set it up to be automatically run via a scheduled task or crontab entry. However thats easy to script. Most version control software will handle the locking perfectly.
There is a public server that helps link P2P nodes together, however the data itself is encrypted between p2p peers only. Its quite secure, the only thing the server knows is the IP address your client responds to, the same goes for any node connected to that specific hamachi network. There is no evil eye.
The concept behind Hamachi and LogMeIn is incredibly simple. Connect to server, punch hole in NAT, look for local peers, use server to negotiate issues with p2p connections, connections between each peer has distinct encryption. The p2p encryption is based on locally generated private and public keys.
Many phones and PBX's support SRTP by using TLS. This is still a huge privacy issue for most people, however encryption fixes privacy issues with most network tapping systems. You guys having a hard time with Comcast and BitTorrent? YOu can use IPSEC to get around a lot of that, or LogMeIn/Hamachi. If torrent sites existed in Hamachi networks (why not?) which is purely P2P as well as free and encrypted then you can go about your business with 802.3 segments encrypted and sent over completely dynamic IP ports.
Slashdot Mirror
As a correction, my laptop's wall brick was forming a fun circuit between my arms, the laptop, and the tables. Similar things could be happening with these new brushed metal dell laptops. But I'm no expert.
This is a wild guess, but I've had to re-aim my air purifiers around my house to get around my metal tables zapping me. Indeed it would also zap me through my completely plastic laptop (Dell Inspiron 600m) since my table was sending a nice amount of juice through it every time my air purifier rotated its direction.
So peeps, move your air purifiers.. If they use a powered metal filter you are going to have problems with electrostatic discharge.
EOF
Encrypt your streams, encrypt your data, encrypt your voice.
Few, but more than you would think, devices and providers understand Secure Real-time Transport Protocol (SRTP) for SIP channels.
It's important that we get this working in the free software world as well:
http://www.voip-info.org/wiki/view/Asterisk+encryption
Blowfish or not, any encryption is better than no encryption.
I'd love to say "Terrorists, you should do this instead..." but I don't want feds knocking on my door. I don't support terrorism, however I do support raising public awareness of digital security and mentioning whats working for us is also fighting against us.
Through P2P VPN networks, TOR networks, anonymous relays and botnets you can become mostly untraceable. The layered encryption of TOR would make decoding any digital string a nightmare - including getting a FOIA request out to every ISP that could have possibly routed traffic between TOR peers. Hosting your own TOR network is pretty dang easy as well. It's also not likely somebody will connect to a privately hosted TOR network, or even know where to look.
I personally host my own TOR network and channel IRC and IM sessions from my workplace through my home connection. You can do a heck of a lot more than that including host your own personal underground Internet. The same goes with Hamachi, however you are not nearly as anonymous.
Anybody that wants to stay hidden can easily hop on existing TOR networks and advertise their IRC server to any number of recipients. It's my impression that if you are computer smart enough to use Skype, you are smart enough to use IRC sessions under TOR, or even talk through SSH sessions on *nix machines. The possibilities to protect your transmissions are endless. The verification methods between yourself and others can be quite secure if you understand how it works.
By the way, you can tunnel just about anything through anything else.. most people disagree since there is no QOS and it's highly latent and inefficient. Remind yourself not to disagree or ignore silly methods of doing things just because you wouldn't want to do things that way. Its very likely that any terrorist/criminal activity over the Internet that uses encryption doesn't care about their voice quality as much as they care about getting information securely transited between them.
To the PD, source tapping is necessary if you want to prove you are doing all you can. I feel as though it is a highly futile effort. Technology doesn't need to change in order to evade source tapping, only the method of communication. Increase undercover efforts since that seems the best source tap in your arsenal, one it easily adjusts with the criminal activity.
I had to use a remote server command via the unison command line which established a lock file on the server side. I had the same script locally to establish a lock file locally to keep other unison processes for this sync profile away until I was done transferring data.
The reason I did this is because unison fails to lock its files correctly and allows multiple syncs at a time. My machine at work would upload a 50 meg file which one of my home machines would in turn delete since the server had no idea it exists until the trasnfer is complete. And so on.. and one large ISP bill later (10GB home DSL quota) - I made it do locking using the following:
The command I ran on the local machine was the local lock script, and I referenced the remote lock script:
I use Unison as well. However most version control software will work just fine as well, like subversion, mercurial, and git. The only reason I use Unison more often than using version control is file permissions.
Unison requires some fancy locking if you set it up to be automatically run via a scheduled task or crontab entry. However thats easy to script. Most version control software will handle the locking perfectly.
There is a public server that helps link P2P nodes together, however the data itself is encrypted between p2p peers only. Its quite secure, the only thing the server knows is the IP address your client responds to, the same goes for any node connected to that specific hamachi network. There is no evil eye.
The concept behind Hamachi and LogMeIn is incredibly simple. Connect to server, punch hole in NAT, look for local peers, use server to negotiate issues with p2p connections, connections between each peer has distinct encryption. The p2p encryption is based on locally generated private and public keys.
Have fun.
Many phones and PBX's support SRTP by using TLS. This is still a huge privacy issue for most people, however encryption fixes privacy issues with most network tapping systems. You guys having a hard time with Comcast and BitTorrent? YOu can use IPSEC to get around a lot of that, or LogMeIn/Hamachi. If torrent sites existed in Hamachi networks (why not?) which is purely P2P as well as free and encrypted then you can go about your business with 802.3 segments encrypted and sent over completely dynamic IP ports.