Switches do not exist to prevent sniffing all traffic.
I know that. Switches were invented to lessen the packet saturation of ethernet networks by separating them into segments. Anti-sniffing results are just random side-effects.
With access to the switch, it is still possible to easily sniff a network
Well, yeah, of course. But we were talking about making a single co-located box sniff all the ISP's traffic. Not a very likely scenario, that.
VPN is not "rearchitecturing the network". VPN is running another protocol on top of an existing network. Again, network architecture has nothing to do with this.
[technical solutions to political problems] Apache's DAV module, Napster, GNUella, DeCSS, warez, data havens, PGP, anonymous remailers...
Ahem. And what is the political problem to which Napster is a solution to? Or DeCSS? or warez? or PGP?
Note, for example, that strong crypto is not a solution to political problems. It is a solution to the problem of unbreakable communications, and can be a big help in e.g. a fight against a police state, but by itself it does nothing about political problems.
Are they surrendering liberty for personal security? If so, why?
Yes. Because they are unable to foresee long-term consequences.
I still don't understand what "taking back democracy" means and which rights must we all demand?
[ISP giving encryption to its customers] SSL-enabled webservers. SSL-enabled imap, pop3, punching holes through the firewall(s) for VPN and SSL access, supporting IPv6 on their routers
Remember, this is all in context of FBI guys coming into the door with a court order. ISP will be forced to open all encryption run by the ISP itself: wholesale packet encryption will help against casual sniffing, but not against the government. Only the user-side encryption can help here.
Meaning that in a sense, Cringley is right: they don't have to locate the machine right next to the router as traffic comes into the ISP facility; they can locate the box just about anywhere and as long as there isn't a packet filter at the switch, the box could theoretically get every packet.
No, Cringley is not right. It all depends on the way the ISP is set up, but theoretically if you are on a network segment delineated by a switch, you will not see packets on other network segments beyond that switch. I doubt very much that any ISP larger than a very small one has network where from one non-router location you could sniff all traffic. After all that's why the switches were invented.
until our secret administrative courts run a few of your employees through the ringer.
Ringer? You don't mean wringer, do you?
BTW that's a good use for collecting all the info on everybody you can -- when the need arises you can always lean on them (aka blackmail).
until we rearchitecture the network to utterly defeat measures like this (transparent crypto?)
You cannot. A TCP/IP network is a "dumb" network and does nothing for security. Besides, you can always sniff at the router, provided you have access.
Crypto solves this problem, but it has nothing to do with network architecture.
Someday, someone is going to need to devise a technical solution to these political problems.
Sorry. Technical solutions to political problems are very, very rare. After all, that's why they are political problems and not technical. Technology may open new ways to solve social and political problems, but it does not solve them by itself.
empower the average citizen to take back their democracy and demand their rights.
Meaningless blabber. What does "take back democracy" mean? Demand which rights? The right to sue anytime something bad happens to you? One of the problems with the Western public is that is is very happy to surrender rights for entitlements.
give your customers end-to-end encryption.
An ISP cannot "give" encryption to customers. Crypto lives at the ends of the link and the ISP only has control over the link itself. You can advise people to use crypto, but you cannot force them to use it (hint: most people consider crypto to be too much of a hassle).
But I happen to like the fact that interfaces can be different.
Well, I like eye candy and funky windows borders. But why in hell do I have to remember which application does what with mouse clicks? If I middle-mouse-click, what will happen? Err... well.. it depends. Application A will pop up a menu, application B will paste, and application C will cut. Aarrgh!
Well, the reason why X Window is so deeply rooted in the UNIX world is that, to quote one of my friends, "There are no fucking attractive alternatives!". I agree that X is a nightmare and should be killed off by a better competitor, but there is no better competitor.
And BTW, X has plenty of problems but user interface inconsistency is not one of them. X is low-level and user interface standards are clearly not in its domain. The fact that, say, a middle mouse click can do anything at all in an X application is not a drawback of X -- it's a side effect of the UNIX world being fragmented, idiosyncratic, and, yes, free to do whatever one wants.
IE has a technique that displays as it renders while netscape renders everything then displays it. So it's a lot easier to catch html problems with netscape.
Browsers are for users, not for developers. The fact that Netscape has to render the whole thing before displaying is a misfeature. Some sites structure themselves as huge tables and I'd much rather see the top of the table immediately then sit and wait until Netscape gets to the bottom, renders it all, and only then will show me something.
Something that the netscape generation dispises.
Netscape generation?? Netscape may have been the first decent browser, but that earns it a place in history books and nothing else. The current Netscape loses to IE very badly.
"That's your personal ethics. Are you willing to impose them on the others?"
Um yes.
Well, then, unless you believe yourself to be somebody very very special, you should agree to have other people's ethics imposed upon you. What is it that makes your ethics better or more righteous than anybody else's ethics?
No, but are you saying that cracking into a system (secure or not), and destroying data or using it as a base for DOS attacks is acceptable? I sure as hell hope not. If you do that you *should* be thrown in jail
Wonderful. I should be thrown in jail for expressing a view -- nay, not even that: for just believing something! So let me get it straight. If I find cracking into a system acceptable, I should be thrown in jail, right? Doesn't matter if I actually crack systems or just think it's OK -- if my ethics are different enough I am a dangerous subversive and should be isolate from decent folk.
I thought that such positions were fairly unpopular outside of North Korea and the like.
The ethics are even more simple then that. If you are on or attacking a box you have not been invited to, you are acting unethically.
That's your personal ethics. Are you willing to impose them on the others? Are you willing to convert them into law?
Guess how many bugfixes have been released to backburner in the last year... Exactly 0. Why? Because I have had to spend all my time cleaning up cracked boxes and setting up firewalls just to keep my systems from being invaded, destroyed, or used to attack other systems (stealing precious time from others).
Now that's a bullshit argument. If you are dealing with computer security at work, this is your job and how intense it is has nothing to do with posting bugfixes for your project which you do in your spare time. If you tell me all your spare time is taken by cleaning up cracked boxes, I'll tell you that (1) I don't belive you, and (2) you should learn to prioritize your time.
The moment you touch a system you have not been invited onto, you are stealing precious time from somebody, period.
So? An inept clerk at a store is stealing my time. A person who stopped me to ask for directions is stealing my time. Windows' registry being fucked up steals my time and a lot of it. IRS steals huge chunks of my time every April.
My point is that engaging in activities has costs, and one of those costs is time. If you are running a publicly-accessible server, time to secure it and deal with vandals is one of the costs. Sure it would be nice not to have to deal with it. But think of the alternatives. We already have the War on Drugs where being caught with a bag of pot can land in your jail for many years. Do you want to live in a society where being caught at portscanning will lead to same results?
As much as we all love the net, I don't think that any of us can deny the fact that it does provide an easy to use and easy to conceal method for criminals and other dubious types to communicate, without regard for national laws or borders.
As opposed to, say, telephone? Or maybe paper mail?
So the FBI can read my unencrypted emails if it gets a court order and plugs a computer into my ISP's network? Really? Who could have guessed this?! This is soooo unheard of! Soon the heroic guys in blue (or black, or whatever) will be able to tap not only the email traffic, but also IP packets. They even gave a code name to their future project -- they call it a 'sniffer'. Script kiddies everywhere were reported trembling in their sandals.
[Sysadmins] got computers that they need to defend, and they have every right to be suspicious even of an 'act of curiosity.'
No problem. They do have the right to be suspicious and to take measures to defend their systems.
However some people are taking the next step which I am uncomfortable with, that is: if sniffing around (pinging, portscanning) is causing busy hardworking people to waste their time and worry too much, why then, just make it illegal. Make portscanning a federal crime and add War on Hackers (yes, hackers) to War on Drugs. Sure, that will make sysadmins' life easier. I also think that this would be a very Bad Thing to happen.
If I see sombody sitting in a car outside my house observing it, I may walk up to him and talk to him, I may walk out and stare at the guy through binoculars, I may call the cops. I am NOT going to lobby for a new law forbidding people to sit in parked cars outside other people's houses.
If your/. handle isn't linked to anything with your name on it, there's just no way to track you through it unless people use your real name in responses to your posts, or you do.
Court subpoena -> Slashdot server logs -> your IP address -> { ISP logs if necessary } -> your identity.
This can be dealt with by accessing Slashdot only through an anonymizer (public access terminal, the Anonymizer, Freedom network, etc.) but it's waay too big of a hassle for most people.
So you think that the US government won't mind if Chinga was able to completely hide all their communications from them?
You speak as if the US government has a choice.
Besides, what makes you think that the US is the sole source for all technology in the world? Even if the Chinese hackers are not as good as the US ones, there is a hell of a lot more of them. Anybody can buy Bruce Schneider's book and provided you have enough programmers you can build yourself a solution that is as secure as you like.
I am fairly sure that even I, a lowly Slashdot karma whore, can send messages to other people which are uncrackable by any government in the world, US included. Why shouldn't the Chinese government be able to do this?
The catagories of legality and morality are not the exact same thing, but they are not mutually exclusive
Of course not, but one of the differences is that legality is social and morality is individual. Laws are for all, what you personally believe is binding on you only.
Some things that are illegal are rightly so.
Ahem. Rigthly from whose point of view? Or, to be more specific, from which morality's point of view?
I was saying something about the impact of people that are willing to give their lives (and their names) to a cause.
Well, we were talking about providing tools for people to be anonymous. They are not mandatory. Anybody who wants to be a martyr is completely free to ignore all anonymizing technology. You can always take off the mask.
I was not critisizing people in danger for wanting to be anonymous; I was critisizing the assumption that you can only protest when anonymous.
Nobody claimed that protest can only be anonymous. The issue is whether there is ability to choose to be anonymous or not. If there are no anonymity tools nobody can be anonymous.
As for the pot smoking- frankly, I can tell cops anything I want.
Sure. Of course, that probably consitutes probable cause for the judge to issue a search warrant. And remember, in our hypothetical case you actually *are* smoking pot, so a search will find illegal substances in your house.
ut I wouldn't do that, because smoking weed seems like a waste of my time.
I am glad you lead a wholesome lifestyle:-)
rhetoric, and even sincerity, do not equate with morality
Of course not. But again, morality is individual.
What distresses me is people in this country (the US) using complex rationalizations to justify their own greed.
In the US as opposed to which country?
Besides, this has been happening at least since the times of Ancient Egypt and probably much earlier. I'd say that this will continue for the foreseeable future, too.
But it is a reason to be a little wary when someone offers some handy dandy thing that will guarantee your freedom, but has the 'negligable' side effect of giving people a clean way to circumvent laws that may (but not always, yes I know) intersect with morality
Wary of what? You can use a telephone for conspiracy to commit a crime. You can use a car in the commission of the crime. You can wear sunglasses that make it hard for you to be recognized on the street. What's so special about anonymous information exchange? (and it's not like you can't do it by putting coded text into the classified ads section...)
Get over it, tcp is *not* an anonymous protocol, and stuff running over it will allways bring some party under the axe.
TCP is not anonymous, but you can perfectly well run truly anonymous protocols on top of it.
Basically people are trying to apply mixmaster-type technology to packets instead of emails.
[bizzare idea] Build a packet-to-email gateway and route your packets through existing Mixmaster servers. Everything that times out is toast (Mixmaster introduces random delays into retransmission to foil traffic analysis) and you wouldn't believe how slow it will be, but in principle it should work, shouldn't it? [/bizzare idea]
Would the US allow China to have this Fling technology?
And who is going to ask them?
Would it not try to stop certain countries (*cough* Iran, China, Lebanon, North Korea *cough*) from utilizing "super-secure" technology to transport data?
Ahem. US tried to limit exports of hard crypto. The main result was that now a lot of crypto work is done outside of the US (and I have a nice RSA-in-Perl t-shirt). Hard crypto is out of the bag.
This project raises serious moral isssues...[snip]... This guy is targeting illegal markets ("Sale of government-disapproved goods", "Anonymous, unreported e-cash transactions").
You understand the difference between legality and morality, don't you? Right? Err... you do understand?
I'm concerned that his idea of how to address disagreement with the policies of your local governing body is to hide your identity and disregard the law.
I wouldn't put it this way, but now that you've formulated it, I would tend to agree with this. This is good advice, particularly with regard to hiding your identity.
it's a reminder that civil disobediance doesn't require anonimity.
Ahem. Where? How about civil disobedience in the (quite recently deceased) Soviet Union? Or, currently, in places like Serbia, Iran, Myanmar? Would you tell people who find themselves "in disagreement with the policies of their local governing body" that anonymity is unnecessary for them and bad for the political process?
Closer to home -- I assume you live in a Western developed country which has strong anti-drug legistlation -- let's say you smoke grass on a regular basis (and remember that laws do not determine morality). Would you proclaim this fact to all and sundry as an act of civil disobedience? Would you dare the cops to arrest you? Is it a useful thing to do?
Using high ideals to justify being a punk and a thief does.
You seem not to understand what "freedom" means. Think about it.
Kaa
Re:Couple Points about a Couple of points
on
Walk-By DNA Testing
·
· Score: 2
As someone mentioned before, having smoked pot in the past is not illegal as long as you do not have it on your person at the time you get caught.
Yeah, I know, but (a) that could be changed and (b) maybe the government would not put you in jail, but you employer can easily fire you. Imagine that every place that does drug tests on hiring now does drug tests every day as you enter the building.
you have almost no way of correlating what DNA you got from what body passing through the detector.
That depends, mostly on the rate of flow of people. Obviously, this is not going to work in a subway during the rush our. Obviously, this is going to work in a place where single people occasionally pass through. The middle - ?
First, of course this the drug war zealot's wet dream. Just install these machines everywhere, catch all who went past a joint-smoking guy, and solve the drug problem by transfering the majority of the population to prison.
Second, the point about fast DNA sequencing is not really relevant. This device could be used to collect DNA cheaply and invisibly (probably cross-indexed with video images of people passing through). Once you've done the collection, you can do the analysis at your leisure later.
Slashdot Mirror
I've read this article at HNN at least half a year ago, maybe more. It's clearly interesting, but is this news?
Kaa
Switches do not exist to prevent sniffing all traffic.
I know that. Switches were invented to lessen the packet saturation of ethernet networks by separating them into segments. Anti-sniffing results are just random side-effects.
With access to the switch, it is still possible to easily sniff a network
Well, yeah, of course. But we were talking about making a single co-located box sniff all the ISP's traffic. Not a very likely scenario, that.
Kaa
Answer: VPN.
VPN is not "rearchitecturing the network". VPN is running another protocol on top of an existing network. Again, network architecture has nothing to do with this.
[technical solutions to political problems] Apache's DAV module, Napster, GNUella, DeCSS, warez, data havens, PGP, anonymous remailers...
Ahem. And what is the political problem to which Napster is a solution to? Or DeCSS? or warez? or PGP?
Note, for example, that strong crypto is not a solution to political problems. It is a solution to the problem of unbreakable communications, and can be a big help in e.g. a fight against a police state, but by itself it does nothing about political problems.
Are they surrendering liberty for personal security? If so, why?
Yes. Because they are unable to foresee long-term consequences.
I still don't understand what "taking back democracy" means and which rights must we all demand?
[ISP giving encryption to its customers] SSL-enabled webservers. SSL-enabled imap, pop3, punching holes through the firewall(s) for VPN and SSL access, supporting IPv6 on their routers
Remember, this is all in context of FBI guys coming into the door with a court order. ISP will be forced to open all encryption run by the ISP itself: wholesale packet encryption will help against casual sniffing, but not against the government. Only the user-side encryption can help here.
Kaa
Meaning that in a sense, Cringley is right: they don't have to locate the machine right next to the router as traffic comes into the ISP facility; they can locate the box just about anywhere and as long as there isn't a packet filter at the switch, the box could theoretically get every packet.
No, Cringley is not right. It all depends on the way the ISP is set up, but theoretically if you are on a network segment delineated by a switch, you will not see packets on other network segments beyond that switch. I doubt very much that any ISP larger than a very small one has network where from one non-router location you could sniff all traffic. After all that's why the switches were invented.
Kaa
there is NO WAY to detect promiscuous mode. You don't know what you're talking about.
Ahem. Go to the l0pht site and look at their tool called Anti-Sniff.
Maybe then you would want to reconsider your position.
Kaa
until our secret administrative courts run a few of your employees through the ringer.
Ringer? You don't mean wringer, do you?
BTW that's a good use for collecting all the info on everybody you can -- when the need arises you can always lean on them (aka blackmail).
until we rearchitecture the network to utterly defeat measures like this (transparent crypto?)
You cannot. A TCP/IP network is a "dumb" network and does nothing for security. Besides, you can always sniff at the router, provided you have access.
Crypto solves this problem, but it has nothing to do with network architecture.
Someday, someone is going to need to devise a technical solution to these political problems.
Sorry. Technical solutions to political problems are very, very rare. After all, that's why they are political problems and not technical. Technology may open new ways to solve social and political problems, but it does not solve them by itself.
empower the average citizen to take back their democracy and demand their rights.
Meaningless blabber. What does "take back democracy" mean? Demand which rights? The right to sue anytime something bad happens to you? One of the problems with the Western public is that is is very happy to surrender rights for entitlements.
give your customers end-to-end encryption.
An ISP cannot "give" encryption to customers. Crypto lives at the ends of the link and the ISP only has control over the link itself. You can advise people to use crypto, but you cannot force them to use it (hint: most people consider crypto to be too much of a hassle).
Kaa
But I happen to like the fact that interfaces can be different.
Well, I like eye candy and funky windows borders. But why in hell do I have to remember which application does what with mouse clicks? If I middle-mouse-click, what will happen? Err... well.. it depends. Application A will pop up a menu, application B will paste, and application C will cut. Aarrgh!
Kaa
Well, the reason why X Window is so deeply rooted in the UNIX world is that, to quote one of my friends, "There are no fucking attractive alternatives!". I agree that X is a nightmare and should be killed off by a better competitor, but there is no better competitor.
And BTW, X has plenty of problems but user interface inconsistency is not one of them. X is low-level and user interface standards are clearly not in its domain. The fact that, say, a middle mouse click can do anything at all in an X application is not a drawback of X -- it's a side effect of the UNIX world being fragmented, idiosyncratic, and, yes, free to do whatever one wants.
Kaa
IE has a technique that displays as it renders while netscape renders everything then displays it. So it's a lot easier to catch html problems with netscape.
Browsers are for users, not for developers. The fact that Netscape has to render the whole thing before displaying is a misfeature. Some sites structure themselves as huge tables and I'd much rather see the top of the table immediately then sit and wait until Netscape gets to the bottom, renders it all, and only then will show me something.
Something that the netscape generation dispises.
Netscape generation?? Netscape may have been the first decent browser, but that earns it a place in history books and nothing else. The current Netscape loses to IE very badly.
Kaa
nation which has not only turned its back on God, but has indeed spat on God himself!
Ah, yes, I see. I was wondering about the tone of some of your posts. Now it's clear -- a standard fundamentalist mindset.
Kaa
"That's your personal ethics. Are you willing to impose them on the others?"
Um yes.
Well, then, unless you believe yourself to be somebody very very special, you should agree to have other people's ethics imposed upon you. What is it that makes your ethics better or more righteous than anybody else's ethics?
No, but are you saying that cracking into a system (secure or not), and destroying data or using it as a base for DOS attacks is acceptable? I sure as hell hope not. If you do that you *should* be thrown in jail
Wonderful. I should be thrown in jail for expressing a view -- nay, not even that: for just believing something! So let me get it straight. If I find cracking into a system acceptable, I should be thrown in jail, right? Doesn't matter if I actually crack systems or just think it's OK -- if my ethics are different enough I am a dangerous subversive and should be isolate from decent folk.
I thought that such positions were fairly unpopular outside of North Korea and the like.
Kaa
The ethics are even more simple then that. If you are on or attacking a box you have not been invited to, you are acting unethically.
That's your personal ethics. Are you willing to impose them on the others? Are you willing to convert them into law?
Guess how many bugfixes have been released to backburner in the last year... Exactly 0. Why? Because I have had to spend all my time cleaning up cracked boxes and setting up firewalls just to keep my systems from being invaded, destroyed, or used to attack other systems (stealing precious time from others).
Now that's a bullshit argument. If you are dealing with computer security at work, this is your job and how intense it is has nothing to do with posting bugfixes for your project which you do in your spare time. If you tell me all your spare time is taken by cleaning up cracked boxes, I'll tell you that (1) I don't belive you, and (2) you should learn to prioritize your time.
The moment you touch a system you have not been invited onto, you are stealing precious time from somebody, period.
So? An inept clerk at a store is stealing my time. A person who stopped me to ask for directions is stealing my time. Windows' registry being fucked up steals my time and a lot of it. IRS steals huge chunks of my time every April.
My point is that engaging in activities has costs, and one of those costs is time. If you are running a publicly-accessible server, time to secure it and deal with vandals is one of the costs. Sure it would be nice not to have to deal with it. But think of the alternatives. We already have the War on Drugs where being caught with a bag of pot can land in your jail for many years. Do you want to live in a society where being caught at portscanning will lead to same results?
Kaa
As much as we all love the net, I don't think that any of us can deny the fact that it does provide an easy to use and easy to conceal method for criminals and other dubious types to communicate, without regard for national laws or borders.
As opposed to, say, telephone? Or maybe paper mail?
Kaa
So the FBI can read my unencrypted emails if it gets a court order and plugs a computer into my ISP's network? Really? Who could have guessed this?! This is soooo unheard of! Soon the heroic guys in blue (or black, or whatever) will be able to tap not only the email traffic, but also IP packets. They even gave a code name to their future project -- they call it a 'sniffer'. Script kiddies everywhere were reported trembling in their sandals.
Kaa
[Sysadmins] got computers that they need to defend, and they have every right to be suspicious even of an 'act of curiosity.'
No problem. They do have the right to be suspicious and to take measures to defend their systems.
However some people are taking the next step which I am uncomfortable with, that is: if sniffing around (pinging, portscanning) is causing busy hardworking people to waste their time and worry too much, why then, just make it illegal. Make portscanning a federal crime and add War on Hackers (yes, hackers) to War on Drugs. Sure, that will make sysadmins' life easier. I also think that this would be a very Bad Thing to happen.
If I see sombody sitting in a car outside my house observing it, I may walk up to him and talk to him, I may walk out and stare at the guy through binoculars, I may call the cops. I am NOT going to lobby for a new law forbidding people to sit in parked cars outside other people's houses.
Kaa
I think someone would have to subpeona the phone records into my netzero hub
If you piss off law enforcement hard enough, no problem.
Does anyone know if those phone records are kept?
Yes. By your friendly phone company.
It seems like a ton of data to save.
So? Tape is cheap. Besides, guess who pays for it.
Kaa
If your /. handle isn't linked to anything with your name on it, there's just no way to track you through it unless people use your real name in responses to your posts, or you do.
Court subpoena -> Slashdot server logs -> your IP address -> { ISP logs if necessary } -> your identity.
This can be dealt with by accessing Slashdot only through an anonymizer (public access terminal, the Anonymizer, Freedom network, etc.) but it's waay too big of a hassle for most people.
Kaa
So you think that the US government won't mind if Chinga was able to completely hide all their communications from them?
You speak as if the US government has a choice.
Besides, what makes you think that the US is the sole source for all technology in the world? Even if the Chinese hackers are not as good as the US ones, there is a hell of a lot more of them. Anybody can buy Bruce Schneider's book and provided you have enough programmers you can build yourself a solution that is as secure as you like.
I am fairly sure that even I, a lowly Slashdot karma whore, can send messages to other people which are uncrackable by any government in the world, US included. Why shouldn't the Chinese government be able to do this?
Kaa
The catagories of legality and morality are not the exact same thing, but they are not mutually exclusive
:-)
Of course not, but one of the differences is that legality is social and morality is individual. Laws are for all, what you personally believe is binding on you only.
Some things that are illegal are rightly so.
Ahem. Rigthly from whose point of view? Or, to be more specific, from which morality's point of view?
I was saying something about the impact of people that are willing to give their lives (and their names) to a cause.
Well, we were talking about providing tools for people to be anonymous. They are not mandatory. Anybody who wants to be a martyr is completely free to ignore all anonymizing technology. You can always take off the mask.
I was not critisizing people in danger for wanting to be anonymous; I was critisizing the assumption that you can only protest when anonymous.
Nobody claimed that protest can only be anonymous. The issue is whether there is ability to choose to be anonymous or not. If there are no anonymity tools nobody can be anonymous.
As for the pot smoking- frankly, I can tell cops anything I want.
Sure. Of course, that probably consitutes probable cause for the judge to issue a search warrant. And remember, in our hypothetical case you actually *are* smoking pot, so a search will find illegal substances in your house.
ut I wouldn't do that, because smoking weed seems like a waste of my time.
I am glad you lead a wholesome lifestyle
rhetoric, and even sincerity, do not equate with morality
Of course not. But again, morality is individual.
What distresses me is people in this country (the US) using complex rationalizations to justify their own greed.
In the US as opposed to which country?
Besides, this has been happening at least since the times of Ancient Egypt and probably much earlier. I'd say that this will continue for the foreseeable future, too.
But it is a reason to be a little wary when someone offers some handy dandy thing that will guarantee your freedom, but has the 'negligable' side effect of giving people a clean way to circumvent laws that may (but not always, yes I know) intersect with morality
Wary of what? You can use a telephone for conspiracy to commit a crime. You can use a car in the commission of the crime. You can wear sunglasses that make it hard for you to be recognized on the street. What's so special about anonymous information exchange? (and it's not like you can't do it by putting coded text into the classified ads section...)
Kaa
Get over it, tcp is *not* an anonymous protocol, and stuff running over it will allways bring some party under the axe.
TCP is not anonymous, but you can perfectly well run truly anonymous protocols on top of it.
Basically people are trying to apply mixmaster-type technology to packets instead of emails.
[bizzare idea]
Build a packet-to-email gateway and route your packets through existing Mixmaster servers. Everything that times out is toast (Mixmaster introduces random delays into retransmission to foil traffic analysis) and you wouldn't believe how slow it will be, but in principle it should work, shouldn't it?
[/bizzare idea]
Kaa
the US wouldn't let it out.
I don't understand what you mean. How exactly would that happen?
Just like it used to severly limit hard crypto.
Exactly. And did it stop anybody, anybody at all, from getting hard crypto when he wanted it?
Kaa
Would the US allow China to have this Fling technology?
And who is going to ask them?
Would it not try to stop certain countries (*cough* Iran, China, Lebanon, North Korea *cough*) from utilizing "super-secure" technology to transport data?
Ahem. US tried to limit exports of hard crypto. The main result was that now a lot of crypto work is done outside of the US (and I have a nice RSA-in-Perl t-shirt). Hard crypto is out of the bag.
Kaa
This project raises serious moral isssues ...[snip]... This guy is targeting illegal markets ("Sale of government-disapproved goods", "Anonymous, unreported e-cash transactions").
You understand the difference between legality and morality, don't you? Right? Err... you do understand?
I'm concerned that his idea of how to address disagreement with the policies of your local governing body is to hide your identity and disregard the law.
I wouldn't put it this way, but now that you've formulated it, I would tend to agree with this. This is good advice, particularly with regard to hiding your identity.
it's a reminder that civil disobediance doesn't require anonimity.
Ahem. Where? How about civil disobedience in the (quite recently deceased) Soviet Union? Or, currently, in places like Serbia, Iran, Myanmar? Would you tell people who find themselves "in disagreement with the policies of their local governing body" that anonymity is unnecessary for them and bad for the political process?
Closer to home -- I assume you live in a Western developed country which has strong anti-drug legistlation -- let's say you smoke grass on a regular basis (and remember that laws do not determine morality). Would you proclaim this fact to all and sundry as an act of civil disobedience? Would you dare the cops to arrest you? Is it a useful thing to do?
Using high ideals to justify being a punk and a thief does.
You seem not to understand what "freedom" means. Think about it.
Kaa
As someone mentioned before, having smoked pot in the past is not illegal as long as you do not have it on your person at the time you get caught.
Yeah, I know, but (a) that could be changed and (b) maybe the government would not put you in jail, but you employer can easily fire you. Imagine that every place that does drug tests on hiring now does drug tests every day as you enter the building.
you have almost no way of correlating what DNA you got from what body passing through the detector.
That depends, mostly on the rate of flow of people. Obviously, this is not going to work in a subway during the rush our. Obviously, this is going to work in a place where single people occasionally pass through. The middle - ?
Kaa
First, of course this the drug war zealot's wet dream. Just install these machines everywhere, catch all who went past a joint-smoking guy, and solve the drug problem by transfering the majority of the population to prison.
Second, the point about fast DNA sequencing is not really relevant. This device could be used to collect DNA cheaply and invisibly (probably cross-indexed with video images of people passing through). Once you've done the collection, you can do the analysis at your leisure later.
Kaa