actually, from the looks of the brief, there are a few ways to circumvent their device. To me, it appears the key (no pun intended) to thwarting this lies in that the logger is only active while the modem is active, meaning you have to be online in order to be have your keys logged.
Option #1
Some have suggested saving that phrase in a text file and then copy/paste from there would work, except that your passphrase is now in clear text on your hard disk. Any search warrant against your machine would find that file, and your private key becomes compromised.
Solution there is to open a text editor before going online, entering the passphrase there. go online. Get the mail and then copy/paste the passphrase, close text editor w/o saving.
Option #2
download the email off the mail server (ie, POP it off the server). Go offline. Enter passphrase and read message.
Likewise, dont write emails while online. Write and encrpyt first, then go online to send. The keylogger appears to be able to pick up your typing of the message if you're online as you write it. (this also saves you $$$ if your ISP is cheap enough to still be charging per hour rates!)
you're failing to differentiate between whats normal and whats abnormal for a police officer.
police officers are highly trained. they are taught what the appropriate time is to use their weapons. just because they have that gun doesnt mean you cant distrust them. that argument lacks logic. they have the guns for a reason, and it's not to bully people except those that deserve to have the gun pointed at them (ie, crooks).
people are arrested w/o warrants all the time. take the example of a bank robbery where an officer just happens to already be there making a deposit. the officer doesnt wait for a warrant to be approved, he just grabs the guy and throws him to the ground and cuffs him. no warrant needed.
the surviellence wont hush hush IMO. privacy advocates and the press will assert use of the Freedom of Info Act and learn the procedures of it's use when such a system goes live. We'll see how it actually gets used that way
cops have oversight. there's no reason to beleive that a system like this wont have oversight either. even if it has to be the press that provides that oversight by reviewing precedures they obtain via FOIA.
my friend, i am not going to read anymore of your posts on this topic. You are obviously a paranoid individual and i think you should take time to think out how technology is used and where it fits into the current scheme of operations before making rash uninformed judgements of it.
if we have cameras all over the place, then criminals know they will videotaped doing some of their crimes.
Having a tool search the streets for known suspects makes the streets safer by helping to find known suspects. I think people are aware that it wont help new crimes from happening.
Cameras here are an after-the-fact tool, not a before the fact.
I figured out the trick - you have to single click the icon first (left click), then hold shift and right click. In that list will be (unbolded) 'Open with...'
It's always been my opinion that standards are something developed for the general free use of the public. Standards are often decided upon by organizations such as NIST, IEEE, academia, etc.
Patents on the other hand aren't standards in my opinion. Commercial companies have traditionally been the ones pushing for patents and when they obtain one, they charge users of it a license fee.
A lot of patents are very useful and deserve to be standards, but I feel they should have the fees removed before it can be called a 'standard.' The patent can still stand after something has been standardized, but I dont think people should be charged to use it.
What's your call on opinions like mine that are carried by many individuals here at slashdot?
checking IDs at state lines IS going too far. leave the ID checks to national borders and customs agents. 9pm curfews are even more crazy.
The system of automated facial recognition does nothing to impact our day-to-day lives for the law abiding.
OTOH, it makes crooks with a history that havent done their time walk the streets in fear. I like that. I'd love to see a crook who hasnt done his time walk around fearing whether or not the police are hot on his tail. Even if the police never catch him, the crook still has to fear that possiblity.
I think fear of getting caught, especially with an automated facial recognition (one w/ better accuracy than today's), is better than a prison sentence depending on what the crook's crime was.
I have no problem with being watched/photo'd and having my face checked as I turn each street corner. Reason is that I have done no crime. Even if the system misID's me as a criminal, a human being still has to decide whether or not to if i'm really guy the system says I am.
Think for yourself at how this system is possibly going to be used in the real world before making rediculus assertions. Keep in mind that the police know it's not 100% accurate, so they still have to rely on classic police work in taking suspects in.
OT: I want that guy in CO behind bars. He raped 7 women here in philly, killing 1, and also (as I've been corrected) raped and killed 6 women in Colorado. He's a wanted criminal, and he deserves to walk the streets fearing FaceIt is following him.
we dont know if by catching them, we prevented an attack. lets assume a terrorist gets nabbed while making the trip to pickup explosive supplies. In that case, we've prevented an attack and saved lives.
Hence 3 of your points are actually 'maybes'
But you are correct by saying the next guy is just as capable as planting a bomb.
_________ MM MM SS
.-'-' ____)_____ MMM MMM SS SS
|.-' ______) MM M MM SS
| --- _) MM MM SS
| `-. _) MM MM SS SS
`---._____) MM MM SS
HH HH AA HH HH AA ||
HH HH AA AA HH HH AA AA ||
HHHHHH AAAAAA HHHHHH AAAAAA ||
HH HH AA AA HH HH AA AA ||
HH HH AA AA HH HH AA AA..
Lameness filter encountered.
Your comment violated the "postercomment" compression filter. Try less whitespace and/or less repetition. Comment aborted.
Important Stuff:
Please try to keep posts on topic.
Try to reply to other people comments instead of starting new threads.
Read other people's messages before posting your own to avoid simply duplicating what has already been said.
Use a clear subject that describes what your message is about.
Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
i dont know about K or Star Office, I've never used them either.
My guess (just a guess, dont flame if I'm wrong) is they do use macros, but those macros dont have the same priviliges as MS's macros do. For example, does a macro really need complete access to the filesystem of the machine? That's one of the things a macro virus exploiting this hole can do and start deleting files.
I think KOffice's and SO's developers learned from MS and would decide to not allow such possibilities.
you are correct that there are some bad cops out there, it's just a fact of life. But the number of crooked cops is so small compared to the number of decent cops that it doesnt matter to me.
Yes, cops have to have some photo (a good photo, not a grainy b/w from a bank security camera) of whom they want. But they dont always need an accurate description of their measurements, etc.
And even if they stop someone and take them in erroreously, this happens all the time already. It's gonna be no different regardless of whether something like this is implemented. And the mistakenly accused person is still permitted to take the cops to court to fight for punitive damages resulting from improper arrest.
I DO trust police. I have 2 uncles that are former officers, plus know many other officers from my work.
I DO trust the government. I used to work for them. Working on a military base having cameras all over doesnt bother me, because I know why they're there. When cameras appear on the streets, I'll still trust ther presense, because I know why they're there and what they're doing. I have also seen examples of the feds respecting the privacy of US citizens - like how phone numbers tracking targets have their last 4 digits removed before being stored if they are a number of a possible US citizen.
I DO trust this technology. A sister division to my military work tours was biometrics research. Although we were researching for the purpose of access control, the same techniques can apply to picking criminals out of a crowd. I agree, however, that it does need a few more years of development to improve the accuracy rate.
Lastly, if this system gets abused, trust me, we'll know. The press will be all over it, privacy advocates will be all over it, and/. wont be far behind.
yes, there has been evidence withheld. If the US (or other countries for that matter) releases some pieces of evidence, it makes future work for us a lot harder. If the enemy were to see the evidence we have, they could possibly figure out how we got and learn from it. I'll give an example below. Although the story is over 80 years old, the ideas it demonstrates still apply today.
During WW 1, British Intelligence intercepted what is now known as Zimmermann's Note. The message was encrypted and sent from Germany to the Mexican Ambassador to the US in Washington. From there, the Ambassador was to send instructions contained in the note to Mexico City.
BI knew how to break the encryption, and did so on this message. When they saw the contents, they had to take measures to make it look like the cables werent tapped nor the encryption was transparent.
BI rewrote the message and then passed it to the US. They made the note look like it was rewritten by the Ambassador and made it look like the message was actually intercepted by Allied spies in Mexico.
The Germans eventually learned that we (the US) had the note. After investigating, their conclusion was lax security in Mexico City allowed the US to find the note.
In the end, the Germans continued to use the cables BI had covertly tapped and continued using the same encryption algorithm. Hence, the British were able to continue their espionage activities and continued cracking messages from the Germans.
Had BI simply passed the original note to the US, the Germans would have stopped using those cables and changed their encryption. Two things that would make obtaining intelligence much more difficult.
If you want more on that story, I recommend The Code Book by Simon Singh. It's a history book on cryptology intertwined with the howto's of crpyto (everything from Julius Ceasar to PGP to Quantum Cryto). I think/. had a review of it about a year or so ago.
hmm... just noticed something interesting - Arthur Zimmermann's Note in 1917 and Phil Zimmermann's PGP software today. Although I doubt it, one has to wonder - are they related?
actually, that wont require new client software. they would want to setup the server to start sending out old raw data. Yes, some cycles will be wasted on redoing calculations already accomplished, but they have changed their algorithms to use faster math routines, so maybe this could simply verify the first result of a data unit and the overall integrity of the new algorithms.
we've done something like that already. we sent out something akin to an image showing that we have 9 planets and a star and several other items. I think it was sent in the 60s or maybe 70s. The image was very block-like similar to early video games. To my knowledge, we have not heard a reply.
Does anyone know where a picture of this message is?
ok, so just replace every instance of the word 'Denver' with 'Fort Collins.' Big deal! SO I SAID DENVER INSTEAD OF FT COLLINS!! You still have the same problem as you did before. (btw- Ft Collins is only about 40 miles from Denver)
I trust the police to do the right thing. I have two men in my family that are former officers, and I get offended when people say that police dont check their facts. See one of my other posts about how a system like this would actually get used in the normal everyday case and how it fits into regular police work.
Yes, some police abuse their power, and yes, this system will probably be abused too. But it wont be any different than the abuse that already takes place among police today.
Yes, it is speculation. I realize accuracy is not at it's best right now. Let's just say that the would've stood a much greater chance at getting caught had there been a system installed, whether it be here in philly or denver, or elsewhere.
But even still, I dont think the guy knows how to stay away from cameras anyway. The picture on the wanted posters came from a store surviellence camera across the street from one of his victims.
alright, my Old Man who's so senile he cant argue without insulting someone
my response to your "fallacy of logic" paragraph - All government computers (local, state, federal) are subject to being monitored by those who job it is to enforce proper use of systems. Ive done work for the military, and there is a group of people (also military) who monitor the computer use of those using military systems.
The same takes place at all levels of government. And it works too, as you just happened to have pointed out in your paragraph about Michigan.
response to the actual numbers of officers - I picked numbers out of there air that seemed reasonable, but you are correct. 100 does seem a bit of a small number, and a million just looks too big given you looked up the actual stat.
But let's take your numbers and do the math. 1000 officers divided by 664000 is STILL less than 1%! Or if you need a spefic equation spelled out for ya:
1000 / 664000 = 0.0015060240963855421686
Even if it were 10000, that's only 1.5% of all officers.
Lastly- I know this tool can be abused. Chances are good that yes, it'll happen. But I dont care. If you look at my other posts in this thread, you'll see how I beleive a tool like this would be used as part of normal police work. You'll see how the system can be designed to minimize abuse and maximize filtering out false matches.
Slashdot Mirror
actually, from the looks of the brief, there are a few ways to circumvent their device. To me, it appears the key (no pun intended) to thwarting this lies in that the logger is only active while the modem is active, meaning you have to be online in order to be have your keys logged.
Option #1
Some have suggested saving that phrase in a text file and then copy/paste from there would work, except that your passphrase is now in clear text on your hard disk. Any search warrant against your machine would find that file, and your private key becomes compromised.
Solution there is to open a text editor before going online, entering the passphrase there. go online. Get the mail and then copy/paste the passphrase, close text editor w/o saving.
Option #2
download the email off the mail server (ie, POP it off the server). Go offline. Enter passphrase and read message.
Likewise, dont write emails while online. Write and encrpyt first, then go online to send. The keylogger appears to be able to pick up your typing of the message if you're online as you write it. (this also saves you $$$ if your ISP is cheap enough to still be charging per hour rates!)
you're failing to differentiate between whats normal and whats abnormal for a police officer.
police officers are highly trained. they are taught what the appropriate time is to use their weapons. just because they have that gun doesnt mean you cant distrust them. that argument lacks logic. they have the guns for a reason, and it's not to bully people except those that deserve to have the gun pointed at them (ie, crooks).
people are arrested w/o warrants all the time. take the example of a bank robbery where an officer just happens to already be there making a deposit. the officer doesnt wait for a warrant to be approved, he just grabs the guy and throws him to the ground and cuffs him. no warrant needed.
the surviellence wont hush hush IMO. privacy advocates and the press will assert use of the Freedom of Info Act and learn the procedures of it's use when such a system goes live. We'll see how it actually gets used that way
cops have oversight. there's no reason to beleive that a system like this wont have oversight either. even if it has to be the press that provides that oversight by reviewing precedures they obtain via FOIA.
my friend, i am not going to read anymore of your posts on this topic. You are obviously a paranoid individual and i think you should take time to think out how technology is used and where it fits into the current scheme of operations before making rash uninformed judgements of it.
ta
think before you post....
if we have cameras all over the place, then criminals know they will videotaped doing some of their crimes.
Having a tool search the streets for known suspects makes the streets safer by helping to find known suspects. I think people are aware that it wont help new crimes from happening.
Cameras here are an after-the-fact tool, not a before the fact.
No one is saying anything about before the fact
OS X 10.1 actually recognizes the extentions to filenames as opposed to the file's headers to the fs
Unfortunately, I dont know how easy/difficult it is to change a file's association on OS X.
ok, so call me a dumbass.
I figured out the trick - you have to single click the icon first (left click), then hold shift and right click. In that list will be (unbolded) 'Open with...'
doesnt work on win98. holding shift as your right click pulls up the same menu as if you clicked outside an icon's area.
It's always been my opinion that standards are something developed for the general free use of the public. Standards are often decided upon by organizations such as NIST, IEEE, academia, etc.
Patents on the other hand aren't standards in my opinion. Commercial companies have traditionally been the ones pushing for patents and when they obtain one, they charge users of it a license fee.
A lot of patents are very useful and deserve to be standards, but I feel they should have the fees removed before it can be called a 'standard.' The patent can still stand after something has been standardized, but I dont think people should be charged to use it.
What's your call on opinions like mine that are carried by many individuals here at slashdot?
alright, so i was the first non-AC to say it
... Imagine a Beowulf cluster of those!
kool! thanks for the clarification!
you're being VERY paranoid. Be realistic.
checking IDs at state lines IS going too far. leave the ID checks to national borders and customs agents. 9pm curfews are even more crazy.
The system of automated facial recognition does nothing to impact our day-to-day lives for the law abiding.
OTOH, it makes crooks with a history that havent done their time walk the streets in fear. I like that. I'd love to see a crook who hasnt done his time walk around fearing whether or not the police are hot on his tail. Even if the police never catch him, the crook still has to fear that possiblity.
I think fear of getting caught, especially with an automated facial recognition (one w/ better accuracy than today's), is better than a prison sentence depending on what the crook's crime was.
I have no problem with being watched/photo'd and having my face checked as I turn each street corner. Reason is that I have done no crime. Even if the system misID's me as a criminal, a human being still has to decide whether or not to if i'm really guy the system says I am.
Think for yourself at how this system is possibly going to be used in the real world before making rediculus assertions. Keep in mind that the police know it's not 100% accurate, so they still have to rely on classic police work in taking suspects in.
OT: I want that guy in CO behind bars. He raped 7 women here in philly, killing 1, and also (as I've been corrected) raped and killed 6 women in Colorado. He's a wanted criminal, and he deserves to walk the streets fearing FaceIt is following him.
we dont know if by catching them, we prevented an attack. lets assume a terrorist gets nabbed while making the trip to pickup explosive supplies. In that case, we've prevented an attack and saved lives.
Hence 3 of your points are actually 'maybes'
But you are correct by saying the next guy is just as capable as planting a bomb.
could not resist some ascii art....
.-' ______) MM M MM SS
..
_________ MM MM SS
.-'-' ____)_____ MMM MMM SS SS
|
| --- _) MM MM SS
| `-. _) MM MM SS SS
`---._____) MM MM SS
HH HH AA HH HH AA ||
HH HH AA AA HH HH AA AA ||
HHHHHH AAAAAA HHHHHH AAAAAA ||
HH HH AA AA HH HH AA AA ||
HH HH AA AA HH HH AA AA
Lameness filter encountered.
Your comment violated the "postercomment" compression filter. Try less whitespace and/or less repetition. Comment aborted.
Important Stuff:
Please try to keep posts on topic.
Try to reply to other people comments instead of starting new threads.
Read other people's messages before posting your own to avoid simply duplicating what has already been said.
Use a clear subject that describes what your message is about.
Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
After 4 attempts, it still violates!! ARGHH!
Yea!! 5 attempts was the charm!!
i dont know about K or Star Office, I've never used them either.
My guess (just a guess, dont flame if I'm wrong) is they do use macros, but those macros dont have the same priviliges as MS's macros do. For example, does a macro really need complete access to the filesystem of the machine? That's one of the things a macro virus exploiting this hole can do and start deleting files.
I think KOffice's and SO's developers learned from MS and would decide to not allow such possibilities.
Care to explain?
you are correct that there are some bad cops out there, it's just a fact of life. But the number of crooked cops is so small compared to the number of decent cops that it doesnt matter to me.
/. wont be far behind.
Yes, cops have to have some photo (a good photo, not a grainy b/w from a bank security camera) of whom they want. But they dont always need an accurate description of their measurements, etc.
And even if they stop someone and take them in erroreously, this happens all the time already. It's gonna be no different regardless of whether something like this is implemented. And the mistakenly accused person is still permitted to take the cops to court to fight for punitive damages resulting from improper arrest.
I DO trust police. I have 2 uncles that are former officers, plus know many other officers from my work.
I DO trust the government. I used to work for them. Working on a military base having cameras all over doesnt bother me, because I know why they're there. When cameras appear on the streets, I'll still trust ther presense, because I know why they're there and what they're doing. I have also seen examples of the feds respecting the privacy of US citizens - like how phone numbers tracking targets have their last 4 digits removed before being stored if they are a number of a possible US citizen.
I DO trust this technology. A sister division to my military work tours was biometrics research. Although we were researching for the purpose of access control, the same techniques can apply to picking criminals out of a crowd. I agree, however, that it does need a few more years of development to improve the accuracy rate.
Lastly, if this system gets abused, trust me, we'll know. The press will be all over it, privacy advocates will be all over it, and
that's one way to do it, but not very efficient (obviously). IIRC, I sorta remember reading about something like that.
The book focused more on ciphers, like the Ceasar Shift Cipher, which was the predecessor to the ROT-13.
I gotta give Ceasar credit though, that technique of shaving heads was pure genius.
yes, there has been evidence withheld. If the US (or other countries for that matter) releases some pieces of evidence, it makes future work for us a lot harder. If the enemy were to see the evidence we have, they could possibly figure out how we got and learn from it. I'll give an example below. Although the story is over 80 years old, the ideas it demonstrates still apply today.
/. had a review of it about a year or so ago.
During WW 1, British Intelligence intercepted what is now known as Zimmermann's Note. The message was encrypted and sent from Germany to the Mexican Ambassador to the US in Washington. From there, the Ambassador was to send instructions contained in the note to Mexico City.
BI knew how to break the encryption, and did so on this message. When they saw the contents, they had to take measures to make it look like the cables werent tapped nor the encryption was transparent.
BI rewrote the message and then passed it to the US. They made the note look like it was rewritten by the Ambassador and made it look like the message was actually intercepted by Allied spies in Mexico.
The Germans eventually learned that we (the US) had the note. After investigating, their conclusion was lax security in Mexico City allowed the US to find the note.
In the end, the Germans continued to use the cables BI had covertly tapped and continued using the same encryption algorithm. Hence, the British were able to continue their espionage activities and continued cracking messages from the Germans.
Had BI simply passed the original note to the US, the Germans would have stopped using those cables and changed their encryption. Two things that would make obtaining intelligence much more difficult.
If you want more on that story, I recommend The Code Book by Simon Singh. It's a history book on cryptology intertwined with the howto's of crpyto (everything from Julius Ceasar to PGP to Quantum Cryto). I think
hmm... just noticed something interesting - Arthur Zimmermann's Note in 1917 and Phil Zimmermann's PGP software today. Although I doubt it, one has to wonder - are they related?
it appears God has already punished those who attacked us on the 11th:i sed.html
o nt_kill.html
http://www.theonion.com/onion3734/hijackers_surpr
He also made an appearance at ground zero:
http://www.theonion.com/onion3734/god_clarifies_d
actually, that wont require new client software. they would want to setup the server to start sending out old raw data. Yes, some cycles will be wasted on redoing calculations already accomplished, but they have changed their algorithms to use faster math routines, so maybe this could simply verify the first result of a data unit and the overall integrity of the new algorithms.
we've done something like that already. we sent out something akin to an image showing that we have 9 planets and a star and several other items. I think it was sent in the 60s or maybe 70s. The image was very block-like similar to early video games. To my knowledge, we have not heard a reply.
Does anyone know where a picture of this message is?
ok, so just replace every instance of the word 'Denver' with 'Fort Collins.' Big deal! SO I SAID DENVER INSTEAD OF FT COLLINS!! You still have the same problem as you did before. (btw- Ft Collins is only about 40 miles from Denver)
I trust the police to do the right thing. I have two men in my family that are former officers, and I get offended when people say that police dont check their facts. See one of my other posts about how a system like this would actually get used in the normal everyday case and how it fits into regular police work.
Yes, some police abuse their power, and yes, this system will probably be abused too. But it wont be any different than the abuse that already takes place among police today.
Yes, it is speculation. I realize accuracy is not at it's best right now. Let's just say that the would've stood a much greater chance at getting caught had there been a system installed, whether it be here in philly or denver, or elsewhere.
But even still, I dont think the guy knows how to stay away from cameras anyway. The picture on the wanted posters came from a store surviellence camera across the street from one of his victims.
alright, my Old Man who's so senile he cant argue without insulting someone
my response to your "fallacy of logic" paragraph - All government computers (local, state, federal) are subject to being monitored by those who job it is to enforce proper use of systems. Ive done work for the military, and there is a group of people (also military) who monitor the computer use of those using military systems.
The same takes place at all levels of government. And it works too, as you just happened to have pointed out in your paragraph about Michigan.
response to the actual numbers of officers - I picked numbers out of there air that seemed reasonable, but you are correct. 100 does seem a bit of a small number, and a million just looks too big given you looked up the actual stat.
But let's take your numbers and do the math. 1000 officers divided by 664000 is STILL less than 1%! Or if you need a spefic equation spelled out for ya:
1000 / 664000 = 0.0015060240963855421686
Even if it were 10000, that's only 1.5% of all officers.
Lastly- I know this tool can be abused. Chances are good that yes, it'll happen. But I dont care. If you look at my other posts in this thread, you'll see how I beleive a tool like this would be used as part of normal police work. You'll see how the system can be designed to minimize abuse and maximize filtering out false matches.
dude, you gotta learn what police work really is. By your definition of abuse of power, driving a police cruiser or even cuffing a guy is illegal.