Non-genuine ICQ clients bypass the authentication,
at least for watching whether you're online. micq is one of such clients. That's an ICQ protocol deficiency, which I guess they live with so not to piss off the older own clients' installed base (maybe if the share of micq-like clients goes high, they'll reconsider...)
Agreed, but the main case against in that argument usually refers to intercepting the data while you don't know how to physically catch them. It is not as much about trying to catch them with a "smoking gun", where the crypto just "obscures the smoke" (as in the Scarfo's case).
Others have rightfully mentioned that most
stuff that goes out on the wire (like email) is often
typed offline. OK, so maybe the judge didn't understand this subtlety and missed this point.
But it looks from the article that the FBI
convinced him (and the defense) that by blocking the logger during the modem activity, truly "online" communications won't be looked at. Such as, say, intercepts of passwds from within a telnet window session.
My point is that it is not true as well! At least, if you have a 1-CPU box, and especially if the modem is a "winmodem", actual sending or receiving of data via the modem channel is not done simultaneously with the keyboard interrupt processing, because both are different CPU-intensive tasks (actually done in different level interrupt handlers.) For other OS+hardware combinations this also might happen, but I don't exactly know what the suspect had in his PC.
Also, sometimes, especially with things that fingers are used to, one can actually type things ahead of the transmission start into an online communication channel...
I think that the Boeing777 game console,
the one embedded into the seat (at least
at the economy class of the only B777 I flew,
belonging to Continental Airlines)
is based on Windows 3.11!!
At the very least, its UI and dialogs are the
same, and the GPFs are all there in the old
familiar form of the dialogs:) In the
flight survey option, however, there was
no way to file a bug report:))
This gets asked every time another virus hits the net.
I daresay it's a FAQ. The most common explanation
I heard is that the virus writing people are secretly
employed by the anti-virus s/w manufacturers:-))
I am trying spambouncer right now, and it seems
pretty worth the effort. If you have a shell
account, it works pretty much out of the box,
provided that you keep an eye on the log
in the first couple of days.
I have a funny metaproblem with it, though.
On the www.spambouncer.org site it's suggested
to subscribe the updates list. O.K., so I go for it.
It looks like updates-request@lists.spambouncer.org
is not a valid alias at that system
(forgot to update the majordomo aliases file?)
O.K., so I mailed
majordomo@lists.spambouncer.org
Then I got a response from...
Majordomo@mail.cliq.com,
(I just hope that's co-hosting...
cliq.com does sound very spammy:)
Oh, what an awful thought! Spammers spammed
the MX records for the spambouncer.org
and collect the addresses of those
who try to subscribe updates!!)
It says it has no list called 'updates'.
If you ask it for all it has to offer, it says:
Majordomo@mail.cliq.com serves the following lists:
cliq-users-dsl Announcements for CLIQ's DSL users
mjd_ej Electronic Journal Online Marketing list.
test Test list for CLIQ Services Cooperative
(The Online Marketing feeds my worst suspicions...)
Anyone out there can point me in the right direction?
It looks like this is a real trend now.
I know several people, too, who moved to the
new iBook from a Windows machine. Maybe
Apple should promote itself with success
stories coming from all those guys...
At least the "technology" /. topic icon unchanged
on
This is IT?
·
· Score: 1
NO i... 2-LETTER PRONOWNS INSIDE THIS ARTICLE!
GET RELIEVED!!!
Among all the hype pouring at us from all
directions about this gadget, I am somewhat
relieved to see that the "technology" topic icon
on Slashdot hasn't yet morphed into a two-wheeled
something:-)
Grrrrr.... With a sprained knee, a brace and a
pair of crutches I hope to get better before test
drive is available around.
Looks like everyone who is physically able to
drive a scooter (or even less able) will be able
to try soon and say if he likes or not. Don't
barf at now just because is not a flying
saucer that you expected out of the previous
mystery hype and you can't get hold of this
gadget:-)
Cryptonomicon comes to mind indeed when reading your laptop description and your hardware keylogger concerns. BTW that book gives many good insights on data security often overlooked by people applying with "brute-force" encryption techs w/o considering well what happens with the data between you and the encrypted channel entrance...
Never forget that the same Oregon State
convicted Randal Schwartz while he, actually,
was working to improve Intel's security.
His behaviour was considered to be an intrusion,
and compared to theft and private property break-in.
DMV selling off public data is not violation of
one's privacy rights, though, in their opinion...
You can't block every bit of encrypted data
unless you block all of the data flow.
Steganography
allows one to embed in virtually any data stream
which has some amount of "white noise". Countrary
to the popular belief that you need a binary
format for that, you don't. It's easy to do
steganography in plain text (OK, you need lots
of text for that), say, using blanks (spaces/
tabs/CR/LF/FF/etc), punctuation or whatever else.
Of course, it is quite hard to disseminate
information among a wide audience using
steganography - because if everyone knows where
it is embedded, the blocking authorities also
will, but the really persistent guys won't fear
any firewall:)
Slashdot Mirror
Now that you've just expressed your wish, can he spam you? You have just actually solicited a bulk mailing from him :-)
Non-genuine ICQ clients bypass the authentication, at least for watching whether you're online. micq is one of such clients. That's an ICQ protocol deficiency, which I guess they live with so not to piss off the older own clients' installed base (maybe if the share of micq-like clients goes high, they'll reconsider...)
Did you mean "Post Spam & Sue"? :-))
Then it could have been P.S.S.
Agreed, but the main case against in that argument usually refers to intercepting the data while you don't know how to physically catch them. It is not as much about trying to catch them with a "smoking gun", where the crypto just "obscures the smoke" (as in the Scarfo's case).
Others have rightfully mentioned that most stuff that goes out on the wire (like email) is often typed offline. OK, so maybe the judge didn't understand this subtlety and missed this point.
But it looks from the article that the FBI convinced him (and the defense) that by blocking the logger during the modem activity, truly "online" communications won't be looked at. Such as, say, intercepts of passwds from within a telnet window session.
My point is that it is not true as well! At least, if you have a 1-CPU box, and especially if the modem is a "winmodem", actual sending or receiving of data via the modem channel is not done simultaneously with the keyboard interrupt processing, because both are different CPU-intensive tasks (actually done in different level interrupt handlers.) For other OS+hardware combinations this also might happen, but I don't exactly know what the suspect had in his PC.
Also, sometimes, especially with things that fingers are used to, one can actually type things ahead of the transmission start into an online communication channel...
They stream out 2 feeds there, newsforge and newsvac. And, BTW, when one uses Newsforge, the Slashdot feed is there to add...
(Yes, my article rejected by Slashdot was posted on NewsVac...)
I think that the Boeing777 game console, the one embedded into the seat (at least at the economy class of the only B777 I flew, belonging to Continental Airlines) is based on Windows 3.11!!
At the very least, its UI and dialogs are the same, and the GPFs are all there in the old familiar form of the dialogs :) In the
flight survey option, however, there was
no way to file a bug report :))
This gets asked every time another virus hits the net.
:-))
I daresay it's a FAQ. The most common explanation
I heard is that the virus writing people are secretly
employed by the anti-virus s/w manufacturers
I am trying spambouncer right now, and it seems
:)
pretty worth the effort. If you have a shell
account, it works pretty much out of the box,
provided that you keep an eye on the log
in the first couple of days.
I have a funny metaproblem with it, though.
On the www.spambouncer.org site it's suggested
to subscribe the updates list. O.K., so I go for it.
It looks like updates-request@lists.spambouncer.org
is not a valid alias at that system
(forgot to update the majordomo aliases file?)
O.K., so I mailed
majordomo@lists.spambouncer.org
Then I got a response from...
Majordomo@mail.cliq.com,
(I just hope that's co-hosting...
cliq.com does sound very spammy
Oh, what an awful thought! Spammers spammed
the MX records for the spambouncer.org
and collect the addresses of those
who try to subscribe updates!!)
It says it has no list called 'updates'.
If you ask it for all it has to offer, it says:
Majordomo@mail.cliq.com serves the following lists:
cliq-users-dsl Announcements for CLIQ's DSL users
mjd_ej Electronic Journal Online Marketing list.
test Test list for CLIQ Services Cooperative
(The Online Marketing feeds my worst suspicions...)
Anyone out there can point me in the right direction?
Vassilii
It looks like this is a real trend now.
I know several people, too, who moved to the
new iBook from a Windows machine. Maybe
Apple should promote itself with success
stories coming from all those guys...
NO i... 2-LETTER PRONOWNS INSIDE THIS ARTICLE!
:-)
:-)
GET RELIEVED!!!
Among all the hype pouring at us from all
directions about this gadget, I am somewhat
relieved to see that the "technology" topic icon
on Slashdot hasn't yet morphed into a two-wheeled
something
Grrrrr.... With a sprained knee, a brace and a
pair of crutches I hope to get better before test
drive is available around.
Looks like everyone who is physically able to
drive a scooter (or even less able) will be able
to try soon and say if he likes or not. Don't
barf at now just because is not a flying
saucer that you expected out of the previous
mystery hype and you can't get hold of this
gadget
The Spam Rap looks more poetic and funny than the last year's winner. But tastes differ :)
Cryptonomicon comes to mind indeed when reading your laptop description and your hardware keylogger concerns. BTW that book gives many good insights on data security often overlooked by people applying with "brute-force" encryption techs w/o considering well what happens with the data between you and the encrypted channel entrance...
Let's wait till someone writes that he had to kill for CmdrTaco's console ?
Never forget that the same Oregon State convicted Randal Schwartz while he, actually, was working to improve Intel's security. His behaviour was considered to be an intrusion, and compared to theft and private property break-in. DMV selling off public data is not violation of one's privacy rights, though, in their opinion...
You can't block every bit of encrypted data unless you block all of the data flow. Steganography allows one to embed in virtually any data stream which has some amount of "white noise". Countrary to the popular belief that you need a binary format for that, you don't. It's easy to do steganography in plain text (OK, you need lots of text for that), say, using blanks (spaces/ tabs/CR/LF/FF/etc), punctuation or whatever else. Of course, it is quite hard to disseminate information among a wide audience using steganography - because if everyone knows where it is embedded, the blocking authorities also will, but the really persistent guys won't fear any firewall :)