Wow... Six degrees of separation. Let me tell you what recently happened to me after getting a new phone number in my house... Seems the previous user of this number had credit issues up the wazoo... So let's ponder me getting a number that was used by a terrorist. Should I be labeled guilty by association. Your arguments on this are rather weak. There is no algorithm for determining which communication a terrorist is going to use. After all this same administration touts that the wily terrorists are using crypto. If they are then all arguments of tapping for the sake of weeding out terrorism are flushed down the drain.
What's next? How about a third reich like system where they allocate an entire demographic region, send all the arabs there and figure out who is who. Would that allay fears? This country is turning into the third reich slowly with their psychological crapaganda getting intermixed with politricks.
[sil@memnon/usr/home/sil]$ which terrorist [sil@memnon/usr/home/sil]$ finger terrorist finger: terrorist: no such user [sil@memnon/usr/home/sil]$ whereis terrorist terrorist: [sil@memnon/usr/home/sil]$ find $STATE terrorist | xargs grep -i terror
Besides, who cares which inconsequential individuals want the president impeached? Lets reverse this and search for those dissidents who are leaking information to the public shall we? How about the person who reported the Plame leak? How about the person who reported the CIA torture in Abu Ghraib? It seems this system would favor the current administration in weeding out dissidents and disaffected government employees more than it would help them find terrorists. Outside of this argument lets look at what the government said before shall we? " Once the exclusive domain of the National Security Agency, the super-secret U.S. agency responsible for developing and cracking electronic codes, encryption has become the everyday tool of Muslim extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S. officials say. It's become so fundamental to the operations of these groups that bin Laden and other Muslim extremists are teaching it at their camps in Afghanistan and Sudan, they add." source.. So what you have is FUD being pushed at this point. First they're stating the terrorists are using and I quote "UNBREAKABLE CRYPTO". Well golly gee Wilbur, if they're using unbreakable crypto then why bother tapping them. Give me a break. This administration is doing everything it can to erode basic rights such as privacy under the crapaganda term of "Homeland Security". How about securing my communications from eavesdropping, wouldn't that TRULY be homeland security.
Did you get this comment Agent Smith? Thanks to our taps this anonymous coward here is currently being investigated for his acts of terrorism and allegiance to Osama.
What do you define as illegal? Seems like the illegal things this administration does gets overlooked and lost in a myriad of "National Security" crapaganda. Do you think that its legal for the NSA to wiretap the entire Internet? Under who's juridstiction? If I were a lawyer I would sue the government for breaching my client confidentiality. No one specified that my line as an attorney should be tapped. So why should the NSA under this administration be allowed a free ride to break the law? You should take the time to read about the statistical improbability of the NSA actually narrowing down and finding terrorists with their wiretapping actions.
Cryptome has had copies of these documents for some time (about a week). You should take some time to read them. This gentleman falls in line with Michael Lynn who lost his job for disclosing Cisco's flaws. With the government wanting to monitor everything and its mother, I think it serves them right to have the truth exposed. If you'd like an interesting read, read on:
mass surveillance of the entire population is logically plausible if NSA's domestic spying is not looking for terrorists, but looking for something else, something that is not so rare as terrorists. For example, the May 19 Fox News opinion poll of 900 registered voters found that 30% dislike the Bush administration so much they want him impeached. If NSA were monitoring email and phone calls to identify pro-impeachment people, and if the accuracy rate were.90 and the error rate were.01, then the probability that people are pro-impeachment given that NSA surveillance system identified them as such, would be p=.98, which is coming close to certainty (p_1.00). Mass surveillance by NSA of all Americans' phone calls and emails would be very effective for domestic political intelligence.
But finding a few terrorists by mass surveillance of the phone calls and email messages of 300 million Americans is mathematically impossible, and NSA certainly knows that. The Politics of Paranoia and Intimidation
Anyhow, here's an unredacted excerpt:
In January 2003, I, along with others, toured the AT&T central office on Folsom Street in San Francisco -- actually three floors of an SBC building. There I saw a new room being built adjacent to the 4ESS switch room where the public's phone calls are routed. I learned that the person whom the NSA interviewed for the secret job was the person working to install equipment in this room. The regular technician work force was not allowed in the room.
Your provider does not have to pay this is where peering agreements come into play between NAPs and NSP's. Your provider pays X amount from an NSP or NAP. That price is a set price. Your ISP turns around and calculates the cost and determines a price for the customer. Your provider's usage is predetermined so they won't have to incur extra fees. Peering between companies is done to alleviate issues like this on both ends. With network on top of network on top of network relying on one another to pass data through, most of the times bandwidth is never an issues on an ISP level. NAP, NSP level, they're not even concerned about your bandwidth usage.
Your cell phone carrier is offloading the charges to pass that call through to another carrier. Think of it as a private highway intersecting to another private highway. You paid tolls to get on one, but what does that have to do wit passing through to another highway
Your pay per byte scheme will never fly. Would you be willing to pay for bytes transferred per say, Windows Updates? How about if you were running a small business with 100 machines? Let Machines = M Updates (in megabytes) = U T = Times a Month: 100M x 5U x 4T... Would you like to pay for Microsoft's additional bandwidth use? What about companies sending java ads, etc. The pay per byte would definitely not fly. As for companies acting under the guise of needing infrastructure work, I say have them justify the expenditures before trying to pass it off to the consumer.
Do you mean that under USC 31337 (1)(a)(c)(e) subsection (a)(g) which was superceded by USC 1337 (a)(s)(s) following the guidelines of pork barrel contributors to the aforementioned parties in limine to carrying forth judgement on this matter that someone has to play fairly? Well that makes a lot of sense now doesn't it. However, how long till lobbyists grease up the right pockets and allow the big boys to do as they always do... Monopolize. Strangely I just thought about AT&T's semi new VoIP offering... Aren't they cutting their own throats by offering an all inclusive $49.99 service (local and long distance svce)? I mean after all, if they didn't they would have to charge an average of about $60.00 per month per customer for LD only... I guess its better for them to shoo away companies like Vonage and keep all the money for themselves. Blah to Skype and purveyors of things big companies can't cash in on (sarcasm... you know;O)
Well since I hate my classmates, I think I will scan their yearbook picture, create an account as them, then ramble on about mercy killings etc...... Wonder what will happen when this occurs.
Torrentspy's complaint includes claims that the man whom the MPAA allegedly paid $15,000 to steal e-mail correspondence and trade secrets has admitted his role in the plot and is cooperating with the company.
MPAA: How much to get us information on this evil company h4x0r: d00d 3y3 c4n pwn3rfy th3m f0r ch3ep w1f my 0d4y j3etsp34k to0lbar!
It does cost zero to install and use. What I was talking about was on a corporate level just so you understand. I don't see IT managers of Fortune 500's or 1000's rushing to replace IE with Firefox do you? Since you want to bring up Firefox (which is what I'm using just so you know), you do know that throughout this year there have been just as many if not more bugs with it then IE. If you also care to notice, Firefox as does most software developers place their bug notices mainly after they've been patched. Not once have I seen any developer of any software place a "Hey before you use this product here are its bugs" note on any site, disclaimer, etc.
How about making a list of known bugs available to your customer prior to purchase?</i> I don't think the Board of Directors on any publicly traded company will allow this. The problem with many traded companies (and I'm using publicly traded companies since MS is mentioned) would be that the company wouldn't likely meet financials. Hence many pouring out shoddy programs. Imagine the trading price of MS if it did ship a list of known bugs alongside their products... I would think consumers would wait for a stable product before buying. Even if they did ship what they deemed a stable product, whose to blame for someone finding a flaw? The programmer who didn't have an insight to think outside the box similar to the hacker (and I use that term in its purest sense) who broke the product? Speaking of MS...
From: Microsoft Security Response Center <secure@microsoft.com> To: "xxxx" <xxxx@hushmail.com> Cc: Microsoft Security Response Center <secure@microsoft.com>
Thank you for the update with regards to your findings. We are still going through the repro stages of the case and there appears to be some confusion over the concern. Do you happen to have a network trace of the behavior that I could work with our development teams in reviewing to ensure that we are looking at the same concern and avoid any possible confusion on the matter?
Thanks,
Adrian Microsoft Security Response Center
I've broken MS' MSRPC in a real bad way. There are no ifs ands or buts. I passed the information off to Microsoft instead of passing code to a full disclosure list. I've replicated this over and over, remotely and locally. I know for a fact because of the architecture of networking they will never be able to fix this. So what would you think as a consumer about to purchase a product with a hole that can never be filled.
As noted in the article: "Private citizens and the government could likewise place cookies on library books to monitor who's checking them out." And how is this not being done as is. For anyone who goes into a library, records of what books you check out are kept since you have to submit your library card. Most public libaries are known/thought to share this information with government as it stands. In response to Exxon Mobile SpeedPass ""Texas Instruments used an untested cipher." The Johns Hopkins lab found that the code could be broken"... That was then, this is now... The test in question was done some years back. How about verifying something now instead of crying over spilled milk. Can this be replicated now, if so why didn't they write about it. Did they solely include this information to inject FUD into the RFID security scene. Another noteworthy statement: "VeriChip, the only company making FDA-approved tags, boasts on its Web site that "this 'always there' identification can't be lost, stolen, or duplicated." It sells the chips to hospitals as implantable medical ID tags and is starting to promote them as secure-access keys." Of interesting note would be that, many hospitals' maternity wards have chips for newborns that are supposed to alert staff if a baby is removed. While parents may find this "useful", it does nothing if someone simply... (drum roll) cuts off the tag. Aside from that instance of stupidity, in many instances, one need only to inject noise interference to disable many RFID tags... So instead of getting all geeky and narrowing down a band, find yourself a decent noise generator capable of jamming a frequency and just do a five finger discount on a bag of Doritos. Go for it, its on the house and I'm sure those security personnel whose jobs were lost from companies depending on RFID will love you for it
Say what? Sounds similar to what the Bush administration via the NSA is doing only on a public level. For those who want to ramble on about privacy and abuse take note that just about every other week some company has lost their records, or someone has infiltrated their networks and gained access to records. If that's not enough to make you throw in the towel when it comes to protecting your privacy, never ever apply for a credit card, never sign a document, never reveal anything about yourself to anyone. What most fail to realize when complaining about these things is that hardly anyone takes the time to read the Terms of Service agreements. Whether its via purchasing something online, or paying your T-Mobile bill. If one did, one would take note at craftily worded crud a vendor created spelling out how they plan to share your information with others. So who is to blame when you bought something from Company A who sold your info to Company B and Company B loses your info or dishes it out. Or... Who will you blame when Company A who promised not to disclose your info is bought by Company B who made no promise to... As for privacy, get over it... Its diminishing slowly because you the people are allowing it.
Slashdot Mirror
What's next? How about a third reich like system where they allocate an entire demographic region, send all the arabs there and figure out who is who. Would that allay fears? This country is turning into the third reich slowly with their psychological crapaganda getting intermixed with politricks.
Right...Besides, who cares which inconsequential individuals want the president impeached? Lets reverse this and search for those dissidents who are leaking information to the public shall we? How about the person who reported the Plame leak? How about the person who reported the CIA torture in Abu Ghraib? It seems this system would favor the current administration in weeding out dissidents and disaffected government employees more than it would help them find terrorists. Outside of this argument lets look at what the government said before shall we? " Once the exclusive domain of the National Security Agency, the super-secret U.S. agency responsible for developing and cracking electronic codes, encryption has become the everyday tool of Muslim extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S. officials say. It's become so fundamental to the operations of these groups that bin Laden and other Muslim extremists are teaching it at their camps in Afghanistan and Sudan, they add." source .. So what you have is FUD being pushed at this point. First they're stating the terrorists are using and I quote "UNBREAKABLE CRYPTO". Well golly gee Wilbur, if they're using unbreakable crypto then why bother tapping them. Give me a break. This administration is doing everything it can to erode basic rights such as privacy under the crapaganda term of "Homeland Security". How about securing my communications from eavesdropping, wouldn't that TRULY be homeland security.
Did you get this comment Agent Smith? Thanks to our taps this anonymous coward here is currently being investigated for his acts of terrorism and allegiance to Osama.
What do you define as illegal? Seems like the illegal things this administration does gets overlooked and lost in a myriad of "National Security" crapaganda. Do you think that its legal for the NSA to wiretap the entire Internet? Under who's juridstiction? If I were a lawyer I would sue the government for breaching my client confidentiality. No one specified that my line as an attorney should be tapped. So why should the NSA under this administration be allowed a free ride to break the law? You should take the time to read about the statistical improbability of the NSA actually narrowing down and finding terrorists with their wiretapping actions.
Anyhow, here's an unredacted excerpt:
In January 2003, I, along with others, toured the AT&T central office on Folsom Street in San Francisco -- actually three floors of an SBC building. There I saw a new room being built adjacent to the 4ESS switch room where the public's phone calls are routed. I learned that the person whom the NSA interviewed for the secret job was the person working to install equipment in this room. The regular technician work force was not allowed in the room.
Your provider does not have to pay this is where peering agreements come into play between NAPs and NSP's. Your provider pays X amount from an NSP or NAP. That price is a set price. Your ISP turns around and calculates the cost and determines a price for the customer. Your provider's usage is predetermined so they won't have to incur extra fees. Peering between companies is done to alleviate issues like this on both ends. With network on top of network on top of network relying on one another to pass data through, most of the times bandwidth is never an issues on an ISP level. NAP, NSP level, they're not even concerned about your bandwidth usage.
Your cell phone carrier is offloading the charges to pass that call through to another carrier. Think of it as a private highway intersecting to another private highway. You paid tolls to get on one, but what does that have to do wit passing through to another highway
Your pay per byte scheme will never fly. Would you be willing to pay for bytes transferred per say, Windows Updates? How about if you were running a small business with 100 machines? Let Machines = M Updates (in megabytes) = U T = Times a Month: 100M x 5U x 4T ... Would you like to pay for Microsoft's additional bandwidth use? What about companies sending java ads, etc. The pay per byte would definitely not fly. As for companies acting under the guise of needing infrastructure work, I say have them justify the expenditures before trying to pass it off to the consumer.
Do you mean that under USC 31337 (1)(a)(c)(e) subsection (a)(g) which was superceded by USC 1337 (a)(s)(s) following the guidelines of pork barrel contributors to the aforementioned parties in limine to carrying forth judgement on this matter that someone has to play fairly? Well that makes a lot of sense now doesn't it. However, how long till lobbyists grease up the right pockets and allow the big boys to do as they always do... Monopolize. Strangely I just thought about AT&T's semi new VoIP offering... Aren't they cutting their own throats by offering an all inclusive $49.99 service (local and long distance svce)? I mean after all, if they didn't they would have to charge an average of about $60.00 per month per customer for LD only... I guess its better for them to shoo away companies like Vonage and keep all the money for themselves. Blah to Skype and purveyors of things big companies can't cash in on (sarcasm ... you know ;O)
Well since I hate my classmates, I think I will scan their yearbook picture, create an account as them, then ramble on about mercy killings etc... ... Wonder what will happen when this occurs.
Torrentspy's complaint includes claims that the man whom the MPAA allegedly paid $15,000 to steal e-mail correspondence and trade secrets has admitted his role in the plot and is cooperating with the company.
MPAA: How much to get us information on this evil company
h4x0r: d00d 3y3 c4n pwn3rfy th3m f0r ch3ep w1f my 0d4y j3etsp34k to0lbar!
It does cost zero to install and use. What I was talking about was on a corporate level just so you understand. I don't see IT managers of Fortune 500's or 1000's rushing to replace IE with Firefox do you? Since you want to bring up Firefox (which is what I'm using just so you know), you do know that throughout this year there have been just as many if not more bugs with it then IE. If you also care to notice, Firefox as does most software developers place their bug notices mainly after they've been patched. Not once have I seen any developer of any software place a "Hey before you use this product here are its bugs" note on any site, disclaimer, etc.
How about making a list of known bugs available to your customer prior to purchase?</i> I don't think the Board of Directors on any publicly traded company will allow this. The problem with many traded companies (and I'm using publicly traded companies since MS is mentioned) would be that the company wouldn't likely meet financials. Hence many pouring out shoddy programs. Imagine the trading price of MS if it did ship a list of known bugs alongside their products... I would think consumers would wait for a stable product before buying. Even if they did ship what they deemed a stable product, whose to blame for someone finding a flaw? The programmer who didn't have an insight to think outside the box similar to the hacker (and I use that term in its purest sense) who broke the product? Speaking of MS...
From: Microsoft Security Response Center <secure@microsoft.com>
To: "xxxx" <xxxx@hushmail.com>
Cc: Microsoft Security Response Center <secure@microsoft.com>
Thank you for the update with regards to your findings. We are still
going through the repro stages of the case and there appears to be some
confusion over the concern. Do you happen to have a network trace of the
behavior that I could work with our development teams in reviewing to
ensure that we are looking at the same concern and avoid any possible
confusion on the matter?
Thanks,
Adrian
Microsoft Security Response Center
I've broken MS' MSRPC in a real bad way. There are no ifs ands or buts. I passed the information off to Microsoft instead of passing code to a full disclosure list. I've replicated this over and over, remotely and locally. I know for a fact because of the architecture of networking they will never be able to fix this. So what would you think as a consumer about to purchase a product with a hole that can never be filled.
As noted in the article: "Private citizens and the government could likewise place cookies on library books to monitor who's checking them out." And how is this not being done as is. For anyone who goes into a library, records of what books you check out are kept since you have to submit your library card. Most public libaries are known/thought to share this information with government as it stands. In response to Exxon Mobile SpeedPass ""Texas Instruments used an untested cipher." The Johns Hopkins lab found that the code could be broken" ... That was then, this is now... The test in question was done some years back. How about verifying something now instead of crying over spilled milk. Can this be replicated now, if so why didn't they write about it. Did they solely include this information to inject FUD into the RFID security scene. Another noteworthy statement: "VeriChip, the only company making FDA-approved tags, boasts on its Web site that "this 'always there' identification can't be lost, stolen, or duplicated." It sells the chips to hospitals as implantable medical ID tags and is starting to promote them as secure-access keys." Of interesting note would be that, many hospitals' maternity wards have chips for newborns that are supposed to alert staff if a baby is removed. While parents may find this "useful", it does nothing if someone simply... (drum roll) cuts off the tag. Aside from that instance of stupidity, in many instances, one need only to inject noise interference to disable many RFID tags... So instead of getting all geeky and narrowing down a band, find yourself a decent noise generator capable of jamming a frequency and just do a five finger discount on a bag of Doritos. Go for it, its on the house and I'm sure those security personnel whose jobs were lost from companies depending on RFID will love you for it
Say what? Sounds similar to what the Bush administration via the NSA is doing only on a public level. For those who want to ramble on about privacy and abuse take note that just about every other week some company has lost their records, or someone has infiltrated their networks and gained access to records. If that's not enough to make you throw in the towel when it comes to protecting your privacy, never ever apply for a credit card, never sign a document, never reveal anything about yourself to anyone. What most fail to realize when complaining about these things is that hardly anyone takes the time to read the Terms of Service agreements. Whether its via purchasing something online, or paying your T-Mobile bill. If one did, one would take note at craftily worded crud a vendor created spelling out how they plan to share your information with others. So who is to blame when you bought something from Company A who sold your info to Company B and Company B loses your info or dishes it out. Or... Who will you blame when Company A who promised not to disclose your info is bought by Company B who made no promise to... As for privacy, get over it... Its diminishing slowly because you the people are allowing it.