Recent Entries in Hacking

This man is my hero.

phil_zimmermann.jpg

Voice Encryption May Draw U.S. Scrutiny - New York Times

Philip R. Zimmermann wants to protect online privacy. Who could object to that?

He has found out once already. Trained as a computer scientist, he developed a program in 1991 called Pretty Good Privacy, or PGP, for scrambling and unscrambling e-mail messages. It won a following among privacy rights advocates and human rights groups working overseas â.. and a three-year federal criminal investigation into whether he had violated export restrictions on cryptographic software. The case was dropped in 1996, and Mr. Zimmermann, who lives in Menlo Park, Calif., started PGP Inc. to sell his software commercially.

Now he is again inviting government scrutiny. On Sunday, he released a free Windows software program, Zfone, that encrypts a computer-to-computer voice conversation so both parties can be confident that no one is listening in. It became available earlier this year to Macintosh and Linux users of the system known as voice-over-Internet protocol, or VoIP.

Symantec has asked a U.S. court to order a halt to the development of Windows Vista, claiming that its rival is wrongfully incorporating Veritas storage technology into its next-generation OS.

Symantec sued Microsoft yesterday, seeking unspecified damages and also asking the court to remove Symantec's storage technology from a variety of Microsoft products, including Windows XP, Windows Server 2003, and the upcoming Vista and "Longhorn" Windows Server products.

"We're asking them to remove the technology, because it belongs to us," a Symantec spokesman said.

The dispute centers around an August 1996 agreement between the two companies that granted Microsoft the right to use Veritas Software's volume management technology in its Windows NT product. Symantec purchased Veritas in a $10.2 billion acquisition that closed last year.

PCWorld.com - Symantec Sues Microsoft to Stop Vista

Neat article by Bruce Schneier, author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World

Wired News: The Eternal Value of Privacy

The most common retort against privacy advocates -- by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures -- is this line: "If you aren't doing anything wrong, what do you have to hide?"

Some clever answers: "If I'm not doing anything wrong, then you have no cause to watch me." "Because the government gets to define what's wrong, and they keep changing the definition." "Because you might do something wrong with my information." My problem with quips like these -- as right as they are -- is that they accept the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

Two proverbs say it best: Quis custodiet custodes ipsos? ("Who watches the watchers?") and "Absolute power corrupts absolutely."

Cardinal Richelieu understood the value of surveillance when he famously said, "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." Watch someone long enough, and you'll find something to arrest -- or just blackmail -- with. Privacy is important because without it, surveillance information will be abused: to peep, to sell to marketers and to spy on political enemies -- whoever they happen to be at the time.

Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance.

We do nothing wrong when we make love or go to the bathroom. We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need.

  How to back up a DVD

This article is a tutorial that explains the process of backing up a DVD on a PC using DVD Shrink. While there are many software solutions for backing up DVDs, the one on Windows I like is DVD Shrink. The program I use to burn CDs and DVDs is Nero. This article assumes your computer is already equipped with a burning program. An explanation of DVD Shrink and its features is available in a previous article. DVD Shrink will use Nero for burning if it is detected, but does not require Nero. Nero â..Expressâ. edition can be purchased very inexpensively (@ buycheapsoftware.com for example). This tutorial will be a concise explanation of how to get the most out of your backup. There are many reasons to make a backup copy of DVDs one has purchased, keep reading to learn how to improve the quality of your re-encoded backups.

How to back up a DVD - Pain in the Tech

The U.S. government has asked a federal judge to dismiss a lawsuit by a San Francisco civil liberties group against AT&T because it says the case could reveal military and state secrets.

The class-action suit by the group, the Electronic Frontier Foundation, on behalf of AT&T customers accuses the company of unlawful collaboration with the National Security Agency in its surveillance program to intercept telephone and e-mail communications between the United States and people linked to al Qaeda and affiliated organizations.

President George W. Bush authorized the intercepts following the September 11 attacks without court approval.

In a "Statement of Interest" filed on Friday, the government asked U.S. District Judge Vaughn Walker to throw out the suit, saying the government "cannot disclose any information that may be at issue in this case."

"The government intends to assert the military and state secrets privilege (that) permits the government to protect against the unauthorized disclosure in litigation of information that may harm national security interests," it said.

"In addition to asserting the state secrets privilege, the U.S. also intends to file a motion to intervene for the purpose of seeking dismissal of this case," the filing said.

The Electronic Frontier Foundation said in a statement issued late on Friday that "evidence regarding AT&T's dragnet surveillance of its networks, currently filed under seal, includes a declaration by Mark Klein, a retired AT&T telecommunications technician, and several internal AT&T documents."

U.S. seeks to dismiss AT&T secrets suit - Reuters.com

Sometimes, you need to make sure that a file you've deleted is really gone. I use about 7-8 different computers in a typical week, and on all of them I use utilities that do daily secure wipes of all free space.

Fortunately, there are some very good freeware apps to accomplish this.

For the most part, I use Blowfish Advanced CS, which integrates Bruce Schneier's famous encryption algorithm (featured once on 24). Fro my experience Blowfish Advance CS has a very small footprint and is very fast.

Brian.Carnell.Com

Wonâ..t Deliver Emails Mentioning www.DearAOL.com

UPDATE After this press release was sent out Thursday afternoon, AOL stopped blocking email with links to www.DearAOL.com. Officials at the company stated that problems of this nature generally take three to five working days to fix. However, this was fixed after 24 hours of undeliverability - and approximately twenty minutes after this press release was widely distributed. This incident only increases our worry about organizations who don't have the ability to seek instant press attention. The next time AOL's anti-spam filters fail for a small organization â.. or one without political muscle â.. will they move so quickly to fix them? Or will they push organizations to just sign up with Goodmail and pay to avoid the problem?

San Francisco - AOL is blocking delivery to AOL customers of all emails that include a link to www.DearAOL.com. Today, over 100 people who signed a petition to AOL tried sending messages to their AOL-using friends, and received a bounce-back message informing them that their email "failed permanently."

"The fact is, ISPs like AOL commonly make these kinds of arbitrary decisions â.. silently banning huge swathes of legitimate mail on the flimsiest of reasons â.. every day, and no one hears about it," said Danny O'Brien, Activism Coordinator of the Electronic Frontier Foundation (EFF). "AOL's planned CertifiedEmail system would let them profit from this power by offering to charge legitimate mailers to bypass these malfunctioning filters."

After reports of undelivered email started rolling in to the DearAOL.com Coalition, MoveOn co-founder Wes Boyd decided to see for himself if it was true.

EFF: Breaking News

It's a screensaver. No, it's a packet sniffer. No wait ...

PacketFountain: Network Sniffing Screensaver

  Mixed ruling for Google

A US federal judge has denied a government request that Google be ordered to hand over a sample keywords, but required the company to produce some web addresses indexed in its system.

In a 21-page ruling, Judge James Ware of the US District for the Northern District of California said the privacy considerations of Google users led him to deny part of the Justice Department's request.

"To the extent the motion seeks an order compelling Google to disclose search queries of its users the motion is denied," Judge Ware wrote.

US Attorney General Alberto Gonzales had subpoenaed Google to turn over data the government wanted from the company as part of the Bush Administration's attempt to defend a federal law on child pornography on the internet.

Australian IT - Mixed ruling in search battle (Eric Auchard and Adam Tanner in San Francisco, MARCH 20, 2006)

Sometimes the most well thought out practical jokes trigger an uneven brand of justice that falls under the laws of unintended consequences. While not formally codified and ill defined, the law of unintended consequences is very real, as a Google-focused prank pulled by 15-year old Tom Vandetta amply illustrates.

Reading through SEO focused blog entries, Vandetta found an article that explained how to fool Google's news system by writing fake press releases. Sensing an opportunity to experiment and play a joke on his friends, the self-described "Google fanboy" decided to see what would happen if he submitted a fake Google press release claiming the 15-year old New Jersey student was Google's youngest employee.

The press release was issued through the free service I-Newswire and contained a number of spelling mistakes.

The SEO Blog: Google News Credibility Foiled By 15-Year Old

The Electronic Frontier Foundation, a digital rights advocate, has issued a warning to consumers about using an enhancement to Google Desktop that stores copies of the contents of their hard drives on the search companyâ..s servers.

The startlingly stern warnings came shortly after Google announced a new feature on Thursday that allows users to search the contents of one computer from a second computer.

In order to achieve that end, Google Desktop, the application in question, stores the contents of one computer on Googleâ..s servers so that a user can search those files from his or her second computer.

The EFF urged consumers not to use the feature called â..Search Across Computersâ. because it makes their personal data vulnerable to government subpoena, private litigants, and hackers.

RED HERRING | Google Desktop Boycott Urged

Yeah, just what I need. A certified email about penis enlargement. Two things about this:

1. Now spammers can easily bypass the filters by spending a little dough

2. Now I've got to pay money to get an email through

ABC News: You've Got ... Certified E-mail?

"You've got mail," and now you may have "certified" mail. AOL and Yahoo users will soon see it in their inboxes â.. certified e-mail sent, at a price, with a stamp of approval.

The Internet (and e-mail) giants have partnered with Goodmail Systems, which will charge companies about 1/4 cent to send a message that will bypass spam filters. It's expected that nonprofit organizations will pay less.

"This is an optional service," said Richard Gingras, CEO of Goodmail Systems. "Right now it's open to messages from businesses to their existing customers."

But some e-mail service providers complain that "certificated mail" is nothing more than an e-mail tax.

"AOL and Yahoo, and especially AOL, stand to gain significantly from this arrangement," said Matt Blumberg, CEO of e-mail consulting firm Return Path. Blumberg, whose company assists businesses such as eBay and American Express reach their customers by e-mail, says "there are uses for certification but not to solve spam."

A civil liberties organization filed a class-action lawsuit against AT&T Corp. Tuesday for collaborating with a U.S. National Security Agency (NSA) program to intercept Internet and telephone communications of U.S. citizens without authorization from a court of law.

The Electronic Frontier Foundation (EFF), based in San Francisco, filed the suit against AT&T for giving the NSA direct access to its databases of communications records, including whom their customers had phoned or sent e-mail to in the past. The suit was filed Tuesday in the United States District Court of the Northern District of California.

EFF is suing the former AT&T Corp. before it merged with SBC Communications Inc. to become AT&T Inc., said Kevin Bankston, a staff attorney with the EFF. However, the suit also is intended to protect customers of the new AT&T as it continues to merge the operations of the previously separate companies.

Macworld: News: EFF sues AT&T over U.S. wiretapping program

The government contends it needs the data to determine how often pornography shows up in online searches as part of an effort to revive an Internet child protection law that was struck down two years ago by the U.S. Supreme Court on free-speech grounds.

The 1998 Child Online Protection Act would have required adults to use access codes or other ways of registering before they could see objectionable material online, and it would have punished violators with fines up to $50,000 or jail time. The high court ruled that technology such as filtering software may better protect children.

The matter is now before a federal court in Pennsylvania, and the government wants the Google data to help argue that the law is more effective than software in protecting children from porn.

The Mountain View-based company told The San Jose Mercury News that it opposes releasing the information because it would violate the privacy rights of its users and would reveal company trade secrets.

Feds seek Google records in porn probe

####### Begin Eschelon Block #######
unibomber anthrax plutonium militia delta force ruby ridge atf batf waco
oklahoma city assault rifle randy weaver sog sof oliver north vince
foster m-16 hillary clinton bill clinton marx crack m-60 c5 c7 mlk black
panthers fbi chemical weapons twa 800 roswell white slavery history of us
foreign policy terrorist freedom flight simulator
####### End Eschelon Block #######

... oh, whoops.

Wired News: Mass Spying Means Gross Errors

There are few, if any, studies demonstrating the effectiveness of mass surveillance. People with something to hide are adept at speaking in codes. Teenagers tell their parents they are "going to the movies" when they are going to drink beer. Attackers know to misspell the victim's name, as journalist Daniel Pearl's kidnappers and murderers did, to evade e-mail surveillance. Meanwhile, modern filtering technology can't distinguish between breast cancer websites and pornographic ones.

Any search algorithm, whether public or not, is unlikely to be able to distinguish between innocent and criminal communications.

Even if the technology works, it fails. Even if a TMS was 99.9 percent accurate, it will produce a false positive one in 1,000 times. Whether it's facial recognition at the Super Bowl, or sifting through e-mail communications, TMS will inevitably produce an unacceptably high number of false positives. Hundreds of thousands of innocent people will not be allowed to board their planes, will have their houses searched, their bank accounts frozen -- at least until the mistake can be cleared up. At best, a "hit" will require someone to look more closely at the information, and we'll need more agents to do it than we currently have, or could have.

The American Civil Liberties Union on Tuesday said it had filed suit against the National Security Agency, alleging that its warrantless wiretapping program is unconstitutional and that President Bush, in authorizing it, exceeded his constitutional authority.

"President Bush may believe he can authorize spying on Americans without judicial or congressional approval, but this program is illegal, and we intend to put a stop to it," said ACLU Executive Director Anthony D. Romero.

Shortly after the September 11, 2001, attacks, Bush reportedly authorized the NSA to intercept communications between people inside the United States, including American citizens, and terrorism suspects overseas, without obtaining a warrant.

CNN.com - ACLU sues over NSA eavesdropping program - Jan 17, 2006

In a recent essay, Kevin Kelly warns of the dangers of anonymity. It's OK in small doses, he maintains, but too much of it is a problem: "(I)n every system that I have seen where anonymity becomes common, the system fails. The recent taint in the honor of Wikipedia stems from the extreme ease which anonymous declarations can be put into a very visible public record. Communities infected with anonymity will either collapse, or shift the anonymous to pseudo-anonymous, as in eBay, where you have a traceable identity behind an invented nickname."

Kelly has a point, but it comes out all wrong. Anonymous systems are inherently easier to abuse and harder to secure, as his eBay example illustrates. In an anonymous commerce system -- where the buyer does not know who the seller is and vice versa -- it's easy for one to cheat the other. This cheating, even if only a minority engaged in it, would quickly erode confidence in the marketplace, and eBay would be out of business. The auction site's solution was brilliant: a feedback system that attached an ongoing "reputation" to those anonymous user names, and made buyers and sellers accountable for their actions.

And that's precisely where Kelly makes his mistake. The problem isn't anonymity; it's accountability. If someone isn't accountable, then knowing his name doesn't help. If you have someone who is completely anonymous, yet just as completely accountable, then -- heck, just call him Fred.

Wired News: Anonymity Won't Kill the Internet


"Whoever...utilizes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet... without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person...who receives the communications...shall be fined under title 18 or imprisoned not more than two years, or both."

Last Thursday, President Bush signed into law a prohibition on posting annoying Web messages or sending annoying e-mail messages without disclosing your true identity.

In other words, it's OK to flame someone on a mailing list or in a blog as long as you do it under your real name. Thank Congress for small favors, I guess.

This ridiculous prohibition, which would likely imperil much of Usenet, is buried in the so-called Violence Against Women and Department of Justice Reauthorization Act. Criminal penalties include stiff fines and two years in prison.

"The use of the word 'annoy' is particularly problematic," says Marv Johnson, legislative counsel for the American Civil Liberties Union. "What's annoying to one person may not be annoying to someone else."

Create an e-annoyance, go to jail | Perspectives | CNET News.com


About Me

About the Blogger

I suppose if you've been reading my site for any length of time, you're probably curious to know who I am, and why I think people will read my blog. Online, I'm known as Zuckervati, mostly because it's easy...
» More ...

Mailing List Signup

What? There's a mailing list?

Sign up for the Mailing List


Follow Me on Twitter


Recent Entries

Tag Cloud

politik / film / video / skeptic / cewl / techno / humour / haxors / nosh / can-con / gaming / religion / weird / sex / funny / eco / music / stupid / photos / cocktails / George Bush / blogosphere / flickr / travel / evolution / politics / creationism / creationist / mobile / awful / photography / Star Wars / awesome / geek / bartending / coffee / drinking / mixology / alcohol / liquor / bartender / cocktail recipe / cats / food / Savoy Cocktail Book / science / Lovecraft / books / parody / Cthulhu / articles / TV / pets / John McCain / Movable Type / promos / cartoons / sci-fi / Canada / Radio Zuckervati / cool / Roger Ebert / system / atheism / comics / reviews / technology / writing / zombies / anime / anonymous / MMO / Star Trek / television / Alinea / animation / Batman / Futurama / Halloween / horror

Twitter Stream

D H McKee's bookshelf: to-read

Sunset and Sawdust
tagged: to-read
The Thicket
tagged: to-read
Hyenas
tagged: to-read

goodreads.com


Close