|
|
|
|
|
|
| Author |
Message |
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
 Posted: Wed May 17, 2006 7:40 pm Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
responder wrote:
| Quote: | Hello Group. I will post some links that seem related, along with a
line or two about the nature, source or significance of each source.
|
----
From wikipedia, The Free Encyclopedia, article on interlock protocol:
Excerpt:
The Interlock Protocol, as described by Ron Rivest and Adi Shamir, was
designed to frustrate eavesdropper attack against two parties that use an
anonymous key exchange protocol to secure their conversation. A further
paper proposed using it as an authentication protocol, which was
subsequently broken.
Also:
The Interlock Protocol was described (1) as a method to expose a
middle-man who might try to compromise two parties that use anonymous key
agreement to secure their conversation.
Link:
http://en.wikipedia.org/wiki/Interlock_Protocol
----
I am quoting below from other recent messages on this ng (cols), but
omitting attribution. Please note that these quotations may be out of
context with one another, but are all related to MITM, and may be useful
all in one place. I believe they are factually correct. Apologies to the
various authors and tothose who may have already read and understand this
material.
----
From thread: https confusion
However, current asymmetric methods are all subject to an attack called
the MITM (man in the middle) attack. There is another very long thread,
where we have addressed that issue in another context. It might be very
interesting to you. Seek for the thread with the topic "Any reasons to
filter ARP packets?" in this group.
| Quote: | Seems to me that all the bad guys have to do is to watch you log
on to an https (monitor your traffic) and they would know everything
about how to duplicate your log on.
|
No. See above. They need to be that MITM guy to do that. And by using
constant key pairs (key-based authentication), you can effectively prevent
even that.
----
| Quote: | The idea behind the customer's request is that he only wants his
road warriors to access the site and only with encryption.
|
So the information is confidental and needs to be transmitted
authentically. In other words, you need both encryption and
authentication.
From thread: Any reasons to filter ARP packets?
The latter method allows an attack, which is called the 'man in the
middle' (MITM) attack. With this one, you can not only intercept network
traffic, but even manipulate it. As a funny attack, you could intercept a
chat session and also write forged messages for your victim, without him
noticing this. Now, there is a much more serious MITM attack. If not set
up properly (i.e. in the default configuration), you can decrypt almost
_any_ encrypted connection. Yes, this includes SSH/SSL connections, so
you can very well get access to remote machines (via SSH) or steal credit
card information (via SSL, e.g. via HTTPS).
----
| Quote: | Does this mean in particular that the ISP can decrypt almost any
encrypted traffic of us, its clients?
|
Exactly. But if your ISP did this more often, then sooner or later, you
were going to detect it, at least when comparing key fingerprints by hand.
You can overcome that problem by using key-based authentication, where no
MITM attack is possible.
----
Now, as [redacted] has pointed out, the big problem is the secure delivery
of the keys/certificates to and from the particular servers.
Unfortunately, many people (including server administrators) just don't
care.
----
I would just leave all ARP replies enabled. You still can add static ARP
entries for your friends, but there is really no need to disable ARP
replies for other machines, unless you would like to completely suppress
communication between you and those hosts. But even then, there are much
better means of filtering, because ARP filtering cannot prevent
communication. It is easy for someone to get to your MAC address.
The very big problem about Windows users is that they effectively cannot
use static ARP entries. On Windows, a 'static' entry is static in terms
of surviving a reboot. You can still override it with forged ARP replies
to that machine. This is something, I have already tested in a
medium-scale office network. The attack works against every NT version of
Windows (NT, 2000, XP, 2003). I didn't have the opportunity to test it
against 95-based Windows versions (95, 98, ME).
So I have to repeat: Forget ARP filtering; secure your connections
otherwise, using cryptographic techniques. To prevent sniffing, you need
encryption. To prevent MITM attacks (which include sniffing), you need
proper authentication (i.e. key/certificate-based). In other words: You
need both. Personally I don't use certificates, because they are
effectively the same as keys, but unlike keys they include identity
information. There is nothing bad about that, but using keys is simpler,
and more widely supported (example: SSH cannot handle certificates).
----
| Quote: | By this, you can defend against MITM attacks for packets from you to
the router (but not the other way), and sometimes this speeds up
communication. But you don't gain any further security; especially
you cannot defend against sniffing in a switched ethernet. The
attacker always has the ability to do ARP flooding, effectively
turning the switch into a broadcast device. There is nothing you
could do about that.
Thus one can sniff traffic of whole districts with hundreds of thousand
people living there. 
|
As long as they are directly connected by some kind of network. This is a
very old issue. Virtually anyone sitting in front of the administration
panel of an internet router can sniff all traffic going through it.
Again, this is old.
The very big problem about switched ethernet networks is the way hosts
distribute their MAC addresses. This makes one further and much more
dangerous attack possible: the MITM attack. That goes beyond sniffing
and allows to even break and intercept encrypted connections, and/or
inject forged packets into them.
The only way to defend against the MITM is key- or cert-based
authentication. Just to encrypt everything is not enough. And you need
some secure channel to distribute your key. It's best to meet your
friends personally and give them a floppy disk. Do not distribute your
key via internet, because the MITM is waiting there. ;)
----
By the current state of things, Mallory cannot be defeated, unless there
is some secure channel (e.g. handing out keys personally). Anyway,
methods are known to detect MITM attacks reliably. One of the methods is
to use the so-called interlock protocol. But now we are getting beyond
the scope.
| Quote: | That is not to say that on-the-fly key negotiated encryption does not
have value, but just that it will not protect against MITM, at all.
|
Exactly. Encryption not enough, unless you make sure that traffic
interception is the best network-oriented attack. |
|
| Back to top |
|
 |
John
*nix forums addict
Joined: 05 Mar 2005
Posts: 59
|
| Posted: Wed May 17, 2006 8:27 pm Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
On Tue, 16 May 2006 00:42:40 -0400, responder wrote:
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a line
or two about the nature, source or significance of each source.
eff.org, the Electronic Frontier Foundation filed a lawsuit vs. AT&T in
January, for illegally handing over its customers' telephone and Internet
records and communications to the National Security Agency. Current links
re: the legal process, from EFF, are here:
http://www.eff.org/news/archives/2006_05.php#004662
Some excerpts:
May 15, 2006
Government Files Secret Motion to Dismiss AT&T Surveillance Case
[...]
"The government is trying to lock out any judicial inquiry into AT&T and
the NSA's illegal spying operation," said EFF Staff Attorney Kurt Opsahl.
"It is illegal for major telecommunications companies to simply hand over
private customer information to the government. They should not be allowed
to hide their illegal activity behind government assertions of 'state
secrets' to prevent the judiciary from stepping in to expose and punish
the illegal behavior. If the government's motion is granted, it will have
undermined the freedoms our country has fought so hard to protect."
[...]
"The press has already widely reported on the illegal domestic
surveillance that is the basis for our case. Allowing a court to determine
whether AT&T broke the law would in no way harm national security. Indeed,
our case is meant to protect Americans -- by requiring that the AT&T
follow the law and protect its customers from unchecked spying into their
personal communications," said EFF Staff Attorney Kevin Bankston.
On Wednesday, May 17, at 10 a.m., a U.S. District Court judge in San
Francisco will hear oral arguments about the unsealing of critical
documents in the lawsuit. The sealed evidence at issue includes a
declaration by Mark Klein, a retired AT&T telecommunications technician,
and several internal AT&T documents that support EFF's allegations. AT&T
wants the documents returned and argues that they should not be used as
evidence in the case. For more information about attending the hearing,
please email press@eff.org.
|
Hello responder,
Here is a link to some further information on the capabilities of the
Narus machinery being used in this screening operation:
http://yro.slashdot.org/yro/06/05/17/1629227.shtml |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Thu May 18, 2006 12:07 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
John wrote:
Hello John,
.... and thank you. To this informative link and the many comments
included there, I add the internally linked article from Wired News,
posted this morning, about the technology being used,
The Ultimate Net Monitoring Tool
http://www.wired.com/news/technology/0,70914-0.html?tw=rss.index
and this, the home page of the Narus site:
Narus secures the health and profitability of Services over IP
http://www.narus.com/
I hope to post some discussion of how to detect MITM, asap.
Thanks again. |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Fri May 19, 2006 5:42 pm Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a line
or two about the nature, source or significance of each source.
|
For those following the case of EFF v. AT&T, this is an important ruling
to allow the contested evidence. This page is from the Electronic
Frontier Foundation "Defending Freedom in the Digital World":
May 17, 2006
EFF Can Use Critical AT&T Documents in Surveillance Lawsuit
Evidence For Illegal Spying Case Will Remain Under Seal for Now
San Francisco - A federal judge in San Francisco ruled today...
http://www.eff.org/news/archives/2006_05.php#004681 |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Sun May 21, 2006 7:58 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
responder wrote:
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a
line or two about the nature, source or significance of each source.
|
For the benefit of any new readers, these links are on topic with this
newsgroup because there is credible reason to suspect or believe that
there are MITM's active in the United States internet infrastructure, that
the MITM's are quite possibly or probably being operated by NSA, and that
legal inquiries are being consistently met with challenges by the US DOJ
and/or the US DOD so-named "State secrets".
For those unfamiliar with MITM, MITM means man-in-the-middle, and amounts
to complete abrogation of any and all security in internet transmissions.
And, the problem with allowing any one MITM, for whatever reason, is that:
If you allow one, you allow all. If you allow a MITM run by US NSA, you
also allow any MITM's by al Qeda, or anyone else. The only acceptable or
rational response to detection of a MITM is to locate it and disable it.
Here are links to and descriptions of some most current news articles.
---
pressherald.mainetoday.com is an affiliate of thew Boston Globe and the
New York Times.
http://pressherald.mainetoday.com/news/state/060520verizon.shtml
This article is the latest I could find on the progress of an inquiry
initiated by a small group of citizens in a State regulatory format.
Saturday, May 20, 2006
Verizon: Any role in spying is secret
By ANN S. KIM, Portland Press Herald Writer
Copyright © 2006 Blethen Maine Newspapers Inc.
Verizon responded to a Maine Public Utilities Commission complaint on
Friday by saying that it cannot confirm or deny any involvement in the
National Security Agency's domestic surveillance program.
---
These following links are related to the US national domestic wiretapping.
This link is from theage.com.au
http://www.theage.com.au/news/world/top-us-spy-attacks-rumsfeld/2006/05/19/1147545526060.html
Top US spy attacks Rumsfeld
By Michael Gawenda, Washington
May 20, 2006
PRESIDENT George Bush's choice to head the CIA has attacked Defence
Secretary Donald Rumsfeld for selectively using intelligence before the
Iraq invasion.
---
This link is by Charlie Savage at the Boston Globe, and affiliate of the
New Your Times. You may recognize the author's name. It is about the UN
panel's review of US torture. (By the same people who are wiretapping us
US people, and trying to change and censor the news that we can see in the
US. It is Laura's husband and his friends.)
Monitors of torture treaty rebuke US
Close Guantanamo, UN panel urges
By Charlie Savage, Globe Staff | May 20, 2006
WASHINGTON -- A United Nations anti-torture panel yesterday urged the
United States to shut down its Guantanamo Bay detention camp, close any
secret overseas CIA prisons, and halt the use of what it said are cruel
and degrading interrogation techniques.
http://www.boston.com/news/nation/washington/articles/2006/05/20/monitors_of_torture_treaty_rebuke_us/
Best wishes for a good spring Sunday. If you find these things
disturbing, print them. Copyrights usually allow one printed copy as
"fair use". Print your one "fair use" copy of each article and bring it
to a competent counselor of your choosing. Please do.
Please do something about this, if you are at all concerned. Please be
assured that you will have my very best wishes and whatever material help
I can offer. Awareness itself is valuable.
Thanks for reading. Best wishes. |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Tue May 23, 2006 9:17 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a
line or two about the nature, source or significance of each source.
|
There are two "stories" that I would like to point you to today, both of
which have already scrolled off the google news default pages. One is
about US General Gonzales' threat to prosecute newspapers and journalists,
and the second is the release of documents in the AT&T wiretap case.
"...And the last shall be first, and the first shall be last."
...or something like that...
This is hot stuff hosted by wired.com.
Press Release Source: Lycos, Inc.
Wired News Publishes Full-Text of AT&T NSA Wiretap Documents Monday May
22, 12:36 pm ET
WALTHAM, Mass., May 22 /PRNewswire/ -- Lycos, Inc. (http://www.lycos.com),
a media destination for creators and consumers of quality content, today
announced the following information from Wired News
(http://www.wired.com), the award-winning leader in online news content,
covering news that "counts" in technology, business, politics and culture,
and the online home of WIRED Magazine.
This morning, Wired News released the full text of the AT&T documents
provided to it by a witness in a court case involving AT&T's alleged
participation in National Security Agency's domestic wiretap operations.
http://biz.yahoo.com/prnews/060522/nem039.html?.v=43
Why We Published the AT&T Docs [...]
*
See Also
* Court Deals AT&T a Setback
* Stumbling Into a Spy Scandal
* AT&T Whistle-Blower's Evidence
* The Ultimate Net Monitoring Tool
* The Eternal Value of Privacy
* AT&T Seeks to Hide Spy Docs
* Whistle-Blower Outs NSA Spy Room
* AT&T Sued Over NSA Eavesdropping
* A Pretty Good Way to Foil the NSA
By Evan Hansen| Also by this reporter 02:00 AM May, 22, 2006
http://www.wired.com/news/technology/0,70947-0.html?tw=wn_index_3
There's more here than can be properly summarized. Read through all the
"Story continued" links to the end.
Excerpt:
This is the infrastructure for an Orwellian police state. It must be shut
down!
So, OK, back to the mundane. General Gonzales threatens to prosecute
Newspapers and journalists. This is a page story from "Voice Of America",
you know, the cold-war propoganda machine (seems fairly objective):
http://www.voanews.com/english/2006-05-21-voa19.cfm
And this is the same story from firstamendmentcenter.org
Gonzales: Reporters can be prosecuted for revealing classified info
By The Associated Press
05.22.06
WASHINGTON — Prosecuting reporters who reveal state secrets endangers not
only freedom of speech but the public's right to know what politicians and
government officials are up to, says an advocate for journalists.
http://www.firstamendmentcenter.org/news.aspx?id=16921
And then, there is this, from Reuters. I had a problem with a link on
this page, the one that takes you to page 2. The article could all fit on
one page, but Reuters split it into two pages. And the links (2) to the
second page didn't work. It could have been a javascript error on the
page, but I couldn't see what was wrong. Except that the link didn't
work. Similar to mangled links on google. Yes, I looked at source. Maybe
a Micro$oft javascript thing? The script does seem to refer back to code
on the server that is not visible to the user. Same story; different
result, here:
http://today.reuters.com/News/newsArticle.aspx?type=politicsNews&storyID=2006-05-21T172024Z_01_N21173642_RTRUKOC_0_US-SECURITY-LEAKS-GONZALEZ.xml
A very long URL with probably personally encoded data. I called seven
different numbers/people at Reuters, from US to Geneva. To almost the
last, they simply disconnected, or else simply did not respond. The Tech
support in Geneva was good and attentive, basically ended by saying "works
for me". The Reuters people in UK (Christopher Barnett -sp?)- I have the
number - were decidedly the most cordial, communicative and
conversational, but referred me back to US Reuters - US Washington
+12028988457 or US NYC +16462236180 or Network Center on LI NY, look it up
with whois reuters.com. I do still read Reuters daily. But they are a
pretty insular clique, not accepting of people like me or of inquiries
from people like me. Trying to talk with people like most them that I
reached, it is impossible to determine any cause or cure.
I promised a note on how to _detect_ MITM, and still hope to do that.
I am working on securing definitive, legally verifiable evidence that data
transmissions are being altered, and thus MITM is active. This appears to
be just a matter of time and work, as the outcome is now pretty clear.
Might take some time. Hope I don't stub my toe or some such in the
interim and get laid up. Anyone cares to step in or up as backup, that's
cool.
Meanwhile, please read the disclosure at wired,com. The entire release is
available as a pdf document it this location:
http://blog.wired.com/27BStroke6/att_klein_wired.pdf
Don't forget to look at this page, as it does change. http://www.eff.org/ |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Wed May 24, 2006 6:51 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
responder wrote:
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a line
or two about the nature, source or significance of each source.
|
Forgive please. I have not even finished reading this rather long
article. I cannot vouch for the host or author. If you need ironclad
guarantees of safety, are not interested in adventure, if you are not
prepared to wipe your disk and reinstall from trusted media, do not visit
this link. Haven't gotten to the end yet, but what I have read so far
resonated with me. Maybe some other of you wild invulnerable, triply
protected adventurers might like to read. Lots of internal links. ...
Very blog-like. ... Y'all know, just like where the real news is today.
Thank Laura's husband for that, he's such a ... , such a ...
Um here's the link
http://www.thesimon.com/magazine/articles/canon_fodder/01160_national_security_first_amendment_reason.html
All good to you. |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Wed May 24, 2006 6:45 pm Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a
line or two about the nature, source or significance of each source.
|
Rueters is reporting today on a report by the U.S. Justice Department's
inspector general.
Title:
Report: FBI missed China spying warning signs
Excerpts:
--------
Inspector General Glenn Fine said that Katrina Leung, who was accused of
being a double agent, had been paid more than $1.7 million by the FBI and
that she had a longtime affair with her handler in Los Angeles, FBI agent
James Smith.
[...]
Leung was originally accused of taking classified documents from Smith but
the case was dismissed because of prosecutorial misconduct that prevented
Smith from talking to her attorneys.
--------
This is related to a Chinese double agent, Katrina Leung, and there
appears to be plenty enough blame to go around. Having read published
news about this for years, I'm still trying to piece together a rational
time-line concerning what happened when, and who knew about it.
Perhaps the inspector general's report does a better job explaining than
Reuters has, but doubt many will be reading its 235 pages. Probably
someone independent of govt. influence should examine these issues to see
that any remaining issues have now been satisfactorily resolved. I
somehow doubt they have been.
The article is by Reuters, served by Yahoo:
http://news.yahoo.com/s/nm/20060524/pl_nm/crime_fbi_dc
I last read about this in connection with an interview with a former NSA
intelligence agent turned wistleblower. The discussion and identity of
the speaker makes a very close connection between this Chinese agent and
the NSA domestic wiretap issue.
This page is dated Tuesday, January 3rd, 2006, and the interveiw discusses
events years in the past and up to the (then) present. It is by Democracy
Now, "Independent, Unembedded Media". A full transcript is available
free via http, and they also serve a full length video via RealMedia
format, audio in mp3, and by CD.
Title:
EXCLUSIVE: National Security Agency Whistleblower Warns Domestic Spying
Program Is Sign the U.S. is Decaying Into a “Police State”
http://www.democracynow.org/article.pl?sid=06/01/03/1435201 |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Thu May 25, 2006 7:57 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
responder wrote:
| Quote: | Hello Group. I will post some links that seem related, along with a
line or two about the nature, source or significance of each source.
There are two "stories" that I would like to point you to today, both of
which have already scrolled off the google news default pages. One is
about US General Gonzales' threat to prosecute newspapers and
journalists, and the second is the release of documents in the AT&T
wiretap case.
"...And the last shall be first, and the first shall be last."
...or something like that...
This is hot stuff hosted by wired.com.
Press Release Source: Lycos, Inc.
Wired News Publishes Full-Text of AT&T NSA Wiretap Documents Monday May
22, 12:36 pm ET
|
[bla bla I wrote it, I diss it]
Get this link and _save_ the content on your local disk. It is important.
http://blog.wired.com/27BStroke6/att_klein_wired.pdf
This is the 30 pages of evidence and testimony that underlies the EFF.org
lawsuit against AT&T. It is the evidence under seal. It is publicly
presented under authority of Mark Klein, who was explicitly exempted from
seal and gag order. Get this now and save it. The parent page is
already under internet attack by NSA MITM. There will be a hearing next
in San Francisco, CA, USA on June 21, (if I got that all right).
EFF will say this information has already been legally and lawfully
published (true) and is widely known. Please help make that true, and
protest knowledgeably and vigorously at any assertion to the contrary.
That will be EFF's argument to counter "secrets" arguments. Court has
already ordered conference to produce redacted versions to satisfy all
parties.
I have seen that the pages at wired.com have been altered (apparently in
transmission) to prevent viewing of some features. Excuse if I don't
explain at length at this time. Get the stuff and save it to your local
disks, asap. Thanks.
It is copyrighted. Excerpt:
Export of Information
The United States Export Controls laws prohibit the export of certain
technical data and software to certain territories. No content from this
site may be downloaded or otherwise exported in violation of United
States law.
Jurisdiction and Choice of Law
All claims or issues regarding this Web site, shall be governed according
to the laws of the State of Delaware. Any legal action concerning these
Terms or this Web site must be brought within one (1) year after the
claim or cause of action arises and must be brought in the State of
Delaware.
Terms of use Privacy statement
Copyright © 2006 Lucent Technologies. All rights reserved.
This is definitely an ongoing battle for secrecy by the Bush
administration, in what should not be secret. It is not secret. It is
legally and publicly available and known.
Please all, do try to be part of the solution, rather than part of the
problem. Thanks.
I do not want to be making any choices between security and privacy. To
my understanding, surrendering privacy does not enhance security. The
things that I believe that I have seen do destroy privacy, and also
concurrently destroy security. NSA and administration policy is
demonstrably wrong and destructive.
Please download and save this. When the proper time comes, we may all
each need to e-mail (or print and snail-mail) our one legal "fair use"
copy to the one person who can make the right decision. I really would
hope that this would not become necessary, but don't know what to
reasonably expect or believe anymore.
Thank you for reading and thank you for doing as asked. (TIA) |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Fri May 26, 2006 8:21 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a line
or two about the nature, source or significance of each source.
|
Good morning, group. Today we have taken the Friday off, ahead of the US
Memorial Day holiday weekend, and will be placing flowers, scrubbing
headstones of their lichens and moss, sowing grass seeds in cemetery.
In our own small way we honor the individual and many family, friends,
neighbors and unknown service people who have honorably served to defend
what they thought to be the best (US) ideals and bastion of freedom. We
Honor them and we Honor their bereaved family members. In our own small
way we are making our statement that their lives were worth living, and
that their passings are remembered. In our own small ways, we remember
them as best as we can. As long as we remember them, they are still alive
and loved in our memories.
I wanted to point y'all back to new news at eff.org.
Excerpt:
Key Portions of Critical Documents Unsealed in AT&T Surveillance Case
AT&T has set up a secret, secure room for the NSA in at least one of the
company's facilities—a room into which AT&T has been diverting its
customers' emails and other Internet communications in bulk—according to
evidence in key documents partially unsealed today in the Electronic
Frontier Foundation's (EFF's) class-action lawsuit against the telecom
giant.
Link:
http://www.eff.org/
What is EFF?
EFF is a nonprofit group of passionate people — lawyers, technologists,
volunteers, and visionaries — working to protect your digital rights.
Have a good day, a good holiday and a good weekend. |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Wed May 31, 2006 5:59 am Post subject:
Re: Update #2 - Re: Google Bobbles NSA wiretap searches
|
|
|
| Quote: | responder wrote:
[...]
Hello Group. I will post some links that seem related, along with a
line or two about the nature, source or significance of each source.
|
There are now many articles published in mainstream press or media re the
NSA wiretap issues. The primary expose (about which itself many questions
remain unanswered) was from The New York Times in December 2005. The
Electronic Frontier Foundation lawsuit (see: eff.org) v. at&t (January
2006) was a landmark event in this issue, and followed by a multitude of
additional lawsuits, as for example (please see:)
http://www.aclu.org/safefree/nsaspying/25647prs20060524.html
Just at this point I'll ask readers to see the last paragraph of this
message before taking any reaction. It is quoted from John Conyers.
But the important part of this issue that is not yet in the mainstream (or
any?) press, is that there are apparently MITM's at work throughout the
USA (still working on verification, but believed with cause to be true at
this time), that are modifying content in real time as it is transmitted
through key communications nodes in major US American cities. If this
"impression" that multiple MITM's are at work is true, it is a very
serious privacy and security violation. It would not be helpful to US
security or to the security of people in any other Nation in the world.
Read about MITM in wikipedia.org.
A seemingly reliable listing of current News Articles on the NSA wiretap
issues, that I have found useful, and that still appears to be functioning
normally is at this URL:
http://news.google.de/news?hl=en&ned=us&q=NSA+wiretap&ie=UTF-8&scoring=d
Also the same (type of) URL's using the servers reached at news.google.com
(from within the USA) and news.google.ca are believed by writer to give
good listings.
I think, probably, Google will not now answer further, at least not
without further prodding from me. I have the original correspondence and
"trouble ticket number" in my mail client, and I may tickle them again on
this as time allows, and as evidence accrues and supports.
I have been in contact with Reuters (uk, us and ca) and am cautiously
hopeful that I may be able to get some human assistance there in
confirmation of my findings. Reuters is different than Google in that
Reuters are accustomed to human telephone contact, while Google uses
essentially text. There are persistent issues with links being "mangled"
and non-functional (here in US) on both Google News and Reuters on-line.
It is in chasing down and verifying the reasons for the "mangled links"
where the conclusive evidence for the MITM's lies.
Here are some of the links to articles I have read in the past week that I
thought were particularly relevant or noteworthy. They are mostly from
high volume news servers like Yahoo, and are probably as safe to view as
most other web addresses. But I cannot guarantee any link. Use your own
good sense, knowledge and discretion whenever "surfing" the web.
http://news.yahoo.com/s/thenation/20060524/cm_thenation/20060605shapiro
Opinion
The Wiretapping Tango
Bruce Shapiro Wed May 24, 12:00 AM ET
The Nation -- As more facts emerge in the NSA's warrantless call-tracking
scandal, it's clear that this isn't about government abuses alone: It's
also a delicate tango between security agencies and telecommunications
executives. The government may lead, but its essential partners are the
phone companies that own the switches, computers and call-routing
software.
http://www.securityfocus.com/brief/215
FCC declines to investigate the NSA
Published: 2006-05-24
The Federal Communications Commission, tasked with regulating
communications companies and investigating violations of relevant laws,
has declined to look into the allegations that three large telcos
cooperated with the National Security Agency to wiretap domestic phone
calls and Internet communications.
http://news.yahoo.com/photo/060523/480/36557e5238f249e5a527a68dde7a3a40&g=events/pl/021006cialeakcase
....Picture worth a thousand words...
http://wired.com/news/columns/0,70971-0.html?tw=wn_index_2
By Jennifer Granick| Also by this reporter 02:00 AM May, 24, 2006
Circuit Court columnist Jennifer Granick Circuit Court
This month USA Today reported that the National Security Agency has been
compiling and searching a massive database of Americans' telephone call
records and data mining it for suspicious patterns. NPR reported that this
activity was part of the same eavesdropping program The New York Times
revealed in April.
http://news.yahoo.com/s/huffpost/20060525/cm_huffpost/021589
Opinion
Shayana Kadidal: The NSA's Favorite Urban Legend: "We Couldn't Get a FISA
Warrant for Moussaoui's Computer"
Shayana Kadidal Thu May 25, 4:01 AM ET
Last week Arlen Specter proposed a second bill to gut the protections of
the FISA statute and legitimize the NSA's warrantless surveillance program
(his first proposal was quickly supplanted by a more radical bill by
Senator DeWine, which we talked about here).
http://www.tompaine.com/articles/2006/05/25/big_brothers_history.php
Big Brother's History
John Prados
May 25, 2006
John Prados is a senior fellow of the National Security Archive in
Washington, D.C., and author of Hoodwinked: The Documents that Reveal How
Bush Sold Us a War (The New Press).
The National Security Agency’s warrantless domestic wiretaps and its logs
of Americans’ phone calls are the most controversial, but by no means the
only, surveillance initiative underway that has chilling implications for
all Americans. American history is littered with examples of similar
instances of security programs gone awry. It is three decades now since
the Church Committee concluded, “The tendency of intelligence activities
expanding beyond their initial scope is a theme which runs through every
aspect of our investigative findings.”
http://news.yahoo.com/s/ap/20060527/ap_on_go_pr_wh/domestic_spying_lawsuits
White House invokes privilege in spy cases
By DAVID B. CARUSO, Associated Press Writer Sat May 27, 6:04 PM ET
NEW YORK - The Bush administration has asked federal judges in New York
and Michigan to dismiss a pair of lawsuits filed over the National
Security Agency's domestic eavesdropping program, saying litigating them
would jeopardize state secrets.
http://news.yahoo.com/s/nm/20060530/ts_nm/court_whistleblowers_dc
Court rules no whistle-blower free-speech right
By James Vicini Tue May 30, 4:59 PM ET
WASHINGTON (Reuters) - A closely divided U.S. Supreme Court ruled on
Tuesday that government whistle-blowers are not protected by free-speech
rights when they face employer discipline for trying to expose possible
misconduct at work.
....
Relative to the following link, I watched on c-span tv the US Senate
Judiciary Committee hearing (first of 3?), with John Conyers, among other
(very) notables. Regrettably, I did not find a link to the on-line video
of that hearing. However here are two more preliminary links (preliminary
to the final link in this message):
http://c-span.org/
http://news.yahoo.com/s/nm/20060531/pl_nm/congress_raid1_dc
Law needed to limit FBI raids: Sensenbrenner
By Andy Sullivan Tue May 30, 9:12 PM ET
WASHINGTON (Reuters) - House Judiciary Chairman James Sensenbrenner said
on Tuesday he plans to draft legislation that would protect congressional
material during searches by government investigators.
And here, the Conyers interview:
http://www.zmag.org/content/showarticle.cfm?SectionID=72&ItemID=10316
Who is John Conyers?
John Conyers interviewed by
Joel Whitney
May 24, 2006
Guernica
Congressman John Conyers, D-Michigan, began his career in the House of
Representatives in 1964, which makes him the second most senior member
in the chamber. He has spent much of his tenure trying to maintain the
Congressional role of oversight. He was part of the House panel that
investigated the impeachment of President Nixon. More recently, he has
looked into alleged irregularities in the 2004 election, and sued the
president for his unorthodox method of signing his recent Budget
Resolution (Bush signed two different versions, which, Conyers
believes, is against the law).
[...]
We've got a president here who's whole bent is apparently toward
retaliating against critics in a very dangerous way; [along with]
countenancing torture, manipulating intelligence that leads us to decide
to go into war, [and determining] whether citizens and how many of them
can be wiretapped rather than getting the authority from a court which is
easily—even retroactively—available. So, I want to move forward in a way
that will escape any accusations of partisanship. |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Tue Jun 20, 2006 7:36 am Post subject:
Update #3 - Re: Google Bobbles NSA wiretap searches
|
|
|
responder wrote:
| Quote: | Breaking News ...........
Google Bobbles NSA wiretap searches
|
It is still unclear, unacknowledged and unproven whether or not Google was
complicit in the "disappearance" of the "NSA wiretap" family of news
article stories from the default Google News pages. On April 29, 2006,
there were over 1000 articles linked in this group, and it was the "number
1" top story. And then the entire group of stories (published news
articles) "disappeared" from the default Google News pages.
One possibility is that Google was complicit, and voluntarily removed this
news from their pages. Another possibility is that the pages served by
Google were reworked in transit by NSA MITM to remove this entire group of
stories (news articles).
The news articles in question are still being cataloged by google and are
available by a separate search. The (a) URL to retrieve these links is:
http://news.google.de/news?hl=en&ned=us&q=NSA+wiretap&ie=UTF-8&scoring=d
The Executive department of the US government (GWB, the US DOJ, etc.) have
taken extraordinary actions to keep these matters out of the public eye.
They have even threatened to prosecute journalists who write about these
matters. However there are still lawsuits in progress, and one is due for
hearing this week.
http://www.eff.org/deeplinks/archives/004741.php
Government Asserts It Is Above the Law
http://www.eff.org/legal/cases/att/
EFF's Class-Action Lawsuit Against AT&T for Collaboration with Illegal
Domestic Spying Program
http://www.eff.org/
EFF Homepage:
EFF is a nonprofit group of passionate people — lawyers, technologists,
volunteers, and visionaries — working to protect your digital rights.
Some other recent writings:
http://freeinternetpress.com/modules.php?name=News&file=article&sid=7284
Without A Clue, Data Mining For Security Is Ineffective
http://www.thenewamerican.com/artman/publish/article_3991.shtml
In The News : TNA Online Last Updated: Jun 19th, 2006 - 17:27:51
The Surveillance State Unveiled (by Thomas R. Eddlem) by Thomas R. Eddlem
June 26, 2006
There are very serious issues involving security of (all) internet
traffic, and ultimately security on the streets of our cities and towns.
Our common security cannot be enhanced or protected when one secretive
group of people claim to protect us by breaking every model of security
and stability. These are very powerful people who have explicitly
threatened to launch attacks with Nuclear Weapons against any "enemy".
And they claim immunity from any other entity within their own government,
or from anywhere in the world. |
|
| Back to top |
|
|
SadOldGit
*nix forums beginner
Joined: 17 Jun 2006
Posts: 7
|
| Posted: Wed Jun 21, 2006 12:47 am Post subject:
Re: Update #3 - Re: Google Bobbles NSA wiretap searches
|
|
|
responder wrote:
| Quote: | responder wrote:
Breaking News ...........
Google Bobbles NSA wiretap searches
It is still unclear, unacknowledged and unproven whether or not Google was
complicit in the "disappearance" of the "NSA wiretap" family of news
article stories from the default Google News pages. On April 29, 2006,
there were over 1000 articles linked in this group, and it was the "number
1" top story. And then the entire group of stories (published news
articles) "disappeared" from the default Google News pages.
|
Google is not the only search engine - but be sure to find one that is
not in the pocket of the politicos
| Quote: | One possibility is that Google was complicit, and voluntarily removed this
news from their pages. Another possibility is that the pages served by
Google were reworked in transit by NSA MITM to remove this entire group of
stories (news articles).
|
as above
| Quote: | The news articles in question are still being cataloged by google and are
available by a separate search. The (a) URL to retrieve these links is:
http://news.google.de/news?hl=en&ned=us&q=NSA+wiretap&ie=UTF-8&scoring=d
The Executive department of the US government (GWB, the US DOJ, etc.) have
taken extraordinary actions to keep these matters out of the public eye.
They have even threatened to prosecute journalists who write about these
matters. However there are still lawsuits in progress, and one is due for
hearing this week.
http://www.eff.org/deeplinks/archives/004741.php
Government Asserts It Is Above the Law
|
No, it's not. Vote them out, loud and clear - it's supposed to be a
democracy!!
| Quote: |
http://www.eff.org/legal/cases/att/
EFF's Class-Action Lawsuit Against AT&T for Collaboration with Illegal
Domestic Spying Program
http://www.eff.org/
EFF Homepage:
EFF is a nonprofit group of passionate people — lawyers, technologists,
volunteers, and visionaries — working to protect your digital rights.
Some other recent writings:
http://freeinternetpress.com/modules.php?name=News&file=article&sid=7284
Without A Clue, Data Mining For Security Is Ineffective
http://www.thenewamerican.com/artman/publish/article_3991.shtml
In The News : TNA Online Last Updated: Jun 19th, 2006 - 17:27:51
The Surveillance State Unveiled (by Thomas R. Eddlem) by Thomas R. Eddlem
June 26, 2006
There are very serious issues involving security of (all) internet
traffic, and ultimately security on the streets of our cities and towns.
Our common security cannot be enhanced or protected when one secretive
group of people claim to protect us by breaking every model of security
and stability.
|
Yes, I agree, but these people should study a bit of history, and maybe
bring to mind what happened to Czar Nicholas and his family.
These are very powerful people who have explicitly
| Quote: | threatened to launch attacks with Nuclear Weapons against any "enemy".
And they claim immunity from any other entity within their own government,
or from anywhere in the world.
|
VOTE THEM OUT!! I'm writing from the UK, and Prime Minister BLiar has
his nose so firmly up the arse of G'Dubbya' that it is getting browner
by the minute.... |
|
| Back to top |
|
|
Russell E. Owen
*nix forums Guru Wannabe
Joined: 28 Feb 2005
Posts: 117
|
| Posted: Wed Jun 21, 2006 8:44 am Post subject:
Re: Update #3 - Re: Google Bobbles NSA wiretap searches
|
|
|
SadOldGit wrote:
| Quote: | responder wrote:
responder wrote:
Breaking News ...........
Google Bobbles NSA wiretap searches
It is still unclear, unacknowledged and unproven whether or not Google
was complicit in the "disappearance" of the "NSA wiretap" family of
news article stories from the default Google News pages. On April 29,
2006, there were over 1000 articles linked in this group, and it was
the "number 1" top story. And then the entire group of stories
(published news articles) "disappeared" from the default Google News
pages.
Google is not the only search engine - but be sure to find one that is
not in the pocket of the politicos
One possibility is that Google was complicit, and voluntarily removed
this news from their pages. Another possibility is that the pages
served by Google were reworked in transit by NSA MITM to remove this
entire group of stories (news articles).
as above
The news articles in question are still being cataloged by google and
are available by a separate search. The (a) URL to retrieve these
links is:
http://news.google.de/news?hl=en&ned=us&q=NSA+wiretap&ie=UTF-8&scoring=d
The Executive department of the US government (GWB, the US DOJ, etc.)
have taken extraordinary actions to keep these matters out of the
public eye. They have even threatened to prosecute journalists who
write about these matters. However there are still lawsuits in
progress, and one is due for hearing this week.
http://www.eff.org/deeplinks/archives/004741.php
Government Asserts It Is Above the Law
No, it's not. Vote them out, loud and clear - it's supposed to be a
democracy!!
http://www.eff.org/legal/cases/att/
EFF's Class-Action Lawsuit Against AT&T for Collaboration with Illegal
Domestic Spying Program
http://www.eff.org/
EFF Homepage:
EFF is a nonprofit group of passionate people — lawyers, technologists,
volunteers, and visionaries — working to protect your digital rights.
Some other recent writings:
http://freeinternetpress.com/modules.php?name=News&file=article&sid=7284
Without A Clue, Data Mining For Security Is Ineffective
http://www.thenewamerican.com/artman/publish/article_3991.shtml
In The News : TNA Online Last Updated: Jun 19th, 2006 - 17:27:51
The Surveillance State Unveiled (by Thomas R. Eddlem) by Thomas R.
Eddlem June 26, 2006
There are very serious issues involving security of (all) internet
traffic, and ultimately security on the streets of our cities and
towns. Our common security cannot be enhanced or protected when one
secretive group of people claim to protect us by breaking every model
of security and stability.
Yes, I agree, but these people should study a bit of history, and maybe
bring to mind what happened to Czar Nicholas and his family.
These are very powerful people who have explicitly
threatened to launch attacks with Nuclear Weapons against any "enemy".
And they claim immunity from any other entity within their own
government, or from anywhere in the world.
VOTE THEM OUT!! I'm writing from the UK, and Prime Minister BLiar has
his nose so firmly up the arse of G'Dubbya' that it is getting browner
by the minute....
|
Thanks for writing, SadOldGit. I do appreciate your comments and your
interest. Ideally, we should all be actively interested in this.
Google is not the only search engine, but just the most popular, with over
50% of the search market. I don't really think that I have an issue with
Google, any more than I would have an issue with any other search engine,
except if they are skewing their default pages under political pressure,
then they should disclose that. They have not done so, and they have not
responded to specific queries in this matter. One way or another, it is
time for an answer, an honest answer, a truthful answer. It is time.
If Google is under the thumb of the politicos and doesn't tell, how will
we know? If other search engines are under the thumb of the politicos and
doesn't tell, how will we know?
The politicians, GWB, General Gonzales et al have threatened to prosecute
any journalist who writes about anything that they think is "secret". We
will not know what they think is "secret" until they arrest us for writing
about it. Then they will think it is OK to detain us indefinitely without
warrant or Habeas Corpus, will think it legal to torture us, export us to
a foreign prison, indefinitely, without acknowledgment of even our
identities or detention. How many people are willing to write about
anything controversial under those conditions. (?) That would probably
be described as a "chilling" development, well afoul of the US
Constitution's First Amendment's guarantees of "Freedom of the Press".
Probably, it hardly functionally matters if the reasons are that all
search engines are under equal threat from the US Administration, or if
all traffic is routinely being altered in transit by MITM. Except, of
course that MITM has unlimited possibilities for maliciousness and abuse.
However, the point is, that if news and information are not freely and
inalterable available, then the concept of an informed electorate
influencing the government of a democracy, even a Republican democracy, is
completely void.
We can't vote them out if internet is moderated by MITM which is a
Republican agent. We can't vote them out if they have Diebold voting
machines that are crooked. We can't vote them out if they have so
gerrymandered the districts that "popular vote" no longer matters. We
can't vote them out. We can try again, but we have failed before. We
BEAT GWB in 2000 in the popular vote nationwide, but GWB still got the
win.
As you said:
| Quote: | Yes, I agree, but these people should study a bit of history, and maybe
bring to mind what happened to Czar Nicholas and his family.
|
It would be a very sad event to have to repeat this kind of history. This
is not the kind of thing we have come to expect from the political
processes in the US. However, it will indeed inevitably happen if the US
Government system of "checks and balances" does not kick in very soon to
limit this runaway administration.
No matter how redneck and ignorant this administration may think that we
US Americans are, they are mistaken if they think we will accept tyranny.
We would rather have anarchy than tyranny. GWB, put that in your pipe and
smoke it.
Voting is skewed. We are 70-30 now. If that is not enough to do the
elections then the markets will need to collapse and explosives will need
to explode in telephone offices nationwide. I don't really want that.
We'll all need SW radios to get wx reports. It sucks.
I will vote and will hope and urge others to as well. The markets are
already set to collapse. Lets hope to avoid explosions.
Thanks for writing. |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Tue Dec 02, 2008 2:45 pm | All times are GMT
|
|
Mortgage Calculator | Credit Cards | Credit Cards | Web Advertising | Debt
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
*nix
»
Linux
»
security
