lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: dcopley at eeye.com (Drew Copley)
Subject: JAP back doored

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



> -----Original Message-----
> From: Goncalo Costa [mailto:goncalo.costa@...qwest.pt] 
> Sent: Wednesday, August 27, 2003 10:17 AM
> To: Drew Copley
> Cc: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] JAP back doored
> 
> 
> 
> > On Mon, 25 Aug 2003 10:25:51 PDT, Drew Copley said:
> > > Carnivore is supposed to only tap suspects, not everyone.
> > >
> > > Carnivore captures on the addresses and subject lines of 
> emails, not 
> > > even the content.
> >
> 
> I've been reading all your emails without even replying, and 
> I really have to ask: do you really trust your government and 
> its agencies blindly as you seem to ? AFAIK those are only 
> people like everyone else.
> 
> I remember your comments on the "German government" and :
> - ever heard about Echelon ?
> - ever heard about Lotus Notes NSA backdoor key ?
> - ever heard about eavesdropping bases around the world in 
> other countries ?
> - ever heard about FBI actions against Martin Luther King ?
> - ever heard about ... ?
> 
> The list could go on indefinitely.

Don't be a smart ass. 

Your arguments have nothing to do with the argument at hand which is quite simple: Governments should have no right to force developers to trojanize their applications and keep silent about it.

I further added... Which probably brought the most valid contention... That it is illegal for nations to do this when they know these applications will be downloaded by people from other nations.

There have been some notes come out of this:

1> Germany has now removed this legal action, which is great
2> They intended to only watch traffic to a single German server, so this makes it far less severe then it may have been
3> The developers may not have been so forced into doing this, as much as willing -- I rather doubt this, especially since the order was rescinded, but their culpability does factor into this
4> I, personally, admit I would not care if they did this for a very serious reason such as for pedophiles or terrorists... I think a lot of people outraged would have to agree with this... However, I am sure a lot would not

As for the US government, this is utterly unimportant. I was playing around even to begin to mess with that. Yes, I am unaware of the US actively trojanizing applications by forcing the developers to do this. So are you. This is illegal. You wouldn't like it if it was the US doing this. So, what are your real motives here?



> 
> The world is made of people and people are the same 
> everywhere. Time and place don't seem to make a great 
> difference. Being naive and keeping your eyes shut doesn't 
> help either.

I love being called na?ve by teenagers that have never even seen a dead body.

You think for some reason that I am opposed to intelligence actions by the US? I am not even opposed to Germany if they did this because it was against terrorists or pedophiles.

You are the one quite na?ve if you believe your nation can exist free without an intelligence agency.

Regardless, the existence of intelligence agencies is entirely a different matter. What errors these agencies may have done in the past - US or German - is entirely irrelevant.

Each matter must be taken at a time. 

Apples give no insight into oranges.



> 
> I would also suggest a daily reading at http://cryptome.org/


Yeah, a lot of great American sites like this. In fact, I bet you know a lot more about the US intelligence then you do about Portugese.


> 
> Regards
> Goncalo
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBP00ZrwkWkugjEnC3EQI7XgCgs/upRFS4hAKVH/fw9PX7IyX6dHEAn0Jl
7N76crEv1Xu9wh0VmSDhIQ7o
=JHF6
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ