lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <000001c2de1b$a67628c0$0201a8c0@fosi>
From: steve.wray at paradise.net.nz (Steve Wray)
Subject: Cryptome Hacked!

>From the group charter:
"Politics should be avoided at all costs."

So discussion about the discussion of politics is ok
but discussion of politics is not?

8-/

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
> Kevin Spett
> Sent: Thursday, 27 February 2003 5:29 p.m.
> To: Sung J. Choe; full-disclosure@...ts.netsys.com; jya@...eline.com
> Subject: Re: [Full-Disclosure] Cryptome Hacked!
> 
> 
> RE: [Full-Disclosure] Cryptome Hacked!>> a) What do you mean 
> by "leftist"?
> > By scrutinizing some of the occasional statements made by 
> persons posting
> > at cryptome, one can assume that the politics of the site 
> operators leans
> > towards the left.  Read the message traffic generated by 
> "The practical
> > reason the US is starting a war." and you will understand.
> 
> Okay, while you were busy scrutinizing occasional statements, 
> the rest of us
> look at consistent, broad and prevaling themes.  John Young's 
> views are
> unique enough that they do not fall into either of the two 
> categories that
> people love to imagine the whole spectrum of political 
> opinion is divided
> into.  Reasonable people don't care to reduce any given 
> political stance as
> being some point on a line with "Left" on one end and "Right" 
> on the other.
> While Bill Clinton (who I heard was a Democrat, which in 
> turn, I hear are on
> "the Left") was in office, the ideas and information 
> expressed on Cryptome
> were constantly in opposition to his policies, actions and 
> propositions.
> The fact that the Clipper Chip had the support of "the Left" 
> didn't seem to
> deter Cryptome from criticizing it.
> 
> "The practical reason the US is starting a war" is an overt 
> editorial (it's
> an email message) that discusses war and its possible 
> consequences.  It
> doesn't discuss anything that could be correctly classified 
> as "Leftist".
> Or did I miss a line in there about how stronger government 
> regulation of
> the means of production would produce a society in which 
> wealth were more
> justly distributed?  It's written by someone whose opinions 
> (no matter how
> ridiculous they are) might be of interest to people who 
> follow cryptography.
> Bonus information: it is neither written by, nor expressly 
> endorsed by John
> Young.  It's just an opinion that has been posted.  If you 
> care to, you can
> write a disagreeing opinion and it'll be put up on the 
> thread, just like
> other people have.
> 
> >> b) What do you mean by "anti-American" (sic)?
> 
> > I would personally define anti-American as being in a state of mind
> > where every action taken by the US government is 
> represented as being
> > against American interests.  Therefore, my definitions of 
> anti-American
> > and anti-government are essentially identical.
> 
> Let's look at the language you use here: "every action taken by the US
> government" and "against American interests".  As for the 
> first, it's a
> silly hyperbole that isn't even true when you limit its scope 
> to that which
> is reasonable: cryptography, intellectual property, privacy 
> and government
> intelligence.  When the US government relaxed the export 
> controls on PGP or
> when the Communications Decency Act was defeated did John 
> Young rail on and
> on about how they were horrible events and how the government 
> was a terrible
> institution for allowing them to occur?  Hmmm, I must have not checked
> Cryptome that day.  As for the latter... if John Young dissaproved of
> actions that he felt were "against American interests", 
> wouldn't that make
> him pro-American?  Your arguments seems at odds with one another.
> 
> Also, many people do not define the word "American" as the 
> ideas and actions
> supported by those in power in American government.  
> Similarly, definitions
> of "anti-government" vary.  I'm fairly certain that John Young is not
> inherently against government.  He would probably like a 
> government that
> made it a priority to protect the civil liberties of its citizens.
> 
> > Just because somebody can formulate an argument based on one, two,
> > or three documents does not mean that they grasp the full meaning
> > of the subject in question.
> 
> Don't you know it!!!
> 
> > Yet, that's how most of the "opinions" and "arguments" are 
> presented;
> > with one or two sources.  And besides, what is "real information"?
> > Ever hear of "public diplomacy"?
> 
> Every article on Cryptome should be considered individually.  
> Typically,
> they are more informative and give more information about 
> their sources than
> CNN.com or the ten o'clock news.  I'm not really interested 
> in debating
> epistemology here.  Do you believe that no information is 
> real and that
> we're really living in the world of the Matrix where the evil 
> AIs of the
> future are battling humans for control of the earth?
> 
> >> I've never seen any kind of anarchist advocacy on
> >> cryptome.  Dissent does not make you "anti-government".
> 
> >Responsible dissent is indeed a duty of US citizens.  How you define
> > responsible is up to you.
> 
> >> d) For the most part, Cryptome distributes documents... like,
> >> in plaintext format.
> 
> > True, but they also present snippits of those docs along with a
> > headline.  The sections that they choose to snip fascinates me in
> > terms of the content which they feel is important.
> 
> Again, it's silly to seek more information in a few 
> "snippets" than in a
> large quantity of actual content.  I'm sure that you and your 
> buddy Ann
> Coulter like to sit around for days and talk about "spin" and 
> "bias" while
> other people choose to debate things of actual meaning.  Cryptome is a
> blatantly baised site; It doesn't take a detective to realize 
> that.  That
> doesn't neccessarily damage its integrity.
> 
> >> e) How is John Young an "extremist"?
> > Would you describe him as being conservative, or moderate 
> in his approach?
> > If not, he is an extremist in my eyes.
> 
> Again, you choose to oversimplify things... are conservative, 
> moderate and
> extreme the only things that are out there?  When I think of 
> extremists, I
> think of people like the Black Panthers, Adolf Hitler, Hamas 
> and Thomas
> Jefferson.  John Young runs a website.  He simply isn't in 
> the running for
> Extremism.
> 
> >> Are you trying to imply that John Young is trojaning
> >> the software that his site (infrequently) distributes?
> 
> > Not at all.  I believe that Mr. Young wishes to provide his
> > community access to good crypto software.  I also believe
> > that he is committed to his cause.  However, I do think that
> > those who work for/with No Such Agency would like that.
> 
> You think that the NSA is modifying widely distributed crypto 
> software?
> Okay, that's possible.  How about some proof?  You can 
> speculate endlessly
> on the behaviour of an organization that no one has a lot of 
> information
> about.
> 
> > Cryptome (note Crypt) does indeed distribute and advocate the
> > use of PGP and other encryption and/or privacy enhancing software.
> > Given the more-paranoid-than-normal state of most of the cryptome
> > visitors (myself included), I would think that quite a high 
> percentage
> > of them download and use the software for their own reasons.
> 
> You posted a message saying that cryptome had been hacked and 
> that you were
> concerned about software that it mirrors might be tampered 
> with not only on
> Cryptome but on other sites.  The software that cryptome has 
> is also located
> in many, many other places and thus it would be easy to spot 
> differences
> between them.  If you want to start asking "how do I trust the hashing
> tool", "how do I trust the crypto algorithm" or "how do I 
> trust the compiler
> that I'm using to build the code that I wrote to implement 
> the algorithm",
> you've wandered outside the scope of what most people on this 
> list care to
> answer.
> 
> > In conclusion, for you to attempt to describe cryptome as if it was
> > C-SPAN, or the Library of Congress is incredible.  If you 
> believe that
> > the operators of cryptome have good intentions towards the 
> US government,
> > than you are also naive.
> 
> Cryptome is a site that strongly promotes a very specific 
> agenda which is
> often at odds with established public policy and popular 
> opinion.  It also
> publishes opinions of dissent that it may not fully support 
> but feel deserve
> discussion and exposure.  Neither John Young nor Cryptome are 
> many of the
> things that you have described them as.  The purpose of my 
> message was to
> point out what I believe were errors in how you portrayed them.
> 
> 
> Kevin.
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ