lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <m3lltmov01.fsf@worst-case.niehaus.dynodns.net>
From: killedbythoughts at mindcrime.net (Sebastian Niehaus)
Subject: JAP back doored

"Drew Copley" <dcopley@...e.com> writes:

[...]

Drew, you simply don`t understand the basics.

> A German cop has no jurisdiction over me. He has no jurisdiction over
> anyone outside of Germany.

Did he force you to use the software? Not. Uhh...

The idea of Open Source is that *you* can check, what the software
does for you. If you want trust, dont't rely primarily on others. Set
up an own proxy in *your* country.


[...]
 
> I also know you do not want the US government to backdoor US
> applications from US companies without telling you.
> 
> I know this to be true.

This is true indeed. 

But you had the source, hadn`t you?
 
> > > How is it they believe they have a right to trojanize 
> > > someone outside 
> > > of Germany?
 
Well, guess hwo many governments are interested in my phone calls to
Iraq. Definitly more than two. 

> > Nobody forces you to use the German service if you don't 
> > trust the operators or (thanks to recent events) German law 
> > enforcement.
 
> That is an empty argument not worth going into.

No. If you use a service located in a foreign country you should
expect, to be treated according to the laws in that country.

Legislation concerning privacy is on quite a low standard in the
united states. If I definitely want privacy, I dont't give my data
over there.
 
> > > This is blatantly illegal in just about every country outside of 
> > > Germany.  Literally.
> > 
> > No, it isn't.  Most countries with communication 
> > infrastructure have laws that regulate law enforcement 
> > access.  This is not a "stupid local law" issue.
 
> This also is an empty argument.

No.
 
> Basically, you are saying if it is discovered the NSA has a backdoor in
> Windows, that this is okay and no one has a right to complain, even if
> they are outside of the US.

Supposed I buy Windows somewhere in the world and use some network
connection: I don't use neccessarily communication ressources of a
third contry. There is not the faintest reason why the NSA could
reclaim a right to use any trojan features. See the difference?


But since you live in a free country and source code of JAP is
availiable I expect you to run some Proxies. I am *realy* interested
for how long they will be tolerated by the local authorities. Really.

[...]

> > Your country is eavesdropping foreign communication as well.
> 
> My country has not installed a trojan on my system, to my own knowledge,
> all rumors and speculation aside.

They intercept communication. They leave questionable foot prints in
closed source software. What is your contries contribution for Open
Source? GnuPG? Not really. Anonymous proxies? Not yet.

If you need a high level of secutity, use the source. You can do it
here.
 
> They have not hacked into my system.

Uh? Who "hacked into [your] system"? Poor adminstration skills? Oh,
sorry.

[...]

 
> But, Germany has decided that people don't have a right to use these
> tools. 

This is crap.

[...]


> > Please check the facts.  Germany doesn't an operate 
> > eavesdropping base in the U.S., but the U.S. do in Germany.
 
> I won't even go into that. I do not know what they do there, but their
> rights have been worked out with the German government. If you have an
> issue with that, you need to take that up with their government. 

Logging functions have been set up in accordance with german
courts. If you have an issue with that, you need to take that up with
the court.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ