lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: felix.roennebeck at gaussvip.com (felix.roennebeck@...ssvip.com)
Subject: JAP back doored


>>"Drew Copley" <dcopley@...e.com> writes:
>>
>>    
>>
>>>If the US forces developers to trojanize their applications,
>>>      
>>>
>>Like everywhere else, ISPs are forced to install wiretapping 
>>equipment, which is basically the same.
>>    
>>
>
>In the US, criminals - not citizens - may be wiretapped at the ISP level.
>
And how does the US know who is criminal and who not without wiretapping ?

> As far as I recall, they are generally tapped at the system level. That way they don't have to worry about - for instance - PGP passwords.
>
Right. Your secret services are just trying to find ways to crack that 
keys or to get a backdoor to cryptographic products. No this might not 
be legal - but that does not say that it does not happen.

> But, in the US, even criminals have rights against their non-criminal activity being wiretapped. Tappers have to turn their wires off when they discuss non-criminal activity for a set amount of minutes.
>
Just the same in Germany (I'm just not sure about the number of 
minutes). Without a judge you are not allowed to wiretap anyone.

>Again, I am not bashing Germany, nor Germans. I just disagree that States should be able to trojanize applications and force the developers to keep silent about this. I do not care if it is Germany doing this or Romania. Who is the culpable party is unimportant.
>
I agree with you that states should not be able to trojanize 
applications this way. But your posts sound like "this does not happen 
in the US" and that is just bullshit. Your administration keeps 
prisoners in Guantanamo Bay without granting them any rights. I wouldn't 
be too sure that they really care about YOUR rights.

>If certain members of the US government felt this kind of activity was okay, I would be opposed to this.
>
Then you better start tpo become active.

> There is no shame in being critical of one's own government, nor of anyone else's... As long as that criticism is based on fact and inspired by pure motives.
>
ACK

>Lastly, if this was not clear, innocent citizens are not criminals.
>
ACK

> Innocent citizens should not be tapped.
>
In Germany there is a priniple in jurisdication that says "In dubio pro" 
wich means something like "as long as you cannot prove someone guilty 
he/she is not". But if someone is suspect you need to to prove him/her 
guilty. And how do you want to do that without any kind of supervision ?

> In some nations they are allowed to be tapped.
>
In germany they are allowed to be tapped if a judge sees enough 
evidence. IMHO that is ok.

> This is not the case in the US.
>
*LOL*  FBI and CIA don't exist but are a result of comunistic propaganda 
- or what are they good for if they don't tap people as long as they are 
not proven criminal ?

/Felix
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030825/8acf0cad/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ