lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat Feb 18 16:35:05 2006 From: chromazine at sbcglobal.net (Steve Kudlak) Subject: Orwell's country wants Big Brother backdoor in Vista cipher! Babak Pasdar wrote: >Here is a link to a blog entry I did on CALEA. I think you might find >it interesting. > > >http://dsb.igxglobal.com/plugins/content/content.php?content.29 > >Babak > > > > > > > > >On Fri, 2006-02-17 at 08:02 -0600, Leif Ericksen wrote: > > >>Yikes but go figure... That is step one at this point to many old farts >>around that would fight more intense step that is yet on the horizon. I >>see it coming some day and it is inevitable... Does anybody else know >>what step 2 is going to be when the old farts are gone? OR at least >>they can cram it down the throat of society starting with the younger >>ones... AKA the Children? >> >>Ok it goes something like this. TCPA is fully enacted on the hardware >>and almost a software level. But then again you might not need it on >>the software level, because of WorldGrid. Now your system will have no >>local hard drive, will have a flash ROM for the OS (Mac is now going to >>Intel so it will be easer for this to happen) ALL software vendors are >>attached to world grid so you will always have access to the latest and >>greatest software available. In comes Micro Transaction Billing. You >>will be charged a certain small amount to run the software you desire. >>Your files will be safe and secure on the grid as well so no matter >>where in the world you go you can always have access to your data. >>The story continues but I am sure you all can see the stage. Now of >>course your data is 'safe' because you can encrypt it on the Grid with >>your own password that you create. IF you have proper TCPA registration >>you are allowed on the grind and as thus on the Internet, if you do not >>sorry access denied! Back to the old days of using a modem on a BBS, or >>use of packet radio and the like. >> >>When the Governments of the world start and companies start trying to do >>this we know it will be the end of computers as we know them today. But >>as far as back doors in encryption goes, you seen these stories pop up >>every now and again. The only way to prevent a back door is to create >>your own security system and not put in a back door for your own use. >> >> >>That is the way things go in our great big an wonderful world. >> >> >>-- >>Leif Ericksen >>On Fri, 2006-02-17 at 12:56 +0100, Feher Tamas wrote: >> >> >>>Hello all, >>> >>>http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm >>> >>>According to the above article from BBC News, the british >>>parliament is urging Blair government to negotiate with >>>Microsoft to implement a backdoor into the strong hard disk >>>encryption module of upcoming Windows Vista from day one. >>> >>>The interior affairs committe of MPs heard testimony by >>>Cambridge security design expert Ross Anderson. The >>>academican said new TPM-based "BitLocker Drive Encryption" >>>schemes in Microsoft Vista would be too difficult to break >>>in the short timeframe terror suspects can be held without >>>charge and thus cases could collapse for lack of evidence as >>>detainees avoid self-incrimination by inventing tales of >>>lost keys and passwords. >>> >>>The expert's answer is to put a backdoor into the BitLocker >>>program code to bypass password and key checks. Critics >>>argue this move would be hypocrisy, since the TPM based >>>encryption method was invented to protect the interests of >>>music and movie industry in the first place, who wanted to >>>base their DRM schemes on encrypted files, which cannot be >>>modified, ripped or shared meaningfully. Thus encryption is >>>strong when used against the users, but would become weak or >>>non-existent when people could use it for personal legal >>>defence. >>> >>>Regards: Tamas Feher from Hungary. >>> >>>___________________________________________________________________________ >>>[origo] klikkbank lakoss?gi sz?mlacsomag havi 199 Ft-?rt, bankk?rtya ?ves d?j n?lk?l! >>>www.klikkbank.hu >>> >>> >>>_______________________________________________ >>>Full-Disclosure - We believe in it. >>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>Hosted and sponsored by Secunia - http://secunia.com/ >>> >>> >>>------------------------------------------------------------------------ >>> >>>_______________________________________________ >>>Full-Disclosure - We believe in it. >>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>Hosted and sponsored by Secunia - http://secunia.com/ >>> Living in the so called real wold I can understand this. It is very hard to just stop determoned US Federal Proescutprs who quietly in meetings politely threaten to bring all the powers of the state down on you if you don't comply. In the US much of the public thinks very highly of the Law Enforcement. The Law Enforecement types are very good at exploting this. They will have someone call and tell folks "hey you are being uncooperative and you are letting child molestors get away and we will tell the media about it " and that will work in most places in the US. However not as much on the Left Coast. In most of the US most businesses are very rattled about really offending the powers that be. There are a variety of reasons for this. Some is that marketeers tell them not to offend people becuase you will drive away the 30% of the "Patriot Act/Security Apparatus is Good" Loving Americans away. Some of it is because they have heard scare stories about someone who did accidentally fall afoul of the powers that be. Note this does not work anywhere as well on the "Left Coast" As far as the world grid stuff you'd have to have a totally Microsoft-like dominated world so much of that might be just might be on the paranoid side. What would work likely happen is that there would be a dedicated Linux/BSD and Open Source Community and it would have moderate amounts of free stuff that works. But the Microsoft and Microsoft like flashy stuff that is done by large things like Macromedia would have quiet security measures in it. Lots of prorammers might be lured by "make royalties on your software" and all that stuff they used to do with actors in TV series things. of old. Even though very few people really benefitted from the whole "residuals" and royalties stuff in the old days enough did that it was inspring enough to keep many people unquestioning of the system. Young Folks might not react if it were not in your face and say something enticing would be presented. Humans are prerry bad about predicting the future and the Taoists are still pretty much right. "I observe those that would try to control the whole world, I observe that they fail." Right now the California Legislature passed a Resolution pretty snarly about the Patriot Act and even companies here are quite snarly and say "only with valid US Court Order" . Now even in Ohio my friends say "Wow, I thought you guys out there were crazy but it maybe you are right those dudes in DC and what they want to do." Hmmm I switched into bold if you have HTML. Anyway I wonder if the Linux/BSD/Open Source people can come back with real encryption schemes that work and with enough point and clickiness that they would kind of make Microsoft look silly. Problem is they are not very good at having alternatives to command lines and things like that, and real publication software and art and presentation software beyond say GIMP. That is really important to people outside of the geeky universe. Note Well there are enough people here on both the Left and the Right, one of the few things they agree on is that all this spying on folks stuff is scary and bad. As long as there are no more terrorist noises too close to home the current administration is going to lose more and more people believing that that Law Enforcement and Intelligence needs more and more super powers at home. Worse yet if they are percieved as misuing them and being arrogant, which good heaven knows they are, then their measures and more importantly their world view will be on its way out. I won't try to speculate about what comes next. Of I would like to see the "pleasant left" get a chance at something major but I dunno about that. I also don't know about the old occult proverb "be careful of what you wish for, you may get it." and all that stuff. Have Fun, Sends Steve Have Fun, Sends Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060218/15a9723e/attachment.html
Powered by blists - more mailing lists