lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 07 Nov 2009 14:06:42 -0800
From: mikelitoris@...hmail.com
To: full-disclosure@...ts.grok.org.uk
Subject: Re: How Prosecutors Wiretap Wall Street

> But to gather intelligence about what terrorists are up to, even 
if a US citizen is involved, should not require a warrant.

This is all well and good, until the definition of terrorist is 
changed and you become labeled a "terrorist" because your "reason" 
is suddenly counterproductive to someone else's "opinion".  You 
must apply the warrant requirement consistently.  Otherwise, when 
interpretation of the word "terrorist" changes, it affects the 
meaning of the law.  And call me crazy, but I'm just not willing to 
assume that someone won't abuse the power of being able to surveil 
US citizens and do exactly what Nixon did, spy on their 
competition/detractors.  Surely you can admit that some people do 
things that they wouldn't normally do when big money and big power 
are involved.  After all, "Those who cannot learn from history are 
doomed to repeat it."  Don't be so naive to think it can't happen 
again.

> Intelligence works best in a world of secrecy.

So does deception.  Significantly more so, in fact.

> As I've pointed out now several times, it's analogous to people 
that get all hot and bothered by the fact that admins have access 
to the data on their computers.

Yes, but that computer probably doesn't belong to me but instead to 
my employer.  If it belongs to me, you better have a policy that 
prevents me from using it at work, and/or a login disclaimer 
informing me of your right to monitor what I do if I connect to 
your network.  If not, you better damn well have a warrant if you 
want to take a look at my property.  And as far as I know, there's 
no login disclaimer on the interwebs that allows the government to 
monitor what I do on that network, nor on the telephone, or my 
mobile phone contract.

> From what I've read getting a warrant in 72 hours is almost 
impossible.

Ahah!  Now we're on to something.  Here's an idea.  Make it easier 
to get that warrant when you need it.  Improve the process, so that 
when requested, a warrant can be turned around in hours, not days.  
Don't remove the requirement altogether.  That's simply inviting 
trouble.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ