Be careful

Discussion in 'Technical' started by melbo, Dec 20, 2007.


  1. melbo

    melbo Hunter Gatherer Administrator Founding Member

    I used to promote encryption and other forms of data storage and comms.

    Forget all I said. The NSA has pretty much bought up all of the means I used to employ. Encrypted or not, say nothing in an email, PM, or otherwise that you wouldn't mind seeing in the newspaper. Or in a folder in an interrogation room.

    We have nothing to hide but I think we are about to see a change for the worse in the way the .gov deals with mal-contents. Or even those that question it's authority. Or homeschoolers....

    Be careful

    http://infowars.com/articles/bb/nsa_gets_realtime_access_to_your_email.htm
     
  2. melbo

    melbo Hunter Gatherer Administrator Founding Member

  3. melbo

    melbo Hunter Gatherer Administrator Founding Member

    t was inevitable: the Advanced Research Projects Agency, later to become DARPA, right out of the Pentagon, created the internet. The RAND Corporation invented modern packet switching. DARPA and ARPANET recruited Vint Cerf of Stanford University to work on TCP/IP. Cerf is regarded as "the father of the Internet," or maybe that should be the military-NSA snoop network. Now we learn NSA increasingly controls SSL, now called Transport Layer Security, the cryptographic protocol that provides secure communications on the internet for web browsing, e-mail, instant messaging, and other data transfers. In other words, increasingly, the NSA is reading your email and everything you type in your IM client � and in real time, that is to say there is no delay in the timeliness of the information, the underwear drawer snoopers have the ability to read your IMs as you type them.
     
  4. melbo

    melbo Hunter Gatherer Administrator Founding Member

    "Certain privacy/full session SSL email hosting services have been purchased/changed operational control by NSA and affiliates within the past few months, through private intermediary entities," notes Cryptome .
    NSA.
     
  5. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Geekspeak aside, what this means is that the NSA is buying up key technology in an effort to snoop you even more closely. If this trend continues, we may as well call the internet the NSAnet.
    Moreover, according to Cryptome's research, if you own "security" software produced by Zone Alarm, Symantec, and MacAfee, you are in essence throwing out a welcome mat for the NSA and its bevy of underwear drawer sniffing goons. "All facilitate Microsoft's NSA-controlled remote admin access via IP/TCP ports 1024 through 1030," and without a "security flag," that it to say you will be none the wiser.
    It won't be long now before Winston Smith's telescreen is barking orders.
     
  6. melbo

    melbo Hunter Gatherer Administrator Founding Member

    This forum would not let me post the text of those services that had been reportedly bought by the NSA. If any of you can pst that text, I'd love to see it.
     
  7. KHAN

    KHAN Monkey+++

    Tried and couldn't. Got the same error you did. BE-A-UTIFUL!!!!
     
  8. Seacowboys

    Seacowboys Senior Member Founding Member

    paL3jpN7s96qTFSRG41q4K26QDY4mt4aoGh4FO7vO4cEkFGqMHL7uTwsSzoOsjmlIToe
    U74ra/xUAKok/o9amLfvhEe4f7IlpTJ7Ju90WKj5rm3xu5UtOokb05hIqR4heCJcnT+B
    7fw6uCgRFbP/Wzlk+vvW
     
  9. hartage

    hartage Monkey+++

    Correct me if I'm wrong here....

    Even if you have the source code for the program that does the encryption and decryption it is worthless if you also don't have the encryption key. That key is randomly generated or you can pick your own key. I understand that the key generation might not be random and getting the source code will matter then. Just pick your own key mix with random numbers, letters, symbols and case will fix that issue.

    As long as you have a strong key that won't fold to a dictonary attack and long enough to hold out against brute force you should be fine.
     
  10. hartage

    hartage Monkey+++

    Hope this sheds some light on it. I found it out on the net. Seems the issue are with filters on your hosting server.


    There's a known bug on the Forum that can result in the following error message when submitting a post or sending a private message...

    * * * * *

    Forbidden

    You don't have permission to access /private.php on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Apache/1.3.33 Server at www.tarotforum.net Port 80

    * * * * *

    The bug is caused by a security block on the forum's web server that stops certain words from being used, when followed by a space:

    'c-url'
    'l-ynx'
    'w-get'
    'u-name'
    'n-map'

    There's no way around the block unless either of these words are misspelled or broken up with dashes eg c-u-r-l, or surrounded with quotes. Otherwise, used normally they will trigger the above error message.

    Apologies for the inconvenience.
     
  11. TnAndy

    TnAndy Senior Member Founding Member

    Well, I hope if they are reading MY email, they have plenty of help......I get 100 spams a day, and have developed the fastest delete finger around.
     
  12. Brokor

    Brokor Live Free or Cry Moderator Site Supporter+++ Founding Member

    The hackers are the real danger to any government. As soon as a well developed hacker becomes noticed, they are instantly scooped up by the CIA, or name your favorite alphabet agency. There are lame, kitty crackers out there trying to make names for themselves, but of course they are no risk.

    Hackers rule the internet.[alien]
     
  13. Seacowboys

    Seacowboys Senior Member Founding Member

    I don't see how this will be any different that Condor, just more of it. They will still have to flag-hunt because there are just not enough people in the world, let alone NSA, to read every comment in real time. It makes me angry that they can do this but I don't intend to temper my opinion just because they might be listening; in fact, I'll take advantage of this and waste a lot of their time. Nuke, bomb, anthrax, IED, grenades, pelican brief, assassinate, WMDs, taze a cop, want some candy little girl?
     
  14. Tango3

    Tango3 Aimless wanderer

    http://blog.wired.com/27bstroke6/2007/11/hushmail-to-war.html
    thats the(pardon my use of the word here)"elegantly"sneaky part they buy up and dump these "Anonymous mail servers.who brag about encrytion and security.People signing up are lulled into a false sense of security.

    from the above link:"
    That everything seems to include sending a rogue Java applet to targeted users that will then report the user's passphrase back to Hushmail, thus giving the feds access to all stored emails and any future emails sent or received." p

    Seacowboys, me thinks you have hit upon a rather nasty bit of civil disobedience, I guess spam programs can churnout millons of emails witha keystroke.would you like a little Nuke with that viagra??$1.43 Caveat: obstructing the "law "efforts would be considered "domestic terrorism" anymore. I don't want to enable"evildoers" I just want a little sanity where my privacy is concerrned.
     
  15. Seacowboys

    Seacowboys Senior Member Founding Member

    How are they going to continue to pay for all this when the banks collapse? Maybe China will step in and help? Nato?
     
  16. ghrit

    ghrit Ambulatory anachronism Administrator Founding Member

    Of course they would help. What better way to get a line on the malcontent tribes? [flag][ghrit] [tf]
     
  17. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Agreed. But if I were a sneaky programmer, I'd build a backdoor into the app. Kida of like a password hint. Or add a small string within the encrypted output that actually contained the password but is encrypted with thier key, not mine. If I forget my password in many situations I can get it back using a default that I didn't know about.

    I'm sure it can be done. Especially since I don't actually see the machine working as it works... It just spits out my gibberish and I assume it is legite. Computer assisted code works in the chip, not in a code book or machine like enigma.

    I would not trust any freely available encryption apps any longer. SOmeone here should write one for us using 'from scratch' tech
     
  18. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Maybe I'll just go join the Lakota
     
  19. Blackjack

    Blackjack Monkey+++

    Hey, I speak a little Lakota.... very little. Spent a little time out at the Pine Ridge Reservation about 15 years ago.


    What was the topic :)
     
  20. melbo

    melbo Hunter Gatherer Administrator Founding Member

survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7