|
Home > Archive > Anonymous Servers > September 2004 > BUSTED!
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Tarapia Tapioco 2004-09-20, 5:46 pm |
|
so much for the offshore theory and the netherlands being a safe place to
do business. so much for your sites in other countries being safe because
your somewhere else. somebody owes copie and john a big apology but i'm
sure none of them are grown up enough to admit they were wrong.........
Germans Break Up Internet Piracy Group
By HENRYK BALKOW
Associated Press Writer
German police have broken up an Internet piracy operation they say had
peddled millions of dollars worth of bootleg films, computer games, music
and software through a Web site.
The site had charged at least 45,000 subscribers to download pirated files
and brought in more than $1.2 million in profits this year, authorities
said. The site, since closed by police, was run from Germany, though it was
registered in the British Virgin Islands and used servers located in the
Netherlands and the Czech Republic.
After a yearlong investigation, police arrested four men last week. They
are being investigated and could be charged with copyright violation and
organized crime activity, lead prosecutor Hans-Joachim Petri said. The
suspects, whose names were not released, could face up to five years in
prison if convicted.
Police said they didn't know exactly how much money the site took in, but
the German Federation Against Copyright Theft estimated the pirated
material would have been worth at least $12.2 million in revenues to the
legitimate rights holders.
The suspects included two brothers who operated the Web site, ages 20 and
30, a 46-year-old lawyer from Munich and a 19-year-old technician. The
attorney has previously defended suspects of copyright violations,
particularly Internet pirates, according to the Motion Picture Association.
The MPA said the site charged $15 for a file or $170 monthly for the
pirated materials
| |
|
| Privacy.li does not deal in bootleg materials, they are a privacy provider.
"Tarapia Tapioco" <comesefosse@ntani.firenze.linux.it> wrote in message
news:12cfa120564d2d804628f78c67d52dc1@fi
renze.linux.it...
>
> so much for the offshore theory and the netherlands being a safe place to
> do business. so much for your sites in other countries being safe because
> your somewhere else. somebody owes copie and john a big apology but i'm
> sure none of them are grown up enough to admit they were wrong.........
>
>
> Germans Break Up Internet Piracy Group
> By HENRYK BALKOW
> Associated Press Writer
>
> German police have broken up an Internet piracy operation they say had
> peddled millions of dollars worth of bootleg films, computer games, music
> and software through a Web site.
>
> The site had charged at least 45,000 subscribers to download pirated files
> and brought in more than $1.2 million in profits this year, authorities
> said. The site, since closed by police, was run from Germany, though it
was
> registered in the British Virgin Islands and used servers located in the
> Netherlands and the Czech Republic.
>
> After a yearlong investigation, police arrested four men last week. They
> are being investigated and could be charged with copyright violation and
> organized crime activity, lead prosecutor Hans-Joachim Petri said. The
> suspects, whose names were not released, could face up to five years in
> prison if convicted.
>
> Police said they didn't know exactly how much money the site took in, but
> the German Federation Against Copyright Theft estimated the pirated
> material would have been worth at least $12.2 million in revenues to the
> legitimate rights holders.
>
> The suspects included two brothers who operated the Web site, ages 20 and
> 30, a 46-year-old lawyer from Munich and a 19-year-old technician. The
> attorney has previously defended suspects of copyright violations,
> particularly Internet pirates, according to the Motion Picture
Association.
>
> The MPA said the site charged $15 for a file or $170 monthly for the
> pirated materials
>
| |
|
| By the way YOU are waste of my time TROLL
"Tarapia Tapioco" <comesefosse@ntani.firenze.linux.it> wrote in message
news:12cfa120564d2d804628f78c67d52dc1@fi
renze.linux.it...
>
> so much for the offshore theory and the netherlands being a safe place to
> do business. so much for your sites in other countries being safe because
> your somewhere else. somebody owes copie and john a big apology but i'm
> sure none of them are grown up enough to admit they were wrong.........
>
>
> Germans Break Up Internet Piracy Group
> By HENRYK BALKOW
> Associated Press Writer
>
> German police have broken up an Internet piracy operation they say had
> peddled millions of dollars worth of bootleg films, computer games, music
> and software through a Web site.
>
> The site had charged at least 45,000 subscribers to download pirated files
> and brought in more than $1.2 million in profits this year, authorities
> said. The site, since closed by police, was run from Germany, though it
was
> registered in the British Virgin Islands and used servers located in the
> Netherlands and the Czech Republic.
>
> After a yearlong investigation, police arrested four men last week. They
> are being investigated and could be charged with copyright violation and
> organized crime activity, lead prosecutor Hans-Joachim Petri said. The
> suspects, whose names were not released, could face up to five years in
> prison if convicted.
>
> Police said they didn't know exactly how much money the site took in, but
> the German Federation Against Copyright Theft estimated the pirated
> material would have been worth at least $12.2 million in revenues to the
> legitimate rights holders.
>
> The suspects included two brothers who operated the Web site, ages 20 and
> 30, a 46-year-old lawyer from Munich and a 19-year-old technician. The
> attorney has previously defended suspects of copyright violations,
> particularly Internet pirates, according to the Motion Picture
Association.
>
> The MPA said the site charged $15 for a file or $170 monthly for the
> pirated materials
>
| |
| Doctor Who@any.place 2004-09-20, 5:46 pm |
| On Mon, 20 Sep 2004 22:04:08 +0200 (CEST), Tarapia Tapioco
<comesefosse@ntani.firenze.linux.it> wrote:
>:
>:so much for the offshore theory and the netherlands being a safe place to
>:do business. so much for your sites in other countries being safe because
>:your somewhere else. somebody owes copie and john a big apology but i'm
>:sure none of them are grown up enough to admit they were wrong.........
>:
>:
>:Germans Break Up Internet Piracy Group
>:By HENRYK BALKOW
>:Associated Press Writer
Interesting. But a few points come to mind. There is no mention of any pursuit of the
45,000 subscribers who were doing the downloading of the pirated files.
>:The site had charged at least 45,000 subscribers to download pirated files
>:and brought in more than $1.2 million in profits this year, authorities
>:said. The site, since closed by police, was run from Germany, though it was
>:registered in the British Virgin Islands and used servers located in the
>:Netherlands and the Czech Republic.
.. . . Was run from Germany. So it matters little where it was registered. I wonder if
they even used encryption. Unlikely if it was for downloading files.
There is no possible parallel between this and the use of an offshore server in The
Netherlands or Hong Kong by say, a person sited in the United States. Your data is
simply passing through the server, not remaining on it to be poured over at a later date.
In any case, using Stunnel + SSH through a Secure Shell host server will ensure that even
if logs are kept, no incriminating info will remain. Date and time of login, X quantity
of data pased through in each direction. As the data is encrypted , so what?
By using Stunnel and SSH2 encryption, irrespective of where the server is sited, they only
have two points to know what is happening. 1. At your desktop and 2. At the other end of
the chain where the data emerges in plaintext. Provided you make sure that it is
difficult to run back through that chain, it will be difficult to do a trace.
If you subscribe anonymously to all links in the chain, it would be difficult (but not
impossible if enough man hours and money was spent) to trace you. Unless you are
aspiring to join one of the Four Horsemen of the Apocalypse, (serious criminal activity,
drug lord, child porn, terrorism), rest assured there are far more likely avenues of
criminal pursuit before you.
Doctor Who
| |
| George Orwell 2004-09-20, 5:46 pm |
| On Mon, 20 Sep 2004, "Sting" <nospam@nospam.com> wrote:
>Privacy.li does not deal in bootleg materials, they are a privacy provider.
one little kid heard from. anyone else.......
[vbcol=seagreen]
>
>
>"Tarapia Tapioco" <comesefosse@ntani.firenze.linux.it> wrote in message
> news:12cfa120564d2d804628f78c67d52dc1@fi
renze.linux.it...
>was
>Association.
| |
| George Orwell 2004-09-21, 5:45 pm |
| On Mon, 20 Sep 2004, Doctor Who@any.place wrote:
>On Mon, 20 Sep 2004 22:04:08 +0200 (CEST), Tarapia Tapioco
><comesefosse@ntani.firenze.linux.it> wrote:
>
>
>
>Interesting. But a few points come to mind. There is no mention of any
>pursuit of the
>45,000 subscribers who were doing the downloading of the pirated files.
since they know how many there are, they probably could persue them if they
wanted to. it really doesn't matter. your whole argument through this sorry
mess was that being offshore posed all these problems for law enforcement.
obviously you were mistaken.
>
>
>
>
>
>. . . Was run from Germany. So it matters little where it was
>registered. I wonder if
>they even used encryption. Unlikely if it was for downloading files.
if encryption is the solution then what does it matter if you encrypt to
some server in your own country? why are you flip flopping now?
if you connect to a machine they have your IP no matter what you do. if you
do something illegal from that machine they simply make the owners give up
your ip, call your isp, and nail you in person. they took a whole year to
sit and watch traffic flowing in and out of these servers. if you don't
think the man can figure out who you are in that amount of time you are a
fool. and if you still think running servers in different countries poses
any major problem for the man, you are a bigger fool.
>
>There is no possible parallel between this and the use of an offshore
>server in The
>Netherlands or Hong Kong by say, a person sited in the United States.
oh for crying out loud doc, can't you just grow up and admit your argument
isnt as air tight as you thought it was? here's a real life example that
hits very close to home and you still try to deny it. please just give it
up and move on with your life.
rest snipped unread.
| |
| Doctor Who@any.place 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004 01:45:23 +0200 (CEST), George Orwell <nobody@mixmaster.it> wrote:
>:>
>:>There is no possible parallel between this and the use of an offshore
>:>server in The
>:>Netherlands or Hong Kong by say, a person sited in the United States.
>:
>:oh for crying out loud doc, can't you just grow up and admit your argument
>:isnt as air tight as you thought it was? here's a real life example that
>:hits very close to home and you still try to deny it. please just give it
>:up and move on with your life.
>:
>:rest snipped unread.
If you are really unable to see the difference between an open Web site and a closed SSH
server using onion encryption, then you are yourself the fool for telling everybody!
Yours seems the typical newbie approach. It is on the Web so it must be the same. . .
Daft. A Secure Shell server running SSH2 together with Stunnel SSL encryption is way
different to a publically available Web site. A year of monitoring an SSH2 server with
Stunnel will not avail them anything. For a start, you must bring some attention to
yourself before anybody is going to monitor you. Without knowing what you are involved
in, I cannot possibly comment about your online security. However, for the vast majority
of people, the huge hassle does not make economic sense. Didn't you read the detailed
post of a couple of days back?
In case it didn't make your server, here it is in full. Please read it in full before
commenting further:
It is axiomatic that, ceteris paribus, an offshore server is
preferable to an onshore one. (Of course, certeris paribus is a
very large assumption.). That's why the carpings of triflers
like Copelandia Cyanescens shoud be taken with a very large grain
of salt (and those less tolerant of such bullshit than I will
summarily dismiss them as mere disseminators of FUD, rife with
error and misdirection).
The benefit of using a foreign server holds true even if, in
principle, it is a simple matter to get a subpoena or whatever
else is necessary in the foreign jurisdiction to examine the logs
or other records there. (But, in fact, it can sometimes be a very
tricky and difficult matter. The trickiness can arise from many
sources, not just legal privacy protections. For instance, a
foreign jurisdiction may be very picky about trivia such as forms
and signatures.)
On the domestic side, even in large national LE or intelligence
organizations, requests to foreign jurisdictions are almost
always forwarded through special departments with limited
resources and to which appropriate documentation and
justification must be submitted - not only due to inherent
bureaucratic tendencies, but also to avoid overburdening the
department's resources and to avoid wearing out one's welcome in
the foreign jurisdiction with trifling matters or an excessive
number of them.
Not uncommonly more than one department must be consulted in a
large LE organization (e.g., originating, foreign, legal, etc.).
This takes time (sometimes lots of time!) and effort and
submitting departments will be reluctant to do so without solid
justification. Channels must be followed and procedures
observed. Less serious cases will tend to automatically be
filtered out. The filtering and bureaucratic inertia, rather than
legal obstacles in either the domestic or foreign jurisdiction,
are often the strongest reasons for using foreign jurisdictions.
With cases orininating with smaller LE organizations (provincial
or municipal) the number of steps are even more numerous.
Usually the local requests must be "packaged" and then forwarded
through national level institutions. Yet again, even more layers
of internal friction in the machine scrub away all but the most
urgent and pressing cases.
Those who doubt the impact of such intra- and inter- agency
difficulties and obstacles need only read some of the formal
conclusions of those studying 9/11 regarding the internal
workings of such agencies both before and after the fact. These
were for matters of great national urgency and yet the same
phenomena showed up. And not just bureaucratic delays and
bungling - in some cases outright agency rivalries and bickering
leading to stonewalling.
And so far I've only spoken of difficulties on the domestic side.
On the offshore side there is often, for instance, the
considerable burden of language. Moreover, each side may have a
very imperfect understanding of the laws, and more important, of
how the process works in the other jurisdiction. Then add to
that all the layers of bureaucracy in the foreign jurisdiction,
whose byzantine intricacies may make the FBI or CSA look
streamlined - the whole domestic process I described above may be
duplicated overseas with even greater internal messing about than
domestically.
And all that assumes that there really isn''t some sort of solid
legal barrier (e.g., the need to make a prima facie case before
an examining magistrate complete with full supporting
documentation - on the right forms and in the right language -
before a warrant or equivalent is issued), or that someone (the
offshore ISP perhaps) doesn't decide to go for the equivalent of
a restraining injunction (or equivalent) further complicating and
delaying matters.
Yes, if your case is one where a credible death threat has been
made against Bush, the agencies on both sides may short-circuit
the rulebooks and take speedy action, but in anything less
serious the process is likely to grind its slow and weary way
through the bureaucracies on two continents before the logs are
obtained.
Just providing an outline of the "processing problems" has
resulted in a long post and burned up a fair amount of time.
Correspondingly, the likelihood that the real thing will take so
long that a 5-day log has rolled is high!
Yes, foreign jurisdictions provide a great deal of protection and
not just from their privacy laws!
| |
| Doctor Who@any.place 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004 01:45:23 +0200 (CEST), George Orwell <nobody@mixmaster.it> wrote:
<snipped>
>:>Interesting. But a few points come to mind. There is no mention of any
>:>pursuit of the
>:>45,000 subscribers who were doing the downloading of the pirated files.
>:
>:since they know how many there are, they probably could persue them if they
>:wanted to. it really doesn't matter. your whole argument through this sorry
>:mess was that being offshore posed all these problems for law enforcement.
>:obviously you were mistaken.
Could, but will?
Seems they are only after thebig fish not the tiddlers.
| |
| Max Mustermann 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004, Doctor Who@any.place wrote:
>On Tue, 21 Sep 2004 01:45:23 +0200 (CEST), George Orwell
><nobody@mixmaster.it> wrote:
>
>
>
>If you are really unable to see the difference between an open Web site
>and a closed SSH
>server using onion encryption, then you are yourself the fool for telling
>everybody!
if you think its not obvious that you're being evasive you're a bigger
fool. your argument is foreign servers are more secure than domestic
servers. current events contradict you. you tryto defend yourself by
throwing up a smoke screen then you snipped the logical question like a
coward:
if encryption is the answer why is it less secure to encrypt to a domestic
server than a foreign one?
>
>Yours seems the typical newbie approach. It is on the Web so it must be
>the same. . .
>
>Daft. A Secure Shell server running SSH2 together with Stunnel SSL
you say your interest is helping newbies and now you insult them.
i guess i struck a nerve. i see you really can't defend your position and
you won't stop at anything to avoid admitting that to the world no matter
who you have to slam or how silly you look.
rest snipped unread.
| |
| Nomen Nescio 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004 01:55:31 GMT, Doctor Who@any.place wrote:
>
>
>If you are really unable to see the difference between an open Web
site and a closed SSH
>server using onion encryption, then you are yourself the fool for
telling everybody!
>
LOL "onion encryption"? You don't got a clue what you are talking about
do you?
What does onion encryption have to do with SSH?
>
>Daft. A Secure Shell server running SSH2 together with Stunnel SSL
encryption is way
>different to a publically available Web site.
So what exactly does using SSH *and* Stunnel achieve exactly?
You truly are a clueless moron.
| |
| Max Mustermann 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004, Nomen Nescio <nobody@dizum.com> wrote:
>site and a closed SSH
>telling everybody!
>
>LOL "onion encryption"? You don't got a clue what you are talking about
>do you?
i can't believe you haven't heard of onion encryption!! here is a simple
explanation for those who don't know about it:
https://www.supersecredvegetableencryption.gov:31337
"a strong, bulbous food stuff is passed over a plain text in
cryptographically random patterns. this deposits a layer of quantum
oinionjuice particles over the plain text. those particles instantly
polymorph into occulo-acidic streams. anyone who attempts to view the
secured document without first washing their hands has their eyes burned to
a crisp.
onion encryption is thought to be unbreakable without calculating the
entropic multivariance of dawn dish soap."
| |
| Doctor Who@any.place 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004 16:30:01 +0200 (CEST), Nomen Nescio <nobody@dizum.com> wrote:
>:On Tue, 21 Sep 2004 01:55:31 GMT, Doctor Who@any.place wrote:
>:
>:>
>:>
>:>If you are really unable to see the difference between an open Web
>:site and a closed SSH
>:>server using onion encryption, then you are yourself the fool for
>:telling everybody!
>:>
>:
>:LOL "onion encryption"? You don't got a clue what you are talking about
>:do you?
>:
>:What does onion encryption have to do with SSH?
For your information (sigh) onion encryption is when one layer of encryption is wrapped
around another layer.
So, when you access an NNTPS (Network News Transfer Protocol - Secured ) server using
Stunnel through port 563, using Secure Shell (SSH) on port 22 you have two layers of
encryption, one wrapped around the other.
Firstly the data you wish to send to (or receive from) the news server is encrypted with
SSL encryption. For more info go here: http://www.stunnel.org/
"Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL
(Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure
non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide
the encryption, requiring no changes to the daemon's code.
The Stunnel source code is not a complete product -- you still require a functioning SSL
library such as OpenSSL or SSLeay in order to compile stunnel. This means that stunnel can
support whatever (and only) that which your SSL library can, without making any changes in
the Stunnel code.
The Stunnel source code is available under the GNU General Public License, meaning it is
free to use in both commercial and non commercial applications as you see fit, as long as
you provide source code (and any modifications) with the software. Your compiled Stunnel
binary is 'restricted' by whatever license your chosen SSL library is under, however both
OpenSSL and SSLeay are Open Source and similarly liberal in their licensing. "
The above is just a short extract in case you are unable to make a connection from a link.
As you can see, it specifically refers to SSL encryption. This encrypted data could be
communicated directly with the news server. Many do so. That alone would not be onion
ring encryption.
However, superior anonymity and thus privacy, is offered by re-routing through a secure
(offshore) server, such as Privacy.Li. Maybe AnonX might work (I have not tried them) or
perhaps FindNot (again not tried by me). Or, if you are not too fussed at routing
through an SSH server within the United States, where the news server is also likely to be
sited, then you could use Cotse. Routing theough any SSH server will vastly increase your
anonymity and privacy.
Whichever choice you make, any suitable SSH server accepts this data after it has been
re-encrypted to a session key generated by your computer and negotiated with the SSH host
server.
Thus there are 2 layers, firstly the encrypted SSL layer, which is then itself further
encrypted by the SSH protocol. Thus there are two layers of encryption. This is the
onion ring refernce. Does this help?
For more info about SSH go here: http://www.employees.org/~satch/ssh/faq/ssh-faq.html
or any of many other sites.
Again, just in case you are unable to make a connection from a link.
"Secure Shell is a program to log into another computer over a network, to execute
commands in a remote machine, and to move files from one machine to another. It provides
strong authentication and secure communications over unsecure channels. It is intended as
a replacement for telnet, rlogin, rsh, and rcp. For SSH2, there is a replacement for FTP:
sftp.
Additionally, Secure Shell provides secure X connections and secure forwarding of
arbitrary TCP connections. You can also use Secure Shell as a tool for things like rsync
and secure network backups.
The traditional BSD 'r' - commmands (rsh, rlogin, rcp) are vulnerable to different kinds
of attacks. Somebody who has root access to machines on the network, or physical access to
the wire, can gain unauthorized access to systems in a variety of ways. It is also
possible for such a person to log all the traffic to and from your system, including
passwords (which ssh never sends in the clear).
The X Window System also has a number of severe vulnerabilities. With ssh, you can create
secure remote X sessions which are transparent to the user. As a side effect, using remote
X clients with ssh is more convenient for users.
There are two versions of Secure Shell available: SSH1 and SSH2. This FAQ does its best to
distinguish when the situation calls for the difference between the two."
I trust you understand that the reference to secure communications iin the above means
encrypted connections.
On reaching the SSH host server, the outer layer is decrypted by this host server and the
encrypted (with SSL) data is forwarded onto the news server. There it is accepted via
port 563 and decrypted back to a plaintext instruction or whatever. When the server
replies to you, it in turn encrypts its data with SSL, sends it to the host SSH server,
where this encrypted data is then encrypted further by the host server to give a second
(outer) layer of encryption after which this double encrypted data is returned back to
you. As it passes through your ISP on both the outward and the return journey, your ISP
will have the greatest difficulty in knowing what it is. All it will be able to deduce
is data is passing between you and the Secure Shell host. It will not know the name of
the news server, or even that the connection is with a news server. Why? Because the
destination server addrress is hidden by the SSH encryption.
Now I am sure there are many who may feel this is being a little over-simplistic as the
whole protocol is very sophisticated. However, I have pointed to the relevant FAQs. You,
or anyone else can read up on it and if you still feel aggrieved that the facts do not fit
your present beliefs, then please feel free to take it up with the various people who have
worked so hard on our behalf to give us, free of charge, these wonderful programs.
Your posts are IMHO a disgraceful charade and an insult to the hard work and integrity of
these people. To constantly mock me when I try and illustrate the advantages of using
encryption, especially when I reference it to the advantages of using an offshore server
suggest a troll-like truculence. Perhaps you are blinkered, perhaps you just wish to be
controversial. Whatever your motives, you are spreading FUD (Fear - Unease - Despair),
where there should not be any FUD.
I notice you have a habit of discarding the ends of my posts as if your arrogance prevents
you from stooping so low as to read something from someone who you regard has less
knowledge than yourself.
I believe it is pragmatic to listen to what others have to say; that is how you learn and
progress is made. If you refuse to listen (and learn) then nobody can help you.
Unless you can add something of significance to this argument, other than your waffling
piffle, I will not respond further. I do not see any benefit to either of us (or this NG)
if I am talking to a meatball.
Doctor Who
| |
| Max Mustermann 2004-09-21, 5:45 pm |
| On Tue, 21 Sep 2004, Doctor Who@any.place wrote:
>For your information (sigh) onion encryption is when one layer of
>encryption is wrapped
>around another layer.
total made up nonsense! onion "encryption" is a routing protocol where
routing information and data is fragmented and packets are encrypted to
various keys (basically). it has absolutely nothing at all to do with
anything that even resembles wrapping ssl in ssh.
this has got to be the most idiotic, stump stupid thing you've posted yet.
and you still havent answered the question:
if encryption is the answer, why is it any more secure to encrypt to a
foreign server than it is a local one?
rest snipped unread.
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 22 Sep 2004 01:30:00 +0200, Max Mustermann wrote in
Message-Id: <2d552fae789126244fabd62f4501caa4@remail.amessage.info>:
> if encryption is the answer, why is it any more secure to encrypt to a
> foreign server than it is a local one?
Kidnap Len Attack:
Assuming that an Ephemeral Key isn't used, anything captured in transit
can be decrypted at a later date if the message destination is
compromised.
Scenario:
Originator encrypts a message and sends it to Destination.
Messages is intercepted in transit and stored by Nasty TLA
Nasty TLA can see where the message is going (Destination)
Option 1:
Destination is within their jurisdiction, so Nasty TLA beat the door
down and demand the private key to decrypt message. People supply it
because Nasty TLA are very scary people.
Option 2:
Destination is outside Nasty TLA's jurisdiction: To beat the door down
requires international cooperation between LEA's. To threaten
Destination in order to obtain private key becomes much much harder.
Solution:
Use Ephemeral ciphers when sending messages.
See: http://www.noreply.org/tls/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBUL7FlKZ6CY7Vd0MRAkR/AJ9NLt95SnA6sWjnzbnq0SsZ+LYhgwCffRbZ
SVtU+G9KrhYJca+gUuu7/2c=
=EfDF
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| George Orwell 2004-09-22, 7:48 am |
| In article <pb2vk0dbbqujmod37etqdtfut1ngd9ml09@4ax.com>, Doctor
Who@any.place wrote:
>On Tue, 21 Sep 2004 01:45:23 +0200 (CEST), George Orwell
><nobody@mixmaster.it> wrote:
>
[snip][vbcol=seagreen]
>In case it didn't make your server, here it is in full. Please read it in
>full before
>commenting further:
>
>
>
>
>It is axiomatic that, ceteris paribus, an offshore server is
>preferable to an onshore one. (Of course, certeris paribus is a
>very large assumption.). That's why the carpings of triflers
[big snip]
>Yes, foreign jurisdictions provide a great deal of protection and
>not just from their privacy laws!
In all that, you fail to realize that if 'The Shop' wants to get to you,
then petty little things like legal and bureaucratic procedures will mean
precicely DICK to them.
Never mind what you've been told about how "The law requirese xyz procedure
to extradite you or even get access to information." Never mind what
you've seen on TV about how they've got to beg and plead for permission to
get what they need on somebody.
In actual fact, all that legal shit is something invented by lawyers to
keep other lawyers busy. It means NOTHING to government LEA's
"The problem is that most people have no idea that their freedoms and
rights were sacrificed long ago on the altar of money and power."
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.
| |
| privacy.at Anonymous Remailer 2004-09-22, 7:48 am |
|
Doctor Who@any.place wrote:
>For your information (sigh) onion encryption is when one layer of
>encryption is wrapped
>around another layer.
ROTFL!!!
LOL!! LOL!! LOL!!
Onion encryption, or onion routing as it's normally called, is no such
thing. It's basically the mixmaster protocol applied to the connection
layer. It uses nested encryption, but it's all the same with different keys
(yes we already know you're abit confused about what encryption keys really
are).
LMAO!
You have just defined yourslef as a completely clueless imbecile who makes
shit up as he goes!
LOL!! LOL!!
ROTFLMAO!!!!!!
LOL!!!
LAMO!
| |
| Tarapia Tapioco 2004-09-22, 7:48 am |
| NOTE: This message was sent thru a mail2news gateway.
No effort was made to verify the identity of the sender.
--------------------------------------------------------
On Tue, 21 Sep 2004, Zax <fleegle@bananasplit.info> wrote:
>
>Kidnap Len Attack:
snip.
this doesnt address the question at all. the security of international
borders has just been proven very weak. servers in two countries running a
service registered in a third with administration living in a fourth
country were all taken down with apparently no trouble at all. the given
solution to that specific problem was to use encryption. the question
remains:
if encryption is the solution to this problem, why is it any more secure to
encrypt to a foreign server than it is a local one?
your answer assumes some things that can't be assumed today. obviously your
tla had no problem overcoming the problems of different jurisdictions is a
short period of time as far as criminal investigations go. i'm sure there
are many hundreds of examples of national and local investigations that
took much longer than a year in every country. and it's safe to assume that
the whole year wasnt spend getting permission to investigate. getting that
permission was very likely only a very small part of the entire
investigation. and this crime wasnt even a mortal sin as far as most people
are concerned. in fact it's a very popular crime that i'd wager many
privacy and anonymous users engage in. so your average internet so called
criminal seems to be no more safe using a foreign server than a local one.
| |
|
| In article < 19c55fce3bdefda7552e134467b91504@firenze
.linux.it>,
comesefosse@ntani.firenze.linux.it says...
> NOTE: This message was sent thru a mail2news gateway.
> No effort was made to verify the identity of the sender.
> --------------------------------------------------------
>
> On Tue, 21 Sep 2004, Zax <fleegle@bananasplit.info> wrote:
>
>
> snip.
>
> this doesnt address the question at all. the security of international
> borders has just been proven very weak. servers in two countries running a
> service registered in a third with administration living in a fourth
> country were all taken down with apparently no trouble at all. the given
> solution to that specific problem was to use encryption. the question
> remains:
>
> if encryption is the solution to this problem, why is it any more secure to
> encrypt to a foreign server than it is a local one?
>
> your answer assumes some things that can't be assumed today. obviously your
> tla had no problem overcoming the problems of different jurisdictions is a
> short period of time as far as criminal investigations go. i'm sure there
> are many hundreds of examples of national and local investigations that
> took much longer than a year in every country. and it's safe to assume that
> the whole year wasnt spend getting permission to investigate. getting that
> permission was very likely only a very small part of the entire
> investigation. and this crime wasnt even a mortal sin as far as most people
> are concerned. in fact it's a very popular crime that i'd wager many
> privacy and anonymous users engage in. so your average internet so called
> criminal seems to be no more safe using a foreign server than a local one.
>
>
There was a person called TheFly, he released a virus (anna kournicova
(sp?)), he lived in the netherlands, the FBI had his info in no time
flat, he was busted and prosecuted. Borders caused absolutely no
trouble for them at all.
| |
| Doctor Who@any.place 2004-09-23, 10:01 am |
| On Wed, 22 Sep 2004 01:30:00 +0200, Max Mustermann <anonymous@remail.amessage.info> wrote:
>:On Tue, 21 Sep 2004, Doctor Who@any.place wrote:
>:
>:>For your information (sigh) onion encryption is when one layer of
>:>encryption is wrapped
>:>around another layer.
>:
>:total made up nonsense! onion "encryption" is a routing protocol where
>:routing information and data is fragmented and packets are encrypted to
>:various keys (basically). it has absolutely nothing at all to do with
>:anything that even resembles wrapping ssl in ssh.
I admit it was made up, in the sense that onion encryption is to me the layering of
encryption one over another. As opposed to chaining, where each link has a single layer,
which is replaced at each node by a fresh, different layer to a different key. As for
example when chaining through two or more SSH servers. This suffers from the disadvantage
that at each node, there is the slight risk of an attacker compromising the host and
perhaps obtaining the plaintext whilst it is being decrypted and before it is re-encrypted
and sent on. Whereas with onion layering this would not be possible at the intermediate
SSH host.
Whether or not there is an "official" definition I know not. But as far as I am
concerned, my definition is highly descriptive of what I am anxious to convey.
Perhaps you can quote chapter and verse where the official definition resides and who
is/was responsible for that definition.??
>:this has got to be the most idiotic, stump stupid thing you've posted yet.
>:and you still havent answered the question:
And you have posted such wisdom we all stand in awe of your posts. Such cleverness, such
wit, such a pity you ar a churlish, rude, naff FUD poster.
>:if encryption is the answer, why is it any more secure to encrypt to a
>:foreign server than it is a local one?
Because it would be outside the boundaries of the legal jurisdiction in which an
authoritiy might want to investigate. If a US citizen (insert whichever nationality you
like) became involved in an investigation and he was posting through a US remote host
Secure Socket (SSH) server, even in a different state, it would be possible to obtain
Warrants and descend on that server and get details. Contrast this wiht the situation
where the server is offshore. Now they cannot simply turn up with a Warrant in this
foreign country and demand info. On the contrary, it now becomes an international
matter. As another poster has explained in detail and far better than I ever could, it is
a prolonged and tedious matter of international cooperation. Now the US (or whichever
nationality is involved) has to request cooperation from a foreign power. If no law has
been broken in that foreign country, as for example if the suspect was downloading MP3
files and he was routing through a server in Hong Kong, there is little prospect of an
outcome.
There is also the little matter of prioritising the workload. All TLA's have a busy
workload. There would be a tendency for a single isolated individual to fall through the
net of inertia. As I have said many times before, unless the suspect was involved with
one of the Four Horsemen of the Apocalypse, there is very little likelihood of his being
caught.
Previous assertions that this is wrong because of anon.penet.fi are irrelevant. Those
posters were not anonymous to anon.penet.fi. They were not even using encryption.
Everything was in plain text and passing through a single proxy in Finland. The guy
running Julf was keeping details of the posters actual Email addresses, for goodness sake!
Whereas if you subscribed anonymously to an offshore server, there are far more
difficulties in complying with any request if there is no info. However, I believe there
is far, far less risk when you cross international borders.
>:rest snipped unread.
Once again proving your arrogance and inability to learn anything. Oh well.
Doctor Who
PS I am tired of this trolling.
| |
| Doctor Who@any.place 2004-09-23, 10:01 am |
| On Tue, 21 Sep 2004 23:50:20 +0000 (UTC), Zax <fleegle@bananasplit.info> wrote:
>:-----BEGIN PGP SIGNED MESSAGE-----
>:Hash: SHA1
>:
>:On Wed, 22 Sep 2004 01:30:00 +0200, Max Mustermann wrote in
>:Message-Id: <2d552fae789126244fabd62f4501caa4@remail.amessage.info>:
>:
>:> if encryption is the answer, why is it any more secure to encrypt to a
>:> foreign server than it is a local one?
>:
>:Kidnap Len Attack:
>:Assuming that an Ephemeral Key isn't used, anything captured in transit
>:can be decrypted at a later date if the message destination is
>:compromised.
>:
>:Scenario:
>:Originator encrypts a message and sends it to Destination.
>:Messages is intercepted in transit and stored by Nasty TLA
>:Nasty TLA can see where the message is going (Destination)
>:
>:Option 1:
>:Destination is within their jurisdiction, so Nasty TLA beat the door
>:down and demand the private key to decrypt message. People supply it
>:because Nasty TLA are very scary people.
>:
>:Option 2:
>:Destination is outside Nasty TLA's jurisdiction: To beat the door down
>:requires international cooperation between LEA's. To threaten
>:Destination in order to obtain private key becomes much much harder.
>:
>:Solution:
>:Use Ephemeral ciphers when sending messages.
>:See: http://www.noreply.org/tls/
Good answer. But I doubt he will listen any more to you than he does to anyone else.
Still a good try at educating him. Thanks.
| |
| Nomen Nescio 2004-09-23, 10:01 am |
| On Wed, 22 Sep 2004 23:02:18 GMT, Doctor Who@any.place wrote:
>
>Doctor Who
>
>
>PS I am tired of this trolling.
FOAD then shithead. We're tired of YOU!
| |
|
| On Wed, 22 Sep 2004 12:31:17 -0400, None <none@none.invalid> wrote:
>There was a person called TheFly, he released a virus (anna kournicova
>(sp?)), he lived in the netherlands, the FBI had his info in no time
>flat, he was busted and prosecuted. Borders caused absolutely no
>trouble for them at all.
Total bullshit. He turned himself in.
| |
| Tarapia Tapioco 2004-09-23, 8:45 pm |
| On Wed, 22 Sep 2004, Doctor Who@any.place wrote:
>
>I admit it was made up, in the sense that onion encryption is to me the
>layering of
>encryption one over another. As opposed to chaining, where each link has
>a single layer,
you are a liar. you acted like you knew something and you were arrgant
about making the statement to begin with:
"For your information (sigh) onion encryption is when one layer of
encryption is wrapped
around another layer."
for your information you are completely full of it. you screwed up and
won't admit you didn't know what you were talking about. you were trying to
impress people by tossing around names, and got caught.
rest of your coverup attempt snipped.
| |
| starwars 2004-09-24, 2:45 am |
| In article < 80e73ccd7f040c24b12c41f594e65022@firenze
.linux.it>
Tarapia Tapioco <comesefosse@ntani.firenze.linux.it> wrote:
>
> On Wed, 22 Sep 2004, Doctor Who@any.place wrote:
>
>
> you are a liar. you acted like you knew something and you were arrgant
> about making the statement to begin with:
>
> "For your information (sigh) onion encryption is when one layer of
> encryption is wrapped
> around another layer."
>
> for your information you are completely full of it. you screwed up and
> won't admit you didn't know what you were talking about. you were trying to
> impress people by tossing around names, and got caught.
>
> rest of your coverup attempt snipped.
Watch him doing a Hamboner now by posting lots of useful stuff to cover up.
| |
| Richard 2004-09-26, 5:45 pm |
|
<Doctor Who@any.place> wrote in message
news:snluk0h0gum2bhalirtfsv1f2r2q2oskbr@
4ax.com...
>
> Interesting. But a few points come to mind. There is no mention of any
pursuit of the
> 45,000 subscribers who were doing the downloading of the pirated files.
Can't they just 'follow the money'? If the subscribers used credit cards to
pay for their subscriptions surely the police can trace them through the
card numbers. Isn't that how the police have traced paedophiles who
subscribed to the site in America that was shut down recently? Perhaps they
don't consider it worthwhile for copyright theft.
Richard
| |
| Thomas J. Boschloo 2004-09-26, 5:45 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
privacy.at Anonymous Remailer wrote:
| Doctor Who@any.place wrote:
|
|
|>For your information (sigh) onion encryption is when one layer of
|>encryption is wrapped
|>around another layer.
|
|
| ROTFL!!!
|
| LOL!! LOL!! LOL!!
|
| Onion encryption, or onion routing as it's normally called, is no such
| thing. It's basically the mixmaster protocol applied to the connection
| layer. It uses nested encryption, but it's all the same with different
keys
| (yes we already know you're abit confused about what encryption keys
really
| are).
I am missing links here. There are two protocols I would call 'Onions'.
The original Onion Routing from the American Navy, and second, *The*
Onion Router or 'TOR' <http://www.onion-router.net/>
<http://freehaven.net/tor/>.
| LMAO!
|
| You have just defined yourslef as a completely clueless imbecile who makes
| shit up as he goes!
|
| LOL!! LOL!!
|
| ROTFLMAO!!!!!!
|
|
|
|
| LOL!!!
|
|
|
|
|
|
|
|
|
| LAMO!
You sure seem to be having a lot of fun, well, good for you,
Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQVcXOAEP2l8iXKAJAQGIkgMfQ0bW+AVM
9WLNXNCd5o/9nGi8hQhVpHmo
K42FkOfnSgn/H3stlVnXknJO9Ymon+etAtXajQy/q18rxlC8gIa6W6NzPbFe2R9P
vN/f2dLiCkKYw/oavFrBuBxBp19yetr+g6YcYw==
=BqMz
-----END PGP SIGNATURE-----
|
|
|
|
|