General

general@lists.hackerspace.pl

1059 discussions

Start a nNew thread

Orkiestra górniczo-monetarystyczna [bitcoin]
by Marcin 15 Jul '14

15 Jul '14

Pozdrawiam wszystkich Kopaczy! https://www.youtube.com/watch?v=XEthXBHsEac MZ

1 0

Consciousness on-off switch
by rysiek 10 Jul '14

10 Jul '14

OHAI, "When the team zapped the area with high frequency electrical impulses, the woman lost consciousness. She stopped reading and stared blankly into space, she didn't respond to auditory or visual commands and her breathing slowed. As soon as the stimulation stopped, she immediately regained consciousness with no memory of the event. The same thing happened every time the area was stimulated during two days of experiments (Epilepsy and Behavior, doi.org/tgn)." -- http://www.newscientist.com/article/mg22329762.700 Aleksander? :) -- Pozdr rysiek

1 0

No Silver Bullet - De-identification still doesn't work
by TeMPOraL 09 Jul '14

09 Jul '14

http://randomwalker.info/publications/no-silver-bullet-de-identification.pdf Taki paper będący odpowiedzią na jakiś inny, który rzuca troszkę światła na problem anonimizacji danych. (moim zdaniem pokładanie jakiejkolwiek nadziei w anonimizacji czegokolwiek jest bardzo nierozsądne) Jacek Złydach, http://temporal.pr0.pl/devblog | http://esejepg.pl | http://hackerspace-krk.pl TRC - Bringing you tomorrow's solutions yesterday.

1 0

Free State Project
by rysiek 09 Jul '14

09 Jul '14

Hej, dobry polityczno-społeczny hack jest dobry. :) Projekt przeprowadzenia się 20000 osób do New Hampshire w celu uzyskania realnego wpływu na politykę stanu, w tym tematy związane z prywatnością, i stworzenie "wolnego stanu": http://freestateproject.org/ -- Pozdr rysiek

11 10

Fwd: messing with XKeyScore
by rysiek 06 Jul '14

06 Jul '14

Trololo. ---------- Treść przekazywanej wiadomości ---------- Temat: messing with XKeyScore Data: piątek, 4 lipca 2014, 16:56:41 Od: Eugen Leitl Do: cypherpunks(a)cpunks.org http://blog.erratasec.com/2014/07/jamming-xkeyscore_4.html?m=1 Errata Security Advanced persistent cybersecurity Friday, July 04, 2014 Jamming XKeyScore Back in the day there was talk about "jamming echelon" by adding keywords to email that the echelon system was supposedly looking for. We can do the same thing for XKeyScore: jam the system with more information than it can handle. (I enumerate the bugs I find in the code as "xks-00xx"). For example, when sending emails, just send from the address "bridges(a)torproject.org" and in the email body include: https://bridges.torproject.org/ bridge = 0.0.0.1:443 bridge = 0.0.0.2:443 bridge = 0.0.0.3:443 ... Continue this for megabytes worth of bridges (xks-0001), and it'll totally mess up XKeyScore. It has no defense against getting flooded with information like this, as far as I can see. Note that the regex only cares about 1 to 3 digit numbers, that means the following will be accepted by the system (xks-0002): bridge = 75.748.86.91:80 The port number matches on 2 to 4 digits ([0-9]{2,4}). Therefore, bridges with port numbers below 10 and above 9999 will be safe. I don't know if this code reflect a limitation in Tor, or but assuming high/low ports are possible, this can be used to evade detection (xks-0011). Strangely, when the port number is parsed, it'll capture the first non-digit character after the port number (xks-0012). This is normally whitespace, but we could generate an email with 256 entries, trying every possible character. A character like < or ' might cause various problems in rendering on an HTML page or generating SQL queries. You can also jam the system with too many Onion addresses (xks-0003), but there are additional ways to screw with those. When looking for Onion addresses, the code uses a regex that contains the following capture clause: ([a-z]+):\/\/) This is looking for a string like "http://" or "https://", but the regex has no upper bounds (xks-0004) and there is no validation. Thus, you can include "goscrewyourself://o987asgia7gsdfoi.onion:443/" in network traffic, and it'll happily insert this into the database. But remember that "no upper bounds" means just that: the prefix can be kilobytes long, megabytes long, or even gigabytes long. You can open a TCP connection to a system you feel the NSA is monitoring, send 5 gigabytes of lower-case letters, followed by the rest of the Onion address, and see what happens. I mean, there is some practical upper bound somewhere in the system,, and when you hit it, there's a good chance bad things will happen. Likewise, the port number for Onion address is captured by the regex (d+), meaning any number of digits (xks-0005). Thus, we could get numbers that overflow 16-bits, 32-bits, 64-bits, or 982745987-bits. Very long strings of digits (megabytes) at this point might cause bad things to happen within the system. There is an extra-special thing that happens when the schema part of the Onion address is exactly 16-bytes long (xks-0006). This will cause the address and the scheme to reverse themselves when inserted into the database. Thus, we can insert digits into the scheme field. This might foul up later code that assumes schemes only contain letters, because only letters match in the regex. In some protocol fields, the regexes appear to be partial matches. The system appears to match on HTTP servers with "mixminion" anywhere in the name. Thus, we start causing lots of traffic to go to our domains, such as "mixminion.robertgraham.com", that will cause their servers to fill up with long term storage of sessions they don't care about (xks-0007) Let's talk X.509, and the following code: fingerprint('anonymizer/tor/bridge/tls') = ssl_x509_subject('bridges.torproject.org') or ssl_dns_name('bridges.torproject.org'); Code that parses X.509 certificates is known to be flaky as all get out. The simplest thing to do is find a data center you feel the NSA can monitor, and then setup a hostile server that can do generic fuzzing of X.509 certificates, trying to crash them. It's likely that whatever code is parsing X.509 certificates is not validating them. Thus, anybody can put certificates on their servers claiming to be 'bridges.torproject.org' (xks-0008). It's likely that the NSA is parsing SSL on all ports, so just pick a random port on your server not being used for anything else, create a self-signed CERT claiming to be "bridges.torproject.org', then create incoming links to that port from other places so at least search-engines will follow that link and generate traffic. This will cause the NSA database of bridges to fill up with bad information -- assuming it's not already full from people screwing with the emails as noted above :). <img src="http://www.google.com/?q=tails+usb" /> Putting the above code in a web page like this one will cause every visitor to trigger a search for TAILS in the XKeyScore rules. The more people who do this, the less useful it becomes to the NSA (xks-0009) in labeling people as suspicious. Likewise, putting <title>tails.boum.org/<.title> in your webpages will cause the same effect, even when CSS/JavaScript makes such a title invisible. In theory, the NSA should only be monitoring foreign traffic, and not traffic originating from the United States (or, apparently, the other five-eyes). So here is the fun thing (xks-0010): run your jamming tools from United States IP addresses against those servers in Iran you know the NSA is monitoring. Since the code should already be ignoring the traffic because it originates from the United States, then they can't complain if you've filled up their databases full of Tor Onion and bridge addresses. Robert Graham ----------------------------------------- -- Pozdr rysiek

5 11

Microsoft rozdaje Intel Galileo
by Kuba Niewiarowski 04 Jul '14

04 Jul '14

Chyba jeszcze nie było, więc podrzucam - może ktoś się załapie: http://www.windowsondevices.com/ -- Pozdrawiam, Kuba Niewiarowski.IT

16 35

Fwd: Invitation to compete in PayPal Hackathon> $100, 000 Prize!
by rysiek 04 Jul '14

04 Jul '14

Cześć, po akcji z blokowaniem WikiLeaks, MailPile, a ostatnio ProtonMail, mam pomysł, by im odpisać "spadajcie na drzewo, polskie haesy nie są zainteresowane współpracą z FailPalem" (oczywiście nieco inaczej ubierając to w słowa). Co Wy na to? Who's in? ---------- Treść przekazywanej wiadomości ---------- Temat: Invitation to compete in PayPal Hackathon> $100,000 Prize! Data: środa, 2 lipca 2014, 16:50:12 Od: Daud, Muhammad <mdaud(a)paypal.com> Do: kontakt(a)hackerspace.pl <kontakt(a)hackerspace.pl> Hi, I’m a Marketing Specialist with PayPal and wanted to invite you and your members to our hackathon -> https://2014.battlehack.org/warsaw#register BattleHack is a series of global hackathons organized by PayPal. This is a great opportunity to gain exposure, have a chance to meet with other developers/designers in the industry AND the chance to compete for $100K (plus, many other exciting prizes at BattleHack). We have John Lunn, Borys Musielak, Krzysztof Kowalczyk and Brenden Arakaki on our judging panel. Below is what we would like to share with your members regarding BattleHack Warsaw, to be held on July 12-13 at Nowy Fort inWarsaw. There is also an opportunity for PayPal Developer to sponsor your meetup/group and I would love to talk to you about it. It will be great to collaborate, strengthen our relationship and continue to innovate constantly. Email Blast: If you can please send out the following message to your meetup/group members, it’ll be great. Please feel free to customize the message so that it fits your voice, language and style. Get Your Tickets Now for Battle Hack Warsaw! We are pleased to announce, from PayPal Developer, that tickets for BattleHack Warsaw are now available! Make sure you don't miss out for a chance to win $100,000 USD with your code! Battle Hack Warsaw will be held at Nowy Fort and we expect it to be just as awesome as everything you have come to expect from PayPal. Massages, beer and gourmet food are ready for you! Head over to https://2014.battlehack.org/warsaw#register and secure your chance to win our epic Axe Trophy and a chance at $100,000 USD. Most importantly, create an app that will help Warsaw! We hope to see you there! If you have any questions, please feel free to email me at mdaud(a)paypal.com<mailto:mdaud@paypal.com>. I am looking forward to talking to you. Thank you, Muhammad Daud Marketing Specialist [cid:797D757A-7A06-4192-AB43-92707C5E22A9] twitter.com/paypaldev<https://twitter.com/paypaldev> WIN $100,000 USD: http://battlehack.org/ [Small axe] ----------------------------------------- -- Pozdr rysiek

6 15

Fwd: NSA targets the privacy-conscious
by rysiek 03 Jul '14

03 Jul '14

Dzieje się. ---------- Treść przekazywanej wiadomości ---------- Temat: NSA targets the privacy-conscious Data: czwartek, 3 lipca 2014, 17:29:47 Od: Eugen Leitl http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html NSA targets the privacy-conscious von J. Appelbaum, A. Gibson, J. Goetz, V. Kabisch, L. Kampf, L. Ryge The investigation discloses the following: Two servers in Germany - in Berlin and Nuremberg - are under surveillance by the NSA. Merely searching the web for the privacy-enhancing software tools outlined in the XKeyscore rules causes the NSA to mark and track the IP address of the person doing the search. Not only are German privacy software users tracked, but the source code shows that privacy software users worldwide are tracked by the NSA. Among the NSA's targets is the Tor network funded primarily by the US government to aid democracy advocates in authoritarian states. The XKeyscore rules reveal that the NSA tracks all connections to a server that hosts part of an anonymous email service at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) in Cambridge, Massachusetts. It also records details about visits to a popular internet journal for Linux operating system users called "the Linux Journal - the Original Magazine of the Linux Community", and calls it an "extremist forum". Disclosure Three authors of this investigation have personal and professional ties to the Tor Project, an American company mentioned within the following investigation. Jacob Appelbaum is a paid employee of the Tor Project, Aaron Gibson is a paid contractor for the Tor Project, and Leif Ryge is a volunteer contributor to various Tor-related software projects. Their research in this story is wholly independent from the Tor Project and does not reflect the views of the Tor Project in any way. During the course of the investigation, it was further discovered that an additional computer system run by Jacob Appelbaum for his volunteer work with helping to run part of the Tor network was targeted by the NSA. Moreover, all members of this team are Tor users and appear to be have been targets of the mass surveillance described in the investigation. It is a small server that looks like any of the other dozens in the same row. It is in a large room devoted to computers and computer storage, just like every other room in this industrial park building on Am Tower Street just outside the city of Nuremberg. That the grey building is surrounded by barbed wire seems to indicate that the servers' provider is working hard to secure their customers' data. Yet despite these efforts, one of the servers is targeted by the NSA. The IP address 212.212.245.170 is explicitly specified in the rules of the powerful and invasive spy software program XKeyscore. The code is published here exclusively for the first time. After a year of NSA revelations based on documents that focus on program names and high-level Powerpoint presentations, NDR and WDR are revealing NSA source code that shows how these programs function and how they are implemented in Germany and around the world. Months of investigation by the German public television broadcasters NDR and WDR, drawing on exclusive access to top secret NSA source code, interviews with former NSA employees, and the review of secret documents of the German government reveal that not only is the server in Nuremberg under observation by the NSA, but so is virtually anyone who has taken an interest in several well-known privacy software systems. The NSA program XKeyscore is a collection and analysis tool and "a computer network exploitation system", as described in an NSA presentation. It is one of the agency’s most ambitious programs devoted to gathering "nearly everything a user does on the internet." The source code contains several rules that enable agents using XKeyscore to surveil privacy-conscious internet users around the world. The rules published here are specifically directed at the infrastructure and the users of the Tor Network, the Tails operating system, and other privacy-related software. Tor, also known as The Onion Router, is a network of several thousand volunteer-operated servers, or nodes, that work in concert to conceal Tor users' IP addresses and thus keep them anonymous while online. Tails is a privacy-focused GNU/Linux-based operating system that runs entirely from an external storage device such as a USB stick or CD. It comes with Tor and other privacy tools pre-installed and configured, and each time it reboots it automatically wipes everything that is not saved on an encrypted persistent storage medium. Normally a user's online traffic - such as emails, instant messages, searches, or visits to websites - can be attributed to the IP address assigned to them by their internet service provider. When a user goes online over the Tor Network, their connections are relayed through a number of Tor nodes using another layer of encryption between each server such that the first server cannot see where the last server is located and vice-versa. Tor is used by private individuals who want to conceal their online activity, human rights activists in oppressive regimes such as China and Iran, journalists who want to protect their sources, and even by the U.S. Drug Enforcement Agency in their efforts to infiltrate criminal groups without revealing their identity. The Tor Project is a non-profit charity based in Massachusetts and is primarily funded by government agencies. Thus it is ironic that the Tor Network has become such a high-priority target in the NSA's worldwide surveillance system. As revealed by the British newspaper The Guardian, there have been repeated efforts to crack the Tor Network and de-anonymize its users. The top secret presentations published in October last year show that Tor is anathema to the NSA. In one presentation, agents refer to the network as "the king of high-secure, low-latency internet anonymity". Another is titled "Tor Stinks". Despite the snide remarks, the agents admit, "We will never be able to de-anonymize all Tor users all the time". The former NSA director General Keith Alexander stated that all those communicating with encryption will be regarded as terror suspects and will be monitored and stored as a method of prevention, as quoted by the Frankfurter Allgemeine Zeitung in August last year. The top secret source code published here indicates that the NSA is making a concerted effort to combat any and all anonymous spaces that remain on the internet. Merely visiting privacy-related websites is enough for a user's IP address to be logged into an NSA database. An examination of the XKeyscore rules published here goes beyond the slide presentation and provides a window into the actual instructions given to NSA computers. The code was deployed recently and former NSA employees and experts are convinced that the same code or similar code is still in use today. The XKeyscore rules include elements known as "appids", "fingerprints", and "microplugins". Each connection a user makes online - to a search engine, for example - can be assigned a single appid and any number of fingerprints. Appids are unique identifiers for a connection in XKeyscore. Appid rules have weights assigned to them. When multiple appids match a given connection, the one with the highest weight is chosen. Microplugins may contain software written in general-purpose programming languages, such as C++, which can extract and store specific types of data. The rules specifically target the Tor Project's email and web infrastructure, as well as servers operated by key volunteers in Germany, the United States, Sweden, Austria, and the Netherlands. Beyond being ethically questionable, the attacks on Tor also raise legal concerns. The IP addresses of Tor servers in the United States are amongst the targets, which could violate the fourth amendment of the US constitution. The German attorney Thomas Stadler, who specializes in IT law, commented: "The fact that a German citizen is specifically traced by the NSA, in my opinion, justifies the reasonable suspicion of the NSA carrying out secret service activities in Germany. For this reason, the German Federal Public Prosecutor should look into this matter and initiate preliminary proceedings." One of NSA's German targets is 212.212.245.170. The string of numbers is an IP address assigned to Sebastian Hahn, a computer science student at the University of Erlangen. Hahn operates the server out of a grey high-security building a few kilometers from where he lives. Hahn, 28 years old and sporting a red beard, volunteers for the Tor Project in his free time. He is especially trusted by the Tor community, as his server is not just a node, it is a so-called Directory Authority. There are nine of these worldwide, and they are central to the Tor Network, as they contain an index of all Tor nodes. A user's traffic is automatically directed to one of the directory authorities to download the newest list of Tor relays generated each hour. Quellcode NSA "anonymizer/tor/node/authority" fingerprint. Hahn's predecessor named the server Gabelmoo, or Fork Man, the nickname of a local statue of Poseidon. After a look at the NSA source code, Hahn quickly found his server's name listed in the XKeyscore rules. "Yes, I recognize the IP address of my Tor server called 'gabelmoo'." he said. "Millions of people use it to stay safe online, and by watching the server and collecting metadata about its users, those people are put at risk." The rule shown to Hahn, published below, has a fingerprint called 'anonymizer/tor/node/authority'. The fingerprint targets users who connect to Gabelmoo and other Tor Directory Authority servers. In Germany, the Tor Directory Authorities like Gabelmoo that are specifically targeted by XKeyscore rules are in Berlin and Nuremberg. Additional targets are located in Austria, Sweden, the United States, and the Netherlands. Quellcode NSA Fragments of XKeyscore rules targetting Tor directory authorities. The expression below performs essentially the same function, but it specifies the Tor directory authorities located in Five Eyes countries (Australia, Canada, New Zealand, the United Kingdom and the United States) separately from those in other countries. As the comment explains, the "goal is to find potential Tor clients connecting to the Tor directory servers." Another rule catalogs users connecting to known Tor relays. This is not difficult, because the addresses of all normal Tor relays are published by the directory authorities so that the Tor software on users' computers can select its own path through the network. In addition to the public relays, connections characterized as Tor based on protocol identifiers are also cataloged. Not only Metadata Internet service providers in countries with strong censorship such as China and Iran frequently block connections to known Tor relays. To avoid this blocking, The Tor Project maintains a list of non-public relays called "bridges" to allow users to avoid this type of blocking. Bridges are run by volunteers and they share the details with the Tor Project to help censored users reach the internet. Quellcode NSA Microplugin which extracts bridge addresses from the full text of Tor Project emails. Users can request a bridge address via email or on the web. The following fingerprints show two ways that XKeyscore attempts to track Tor bridge users. First, the fingerprint "anonymizer/tor/bridge/tls" records connections to the bridges.torproject.org server. Second, in order obtain the actual bridge addresses for the purpose of tracking connections to them in the future, the "microplugin" fingerprint called "anonymizer/tor/bridge/email" extracts data from the body of the emails that the Tor Project sends to its users. This code demonstrates the ease with which an XKeyscore rule can analyze the full content of intercepted connections. The fingerprint first checks every message using the "email_address" function to see if the message is to or from "bridges(a)torproject.org". Next, if the address matched, it uses the "email_body" function to search the full content of the email for a particular piece of text - in this case, "https://bridges.torproject.org/". If the "email_body" function finds what it is looking for, it passes the full email text to a C++ program which extracts the bridge addresses and stores them in a database. Quellcode NSA Fingerprint to identify visitors to the Tor Project website. The full content of the email must already be intercepted before this code can analyze it. XKeyscore also keeps track of people who are not using Tor, but who are merely visiting The Tor Project's website (www.torproject.org), as this rule demonstrates: Quellcode NSA Rules targeting people viewing the Tails or Linux Journal websites, or performing Tails-related web searches. It is interesting to note that this rule specifically avoids fingerprinting users believed to be located in Five Eyes countries, while other rules make no such distinction. For instance, the following fingerprint targets users visiting the Tails and Linux Journal websites, or performing certain web searches related to Tails, and makes no distinction about the country of the user. The comment in the source code above describes Tails as "a comsec mechanism advocated by extremists on extremist forums". In actuality, the software is used by journalists, human rights activists, and hundreds of thousands of ordinary people who merely wish to protect their privacy. The rules related to Tails clearly demonstrate how easily web searches and website visits can be spied on by XKeyscore. On June 25, 2014, the United States Supreme Court noted how sensitive this type of information is in their Riley v. California decision against warrantless searches of mobile phones: "An Internet search and browsing history [...] could reveal an individual’s private interests or concerns - perhaps a search for certain symptoms of disease, coupled with frequent visits to WebMD." Quellcode NSA C++ program which searches "raw traffic" for .onion addresses. In addition to anonymous internet access, Tor also provides a mechanism for hosting anonymous internet services called "Hidden Services". These sites' URLs contain a domain name in the pseudo-top-level-domain ".onion" which is only accessible using Tor. The code shown below finds and catalogs URLs for these sites which XKeyscore sees in "raw traffic", creating a unique fingerprint for each onion address. Each .onion address found in raw traffic is extracted and stored in an NSA database: Quellcode NSA "anonymizer/mailer/mixminion" appid matching all connections to 128.31.0.34. There are also rules that target users of numerous other privacy-focused internet services, including HotSpotShield, FreeNet, Centurian, FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion as well as its predecessor MixMaster. The appid rule for MixMinion is extremely broad as it matches all traffic to or from the IP address 128.31.0.34, a server located on the MIT campus. That server is operated by the Tor Project's leader Roger Dingledine, an MIT alumnus. The machine at this IP address provides many services besides MixMinion, and it is also one of the above-mentioned Tor directory authorities. Dingledine said "That computer hosts many websites, ranging from open source gaming libraries to the Privacy Enhancing Technologies Symposium website." Sebastian Hahn, the Tor volunteer who runs Gabelmoo, was stunned to learn that his hobby could interest the NSA: "This shows that Tor is working well enough that Tor has become a target for the intelligence services. For me this means that I will definitely go ahead with the project.” When asked for a reaction to the findings, the Tor Project's Roger Dingledine stated the following: "We've been thinking of state surveillance for years because of our work in places where journalists are threatened. Tor's anonymity is based on distributed trust, so observing traffic at one place in the Tor network, even a directory authority, isn't enough to break it. Tor has gone mainstream in the past few years, and its wide diversity of users - from civic-minded individuals and ordinary consumers to activists, law enforcement, and companies - is part of its security. Just learning that somebody visited the Tor or Tails website doesn't tell you whether that person is a journalist source, someone concerned that her Internet Service Provider will learn about her health conditions, or just someone irked that cat videos are blocked in her location. Trying to make a list of Tor's millions of daily users certainly counts as wide scale collection. Their attack on the bridge address distribution service shows their "collect all the things" mentality - it's worth emphasizing that we designed bridges for users in countries like China and Iran, and here we are finding out about attacks by our own country. Does reading the contents of those mails violate the wiretap act? Now I understand how the Google engineers felt when they learned about the attacks on their infrastructure.” NDR and WDR wanted to know from the NSA how it justified attacking a service funded by the U.S. government, under what legal authority Tor Network users are monitored, and whether the German government has any knowledge of the targeting of servers in Germany. Instead of adressing the questions repeatedly posed to them, the NSA provided the following statement: "In carrying out its mission, NSA collects only what it is authorized by law to collect for valid foreign intelligence purposes - regardless of the technical means used by foreign intelligence targets. The communications of people who are not foreign intelligence targets are of no use to the agency. In January, President Obama issued U.S. Presidential Policy Directive 28, which affirms that all persons - regardless of nationality - have legitimate privacy interests in the handling of their personal information, and that privacy and civil liberties shall be integral considerations in the planning of U.S. signals intelligence activities. The president's directive also makes clear that the United States does not collect signals intelligence for the purpose of suppressing or burdening criticism or dissent, or for disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion. XKeyscore is an analytic tool that is used as a part of NSA's lawful foreign signals intelligence collection system. Such tools have stringent oversight and compliance mechanisms built in at several levels. The use of XKeyscore allows the agency to help defend the nation and protect U.S. and allied troops abroad. All of NSA's operations are conducted in strict accordance with the rule of law, including the President's new directive." However, the research contradicts the United States' promise to Germany that German citizens are not surveiled without suspicion. Using Tor in Germany does not justify targeting someone, the German attorney Thomas Stadler states: "Tor users do not breach any laws, it is absolutely legitimate to act anonymously on the internet. There are many good reasons to remain anonymous." What is deep packet inspection? Deep Packet Inspection, or DPI, refers to the class of technology which examines the content of data packets as they travel across a network. A packet is the fundamental unit of transfer in packet switched networks like the internet. While DPI is commonly used by organizations to monitor their own networks, its use on public networks for censorship and surveillance has been widely condemned by privacy advocates and the United States government alike. In 2012, the head of the U.S. Delegation to the World Conference on International Telecommunications, U.S. Ambassador Terry Kramer, said “some companies have used deep packet inspection technologies to not look at aggregate customer information, traffic information, et cetera, but to look at individual customer information. So looking at individuals and what sites they’re on and how much capacity they’re using, et cetera, as you can imagine, we’re very much opposed to that because we feel that’s a violation of people’s privacy and gets into, obviously, censorship, et cetera”. Despite its public political condemnations of invasive DPI use, the United States "Intelligence Community" and its "Five Eyes" partners (Australia, Canada, New Zealand, and the United Kingdom) operate massive internet-scale DPI systems themselves, including XKeyscore. The use of XKeyscore is not limited to these partners, however. The software has been shared with the German BND and BfV, as well as the Swedish FRA, amongst others. Active vs Passive XKeyscore and the systems that feed it are considered "passive", meaning that they silently listen but do not transmit anything on the networks that they are targeting. However, through a process known as "tipping", data from these programs can trigger other systems which perform "active" attacks. Quantum is a family of such programs, including Quantuminsert, Quantumhand, Quantumtheory, Quantumbot, and Quantumcopper, which are used for offensive computer intrusion. Turmoil, Quantum, and other components of the Turbulence architecture are running at so-called "defensive sites" including the Ramstein Air Force base in Germany, Yokota Air Force base in Japan, and numerous military and non-military locations within the United States. Both Turmoil and XKeyscore feed selected data to real-time "tipping" programs, such as Trafficthief, which can both alert NSA analysts when their targets are communicating and trigger other software programs. Selected data is "promoted" from the local XKeyscore data store to the NSA's so-called "corporate repositories" for long term storage, analysis and exploitation. More information about XKeyscore In 2013, the British newspaper The Guardian revealed that by 2008 more than 150 internet surveillance facilities around the world were running the XKeyscore Deep Packet Inspection software. All of the internet traffic observed by XKeyscore, both metadata and full content, is analyzed and stored temporarily at the collection sites for periods ranging from days to weeks, while selected data is forwarded on to other locations for long-term storage. The storage, indexing, and querying functions are performed at or near the collection sites because the volume of data being collected is too large to forward everything back to facilities in other countries. Analysts working from various locations around the world may search specific XKeyscore sites, or send their queries to a collection of sites. XKeyscore provides a modular architecture in which tens of thousands of small computer programs, or rules, written in XKeyscore's specialized programming languages called Genesis and XKScript as well as general-purpose languages such as C++ and Python, are run against all traffic to categorize it and extract data. This indexing of the "full take" allows analysts to query the temporary storage stored at the XKeyscore site, effectively sifting through already pilfered communications which occurred before they had deemed them interesting for a specific reason. XKeyscore can be fed by several different programs, including Wealthycluster and Turmoil. These programs "sessionize" the data, which means that individual connections, such as a request for a web page, are reconstructed from the stream of intercepted packets. Locations where the NSA runs XKeyscore include Special Source Operations (SSO) sites, typically found at or near major telecommunication providers' infrastructure; Special Collection Service (SCS) sites, usually located inside diplomatic facilities like embassies and consulates; and FORNSAT sites where satellite communications are intercepted. All of these types of sites are known to exist in Germany. Other "Five Eyes" partners also operate XKeyscore installations. The United Kingdom's Tempora program runs the largest instance of XKeyscore. Both the software itself and limited access to NSA databases have been shared with so-called "3rd party" partners including Germany. The German foreign intelligence agency BND and the domestic intelligence agency BfV are testing the Software. ----------------------------------------- -- Pozdr rysiek

4 3

Fwd: Re: [tor-talk] Tor Exit Operator convicted in Austrian lower court
by rysiek 03 Jul '14

03 Jul '14

Więcej o wyroku co do Tor exit node w Austrii. ---------- Treść przekazywanej wiadomości ---------- Temat: Re: [tor-talk] Tor Exit Operator convicted in Austrian lower court Data: piątek, 4 lipca 2014, 01:34:02 Od: Zenaan Harkness (Thread start: https://lists.torproject.org/pipermail/tor-talk/2014-July/033573.html ) On 7/3/14, Anders Andersson <pipatron(a)gmail.com> wrote: > On Thu, Jul 3, 2014 at 5:53 AM, Moritz Bartl <moritz(a)torservers.net> wrote: >> On 07/02/2014 11:00 PM, Anders Andersson wrote: >>> Unfortunately he doesn't seem to want to take this further, so the >>> ruling will stand. It's his choice, but it could be a very bad >>> deterrent to other potential exit node operators in Austria. >> >> We are in contact with William, and quite possibly there is the option >> of following this further with another Austrian operator who >> self-reports himself, with our help. Please everyone give us time to >> look into this together with some lawyers. > > Thank you! That's amazing! I'm quite sure that the support you get > from the Tor community when running an exit node really helps in > giving people the courage to do so. Agreed, great news. In hindsight, it is clear that we as a community have an interest to build a resource of amicus curiae briefs - friend of the court briefs. So PLEASE make moves in the direction of contributing and collecting documents which may be relevant to future cases - at the least a simple collection of legal docs. We have an interest in protecting our free-speech networks (Tor, I2P etc), legally as well as technologically and politically. The Torproject.org website does a good job IMHO of presenting the social case for free-speech networks. No matter the circumstances of a particular case (a particular free speech node operator), we the global free-speech promoting and free-speech facilitating community, have an interest to advise the courts regarding matters of technology and free speech, in order to maximise the sanity of the outcomes brought about by our courts (and yes, another operators courts are as good as mine, in terms of global impact). For example a tor-network node operator charged for actual illegal activity, should not cause legal suppression of free-speech networks in general. To kick things off, here's the gist of what I have in mind (this is in no way directly responsive to the case that started this thread, which I know nothing about): " In this matter an individual has been charged with a [criminal] offence. The case of a matter of an individual committing a proven criminal defamation or incitement must not be used by the court to suppress free speech generally by way of the court's power of judicial sanction. Similarly in this case the [Defendant] was the operator of a 'digital communications facility' which facility was a node in a free-speech network, in particular the [Tor|I2P} free speech network; where the operator is found by this court to have committed unlawful acts, then this court must only target those unlawful acts when it makes its determinations, by way of this court's power of judicial sanction exercised according to law; and this court must not reach beyond those unlawful acts in its determinations/ rulings/ sanctions; if the court exercises its power in reaching beyond those unlawful acts then such exercise of judicial power is likely to undermine confidence in the court by all other operators of the free-speech network and by users of the free speech network. A ruling by this court will be seen by many humans around the world, both operators of free speech nodes in the free speech networks, as well as by users and by potential users of free speech networks around the world. In this case, the rulings of this court are visible globally, and shall be watched by many; there is therefore a great burden upon this court in this case, and this court therefore has a special duty of care when it makes its rulings/ determinations, to be conservative and cautious, in particular regarding any general deterrents this court might ordinarily be minded to create by its rulings which deterrents might unintentionally dampen confidence in this court and/ or confidence in the courts generally to protect our human rights including freedom of communication. This court must be especially careful in its rulings in this matter, since the court is in a position to bring about chilling effects upon the liberties of not only those humans within its immediate jurisdictions, but also upon the broader global community. " (A glosary, localisation, much enhancement and other legal polishing would be required of course, along with subroutined/ separate submissions regarding each relevant law, and regarding each relevant precedent in the jurisdiction in question and/ or in jurisdictions relevant (some cases/precedents are so poignant, so timeless, that they apply all over the world, e.g. the Credit River Decision, as well as the trial of William Penn).) Such advice or briefs to the court are ideally tailored to each particular country/jurisdiction. However, even a brief prepared for some country other than the country at issue, is likely to be useful to those attempting to create a brief for a particular case in another country, and may even be directly useful as a filing in its own right, at least if the language is the same :) Regarding the filing of briefs, we need standing to file; that is, we need an interest in the matter which interest is seen by the court. In some countries particular organisations may be ideal for the filing of such briefs, such as the FSF and EFF (USA) and EFA (Australia). In other countries, if there is no directly applicable organisation, then a "designated representative of the Torproject" who is resident in that country, may have standing to make such a filing. Alternatively, a local human-rights-friendly politician may be amenable to making the filing on behalf of their constituent(s) (that's us). Finally, in general any individual should have standing to make such a filing, since we have an interest in our own human rights - free speech is a fundamental human right - so we should also aim for the preparation and collection of briefs file-able by ourselves. Take notice, we HAVE A DUTY OF CARE to each other, and to the broader community, to contact Torproject and/ or others in this community, if ever we find ourselves in a court case involving the operation of any free speech network node (I2P, Tor, exit or relay), in order that those in the community who have an interest, ie the rest of us (at least those of us in the same country), are given the opportunity to make our interest known to the respective court(s) in that jurisdiction, by way of filing appropriate and standardized briefs. Zenaan ----------------------------------------- -- Pozdr rysiek

1 0

Fwd: Court – Official statement part #1
by rysiek 02 Jul '14

02 Jul '14

Cześć, Wyrok za hostowanie Tor exit node'a. :/ ---------- Treść przekazywanej wiadomości ---------- Temat: Court – Official statement part #1 Data: środa, 2 lipca 2014, 18:41:25 Od: Eugen Leitl <eugen(a)leitl.org> Do: tor-talk(a)lists.torproject.org, cypherpunks(a)cpunks.org Apologies, not sure this has been posted already in the thread, I'm backlogged. https://rdns.im/court-official-statement-part-1 Court – Official statement part #1 Posted on July 2, 2014 by Will As seen possibly here, or here i lost the Tor case and was sentenced to 3 years probation (instead of 3 months jail) and all fees (court and experts, Assumption ~30000EUR, not less than 20k for sure). The sentence is based on §12 which allows for anyone to be dealt with as perpetrator (which is a pretty dictatorial law IMO) and this is based on that i knew it *could* possibly be used for criminal activity (in this case child pornography). I won’t write much more yet before i have the written ruling (i do not even know my probation terms yet) but merely want to explain why i won’t appeal this sentence: First would be that I simply can’t afford it anymore, donations covered a lot of lawyer fees but i had to use my entire money on this case as well, i’m now bankrupt and the garnishment (a rare word, DE: Pfändung) of my income (to pay the 20k+ costs) does not help with it either. I have high medical costs as well besides which are more important. I’m not really interested in more external funding due to taxation issues with larger amounts (and i do not want *another* crime on me). – Second is that i just want to be done with this, i had now years of “issues” (i would write “harassment” but then i get sued again for sure) (Ex: Citing my boss to the police for questioning (x3); physically monitoring my boss in Vienna; citing friends to the police for questioning (x2); confiscation of bank transaction data; Polish extradiction threats for hacking cases there (x2); citing me for useless questioning causing lawyer costs (x5+) etc. etc.) – It’s now finally over and besides the cost i CAN live with this sentence, it does not show up in police registers and won’t be an issue for work and alike in the future. – Third is the mental component, this years of “horror” changed a lot up to me being hospitalized (x3…) with paranoid schizophrenia (which was a wrong diagnosis, but still it’s not helpful if you HAVE to assume permanent monitoring of everything), PTSD (among other issues) and now taking medication – It took it’s toll, including me getting fired for being in the clinic/sick stay for a long time, i just can’t afford to loose my job or go the clinic again even if i actually should be still there. – Fourth is the attention, media and personal – I don’t really like any attention on myself, especially when others should get it (like some public cause, Pirateparty or alike). – So this is it for now, stay tuned for more in a few days. ----------------------------------------- -- Pozdr rysiek

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

General