Archive for the 'Geekn' Category

Automatic Touch

Sunday, April 10th, 2011

Share/Save

Brainbow

Friday, December 10th, 2010

Defective By Design on iPhone

Friday, July 11th, 2008

Defective by design have just sent out a call to not buy the new iPhone. Lets pull it to bits:

=================================
DefectiveByDesign.org DefectiveByDesign.org
=================================
The 5 real reasons to avoid iPhone 3G

* iPhone completely blocks free software. Developers must pay a tax to Apple, who becomes the sole authority over what can and can’t be on everyone’s phones.

The iPhone OS has been reverse engineered, by people who are not defeatists. There are literally millions of Jailbroken iPhones in circulation, all of them making and receiving phone calls and running free software, the source for which is available under the GPL. Instead of complaining about this brilliant hardware platform, perhaps Defective By Design should spend time developing or promoting the development of software for the iPhone so that they can realize their goals. Certainly, asking people not to buy an iPhone is not going to work in any meaningful way.

* iPhone endorses and supports Digital Restrictions Management (DRM) technology.

Once again, this is solved by writing software, not by complaining.

* iPhone exposes your whereabouts and provides ways for others to track you without your knowledge.

ALL cellular telephones do this. If this is the level of expertise that these people have then their movement is doomed.

* iPhone won’t play patent and DRM-free formats like Ogg Vorbis and Theora.

Then write a player for it. Even better; why don’t you port Videolan to iPhone and distribute it via Installer.APP? You would have access to millions of users in a very short amount of time, and you would not be exposing yourself to legal attack from Apple, because someone else is actively developing Installer.APP and its ecosystem; you would be interfacing with the iPhone community by that means and not directly. It could not be easier for you. The development tools are out there, the source for robust players to decode the formats you love is available, all it takes is the will to do it or to pay someone else to do it if it is that important.

There are alot of things that the iPhone cannot do, and you can solve any of them that you like, by writing some software.

* iPhone is not the only option. There are better alternatives on the horizon that respect your freedom, don’t spy on you, play free media formats, and let you use free software — like the FreeRunner (http://www.openmoko.com).

A phone in the hand is better than two on the horizon. Especially if you want to make phone calls. And I would love to see how those ‘on the horizon’ phones connect to the GSM network without knowing where you and your phone are.

We can trade our freedom and our money to get something flashy on the surface, or we can spend a little more money, keep our freedom, and support a better kind of business. If we want businesses to be ethical, we have to reward the ones that are. By not enriching companies that want to take away our freedom and by rewarding those that respect us, we will be helping to bring about a better future.

OR we can use our imagination and expertise to fix the problems in products like the iPhone so that they work in the way that they want, give us the shiny phone we want, AND preserve our freedom. We can have our cake and eat it. This has been very successfully done by the people who have created the Jailbroken iPhone community. Really, you should understand this.

In solidarity,

John, Josh, Matt, and Peter

Calling for solidarity, demonstrations, boycotts are all fine, but in the end, it is the people who have an imagination that make a difference in the world. The Jailbreaking of the iPhone is a perfect example of how active people with skill and imagination can force change to happen. The only reason why Apple is allowing developers to write native software for the iPhone is the explosive and unprecedented success of Jailbreaking and Installer.APP. Everyone knows that 25% of all iPhones in circulation have been jailbroken. Because of their work, there are more telephones running free software than ever before, and this will continue with the new iPhone. Because of their work, the iPhone is now open to developers through the closed system, whereas before Apple wanted everyone to develop web apps that ran in Safari. Because of their work we now have a platform that will ensure that the iPhone is always open to developers of free software going forward.

At the end of the day, all the complaining in the world will not stop DRM. Only the writing of software will defeat it.

What we have to ask is this; what are you actually offering? You are not offering any solutions, you are not offering any new philosophy or any sort of strategy that will produce results, and you are completely ignoring the heroic work of the Jailbreakers and the millions of phones they have liberated as if it has not happened at all.

That is odd, to say the least.

The death of the internet: what we will do to fix it

Thursday, June 12th, 2008

If Internet 2 comes about as everyone fears it might, how can we respond to its built in restrictions? What can we do to maintain the current openness of the internet we know and love so that anyone can have a site, publish what they like on it and make it available to anyone, anywhere for free?

Lets take a look.

The threat:

ISP’s have resolved to restrict the Internet to a TV-like subscription model where users will be forced to pay to visit selected corporate websites by 2012, while others will be blocked, according to a leaked report. Despite some people dismissing the story as a hoax, the wider plan to kill the traditional Internet and replace it with a regulated and controlled Internet 2 is manifestly provable.

“Bell Canada and TELUS (formerly owned by Verizon) employees officially confirm that by 2012 ISP’s all over the globe will reduce Internet access to a TV-like subscription model, only offering access to a small standard amount of commercial sites and require extra fees for every other site you visit. These ‘other’ sites would then lose all their exposure and eventually shut down, resulting in what could be seen as the end of the Internet,” warns a report that People have raised questions about the report’s accuracy because the claims are not backed by another source, only the “promise” that a Time Magazine report is set to confirm the rumor. Until such a report emerges many have reserved judgment or outright dismissed the story as a hoax.

What is documented, as the story underscores, is the fact that TELUS’ wireless web package allows only restricted pay-per-view access to a selection of corporate and news websites. This is the model that the post-2012 Internet would be based on.

People have noted that the authors of the video seem to be more concerned about getting people to subscribe to their You Tube account than fighting for net neutrality by prominently featuring an attractive woman who isn’t shy about showing her cleavage. The vast majority of the other You Tube videos hosted on the same account consist of bizarre avante-garde satire skits on behalf of the same people featured in the Internet freedom clip. This has prompted many to suspect that the Internet story is merely a stunt to draw attention to the group.

Whether the report is accurate or merely a crude hoax, there is a very real agenda to restrict, regulate and suffocate the free use of the Internet and we have been documenting its progression for years.

The first steps in a move to charge for every e mail sent have already been taken. Under the pretext of eliminating spam, Bill Gates and other industry chieftains have proposed Internet users buy credit stamps which denote how many e mails they will be able to send. This of course is the death knell for political newsletters and mailing lists.

The New York Times reported that “America Online and Yahoo, two of the world’s largest providers of e-mail accounts, are about to start using a system that gives preferential treatment to messages from companies that pay from 1/4 of a cent to a penny each to have them delivered. The senders must promise to contact only people who have agreed to receive their messages, or risk being blocked entirely.”

The first wave will simply attempt to price people out of using the conventional Internet and force people over to Internet 2, a state regulated hub where permission will need to be obtained directly from an FCC or government bureau to set up a website.

The original Internet will then be turned into a mass surveillance database and marketing tool. The Nation magazine reported in 2006 that, “Verizon, Comcast, Bell South and other communications giants are developing strategies that would track and store information on our every move in cyberspace in a vast data-collection and marketing system, the scope of which could rival the National Security Agency. According to white papers now being circulated in the cable, telephone and telecommunications industries, those with the deepest pockets–corporations, special-interest groups and major advertisers–would get preferred treatment. Content from these providers would have first priority on our computer and television screens, while information seen as undesirable, such as peer-to-peer communications, could be relegated to a slow lane or simply shut out.”

Over the past few years, a chorus of propaganda intended to demonize the Internet and further lead it down a path of strict control has spewed forth from numerous establishment organs:

  • Time magazine reported last year that researchers funded by the federal government want to shut down the internet and start over, citing the fact that at the moment there are loopholes in the system whereby users cannot be tracked and traced all the time.
  • The projects echo moves we have previously reported on to clamp down on internet neutrality and even to designate a new form of the internet known as Internet 2.

  • In a display of bi-partisanship, there have recently been calls for all out mandatory ISP snooping on all US citizens by both Democrats and Republicans alike.
  • The White House’s own recently de-classified strategy for “winning the war on terror” targets Internet conspiracy theories as a recruiting ground for terrorists and threatens to “diminish” their influence.
  • The Pentagon recently announced its effort to infiltrate the Internet and propagandize for the war on terror.
  • In a speech last October, Homeland Security director Michael Chertoff identified the web as a “terror training camp,” through which “disaffected people living in the United States” are developing “radical ideologies and potentially violent skills.” His solution is “intelligence fusion centers,” staffed by Homeland Security personnel which will go into operation next year.
  • The U.S. Government wants to force bloggers and online grassroots activists to register and regularly report their activities to Congress. Criminal charges including a possible jail term of up to one year could be the punishment for non-compliance.
  • A landmark legal case on behalf of the Recording Industry Association of America and other global trade organizations seeks to criminalize all Internet file sharing of any kind as copyright infringement, effectively shutting down the world wide web – and their argument is supported by the U.S. government.
  • A landmark legal ruling in Sydney goes further than ever before in setting the trap door for the destruction of the Internet as we know it and the end of alternative news websites and blogs by creating the precedent that simply linking to other websites is breach of copyright and piracy.
  • The European Union, led by former Stalinist and potential future British Prime Minister John Reid, has also vowed to shut down “terrorists” who use the Internet to spread propaganda.
  • The EU data retention bill, passed last year after much controversy and with implementation tabled for late 2007, obliges telephone operators and internet service providers to store information on who called who and who emailed who for at least six months. Under this law, investigators in any EU country, and most bizarrely even in the US, can access EU citizens’ data on phone calls, SMS messages, emails and instant messaging services.
  • The EU also recently proposed legislation that would prevent users from uploading any form of video without a license.
  • The US government is also funding research into social networking sites and how to gather and store personal data published on them, according to the New Scientist magazine. “At the same time, US lawmakers are attempting to force the social networking sites themselves to control the amount and kind of information that people, particularly children, can put on the sites.”

The development of a new form of internet with new regulations is also designed to create an online caste system whereby the old internet hubs would be allowed to break down and die, forcing people to use the new taxable, censored and regulated world wide web.

Make no mistake, the internet, one of the greatest outposts of free speech ever created is under constant attack by powerful people who cannot operate within a society where information flows freely and unhindered. Both American and European moves mimic stories we hear every week out of state controlled Communist China, where the internet is strictly regulated and virtually exists as its own entity away from the rest of the web.

The Internet is freedom’s best friend and the bane of control freaks. Its eradication is one of the short term goals of those that seek to centralize power and subjugate their populations under tyranny by eliminating the right to protest and educate others by the forum of the free world wide web.

has spread like wildfire across the web over the last few days.

The article, which is accompanied by a You Tube clip, states that Time Magazine writer “Dylan Pattyn” has confirmed the information and is about to release a story – and that the move to effectively shut down the web could come as soon as 2010.

[…]

http://prisonplanet.com/articles/june2008/061108_kill_internet.htm

The answer to this comes from the time before the internet was in every house; the era of the ‘BBS‘ or ‘Bulletin board system’.

If you are old enough to know about dialing up Bulletin Board Systems, you will understand how the way out of Internet 2 will work. For those of you who never used a BBS, or heard of a BBS, it was the way people connected to each other (mostly email) before ‘teh internetz’.

Bulletin Board Systems worked over very slow modems and computers that were, by today’s standards, beyond a joke. Mobile phones of today have more storage space, display resolution, bandwidth and processor power than the machines that ran BBSes. Many of the software clients ran in DOS, it cost you money every time you wanted to get your mail because you had to dial a land line telephone number to connect to someone else’s desktop computer to collect your messages, which you read in an ‘offline news reader‘ like BlueWave. The computers running the news and mail networks were mostly privately owned, run in peoples houses on ordinary telephone lines. The storage these computers had was literally tiny by today’s standards; the biggest BBSes had a few tens of gigabytes of storage.

Most of the mail traffic on these systems was text. Because people had to dial up over telephone lines, sending images or large files in the mail system Fidonet was strictly forbidden; you were paying by the minute to get your mail and news, modems were very slow, averaging 2400 baud, so bandwidth had to be used efficiently. Contrast that to today, where you have always on, unlimited, high speed bandwidth.

Despite all of these restrictions, small storage, low bandwidth, high cost of connecting, computers that were hard to use, the BBS explosion caused a revolution and spawned a huge culture that even gave rise to its own forms of art. I downloaded the first version of PGP from a BBS in the USA, and so many other things…the Black Dog used to run a BBS called ‘Black Dog Towers’; I learned all of my early modern PC skills from Ken Downie…but that is another story!

The point is that BBSes were hard to create and maintain and difficult to access. Despite those difficulties a distinct and vibrant culture was created that lasted many years and touched many lives. Make no mistake; this is about culture, and who controls it.

Today, all households have computers that are more powerful than any computer that ran a BBS by orders of magnitude. The modems we have today are fast enough to transfer 24meg in a second over a copper wire. We have the means to telephone each other and leave the ‘phone off the hook’ indefinitely without incurring a by the minute charge. Software developers now have modern languages (PHP/Ruby) to develop essentially anything they can imagine. We have free operating systems (GNU/Linux) that are as sophisticated as proprietary operating systems, that are so easy to use that my 70 year old aunt can use them with no problems whatsoever. We have a pool of content creators numbering in the hundreds of millions, who are eager to write blogs, post comments on forums and do everything that the old media has seen and experienced as a direct threat to their business models, prestige and influence.

With all of these pieces in place it will be literally impossible to put the genie of internet freedom back into the bottle. When all of these very potent pieces are brought together we will be able to create a system that will circumvent the censorship of Internet 2 at a scale and with an efficiency that would make the sysops of the BBS era spontaneously combust.

We will see the birth of ‘Internet 3’ where literally hundreds of millions of personal computers will be networked together into a system that cannot be stopped without shutting down the entire world-wide telephone network. This new, permanently free internet will take the place of the old internet, discredit the legitimacy of the corporate controlled Internet 2 and ensure that freedom of the electrons is a feature of our lives for generations to come.

Of course, as our future devices become more powerful and more connected, Internet 3 will grow in power as a consequence, further cementing its pre-eminent position. There will be other consequences too. People will figure out how to make money on Internet 3, and they like Mark Shuttleworth who created the fantastically powerful and popular Ubuntu will put their billions into making the system more robust and useful. In fact, the Ubuntu story is a perfect example of how Internet 3 will come about; Shuttleworth took Debian Gnu/Linux and used it as the basis for a Linux distribution that anyone can use. In a short space of time, it has become the best Linux distribution out there, so much so, that Dell is now offering it pre-installed on its computers. Ubuntu solves the ‘proprietary Operating System problem’, the ‘Linux is not ready for the desktop problem’, and the ‘Windows Tax problem’ Superimpose this wild success and the way it was done on our ‘Internet 2 problem’, and you can begin to see how not only it can be solved, but how much success we can expect.

What would the Internet 3 user experience look like? Who knows? But at a minimum, it could work in the following way.

Users could interface with it via an application that resembles a modern browser that sits on top of your network connection, transparently peering with other users, managing bandwidth (if needed), giving you what you want while facilitating other people in getting what they want. Think of it as a very advanced browser sitting on top of a next generation Bittorrent client.

Such a piece of software, or its vastly superior decedents, and other myriad software clients that are bound to be created, would be impossible to stop, especially if everyone is using a GNU/Linux distribution, where policies of what software can or cannot be run is not under the control of a proprietary and predatory operating system vendor like Microsoft. You should read about how Trusted Computing can control what you can and cannot do with your own computer. If the lusers of this world continue to use Windows and its variants, the day will come where the state can forbid a certain piece of software from being executable on any computer and all it will take is an update from MS to kill, say, Bittorrent or its descendent. Free operating systems will be immune from this sort of control. But I digress.

We can very quickly build a world-wide, unstoppable, robust private network that will keep information absolutely free. We have the tools to do it, we have had sufficient warning, we have developers to hand, the will, the users and the software tools and hardware to make it happen.

It will happen.

Your job is to maintain and increase your computer literacy, switch to GNU/Linux and be ready to do whatever you need to do help make Internet 3 happen.

EU backs use of open-source software

Tuesday, June 10th, 2008

By James Kanter
Tuesday, June 10, 2008

BRUSSELS: The European Union’s competition commissioner, Neelie Kroes, delivered an unusually blunt rebuke to Microsoft on Tuesday by recommending that businesses and governments use software based on open standards.

Kroes has fought bitterly with Microsoft over the past four years, accusing the company of defying her orders and fining it nearly ?1.7 billion, or $2.7 billion, for violating European competition rules. But her comments were the strongest recommendation yet by Kroes to jettison Microsoft products, which are based on proprietary standards, and to use rival operating systems to run computers.

“I know a smart business decision when I see one – choosing open standards is a very smart business decision indeed,” Kroes told a conference in Brussels. “No citizen or company should be forced or encouraged to choose a closed technology over an open one.”

Kroes did not name Microsoft in advance copies of her speech, but she made her meaning clear by referring to the only company in EU antitrust enforcement history that has been fined for refusing to comply with European Commission orders – a record held by Microsoft.

“The commission has never before had to issue two periodic penalty payments in a competition case,” she said.

The EU has previously ruled against Microsoft for abusing its dominance in the markets for software to play music on computers and to communicate with powerful server computers on a network. In recent months, Kroes has opened new investigations against Microsoft after complaints that it was competing unfairly in the market for Web browsers by using the Explorer software. Kroes is also investigating whether Microsoft is making it too hard for rivals to work with its Office suite applications.

In her speech, Kroes said there were serious security concerns for governments and businesses associated with using a single software supplier. She praised the City of Munich for using software based on open standards, along with the German Foreign Ministry and the Gendarmerie Nationale, a department of the French police force.

Kroes, who is Dutch, encouraged the Dutch government and Parliament to continue moving toward use of open standards. EU agencies “must not rely on one vendor” and “must refuse to become locked into a particular technology – jeopardizing maintenance of full control over the information in its possession,” she said.

A policy by the European Commission adopted last year to promote the use of software products that support open standards “needs to be implemented with vigor,” she said.

[…]

http://www.iht.com/articles/2008/06/10/technology/msft.php

Amazing. It looks like they are finally beginning to GET IT.

Micro$oft Winblows === BAD
GNU/Linux/Gnome/Ubuntu === GOOD

M$ Office === BAD
Open Office === GOOD

.doc === BAD
.odf === GOOD

Freedom === GOOD
Slavery === BAD

Simple really!

Here comes critical mass

Saturday, June 7th, 2008

News Sniffer: So Cool!!!

Friday, May 23rd, 2008

I just came across a site called News Sniffer, whilst looking for examples of the stamps of Rudolph Hess manufactured by the Deutche Post custom stamp service. They produced twenty stamps, and that is enough to send them into a blind panic. But I digress.

New Sniffer came up in a google search and provided this page:

http://www.newssniffer.co.uk/articles/124994/diff/1/2

Which does a ‘diff’ between two different versions of a BBQ piece on this story.

Absolutely brilliant.

What this means is that we now have a service that will cache BBQ propaganda, and all of the revisions that they do to try and cover their tracks, and ramp up the lies. We can go back and see how they lie, how they censor and what a bunch of scum they really are.

News Sniffer, in addition to, “monitor(ing) corporate news organisations to uncover bias.” Tracks BBQ ‘have your say’ to see how many comments are being censored. They are currently monitoring 1,186,509 comments and found 15,120 censored.

Check out the comments that they retrieved and cached before they were censored.

And, quite appropriately, they have an image of Pinocchio in their header.

Look at this page, where an article from ‘bbc’, was first published or seen on Fri May 23 14:37:14 UTC 2008 and has 13 versions.

THIRTEEN VERSIONS IN ONE DAY.

No newspaper has the luxury of re writing their pieces THIRTEEN TIMES. Interestingly this is a story about MP’s expenses.

A fabulous idea, beautifully executed, very useful….well done boys!!!!!!!

Complete Genius of Rob Meek

Friday, May 16th, 2008

Wow
Wow3

This is a war they cannot win

Thursday, May 15th, 2008

Taking your laptop into the US? Be sure to hide all your data first

By Bruce Schneier
The Guardian
May 15 2008

Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you’re entering the country. They can take your computer and download its entire contents, or keep it for several days. Customs and Border Patrol has not published any rules regarding this practice, and I and others have written a letter to Congress urging it to investigate and regulate this practice.

But the US is not alone. British customs agents search laptops for pornography. And there are reports on the internet of this sort of thing happening at other borders, too. You might not like it, but it’s a fact. So how do you protect yourself?

Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won’t work here. The border agent is likely to start this whole process with a “please type in your password”. Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day.

You’re going to have to hide your data. Set a portion of your hard drive to be encrypted with a different key – even if you also encrypt your entire hard drive – and keep your sensitive data there. Lots of programs allow you to do this. I use PGP Disk (from pgp.com). TrueCrypt (truecrypt.org) is also good, and free.

While customs agents might poke around on your laptop, they’re unlikely to find the encrypted partition. (You can make the icon invisible, for some added protection.) And if they download the contents of your hard drive to examine later, you won’t care.

Be sure to choose a strong encryption password. Details are too complicated for a quick tip, but basically anything easy to remember is easy to guess. (My advice is at tinyurl.com/4f8z4n.) Unfortunately, this isn’t a perfect solution. Your computer might have left a copy of the password on the disk somewhere, and (as I also describe at the above link) smart forensic software will find it.

So your best defence is to clean up your laptop. A customs agent can’t read what you don’t have. You don’t need five years’ worth of email and client data. You don’t need your old love letters and those photos (you know the ones I’m talking about). Delete everything you don’t absolutely need. And use a secure file erasure program to do it. While you’re at it, delete your browser’s cookies, cache and browsing history. It’s nobody’s business what websites you’ve visited. And turn your computer off – don’t just put it to sleep – before you go through customs; that deletes other things. Think of all this as the last thing to do before you stow your electronic devices for landing. Some companies now give their employees forensically clean laptops for travel, and have them download any sensitive data over a virtual private network once they’ve entered the country. They send any work back the same way, and delete everything again before crossing the border to go home. This is a good idea if you can do it.

If you can’t, consider putting your sensitive data on a USB drive or even a camera memory card: even 16GB cards are reasonably priced these days. Encrypt it, of course, because it’s easy to lose something that small. Slip it in your pocket, and it’s likely to remain unnoticed even if the customs agent pokes through your laptop. If someone does discover it, you can try saying: “I don’t know what’s on there. My boss told me to give it to the head of the New York office.” If you’ve chosen a strong encryption password, you won’t care if he confiscates it.

Lastly, don’t forget your phone and PDA. Customs agents can search those too: emails, your phone book, your calendar. Unfortunately, there’s nothing you can do here except delete things.

I know this all sounds like work, and that it’s easier to just ignore everything here and hope you don’t get searched. Today, the odds are in your favour. But new forensic tools are making automatic searches easier and easier, and the recent US court ruling is likely to embolden other countries. It’s better to be safe than sorry.

[…]

http://schneier.com/blog/

We of course, have written about this before, September 12th 2006 to be exact, and the solution we give is more or less the same.

There is one solution however, that is not on the table in this great article; do not travel to places where these practices are in place. But that is a different blog post.

It is obvious to even the most stupid person that searching a laptop for pornography is TOTALLY STUPID. Pr0n travels over the internetz, and the really devious pr0n people use encrypted VPN to share their stuff. All these measures do is industrialize humiliation and violation. It is pointless, corrosive and the act of utterly incompetent and ignorant people.

This is a war that they will never win. Storage devices are getting bigger in capacity whilst shrinking in size, and people are getting more and more savvy about storing all their goods online; soon, many people will not use any office suites on their laptops, they will access an online office suite securely. That means they will have secure access to massive file storage, and if the files are encrypted before they are stored online, no warrant can cause them to be opened, and there will be no covert ‘sneak and peek‘ raids that obtain anything of value.

In the end, privacy will win, because the tools will make it happen. All of these insane measures simply accelerate the development of the tools and their byproduct: privacy.

Who would have thought that PGP would spread as far and wide as it has? And now, with articles like this appearing in even the shittiest of newspapers, it will spread even further, as companies demand that their laptops are locked down, and individuals start to protect themselves with these easy to use, military grade, transparent tools.

On a side note, you will see that Bruce has used a Tinyurl in this article. That is what smart people do. To my utter amazement, people who run email lists that are concerned with these issues STILL sent out alerts that have long line wrapped URLs, making them unclickable, and of course, because they are line wrapped, you cannot select them in one go, you have to select copy and paste twice. It is a minor annoyance, but it displays something about them and their attitude and level of competence. They certainly know about Tinyurl, so do they not use it because they are lazy? I think that actually, they are just plain dumb; as dumb as the people who think searching laptops at a border is a good idea, but they are batting for the other side.

I am a UNAX sysadmin

Wednesday, May 14th, 2008

By Kevin Poulsen
Threat Level
Wired.com
May 13, 2008

Five workers at the Internal Revenue Service’s Fresno, California, return processing center were charged Monday with computer fraud and unauthorized access to tax return information for allegedly peeking into taxpayers’ files for their own purposes.

“The IRS has a method for looking for unauthorized access, and it keeps audit trails, and occasionally it will pump out information about who’s done what,” says assistant U.S. attorney Mark McKoen, who’s prosecuting the cases in federal court in Fresno. “In general terms, IRS employees are only authorized to access the accounts of taxpayers who write in. They’re not allowed to access friends, relatives, neighbors, celebrities.”

With tax return information just a few keystrokes away, IRS employees succumb to curiosity often enough that the agency has its own word for such browsing: UNAX, (pronounced you-nacks) , for “unauthorized access.” In congressional testimony last month, a Treasury Department investigator said employee prying was on the rise, with 430 known cases in 1998, and 521 last year.

“Whether the intent is fraud or simply curiosity, the potential exists for unauthorized accesses to tax information of high-profile individuals and other taxpayers,” testified J. Russell George, the department’s Inspector General for Tax Administration. “The competing goals of protecting this information and achieving workplace efficiencies become even more difficult as technology becomes faster and more complex.”

The five charged this week are Corina Yepez, Melissa Moisa, Brenda Jurado, Irene Fierro and David Baker. Only 13 taxpayers were compromised — each worker allegedly peeked at one to four tax returns, in incidents from 2005 through last year.

The age of some of the incidents suggests the Inspector General’s office is breaking out new algorithms to find anomalies in audit trails going back years. The office declined to comment, as did the IRS.

Workers caught in a UNAX are typically subject to disciplinary measures like unpaid leave, and less commonly charged with misdemeanor violations of the Taxpayer Browsing Protection Act and the Computer Fraud and Abuse Act. There were 185 such prosecutions from 1998 to 2007, with offenders typically receiving probation.

http://blog.wired.com/27bstroke6/2008/05/five-irs-employ.html

This, My Friends™, is what we call ‘a gift’.

‘UNAX’….ROTFL

Sign on IRS data manager’s desk ‘I am a UNAX sysadmin’!!!

Since it is un authorized, surely it should be ‘un-acks’, not ‘you-nack’s… but that would mean we pronounce UNIX as ‘un-ix’….

but I digress…

This is what The Google provides on UNAX from the Federal Employees Discussion Board:

Topic: UNAX
jschan77
Member posted June 17, 2002 10:52 AM
I have a UNAX problem.

They pulled my transcript on the IDRS, they found where I looked up an ex. I did this without thought and and it was found. It was so long ago that I didn’t even remember it. I have to pull calendars of my own notes to see if it was a possibility.
Well, the only thing I could find is where I was changeing my sons last name and I guess I did do it.
There is another lady in my office that looked up her son, as she had a fall out a long time ago and wanted to just find him.
She received 2 days LWOP. I am told I will be getting termination papers.
She admitted to doing it and why.
I did not remember until it was brought to my attention.

I think this is unfair.

She is a person who lives by the rule of “It’s not my job” and flexs for child care.
I live by the rule of “what can I help you with” and am getting the boot.
Is there anyway I can stop this?

I’ve been told that if I go to arbitration I can get this overturned. This is a 9 month to 1 year process. Who can afford to stay off that long. I am the main bread winner of the family.

I’ve also been told that arbitration costs money and comes out of our own pocket. I am in the union, I thought they paid for it.

Can anyone help me?

Thanks you all for your input.
I appreciated all you trying to help

Unfortunately, I ened up with –
No Douglas Factors taken into consideration.
I received a 30 LWOP suspension.

I tried to go to MSPB with a copy of another persons write up in our office whom admitted to doing the same thing and they only got a write up, and theirs were done more times than mine.
They gave me this line of I worked in SB/SE and they worked in W & I is why the difference, even tho when I had the phone interview with the judge, he seemed real suprised that he had not known about the other person.

So I lost the MSPB.

Anyway, I’m just happy to be STILL working and will bite my tounge for the next 12 years and 7 months. 17 years and 5 months done.

You can bet, I won’t be that stupid again.

Again, I thank you all for listening and you suggestions.

“””BECAUZE YOU KNOW WHAT THEY LIKE TO DO WHEN YOU ARE ON A SHEIT LIST..THEY MAKE YOUR LIFE A LIVING HELL UNTIL YOU QUIT..”””

Are you aware of the illegality of what you described?

It is referred to as Constructive Discharge. You may want to read up on it so you will recognize it when it begins to happen to you or someone around you.

It appears we must tow the line and obey the laws of the land. The govt on the otherhand….

Oh dear me.

Take a look at the site, and marvel at all the acronyms; they have a language all their own, separate from the language of non-government employees (the other 50% of the population). Could this be the beginning of an HG Wells split of the human population? The first thing that would change would be the language, the loyalty, and then the rights the food the accommodation….but I digress again.

Im sure that there are many UNIX people who could make a slew of funny UNAX/IX jokes ‘for the lulz’….

Futuresonic festival hits Manchester

Saturday, May 3rd, 2008

Take part in a social music sharing event with a difference – in CD-Recycled 45rpm Aleks Kolkowski uses his vintage record cutter to ‘overwrite’ existing data and cut grooves on CDs/DVDs so they can be played on a turntable. Bring unwanted CDs/DVDs and a sound file and receive a recycled disc in return.

cdrecycled

Nice.

FLAC Off

Wednesday, April 23rd, 2008

I have often been put off downloading FLAC files as the format is not supported via iTunes, converting FLAC to mp3 is a bind to say the least, and I don’t usually listen via VLC. Poor excuses I know. So the FLAC files just sit there doing nothing on my hard drive.

Somewhat belatedly I have tried Burrrn, to copy FLAC files to audio CD. From there to mp3 is a cinch, with the bonus of having a full-quality CD to listen to ‘properly’. It is a blessing. So simple, so functional and intuitive. Another door opens.

Thank you, Matjus Vojtek.

German constitutional court creates new fundamental right to digital privacy

Monday, April 21st, 2008

February 27, 2008
(presse@ccc.de)
Today, Germanys Federal Constitutional Court, the countrys highest court, flatly rejected North Rhine-Westphalias Constitutional Protection Act, which is designed to permit the so-called online search of computers and other IT systems.

The Karlsruhe judges made it clear with their decision that the society has a legitimate interest in the confidentiality and integrity of the IT systems it increasingly depends on and that freedom of thought also exists if ideas are stored on to a computer. The Chaos Computer Club (CCC) has been demanding this right to digital privacy for over 25 years. The protection of the digital self not only affects computers but also telephones and other networked devices. “We can only hope that the politicians who only know the internet from print-outs don’t need another quarter of a century until they have taken this new fundamental right on board”, Dirk Engling, the CCCs spokesman, commented.

The constitutional court judges point out in their oral reasons for the judgement that the systematic tapping of communication data and the creation of personality profiles are serious violations of basic rights. “We assume that this judgement will also apply to the constitutional review of the Data Retention Act”, Dirk Engling said. Several constitutional complaints have been filed against the data retention that came to effect in January.

“The judges have given the lawmakers a slap in the face for allowing all kinds of information systems to be spied on, in contravention of basic rights”, Dirk Engling continued. “Spying on hard disks will only be possible within strictly defined limits. The Federal Constitutional Court has provided humanity’s virtual self with a digital protective shield.”

Analysing the data seized will also have to be based on the criteria relating to the new basic right. The investigation authorities procedures when collecting evidence by digital means must now be immediately put to the test. The searching of hard disks by private companies, which has recently become commonplace, is therefore clearly unconstitutional. The judges also determined that informational self-protection through encryption is a right that may only be abrogated under very strict conditions.

The Chaos Computer Club once again came to Karlsruhe for the delivery of the judgement with the black, red and gold Federal Trojan, which is the symbol of resistance against online searches. The Green Party, which recently attracted negative attention by waving through former interior minister Otto Schilys spying laws and endorsing the ban on hacker tools, tried to demonstrate their newly found love for digital civil rights with a vigil in front of the court. This civil rights friendly position will hopefully be maintained if the Greens get back into government.

The lawyers will turn their attention to interpreting the judgement in the next few weeks and draw the relevant conclusions. “Although the Federal Trojan was positively slaughtered, important other decisions on basic rights are imminent. However, we don’t expect Wolfgang Schuble (the Federal Interior Minister) or Dieter Wiefelsptz (the German Social Democratic Partys expert on domestic policy) to suddenly take our constitution seriously. The new basic right will only come to life if it is aggressively defended and exercised.”

http://www.ccc.de/updates/2008/trojaner-notschlachten?language=en

WordPress 2.5 upgrade

Monday, March 31st, 2008

We have finally upgraded WordPress!

Whenever I previously tried to do it, MSQL returned:

WordPress database error: [Duplicate entry '1'
for key 1]
INSERT INTO wp_terms (term_id, name, slug, term_group)
VALUES ('1', 'In', 'in-2', '1')

WordPress database error: [Duplicate entry '1-category'
for key 2]
INSERT INTO wp_term_taxonomy (term_id, taxonomy, description,
parent, count) VALUES ('1', 'category', '', '0', '22')

WordPress database error: [Duplicate entry '2' for key 1]
INSERT INTO wp_terms (term_id, name, slug, term_group)
VALUES ('2', 'Administravia', 'administravia-2', '1')

WordPress database error: [Duplicate entry '2-category'
for key 2]
INSERT INTO wp_term_taxonomy (term_id, taxonomy, description,
parent, count) VALUES ('2', 'category', '', '0', '6')

WordPress database error: [Duplicate entry '3' for key 1]
INSERT INTO wp_terms (term_id, name, slug, term_group)
VALUES ('3', 'The Law', 'the-law-2', '1')

Which resulted in an upgraded WordPress, with 1000 posts that were all Uncategorized.

Eventually, after reading up and doing some dry runs, I discovered the solution:

  • Back everything up, deactivate plugins.
  • Upload the new WordPress files.
  • Truncate the wp-terms table.
  • Truncate the wp-taxonomy table.
  • run the wp-admin/upgrade.php script.

It works!

Ending Election Fraud with Three Ballots

Tuesday, March 4th, 2008

The ThreeBallot Voting System
Ronald L. Rivest
Computer Science and Artificial Intelligence Laboratory
Massachusetts Institute of Technology
Cambridge,
MA 02139
October 1, 2006?

Abstract

We present a new paper-based voting method with interesting security properties. The attempt here is to see if one can achieve the same security properties of recently proposed cryptographic voting protocols, but without using any cryptography, using only paper ballots. We partially succeed. (Initially, I thought the proposal accomplished this goal, but several readers discovered a vote-buying attack (see Section 4.4) that appears to be rather di?cult to fix without making the resulting system much less usable in practice. Currently, this paper should thus be viewed more as an academic proposal than a practical proposal. Perhaps some variation on these ideas in this paper might still turn out to be of practical use. The &lquot;OneBallot with Exchanged Receipts&rquot; system sketched at the end of Section 5.3.1, looks particularly promising at the moment. . . ) The principles of ThreeBallot are simple and easy to understand. In this proposal, not only can each voter verify that her vote is recorded as she intended, but she gets a &lquot;receipt&rquot; that she can take home that can be used later to verify that her vote is actually included in the final tally. Her receipt, however, does not allow her to prove to anyone else how she voted. In this &lquot;ThreeBallot&rquot; voting system, each voter casts three paper ballots, with certain restrictions on how they may be filled out, so the tallying works. These paper ballots are of course &lquot;voter-verifiable.&rquot; All ballots cast are scanned and published on a web site, so anyone may correctly compute the election result. A voter receives a copy of one of her ballots as her &lquot;receipt&rquot;, which she may take home. Only the voter knows which ballot she copied for her receipt. The voter is unable to use her receipt to prove how she voted or to sell her vote, as the receipt doesn’t reveal how she voted. A voter can check that the web site contains a ballot matching her receipt. Deletion or modification of ballots is thus detectable; so the integrity of the election is verifiable.

? The latest version of this paper can always be found at http://theory.csail.mit.edu/~rivest/ Rivest-TheThreeBallotVotingSystem.pdf

Introduction

Designing secure voting systems is tough, since the constraints are apparently contradictory. In particular, the requirement for voter privacy (no one should know how Alice voted, even if Alice wants them to know) seems to contradict verifiability (how can Alice verify that her vote was counted as she intended?). The proposal presented here is an attempt to satisfy these constraints without the use of cryptograpy. We get pretty close… Like most cryptographic proposals, ThreeBallot uses a public &lquot;bulletin board&rquot;a public web site where election officials post copies of all of the cast ballots (there will be 3n of them if there are n voters) and a list of the names of the voters who voted. (Some states might use voter ID’s rather than voter names.) One key principle of ThreeBallot is to &lquot;vote by rows&rquot; and &lquot;cast by columns&rquot;. The ThreeBallot ballot can viewed as an array, where the voter places marks in rows corresponding to candidates, but then separates the columns and casts them separately, keeping a copy of one. ThreeBallot provides a nice level of end-to-end verifiabilitythe voter gets assurance that her vote was cast as intended and counted as cast, and that election officials haven’t tampered with the collection of ballots counted.

Background

We assume that the reader is somewhat familiar with voting systems. For more background, the following readings are recommended:

  • Roy Saltman’s new book, The History and Politics 1 of Voting Technology [19] is an outstanding scholarly history of the evolution of voting technology.
  • Andrew Gumbel’s book Steal This Vote [9] is an excellent, entertaining, and very readable review of election fraud in America.
  • The Brennan Center for Justice has published an excellent report [1] on voting system security, with detailed discussions of specific threats and assessments of the risks they represent.
  • Randell and Ryan’s recent excellent article, &lquot;Voting Technologies and Trust,&rquot; [15], which, like this paper, explores paper-based voting system architectures similar to those of cryptographic voting systems.
  • Ben Adida’s recent PhD thesis [3] (particularly Chapter 1) reviews voting system requirements and cryptographic voting systems, before giving improved cryptographic voting systems.
  • There are numerous web sites with information and links about voting and voting technology, such those of Doug Jones [10], myself [16], the CalTechMIT Voting Technology Project [14], ACCURATE [2], or the Election Assistance Commission [7], to name just a few. (Try googling &lquot;voting technology&rquot;.)

Each ballot has two parts: the upper &lquot;voting region,&rquot; and then the &lquot;ballot ID region&rquot; on the lower part. The voting region of a ballot contains the candidate names, each with an op-scan bubble that can be filled in by the voter. Each ballot has a distinct ballot ID, di?erent from the ID’s of other ballots on its multi-ballot and from all other ballot ID’s. The ballot ID’s on the three ballots of a multi-ballot are unrelated in any way to each other, they are merely randomly assigned unique ballot ID’s, with no cryptographic or other significance. The ballot ID might be a long (e.g. 7-digit) number which is essentially random, or some other unique identifier, possibly in barcoded form. For now, we’ll assume that the ballot ID’s are pre-printed on the ballots, but we’ll see that there are security advantages to having them added later instead by the voter or by the &lquot;checker&rquot; (see Section 3.4).

Filling Out The Multi-Ballot

  • The voter is given the following instructions for filling out the multi-ballot. See Figure 2 for an example of a filled-out multi-ballot.
  • You have here three optical scan ballots arranged as three columns; you will be casting all three ballots.
  • Proceed row by row through the multi-ballot. Each row corresponds to one candidate. There are three &lquot;bubbles&rquot; in a row, one on each ballot.
  • To vote FOR a candidate, you must fill in exactly two of the bubbles on that candidate’s row. You may choose arbitrarily which two bubbles in that row to fill in. (It doesn’t matter, as all three ballots will be cast.)
  • To vote AGAINST a candidate (i.e., to not vote FOR the candidate, or to cast a &lquot;null&rquot; vote for that candidate), you must fill in exactly one of the bubbles on that candidate’s row. You may choose arbitrarily which bubble in that row to fill in. (It doesn’t matter, as all three ballots will be cast.)
  • You must fill in at least one bubble in each row; your multi-ballot will not be accepted if a row is left entirely blank.
  • You may not fill in all three bubbles in a row; your multi-ballot will not be accepted if a row has all three bubbles filled in.
  • You may vote FOR at most one candidate per race, unless indicated otherwise (In some races, you are allowed to vote FOR several candidates, up to a specified maximum number.) It is OK to vote AGAINST all candidates. 2

Details

We now describe the ThreeBallot voting system in more detail.

[…]

Read the rest of this paper at Scribd.

Two new indispensable iPhone apps

Saturday, March 1st, 2008

iCancel: beautiful silence from your iPhone

iCancel is a new piece of native software that brings the gift of silence to your iPhone.

It uses the microphone in your iPhone to generate an “antinoise” sound wave that blots out the noise of the outside world. Normally wearers of iPods and the other portable music players plague their fellow bus and underground riders with the tsch tsch tsch of the latest Timbaland tune; now the tables are turned, and the iPhone is being used to block the brain mushing concentration destroying wall of noise that is a byproduct of city living.

Now you can put your iPhone on, fire up iCancel, open that book and actually absorb what you are reading.

SONY’s S7XXF has this feature also.

Obviously not for use when driving a car with screaming children in it, or when riding your bike in heavy traffic.

iMoog

The name of this juicy app says it all.

This is a fully working Moog Synthesizer emulator for your iPhone.

This alpha version is monophonic, has a 16 step sequencer and a keyboard like i-Ano’s. Very impressive and fat sound.

Logins for 8,700 FTP servers found on sale

Friday, February 29th, 2008

By John E. Dunn
Techworld
27 February 2008

Criminals have assembled a huge database of hacked FTP server logins belonging to some of the worlds leading companies, a security company has revealed.

Finjan said it had stumbled upon a database containing account usernames, passwords and server addresses for a staggering 8,700 FTP servers, many of which were being used by US Fortune 100-level enterprises.

The hacked servers could be used to distribute crimeware by injecting iframe tags into any webpage stored on the compromised FTP servers. Indeed the server accounts were themselves being traded by a web application able to rank and price them according to their Google page rank for re-sale to other criminals.

The company found the database while examining what appears to be a sophisticated Russian crimeware hub built using a newer version of the Neosploit crimeware toolkit, sophisticated enough to offers its criminal users a SaaS (software as a service) interface for carrying out attacks.

The company didnt name the domains involved for obvious reasons, but the range of sectors and countries reads like a whos who of big business. FTP details for telecoms, media, online retail, and government agencies were all present, across every leading economy and beyond.

Using the Alexa.com domain ranking, Finjan found 10 of the top 100 domains in the database, 100 of the top 500 domains, and 50 of those between 500 and 1,000.

Breaking these down by location, 2,621 were in the US, 1,247 in Russia, 392 in Australia, 354 in Asia/Pacific. The rest were covered Eastern Europe, with only a handful in western European countries such as Germany and the UK, which accounted for 80 and 78, respectively.

“With this new trading application, cyber-criminals have an instant ‘solution’ to their problem of gaining access to FTP credentials and thus infecting both the legitimate websites and unsuspecting visitors, said Finjans Yuval-Ben Itzhak.

[…]

http://www.techworld.com/security/news/index.cfm?newsID=11561

I could have used substitution here to make this an article about ID cards and how ‘criminals’ are going to create tools to trade in the ‘identities’ of people, but this article was just too juicy as it stood.

Back in the day there were the forerunners of these tools, like ‘cc master’ (at least thats what I think it was called; it was something around on the old [1994/5] BBSes that you could play with if you wanted to get your machine virus’d). Now of course, they are running everything on the internets as services, like bugmenot, only much more serious.

The same thing is going to happen with ID details. Underground supermarkets are going to be created where you can buy the ‘identity’ of just the sort of person you need to commit a crime, and this will include fingerprints that will be used in software that uses playback exploits to fool the back ends that are being attacked. Even without that, simple Social Engineering will be made possible by collecting and studying the detailed identity records of some sheep, that can be inserted into a script for reading out, and all of this will be done in a slick service that you pay to access.

Imagine, you pay a subscription to a service that generates scripts for you to read over the telephone. You log in. You select your gender and accent type. The system then generates some scripts for you to read, and sets up VOIP calls for you to activate with a click of your mouse. The scripts are filled with the personal details of someone (bought on a DVD) and the call is made to their bank or building society, and the script provides you with a spiel that lets you transfer money to your own account.

You are paying for the right to use these identities and the related generated scripts; if you have success or not thats down to your mad skillz as a social engineer. Recommended Reading, ‘The Art of Deception’ by Kevin D. Mitnik.

The more scripts you read and the better you get at it, the more money you collect. Snarfed profiles are charged by how many people have used them; fresh, unused profiles are the most expensive (like fresh leads; they are for closers). Identities that have been passed around alot are nearly worthless, so you can read scripts generated for these in their thousands for only a few euros.

“I’m here from downtown, and I’m here on a mission of mercy….”

True!