Archive for June, 2006

Next episode; an entire nation’s data stolen in one theft

Wednesday, June 7th, 2006

Data Theft Affected Most in Military

National Security Concerns Raised

Washington Post Staff Writers
Wednesday, June 7, 2006; Page A01

Social Security numbers and other personal information for as many as 2.2 million U.S. military personnel — including nearly 80 percent of the active-duty force — were among the data stolen from the home of a Department of Veterans Affairs analyst last month, federal officials said yesterday, raising concerns about national security as well as identity theft.

The department announced that personal data for as many as 1.1 million active-duty military personnel, 430,000 National Guard members and 645,000 reserve members may have been included on an electronic file stolen May 3 from a department employee’s house in Aspen Hill. The data include names, birth dates and Social Security numbers, VA spokesman Matt Burns said.

Defense officials said the loss is unprecedented and raises concerns about the safety of U.S. military forces. But they cautioned that law enforcement agencies investigating the incident have not found evidence that the stolen information has been used to commit identity theft.

“Anytime there is a theft of personal information, it is concerning and requires us and our members to be vigilant,” Pentagon spokesman Bryan Whitman said. He said the loss is “the largest that I am aware of.”

Army spokesman Paul Boyce said: “Obviously there are issues associated with identity theft and force protection.”

For example, security experts said, the information could be used to find out where military personnel live. “This essentially can create a Zip code for where each of the service members and [their] families live, and if it fell into the wrong hands could potentially put them at jeopardy of being targeted,” said David Heyman, director of the homeland security program at the Center for Strategic and International Studies (CSIS).

Another worry is that the information could reach foreign governments and their intelligence services or other hostile forces, allowing them to target service members and their families, the experts said.

“There is a global black market in this sort of information . . . and you suddenly have a treasure trove of information on the U.S. military that is available,” […]

WaPo

My emphasis. An SQL file containing one million records could easily fit on a USB Flash Drive the size of your thumbnail. When they say ‘an electronic file’ this is what they are talking about.

The article says that the information could be used to find out where military personnel live. The same holds tru obviously, for the data of plebians ordinary citizens. Our safety is just as compromised by this sort of theft as the safety of military types. We can be ‘targeted’ just like anyone else. Why is there increased concern for the personal information of grunts over and above that which is displayed for the man in the street.

We are made to feel concerned that ‘the information could reach foreign governments’.

What the Fuck?

The criminal, mass murdering, regime changing, perverted, CIA/NSA terrorist controlled, government of the USA (Under Satan’s Authority), mandated that the citizens of the EU have their data harvested on a totally bogus pretext, and then keeps this data and uses it for just these criminal ends, and we are meant to think that it is a ‘worry’ when their data is to be spread around the world?

Forgive me if i wish nothing but ill to these people, these HYPOCRITES, these DOGS who now have to suffer what their own government has done to MILLIONS of innocent travellers. And lets not forget, that the animals in the us government collected not just people’s names and addresses, but:

4. Is sensitive data included in the PNR data transfer?

Certain PNR data identified as “sensitive” may be included in the PNR when it is transferred from reservation and/or air carrier departure systems in the EU to CBP. Such “sensitive” PNR data would include certain information revealing the passenger`s racial or ethnic origin, political opinion, religion, health status or sexual preference. CBP has undertaken that it will not use any “sensitive” PNR data that it receives from air carrier reservation systems or departure control systems in the EU. CBP will be installing an automated filtering program so that “sensitive”PNR data is deleted.

5. Will my PNR data be shared with other authorities?

PNR data received in connection with flights between the EU and the U.S. may be shared with other domestic and foreign government authorities that have counter-terrorism or law enforcement functions, on a case-by-case basis and under specific data protection guarantees, for purposes of preventing and combating terrorism and other serious criminal offences: other serious crimes, including organized crime, that are transnational in nature: and flight from warrants or custody for the crimes described above.

PNR data may also be provided to other relevant government authorities, when necessary to protect the vital interests of that passenger or of other persons, in particular as regards to significant health risks, or as otherwise required by law. [..]

LUT

and lets not forget; name, address, flightnumber, credit card number, and choice of meal.
Once again, I cannot understand how ANYONE who knows this is happening can WILLINGLY fly to the USA…but I digress.

Clearly if the NIR is rolled, out, a disaster like this WILL happen again and again, and the entire contents of the NIR will fall into the hands of criminals. Unlike having your credit card fall into the criminal hands of uncle sham, your fingerprints cannot be changed. You will be exposed forever, and in that eventuality, nothing less than the removal of relying on fingerprints for the purposes of ID will save the millions of compromised persons from impersonation.
If you dont enter the NIR of course, you will not be exposed to this threat. You should not, under any circunstances, register with the NIR should it come into being.

and, just in time for this post:

Information from the UK’s controversial DNA database is being given to foreign law agencies, it has emerged.

The Home Office has revealed that other nations have made 519 requests for details from the database since 2004.

All of the requests were granted and the Liberal Democrats fear there are not enough checks on the system.

It emerged in January that 24,000 under-18s never cautioned, charged or convicted are on the database, which was established in 1995. […]

http://news.bbc.co.uk/1/hi/uk_politics/5056450.stm

and if the NIR comes on line, you can expect this sort of data sharing to proliferate dramatically.

Apalllung. YES APPALLUNG!

Why Americans Should Be Packing Their Bags NOW

Tuesday, June 6th, 2006

It is now time to think about the unthinkable. Americans who have been raised to love their country and trust in their leaders’ commitment to democracy need to be considering–even planning for–emigrating to escape before full-blown tyranny arrives in the United States.

You and Your Family Can Be Trapped in a Matter of Hours

Don’t be lulled into complacency because neither you nor your friends have been hauled out of bed by the Gestapo in the middle of the night. The heavy hand of an unrestrained government is already being felt among some targeted groups, and the mechanisms necessary to institute a totatlitarian state that will impact the daily lives of all Americans are already in place. Within a matter of hours, the power of the imperial federal executive can be invoked to freeze your assets and prevent you from traveling within or out of the United States.

Do you still believe that your money is your own, and that you can do with it what you want? Then you have a lot to learn about how federal control of your money has grown in the last 15 years. Many ordinary Americans, people who are far from being terrorists or even political activists, have already encountered the Bank Secrecy Act and the features of the Patriot Act that have made it even more restrictive. Benedictine sisters at the Holy Name Monastery in Florida couldn’t understand why their checks were bouncing back in 2005. A call to the bank revealed that their account had been frozen–by the bank–because one 80 year-old signatory on the account had not provided her Social Security number as required by the Bank Secrecy Act and the Patriot Act.

Federal law now requires banks to provide strict oversight of customers’ accounts, ostensibly to counter money laundering and terrorist funding. Banks must first collect extensive information about depositors so that they have clear evidence of customers’ identities, and then share this information with federal agencies. They must file Suspicious Activity Reports with FinCEN whenever there is “unusual” activity out of the customer’s normal pattern of behavior in addition to the more widely known Cash Transaction Reports filed whenever there are cash deposits or withdrawals in excess of $10,000. Finally, they must respond quickly with information and other “appropriate action” whenever a customer’s name is on the “Control List” formed from information collected from federal and local law enforcement agencies.

Banks are anxious to avoid the wrath of the federal officials who regulate them closely, and are quick to share information and even freeze accounts if there is any question about a customer. John Byrne, an official of the American Bankers’ Association, testifying before the House Financial Services Committee in February, 2002, was proud of bankers’ efforts to satisfy federal requests:

We have also been diligently responding to the various lists that the government has been distributing to either block or freeze accounts or to notify law enforcement that a particular individual has an account with a specific institution.

If a federal or local law enforcement agency decides to put you on the “Control List,” you will lose access to your bank assets within hours.

You probably already know something about the lists that can prevent you from traveling by air. The F. B. I. created the original “no-fly” list in 1990, but the Patriot Act created a new agency, the Transportation Security Administration, to implement the list after 9/11. At the beginning of September, 2001, there were 16 people on the list. Now, European airlines, who must check the list before boarding passengers bound for the U. S., report it contains over 80,000 names.

There are actually two lists. One is a strict “no-fly” list of individuals who are not allowed to board planes at all. The larger list is the “selectee” list. People who turn up on the selectee list have their boarding passes marked with an “S” which signals security personnel to pull them out of line and subject them to stricter searches and often extensive questioning. Those who have missed flights because of begin detained or prevented from flying altogether include political active individuals on the left and right and critics of the Bush administration, intelligence services and the Iraq war.

The TSA and the agency that actually compiles the list, the Transportation Security Intelligence Service, refuse to divulge the sources for the names added to the list. They do admit that the number of names increases “almost daily” as various federal and possibly local agencies submit information.

Again, if an agency decided to submit your name, this computerized system would be able to block you from being able to travel within minutes.

If you think you can evade the TSA by getting to Canada and flying from there, think again. Transport Canada expects to have a no-fly list in place by the end of the year despite the objections of Canadian civil liberties groups and the Canadian Islamic Congress.

Nations that move toward totalitarianism follow a common series of steps as they eliminate freedom. While rhetoric aimed at target groups may begin with “love it or leave it,” before long authoritarian states enact restrictions on emigrees taking assets out of the country and even on emigration itself. In the United States, those restrictions are already in place, but are currently enforced selectively against a fairly small number of people to avoid arousing too much controversy. Modern computer technology enables authorities to use the laws and systems now in place to expand the application of these restrictions far more widely to groups and individuals identified through the government’s vast, illegal data gathering effort of the past few years. Those who hear themselves targeted as “traitors,” “fifth columnists,” “degenerates,” etc.–in other words, Muslims, gays, atheists, leftists, antiwar activists, dissenters and others–should realize that they could find themselves blocked from leaving the country even before other elements of a fascist state are put in place. […]

http://www.whatreallyhappened.com/emigration.php

Real Americans don’t run. They fight!

Foley

Tuesday, June 6th, 2006

6th  Grade ......

http://www.smartalecmusic.com

Police against the proliferation of laws

Monday, June 5th, 2006

Hi.

I was browsing through through some of my regular blogs and saw this. It made me think of you.

From the comments section in response to a post in the Policeman’s blog.

http://coppersblog.blogspot.com/2006/05/mainline.html

“The point of having things like ASBOs is to have as many things as possible against the law. This moves all the discretion into the hands of the government.

In a reasonable system, one could simply avoid sanctions by not stealing/murdering/raping and all would be well. Under the “nearly everything is illegal” system, most crimes are not punished. However, since one cannot avoid illegality, the state can come after you whenever you displease it. It becomes a system for enforcing loyalty to the powers that be rather than a neutral system of justice that protects life, liberty and property. The resulting epidemic of crime is seen as inconsequential- it does not threaten the established government – it even makes people more dependent upon it for protection.

In earlier times, this would have been called “tyranny.””

In the mighty France, all of the workforce, Civil Service and even the police have refused to obey the abolition of the bank holiday that would have not occured today.

When the police of this country finally grow some grapefruits and decide that ‘enough is enough’, and that they will only enforce the laws that directly affect the population that they serve, ie, crimes against the person and crimes against physical property, THEN we can take posts like this seriously.

Like we saw in the CCTV footage from the TPB raid, it only takes a handful of swine to disrupt the activities of millions of innocent people. The real policemen, the ones that are not swine, filth, ‘le flick’ etc, the ones that are there actually doing the true work of policing are all damaged by the actions of these dirty pigs, who don’t even bother to wear a uniform while they stomp on you with their boots.

That they recieved a direct order to raid that ISP is not an excuse to do it. Niether is it an excuse to violate the TPB lawyer by DNA swabbing him. They, all police, must have an intact moral compass that allows them to say, “no, I will not obey this order, because it is illegal”, or at the very least, compells them to call a neutral lawyer before carrying out orders that are clearly dubious if not totally bogus. Should they be ordered to carry out a raid on an emergency basis, they should have recourse to the law, where they can sue their superiors for leading them into an illegal action. Where there was ample time to check the legality of a raid, like the TPB one, all the officers should be liable for punitive damages. The police MUST BE GOT UNDER CONTROL, and if they dont have a moral compass, then they must either be sacked or put in fear of their livelyhoods so that there is a real disincentive to carrying out illegal orders, like the animals who raided TPB, and simultaneously took out the websites of 300 people UNRELATED TO TBP.

Planning for the worst

Monday, June 5th, 2006

Local planning authorities are giving identity criminals “all they need” by posting applicants’ personal details online, according to the UK’s fraud prevention service Cifas

The organisation said planning authorities were publishing applicants’ personal details, including names addresses, telephone and signatures, on the web as part of their planning consultations.

Reg

What more can be said?

The NIR setup will have the same flaw – a fraudster (or their agent) will be able to access personal details across a network, just replace signatures for ‘unchangeable biometric information’ and it there you have it, a recipe for disaster.

The ONLY insurance is not to register on the NIR, neither intentionally nor through renewal of linked documents (i.e. your passport) after the next couple of months.

A Chronology of Data BreachesReported Since the ChoicePoint Incident

Sunday, June 4th, 2006

The data breaches noted below have been reported because the personal information compromised includes data elements useful to identity thieves, such as Social Security numbers, account numbers, and driver’s license numbers. A few breaches that do NOT expose such sensitive information have been included in order to underscore the variety and frequency of data breaches. However, we have not included the number of individuals affected in such breaches in the total because we want this compilation to reflect breaches that expose individuals to identity theft as well as breaches that qualify for disclosure under state laws.

For tips on what to do if your personal information has been exposed due to a security breach, read our guide.

The catalyst for reporting data breaches to the affected individuals has been the California law that requires notice of security breaches, the first of its kind in the nation, implemented July 2003.
www.privacyrights.org/ar/SecurityBreach.htm
www.privacy.ca.gov/recommendations/secbreach.pdf

This chronology below begins with ChoicePoint’s 2/15/05 announcement of its data breaches because it was a watershed event in terms of disclosure to the affected individuals. Since then, the “best practice” has been to disclose breaches to individuals nationwide — in a sense, adopting California’s notice requirement nationally.

In the meantime, at least 23 states have passed laws requiring that individuals be notified of security breaches. For a list of states enacting security breach and freeze laws, visit the Consumers Union web site here:

Security breach notice laws: www.consumersunion.org/campaigns/Breach_laws_May05.pdf
Security freeze laws: www.consumersunion.org/campaigns/learn_more/002355indiv.html
State security freeze bills pending in 2006: www.consumersunion.org/campaigns//learn_more/002906indiv.html
And visit the PIRG site here: www.pirg.org/consumer/credit/statelaws.htm.

Congress is considering several bills this year in which security breach notices would be mandated nationwide. See http://thomas.loc.gov. See also EPIC’s bill-track list, www.epic.org/privacy/bill_track.html.

Here are other sources for security breach information:

[…]

A HUGE list of breaches follows. Go to the site to read it!

[…]

TOTAL 83,114,945

[…]

http://www.privacyrights.org/ar/ChronDataBreaches.htm

And there, once again, you have it.

Britain does not have a unique personal identifier like the american ‘Social Security Number’ (SSN). The British are therefore safe from this type of security breach.

If the UK rolls out the ‘National Identiy Register’ (NIR) then every single person living in the UK will have their Identity compromised in the way described by that website. It is not a question of ‘if’ but of when.

Britian should not introduce the NIR. The British are safer from the threat of identity theft if they do not have a single all encompassing number issued to them.

You must under no circumstances enter the NIR should it be introduced. That is the only way you can be sure that your identity will remain safe.

Pirate Bay Lawyer Arrested and DNA Swabbed

Saturday, June 3rd, 2006

I always thought Swedes were civilized:

The image “http://photos1.blogger.com/blogger/7600/1425/320/viborg.jpg” cannot be displayed, because it contains errors.

While talking the officer conducting the hearing suddenly enters the room only to inform me that an order has been issued by the prosecutor to collect a DNA-sample from me. For an instant I think that she is trying to make a tasteless joke. But I can tell from her facial expression that she is not. Do I sense a touch of rapture from her? Is she enjoying this as much as I am NOT enjoying it?

(Note that a court order is not needed to get a DNA-sample in Sweden. Only an executive decision by the prosecutor handling the case. The only criteria that he has to adhere to are that jail must be a possible punishment for the crime and that the person forced to leave the sample is under justified suspicion of the crime. However an infringement into someone’s right to protection from invasive procedures of this magnitude requires that a criterion of necessity and proportionality is considered. “Luckily” in this case the prosecutor is not one know from listening to whiny arguments about personal freedoms and other such nancy stuff)
[…]

http://viborginternational.blogspot.com/2006/06/operation-take-down.html

Clearly I was wrong.

They swabbed him for the sole purpose of humiliation, nothing else. This is the true spirit behind biometrics and DNA databases; debasement of humanity, humiliation and subjugation.

There is absolutely no reason to do this in a SUSPECTED case of copyright infringement. These people are beyond insane.

SHAME on Sweden for engaging in this bad business.

iHair!

Friday, June 2nd, 2006

istraight Japanese Hair Straightening System

YOUR HEALTHY SHINY HAIR IS OUR MAIN CONCERN.
Just imagine for a moment if you will, after your shower there is no need to fight your curly hair straight. You don’t have to avoid humidity like a Vampire avoids the sun. You can dance around a garden sprinkler, walk away with wet hair that dries straight and frizz free. Our Client Roxanne told us she has waited for this moment for 48 years. She still cannot believe it – she has straight and almost maintenance free hair.
Keep in mind that her hair was not pulled straight with a brush and a blow dryer. We simply blew some slightly warm air from the top of her head until her hair was dry. No pulling and straightening anymore for her for about six month’s. After the 5 hour process we asked Roxanne: Was it worth it for you? She said “You bet it’s worth it” It’s worth every penny and every minute”

Read more about it!

[…]

Our Japanese Contact had returned from Japan in April 2002. His mission was to comb the entire hair industry for the best straightening product that is in existence today.
And he struck Gold.
At Hair Café we now offer the “iStraight” Japanese Straightening System which is gentler than other systems. “iStraight” is most effective on curly virgin hair although it can be used on color treated hair. The hair’s porosity must be evaluated before treatment. We do not recommend the process for African America hair that had a Sodium hydroxide (Lye) in the past.
That means your hair can be straightened permanently even if you have Highlights or colored hair. As you can see on our website. It also means that you can add Highlights or Hair Color after the hair has been straightened making it the safest Straightening System available today. After all, your healthy and shiny hair is our main concern!
Please not that using the ReactionB3 conditioner is an absolutely essential home care regimen that goes along with the Japanese straightening process.

Why Bother?!

Friday, June 2nd, 2006

Looking good for the camera has its secrets.

a little lighter…

a little brighter…

a little tighter.

Why bother?!

All you really need is Ice Shine from Pantene

It makes your hair shine…

Just like that.

Shine with the new Pantene Ice Shine collection.

And now there’s also Ice Shine styling, as featured in Vogue.

[…]

http://www.pantene.co.uk/salon/tv-ad/transcript.html

Crypto Love Letters. How Sweet!

Thursday, June 1st, 2006

Modern Love
In the salad days of spying, back when Ivy Leaguers working for the CIA would sneak messages into and out of East Germany in walnuts carried by unsuspecting globetrotting boy’s choirs, intelligence services used coded shortwave radio transmissions to send one way messages to their agents.

The transmissions consisted of repeated strings of numbers and the military alphabet code and were made famous years later when Wilco used a recording of a East German woman repeating Yankee Foxtrot Hotel in its breakout album (and got sued for it).

Now, it seems someone is keeping the mystery alive via the potent 21st Century combination of Craigslist and VoIP, according to Homeland Stupidity blogger Michael Hampton.

On or around May 8, the following personal ad appeared on the Internet classified ad site Craigslist. (It has since been removed.)

For mein fraulein

Mein Fraulein, I haven’t heard from you in a while. Won’t you
call me? 212 //// 796 //// 0735

If you actually called the number, up until a couple of days ago you would have heard this prerecorded message (MP3). It’s a head scratcher to keep you National Security Agency analysts occupied in your spare time. Each block of numbers is repeated twice; but below I have transcribed them only once for clarity.

Group 415
01305 60510 12079 04606 50100
93000 08203 90130 94069 01207
81080 17028 01706 90220 73038
01401 70150 15073 00402 00680
12013 12510 00540 04091 01401
30150 86022 09608 10660 02082
05507 00020 00000 02208 30290
08022 01200 40710 13065 02709
40190 29014 02200 80020 11083
07300 30260 19000 00700 00000
86

Link.

Hampton and the fine pholks over at 2600 Magazine did some digging and found that the number was a pre-paid VoIP account, but not much more than that could be divined.

Hampton suggests that the best way to figure out the answer is to attack the code.

I think he’s probably wrong.

My guess is that some young cryptanalysts are sending love notes and taunting Mossad, the NSA and the phone phreakers at the same time.

And if they are using unbreakable one-time pads, nobody, including the NSA with their fancy computers, can ever be privy to their sweet nothings.

My blessings (29564 20456 18435 05689 77329) to the happily anonymous couple. […]

http://blog.wired.com/27BStroke6/index.blog

!

“cryptanalysts … sending love notes and taunting Mossad, the NSA and the phone phreakers at the same time”

Romantics….

UPDATE:

‘Now there’s two of them!’

415-704-0402

Is the telephone number that has a recording of a musical intro, then some numbers read out by a machine, made up of very different voices.

These two messages have an interesting feature. They both have a ‘group’ count that has nothing to do with the number of groups delivered.

Now why would someone do that?

A: They know the form of Numbers Stations, but not the actual workings.
B: They know the form and the workings, and are misusing the word ‘group’ deliberately.
Someone has pointed out that all the groups in these messages can be found in large primes. Large primes are big enough so that you can find many five figure groups in them. This doesn’t prove, point to or say anything.

Some people are saying that this is for sure, a government operation of some kind. Any telephone call can have its two ends pinpointed. That means that anyone calling this number to recieve a message can be black bagged. Also because the messages are long, the person collecting it will be exposed for a signifigant amount of time while she transcribes it. Its risky. A far safer way to send a message like would be to use the radio.

No criminal would do this, because they understand how telephones work. ‘Terrorists’ don’t use crypto. So, what we have left is the most likely culprit; someone having fun.

But who could it be? It could be anyone, and now that they know that people are actively looking at the source of the ‘call me’ messages we will no doubt have some more of them. Or maybe not.

Who wants to bet?

Pirates sunk – for now

Thursday, June 1st, 2006

In the morning of 2006-05-31 the Swedish National Criminal Police showed a search warrant to Rix|Port80 personnell. The warrant was valid for all datacentres of Rix|Port80 and was directed at The Pirate Bay. The allegation was breach of copy-right law, alternatively assisting breach of copy-right law.

“The necessity for securing technical evidence for the existance (sic) of a web-service which is fully official, the legality of which has been under public debate for years and whose principals are public persons giving regular press interviews, could not be explained,” said the statement.

“Asked for other reasoning behind the choice to take down a site, without knowing wether (sic) it is illegal or not, the officers explained that this is normal.”

http://news.bbc.co.uk/1/hi/technology/5036268.stm

Who is behind this? You can bet your last Krona that it isn’t Swedish police or the Swedish government directly. So that leaves external (and most probably) commercial interests directing the activity of a domestic justice system in the complete absence of any legally substantiated wrongdoing.

Sweden, I am ashamed of you.

Regarding the internet-savvyness of record labels, this interesting piece from the Grauniad sheds some light.

You seem to be using Tor!

Thursday, June 1st, 2006

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor’s hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

Journalists use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they’re in a foreign country, without notifying everybody nearby that they’re working with that organization.

Groups such as Indymedia recommend Tor for safeguarding their members’ online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) are supporting Tor’s development as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company’s patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

Why we need Tor

Using Tor protects you against a common form of Internet surveillance known as “traffic analysis.” Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you’re travelling abroad and you connect to your employer’s computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.

How does traffic analysis work? Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that’s an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you’re doing and, possibly, what you’re saying. That’s because it focuses on the header, which discloses source, destination, size, timing, and so on.

A basic problem for the privacy minded is that the recipient of your communications can see that you sent it by looking at headers. So can authorized intermediaries like Internet service providers, and sometimes unauthorized intermediaries as well. A very simple form of traffic analysis might involve sitting somewhere between sender and recipient on the network, looking at headers.

But there are also more powerful kinds of traffic analysis. Some attackers spy on multiple parts of the Internet and use sophisticated statistical techniques to track the communications patterns of many different organizations and individuals. Encryption does not help against these attackers, since it only hides the content of Internet traffic, not the headers.

The solution: a distributed, anonymous network

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you—and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several servers that cover your tracks so no observer at any single point can tell where the data came from or where it’s going. […]

Running Tor

http://tor.eff.org/

When you use Tor, your ISP cannot record where you have been surfing. That means that any legislation any government passes mandating the storage of your internet usage is rendered moot.

You need to download this and run it as a server when you are not using your bandwidth. A MUCH better use of your CPU/Pipe than searching for coals in Newcastle with SETI@home was.

Like I always say; complaining is good, but there comes a point when you have to stop complaining and take action. Someone has taken the time to create Tor, now all you need to do to assert your rights is to download the software and use it.

Your privacy is restored.

You did’nt even have to shoot a gun.