The more people who use encryption, the better. Let's prevent law
enforcment agencies from using slander like: 'if people use encryption
they probably got something to hide and up to no good.'
> Free news server such as AOIE and Albasani support SSL connections. I
> urge everyone to use SSL connections when reading Usenet news so your
> provider (or anyone else for that matter) can't see what articles you
> are reading or sending to Usenet.
>
> The more people who use encryption, the better. Let's prevent law
> enforcement agencies from using slander like: 'if people use encryption
> they probably got something to hide and up to no good.'
Hello Fritz,
The following article seems relevant.
"I've Got Nothing to Hide" and Other Misunderstandings of Privacy
Daniel J. Solove -- George Washington University Law School
http://ssrn.com/abstract=998565
Regards.
USENET postings are public by nature. Some of us literally don't have
anything to hide [re: we are ok with being held accountable for our
actions], so aside from using SSL to hide our login credentials, don't
need any other form of crypto.
More often than not, people who use anonymizers or encryption on
USENET *are* actually doing something wrong [spreading wares, joe
jobbing people, generally being useless]. I'm not saying crypto
shouldn't be used, but don't think that for us who don't use SSL to
connect to nntp, or encrypt our messages that we're sheep who are just
afraid to use crypto.
Tom
> Boon wrote:
>
>> Fritz Wuehler wrote:
>>
>>> Free news server such as AOIE and Albasani support SSL connections. I
>>> urge everyone to use SSL connections when reading Usenet news so your
>>> provider (or anyone else for that matter) can't see what articles you
>>> are reading or sending to Usenet.
>>> The more people who use encryption, the better. Let's prevent law
>>> enforcement agencies from using slander like: 'if people use encryption
>>> they probably got something to hide and up to no good.'
>>
>> Hello Fritz,
>>
>> The following article seems relevant.
>>
>> "I've Got Nothing to Hide" and Other Misunderstandings of Privacy
>> Daniel J. Solove -- George Washington University Law School
>> http://ssrn.com/abstract=998565
Tom,
I think you've missed the point.
> USENET postings are public by nature.
This is irrelevant.
> Some of us literally don't have anything to hide
Could you send me a few pictures of yourself naked, photocopies of your last 12
bank statements, a copy of your medical record, a detailed account of your last
3 sexual encounters, and a copy of your family tree with the names, addresses
and phone numbers of your relatives?
No one has nothing to "hide". Everyone has something to "hide".
Please read Daniel Solove's paper.
> [re: we are ok with being held accountable for our actions],
It seems you use "re:" where "i.e." would be appropriate. If you didn't mean
"i.e" (id est, in other words) then I don't know what "re:" means to you.
> so aside from using SSL to hide our login credentials, don't
> need any other form of crypto.
The issue at hand is not write access. The issue is read access.
Which newsgroups I follow, which articles I choose to read are no one's
business. Encryption provides privacy.
I apologize in advance for the theatrical grandstanding.
There can be no DEMOCRACY when there is no PRIVACY.
And I did.
Straw meet man.
I'm not saying people shouldn't ever use crypto. My point is don't
call me weak or sheepish because I don't when I CHOOSE NOT TO. This
"we all should use crypto to screw the man" attitude is just that.
Attitude. Not substantiated in reality.
Tom
Sorry, I don't get this. How is Boon's request a straw man? Without
context,
perhaps it could be, but with the context of your original assertion:
"Some of us literally don't have
anything to hide"
I think it's perfectly valid to point out things that you probably
_do_
want to hide, and so demonstrate that you don't mean what you wrote.
> I'm not saying people shouldn't ever use crypto. My point is don't
> call me weak or sheepish because I don't when I CHOOSE NOT TO.
This, on the other hand, is certainly a straw man. Boon never
suggested
that you were weak or sheepish. (Admittedly, you don't in fact claim
that he did, but it seems to be a clear implication of your comment.)
His "requests" had nothing to do with anything I wrote. When I said I
had nothing to hide I meant in the context of my usenet habits. When
I said accountable for my actions I thought that was clear.
So no, his inflamatory requests were not appropriate nor on topic.
> > I'm not saying people shouldn't ever use crypto. My point is don't
> > call me weak or sheepish because I don't when I CHOOSE NOT TO.
>
> This, on the other hand, is certainly a straw man. Boon never
> suggested
> that you were weak or sheepish. (Admittedly, you don't in fact claim
> that he did, but it seems to be a clear implication of your comment.)
He points to an article titled ""I've Got Nothing to Hide" and Other
Misunderstandings of Privacy". It's not a misunderstanding, I'm not
ignorant, I just don't need to use crypto and I don't appreciate being
told what to do.
Tom
Let's begin tearing down the reasoning.
Encryption=privacy
Usenet=inherently non-private
Since Usenet is the opposite of privacy to begin with, using encryption is
unintelligible at best.
So to quote the other side a few times:
> Which newsgroups I follow, which articles I choose to read are no one's
> business. Encryption provides privacy.
That would almost make sense if it wasn't for the fact that you are
connecting to a server, providing an immediate and obvious weak point in the
argument. So the question is: Is it easier to hijack DNS, create a MITM
attack on the protocol, implementing a complete server, or is it easier to
hack a single server? Since the first step of hijacking DNS will require
hacking several servers, and the second option only requires hacking one,
obviously hacking a single server is easier. So once again we have a
horrible idea being trotted out to show that most people don't think.
The "nothing to hide" argument. When using Usenet you are deliberately
making your statements widely available, again this is the opposite of
privacy, and so that argument simply shows that the person bringing it up
wasn't thinking about actual security.
Since the "and other" doesn't appear in a cursory look in the posted essay,
that is simply a flaw in authorship.
Now that it is painfully obvious that there is absolutely no reason to use
encryption, is there a reason not to. Actually there is. CPU time costs
money, encryption costs CPU time, Using encryption = adding cost.
Implementing and debugging encryption code is not trivial, and so it costs
money to implement. Encryption=lost money.
So can we stop now? The arguments for using encryption are heavily flawed.
Repeating the arguments after their obvious flaws have been pointed out is
less than intelligent.
Joe
This is a logical fallacy known as all-or-nothing thinking, my way of
the highway, etc. There are plenty of good uses of usenet and other
groups for selected audiences. There are those that object and it
does not mean that it can't be. Your business in not necessarily
everyones business in the first place.
>
> So to quote the other side a few times:
>
> > Which newsgroups I follow, which articles I choose to read are no one's
> > business. Encryption provides privacy.
>
> That would almost make sense if it wasn't for the fact that you are
> connecting to a server, providing an immediate and obvious weak point in the
> argument. So the question is: Is it easier to hijack DNS, create a MITM
> attack on the protocol, implementing a complete server, or is it easier to
> hack a single server? Since the first step of hijacking DNS will require
> hacking several servers, and the second option only requires hacking one,
> obviously hacking a single server is easier. So once again we have a
> horrible idea being trotted out to show that most people don't think.
Privacy is a personal preference, when, where, how..you know...freedom
of association and/or the selected choice to be left alone at personal
selective whim.
Poor protocols are not the only choice and communications can be
secure at both ends from between any two qualified points. Remember
those that don't want it spend lots of time trying to push a tainted
agenda, or one based on their own failures and general incompetence,
perhaps both since it sounds like a self-fulfilling prophecy, another
logical fallacy.
>
> The "nothing to hide" argument. When using Usenet you are deliberately
> making your statements widely available, again this is the opposite of
> privacy, and so that argument simply shows that the person bringing it up
> wasn't thinking about actual security.
Usenet can have many uses, as many as can exist.
>
> Since the "and other" doesn't appear in a cursory look in the posted essay,
> that is simply a flaw in authorship.
>
> Now that it is painfully obvious that there is absolutely no reason to use
> encryption, is there a reason not to. Actually there is. CPU time costs
> money, encryption costs CPU time, Using encryption = adding cost.
> Implementing and debugging encryption code is not trivial, and so it costs
> money to implement. Encryption=lost money.
Good encryption cannot be read...power to the people and not to aid
the despots and wantabes.
>
> So can we stop now? The arguments for using encryption are heavily flawed.
> Repeating the arguments after their obvious flaws have been pointed out is
> less than intelligent.
> Joe
Sounds like a troll to me, spending so much time on a personally
announced flawed area as a propaganda voice. The obvious flaws to
encryption are due to incompetence as are the various internet snafus
when it dosn't have to be that way. If this really is Joe, your world
is crumbling.
The fear of many is that there is actually can be good science that
they cannot control; there is and they can't. Some have it, others
never will if told it is unavailable or made to believe it is all in
the hands of elite wizards..ignorance is pushed as the only true route
to bliss, logical fallacy.
> Boon wrote:
>
>> "I've Got Nothing to Hide" and Other Misunderstandings of Privacy
>> Daniel J. Solove -- George Washington University Law School
>> http://ssrn.com/abstract=998565
>
> Let's begin tearing down the reasoning.
>
> Encryption=privacy
> Usenet=inherently non-private
>
> Since Usenet is the opposite of privacy to begin with, using encryption
> is unintelligible at best.
intelligible
1 : apprehensible by the intellect only
2 : capable of being understood or comprehended <jargon intelligible only to the
initiated>
Are you saying it does not make sense to use encryption to access Usenet?
> So to quote the other side a few times:
>
>> Which newsgroups I follow, which articles I choose to read are no
>> one's business. Encryption provides privacy.
>
> That would almost make sense if it wasn't for the fact that you are
> connecting to a server, providing an immediate and obvious weak point in
> the argument. So the question is: Is it easier to hijack DNS, create a
> MITM attack on the protocol, implementing a complete server, or is it
> easier to hack a single server?
Who would be carrying out these attacks? and what is their purpose?
> Since the first step of hijacking DNS
> will require hacking several servers, and the second option only
> requires hacking one, obviously hacking a single server is easier. So
> once again we have a horrible idea being trotted out to show that most
> people don't think.
Are you claiming there is no point in using TLS to connect to an NNTP server
because said server could have been cracked?
By the same reasoning, there is no point in using TLS to connect to a "secure"
web site, because the HTTPS server could have been cracked.
Using encryption (in this case TLS) to access Usenet (or any other service on
the Internet) means encrypting the traffic between one's PC and an NNTP server.
Obviously, in this threat model, the NNTP server is trusted. The point of the
encryption is to prevent eavesdropping from intermediate nodes. The eavesdropper
might be the user's ISP performing deep packet inspection in order to sell
targeted advertising, some government agent passively or actively scanning the
network for certain patterns, etc.
> The "nothing to hide" argument. When using Usenet you are deliberately
> making your statements widely available, again this is the opposite of
> privacy, and so that argument simply shows that the person bringing it
> up wasn't thinking about actual security.
Your (and Tom's) knee-jerk reaction against spammers, spewers, and anonymizers
misses the point. I'm not making an argument for anonymous "free speech". I'm
saying that one has the right to read Usenet without someone watching over their
shoulder.
> Since the "and other" doesn't appear in a cursory look in the posted
> essay, that is simply a flaw in authorship.
>
> Now that it is painfully obvious that there is absolutely no reason to
> use encryption,
As far as I'm concerned, your demonstration was rather unconvincing.
> is there a reason not to. Actually there is. CPU time
> costs money, encryption costs CPU time, Using encryption = adding cost.
> Implementing and debugging encryption code is not trivial, and so it
> costs money to implement. Encryption=lost money.
Why don't you ask AIOE's admin why he is providing encrypted access to Usenet
when it is costing him money hand over fist?
Perhaps he's not in it for the money?
> So can we stop now? The arguments for using encryption are heavily
> flawed. Repeating the arguments after their obvious flaws have been
> pointed out is less than intelligent.
"If you disagree with me, then you are stupid."
I am thoroughly unimpressed.
Regards.
> Do you have blinds or curtains on your windows?
Anonymity is a principle, a protected right in some countries. It isn't
obligatory. Many people take pride in what they write and want to be
recognised for it. Their right to be recognised is equally as important
as their right not to be.
--
pub 1024D/228761E7 2003-06-04 Steven Crook
Key fingerprint = 1CD9 95E1 E9CE 80D6 C885 B7EB B471 80D5 2287 61E7
uid Steven Crook <st...@mixmin.net>
[snipped a lot of test for brevity, didn't see any reason in a long reply
when a short is easier to read]
> Sounds like a troll to me, spending so much time on a personally
> announced flawed area as a propaganda voice. The obvious flaws to
> encryption are due to incompetence as are the various internet snafus
> when it dosn't have to be that way. If this really is Joe, your world
> is crumbling.
It really is me, but you are making several mistakes in your arguments,
mostly it seems to come down to incorrectly reading my arguments. My primary
argument is that encryption costs money, adding cost without benefit is a
bad idea. Buying a certificate costs money, this cost needs to be paid by
someone. Encrypting typically the most secure leg of the information's
journey adds no benefit, but it does add cost.
To make the point for me about why increasing cost is a bad idea, there was
a message a couple days ago it began "Please note that on or around July 15,
2009, AT&T will no longer be offering access to the Usenet Netnews service,"
adding cost will drive more servers away faster.
Joe
The suggestion was that since lots of usenet providers offer
nntp-over-SSL, customer should use the encrypted service even if they
don't feel they directly benefit from the encryption, just as a way of
being a good citizen. The certificate in that situation is at the
server side, and the provider has ALREADY paid for it, whether
customer use it or not.
> Encrypting typically the most secure leg of the information's
> journey adds no benefit, but it does add cost.
As we hear from the endless reports of illegal government monitoring,
deep-packet-inspection by ISP's, etc, that leg of the encryption's
journey is not all that secure.
> "Joseph Ashwood" <ash...@msn.com> writes:
>> It really is me, but you are making several mistakes in your
>> arguments, mostly it seems to come down to incorrectly reading my
>> arguments. My primary argument is that encryption costs money, adding
>> cost without benefit is a bad idea. Buying a certificate costs money,
>> this cost needs to be paid by someone.
> The suggestion was that since lots of usenet providers offer
> nntp-over-SSL, customer should use the encrypted service even if they
> don't feel they directly benefit from the encryption, just as a way of
> being a good citizen.
That's the nutcase part. Articles are on public servers, posts and
followups are promulgated among public servers. USENET is not email.
Getting all Secret-Squirrel about it is poor citizenship in the attempt to
undermine what USENET is supposed to be about. After all, the only possible
reasons for wanting encryption is facilitate stealing intellectual property,
disseminating child pornography, furtherance of other criminal conspiracies,
and spam.
--
Lars Eighner <http://larseighner.com/> September 5770, 1993
150 days since Rick Warren prayed over Bush's third term.
Obama: No hope, no change, more of the same. Yes, he can, but no, he won't.
Sure, it's not email. It's more like a library. If you write a book
and put it in the library, it's public, and that's fine. If you go to
the library and READ a book, that's private. Are you willing to give
the FBI a list of every book you have ever read? Maybe some of them
could lead to an inference (valid or not) that you are up to
suspicious activity, eh?
Imagine that your library releases a list of every book that you read,
unless you opt out (by using encryption when reading, in the case of
USENET). If almost nobody opts out, then opting out is suspcious in
its own right. Therefore if we care about privacy as a principle (why
else would we be here on sci.crypt), and we want opting out to not be
a suspicious act,, we should use encryption even if we think our own
reading habits are completely uninteresting to those who would spy on
us.
> Lars Eighner <use...@larseighner.com> writes:
>> That's the nutcase part. Articles are on public servers, posts and
>> followups are promulgated among public servers. USENET is not email.
> Sure, it's not email. It's more like a library. If you write a book
> and put it in the library, it's public, and that's fine. If you go to
> the library and READ a book, that's private. Are you willing to give
> the FBI a list of every book you have ever read? Maybe some of them
> could lead to an inference (valid or not) that you are up to
> suspicious activity, eh?
USENET isn't a library either.
> Imagine that your library releases a list of every book that you read,
> unless you opt out (by using encryption when reading, in the case of
> USENET). If almost nobody opts out, then opting out is suspcious in
> its own right. Therefore if we care about privacy as a principle (why
> else would we be here on sci.crypt), and we want opting out to not be
> a suspicious act,, we should use encryption even if we think our own
> reading habits are completely uninteresting to those who would spy on
> us.
Why should I want to help criminals cover their tracks? You and I both know
this is about stealing music, software, and getting child porn.
When I came on USENET, reader statistics could be gathered simply by root
aggregating the users' .newsrcs. And you know what? USENET was a better
place then.
If you really think the whole government is spying on you personally, maybe
you should be taking those meds, or maybe you should find some way to
communicate other than USENET.
--
Lars Eighner <http://larseighner.com/> September 5771, 1993
> undermine what USENET is supposed to be about. After all, the only possible
> reasons for wanting encryption is facilitate stealing intellectual property,
I use stunnel with leafnode, to allow ssl encryption between my system,
and the nntp server.
I was having problems a few months ago, where attempts to connect to the
nntp server were failing, with wireshark showing many retransmissions
being required, and lots of lost packets. This consistently started
around 1500 local time, when students were getting out of school, and
would clear up around 1800 local time.
Checking with my isp confirmed that traffic shaping was giving nntp
packets a lower priority then other protocols, both by my isp, and
their upstream, bell.ca.
By switching to ssl encrypted packets on a different port, the connection
problems disappeared. A side benefit, is that stunnel allows compression
of the data, resulting in a faster download of articles.
This is with a text only nntp server. No porn, no software, etc.
There are reasons for using encryption, besides facilitating criminal
activities. Since most nntp servers also use clear text for the entry
of userids and passwords, anyone using public connections also should
encrypt the communications, to prevent the credentials being captured
by those who would use the account for spamming, or criminal activities.
Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
You are trolling. Bye.
> On Fri, 19 Jun 2009 16:58:51 +0000 (UTC), Lars Eighner
><use...@larseighner.com> wrote:
>>In our last episode, <7xfxdwn...@ruckus.brouhaha.com>, the lovely and
>>talented Paul Rubin broadcast on alt.free.newsservers:
>>
>>> "Joseph Ashwood" <ash...@msn.com> writes:
>>>> It really is me, but you are making several mistakes in your
>>>> arguments, mostly it seems to come down to incorrectly reading my
>>>> arguments. My primary argument is that encryption costs money, adding
>>>> cost without benefit is a bad idea. Buying a certificate costs money,
>>>> this cost needs to be paid by someone.
>>
>>> The suggestion was that since lots of usenet providers offer
>>> nntp-over-SSL, customer should use the encrypted service even if they
>>> don't feel they directly benefit from the encryption, just as a way of
>>> being a good citizen.
>>
>>That's the nutcase part. Articles are on public servers, posts and
>>followups are promulgated among public servers. USENET is not email.
>>Getting all Secret-Squirrel about it is poor citizenship in the attempt to
>>undermine what USENET is supposed to be about. After all, the only possible
>>reasons for wanting encryption is facilitate stealing intellectual property,
>>disseminating child pornography, furtherance of other criminal conspiracies,
>>and spam.
> The "nothing to hide" argument speaks to some problems, but not to
> others. It represents a singular and narrow way of conceiving of
> privacy,
Privacy isn't the issue.
IF you go to the public square could someone notice whether you take a
leaflet from one of the guys handing out leaflets? Sure. Could they make a
note that you took a leaflet from one guy in particular but not from the
others? Sure. Could someone notice whether you showed any particular
interest in one of the posters? Could someone watch the square day and
night just in case you show up in order to keep a record of just your doings
there? Well, yeah, it is possible in the sense that nothing in laws of
physics would prevent that.
It is the public square. It isn't your bedroom. It isn't the confessional,
it isn't your doctor's office. It's the public square.
If you don't like being in public, you have the option of not going there.
It isn't really the "nothing to hide" argument either. The nothing to hide
argument would be "Why shouldn't I let the policeman look in my sock
drawer?"
This is, "Why should I wear a burqa in the public square?" That's a
different question and a pretty good one. The public square is the public
square and always has been the public square. So why do these guys want to
wear burqas in the public square, and furthermore want me to wear a burqa in
the public square so they won't stick out when they wear their burqas?
It is a pretty fair conclusion that the reason they want that is that they
are planning to do something wrong in the public square. That's not saying
"There is nothing in my sock drawer so let's go see what is in their sock
drawers." It saying public stuff is public stuff and private stuff is
private stuff, and the attempt to make public stuff private cannot possibly
come from good motives.
The computer that I read Usenet on is, in fact, in my bedroom. It is
not in the public square. What I read in my bedroom is nobody's
business.
> On Sat, 20 Jun 2009 01:46:32 +0000 (UTC), Lars Eighner
><use...@larseighner.com> wrote:
> Whoa! Are you saying wearing a burkha is a sign someone is going to do
> something wrong in the public square?
No, I am saying people who expect other people to cover up for them is
a sign that they intend to do something wrong. You want to wear a burqa?
You are free to do it. When you want others to wear a burqa so you won't
stand out when you wear yours, that is asking too much.
> The authorities could have some interest in you holding that thought.
Fuck 'em, if they don't like it.
> Depending on where that public square is, the reaction could be positive
> or negative towards you.
Perhaps you have not noticed, but cowardice is not my long suit.
> The ability to speak openly and freely sometimes needs a degree of
> anonymity.
No. If it needs "anonymity" then it certainly is not the ability to speak
*openly* or freely. Anonymity is the antithesis of free and open. Sheep
will settle for anonymity. Free men expect better. You are not really
stopping predators by trying to blend in with the flock. You are just
hoping the predators will pick on someone else. If they pick you, the
other sheep will not save you anymore than you are willing to stand up for
the other sheep. And as the flock dwindles, the odds that you will be next
goes up. When you make the case for anonymity, you are not defending free
speech. You certainly are not defending open speech.
> Are you denying people that opportunity?
No. What denies them is that they are cowards. (Well, and logic prevents
speech from being both 'open' and 'anonymous' in the same way it prevents
something from being both pink and invisible.)
> Speaking on Usenet is no different than speaking on television.
Well, except for the fact that USENET is very obscure, but anyone who know
about it can get on it almost for free, it was designed as a text-only
medium and when you see something on USENET you can followup to it and that
they are completely different things, yes USENET is just like speaking on
television.
> Are you against a persons face being concealed, for their own and others
> protection, while being interviewed?
That's not what is being asked. When a person's face is not shown on
television, the interviewer and the other people on the program are not
asked to cover up too. In case you missed the title of this thread,
it is asking everyone to cover up their faces.
I strongly suspect that the reason people want encrypted access to USENET is
because they want to steal warez, songs, and movies, or promulgate child
porn, or libel others with impunity. Perhaps they are merely cowards who do
not want to be associated with their own opinions or beliefs, or they hope to
influence events by knowingly spreading misinformation. In any event, I
have never said there shouldn't be encrypted access, I have only said that
those of us who don't want it should not use it just to give cover to those
who do.
I'll be posting with my true name and my valid email address even if
encryption is force on everyone because I am not a coward or a thief or a
liar.
Let the sunshine in.
Don't be such a wuss.
--
Lars Eighner <http://larseighner.com/> September 5771, 1993
Does it occur to you that a hell of a lot of the world is not free?
Do you pay ANY attention to what is going on around you, for example
to what is going on in Iran right now? The usual communications
channels including the mobile phone network are blocked and censored.
Almost all the information coming out of there is from anonymous
internet users, a lot of them using proxy servers set up over the past
few years by Chinese expats to help people in China deal with similar
obstacles (that is how they were able to make things happen so fast).
One can say without hyperbole that in a lot of cases, those Iranians'
lives depend on their anonymity if they are to get the word out. If
we want to add hyperbole, we can observe that they are getting the
word out in order to overthrow a crazy dictatorship whose aim is to
acquire nuclear weapons and wreak worldwide mayhem; therefore, OUR
lives also depend on their anonymity.
I believe that some of those people are using encryption software that
I helped write. I have never been prouder.
> Lars Eighner <use...@larseighner.com> writes:
>> No. If it needs "anonymity" then it certainly is not the ability to speak
>> *openly* or freely. Anonymity is the antithesis of free and open. Sheep
>> will settle for anonymity. Free men expect better.
> Does it occur to you that a hell of a lot of the world is not free?
Yes. And anonymity would ensure that it stays that way. Where was Ghandi's
encryption? Where was King's USENET? What software did Mandela use? Oh,
wait. We know their names. They weren't anonymous. Where in the world did
anonymous bring about freedom?
> Do you pay ANY attention to what is going on around you, for example
> to what is going on in Iran right now?
Nothing of any importance is going on in Iran. The "protesters" are not
protesting nuclear weapons. They are not denouncing theocracy or Islam.
They are reaffirming theocracy. They are not protesting creepy old
dictators. They just want their guy to be the creepy old dictator instead
of the other guy. There is no principle involved.
> The usual communications channels including the mobile phone network are
> blocked and censored. Almost all the information coming out of there is
> from anonymous internet users, a lot of them using proxy servers set up
> over the past few years by Chinese expats to help people in China deal
> with similar obstacles (that is how they were able to make things happen
> so fast).
So what good is the information coming out? The US sat by while the
Hungarian uprising was crushed --- and there was a principle involved there.
Do you think anyone is going to do anything about these two parties of
jackels fighting for dominance?
> One can say without hyperbole that in a lot of cases, those Iranians'
> lives depend on their anonymity if they are to get the word out.
I'll ask you again: What newsgroups are the people who want a new dictator
to replace the old dictator using? Are they really using USENET? Why would
they think is USENET is appropriate for that? And what if "they get the
word out"? What good would that do for anyone?
> If we want to add hyperbole, we can observe that they are getting the word
> out in order to overthrow a crazy dictatorship whose aim is to acquire
> nuclear weapons and wreak worldwide mayhem;
But they are supporting a candidate whose aim is to acquire nuclear weapons
and wreak worldwide mayhem. Where in the world did you get the idea that
the Iranian opposition is in anyway opposed to nuclear weapons or theocracy?
They aren't.
And if they were, exactly how would "getting the word out" help?
> therefore, OUR lives also depend on their anonymity.
Because it would be so much better to be nuked by the new crazy old guy
instead of the old crazy old guy.
> I believe that some of those people are using encryption software that
> I helped write. I have never been prouder.
Where on USENET is this happening?
--
Lars Eighner <http://larseighner.com/> September 5772, 1993
And, consider that some people far away were having problems with
their government and would face reprisals over what they wrote. Even
a few words encrypted might foil that..But, again, the answer is
outlaw encryption and all free reigning communications, surely such as
this is.
> And, consider that some people far away were having problems with
> their government and would face reprisals over what they wrote. Even
> a few words encrypted might foil that..But, again, the answer is
> outlaw encryption and all free reigning communications, surely such as
> this is.
Once again, there has been nothing here about outlawing encryption. That
you insist on such a distortion speaks volumes about your motives.
Does your newsreader show you the subject header? If so, look up at it
again.
This thread is asking people who do not want or need encryption to use it
anyway in order to provide cover for people who feel they need to conceal
their activities. It is not "outlawing encryption" to refuse to use it in
order to provide cover for somebody else's activities.
I'm not "outlawing" adultery if I refuse to provide you with an alibi when
you step out to meet your mistress. And if you start a thread "Please,
everybody say I was bowling if my wife asks," and then really expect
everyone to say "Sure, he was bowling," but that doesn't happen, nobody is
infringing your rights. They just are refusing to cover up for you.
--
Lars Eighner <http://larseighner.com/> September 5772, 1993
What interesting choices of examples you make. Two of those three
guys were assassinated for their activities and the remaining one
spent 27 years in jail. One can choose not to be anonymous, but don't
tell me it doesn't have a price.
> Where in the world did anonymous bring about freedom?
King, Gandhi, and Mandela all led mass movements. If they had acted
alone they would have accomplished nothing. The people who
participated in the mass movements (e.g. the million person marches)
were for the most part anonymous (faces in crowds), and they liked it
that way.
> Because it would be so much better to be nuked by the new crazy old
> guy instead of the old crazy old guy.
I don't know much about the new guy and therefore don't have any
reason to think he is as crazy as the old guy (whose craziness really
is above average). If the new guy is (like a more typical politician)
merely creepy but not crazy, that's a less dangerous situation. It's
just what we already have in quite a few nuclear-armed countries
already.
> > I believe that some of those people are using encryption software
> > that I helped write. I have never been prouder.
>
> Where on USENET is this happening?
A fair amount of crypto development discussion happens on sci.crypt,
one of the groups linked in this thread. It became possible to write
free web servers that could interoperate with the encryption in mass
market browsers because of the anonymous disclosure on sci.crypt of
RC4, a previously secret algorithm that was the only one approved for
international distribution (in weakened form, enforced by regulations
on the server vendors) under the old US crypto export regime. Of
course, once the secret was out, anyone could build an unweakened
server, and many people did who were outside the reach of the US
government.
I don't know if the Iranians are using Usenet, but of course
non-Usenet users should also use encryption all the time if they can.
It upsets me that Usenet is withering the way it is, since it's much
closer to a true broadcast medium than centralized web sites are.
> [from other message]
> I'm not "outlawing" adultery if I refuse to provide you with an alibi when
> you step out to meet your mistress. And if you start a thread "Please,
> everybody say I was bowling if my wife asks," and then really expect
> everyone to say "Sure, he was bowling," but that doesn't happen, nobody is
> infringing your rights. They just are refusing to cover up for you.
In fact, enabling such a cover-up is mandated by law in most US
elections. You are not allowed (i.e. you are forbidden by law) to let
another person into a voting booth with you to watch you vote. You
can tell someone afterwards that you voted for so-and-so, but they
have no way to verify it. That is to protect you from coercion. You
might not feel you need the protection, but if you had the option of
declining it, then you could be coerced into doing so. Therefore, the
protection--the alibi that lets you cover up who you really voted
for--is extended to everybody whether they want it or not.
> Lars Eighner <use...@larseighner.com> writes:
>> Yes. And anonymity would ensure that it stays that way. Where was Ghandi's
>> encryption? Where was King's USENET? What software did Mandela use? Oh,
>> wait. We know their names. They weren't anonymous.
> What interesting choices of examples you make. Two of those three
> guys were assassinated for their activities and the remaining one
> spent 27 years in jail. One can choose not to be anonymous, but don't
> tell me it doesn't have a price.
Freedom has a price. It isn't won or maintained by 99th level avatars,
summoning spells and druid clerics, or by guys in their underwear posting to
USENET.
>> Where in the world did anonymous bring about freedom?
> King, Gandhi, and Mandela all led mass movements. If they had acted
> alone they would have accomplished nothing. The people who
> participated in the mass movements (e.g. the million person marches)
> were for the most part anonymous (faces in crowds), and they liked it
> that way.
Some spun. Some marched. Some did not give up their seats when the bus
driver told them to. But they were not anonymous. They showed their faces.
None of them were crying because they couldn't download a mp3.
>> Because it would be so much better to be nuked by the new crazy old
>> guy instead of the old crazy old guy.
> I don't know much about the new guy
I did not think so.
> and therefore don't have any reason to think he is as crazy as the old guy
> (whose craziness really is above average).
Frankly, I don't see that. No one gets on the ballot in Iran in the first
place without the blessing of the theocrats.
> If the new guy is (like a more typical politician) merely creepy but not
> crazy, that's a less dangerous situation. It's just what we already have
> in quite a few nuclear-armed countries already.
Which is exactly why Iran's nuclear program doesn't make much difference,
but more to the point, it isn't on the line in the outcome of the present
election.
>> > I believe that some of those people are using encryption software
>> > that I helped write. I have never been prouder.
>>
>> Where on USENET is this happening?
> A fair amount of crypto development discussion happens on sci.crypt,
> one of the groups linked in this thread. It became possible to write
> free web servers that could interoperate with the encryption in mass
> market browsers because of the anonymous disclosure on sci.crypt of
Which would have exactly what to do with USENET? You know, I have
encountered many people who think the web is the internet, but this is the
first time I have encounter anyone who thinks USENET is the internet.
> RC4, a previously secret algorithm that was the only one approved for
> international distribution (in weakened form, enforced by regulations
> on the server vendors) under the old US crypto export regime. Of
> course, once the secret was out, anyone could build an unweakened
> server, and many people did who were outside the reach of the US
> government.
> I don't know if the Iranians are using Usenet,
Exactly. But I know people are using USENET to steal warez and music and I
suppose from the names of a few of the binaries groups to distribute child
porn. I know people USENET to spread libels. I know the freepers, the
birthers, the Minutemen, the Topaz's and Hal Turner's, the rescuers, and
just about every kind of terrorist group that is now a threat in the US use
USENET to spread misinformation. But you don't know if any of the Iranian
protesters, who are not really opposed to the foreign policy of the present
regime in Iran, are on USENET.
I know there are lots of bad guys on USENET who could use encryption to
further their bad activities. You do not know that there are any good guys
on USENET who might need ecryption to further some good activity. That
makes encryption with regard to USENET at the very best the solution to a
problem that does not exist.
> but of course non-Usenet users should also use encryption all the time if
> they can. It upsets me that Usenet is withering the way it is, since it's
> much closer to a true broadcast medium than centralized web sites are.
Well actually USENET was a much better place when you had to have a real
newsreader to read or post and when Windoz wieners hadn't heard of it,
It doesn't bug me a lot that people aren't using nn (I don't either), but
the whiners using OE and Thunderbird --- stuff written by idiots for idiots
--- who can't even figure out how to configure their own idiot software
really tick me off. The more moron filters, the better.
>> [from other message]
>> I'm not "outlawing" adultery if I refuse to provide you with an alibi when
>> you step out to meet your mistress. And if you start a thread "Please,
>> everybody say I was bowling if my wife asks," and then really expect
>> everyone to say "Sure, he was bowling," but that doesn't happen, nobody is
>> infringing your rights. They just are refusing to cover up for you.
> In fact, enabling such a cover-up is mandated by law in most US
> elections. You are not allowed (i.e. you are forbidden by law) to let
> another person into a voting booth with you to watch you vote.
Yes, those are the statutes now. But most of them were not enacted until
late in the 19th century. There is no Constitutional right to a secret
ballot. Moreover many towns conduct business in open meetings in which
citizens must vote by raising their hands or standing.
USENET votes are pretty much confined to configuration issues and guess
what? USENET votes are conducted by email, not on USENET. But the results
are published so that anyone can see whether his vote is correctly counted.
> You can tell someone afterwards that you voted for so-and-so, but they
> have no way to verify it. That is to protect you from coercion. You
> might not feel you need the protection, but if you had the option of
> declining it, then you could be coerced into doing so. Therefore, the
> protection--the alibi that lets you cover up who you really voted for--is
> extended to everybody whether they want it or not.
Which of course puts elections in the hands of the people who count the
votes. You are welcome to all the secret ballots you want, just so long as
I get to count the ballots. When people vote in public, everyone knows
whether the count is right or not. Secrecy is just secret. It doesn't make
for better outcomes.
You are wrong. To this day, nobody knows who posted alleged-RC4 to
sci.crypt. But it was a significant event in the crypto regulation
battle.
> Some spun. Some marched. Some did not give up their seats when the
> bus driver told them to. But they were not anonymous. They showed
> their faces.
There are no records of their names or faces, nor was there any way in
those days to make or maintain such records on that scale (and they
knew it), so they were anonymous. These days with computers and
cameras everywhere, it's different and more threatening and in need of
more awareness and regulation.
> Frankly, I don't see that. No one gets on the ballot in Iran in the
> first place without the blessing of the theocrats.
The theocrats aren't necessarily crazy. Evil and creepy, yes. But
that's different.
> > A fair amount of crypto development discussion happens on sci.crypt,
> Which would have exactly what to do with USENET?
sci.crypt is a usenet group, dude.
> I know there are lots of bad guys on USENET who could use encryption
> to further their bad activities. You do not know that there are any
> good guys on USENET who might need ecryption to further some good
> activity.
Not true, the RC4 description that I mentioned was posted through a
remailer. Various people on the Scientology newsgroup also use
remailers to disclose info about Scientology's illegal activities
while protecting themselves from reprisals. Scientology is maybe
about to be banned in France because of their activity.
> Which of course puts elections in the hands of the people who count
> the votes. You are welcome to all the secret ballots you want, just
> so long as I get to count the ballots. When people vote in public,
> everyone knows whether the count is right or not.
Don't be silly. When the votes are public and subject to coercion,
you have no idea how many actually reflect what the voter wanted, so
the true count (of the voters' actual wishes) is effectively secret
even from the voters themselves. The combination you want is vote in
secret and count in public, not the other way around.
> Yes. And anonymity would ensure that it stays that way. Where was
> Ghandi's encryption? Where was King's USENET? What software did
> Mandela use? Oh, wait. We know their names. They weren't anonymous.
> Where in the world did anonymous bring about freedom?
You are amazingly ignorant of history. Alexander Hamilton, James Madison,
and John Jay - towering figures in the foundation of the US - wrote the
"federalist papers" ANONYMOUSLY (under the pseudonym "Publius"). The
federalist papers were a gignatic factor in the acceptance of the US
Constitution.
You may now return to your carping and bickering.
Regards,
WTF is "gignaticism"?
Outside of New York, your're wrong, by the time New York voted ten states had already ratified the Constitution so it had already passed.
Only nine states needed to ratify it, making the masterful media blitz performed by the federalist ghost writers a null event. Sure it garnered a lot of attention, much like celebrities and freeway crashes
do today.
And FWIW, Hamilton, Madison and Jay did not encrypt their essays, nor did they post to Usenet.
Did anyone mention Benjamin Franklin yet?
During the eighteenth century, it was common for writers and
journalists to use pseudonyms, or false names, when they created
newspaper articles and letters to the editor. Franklin used this
convention extensively throughout his life, sometimes to express an
idea that might have been considered slanderous or even illegal by
the authorities; other times to present two sides of an issue, much
like the point-counterpoint style of journalism used today.
When Franklin used a pseudonym, he often created an entire persona
for the "writer." Sometimes he wrote as a woman, other times as a
man, but always with a specific point of view. While all of his
writings were focused and logical, many were also humorous, filled
with wit and irony. Silence Dogood, Harry Meanwell, Alice
Addertongue, Richard Saunders, and Timothy Turnstone were a few of
the many pseudonyms Franklin used throughout his career.
...
> WTF is "gignaticism"?
Ah, unable to contribute anything of value, you are reduced to
nitpicking. Have you considered a career as a proofreader?
> Outside of New York, your're wrong, by the time New York voted ten
> states had already ratified the Constitution so it had already passed.
> Only nine states needed to ratify it, making the masterful media blitz
> performed by the federalist ghost writers a null event. Sure it
> garnered a lot of attention, much like celebrities and freeway crashes
> do today.
Once again you show your ignorance of history. The series of Federalist
papers began October 27, 1787 - before ANY State had ratified the
Constitution! The papers were so popular and so influential that the
first 36 were published in book format (i.e., bound) on March 2, 1778
(only 6 States had ratified by then) and 77 of them had been published
both individually and in book format by May 28, 1788 (only 8 States had
ratifed by then). IOW the Federalist papers were concurrent with the
ratification process.
But you say the Federalist papers were of no account, eh? Mere PR, eh?
Your ignorance, large though it is, is exceeded by your lack of judgment.
As my post stated, I expected carping - but not such impressively idiotic
carping. Truly, you have exceeded my expectations.
However, your carping cannot be allowed to detract from my main point:
Lars Eighner called for an example of anonymity contributing to freedom -
he has been resoundingly answered!
Regards,
Yawn! Your nitpicking regarding my typo exhausted what little charm it had
the first time round. Your continued attempts to justify yourself only
underline your intellectual vapidity and dishonesty.
As for your trivializing of the Federalist papers, I have no doubt other
readers will assign your opinions the weight they so richly deserve.
The core fact remains from which your maunderings cannot detract or
distract: Three US founding fathers, all of whom went on to assume high US
office including one as President, not only endorsed anonymity
theoretically, they actively used it personally to promote one of the major
political milestones in history, the ratification of the US Constitution.
In short, Lars Eighner called for an example of anonymity contributing to
> Lars Eighner <use...@larseighner.com> wrote in
> news:slrnh3p0sj...@debranded.larseighner.com:
>> Yes. And anonymity would ensure that it stays that way. Where was
>> Ghandi's encryption? Where was King's USENET? What software did
>> Mandela use? Oh, wait. We know their names. They weren't anonymous.
>> Where in the world did anonymous bring about freedom?
> You are amazingly ignorant of history. Alexander Hamilton, James Madison,
> and John Jay - towering figures in the foundation of the US - wrote the
> "federalist papers" ANONYMOUSLY (under the pseudonym "Publius").
Long after Cornwallis surrendered. The Treaty of Paris was signed in 1783.
The war was over. Many of the Anti-federalist and the federalist adopted
fancy pen names in 1787 --- when there was no question of the personal
safety of the authors. *You* are amazingly ignorant of history.
> The federalist papers were a gignatic factor in the acceptance of the US
> Constitution.
A document that repudiated the rights of "life, liberty, and the pursuit of
happiness" and enshrined slavery as the basis of the new republic.
> You may now return to your carping and bickering.
> Regards,
--
Lars Eighner <http://larseighner.com/> September 5772, 1993
151 days since Rick Warren prayed over Bush's third term.
They weren't fools. If they saw value in anonymity even when their
personal safety wasn't in danger, we should consider their example to
be an honorable one and not feel wrong to follow it ourselves.
>>> Where in the world did anonymous bring about freedom?
>
>> You are amazingly ignorant of history. Alexander Hamilton, James
>> Madison, and John Jay - towering figures in the foundation of the US
>> - wrote the "federalist papers" ANONYMOUSLY (under the pseudonym
>> "Publius").
>
> Long after Cornwallis surrendered....
Your feeble attempts to dismiss the Federalist papers do not weaken them -
you only make yourself look foolish.
The core fact remains from which you cannot detract or distract: Three US
founding fathers, all of whom went on to assume high US office including
one as President, not only endorsed anonymity theoretically, they actively
used it personally to promote one of the major political milestones in
history, the ratification of the US Constitution.
In short, you called for an example of anonymity contributing to
freedom - you have been resoundingly answered!
Regards,
> Lars Eighner <use...@larseighner.com> wrote in
> news:slrnh3qq5n...@debranded.larseighner.com:
But it didn't. It contributed to the maintenance of slavery.
That you don't accept that you have been both answered and rebutted
doesn't much interest me - life is too short for me to waste it trying to
convince eternal carpers like you. I do not post to convince you but
rather to expose your ignorance and errors for the benefit of others.
Which I have done.
The weight of the actual productive use of anonymity by outstanding men
like Madison, Hamilton, and Jay totally eclipses your feeble objections -
no defence of their actions from me is required.
In short, the core fact remains from which you cannot detract or
distract: Three US founding fathers, all of whom went on to assume high
US office including one as President, not only endorsed anonymity
theoretically, they actively used it personally to promote one of the
major political milestones in history, the ratification of the US
Constitution.
Regards,
>I do not post to convince you
You're another ignorant troll copying and pasting ten-year old screed.
> On Sun, 21 Jun 2009 02:57:58 GMT, "nemo_outis" <a...@xyz.com> wrote:
>
>>I do not post to convince you
>
>
> You're another ignorant troll copying and pasting ten-year old screed.
Back under your bridge, troll.
> Why should I want to help criminals cover their tracks? You and I both know
> this is about stealing music, software, and getting child porn.
FYI, encryption alone cannot hide the difference between reading text-only news
groups, and downloading from binary news groups.
And your "OMG, think of the children!!" pitch is ludicrous.
> When I came on USENET, reader statistics could be gathered simply by root
> aggregating the users' .newsrcs. And you know what? USENET was a better
> place then.
I'm not sure what your point is.
> If you really think the whole government is spying on you personally, maybe
> you should be taking those meds, or maybe you should find some way to
> communicate other than USENET.
You've got all the clich�s covered.
Given that the whole world knows what you post to usenet, and your
usenet provider knows what you read what advantage does using SSL for
the first hop between usenet client and posting server gain you?
It can make it a little more difficult for someone to sniff your
login id/pw. And why are you assuming the usenet provider knows
or cares what you are reading? I would guess the provider has better
things to do; it's that "anyone else" factor because you can be sure
they do not rate your interests a top priority.
You might trust your usenet provider, but not your internet service
provider.
Your internet service provider might not know what username you have
with your usenet provider.
Etc.
--
Kristian Gj�steen
>Fritz Wuehler wrote:
>
>> Free news server such as AOIE and Albasani support SSL connections. I
>> urge everyone to use SSL connections when reading Usenet news so your
>> provider (or anyone else for that matter) can't see what articles you
>> are reading or sending to Usenet.
>>
>> The more people who use encryption, the better. Let's prevent law
>> enforcement agencies from using slander like: 'if people use encryption
>> they probably got something to hide and up to no good.'
>
>Hello Fritz,
>
>The following article seems relevant.
>
>"I've Got Nothing to Hide" and Other Misunderstandings of Privacy
>Daniel J. Solove -- George Washington University Law School
>http://ssrn.com/abstract=998565
>
>Regards.
It seems to me that what is often lost in discussions on privacy is
the inherent link between privacy and security, and/or privacy and
safety.
Stated differently, significant problems with the "I've Got Nothing to
Hide" argument become apparent if one asks a few questions;
"From whom do you have nothing to hide? Would you give all information
about yourself, your children, your loved ones, and/or your financial
assets to known criminals?"
"Do you ever lock your home, your car, or otherwise secure your
personal safety or any of your possessions? Would you object to
publication of pictures and details of all of your lock keys and
combinations?"
"Why do banks keep locations of valuables and methods for access to
valuables secret?"
"Why do criminals gather information about targets as part of
robberies, kidnappings, assassinations and other crimes?"
"My friends want access to all information about your valuables, every
security device or system you use, your habits and your family's
habits. Don't worry, you can trust us."
Regards.
You magnified a post card into a novel. People have different
desires, needs, ways of doing things.
>
> Does your newsreader show you the subject header? If so, look up at it
> again.
>
> This thread is asking people who do not want or need encryption to use it
> anyway in order to provide cover for people who feel they need to conceal
> their activities. It is not "outlawing encryption" to refuse to use it in
> order to provide cover for somebody else's activities.
Anything that infringes on free speech and how it is communicated to
none, one, or all would be that.
>
> I'm not "outlawing" adultery if I refuse to provide you with an alibi when
> you step out to meet your mistress. And if you start a thread "Please,
> everybody say I was bowling if my wife asks," and then really expect
> everyone to say "Sure, he was bowling," but that doesn't happen, nobody is
> infringing your rights. They just are refusing to cover up for you.
This surely reveals that you do now know me, certainly as a classical
artist of limited ability and a photographer of rather scantily clad,
if at all, subjects. It's fine art as I see it. My wife usually
fixes us a lunch. Some subjects would prefer to be anonymous and
others want to be seen et al. It's all quite fun like writing good
crypto.
Exactly.
And the reason for encrypting your Usenet connection would be to
prevent anyone from building a profile on you by watching the
newsgroups you visit and the articles you read. It may not be top-
secret but it's simply nonbody's business! Don't be ignorant and
encrypt EVERYTHING.
On Jun 15, 11:53 am, Fritz Wuehler
<fr...@spamexpire-200906.rodent.frell.theremailer.net> wrote:
> Free newsserver such as AOIE and Albasani support SSL connections. I
> urge everyone to use SSL connections when reading usenet news so your
> provider (or anyone else for that matter) can't see what articles you
> are reading or sending to usenet.
>
> The more people who use encryption, the better. Let's prevent law
> enforcment agencies from using slander like: 'if people use encryption