<div dir="ltr">I'm curious to hear more about your PSTN based addressing scheme, and how one could build a large distributed network with it.<div><br></div><div style>-steve</div></div><div class="gmail_extra"><br><br>
<div class="gmail_quote">On Tue, Jun 11, 2013 at 8:30 AM, GtwoG PublicOhOne <span dir="ltr"><<a href="mailto:g2g-public01@att.net" target="_blank">g2g-public01@att.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<br>
Re. Alcides: Nope, haven't heard of CJ-DNS yet. <br>
<br>
A lot of us are thinking along similar lines. The internet as it
now stands is thoroughly broken, an ecosystem dominated by predators
and parasites of all kinds, from the obvious scum who engage in
phishing attacks, botnets, and spam, to the less obvious types who
do things like offer "free" candy in exchange for stalking us
everywhere we go, whether we know it or not, and whether we like it
or not (see also my item (8) below). It's buggy, bloated, and
broken, and it's overdue for a change. <br>
<br>
I'm looking for someone who can write an IPV4/6 to decimal PSTN
address conversion application, suitable for mesh. Mesh by its
nature requires using the address of the device as its routable
destination. This does not work for telephony beyond the level of
small PBX at present, and will completely break in IPV6. Using a
centralized address server to manage transactions breaks the mesh
paradigm. Therefore the need for a new addressing system based on
the PSTN (public switched telephone network). The version I'm
proposing will also give each address 10,000 extension addresses for
any combination of voice and data devices.<br>
<br>
More about which later, as I've gotta scoot off to work right now;
be back this evening.<br>
<br>
-G.<br>
<br>
<br>
<br>
=====<div><div class="h5"><br>
<br>
<br>
<br>
<br>
<div>On 13-06-11-Tue 7:54 AM, Alcides
Gutierrez wrote:<br>
</div>
<blockquote type="cite">
<p dir="ltr">G,</p>
<p dir="ltr">Have you heard of cjdns? Do you have any thoughts on
it? The ideal goal is to replace the Internet (current) with a
new one. ProjectMeshnet.org</p>
<p dir="ltr">Alcides Gutierrez<br>
<a href="http://e64.us" target="_blank">http://e64.us</a></p>
<div class="gmail_quote">On Jun 11, 2013 7:41 AM, "Andrew" <<a href="mailto:andrew@roshambomedia.com" target="_blank">andrew@roshambomedia.com</a>>
wrote:<br type="attribution">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">maybe sudoroom should run an email server that
encrypts messages on the disk as well offers end to end
encryption over the air.<br>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jun 11, 2013 at 4:07 AM,
GtwoG PublicOhOne <span dir="ltr"><<a href="mailto:g2g-public01@att.net" target="_blank">g2g-public01@att.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
Hi Max, YOs-<br>
<br>
Speaking from more than casual knowledge of the subject
matter, as a few<br>
of us here know:<br>
<br>
<br>
1) If you read the denials issued by Google and
Facebook, you'll<br>
discover that they used almost identical language. And
while it's true<br>
that corporate PR-speak and legal-speak are usually as
bland as baked<br>
beans, this stuff reminds one of the story where Mrs.
Jones and Mrs.<br>
Smith each had a baby that bears more than a slight
resemblance to the<br>
guy who delivers both of their newspapers:<br>
<br>
Google: "First, we have not joined any program that
would give the U.S.<br>
government—or any other government—direct access to our
servers."<br>
<br>
Facebook: "Facebook is not and has never been part of
any program to<br>
give the US or any other government direct access to our
servers."<br>
<br>
Google: "We had not heard of a program called PRISM
until yesterday."<br>
<br>
Facebook: "We hadn't even heard of PRISM before
yesterday."<br>
<br>
Google: "Our legal team reviews each and every
request..."<br>
<br>
Facebook: "When governments ask Facebook for data, we
review each<br>
request carefully..."<br>
<br>
<br>
2) Of course they didn't "join" a program or become
"part of" a program.<br>
NSA isn't a "club" that you can just "join." What
Facebook and Google<br>
did was become ASSETS of a program.<br>
<br>
That is a very subtle but important distinction. If you
were to ask<br>
their lawyers if they "had become assets or had acted in
any capacity as<br>
assets of any entity within the United States
Intelligence Community<br>
(USIC)," they would clam up right quick. One needs to
know how to ask<br>
the question in order to get at the answer.<br>
<br>
Also, it is the case that the assets of a program or
operation rarely if<br>
ever know the name of the program or operation involved.
Knowing the<br>
name of the program or op would give the assets the
ability to compare<br>
notes and possibly compromise the program or op. Very
often, even the<br>
names of programs or ops are themselves classified.<br>
<br>
By the way, some of y'all may have heard my comments
about Steve Jobs'<br>
application for a security clearance, shortly after Jobs
died and his<br>
bio was published. The media were preoccupied with the
usual celebrity<br>
gossip about how he could have gotten a clearance when
he'd admitted to<br>
taking LSD and building blue boxes (naughty phone-phreak
devices). But<br>
the real story, as I said at the time, was that the
purpose of the<br>
clearance was to facilitate relationships with certain
agencies<br>
regarding surveillance opportunities in the Macintosh
operating systems<br>
and other products. It is almost 100% certain that
Microsoft and certain<br>
of the commercial companies involved in Open Source
operating systems,<br>
had similar relationships. ("Intel Inside", anyone?;-)<br>
<br>
One more item. Watch for the names Cisco, Comcast, and
Symantec, in the<br>
news.<br>
<br>
Aww hell, one more after that. Twitter claims to have
refused to<br>
participate in PRISM. That's very convenient for them to
say, because<br>
Twitter itself is a complete intel collection platform
with fully open<br>
access, and a variety of software tools for analysis.
Twitter is the<br>
easiest of the bunch to intercept and fully exploit. You
too can play at<br>
that game (just a little but enough to get the flavor of
it), if you<br>
want to pay for the software.<br>
<br>
<br>
3) Yes, NSA can monitor traffic without a carrier or
service provider<br>
knowing it. This is done by intercepting the traffic at
the carrier<br>
level. By analogy, if I want to tap your broadband
service, I don't have<br>
to break into your house to do it: I can do it from any
point between<br>
your house and the service provider's central office.<br>
<br>
<br>
4) Telcos and broadband providers are required to have
CALEA intercept<br>
equipment (such as the infamous Naris box of EFF fame)
installed in<br>
their racks. This equipment enables authorized entities
to siphon the<br>
data streams in realtime, either in whole or in part
depending on<br>
various assigned levels of privilege.<br>
<br>
If everything that's on a server has gotten there via a
connection that<br>
is being intercepted constantly in real-time, there's no
need to get<br>
inside the server itself.<br>
<br>
<br>
5) NSA and real-time decryption: There is reason to
believe, based on<br>
published accounts, that certain types of decryption are
routine and<br>
automated. I also know from unpublished but not
classified sources, that<br>
there are automated tests that examine ciphertext to
determine<br>
specifically which encryption method and key length were
used to encrypt<br>
the data. I would conclude that automated decryption
exceeds the<br>
capabilities that have been reported in the press.<br>
<br>
Further, I would strongly suggest that we compile
versions of PGP and<br>
GPG from source code, and modify them to eliminate the
upper limit on<br>
key sizes. I can explain further how to perform that
modification of the<br>
source code, once we have it downloaded. It's remarkably
easy.<br>
<br>
<br>
6) Compromise of private keys: Given the number of
methods available,<br>
and given the track records of the various entities
involved, I would<br>
not be surprised.<br>
<br>
"Mary had a private key, with which to open PGP.<br>
The key fell into hostile hands. Now Mary's hiding, with
her lambs."<br>
<br>
<br>
7) Did Google and Facebook lie?<br>
<br>
Do bears shit in the woods?<br>
<br>
<br>
8) A modest prediction, and y'all can file this under
"he wasn't crazy<br>
after all."<br>
<br>
I've been saying this stuff for a while now, but recent
news makes it<br>
more, uhh, "topical":<br>
<br>
The entire advertising-based model of internet services,
with its<br>
reliance on "free" services "supported" by advertising
that "requires"<br>
pervasive tracking of every user's every activities and
whereabouts,<br>
will be demonstrated to have been an enormous cover
story of<br>
convenience, for a degree of mass surveillance that far
exceeds anything<br>
has been reported thus far.<br>
<br>
The goal is to have 100% collection of all
communications and location<br>
data, online and face-to-face, every conversation as
well as metadata,<br>
to be permanently archived for retrieval and analysis at
any later point<br>
in time. (This has not yet been achieved, but they're
working on it.)<br>
The goal of that, in turn, is to enable making accurate
predictions<br>
about the activities and location of any person, at any
point in the<br>
future. What gets done with those accurate predictions
is a matter of<br>
discretionary policy by those who control the data.<br>
<br>
Orwell: "He who controls the past controls the future.
He who controls<br>
the future controls the present." Me: "Knowledge is
power. When they<br>
know all about you, and you know nothing about them, who
has the power?"<br>
<br>
<br>
9) Lastly, Max, you might especially appreciate this bit
of history:<br>
<br>
In the 1970s, GCHQ was engaged in targeted surveillance
of various<br>
dissident groups in the UK. But since GPO Telephones'
switching systems<br>
were entirely electro-mechanical (Strowger switches),
GCHQ had to depend<br>
on the GPO engineers to execute every request by making
physical<br>
connections to the lines at the Central Offices.<br>
<br>
The GPO engineers' sympathies were often with the
dissidents. So,<br>
shortly after the GCHQ officers left, the GPO engineers
would quietly go<br>
about undoing the unwanted connections or otherwise
rendering them<br>
useless. Such are the advantages of electro-mechanical
analog switching<br>
systems, maintained by skilled workers, with a strong
union, and strong<br>
class consciousness.<br>
<br>
<br>
Cheers-<br>
<br>
-G.<br>
<br>
"You search Google, and Google searches you. Deal?"<br>
<br>
<br>
======<br>
<div>
<div><br>
<br>
<br>
On 13-06-10-Mon 11:46 PM, Max B wrote:<br>
> I have a quick question to throw out for anyone
with opinions:<br>
><br>
> When the NSA PRISM program was exposed, it was
leaked that the NSA has<br>
> the capabilities to monitor the content of
communications taking place<br>
> through any of the list of companies they
mentioned. Then Google,<br>
> Apple, and crew came out and denied it.<br>
><br>
> Would it be possible for the NSA to be
monitoring traffic without them<br>
> knowing it/allowing a backdoor? Would that
require NSA servers doing<br>
> 128-bit SSL decryption at real-time speeds? Or
perhaps only when<br>
> specific emails needed to be read? Could they
have covertly<br>
> compromised the private keys of all of these
establishments? ("US<br>
> Government hacked google" seems like a great
Guardian headline)<br>
><br>
> Or do folks think that those companies are just
lying through their<br>
> teeth?<br>
><br>
> On Mon 10 Jun 2013 10:43:42 PM PDT, Rabbit
wrote:<br>
>> Yes, let's have a end-user focused crypto
workshop!<br>
>><br>
>> I'm not an expert but I can help OS X users
get set up with<br>
>><br>
>> Tor<br>
>> Adium + OTR<br>
>> Making encrypted disk images<br>
>> Truecrypt<br>
>><br>
>> And I wanna learn about web of trust,
keysigning, gpg for email<br>
>><br>
>> Also I'm really wishing for a better social
network for people to<br>
>> switch to. Any thoughts on that?<br>
>><br>
>><br>
>><br>
>><br>
>><br>
>> On Mon, Jun 10, 2013 at 7:55 PM, GtwoG
PublicOhOne<br>
>> <<a href="mailto:g2g-public01@att.net" target="_blank">g2g-public01@att.net</a>
<mailto:<a href="mailto:g2g-public01@att.net" target="_blank">g2g-public01@att.net</a>>>
wrote:<br>
>><br>
>><br>
>> YES! a crypto party.<br>
>><br>
>> PGP and GPG won't protect your metadata
from traffic analysis ("TA"),<br>
>> which is what's been revealed that Anagram
Inn has been up to. But<br>
>> protecting your content is a good start,
and building email<br>
>> servers that<br>
>> are end-to-end encrypted is the next step.<br>
>><br>
>> -G.<br>
>><br>
>><br>
>> =====<br>
>><br>
>><br>
>><br>
>> On 13-06-10-Mon 7:13 PM, William Budington
wrote:<br>
>> > There was some discussion about this
at the last meeting, mostly<br>
>> around<br>
>> > securing personal data on physical
devices, but it would be good<br>
>> to have<br>
>> > another end-user based cryptoparty,
even have it be a full-day event<br>
>> > stemming from Today I Learned. I'll
bring this up at the meeting on<br>
>> > Wednesday.<br>
>> ><br>
>> > Bill<br>
>> ><br>
>> > On 06/10/2013 07:02 PM, William Gillis
wrote:<br>
>> >> Hey Sudoroomers,<br>
>> >><br>
>> >> I've been deluged by friends this
weekend suddenly interested<br>
>> in things<br>
>> >> like finally figuring out how to
install that there tor, or god<br>
>> forbid<br>
>> >> venturing into the realm of pgp. I
offered my nonstop 1:1<br>
>> handholding<br>
>> >> services over facebook to any and
all friends and have been a<br>
>> little<br>
>> >> overwhelmed by the number.<br>
>> >><br>
>> >> Someone local suggested a teach
day at Sudoroom and I thought<br>
>> I'd check to<br>
>> >> see if anyone else is interested
and, you know, what actual<br>
>> members have to<br>
>> >> say.<br>
>> >><br>
>> >> There has never been a more
opportune moment for cryptoparty<br>
>> outreach, and<br>
>> >> yet I haven't seen anyone declare
anything yet. Am I just out<br>
>> of the loop?<br>
>> >><br>
>> >><br>
>> >><br>
>> >>
_______________________________________________<br>
>> >> sudo-discuss mailing list<br>
>> >> <a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
>> <mailto:<a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a>><br>
>> >> <a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
>> >><br>
>> >
_______________________________________________<br>
>> > sudo-discuss mailing list<br>
>> > <a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
>> <mailto:<a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a>><br>
>> > <a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
>> ><br>
>><br>
>>
_______________________________________________<br>
>> sudo-discuss mailing list<br>
>> <a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
>> <mailto:<a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a>><br>
>> <a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
>><br>
>><br>
>><br>
>><br>
>>
_______________________________________________<br>
>> sudo-discuss mailing list<br>
>> <a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
>> <a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
> _______________________________________________<br>
> sudo-discuss mailing list<br>
> <a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
> <a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
><br>
<br>
_______________________________________________<br>
sudo-discuss mailing list<br>
<a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
<a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
-------
<div>Andrew Lowe</div>
<div>Cell: <a href="tel:831-332-2507" value="+18313322507" target="_blank">831-332-2507</a></div>
<div><a href="http://roshambomedia.com" target="_blank">http://roshambomedia.com</a></div>
<div><br>
</div>
</div>
<br>
_______________________________________________<br>
sudo-discuss mailing list<br>
<a href="mailto:sudo-discuss@lists.sudoroom.org" target="_blank">sudo-discuss@lists.sudoroom.org</a><br>
<a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
<br>
</blockquote>
</div>
</blockquote>
<br>
</div></div></div>
<br>_______________________________________________<br>
sudo-discuss mailing list<br>
<a href="mailto:sudo-discuss@lists.sudoroom.org">sudo-discuss@lists.sudoroom.org</a><br>
<a href="http://lists.sudoroom.org/listinfo/sudo-discuss" target="_blank">http://lists.sudoroom.org/listinfo/sudo-discuss</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>-steve
</div>